Surveillance Society News Archive 2013

2013

"A leaked NSA cyber-arms catalog has shed light on the technologies US and UK spies use to infiltrate and remotely control PCs, routers, firewalls, phones and software from some of the biggest names in IT. The exploits, often delivered via the web, provide clandestine backdoor access across networks, allowing the intelligence services to carry out man-in-the-middle attacks that conventional security software has no chance of stopping. And if that fails, agents can simply intercept your hardware deliveries from Amazon to install hidden gadgets that rat you out via radio communications. The 50-page top-secret document, written by an NSA division called ANT, is part of an information dump sent to German magazine Der Spiegel, and expounded upon by journalist Jacob Appelbaum in his keynote to the 30th Chaos Communication Congress in Germany on Monday. You can watch a clearly furious Appelbaum in the video below. The dossier is a glorified shopping catalog of technology for spies in the so-called "Five Eyes" alliance of the UK, the US, Canada, Australia, and New Zealand. It gives the clearest view yet of what the NSA, GCHQ and associated intelligence agencies can do with your private data, and how they manage it. Here's an easy-to-digest roundup of what was discussed... "
How the NSA hacks PCs, phones, routers, hard disks 'at speed of light': Spy tech catalog leaks
The Register, 31 December 2013

"A US federal judge has reaffirmed an Obama administration policy granting officials the authority to search Americans' laptops, citing a controversial premise that makes citizens within 100 miles of the border eligible for a police check. District Judge Edward Korman made his ruling in New York on Tuesday, more than three years after the American Civil Liberties Union (ACLU) filed suit. The ACLU claimed that - since Americans put so much of their lives on their computers, cell phones, and other devices – border officials should have reasonable suspicion before sifting through someone's personal files. Attorneys argued that searches conducted without reasonable suspicion are a violation of the Fourth Amendment, which protects against unreasonable search and seizure. Not so, according to Judge Korman. In his decision Tuesday he argued that the area 100 miles inland falls under a 'border exemption.' 'Laptops have only come into widespread use in the twenty-first century. Prior to that time, lawyers, photographers, and scholars managed to travel overseas and consult with clients, take photographs, and conduct scholarly research,' wrote Korman. 'No one ever suggested the possibility of a border search had a chilling effect on his or her First Amendment rights. While it is true that laptops make overseas work more convenient, the precaution plaintiffs may choose to take to 'mitigate' the alleged harm associated with the remote possibility of a border search are simply among the many inconveniences associated with international travel.' The federal government has long conducted searches on travelers entering and leaving the US, but Congress expanded that policy by creating the Department of Homeland Security and setting up at least 33 checkpoints inside the country where people are stopped and asked to prove their citizenship. The trouble is, the ACLU noted, that almost two-thirds of the population (197.4 million people) live within 100 miles of the US border. New York, Washington, Boston, San Francisco, Los Angeles, Miami, and dozens of other major metropolitan areas fall under the so-called 'exemption' zone."
Constitution 'exemption' zone spans 100 miles inland of US border– judge
RT, 31 December 2013

"News that the reports are being sent to the controversial organisation’s top hacking unit, the Tailored Access Operations (TAO) division, come from the latest leaked documents from Edward Snowden, The Huffington Post reported. The crash reports are a ‘neat way’ of gaining ‘passive access' to a computer, according to an NSA presentation obtained by Der Spiegel. Conscientious computer users might be sending reports to the NSA as well as Microsoft after a programme has crashed, a report suggests. Official hackers can reportedly pick out interesting error message reports using powerful software, which could tell the NSA about the vulnerabilities of a certain computer. Computer security expert, Graham Clueley, told MailOnline that any possible snooping is not limited to U.S. citizens and could affect Britons, as the NSA is largely interested in spying on people outside the country. 'It's yet another method that could find weaknesses in a computer, which they could exploit,' he said. While there is no evidence to suggest that British intelligence agencies are using the same technique, Mr Clueley said it 'would not be a massive shock' if it was later discovered that they were, as the NSA and GCHQ have used a variety of similar methods to snoop on people in the past. A graphic within the presentation hints that NSA agents made fun of how easy the error message trick made their jobs. Designed to look just like a genuine Microsoft error report popup, it says: ‘A log of this error has been created. Please tell Microsoft about this problem. This information may be intercepted by a foreign SIGINT system to gather detailed information and better exploit your machine.’"
Windows error messages let NSA spy on people
Mail, 31 December 2013

"I think everybody knows by now, or at least I hope they do after the last seven months reporting, that the goal of the NSA really is the elimination of privacy worldwide—not hyperbole, not metaphor, that’s literally their goal, is to make sure that all human communications that take place electronically are collected and then stored by the NSA and susceptible to being monitored and analyzed. But the specifics are still really important to illustrate just the scope and invasiveness and the dangers presented by this secret surveillance system. And what the Der Spiegel article details is that one of the things that the NSA is really adept at doing is implanting in various machines—computers, laptops, even cellphones and the like—malware. And malware is essentially a program that allows the NSA, in the terminology that hackers use, to own the machine. So, no matter how much encryption you use, no matter how much you safeguard your communication with passwords and other things, this malware allows the NSA to literally watch every keystroke that you make, to get screen captures of what it is that you’re doing, to circumvent all forms of encryption and other barriers to your communications. And one of the ways that they’re doing it is that they intercept products in transit, such as if you order a laptop or other forms of Internet routers or servers and the like, they intercept it in transit, open the box, implant the malware, factory-seal it and then send it back to the user. They also exploit weaknesses in Google and YouTube and Yahoo and other services, as well, in order to implant these devices. It’s unclear to what extent, if at all, the companies even know about it, let alone cooperate in it. But what is clear is that they’ve been able to compromise the physical machines themselves, so that it makes no difference what precautions you take in terms of safeguarding the sanctity of your online activity."
Glenn Greenwald: The NSA Can 'Literally Watch Every Keystroke You Make'
Democracy Now, 30 December 2013

"Annie Machon -- an ex-MI5 spy who left the agency after blowing the whistle on the agency's illegal activities -- has launched a fund to offer financial support to other whistleblowers, called the 'Courage Fund to Protect Journalistic Sources.' Machon left MI5 and disclosed that the agency had illegally spied upon British government ministers, that it had lied in order to send innocent people to jail for bombings in Ireland, had conducted illegal wiretaps, and had worked with MI6 in an assassination attempt on Gaddafi. She announced the fund at the 30th Chaos Communications Congress, in Hamburg, with a stirring, scathing speech that took governments to task for invasive, bulk spying: 'It is incredibly corrosive to the human spirit to know that everything you say, everything you do, even if you just want to have a private conversation with your mother, is being listened to,' she said. 'Now we all know we are being listened to and surveyed in this amazingly Panopticon-like manner.' People like Snowden and Manning must be given support, she said, or civil liberties will continue to be eroded. 'So many journalists write so many stories, but what happens to the whistleblowers? They’re left swinging in the wind,' she said. 'If they can’t survive the process of coming forward, then we will not have these people.'”
MI5 whistleblower launches defense fund for whistleblowers
Boing, Boing, 30 December 2013

"Following up on the latest stunning revelations released yesterday by German Spiegel which exposed the spy agency's 50 page catalog of 'backdoor penetration techniques', today during a speech given by Jacob Applebaum (@ioerror) at the 30th Chaos Communication Congress, a new bombshell emerged: specifically the complete and detailed description of how the NSA bugs, remotely, your iPhone. The way the NSA accomplishes this is using software known as Dropout Jeep, which it describes as follows: 'DROPOUT JEEP is a software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device. SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted.'"
How The NSA Hacks Your iPhone
Zero Hedge, 30 December 2013

"A new report from Der Spiegel, based on internal National Security Agency documents, reveals more details about how the spy agency gains access to computers and other electronic devices to plant backdoors and other spyware. The Office of Tailored Access Operations, or TAO, is described as a 'squad of digital plumbers' that deals with hard targets -- systems that are not easy to infiltrate. TAO has reportedly been responsible for accessing the protected networks of heads of state worldwide, works with the CIA and FBI to undertake 'sensitive missions,' and has penetrated the security of undersea fiber-optic cables. TAO also intercepts deliveries of electronic equipment to plant spyware to gain remote access to the systems once they are delivered and installed. According to the report, the NSA has planted backdoors to access computers, hard drives, routers, and other devices from companies such as Cisco, Dell, Western Digital, Seagate, Maxtor, Samsung, and Huawei. The report describes a 50-page product catalog of tools and techniques that an NSA division called ANT, which stands for Advanced or Access Network Technology, uses to gain access to devices. This follows a report that the security firm RSA intentionally allowed the NSA to create a backdoor into its encryption tokens.... With the exception of Dell, the companies cited in the report and contacted by Der Spiegel claimed they had no knowledge of any NSA backdoors into their equipment....The end does not appear to be in sight for the revelations from the documents obtained by Edward Snowden, according to Glenn Greenwald, the journalist who first collaborated with Snowden to publish the material. In a speech delivered by video to the Chaos Communication Congress (CCC) in Hamburg on Friday, he said, 'There are a lot more stories to come, a lot more documents that will be covered. It's important that we understand what it is we're publishing, so what we say about them is accurate'."
NSA reportedly planted spyware on electronics equipment
CNet, 29 December 2013

"With each new story we hear of the NSA’s spying program, things get a little bit crazier—a little more Hollywood, and a lot more galling. From planting agents in video games like World of Warcraft to a spy satellite adorned with a world-devouring, tentacled octopus (pictured above) the NSA has shown time and again that it’s willing to go to just about any length to gather intelligence on both domestic and foreign citizens. The latter isn’t problematic beyond diplomatic tension. Spy agencies are, by design, bankrolled to spy on allies and enemies abroad. When it comes to domestic spying, however, we run into problems. The latest report, this time via Der Spiegel and based on internal NSA documents, reveals that the NSA, in conjunction with the CIA and FBI, has begun intercepting laptops purchased online in order to install (quite literal) spyware and even hardware on the machines. The NSA terms this 'interdiction.' Agents divert shipments to secret warehouses, carefully open the packages, install the software and/or hardware, and send them on their way. According to the report, this operation is carried out by the NSA’s elite hacking unit, or TAO—not to be confused with the much less imposing Taoism—though there are few details on the scope or targets of the program. The spy agency reportedly has backdoor access to numerous hardware and software systems from prominent tech companies such as Cisco, Dell, and Western Digital, among others. The NSA can even exploit Microsoft Windows error reports to find weak spots in compromised machines in order to install Trojans and other viruses. The Der Spiegel report also notes that the NSA has successfully tapped into some of the massive, under-sea fiber-optic cables that connect the global data infrastructure, in particular the 'SEA-ME-WE-4' cable system."
Report: NSA Intercepting Laptops Ordered Online, Installing Spyware
Forbes, 29 December 2013

"The National Security Agency scandal exposed by whistleblower Edward Snowden has cost American technology companies billions of dollars in lost revenue as governments and companies in its important export markets of Asia refuse to entrust the handling of sensitive data to US companies. An analysis of financial filings from technology giants IBM and Cisco by The Independent on Sunday reveals the two businesses have seen sales slump by more than $1.7bn (£1.03bn) year-on-year in the important Asia-Pacific region since Mr Snowden revealed in June that US companies had been compromised by the NSA's intelligence-gathering in the clandestine Prism programme. 'US companies have seen some of their business put at risk because of the NSA revelations,' said James Kelleher of equity research firm Argus Research.... IBM, one of the world's largest information technology suppliers, saw sales in its Asia-Pacific region drop 15 per cent from mid-August to mid-October, compared with the same period in 2012. That was twice as severe as the decline in 'pre-Snowden' quarters. Revenue declines at Cisco, the San Francisco-based communications manufacturer, were even more pronounced, with sales down 8.75 per cent in the quarter after the Snowden allegations, compared with just 2.84 per cent in the three months before. Cisco warned in November that its sales could fall as much as 10 per cent this current quarter, as new orders in emerging markets declined. Chief financial officer Frank Calderone said that the NSA spying had been cause for a 'level of uncertainty or concern' with Cisco's international customers, and part of the reason for weakening demand. IT firms lose billions after NSA scandal exposed by whistleblower Edward Snowden....However, the American firms' revenue losses may not be confined to Asia. The German government has called for home-grown email and internet providers and there have been talks between several countries of creating network infrastructures that bypass the US. A survey by the Cloud Security Alliance, an industry standards organisation in the US, predicted the Prism programme could cost cloud computing firms between $35bn and $45bn in lost orders over the next three years. It said that Canada, Germany, France and other European countries have rules requiring companies to guarantee data privacy."
IT firms lose billions after NSA scandal exposed by whistleblower Edward Snowden
Independent, 29 December 2013

"What kind of telephone activity does the NSA collect on people? Metadata. How harmful is it to your privacy health? Nada. It is only metadata. That has been the line drawn in the sand by government supporters of NSA activities in monitoring calls. Now a Stanford study by two researchers at Stanford has its own message: Individuals can be easily identified through phone numbers. Connecting metadata with individual names is not just easy; they found it was 'trivial.' Jonathan Mayer along with Patrick Mutchler, the researchers, earlier this week on the blog Web Policy, which covers technology, policy, and law, posted their findings under the headline, "MetaPhone: The NSA's Got Your Number."
Experiment shows connecting names with phone metadata is easy
Phys.org, 28 December 2013

"A New York judge has ruled that the National Security Agency's collection of millions of Americans' telephone calls is lawful, rejecting a challenge to the controversial counter-terrorism programme by the American Civil Liberties Union. US District Judge William Pauley ruled on Friday that the NSA programme 'represents the government's counter-punch' to eliminate al-Qaeda, and said the programme's constitutionality 'is ultimately a question of reasonableness'. In a 54-page decision, Pauley said there was no evidence that the government had used the data acquired by the NSA for any reason other than to investigate and disrupt 'terrorism'."
US judge rules NSA phone tapping legal
Al Jazeera, 27 December 2013

“There are a lot more stories to come, a lot more documents that will be covered. It’s important that we understand what it is we’re publishing, so what we say about them is accurate.... It is literally true, without hyperbole, that the goal of the NSA and its partners in the English-speaking world is to eliminate privacy globally. They want to make sure there is no communication that evades their net.”
Glen Grenwald, the journalist who broke the Snowden NSA revelations
‘A Lot’ More NSA Documents to Come
Wired, 27 December 2013

"After a lengthy debate at the Knesset Wednesday, an overwhelming 106 of the 120 Knesset members signed off on an official request to US President Barack Obama to free American-Israeli spy Jonathan Pollard after 28 years of incarceration. The letter is slated to be sent directly to Obama in the coming days, while Knesset Speaker Edelstein will also pass on a copy to the US Senate and a delegation of Knesset members will present the request to the US ambassador in Israel, Dan Shapiro.... 'This humanitarian gesture is essential, and even necessary for Israel-US relations at this time,' the statement continued, alluding to recent tension between the two countries over the revelation, by NSA spy Edward Snowden, that the US was monitoring the emails of Prime Minister Benjamin Netanyahu and his predecessor, Ehud Olmert, and spied on former defense minister Ehud Barak."
106 Israeli MKs appeal to Obama to release Pollard
Times of Israel, 25 December 2013

"The UN human rights chief, Navi Pillay, has compared the uproar in the international community caused by revelations of mass surveillance with the collective response that helped bring down the apartheid regime in South Africa. Pillay, the first non-white woman to serve as a high-court judge in South Africa, made the comments in an interview with Sir Tim Berners-Lee on a special edition of BBC Radio 4's Today programme, which the inventor of the world wide web was guest editing. Pillay has been asked by the UN to prepare a report on protection of the right to privacy, in the wake of the former National Security Agency analyst Edward Snowden leaking classified documents about UK and US spying and the collection of personal data.... She said apartheid ended in South Africa principally because the international community co-operated to denounce it, adding: 'Combined and collective action by everybody can end serious violations of human rights … That experience inspires me to go on and address the issue of internet [privacy], which right now is extremely troubling because the revelations of surveillance have implications for human rights … People are really afraid that all their personal details are being used in violation of traditional national protections.' The UN general assembly unanimously voted last week to adopt a resolution, introduced by Germany and Brazil, stating that 'the same rights that people have offline must also be protected online, including the right to privacy'. Brazil's president, Dilma Rousseff, and the German chancellor, Angela Merkel, were among those spied on, according to the documents leaked by Snowden....Berners-Lee has warned that online surveillance undermines confidence in the internet, and last week published an open letter, with more than 100 free speech groups and leading activists, to protest against the routine interception of data by governments around the world."
Internet privacy as important as human rights, says UN's Navi Pillay
Guardian, 26 December 2013

"Many foreign leaders still cling to the fantasy that, if only the US would promise them a no-spy agreement, or at least stop monitoring their gadgets, the perversions revealed by Mr Snowden would disappear. Here the politicians are making the same mistake as Mr Snowden himself, who, in his rare but thoughtful public remarks, attributes those misdeeds to the over-reach of the intelligence agencies. Ironically, even he might not be fully aware of what he has uncovered. These are not isolated instances of power abuse that can be corrected by updating laws, introducing tighter checks on spying, building more privacy tools, or making state demands to tech companies more transparent......we might be living through a transformation in how capitalism works, with personal data emerging as an alternative payment regime. The benefits to consumers are already obvious; the potential costs to citizens are not. As markets in personal information proliferate, so do the externalities – with democracy the main victim. This ongoing transition from money to data is unlikely to weaken the clout of the NSA; on the contrary, it might create more and stronger intermediaries that can indulge its data obsession. So to remain relevant and have some political teeth, the surveillance debate must be linked to debates about capitalism – or risk obscurity in the highly legalistic ghetto of the privacy debate. Other overlooked dimensions are as crucial. Should we not be more critical of the rationale, advanced by the NSA and other agencies, that they need this data to engage in pre-emptive problem-solving? We should not allow the falling costs of pre-emption to crowd out more systemic attempts to pinpoint the origins of the problems that we are trying to solve. Just because US intelligence agencies hope to one day rank all Yemeni kids based on their propensity to blow up aircraft does not obviate the need to address the sources of their discontent – one of which might be the excessive use of drones to target their fathers. Unfortunately, these issues are not on today’s agenda, in part because many of us have bought into the simplistic narrative – convenient to both Washington and Silicon Valley – that we just need more laws, more tools, more transparency. What Mr Snowden has revealed is the new tension at the very foundations of modern-day capitalism and democratic life. A bit more imagination is needed to resolve it."
The Snowden saga heralds a radical shift in capitalism
Financial Times, 26 December 2013

"Recently, we learned that our governments, working in concert, have created a system of worldwide mass surveillance, watching everything we do. Great Britain's George Orwell warned us of the danger of this kind of information. The types of collection in the book -- microphones and video cameras, TVs that watch us -- are nothing compared to what we have available today. We have sensors in our pockets that track us everywhere we go [i.e. mobile phones]. Think about what this means for the privacy of the average person. A child born today will grow up with no conception of privacy at all. They'll never know what it means to have a private moment to themselves -- an unrecorded, unanalyzed thought. And that's a problem, because privacy matters. Privacy is what allows us to determine who we are and who we want to be."
Edward Snowden's Christmas Message
Channel 4, 25 December 2013

"Edward Snowden is to deliver this year’s Channel 4 Alternative Christmas Message, the broadcaster has confirmed. The whistleblower, who revealed the mass surveillance programmes organised by the US and other governments, will broadcast his message at 4.15pm on Christmas Day. In his first TV interview since [fleeing] to Russia in May, Snowden lays out his vision for why privacy matters and why he believes mass indiscriminate surveillance by governments of their people is wrong.... During his address, Snowden says: 'Great Britain’s George Orwell warned us of the danger of this kind of information. The types of collection in the book – microphones and video cameras, TVs that watch us are nothing compared to what we have available today. We have sensors in our pockets that track us everywhere we go. Think about what this means for the privacy of the average person. A child born today will grow up with no conception of privacy at all. They’ll never know what it means to have a private moment to themselves an unrecorded, unanalysed thought. And that’s a problem because privacy matters, privacy is what allows us to determine who we are and who we want to be.'...The Alternative Christmas Message will broadcast on Channel 4 at 4.15pm on Christmas Day. It will be available to view on 4oD later today."
Edward Snowden will deliver Channel 4’s Alternative Christmas Message
Independent, 24 December 2013

"The familiar voice on the hotel room phone did not waste words. 'What time does your clock say, exactly?' he asked. He checked the reply against his watch and described a place to meet. 'I’ll see you there,' he said. Edward Joseph Snowden emerged at the appointed hour, alone, blending into a light crowd of locals and tourists. He cocked his arm for a handshake, then turned his shoulder to indicate a path. Before long he had guided his visitor to a secure space out of public view. During more than 14 hours of interviews, the first he has conducted in person since arriving here in June, Snowden did not part the curtains or step outside....S ix months after the first revelations appeared in The Washington Post and Britain’s Guardian newspaper, Snowden agreed to reflect at length on the roots and repercussions of his choice. He was relaxed and animated over two days of nearly unbroken conversation, fueled by burgers, pasta, ice cream and Russian pastry. Snowden offered vignettes from his intelligence career and from his recent life as 'an indoor cat' in Russia. But he consistently steered the conversation back to surveillance, democracy and the meaning of the documents he exposed. 'For me, in terms of personal satisfaction, the mission’s already accomplished,' he said. 'I already won. As soon as the journalists were able to work, everything that I had been trying to do was validated. Because, remember, I didn’t want to change society. I wanted to give society a chance to determine if it should change itself.' 'All I wanted was for the public to be able to have a say in how they are governed,' he said. 'That is a milestone we left a long time ago. Right now, all we are looking at are stretch goals.' Snowden is an orderly thinker, with an engineer’s approach to problem-solving. He had come to believe that a dangerous machine of mass surveillance was growing unchecked. Closed-door oversight by Congress and the Foreign Intelligence Surveillance Court was a 'graveyard of judgment,' he said, manipulated by the agency it was supposed to keep in check. Classification rules erected walls to prevent public debate. Toppling those walls would be a spectacular act of transgression against the norms that prevailed inside them. Someone would have to bypass security, extract the secrets, make undetected contact with journalists and provide them with enough proof to tell the stories. The NSA’s business is 'information dominance,' the use of other people’s secrets to shape events. At 29, Snowden upended the agency on its own turf. 'You recognize that you’re going in blind, that there’s no model,' Snowden said, acknowledging that he had no way to know whether the public would share his views. 'But when you weigh that against the alternative, which is not to act,' he said, 'you realize that some analysis is better than no analysis. Because even if your analysis proves to be wrong, the marketplace of ideas will bear that out. If you look at it from an engineering perspective, an iterative perspective, it’s clear that you have to try something rather than do nothing..... By his own terms, Snowden succeeded beyond plausible ambition. The NSA, accustomed to watching without being watched, faces scrutiny it has not endured since the 1970s, or perhaps ever. The cascading effects have made themselves felt in Congress, the courts, popular culture, Silicon Valley and world capitals. The basic structure of the Internet itself is now in question, as Brazil and members of the European Union consider measures to keep their data away from U.S. territory and U.S. technology giants including Google, Microsoft and Yahoo take extraordinary steps to block the collection of data by their government. For months, Obama administration officials attacked Snowden’s motives and said the work of the NSA was distorted by selective leaks and misinterpretations. On Dec. 16, in a lawsuit that could not have gone forward without the disclosures made possible by Snowden, U.S. District Judge Richard J. Leon described the NSA’s capabilities as 'almost Orwellian' and said its bulk collection of U.S. domestic telephone records was probably unconstitutional. The next day, in the Roosevelt Room, an unusual delegation of executives from old telephone companies and young Internet firms told President Obama that the NSA’s intrusion into their networks was a threat to the U.S. information economy. The following day, an advisory panel appointed by Obama recommended substantial new restrictions on the NSA, including an end to the domestic call-records program. 'This week is a turning point,' said the Government Accountability Project’s Jesselyn Radack, who is one of Snowden’s legal advisers. 'It has been just a cascade.'.... In his interview with The Post, Snowden noted matter-of-factly that Standard Form 312, the classified-information nondisclosure agreement, is a civil contract. He signed it, but he pledged his fealty elsewhere. 'The oath of allegiance is not an oath of secrecy,' he said. 'That is an oath to the Constitution. That is the oath that I kept that Keith Alexander and James Clapper did not.' People who accuse him of disloyalty, he said, mistake his purpose. 'I am not trying to bring down the NSA, I am working to improve the NSA,' he said. 'I am still working for the NSA right now. They are the only ones who don’t realize it.' What entitled Snowden, now 30, to take on that responsibility? 'That whole question — who elected you? — inverts the model,' he said. 'They elected me. The overseers.' He named the chairmen of the Senate and House intelligence committees. 'Dianne Feinstein elected me when she asked softball questions' in committee hearings, he said. 'Mike Rogers elected me when he kept these programs hidden. ... The FISA court elected me when they decided to legislate from the bench on things that were far beyond the mandate of what that court was ever intended to do. The system failed comprehensively, and each level of oversight, each level of responsibility that should have addressed this, abdicated their responsibility.' 'It wasn’t that they put it on me as an individual — that I’m uniquely qualified, an angel descending from the heavens — as that they put it on someone, somewhere,' he said. 'You have the capability, and you realize every other [person] sitting around the table has the same capability but they don’t do it. So somebody has to be the first.' Snowden grants that NSA employees by and large believe in their mission and trust the agency to handle the secrets it takes from ordinary people — deliberately, in the case of bulk records collection, and 'incidentally,' when the content of American phone calls and e-mails are swept into NSA systems along with foreign targets. But Snowden also said acceptance of the agency’s operations was not universal. He began to test that proposition more than a year ago, he said, in periodic conversations with co-workers and superiors that foreshadowed his emerging plan. Beginning in October 2012, he said, he brought his misgivings to two superiors in the NSA’s Technology Directorate and two more in the NSA Threat Operations Center’s regional base in Hawaii. For each of them, and 15 other co-workers, Snowden said he opened a data query tool called BOUNDLESSINFORMANT, which used color-coded 'heat maps' to depict the volume of data ingested by NSA taps. His colleagues were often 'astonished to learn we are collecting more in the United States on Americans than we are on Russians in Russia,' he said. Many of them were troubled, he said, and several said they did not want to know any more. 'I asked these people, ‘What do you think the public would do if this was on the front page?' he said. He noted that critics have accused him of bypassing internal channels of dissent. 'How is that not reporting it? How is that not raising it?' he said....The documents leaked by Snowden compelled attention because they revealed to Americans a history they did not know they had. Internal briefing documents reveled in the 'Golden Age of Electronic Surveillance.' Brawny cover names such as MUSCULAR, TUMULT and TURMOIL boasted of the agency’s prowess. With assistance from private communications firms, the NSA had learned to capture enormous flows of data at the speed of light from fiber-optic cables that carried Internet and telephone traffic over continents and under seas. According to one document in Snowden’s cache, the agency’s Special Source Operations group, which as early as 2006 was said to be ingesting 'one Library of Congress every 14.4 seconds,' had an official seal that might have been parody: an eagle with all the world’s cables in its grasp. Each year, NSA systems collected hundreds of millions of e-mail address books, hundreds of billions of cellphone location records and trillions of domestic call logs. Most of that data, by definition and intent, belonged to ordinary people suspected of nothing. But vast new storage capacity and processing tools enabled the NSA to use the information to map human relationships on a planetary scale. Only this way, its leadership believed, could the NSA reach beyond its universe of known intelligence targets..... Using PRISM, the cover name for collection of user data from Google, Yahoo, Microsoft, Apple and five other U.S.-based companies, the NSA could obtain all communications to or from any specified target. The companies had no choice but to comply with the government's request for data. But the NSA could not use PRISM, which was overseen once a year by the surveillance court, for the collection of virtually all data handled by those companies. To widen its access, it teamed up with its British counterpart, Government Communications Headquarters, or GCHQ, to break into the private fiber-optic links that connected Google and Yahoo data centers around the world. That operation, which used the cover name MUSCULAR, tapped into U.S. company data from outside U.S. territory. The NSA, therefore, believed it did not need permission from Congress or judicial oversight. Data from hundreds of millions of U.S. accounts flowed over those Google and Yahoo links, but classified rules allowed the NSA to presume that data ingested overseas belonged to foreigners. Disclosure of the MUSCULAR project enraged and galvanized U.S. technology executives. They believed the NSA had lawful access to their front doors — and had broken down the back doors anyway. Microsoft general counsel Brad Smith took to his company’s blog and called the NSA an 'advanced persistent threat' — the worst of all fighting words in U.S. cybersecurity circles, generally reserved for Chinese state-sponsored hackers and sophisticated criminal enterprises.... The industry’s response, Smith acknowledged, was driven by a business threat. U.S. companies could not afford to be seen as candy stores for U.S. intelligence. But the principle of the thing, Smith said, 'is fundamentally about ensuring that customer data is turned over to governments pursuant to valid legal orders and in accordance with constitutional principles.' Snowden has focused on much the same point from the beginning: Individual targeting would cure most of what he believes is wrong with the NSA. Six months ago, a reporter asked him by encrypted e-mail why Americans would want the NSA to give up bulk data collection if that would limit a useful intelligence tool. 'I believe the cost of frank public debate about the powers of our government is less than the danger posed by allowing these powers to continue growing in secret,' he replied, calling them 'a direct threat to democratic governance.' In the Moscow interview, Snowden said, 'What the government wants is something they never had before,' adding: 'They want total awareness. The question is, is that something we should be allowing?' Snowden likened the NSA’s powers to those used by British authorities in Colonial America, when 'general warrants' allowed for anyone to be searched. The FISA court, Snowden said, 'is authorizing general warrants for the entire country’s metadata.' 'The last time that happened, we fought a war over it,' he said. Technology, of course, has enabled a great deal of consumer surveillance by private companies, as well. The difference with the NSA’s possession of the data, Snowden said, is that government has the power to take away life or freedom. At the NSA, he said, 'there are people in the office who joke about, ‘We put warheads on foreheads.’ Twitter doesn’t put warheads on foreheads.' Privacy, as Snowden sees it, is a universal right, applicable to American and foreign surveillance alike. 'I don’t care whether you’re the pope or Osama bin Laden,' he said. 'As long as there’s an individualized, articulable, probable cause for targeting these people as legitimate foreign intelligence, that’s fine. I don’t think it’s imposing a ridiculous burden by asking for probable cause. Because, you have to understand, when you have access to the tools the NSA does, probable cause falls out of trees.'.... The other big question is how many documents Snowden took. The NSA’s incoming deputy director, Rick Ledgett, said on CBS’s '60 Minutes' recently that the number may approach 1.7 million, a huge and unexplained spike over previous estimates. Ledgett said he would favor trying to negotiate an amnesty with Snowden in exchange for 'assurances that the remainder of the data could be secured.' Obama’s national security adviser, Susan E. Rice, later dismissed the possibility. 'The government knows where to find us if they want to have a productive conversation about resolutions that don’t involve Edward Snowden behind bars,' said the American Civil Liberties Union’s Ben Wizner, the central figure on Snowden’s legal team.... 'There is no evidence at all for the claim that I have loyalties to Russia or China or any country other than the United States,' he said. 'I have no relationship with the Russian government. I have not entered into any agreements with them.' 'If I defected at all,' Snowden said, 'I defected from the government to the public.'
Edward Snowden, after months of NSA revelations, says his mission’s accomplished
Washington Post, 24 December 2013

"Senior Israeli officials on Sunday demanded an end to U.S. spying on Israel, following revelations that the National Security Agency intercepted emails from the offices of the country's top former leaders. It was the first time that Israeli officials have expressed anger since details of U.S. spying on Israel began to trickle out in documents leaked by former NSA contractor Edward Snowden. The scandal also spurred renewed calls for the release of Jonathan Pollard, a former American intelligence analyst who has been imprisoned in the U.S. for nearly three decades for spying on behalf of Israel. 'This thing is not legitimate,' Israeli Intelligence Minister Yuval Steinitz told Israel Radio. He called for both countries to enter an agreement regarding espionage. 'It's quite embarrassing between countries who are allies,' Tourism Minister Uzi Landau said. 'It's this moment more than any other moment that Jonathan Pollard (should) be released.' Documents leaked by Snowden and published in The Guardian, Der Spiegel and The New York Times last week revealed that British intelligence agency GCHQ worked with the NSA from 2008-2011 to target email addresses belonging to the offices of then-serving Israeli Prime Minister Ehud Olmert and Defense Minister Ehud Barak."
Israeli ministers demand end to US spying
New Zealand Herald, 23 December 2013

"The United States in 2007 rented an apartment directly across the road from then-Defense Minister Ehud Barak, it was reported in the wake of revelations that the U.S. and British intelligence were spying on Israeli leaders. Washington said the apartment was rented for a Marine working in the U.S. Embassy’s security department, Yediot Acharonot reported Sunday, adding that Israeli intelligence discovered that a large amount of electronic equipment was delivered to and set up in the apartment. On Friday, several news outlets, including The New York Times and The Guardian, reported that the National Security Agency of the United States and Britain’s General Communications Headquarters were intercepting email in 2008 and 2009 to and from the offices of Israeli prime ministers Ehud Omert and Benjamin Netanyahu. The documents were leaked to several newspapers last week by former NSA staffer Edward Snowden. Yediot cited an unnamed Israeli official as saying that the intercepted emails likely are 'the tip of the iceberg' in U.S. spying on Israel. 'We do not monitor the president of the United States, the White House or the U.S. Secretary of Defense,' Strategic Affairs Minister Yuval Steinitz told Yediot in the wake of the reports. 'We need to reach a settlement with the United States.' On Sunday, in the wake of the reports, several senior Israeli officials from across the political spectrum called on the United States to release Jonathan Pollard. Pollard is in the 29th year of a life sentence for spying for Israel while working as a civilian U.S. Navy intelligence analyst."
U.S. rented apartment to spy on Israel’s defense minister
JTA, 22 December 2013

"In the face of growing skepticism over the National Security Agency's practice of collecting bulk phone and Internet records, the director of national intelligence on Saturday declassified several documents detailing the program. The latest declassification of documents comes during a week in which a federal judge ruled the NSA's bulk collection was likely unconstitutional and a White House task force questioned the effectiveness of the program. Director of National Intelligence James Clapper said in a statement announcing the release that President George W. Bush first authorized the spying in October 2001, as part of the Terrorist Surveillance Program, weeks after the Sept. 11 attacks. 'President Bush issued authorizations approximately every 30-60 days,' Clapper said. 'Although the precise terms changed over time, each presidential authorization required the minimization of information collected concerning American citizens to the extent consistent with the effective accomplishment of the mission of detection and prevention of acts of terrorism within the United States. NSA also applied additional internal constraints on the presidentially authorized activities.' Approval for the bulk collection was eventually shifted to the Foreign Surveillance Intelligence Court, a secret court that considers government requests for electronic surveillance for intelligence-gathering purposes. The documents released include legal arguments by two former national intelligence directors under Bush — Dennis Blair and Mike McConnell — who state their legal case for why it was essential to keep secret the practice of bulk data collection. The unclassified documents are part of an ongoing court case that was filed in 2006."
DNI releases more documents to justify NSA surveillance
USA Today, 21 December 2013

"U.S. contracting companies such as Cisco, which manages much of the German armed forces' data, should be contractually barred from passing sensitive information to the U.S. security services, a spokesman for Chancellor Angela Merkel's conservatives was quoted saying. German news magazine Focus on Saturday cited Hans-Peter Uhl, parliamentary spokesman on interior policy for the conservatives, as saying Cisco needed to be required by contract not to pass sensitive material to the U.S. National Security Agency (NSA). He said the German government wanted to monitor U.S. contracting companies more closely in future. A spokeswoman for the German government declined to comment on the Focus magazine report. Reports earlier this year that the NSA had tapped phones and emails in Europe, including Merkel's mobile phone, caused outrage in Germany, where memories remain of eavesdropping by the Stasi secret police during communist rule in East Germany."
German Politician Urges Restrictions on US Contractors Passing Data to NSA
Reuters, 21 December 2013

"The National Security Agency’s (NSA) massive collection of Americans’ phone data did little to help protect the country from terrorist attacks, according to experts selected by President Barack Obama to review the agency’s controversial surveillance methods. In its newly released report (pdf), the Review Group on Intelligence and Communications Technologies offered pointed criticism of the NSA’s phone-information collecting. 'Our review suggests that the information contributed to terrorist investigations by the use of section 215 telephony meta-data was not essential to preventing attacks and could readily have been obtained in a timely manner using conventional section 215 orders,' the report says. The independent panel members further stated that the 'telephony meta-data program has made only a modest contribution to the nation’s security…and there has been no instance in which NSA could say with confidence that the outcome would have been different without the section 215 telephony meta-data program.' Section 215 of the Patriot Act [pdf] allows the government to ask the FISA Court to compel businesses to hand over user records, provided they are ''relevant' to an authorized preliminary or full investigation to obtain foreign intelligence information not concerning a U.S. person or to protect against international terrorism or clandestine intelligence activities.' Critics say that this provision has been broadly interpreted by the government to target Americans who have no ties to terrorist activities. The panel members didn’t stop there with their negative assessment of the NSA’s vacuuming and storing of vast amounts of people’s personal phone-call data. 'We cannot discount the risk, in light of the lessons of our own history, that at some point in the future, high-level government officials will decide that this massive database of extraordinarily sensitive private information is there for the plucking. Americans must never make the mistake of wholly ‘trusting’ our public officials,' the report says. The group even referenced Congress’ investigation of the Central Intelligence Agency in the 1970s after the agency was caught spying on Americans and breaking the law. 'As the Church Committee observed more than 35 years ago, when the capacity of government to collect massive amounts of data about individual Americans was still in its infancy, the ‘massive centralization of…information creates a temptation to use it for improper purposes, threatens to ‘chill’ the exercise of First Amendment rights, and is inimical to the privacy of citizens.’ ' In light of this harsh assessment, Obama must now decide how hard he should fight lawmakers seeking drastic reforms of the NSA."
NSA Phone Data Collection Made No Difference to National Security
All Gov, 21 December 2013

"ANPR [Automatic Number Plate Recognition Technology] is a British invention: created, developed, and tested in the UK. Its first major outing was in 1984, when police scientists set themselves up in a small, unmarked cabin on a bridge overlooking the busy M1 motorway. The road is one of the country’s most important north-south arteries, running 193 miles between London and Leeds. Inside the cabin, video cameras were trained on every lane of traffic. As cars passed beneath, the cameras captured their registration numbers and sent the data along a cable to a hut hidden a hundred meters away and out of sight of the road, where a computer checked a list of stolen vehicles. This was Britain’s first fully functioning ANPR installation. 'At the moment there is no intention of using it for anything other than detecting stolen cars', a police spokesperson noted at the time. Scientists had been working on the system for eight years, but the M1 set-up was the most advanced deployment to date: not only was it capable of tracking moving cars but, using infrared, it could read plates at night. Concerns about the new technology were raised immediately, including from within the government. A 1984 report for the Greater London Council Police Committee warned that the system made every car a potential suspect and handed policy on mass surveillance to the police. 'This possibility in a democracy is unacceptable,' it concluded. Democratically unacceptable or not, the development of networked ANPR continued. During the 1990s, thousands of cameras, including plate readers, were installed to form a so-called 'ring of steel' around the City of London, a massive operation aimed at ending the string of Irish Republican bombings in the financial district. Laws were changed to make the technology more effective: legislation enacted in 2001 required characters used on plates to be displayed in a font that made them easier for ANPR cameras to recognize. In the same year, the government decided to deploy 'spectrum vans'—mobile units with multiple ANPR cameras, connected by radio to local control stations—across every police force in England and Wales. The success of the scheme led to Project Laser, a 2005 plan to deploy more than 2,000 fixed cameras nationwide, and to the creation of the National ANPR Data Centre, which is tasked with handling the information collected. Since that time, the system has been continually, if largely invisibly, expanded throughout the UK. In 2012 the Metropolitan Police, which patrols Greater London, announced its own ANPR bureau, and rolled out a new fleet of dedicated'ANPR interceptors': at least 110 police vehicles on London’s roads, each equipped with mobile camera equipment and a live link to the central computer. Meanwhile, local governments and private businesses have been installing their own ANPR systems for parking security, fuel station payments and to catch speeding drivers. Some of these systems, too, have been absorbed into the police network. By 2005, more than 50 local authorities—almost one sixth of the country—had agreed to use their traffic cameras for monitoring purposes. Many of these systems were sold to local residents using promises that were quickly broken. One example is the London Congestion Charge, which was introduced in 2003 as a traffic-reduction scheme. The charge zone, which covers 20 square kilometers of the capital, is monitored by a ring of almost 700 cameras that are trained on every road in and out. As vehicles drive in, their plates are read and checked against the payment records; those that have paid are deleted from the system’s database the following day. Data on those with outstanding fees may be retained for no longer than 13 months. These restrictions were designed in part to assure the public that the congestion cameras were not going to become a system for spying on Londoners. In 2007, however, the government signed a certificate of exemption that granted the Metropolitan Police full, real-time access to the zone’s cameras. The certificate gives the Met all the data they can gather, where that data relates to 'the safeguarding of national security'. We have made repeated requests for more information on how their system works, but a Met spokesman would only say that the service 'manages ANPR data in accordance with the Data Protection Act and all relevant ACPO [Association of Chief Police Officers] policies'. This is despite the fact that the data in question is specifically exempted from these laws. He refused to comment further on the specific details of how these records are kept separate from the police’s own network of ANPR camera data, or even whether they are kept separate at all. Britain is one of the most surveilled countries in the world. Studies put the number of operational CCTV cameras at between two and four million, for a population of 60 million people. The country’s national DNA database holds records on six million people. Telecoms companies are mandated to store logs of all mobile-phone calls and text messages for 12 months, and to make the data available to government at all levels. In many cities, closed-circuit cameras have built-in loudspeakers that allow operators—mainly local government employees—to speak directly to those they see live on-screen and suspect of foul behavior. As a result, British people are accustomed to the sight of cameras fixed to the outside of buildings, and on poles by the side of the road.... In 2009, a House of Lords report described the explosion of surveillance technologies as one of the most significant changes to Britain since the Second World War. It noted: 'Mass surveillance has the potential to erode privacy. As privacy is an essential pre-requisite to the exercise of individual freedom, its erosion weakens the constitutional foundations on which democracy and good governance have traditionally been based in this country.' This has been described as an acceptable price to pay for greater security, but studies of surveillance technology fail to support that argument. One review of 44 separate CCTV studies, published the same year as the House of Lords report, showed that the more than £500 million ($780 million) spent on CCTV in Britain in the decade up to 2006 had produced only modest benefits. The report’s most damning conclusion found that where CCTV was at its most effective—preventing vehicle crime in car parks—the same results could be achieved simply by improving lighting in the parking area. Advocates of surveillance technology also highlight the legal safeguards that govern its use, but this argument is open to criticism too. It is true that some data logs are subject to strict restrictions: security video from rail stations, for example, is kept for just 14 days. But police data procedures are very different. The National ANPR Data Centre stores a full two years of vehicle records, which are accessible to anyone with ANPR authorization for 90 days. This is possible because Britain’s privacy laws do not consider vehicle records to be personal data, a bizarre stance given that the vast majority of vehicles are registered to individuals.... By 2010, the national ANPR system was capturing up to 12 million records per day, using over 5,000 cameras. Internal police figures show that increasing to 15 million reads in 2011, while access to private camera data doubled the size of the network. What is not known is how many of the UK’s 34 million registered vehicles are captured, and at what rate. Also unknown is the true reach of the system, which areas it covers and what the distribution of cameras is. This opacity, it turns out, is entirely deliberate: the police have repeatedly and forcefully rejected efforts to understand the true magnitude of the network.... In their deposition to the Freedom of Information case, Devon and Cornwall police referred to a burglary case that was dropped because it would have required them to divulge the location of an ANPR camera. Instead, they said, it was preferable to withdraw the prosecution'so that the integrity of that camera could be maintained for future use.' In this case, and an unknowable number of others, the covert operation that is apparently required for the system to function to its full potential is in direct conflict with that potential. Thus a system shrouded in secrecy is compelled to prioritize that secrecy over the full exercise of the law, degrading justice in the same manner in which secret courts and secret intelligence have led to the gradual erosion of ancient legal rights, among them habeas corpus....Thanks to the falling cost of data storage, and the increased sophistication of algorithmic analysis, far more complex operations are becoming possible. And this is the real outcome of ANPR and all other contemporary surveillance technologies. They have the potential to create a comprehensive database of peoples’ activity, that, over time, can be stored, searched, analyzed, and exploited.... Over the past decade, countries all around the world have started to employ the same technologies Britain has been building for 30 years. Australia began fitting mobile ANPR units to its highway patrol vehicles in 2009. The small Belgian city of Mechelen was selected to trial the system in 2011: by the following year, the city was already monitoring a quarter of a million vehicles every month. The results of the program, including the discovery of 224 stolen vehicles, are now being used to justify the installation of high-definition CCTV and facial recognition systems throughout the city center. Italy, the Netherlands, Ukraine and Turkey: all are among the ever-expanding list of countries now rolling out plate-reading systems at scale. In the United States, implementations have multiplied many times over in recent years. Thanks to lobbying and financial support from insurance companies, Oklahoma and Arizona, among other states, have introduced extensive ANPR networks aimed at catching uninsured drivers. Other deployments, meanwhile, have a more familiar feeling.... Not every nation is so enthusiastic about the technology. In Germany, the federal court ruled in 2008 that ANPR systems that keep data without a predetermined reason—such as to track suspected terrorists—violated privacy laws. But this is an isolated position. Complex analysis requires the routine storage of sightings of all vehicles, not just those under immediate suspicion. Indeed, convoy analysis is so powerful that it now comes as a built-in feature of many ANPR systems. In one of the less-discussed revelations from the recent National Security Agency congressional hearings in Washington DC, the agency revealed that it routinely looks at a network 'two or three hops' from any given suspect when analysing the data it picks up. That means it observes not just a person’s direct associates, but associates’ of those associates, and the associates of the associates of the associates.....When dealing with data, it is easy to make connections, which then justifies making further connections. This, in turn, encourages the retention of data for longer and longer periods. The ease of technological analysis makes retention, not deletion, the default option: a subtle twist on the old argument that if you have done nothing wrong, you have nothing to hide. Today, the legal basis for such searches often lives in the gray areas of existing law. The UK’s privacy legislation, for example, was passed at a time when the focus was on individual access to data, not algorithmic searches. The legal principles around accessing stored data concern who has the right to request particular kinds of information from the database and how far back those searches can go. What is not considered is how such information may be reviewed automatically, algorithmically, and retrospectively. This failure results in a huge swathe of personal information, supposedly protected information, constantly being accessed by the system itself. The computerized nature of these searches can make them appear irreproachable: it’s not people looking at the data, just machines. But this is a dangerous assumption, and you do not have to look far to see why: the commissioner who oversees Britain’s warrant-based surveillance recently revealed that six people were wrongfully detained and falsely accused of crimes last year after police and security services incorrectly analyzed their internet use..... John and Linda Catt were driving into central London early one Sunday morning when they were stopped and searched by police officers. . At the time of the stop, in July 2005, Linda was 45, and John, her father, was an 80-year-old with a shock of white hair. Officers told them they were being searched under the Terrorism Act. The Catts, who had no criminal convictions, were threatened with arrest if they refused to answer police questions. Although they didn’t know it at the time, minutes before they were stopped their van had been captured by the ANPR network, which had triggered an alert: 'Of interest to Public Order Unit, Sussex police.' This is why most ANPR stops occur: on the basis of a single, non-specific alert among a flood of thousands issued each day. But the Catts weren’t terrorists or drug dealers or armed robbers. After they filed a complaint about the incident, they discovered what had made them of interest to law enforcement: they had attended a series of legal and peaceful protests against the EDO Corporation, an American arms manufacturer that used to supply weapons systems to the United States and Israel. Police had spotted their vehicle at protests and decided that it should be tracked, tagging them as 'domestic extremists'. Notes disclosed as a result of John Catt’s complaint showed exactly how extreme he had been: at one protest he had been wearing a T-shirt urging the United States to free Omar Khadr, a 15-year-old boy who had been captured and imprisoned in Guantanamo Bay since 2002, making him the first child to be prosecuted by a military tribunal since the Second World War. Catt, the police file said, was 'very quiet' and was 'holding up a board with orange people on't'. In the eight years since they were stopped, Linda and John have tried to get their lawful activities removed from the police databases that track them. Along the way, the police watchdog has said that Sussex Police acted unlawfully by marking his vehicle, and some of the country’s most senior judges have ruled that the Metropolitan Police wrongly interfered with his right to a private life. But the police have fought back every step of the way, and the case is ongoing. .... What is common to all of these cases is that in each one the police followed established guidelines laid down in laws and public policy documents. The intent was debatable, but it is the regulations that are flawed. It is the regulations that exempted vehicle data from privacy protections, and it is the regulations that do not mention the very real possibilities of harassment, intrusion of privacy and wrongful arrest that are inherent risks of blanket and automated surveillance systems. The public, of course, is just as susceptible to the glamour of technology as policy-makers are. A separation has long existed in the minds of the public between government and corporate surveillance structures, despite the symmetrical nature of, say, the ANPR network and a private social network like Foursquare—a service that allows people to 'check in' and record their locations on their phone... In contrast to the ANPR database, the social database—one of Facebook connections, Instagram tags, Gmails and much else—is one we have built ourselves, but it does as much as any top-down system to weaken both our expectations and the reality of our privacy.... Consent, the bedrock on which the agreement to be policed is based, is meaningless without comprehension, and comprehension is impossible without visibility. It is only when people are brought face-to-face with the reality of surveillance—as the Catts were, and as the people of Washwood Heath and Sparkbrook were—that they see how their privacy, and their right to be presumed innocent, have been affected. Yet the retention of data by the current ANPR system, and by similar technologies, is not inevitable. Many decisions were made during its implementation, and many can be remade without affecting its primary function.... Technology is a tool: it is a process by which political and human desires are instantiated in the world. What is significant about that instantiation is that it must take a visible form. It may be a written, readable code, or a physical infrastructure in the landscape: servers in data centres, cameras on poles by the roadside, rusting signs on forecourt walls declaring the owner’s intentions. When there is pressure to obscure that infrastructure—camouflaging cameras, closing down networks, or blocking freedom of information requests—a corresponding pressure is exerted on the very democracy it purports to uphold. The arguments about privacy and public consent that ANPR stimulates are crucial and necessary, and of concern to us all. They are not abstract, but instead rooted in the environment around us: on street corners, road bridges and city centers, in the everyday."
How Britain exported next-generation surveillance
Matter, 20 December 2013

"Canada’s foremost jurist on national security law has slammed CSIS for deliberately keeping the Federal Court of Canada 'in the dark' about outsourcing its spying on Canadians abroad to foreign agencies, according to a redacted version of a classified court decision made public Friday. In a thundering rebuke, Federal Court Judge Richard Mosley said the Canadian Security Intelligence Service (CSIS) purposely misled him when he granted it numerous warrants beginning in 2009 to intercept the electronic communications of unidentified Canadians abroad suspected as domestic security threats. 'This was a breach of the duty of candour owed by the service and their legal advisers to the court,' Mosley said in his Further Reasons for Order. CSIS also mistakenly assigned powers to the warrants that the court never authorized and which do not exist in law, he said. 'It is clear that the exercise of the court’s warrant issuing authority has been used as protective cover for activities that it has not authorized,' Mosley wrote. Furthermore, tasking foreign security intelligence services to spy on Canadians overseas 'carries the risk of the detention of or other harm to a Canadian person based on that information. 'Given the unfortunate history of information sharing with foreign agencies over the past decade and the reviews conducted by several royal commissions, there can be no question that the Canadian agencies are aware of those hazards. It appears to me that they are using the warrants as authorization to assume those risks.'"
CSIS asked foreign agencies to spy on Canadians, kept court in dark, judge says
Ottawa Citizen, 20 December 2013

"As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned. Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a 'back door' in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products. Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show. The earlier disclosures of RSA's entanglement with the NSA already had shocked some in the close-knit world of computer security experts. The company had a long history of championing privacy and security, and it played a leading role in blocking a 1990s effort by the NSA to require a special chip to enable spying on a wide range of computer and communications products. RSA, now a subsidiary of computer storage giant EMC Corp, urged customers to stop using the NSA formula after the Snowden disclosures revealed its weakness. RSA and EMC declined to answer questions for this story, but RSA said in a statement: 'RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products. Decisions about the features and functionality of RSA products are our own.' The NSA declined to comment. The RSA deal shows one way the NSA carried out what Snowden's documents describe as a key strategy for enhancing surveillance: the systematic erosion of security tools. NSA documents released in recent months called for using 'commercial relationships' to advance that goal, but did not name any security companies as collaborators. The NSA came under attack this week in a landmark report from a White House panel appointed to review U.S. surveillance policy. The panel noted that 'encryption is an essential basis for trust on the Internet,' and called for a halt to any NSA efforts to undermine it. Most of the dozen current and former RSA employees interviewed said that the company erred in agreeing to such a contract, and many cited RSA's corporate evolution away from pure cryptography products as one of the reasons it occurred. But several said that RSA also was misled by government officials, who portrayed the formula as a secure technological advance. 'They did not show their true hand,' one person briefed on the deal said of the NSA, asserting that government officials did not let on that they knew how to break the encryption..... From RSA's earliest days, the U.S. intelligence establishment worried it would not be able to crack well-engineered public key cryptography. Martin Hellman, a former Stanford researcher who led the team that first invented the technique, said NSA experts tried to talk him and others into believing that the keys did not have to be as large as they planned. The stakes rose when more technology companies adopted RSA's methods and Internet use began to soar. The Clinton administration embraced the Clipper Chip, envisioned as a mandatory component in phones and computers to enable officials to overcome encryption with a warrant. RSA led a fierce public campaign against the effort, distributing posters with a foundering sailing ship and the words 'Sink Clipper!' A key argument against the chip was that overseas buyers would shun U.S. technology products if they were ready-made for spying. Some companies say that is just what has happened in the wake of the Snowden disclosures."
Secret contract tied NSA and security industry pioneer
Reuters, 20 December 2013

"Spiegel magazine said that the latest documents leaked by Edward Snowden, the American whistleblower, showed that Britain's intelligence-gathering centre targeted several ministries in Berlin, the UN development programme, the UN's children's charity Unicef and Medecins du Monde, a French charity operating in war zones. Other GGHQ targets included the German embassy in Rwanda and e-mail accounts listed for 'the Israeli Prime Minister' - at the time Ehud Olmert - and the former Defence Minister, Ehud Barak. Angela Merkel, the German Chancelloar, was said to be 'unamused' by the latest revelations. Several British politicians have been quick to criticise GCHQ.... Many diplomatic missions to the UN in Geneva were also targeted. The documents seem to give the lie to reassurances that the eavesdropping undertaken in Britain and America was primarily aimed at potential terrorists."
Leaked Snowden documents claim GCHQ spied on German ministries
London Times, 21 December 2013, Print Edition, P10

"A member of the White House review panel on NSA surveillance said he was 'absolutely' surprised when he discovered the agency’s lack of evidence that the bulk collection of telephone call records [within America] had thwarted any terrorist attacks. 'It was, ‘Huh, hello? What are we doing here?' said Geoffrey Stone, a University of Chicago law professor, in an interview with NBC News. 'The results were very thin.' While Stone said the mass collection of telephone call records was a 'logical program' from the NSA’s perspective, one question the White House panel was seeking to answer was whether it had actually stopped 'any [terror attacks] that might have been really big.' 'We found none,' said Stone. Under the NSA program, first revealed by ex-contractor Edward Snowden, the agency collects in bulk the records of the time and duration of phone calls made by persons inside the United States. Stone was one of five members of the White House review panel – and the only one without any intelligence community experience – that this week produced a sweeping report recommending that the NSA’s collection of phone call records be terminated to protect Americans’ privacy rights. The panel made that recommendation after concluding that the program was 'not essential in preventing attacks.' 'That was stunning. That was the ballgame,' said one congressional intelligence official, who asked not to be publicly identified. 'It flies in the face of everything that they have tossed at us.'.... The conclusions of the panel’s reports were at direct odds with public statements by President Barack Obama and U.S. intelligence officials. 'Lives have been saved,' Obama told reporters last June, referring to the bulk collection program and another program that intercepts communications overseas. 'We know of at least 50 threats that have been averted because of this information.' But in one little-noticed footnote in its report, the White House panel said the telephone records collection program – known as Section 215, based on the provision of the U.S. Patriot Act that provided the legal basis for it – had made 'only a modest contribution to the nation’s security.' The report said that 'there has been no instance in which NSA could say with confidence that the outcome [of a terror investigation] would have been any different' without the program....The panel’s findings echoed that of U.S. Judge Richard Leon, who in a ruling this week found the bulk collection program to be unconstitutional. Leon said that government officials were unable to cite 'a single instance in which analysis of the NSA’s bulk collection metadata collection actually stopped an imminent attack, or otherwise aided the Government in achieving any objective that was time-sensitive in nature.'"
NSA program stopped no terror attacks, says White House panel member
NBC News, 20 December 2013

"British and American intelligence agencies had a comprehensive list of surveillance targets that included the EU's competition commissioner, German government buildings in Berlin and overseas, and the heads of institutions that provide humanitarian and financial help to Africa, top secret documents reveal. The papers show GCHQ, in collaboration with America's National Security Agency (NSA), was targeting organisations such as the United Nations development programme, the UN's children's charity Unicef and Médecins du Monde, a French organisation that provides doctors and medical volunteers to conflict zones. The head of the Economic Community of West African States (Ecowas) also appears in the documents, along with text messages he sent to colleagues. The latest disclosures will add to Washington's embarrassment following the heavy criticism of the NSA when it emerged that it had been tapping the mobile telephone of the German chancellor, Angela Merkel. One GCHQ document, drafted in January 2009, makes clear the agencies were targeting an email address listed as belonging to another key American ally – the 'Israeli prime minister'. Ehud Olmert was in office at the time. Three other Israeli targets appeared on GCHQ documents, including another email address understood to have been used to send messages between the then Israeli defence minister, Ehud Barak, and his chief of staff, Yoni Koren. Britain's targeting of Germany may also prove awkward for the prime minister, David Cameron; in October, he endorsed an EU statement condemning NSA spying on world leaders, including Merkel. They have both been in Brussels, attending an EU summit that concludes on Friday. The names and details are the latest revelations to come from documents leaked by the whistleblower Edward Snowden and are likely to fuel further concern about the extent of the surveillance being conducted by GCHQ and the NSA. The disclosures reflect the breadth of targets sought by the agencies, which goes far beyond the desire to intercept the communications of potential terrorists and criminals, or diplomats and officials from hostile countries. Asked about this activity, a spokesman for GCHQ said it was 'longstanding policy that we do not comment on intelligence matters', but the official insisted the agency 'takes its obligations under the law very seriously'. However, Leigh Daynes, an executive director of Médecins du Monde in the UK, said he was 'shocked and surprised by these appalling allegations of secret surveillance on our humanitarian operations'."
GCHQ and NSA targeted charities, Germans, Israeli PM and EU chief
Guardian, 20 December 2013

"The inventor of the web, Sir Tim Berners-Lee, has collaborated with more than 100 free speech groups and leading activists in an open letter to protest against the routine interception of data by governments around the world. In the letter to the Open Government Partnership, the group condemns the hypocrisy of member nations in signing up to an organisation which aims to preserve freedom while at the same time running one of the largest surveillance networks the world has ever seen. The organisations that have signed up include Oxfam, Privacy International and the Open Rights Group, and the individuals include Satbir Singh of the Commonwealth Human Rights Initiative and Indian social activist Aruna Roy. The letter calls on member governments to overhaul their privacy laws, protect whistleblowers and increase the transparency around their surveillance mechanisms."
Tim Berners-Lee leads call for more transparency over mass surveillance
Guardian, 19 December 2013

"The U.N. General Assembly unanimously adopted a resolution aimed at protecting the right to privacy against unlawful surveillance in the digital age on Wednesday in the most vocal global criticism of U.S. eavesdropping. Germany and Brazil introduced the resolution following a series of reports of U.S. surveillance, interception, and data collection abroad — including on Brazil's President Dilma Rousseff and German Chancellor Angela Merkel — that surprised and angered friends and allies. The resolution 'affirms that the same rights that people have offline must also be protected online, including the right to privacy.' It calls on the 193 U.N. member states 'to respect and protect the right to privacy, including in the context of digital communication,' to take measures to end violations of those rights, and to prevent such violations including by ensuring that national legislation complies with international human rights law. It also calls on all countries 'to review their procedures, practices and legislation regarding the surveillance of communications, their interception and collection of personal data, including mass surveillance, interception and collection, with a view to upholding the right to privacy of all their obligations under international human rights law.' The resolution calls on U.N. members to establish or maintain independent and effective oversight methods to ensure transparency, when appropriate, and accountability for state surveillance of communications, their interception and collection of personal data. General Assembly resolutions are not legally binding but they do reflect world opinion and carry political weight.... The United States did not fight the measure after it engaged in lobbying with Britain, Canada, Australia and New Zealand, which comprise the 'Five Eyes' intelligence-sharing group, to dilute some of the original draft resolution's language. The key compromise dropped the contention that the domestic and international interception and collection of communications and personal data, 'in particular massive surveillance,' may constitute a human rights violation. The resolution instead expresses deep concern at 'the negative impact' that such surveillance, 'in particular when carried out on a mass scale, may have on the exercise and enjoyment of human rights.' It directs U.N. human rights chief Navi Pillay to report to the Human Rights Council and the General Assembly on the protection and promotion of privacy 'in the context of domestic and extraterritorial surveillance ... including on a mass scale.' Cynthia Wong, senior Internet researcher at Human Rights Watch, and Jamil Dakwar, director of the American Civil Liberties Union's Human Rights Program, welcomed the resolution's unanimous adoption. 'With the Internet age quickly becoming a golden age for surveillance,' Wong said, 'this resolution is a critical first step that puts mass surveillance squarely on the international agenda.' 'Given the scale of snooping that technology now enables, all states should modernize privacy protections or we risk undermining the Internet's potential as a tool for advancing human rights,' she said. Dakwar said that while somewhat watered down, 'the measure still sends a strong message to the United States that it's time to reverse course and end NSA dragnet surveillance.'"
UN votes to protect privacy in digital age
Associated Press, 18 December 2013

"A White House-appointed panel on Wednesday proposed curbs on some key National Security Agency surveillance operations, recommending limits on a program to collect records of billions of telephone calls and new tests before Washington spies on foreign leaders. Among the panel's proposals, made in the wake of revelations by former NSA contractor Edward Snowden, the most contentious may be its recommendation that the eavesdropping agency halt collection of the phone call records, known as 'metadata.' Instead, it said, those records should be held by telecommunications providers or a private third party. In a further limitation, the U.S. government would need an order from the Foreign Intelligence Surveillance Court to search the data. 'We don't see the need for the government to be retaining that data,' said Richard Clarke, a member of the panel and a former White House counterterrorism advisor. Across U.S. surveillance programs more broadly, 'we tend to believe there should be further judicial oversight than there has been,' Clarke said. It remains to be seen, however, how many of the panel's 46 recommendations will be accepted by President Barack Obama and the U.S. Congress. The panel's five members met with Obama at the White House on Wednesday. NSA officials have staunchly defended the bulk metadata program, saying it is essential to 'connect the dots' between terrorist plotters overseas and co-conspirators inside the United States.... Michael Morell, a former deputy CIA director who is on the White House review panel, said its members do not believe that its proposals for change 'in any way undermine the capabilities of the U.S. intelligence community to collect the information it needs to collect to keep this country safe.' In another major recommendation, the panel proposed five tests it said should be met before Washington conducts surveillance against foreign leaders. Revelations in documents provided by Snowden that the United States spied on German Chancellor Angela Merkel and Brazilian President Dilma Rousseff have enraged those countries' citizens. Brazil on Wednesday awarded a $4.5 billion contract to Saab AB to replace its aging fleet of fighter jets, after news of U.S. spying on Brazilians helped derail U.S. firm Boeing's chances for the deal. 'The NSA problem ruined it for the Americans,' a Brazilian government source said on condition of anonymity.... Before spying on foreign leaders, the panel said, U.S. leaders should determine whether such surveillance is merited by 'significant threats' to national security, and whether the nation involved is one 'whose leaders we should accord a high degree of respect and deference.' U.S. leaders also should determine whether there is reason to believe the foreign leader has been duplicitous, whether there are other ways to obtain the necessary information, and weigh the negative effects if the surveillance becomes public, the panel said."
It said the U.S. government should explore agreements on spying practices "with a small number of closely allied governments.""
White House review panel proposes curbs on some NSA programs
Reuters, 18 December 2013

"Former CIA Director James Woolsey had harsh words Tuesday for anyone thinking about giving Edward Snowden amnesty, and argued the NSA leaker should be 'hanged' if he’s ever tried and convicted of treason. Woolsey, along with former Chairman of the Joint Chiefs of Staff Gen. Hugh Shelton, spoke Tuesday in Washington in an interview with Fox News. 'I think giving him amnesty is idiotic,' Woolsey said. 'He should be prosecuted for treason. If convicted by a jury of his peers, he should be hanged by his neck until he is dead.' Shelton called the prospect of giving Snowden amnesty a 'grave error.' The reaction comes after an official with the NSA task force assessing the leaks floated the idea of allowing Snowden safe passage back to the United States in exchange for a promise to end further leaking. Snowden said on Tuesday that he is willing to divulge information gathered by the NSA to Brazilian authorities in exchange for asylum. Brazilian President Dilma Rousseff postponed a state visit to the United States in response to NSA spying on Brazilians."
Ex-CIA director: Snowden should be ‘hanged’ if convicted for treason
Fox News, 17 December 2013

"On [MSNBC's] Morning Joe Tuesday morning, host Joe Scarborough wondered if yesterday’s ruling by Federal Judge Richard Leon that the National Security Agency’s phone record collection was unconstitutional vindicated Edward Snowden’s leaking of the NSA materials, an act for which he remains wanted by the U.S. government. 'If what the NSA did last year, what the government’s been doing for some time, violates the most sacred tenets of the Constitution, and as a judge said, James Madison would be deeply offended by what the federal government has done to pry into other people’s lives, does Edward Snowden then become a whistleblower?' Scarborough asked. 'Because I don’t know what the definition of whistleblower is. But let’s say this is held up in the United States Supreme Court. If somebody exposes something that would be deeply offensive to James Madison and the framers of Constitution, I think Edward Snowden has a point.' '[Snowden] said from the very beginning that this was what he was trying to do,' said New York Magazine’s John Heilemann. 'He said he wanted to expose the program so it could be challenged in an open court, which it had never been able to be done before, because of the the nature of the program. It’s now been challenged in open court… Edward Snowden, at least for today, stands pretty fairly vindicated in terms of what he did, what he said he wanted to do.'"
Scarborough: If NSA Surveillance is Unconstitutional, Does Snowden ‘Become a Whistleblower?’
Mediaite, 17 December 2013

"Six months ago, I stepped out from the shadows of the United States Government's National Security Agency to stand in front of a journalist's camera. I shared with the world evidence proving some governments are building a world-wide surveillance system to secretly track how we live, who we talk to, and what we say. I went in front of that camera with open eyes, knowing that the decision would cost me family and my home, and would risk my life. I was motivated by a belief that the citizens of the world deserve to understand the system in which they live. My greatest fear was that no one would listen to my warning. Never have I been so glad to have been so wrong. The reaction in certain countries has been particularly inspiring to me, and Brazil is certainly one of those. At the NSA, I witnessed with growing alarm the surveillance of whole populations without any suspicion of wrongdoing, and it threatens to become the greatest human rights challenge of our time. The NSA and other spying agencies tell us that for our own 'safety'-for Dilma's 'safety,' for Petrobras' 'safety'-they have revoked our right to privacy and broken into our lives. And they did it without asking the public in any country, even their own. Today, if you carry a cell phone in Sao Paolo, the NSA can and does keep track of your location: they do this 5 billion times a day to people around the world. When someone in Florianopolis visits a website, the NSA keeps a record of when it happened and what you did there. If a mother in Porto Alegre calls her son to wish him luck on his university exam, NSA can keep that call log for five years or more. They even keep track of who is having an affair or looking at p****graphy, in case they need to damage their target's reputation. American Senators tell us that Brazil should not worry, because this is not 'surveillance,' it's 'data collection.' They say it is done to keep you safe. They're wrong. There is a huge difference between legal programs, legitimate spying, legitimate law enforcement - where individuals are targeted based on a reasonable, individualized suspicion - and these programs of dragnet mass surveillance that put entire populations under an all-seeing eye and save copies forever. These programs were never about terrorism: they're about economic spying, social control, and diplomatic manipulation. They're about power."
The Greatest Human Rights Challenge Of Our Time
Open Letter To The People Of Brazil, By Edward Snowden, 17 December 2013

"National Security Agency leaker Edward Snowden wrote in a lengthy 'open letter to the people of Brazil' that he's been inspired by the global debate ignited by his release of thousands of NSA documents and that the agency's culture of indiscriminate global espionage 'is collapsing.' In the letter, Snowden commended the Brazilian government for its strong stand against U.S. spying. He wrote that he'd be willing to help the South American nation investigate NSA spying on its soil, but could not fully participate in doing so without being granted political asylum, because the U.S. 'government will continue to interfere with my ability to speak.' Revelations about the NSA's spy programs were first published in the Guardian and The Washington Post newspapers in June, based on some of the thousands of documents Snowden handed over to Barton Gellman at the Post and to Brazil-based American journalist Glenn Greenwald and his reporting partner, Laura Poitras, a U.S. filmmaker. The documents revealed Brazil is the top NSA target in Latin America, with spying that has included the monitoring of Brazilian President Dilma Rousseff's cellphone and hacking into the internal network of state-run oil company Petrobras...The revelations enraged Rousseff, who in October canceled an official visit to Washington that was to include a state dinner. She's also pushing the United Nations to give citizens more protections against spying. In his letter, Snowden dismissed U.S. explanations to the Brazilian government and others that the bulk of metadata gathered on billions of emails and calls was more 'data collection' than surveillance. 'There is a huge difference between legal programs, legitimate spying ... and these programs of dragnet mass surveillance that put entire populations under an all-seeing eye and save copies forever,' he wrote. 'These programs were never about terrorism: they're about economic spying, social control, and diplomatic manipulation. They're about power.'"
Snowden Offers to Help Brazil if Granted Asylum
New York Times, 17 December 2013

"Nearly two months after President Obama assured Chancellor Angela Merkel of Germany that the United States would never again target her cellphone, a broader effort to build a new intelligence relationship with Germany is floundering, with each side increasingly reluctant to make major changes in how it deals with the other. American officials have refused to extend the 'no spying' guarantee beyond Ms. Merkel, telling German officials in private sessions that if the White House agreed to forgo surveillance on German territory, other partners would insist on the same treatment. 'Susan Rice has been very clear to us,' one senior German official said, referring to Mr. Obama’s national security adviser. 'The U.S. is not going to set a precedent.' How aggressively to continue targeting the leaders of countries allied with the United States is one of the most delicate questions facing Mr. Obama as he weighs the still-confidential report of an outside advisory group that submitted 40 recommendations to him on Friday, including several dealing with spying on the United States’ closest allies and partners. The director of the National Security Agency, Gen. Keith B. Alexander, said in an interview after the monitoring of Chancellor Merkel was revealed that the United States may soon have to choose between spying on partners and making them full participants in combating digital threats. Ms. Merkel has also responded to the disclosures: Among the ministers she named to her new coalition government on Sunday was a former intelligence official. 'This is a consequence of the N.S.A. matter, or affair,' she said, using the common reference in Germany to the reports on American intelligence activities. It is 'a justified response to the new challenges we face.' According to officials familiar with the advisory group’s report to Mr. Obama, it concluded that the White House must regularly review the N.S.A.’s surveillance programs to determine whether the intelligence gathered is worth the damage that would be done if a program were revealed — a process that C.I.A. operations go through annually. Officials said elements of that recommendation were already being adopted ahead of Mr. Obama’s broader announcement, expected in January, about the N.S.A. overhauls he plans to make."
U.S.-Germany Intelligence Partnership Falters Over Spying
New York Times, 16 December 2013

"A Federal District Court judge ruled on Monday that the National Security Agency program that is systematically keeping records of all Americans’ phone calls most likely violates the Constitution, and he ordered the government to stop collecting data on two plaintiffs’ personal calls and destroy the records of their calling history. In a 68-page ruling, Judge Richard J. Leon of the District of Columbia called the program’s technology 'almost Orwellian' and suggested that James Madison, the author of the Constitution, would be 'aghast' to learn that the government was encroaching on liberty in such a way. 'I cannot imagine a more ‘indiscriminate’ and ‘arbitrary’ invasion than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying and analyzing it without prior judicial approval,' Judge Leon wrote. 'Surely, such a program infringes on ‘that degree of privacy’ that the founders enshrined in the Fourth Amendment.' Judge Leon stayed his injunction 'in light of the significant national security interests at stake in this case and the novelty of the constitutional issues,' allowing the government time to appeal it, a matter that he said could take some six months. Vanee Vines, a spokeswoman for the N.S.A., had no immediate comment on the ruling by Judge Leon, a 2002 appointee of President George W. Bush. The ruling is the first successful legal challenge brought against the program since it was revealed in June after leaks by the former N.S.A. contractor Edward J. Snowden. It was brought by several plaintiffs led by Larry Klayman, a conservative public-interest lawyer. The American Civil Liberties Union has filed a similar lawsuit in the Southern District of New York. In a statement distributed by the journalist Glenn Greenwald, who was a recipient of leaked documents from Mr. Snowden and who wrote the first article about the bulk data collection, Mr. Snowden hailed the ruling. 'I acted on my belief that the N.S.A.'s mass surveillance programs would not withstand a constitutional challenge, and that the American public deserved a chance to see these issues determined by open courts,' Mr. Snowden said. 'Today, a secret program authorized by a secret court was, when exposed to the light of day, found to violate Americans’ rights. It is the first of many.'"
Federal Judge Rules Against N.S.A. Phone Data Program
New York Times, 16 December 2013

"Facebook wants to become your new best friend by knowing everything about you - and it's going to happen whether you like it not. From the bottles of beer you drink, to the places you visit on vacation, the social networking site will compile everything there is to know about you (and the billion other people online) - and then make sense of it with the hope of selling better, targeted advertising in your news feed. The social networking giant has teamed up with New York University to set up a research lab designed to learn about artificial intelligence. It would enable Facebook to learn more about individuals and ultimately achieve better results for targeted ads and news feed improvements. For now, Facebook feeds may seem like a random jumble, but LeCun argues these 'can be improved by intelligent systems.' 'This could include things like ranking (the items in) news feeds, or determining the ads that are shown to users, to be more relevant,' LeCun said."
Facebook develops algorithm that will learn EVERYTHING
Mail, 14 December 2013

"American intelligence and law enforcement investigators have concluded that they may never know the entirety of what the former National Security Agency contractor Edward J. Snowden extracted from classified government computers before leaving the United States, according to senior government officials. Investigators remain in the dark about the extent of the data breach partly because the N.S.A. facility in Hawaii where Mr. Snowden worked — unlike other N.S.A. facilities — was not equipped with up-to-date software that allows the spy agency to monitor which corners of its vast computer landscape its employees are navigating at any given time. Six months since the investigation began, officials said Mr. Snowden had further covered his tracks by logging into classified systems using the passwords of other security agency employees, as well as by hacking firewalls installed to limit access to certain parts of the system. 'They’ve spent hundreds and hundreds of man-hours trying to reconstruct everything he has gotten, and they still don’t know all of what he took,' a senior administration official said. 'I know that seems crazy, but everything with this is crazy.' That Mr. Snowden was so expertly able to exploit blind spots in the systems of America’s most secretive spy agency illustrates how far computer security still lagged years after President Obama ordered standards tightened after the WikiLeaks revelations of 2010. Mr. Snowden’s disclosures set off a national debate about the expansion of the N.S.A.’s powers to spy both at home and abroad, and have left the Obama administration trying frantically to mend relations with allies after his revelations about American eavesdropping on foreign leaders. In an interview with The New York Times in October, Mr. Snowden said he had given all of the documents he downloaded to journalists and kept no additional copies. In recent days, a senior N.S.A. official has told reporters that he believed Mr. Snowden still had access to documents not yet disclosed. The official, Rick Ledgett, who is heading the security agency’s task force examining Mr. Snowden’s leak, said he would consider recommending amnesty for Mr. Snowden in exchange for those documents. 'So, my personal view is, yes, it’s worth having a conversation about,' Mr. Ledgett told CBS News. 'I would need assurances that the remainder of the data could be secured, and my bar for those assurances would be very high. It would be more than just an assertion on his part.' Mr. Snowden is living and working in Russia under a one-year asylum. The Russian government has refused to extradite Mr. Snowden, who was indicted by the Justice Department in June on charges of espionage and stealing government property, to the United States. Mr. Snowden has said he would return to the United States if he was offered amnesty, but it is unclear whether Mr. Obama — who would most likely have to make such a decision — would make such an offer, given the damage the administration has claimed Mr. Snowden’s leaks have done to national security. Because the N.S.A. is still uncertain about exactly what Mr. Snowden took, government officials sometimes first learn about specific documents from reporters preparing their articles for publication — leaving the State Department with little time to notify foreign leaders about coming disclosures. With the security agency trying to revamp its computer network in the aftermath of what could turn out to be the largest breach of classified information in American history, the Justice Department has continued its investigation of Mr. Snowden. According to senior government officials, F.B.I. agents from the bureau’s Washington field office, who are leading the investigation, believe that Mr. Snowden methodically downloaded the files over several months while working as a government contractor at the Hawaii facility. They also believe that he worked alone, the officials said."
Officials Say U.S. May Never Know Extent of Snowden’s Leaks
New York Times, 14 December 2013

"Every member who sits on the committees that oversee government intelligence operations has received campaign contributions from the top twenty largest intelligence companies in the United States, according to a new report. Amid the NSA scandal, the House Permanent Select Committee on Intelligence and the Senate Select Committee on Intelligence — the committees in charge of oversight — denied stricter reform attempts to the NSA programs and instead propelled legislation aimed at restoring their trust. The committees are intended to keep waste, fraud, and abuse in check given most of these programs are hidden from the general public. Every single member on the committees received campaign contributions from the largest intelligence companies in the U.S. performing services for the the government. A report from Maplight, a nonpartisan research organization that reveals money in politics, highlights the donations from political action committees (PACs) and individuals from the intelligence services companies to these members. The report shows donations amount to over $3.7 million from 2005-2013."
Lawmakers who oversee government surveillance programs receive millions from intelligence companies
Capital City Projects, 13 December 2013

"Officials within the National Security Agency are considering whether to grant Edward Snowden amnesty and allow him back into the United States, in order to get back reams of classified information taken by the former agency contractor. Rick Ledgett, the head of NSA's Snowden task force, told CBS News that considering amnesty is 'worth having a conversation about,' if a deal meant the return of the agency's secrets. 'I would need assurances that the remainder of the data could be secured, and my bar for those assurances would be very high,' Ledgett said in an interview with 60 Minutes, set to air on Sunday. 'It would be more than just an assertion on his part,' he added. Administration and U.S. intelligence officials assert Snowden stole more than 1.5 million classified documents detailing specific NSA programs and operations, only a portion of which have been made public. A possible amnesty deal would not only bring those documents back to the NSA, but also allow Snowden to return from Russia, where he is currently living in asylum, back to American shores. Getting those classified documents back into American hands would effectively stop the political bleeding for the agency and White House, who have been in damage control since the initial Snowden leaks. But NSA chief Gen. Keith Alexander said an amnesty deal for Snowden would send a dangerous precedent within the agency and the intelligence community writ large. 'I think people have to be held accountable for their actions. … Because what we don't want is the next person to do the same thing, race off to Hong Kong and to Moscow with another set of data, knowing they can strike the same deal,' Alexander said in a separate interview with CBS."
Report: NSA considers amnesty for Snowden
The Hill, 13 December 2013

"Thanks to Edward Snowden we now understand that the NSA runs many dragnet surveillance programs, some of which target Americans. But a story yesterday from Washington, D.C. public radio station WAMU is a reminder that dragnet surveillance is not just a tool of the NSA—the local police use mass surveillance as well. DC’s Metropolitan Police Department uses cameras to scan vehicle license plates in huge numbers and saves all the data for two years, even though only a tiny fraction—0.01 %—turn out to be associated with any possible wrongdoing....In 2012, the police in Washington scannedover 204 million license plates. But only 22,655 were associated with some possible wrongdoing (what the chart refers to as 'hits')."
Mass Location Tracking: It’s Not Just For the NSA
ACLU, 12 December 2013

"Today, the web giant announced a change to its popular Gmail service: Images embedded in emails will now be automatically displayed, saving users from clicking on a 'display images' link and, Google claims, making 'your messages more safe and secure.' But buried in the fine print, a different picture emerges. The new setup also means that people and companies who send you email will be able to find out when you’ve opened and read their messages, because loading these images requires a call back to the sender’s server. That said, the sender still has to know how to rig their emails to take advantage of this, and that means that sophisticated corporations are far more likely to take advantage of this privacy hole than your friends and relatives. They’ll have to evade Google’s filters for 'suspicious' content, and you’ll have to check your Gmail over the web — not via a local client — for this change to impact you. But it’s an important development. Other email clients automatically load images, but Google’s change brings this to what is now the world’s largest service. The good news is that you can turn off the new change. But most people won’t know any better."
With the New Gmail, People Will Know When You Open That Message
Wired, 12 December 2013

"CertiVox has admitted that it chose to take its secure email encryption service PrivateSky offline after a warrant was issued by a division of GCHQ. CEO Brian Spector told IT Security Guru that despite having 'tens of thousands of heavily active users', it was served with an ultimatum from the National Technical Assistance Centre (NTAC), a division of GCHQ and a liaison with the Home Office, who were seeking the keys to decrypt the customer data. He said that this was at the end of 2012, ahead of the same action by Lavabit and Silent Circle and it was before Snowden happened. 'So they had persons of interest they wanted to track and came with this signed by the Home Secretary. You have to comply or you go to jail,' he said. 'It is the same in the USA with FISMA, and it is essentially a national security warrant. So in late 2012 we had the choice to make - either architect the world's most secure encryption system on the planet, so secure that CertiVox cannot see your data, or spend £500,000 building a backdoor into the system to mainline data to GCHQ so they can mainline it over to the NSA.' Spector said that complying with the warrant would have been a 'catastrophic invasion of privacy' of its users, so instead it chose to withdraw the product from public use and run it internally. 'Whether or not you agree or disagree with the UK and US government, this is how it is and you have to comply with it,' he said."
CertiVox confirms it withdrew PrivateSky after GCHQ issued warrant
IT Security Guru, Undated Page (December 2013)

"A backpacker coming home for Christmas had every bit of electronic equipment stripped from him at the airport. A Customs officer at Auckland International Airport took law graduate Sam Blackman's two smartphones, iPad, an external hard drive and laptop - and demanded his passwords. Mr Blackman, 27, who was breaking up travelling with his journalist fiance Imogen Crispe for a month back in New Zealand for Christmas, was initially given no reason why the gear was taken. The only possibility of why it occurred was his attendance - and tweeting - of a London meeting on mass surveillance sparked by the Snowden revelations, he said. However, a Customs official has since told him they were searching everything for objectionable material under the Films, Videos, and Publications Classification Act 1993. Mr Blackman said he did not have anything of that nature and could not understand why he had been targeted. Mr Blackman arrived in Auckland at 5.30am on a flight from Heathrow, travelling through San Francisco. He declared loose-leaf tea he was carrying as he came through Customs and believed that was responsible for the extensive bag search to which he was subjected. 'He said 'we're not worried about the tea',' Mr Blackman said of the Customs' official. The official then returned to going through the bag, pulling out electronic equipment as he did so. 'We're going to have to detain this,' Mr Blackman said he was told. 'We're going to have to send this to a forensic investigator.' Mr Blackman said when he pulled a phone out of his pocket, the official also took that, refusing permission for him to call his parents who were waiting in the arrival lounge. He said he was also told to provide passwords for the equipment. 'That is a real invasion of privacy.' One of the phones had no password but required a design to be traced on the screen. The official was unconcerned and said the forensic team would defeat security to access the device, Mr Blackman claimed. He said he asked why the items were being confiscated and the official refused to say - or to say how long the items would be kept. Earlier, Mr Blackman said he thought it may have occurred because of his attendance at the London meeting on mass surveillance. In November, Mr Blackman and Ms Crispe attended a meeting at the Royal Institute of British Architects attended by Guardian editor Alan Rusbridger, MPs from across Europe, and spokespeople from groups opposing spying. A Customs' spokeswoman refused to discuss Mr Blackman's case. She said passengers considered 'high risk'received attention at the airport. She also said Customs officials were required to have 'reasonable cause'to believe an offence had been committed. 'Information or data may be used as evidence of an offence or may be a prohibited item such as objectionable images.' TechLiberty director Thomas Beagle said the seizure of phones and laptops was a 'major interference in your life'in the modern world. He said Customs law had a pre-digital focus which, when applied to the technical age, did not take into account the amount of personal information or the frequency of use. 'What does this mean for other people? You really have to consider what you take over the border.' Mr Beagle said his understanding of the law was that travellers did not have to surrender their passwords. However, he said it meant it was likely the device of interest would then not be allowed into the country."
Backpacker stripped of tech gear at Auckland Airport
New Zealand Herald, 12 December 2013

"The European parliament has voted to formally invite Edward Snowden to give testimony on NSA spying, despite opposition from conservative MEPs. If the US whistleblower provides answers to the questions compiled by parliamentarians in time, a hearing via video link could take place in early January. It had looked on Wednesday as if European conservatives were trying to kick the hearing into the long grass. The European People's party (EPP), the alliance of centre-right parties, had raised a number of concerns about inviting Snowden for a hearing, noting that it could endanger the transatlantic trade agreement with the US. But on Thursday morning, the leaders of the main political groupings in the European parliament voted to invite Snowden. In the coming weeks, questions will be compiled and then forwarded to the former NSA contractor's lawyer, with roughly two questions coming from each political group. Labour MEP Claude Moraes, the lead rapporteur for the European parliament inquiry on the mass surveillance of EU citizens, welcomed the outcome of the vote and promised that questioning would be 'rigorous and fair'. 'Amongst the questions I will ask Mr Snowden,' Moraes said, 'will be why he decided to reveal the information and the consequences and implications of his actions; questions around his current situation in Russia; questions around his opinion on the impact of his revelations on security, the intelligence services, and 'the right to know'; questions around his opinions of where his revelations and allegations take the area of mass surveillance in the future.' The European parliament hopes to create an interactive situation for the hearing, where MEPs can interview Snowden in real time. However, as there are some concerns that a live linkup might allow the NSA to pinpoint Snowden's location, answers may end up having to be pre-recorded. The British Conservative party, which is not part of the EPP, had clearly stated its opposition to inviting Snowden at the end of last week. Conservative MEP Timothy Kirkhope had described the invitation as 'a provocative act' which would 'endanger public security around Europe and beyond'."
Edward Snowden: MEPs vote to invite ex-NSA contractor to testify
BBC Online, 12 December 2013

"French intelligence and government officials will be able to spy on internet users in real time and without prior legal authorisation, under a law passed on Wednesday. The legislation, which was approved almost unnoticed, will enable a wide range of public officials including police, gendarmes, intelligence and anti-terrorist agencies as well as several government ministries to monitor computer, tablet and smartphone use directly. The spying clause, part of a new military programming law, comes just weeks after France, which considers individual privacy a pillar of human rights, expressed outrage at revelations that the US National Security Agency (NSA) had been intercepting phone calls in France. The president, François Hollande, expressed his 'extreme reprobation'. Article 13 of the new law will allow not just the security forces but intelligence services from the defence, interior, economy and budget ministries to see 'electronic and digital communications' in real time to discover who is connected to whom, what they are communicating and where they are..... Government officials say the measure is necessary to combat terrorism, organised crime and economic or scientific espionage, and to protect national security. The defence minister, Jean-Yves Le Drian, insisted 'public liberties will be covered' in the new law. Until now, demands for phone taps or data intercepts were supposed to be authorised by a judge or the National Commission for the Control of Security Intercepts, a five-strong independent body made up of a former judge and a representative from each house of the French parliament plus two other delegates. The government says the spying will be overseen by an 'independent authority – the CNCIS – and by parliament'. However, under the law, agencies have until 48 hours after surveillance has begun to seek approval from the CNCIS president and can continue while awaiting his decision."
French officials can monitor internet users in real time under new law
Guardian, 11 December 2013

"The National Security Agency has been accused of using Google cookies to pinpoint targets the government wants to hack. In a NSA presentation slide released by Edward Snowden and seen by the Washington Post, the agency appeared to be using internet tracking techniques usually used by advertisers. While the Pref Cookies reportedly being used don't reveal personal information, they can uniquely identify a person's browser. The NSA and GCHQ in the UK have been using the tracking files to identify potential targets who are using the internet, according to the documents. As well as listing visits to websites, the cookies can identify an individual's communications so that hacking software can be sent out. The slide seen by the Washington Post showed the tracking devices 'enable remote exploitation' though how this has been used against targets was not revealed. While cookies could help the NSA track an individual it cannot be used to help the agency sort through vast amounts of information. It works only if someone has already been identified as a target. Another slide suggested that the NSA was also collecting location data from by mobile apps in program code-named HAPPYFOOT. The information is said to help the NSA map internet addresses to physical locations more precisely than with geolocation services. 'This shows a link between the sort of tracking that's done by websites for analytics and advertising and NSA exploitation activities,' Ed Felten, a computer scientist at Princeton, said. 'By allowing themselves to be tracked for analytic or advertising at least some users are making themselves more vulnerable to exploitation,' he added. Since June, newspapers across the world have revealed the scope of government spying by publishing classified documents leaked by Snowden, a former NSA contract analyst. While the latest slide suggested the NSA used the devices, it did not explain how the agency got hold of Pref Cookies or whether Google cooperated with sharing the data. When approached by the Post, the NSA declined to comment. .... Google also declined to comment, buts its chief executive, Larry Page, has called for limits on court-approved surveillance requests."
'NSA uses Google cookies to track targets,' reveals latest Snowden leak
Mail, 11 December 2013

"A man claims he suffered serious emotional trauma at the hands of the federal government after Google auto-corrected his innocent web search into something sinister. When he typed ‘how do I build a radio controlled’ in October 2009, former government contractor Jeffrey Kantor says Google auto-completed his search to read: ‘how do I build a radio controlled b***.’ Now he’s implicated some of Washington’s top brass in a bizarre $60 million lawsuit that alleges he was fired from his job after the government stalked him and used his co-workers to emotionally abuse him..... Kantor even claims the government attached a GPS tracker to his car as part of the stalking. He’s now suing the state department and Secretary John Kerry, Director of National Intelligence James Clapper, the CIA and Director John Brennan, the Defense Department and Secretary Chuck Hagel, and Attorney General Eric Holder."
Man names top Washington officials in $60M suit that claims the government's been stalking him since Google mistakenly made his web search about building b***s
Mail, 11 December 2013

"Developers of the FreeBSD operating system will no longer allow users to trust processors manufactured by Intel and Via Technologies as the sole source of random numbers needed to generate cryptographic keys that can't easily be cracked by government spies and other adversaries. The change, which will be effective in the upcoming FreeBSD version 10.0, comes three months after secret documents leaked by former National Security Agency (NSA) subcontractor Edward Snowden said the US spy agency was able to decode vast swaths of the Internet's encrypted traffic. Among other ways, The New York Times, Pro Publica, and The Guardian reported in September, the NSA and its British counterpart defeat encryption technologies by working with chipmakers to insert backdoors, or cryptographic weaknesses, in their products. The revelations are having a direct effect on the way FreeBSD will use hardware-based random number generators to seed the data used to ensure cryptographic systems can't be easily broken by adversaries."
'We cannot trust' Intel and Via’s chip-based crypto, FreeBSD developers say
Arstechnica, 10 December 2013

"A new study published by the Center for Internet and Society (CIS) at Stanford Law School suggests that the methods the NSA uses to determine reasonable and articulable suspicion (RAS) of terrorist activity may authorize the agency to examine the call records of more American citizens than previously believed. The standard for NSA phone record acquisition, as defined by the Foreign Surveillance Intelligence Court, permits analysts to target individuals 'three hops' from a terror suspect. In other words, a person who is talking to someone, who is talking to someone, who is talking to the suspect. The three degrees of separation method used by the NSA sounds innocuous at first. After all, when the population of an entire city is at risk, who has time to gather evidence for a warrant? After watching a few NCIS reruns, it’s easy to imagine how the plot unfolds: Islamic fundamentalists in the United States are contacted by their al-Qaeda leader in the Middle East. They receive instructions to commit an act of terrorism. These operatives then contact another associate, who transports explosives, or radioactive materials, perhaps, which were acquired from a nefarious black market dealer-type guy. In the TV scenario, the NSA’s three-hop method gives intelligence analysts immediate access to the records of each conspirator—invaluable time wouldn’t be wasted trying to obtain four separate warrants. Of course, that’s television, where the privacy of millions of citizens wouldn’t be violated in this process; even if it were, surely the ends justify the means. Unfortunately, in the real world, the benefits of providing the U.S. government with unfettered access into the personal lives of its citizens aren’t nearly as discernable. And historically speaking, the potential for abuse is simply too great to ignore. As the world recently learned, there are over 700,000 people on the U.S. terror watch list. Likewise, there are are tens of thousands of individuals, which the government refers to as 'seed' numbers, who have been designated by the FISA court as legitimate targets for record collection, CIS notes. These records are immediately accessible to intelligence analysts and the three-hop process can also be applied....Based on averages, if a suspect has 190 Facebook friends, the NSA can legally access the records of 31,046 others by the second hop alone, which is more than Columbia University’s entire student body. By the third hop, the NSA would have access to the records of over 5 million individuals, or more than the entire population of Colorado."
Study suggests NSA can legally access majority of American phone data
The Daily Dot, 10 December 2013

"More than 500 of the world's leading authors, including five Nobel prize winners, have condemned the scale of state surveillance revealed by the whistleblower Edward Snowden and warned that spy agencies are undermining democracy and must be curbed by a new international charter.The signatories, who come from 81 different countries and include Margaret Atwood, Don DeLillo, Orhan Pamuk, Günter Grass and Arundhati Roy, say the capacity of intelligence agencies to spy on millions of people's digital communications is turning everyone into potential suspects, with worrying implications for the way societies work.They have urged the United Nations to create an international bill of digital rights that would enshrine the protection of civil rights in the internet age. Their call comes a day after the heads of the world's leading technology companies demanded sweeping changes to surveillance laws to help preserve the public's trust in the internet – reflecting the growing global momentum for a proper review of mass snooping capabilities in countries such as the US and UK, which have been the pioneers in the field. The open letter to the US president, Barack Obama, from firms including Apple, Google, Microsoft and Facebook, will be followed by the petition, which has drawn together a remarkable list of the world's most respected and widely-read authors, who have accused states of systematically abusing their powers by conducting intrusive mass surveillance."
World's leading authors: state surveillance of personal data is theft
Guardian, 10 December 2013

"Former President Bill Clinton has condemned industrial espionage reportedly committed by the National Security Agency. Clinton told Rio de Janeiro daily O Globo in an interview published Monday that 'we shouldn't collect economic information under the pretext of security.' The comment came in response to questions about classified documents leaked by former NSA analyst Edward Snowden that showed that the agency hacked the computer network of Brazil's state-run oil company Petrobras."
Bill Clinton condemns economic espionage following reports NSA snooped in Brazil
Associated Press, 9 December 2013

"'I don’t have a microchip in my head – yet,' says the man charged with transforming Google’s relations with the technology giant’s human users. But Scott Huffman does envisage a world in which Google microphones, embedded in the ceiling, listen to our conversations and interject verbal answers to whatever inquiry is posed. Huffman, Google's engineering director, leads a team tasked with making conversations with the search engine more reflective of the complex interactions people enjoy with each other.... Whether Google users want a microphone embedded in every ceiling is another matter after the company became enveloped in a crisis of trust following Edward Snowden’s revelations about the US Government's National Security Agency’s clandestine electronic-surveillance programme PRISM. On Monday, Google joined forces with fellow tech giants including Facebook, Apple and Yahoo! to call for sweeping changes to US surveillance laws and an international ban on bulk collection of data to help preserve the public’s 'trust in the internet'. 'We take privacy and security very seriously,' Mr Huffman said. 'Our goal is to keep users’ information private and use it in a way that helps that user. When I ask Google for travel information during my trip it draws it out using my hotel confirmation email. So I’m trusting Google with that information and in exchange I’m getting that value.' Google believes it can ultimately fulfil people’s data needs by sending results directly to microchips implanted into its user’s brains. Research has already begun with such chips to help disabled people steer their wheelchairs."
Google's future: microphones in the ceiling and microchips in your head
Independent, 9 December 2013

"An Australian surveillance executive whose firm was contracted by several clients to sweep for hidden mobile interceptors and other spying devices in Australia and Asia has found dozens of them. Les Goldsmith, chief executive of ESD Group, told Fairfax Media his company found about 20 physical bugs when conducting sweeps in Australian business and local government offices, and another 68 in Asia between 2005 and 2011. The firm found 47 bugs in Papua New Guinea, ten in Singapore, three in the Philippines, five in Thailand, two in India and one in Fiji in several searches.....All governments are falling victim to surveillance and some governments are falling victim to it but not saying anything,' he said. Mr Goldsmith no longer conducts sweeps, saying he grew tired of crawling through roofs with his team and sleeping on client’s premises. He declined to say whether Australian agencies were responsible for any of the bugs found. 'Australia might be conducting spying operations but, from what we’ve seen, many other governments are doing spying operations across Asia as well and the majority of those operations are for economic reasons, not for criminal. It’s not about national security,' he said. Devices with microphones and/or hidden cameras were usually found in power points, telephone outlets, lighting fixtures, inside doors, walls and furniture such as in couches, keyboards, computer mice, clocks and in lamps. Two bugs found in Australia were planted in local government offices and the rest in businesses, he said. The reverse applied in Asia, where most were found in government offices. In Australia they were mainly found in premises in the mining, media and law sectors. Mr Goldsmith’s remarks come as officers from Australia’s domestic spy agency ASIO raided the office of a lawyer who claimed spies bugged the cabinet room of East Timor’s government during negotiations over oil and gas deposits. It also follows news that Ecuador found a bug in its London embassy, where Julian Assange is staying. Scott Ainslie, president of the Australian Institute of Professional Intelligence Officers and a former combat and counter intelligence officer at the Australian Defence Force, once worked as a reseller for Mr Goldsmith’s company and said he believed ESD’s figures. He said Australians had a naive attitude towards bugging."
Spy bugs found in Australia and Asia
Sydney Morning Herald, 7 December 2013

"The FBI has been able to covertly activate a computer’s camera — without triggering the light that lets users know it is recording — for several years, and has used that technique mainly in terrorism cases or the most serious criminal investigations, said Marcus Thomas, former assistant director of the FBI’s Operational Technology Division in Quantico, now on the advisory board of Subsentio, a firm that helps telecommunications carriers comply with federal wiretap statutes."
FBI’s search for ‘Mo,’ suspect in bomb threats, highlights use of malware for surveillance
Washington Post, 6 December 2013

"US whistleblower Edward Snowden is to give video evidence to the European Parliament, a German assembly member claims. A parliamentary committee session will examine mass-surveillance by intelligence agencies. The German member of the European Parliament, Jan Philipp Albrecht, said on Thursday that Snowden (pictured) would be appearing by videolink at a session of the assembly's Committee on Legal Affairs. The former intelligence contractor turned whistleblower would be available to answer questions posed by delegates investigating the issue of mass-surveillance of European Union citizens by the National Security Agency (NSA), Albrecht said in a statement posted to his website. The committee sitting could take place as early as December 18. Earlier this year, Snowden leaked details of the NSA's far-reaching spying programs that stirred international criticism over the extent of global surveillance. Snowden, who has been granted temporary asylum by Russia, provided documents to reporters at the Guardian and Washington Post newspapers, including details of the NSA's secret PRISM program."
Snowden to speak to European Parliament, delegate claims
Deutsche Welle, 6 December 2013

"The FBI team works much like other hackers, using security weaknesses in computer programs to gain control of users’ machines. The most common delivery mechanism, say people familiar with the technology, is a simple phishing attack — a link slipped into an e-mail, typically labeled in a misleading way. When the user hits the link, it connects to a computer at FBI offices in Quantico, Va., and downloads the malicious software, often called 'malware' because it operates covertly, typically to spy on or otherwise exploit the owner of a computer. As in some traditional searches, subjects typically are notified only after evidence is gathered from their property. 'We have transitioned into a world where law enforcement is hacking into people’s computers, and we have never had public debate,' said Christopher Soghoian, principal technologist for the American Civil Liberties Union. 'Judges are having to make up these powers as they go along.' Former U.S. officials say the FBI uses the technique sparingly, in part to keep public references to its online surveillance tools to a minimum. There was news coverage about them in 2007, when Wired reported that the FBI had sent surveillance software to the owner of a MySpace account linked to bomb threats against a Washington state high school. The FBI has been able to covertly activate a computer’s camera — without triggering the light that lets users know it is recording — for several years, and has used that technique mainly in terrorism cases or the most serious criminal investigations, said Marcus Thomas, former assistant director of the FBI’s Operational Technology Division in Quantico, now on the advisory board of Subsentio, a firm that helps telecommunications carriers comply with federal wiretap statutes. The FBI’s technology continues to advance as users move away from traditional computers and become more savvy about disguising their locations and identities. 'Because of encryption and because targets are increasingly using mobile devices, law enforcement is realizing that more and more they’re going to have to be on the device — or in the cloud,' Thomas said, referring to remote storage services. 'There’s the realization out there that they’re going to have to use these types of tools more and more.' The ability to remotely activate video feeds was among the issues cited in a case in Houston, where federal magistrate Judge Stephen W. Smith rejected a search warrant request from the FBI in April. In that case, first reported by the Wall Street Journal, Smith ruled that the use of such technology in a bank fraud case was 'extremely intrusive' and ran the risk of accidentally capturing information of people not under suspicion of any crime."
FBI’s search for ‘Mo,’ suspect in bomb threats, highlights use of malware for surveillance
Washington Post, 6 December 2013

"While Microsoft's recent move to encrypt user data made the most headlines, the reasoning underlying its new data protection strategies classify the US government in the same category as a cyber-criminal group. Brad Smith, Microsoft's EVP of Legal and Corporate Affairs, labeled the American government as an 'advanced persistent threat' in a December 4 post on The Official Microsoft Blog. The term advanced persistent threat (APT) refers to an attacker, usually an organized group of malicious attackers, that should be considered harmful and dangerous — and an overall method of attack that plays a 'long game.' Microsoft's explosive post begins by stating, 'Many of our customers have serious concerns about government surveillance of the Internet.'.... While the writing is cautiously couched in terms of 'some governments' it's crystal clear that Microsoft's 'advanced persistent threat' is referring to the ongoing revelations of US government surveillance activities (in leaks by Edward Snowden), and the concerns of Microsoft's American customers."
Microsoft: US government is an 'advanced persistent threat'
ZDNet, 6 December 2013

"To avoid surveillance, the first four Americans to visit Edward Snowden in Moscow carried no cell phones or laptops. They flew coach on Delta from Washington with tickets paid for by Dutch computer hackers. After checking into a preselected hotel not far from Red Square, they waited for a van to pick them up for dinner. None could retrace the ride that followed, driven by anonymous Russian security men, nor could any place the side door of the building where the trip ended. They passed through two cavernous ballrooms, the second with a painted ceiling like the Sistine Chapel, and emerged into a smaller space with salmon-colored walls and oil paintings in golden frames—like Alice in Wonderland, remembers one of the group. There at the bottom of the rabbit hole, in rimless glasses, a black suit and blue shirt with two open buttons at the collar, stood the 30-year-old computer whiz who had just committed the most spectacular heist in the history of spycraft. By all accounts, Snowden was delighted to see his countrymen, though over the next six hours he did not partake of the wine. At one point, Ray McGovern, a former CIA analyst, recited from memory in Russian an Alexander Pushkin poem, 'The Prisoner,' which he had learned back in his days spying on the Soviet Union. 'We have nothing to lose except everything, so let us go ahead,' said Jesselyn Radack, a former Justice Department attorney, quoting Albert Camus’s warning at the dawn of the nuclear age. Another attendee, the whistle-blowing FBI agent Coleen Rowley, compared Snowden to Benjamin Franklin, who as postmaster general in 1773 helped leak letters from American officials who were secretly collaborating with British authorities.... The gathering had been called to deliver an award, given by four dissident veterans of the U.S. national-security apparatus to one of their own. But for Snowden it was something more, a chance to reaffirm to the world the purpose of his actions, for which he has been charged in absentia with theft and violations of the Espionage Act. Since escaping his country in late May with tens of thousands of its most secret documents—'one of everything,' jokes one person with access to the stash—Snowden has chosen to lie low. No Twitter account. No television interviews. No direct contacts with U.S. authorities. He held his tongue as Kucherena boasted to the press about Snowden’s new Internet job in Moscow, his new Russian girlfriend and his dire money troubles. Most of that is fiction, like the novel, according to several people who communicate regularly with Snowden.... But he has nonetheless begun to figure out a life for himself in Russia, where he has been granted asylum for at least one year. He is learning Russian, recently read Fyodor Dostoyevsky’s Crime and Punishment and spent weeks living with his WikiLeaks protector, Sarah Harrison, who has since flown to Berlin, fearing that she could face criminal charges if she returns to her native Britain..... He wanted to issue a warning to the world, and he believed that revealing the classified information at his fingertips was the way to do it. His gambit has so far proved more successful than he reasonably could have hoped—he is alive, not in prison, and six months on, his documents still make headlines daily—but his work is not done, and his fate is far from certain. So in early October, he invited to Moscow some supporters who wanted to give him an award. After the toasts, some photographs and a brief ceremony, Snowden sat back down at the table, spread with a Russian buffet, to describe once again the dystopian landscape he believes is unfolding inside the classified computer networks on which he worked as a contractor. Here was a place that collected enormous amounts of information on regular citizens as a precaution, a place where U.S. law and policy did not recognize the right to privacy of foreigners operating outside the country, a place where he believed the basic freedoms of modern democratic states—'to speak and to think and to live and be creative, to have relationships and to associate freely'—were under threat.... Snowden’s theft revealed a massive, secret U.S. national-security state—$52.6 billion a year, with more than 30,000 employees at the NSA alone—struggling to come to grips with this new surveillance potential in the wake of the 2001 terrorist attacks. Electronic intelligence historically focused on foreign governments and their public officials, but the hijackers who took down the World Trade Center were private individuals, born abroad and living in the homeland. So as the rubble still smoldered, the great arrays set up by the NSA turned inward and shifted focus. The subjects of collection grew to include patterns within entire populations and historical data that could literally retrace the steps of individuals years before they became suspects. The challenge, explained one NSA document made public by Snowden, was to 'master global networks and handle previously unimagined volumes of raw data for both passive and active collection.'.... One NSA document released by Snowden estimated that 99% of the world’s Internet bandwidth in 2002 and 33% of the world’s phone calls in 2003 passed through the U.S., an accident of history that proved a gold mine to sift through, with or without the cooperation of American companies. The agency hacked overseas cables and satellites and surreptitiously sucked information transiting among foreign cloud servers of U.S. technology companies like Google and Yahoo. It harvested and stored hundreds of millions of contact lists from personal e-mail and instant-messaging accounts on services like Yahoo and Facebook.... Snowden’s ..... he continued, is that the disclosure will force five distinct civic bodies—the public, the technologist community, the U.S. courts, Congress and the Executive Branch—to reconsider the path ahead."
Edward Snowden, The Dark Prophet
TIME, 5 December 2013

"Whistleblowers and journalists in Japan could soon find themselves facing long spells in prison for divulging and reporting state secrets, possibly including sensitive information about the Fukushima nuclear disaster and the country's souring relations with China. Under a special state secrets bill expected to pass on Friday, public officials and private citizens who leak 'special state secrets' face prison terms of up to 10 years, while journalists who seek to obtain the classified information could get up to five years. Critics of the new law say it marks a return to the days of prewar and wartime Japanese militarism, when the state used the Peace Preservation Act to arrest and imprison political opponents. 'It is a threat to democracy,' said Keiichi Kiriyama, an editorial writer for the Tokyo Shimbun newspaper, adding that the legislation would 'have a chilling effect on public servants, who could become wary about giving the information' to journalists. In the aftermath of the Edward Snowden leaks, Japan has come under pressure from Washington to better protect state secrets – including intelligence shared by the US – at a time of rising regional tensions. Japan's prime minister, Shinzo Abe, says the law is crucial if his US-style national security council, approved this week, is to function properly.... Abe, who does not have to fight an election for another three years, is expected to push ahead with his nationalist agenda, including constitutional reforms that would end the military's purely defensive role. The secrecy bill's hasty passage through the lower house has been marked by noisy public demonstrations and opposition from journalists, lawyers, politicians, academics and scientists, as well as film directors and manga artists concerned about freedom of expression."
Japan whistleblowers face crackdown under proposed state secrets law
Guardian, 5 December 2013

"In a 2012 speech, NSA director Alexander said, 'We don’t hold data on U.S. citizens,' a statement he apparently justified with an unusual definition of the word hold. Months later, National Intelligence Director James Clapper told Congress in an open session that the NSA did not 'collect' any type of data on millions of Americans. After the Snowden documents were leaked, Clapper apologized for his 'clearly erroneous' answer, saying he was only giving the 'least untruthful' response possible in an unclassified setting. 'When someone says ‘collection’ to me, that has a specific meaning, which may have a different meaning to him,' Clapper said."
Edward Snowden, The Dark Prophet
TIME, 5 December 2013

"The most striking numbers show a generation gap in the way people think about Snowden. Just 35% of Americans ages 18 to 30 say Snowden should be charged with a crime, compared with 57% of those 30 and older, according to a November poll by the Washington Post and ABC News. And 56% of young adults say he did the 'right thing,' compared with 32% of their elders. Younger people, who are moving away from Facebook and embracing technologies like Snapchat, which destroys messages after a few seconds, have also been shown to spend far more time than their elders tightening privacy settings on phones and apps. 'Snowden is an effect, not a cause,' says General Michael Hayden, a recently retired director of both the NSA and CIA. 'This new generation has a different take on where the appropriate line is.' The shifts could have far greater implications than just what apps people choose for their smartphones. Historically, the Fourth Amendment of the Constitution, which offers no protections for noncitizens outside the country, has been the source of privacy protections under U.S. law. But the rhetoric now coming from European governments and even senior officials of the Obama Administration points to broader, as yet undefined rights, which several countries are now seeking to codify in international law at the U.N. 'We must use the unprecedented power that technology affords us responsibly, while respecting the values of privacy, government transparency and accountability that all people share,' said National Security Adviser Susan Rice in a December speech.... It is an odd corollary to this new era of mass surveillance: the same technologies that give states vast new powers increase the ability of individuals on the inside to resist. Those dynamics are fixed, a code that underpins the world we now inhabit. That is what Snowden ultimately realized and exploited, a matter of simple physics. His example is the most consequential and dramatic, but it is unlikely to be the last."
Edward Snowden, The Dark Prophet
TIME, 5 December 2013

"The U.S. government has a huge image problem worldwide as it promotes Internet freedom on one hand and conducts mass surveillance on the other, potentially creating major problems for U.S. technology companies, a former official with President Barack Obama's administration said Thursday. Many U.S. policy makers don't recognize the level of distrust created by recent revelations about U.S. National Security Agency surveillance, and that lack of trust will drive other countries away from U.S. technology firms, said Andrew McLaughlin, former White House deputy CTO. 'We, as an advocate for freedom of speech and privacy worldwide, are much, much, much more screwed than we generally think in Washington, and ... American industry and our Internet sector is more much, much, much more screwed than we think internationally,' McLaughlin said during a speech at a Human Rights First summit in Washington, D.C. Many overseas critics of the U.S. see the Obama administration's push for Internet freedom as 'profoundly hypocritical' in the face of the NSA surveillance revelations and a continued push by U.S. trade officials to have U.S. trading partners filter the Internet to protect against copyright violations, said McLaughlin, now president of Digg, the online news aggregation service. The NSA surveillance has led to an intense 'level of anger and the degree of betrayal' in many countries that U.S. policy makers don't seem to fully appreciate, he said. And many countries have begun to explore other options beyond U.S. technology companies because of the surveillance revelations, he added. There's now a perception outside the U.S. that the country's technology companies 'are willing instruments of violation of civil rights and civil liberties,' McLaughlin said. 'We have essentially nationalized what were previously seen as stateless Internet entities.' Many countries will move to use domestic technology companies and require citizen data to stay within their borders, he said. 'If you're an American company that sells cloud services, I think you've probably sold your last contract to a foreign government,' he said."
US faces major Internet image problem, former gov't official says
Computerworld, 5 December 2013

"Almost five billion records revealing the location of mobile phones around the world are collected by the US National Security Agency every day. Data collected by the NSA provides the US with the ability to pinpoint hundreds of millions of phones and their users daily, it was reported. Moreover, the records allow US intelligence agents to establish not just the movements of individuals but to monitor who else they communicate with. The scale of the monitoring project was revealed by officials speaking to the Washington Post, combined with documents made public by Edward Snowden, who worked for the National Security Agency before he leaked the secret files. 'We are getting vast volumes,' an unnamed official told the newspaper, by tapping into cables that connect mobile networks. Chris Soghoian, principal technologist at the American Civil Liberties Union, said the data enables US intelligence to find the location of suspects even if their communications are encrypted. 'One of the key components of location data, and why it’s so sensitive, is that the laws of physics don’t let you keep it private,' he said. 'The only way to hide your location is to disconnect from our modern communication system and live in a cave.' The NSA uses powerful analytical tools known as CO-TRAVELER to trawl through the data to identify who their suspects are talking to and to study their patterns of movement. So much data has been collected, it is believed, that the NSA is storing the equivalent of more than twice the quantity of text being held by the Library of Congress’s print collection."
NSA collects data revealing location of five billion mobile phones every day
Independent, 5 December 2013

"The nation’s libraries are backing legislation that would curb the powers of the National Security Agency. Revelations about NSA surveillance have created a 'climate of concern' for libraries, which are seeking to defend the freedom to read and research away from the government’s prying eyes. 'You need to have some freedom to learn about what you think is important without worrying about whether it ends up in some FBI file,' said Alan Inouye, director of the Office for Information Technology Policy at the American Library Association (ALA). Government snooping of libraries has a long history. Under the Patriot Act, for example, the FBI has the power to compel libraries to hand over user data. But the activities of the NSA seem to go far beyond traditional police work, reflecting an 'almost ravenous hunger' for collecting information, according to Lynne Bradley, director of the ALA’s Office of Government Relations. Documents leaked by former NSA contractor Edward Snowden show the NSA has been collecting vast troves of 'metadata' on Internet activity and phone calls that shows when communications were made, who was involved and how long it lasted. That’s especially troubling to the ALA, as 'libraries are all about metadata,' Inouye said. The records that libraries keep — when a user logs on to a library computer, what websites they visit, when books are borrowed and returned — seem to fit the mold of what the NSA is seeking. 'We’re talking about the information patterns of people. If that’s not personal, I don’t know what is,' Inouye said. While no libraries are known to have received NSA requests, that doesn’t mean they haven’t been tapped for data. Just like Internet companies, libraries are prohibited from revealing NSA requests. The ALA is concerned that local libraries are being forced to keep quiet about government snooping."
Libraries fear 'ravenous' NSA
The Hill (Technology Blog), 4 December 2013

"The National Security Agency is gathering nearly 5 billion records a day on the whereabouts of cellphones around the world, according to top-secret documents and interviews with U.S. intelligence officials, enabling the agency to track the movements of individuals — and map their relationships — in ways that would have been previously unimaginable. The records feed a vast database that stores information about the locations of at least hundreds of millions of devices, according to the officials and the documents, which were provided by former NSA contractor Edward Snowden. New projects created to analyze that data have provided the intelligence community with what amounts to a mass surveillance tool. The NSA does not target Americans’ location data by design, but the agency acquires a substantial amount of information on the whereabouts of domestic cellphones 'incidentally,' a legal term that connotes a foreseeable but not deliberate result. One senior collection manager, speaking on the condition of anonymity but with permission from the NSA, said 'we are getting vast volumes' of location data from around the world by tapping into the cables that connect mobile networks globally and that serve U.S. cellphones as well as foreign ones. Additionally, data are often collected from the tens of millions of Americans who travel abroad with their cellphones every year. In scale, scope and potential impact on privacy, the efforts to collect and analyze location data may be unsurpassed among the NSA surveillance programs that have been disclosed since June. Analysts can find cellphones anywhere in the world, retrace their movements and expose hidden relationships among the people using them. U.S. officials said the programs that collect and analyze location data are lawful and intended strictly to develop intelligence about foreign targets. Robert Litt, general counsel for the Office of the Director of National Intelligence, which oversees the NSA, said 'there is no element of the intelligence community that under any authority is intentionally collecting bulk cellphone location information about cellphones in the United States.' The NSA has no reason to suspect that the movements of the overwhelming majority of cellphone users would be relevant to national security. Rather, it collects locations in bulk because its most powerful analytic tools — known collectively as CO-TRAVELER — allow it to look for unknown associates of known intelligence targets by tracking people whose movements intersect. Still, location data, especially when aggregated over time, are widely regarded among privacy advocates as uniquely sensitive. Sophisticated mathematical techniques enable NSA analysts to map cellphone owners’ relationships by correlating their patterns of movement over time with thousands or millions of other phone users who cross their paths. Cellphones broadcast their locations even when they are not being used to place a call or send a text message. CO-TRAVELER and related tools require the methodical collection and storage of location data on what amounts to a planetary scale. The government is tracking people from afar into confidential business meetings or personal visits to medical facilities, hotel rooms, private homes and other traditionally protected spaces. 'One of the key components of location data, and why it’s so sensitive, is that the laws of physics don’t let you keep it private,' said Chris Soghoian, principal technologist at the American Civil Liberties Union. People who value their privacy can encrypt their e-mails and disguise their online identities, but 'the only way to hide your location is to disconnect from our modern communication system and live in a cave.' The NSA cannot know in advance which tiny fraction of 1 percent of the records it may need, so it collects and keeps as many as it can — 27 terabytes, by one account, or more than double the text content of the Library of Congress’s print collection. The location programs have brought in such volumes of information, according to a May 2012 internal NSA briefing, that they are 'outpacing our ability to ingest, process and store' data. In the ensuing year and a half, the NSA has been transitioning to a processing system that provided it with greater capacity. The possibility that the intelligence community has been collecting location data, particularly of Americans, has long concerned privacy advocates and some lawmakers. Three Democratic senators — Ron Wyden (Ore.), Mark Udall (Colo.) and Barbara A. Mikulski (Md.) — have introduced an amendment to the 2014 defense spending bill that would require U.S. intelligence agencies to say whether they have ever collected or made plans to collect location data for 'a large number of United States persons with no known connection to suspicious activity.' NSA Director Keith B. Alexander disclosed in Senate testimony in October that the NSA had run a pilot project in 2010 and 2011 to collect 'samples' of U.S. cellphone location data. The data collected were never available for intelligence analysis purposes, and the project was discontinued because it had no 'operational value,' he said. Alexander allowed that a broader collection of such data 'may be something that is a future requirement for the country, but it is not right now.' The number of Americans whose locations are tracked as part of the NSA’s collection of data overseas is impossible to determine from the Snowden documents alone, and senior intelligence officials declined to offer an estimate. 'It’s awkward for us to try to provide any specific numbers,' one intelligence official said in a telephone interview. An NSA spokeswoman who took part in the call cut in to say the agency has no way to calculate such a figure. An intelligence lawyer, speaking with his agency’s permission, said location data are obtained by methods 'tuned to be looking outside the United States,' a formulation he repeated three times. When U.S. cellphone data are collected, he said, the data are not covered by the Fourth Amendment, which protects Americans against unreasonable searches and seizures. According to top-secret briefing slides, the NSA pulls in location data around the world from 10 major 'sigads,' or signals intelligence activity designators. A sigad known as STORMBREW, for example, relies on two unnamed corporate partners described only as ARTIFICE and WOLFPOINT. According to an NSA site inventory, the companies administer the NSA’s 'physical systems,' or interception equipment, and 'NSA asks nicely for tasking/updates.' STORMBREW collects data from 27 telephone links known as OPC/DPC pairs, which refer to originating and destination points and which typically transfer traffic from one provider’s internal network to another’s. That data include cell tower identifiers, which can be used to locate a phone’s location. The agency’s access to carriers’ networks appears to be vast. ..... The NSA’s capabilities to track location are staggering, based on the Snowden documents, and indicate that the agency is able to render most efforts at communications security effectively futile. Like encryption and anonymity tools online, which are used by dissidents, journalists and terrorists alike, security-minded behavior — using disposable cellphones and switching them on only long enough to make brief calls — marks a user for special scrutiny. CO-TRAVELER takes note, for example, when a new telephone connects to a cell tower soon after another nearby device is used for the last time. Side-by-side security efforts — when nearby devices power off and on together over time — 'assist in determining whether co-travelers are associated ... through behaviorally relevant relationships,' according to the 24-page white paper, which was developed by the NSA in partnership with the National Geospatial-Intelligence Agency, the Australian Signals Directorate and private contractors. A central feature of each of these tools is that they do not rely on knowing a particular target in advance, or even suspecting one. They operate on the full universe of data in the NSA’s FASCIA repository, which stores trillions of metadata records, of which a large but unknown fraction include locations. The most basic analytic tools map the date, time, and location of cellphones to look for patterns or significant moments of overlap. Other tools compute speed and trajectory for large numbers of mobile devices, overlaying the electronic data on transportation maps to compute the likely travel time and determine which devices might have intersected."
NSA tracking cellphone locations worldwide, Snowden documents show
Washington Post, 4 December 2013

"Information about ordinary Australian citizens has been offered to Australia's global spying partners, according to the latest reports of leaked intelligence from US whistleblower Edward Snowden. In revelations that will add pressure to the Abbott government, which is still reeling from the Indonesian spying leak, The Guardian is reporting that Australia's surveillance agency has indicated it would share 'bulk' data with its '5-eyes' partners – an intelligence-sharing network comprising the US, Britain, Canada, New Zealand and Australia. 'The document shows the partners discussing whether or not to share 'medical, legal or religious information',' the report states. The latest spying revelations are based on a secret 2008 document obtained by Mr Snowden, a former contractor who had access to high-level US government intelligence. Mr Snowden's document reveals notes of what was discussed at a '5-eyes' conference hosted by Britain's GCHQ in Cheltenham on April 22-23, 2008. According to the report, Australia's intelligence agency, then known as the Defence Signals Directorate, told its global intelligence partners it could share 'bulk, unselected, unminimised metadata as long as there is no intent to target an Australian national'. 'Unintentional collection is not viewed as a significant issues,' notes from the conference say. Metadata is the basic information people generate when using technology, but not the content. Metadata stored about a phone call could include the parties to the call, location, duration and time of the call, but not what was said. Metadata stored about an internet activity could include URLs visited and the time at which they were visited, while email metadata might include addresses and the subject. The partners also agreed that medical, legal or religious would not be automatically excluded from the sharing arrangement, but would instead be considered by the owning agency ‘'on a case-by-case basis’. The Australian intelligence agency was reportedly willing to reveal more about its country's citizens, with fewer privacy restraints, than other countries. According to The Guardian’s report, the documents reveal that Canada imposed more rigorous privacy restrictions than Australia, agreeing to share information on the condition that information about its citizens first be redacted."
Fresh spy leak shows Australia offered to share data on its citizens
Sydney Morning Herald, 2 December 2013

"Australia's surveillance agency offered to share information collected about ordinary Australian citizens with its major intelligence partners, according to a secret 2008 document leaked by the US whistleblower Edward Snowden. The document shows the partners discussing whether or not to share 'medical, legal or religious information', and increases concern that the agency could be operating outside its legal mandate, according to the human rights lawyer Geoffrey Robertson QC. The Australian intelligence agency, then known as the Defence Signals Directorate (DSD), indicated it could share bulk material without some of the privacy restraints imposed by other countries, such as Canada. 'DSD can share bulk, unselected, unminimised metadata as long as there is no intent to target an Australian national,' notes from an intelligence conference say. 'Unintentional collection is not viewed as a significant issue.' The agency acknowledged that more substantial interrogation of the material would, however, require a warrant. Metadata is the information we all generate whenever we use technology, from the date and time of a phone call to the location from which an email is sent. 'Bulk, unselected, unminimised metadata' means that this data is in its raw state, and nothing has been deleted or redacted in order to protect the privacy of ordinary citizens who might have been caught in the dragnet. Metadata can present a very complete picture of someone's life. The working document, marked secret, sheds new light on the extent to which intelligence agencies at that time were considering sharing information with foreign surveillance partners, and it provides further confirmation that, to some extent at least, there is warrantless surveillance of Australians' personal metadata..... Geoffrey Robertson, writing in the Guardian today, says if what was described in the memo took place, this would be a breach of sections eight and 12 of the Intelligence Services Act 2001. The act sets a strict requirement that ministerial authorisation is required if the data of an Australian citizen is involved, and indicates that the citizen must be a 'person of interest', such as someone involved in terrorism or organised crime. The Cheltenham gathering, which appears to have been convened to consider the issues around the burgeoning collection of metadata and to reach common positions, resolved to avoid pre-emptive efforts to categorise various materials and 'simply focus on what is shareable in bulk'."
Revealed: Australian spy agency offered to share data about ordinary citizens
Guardian, 2 December 2013

"Living in self-imposed exile in Russia, former National Security Agency contractor Edward Snowden may be safely beyond the reach of Western powers. But dismayed by the continued airing of transatlantic intelligence, British authorities are taking full aim at a messenger shedding light on his secret files here — the small but mighty Guardian newspaper. The pressures coming to bear on the Guardian, observers say, are testing the limits of press freedoms in one of the world’s most open societies. Although Britain is famously home to a fierce pack of news media outlets — including the tabloid hounds of old Fleet Street — it also has no enshrined constitutional right to free speech. The Guardian, in fact, has slipped into the single largest crack in the free speech laws that are on the books here — the dissemination of state secrets protecting queen and country in the British homeland. A feisty, London-based news outlet with a print circulation just shy of 200,000 — albeit with a far bigger footprint online with readers in the many millions — the Guardian, along with The Washington Post, was the first to publish reports based on classified data spirited out of the United States by Snowden. In the months since, the Guardian has continued to make officials here exceedingly nervous by exposing the joint operations of U.S. and British intelligence — particularly their cooperation in data collection and snooping programs involving British citizens and close allies on the European continent. In response, the Guardian is being called to account by British authorities for jeopardizing national security. The Guardian’s top editor, Alan Rusbridger, is being forced to appear before a parliamentary committee Tuesday to explain the news outlet’s actions. The move comes after British officials ordered the destruction of hard drives at the Guardian’s London headquarters, even as top ministers have taken to the airwaves to denounce the newspaper. Scotland Yard has also suggested it may be investigating the paper for possible breaches of British law. The government treatment of the Guardian is highlighting the very different way Britons tend to view free speech, a liberty that here is seen through the prism of the public good and privacy laws as much as the right to open expression. Nevertheless, the actions against the paper have led to growing concern in Britain and beyond. Frank La Rue, the U.N. special rapporteur on free expression, has denounced the Guardian’s treatment as 'unacceptable in a democratic society.' The World Association of Newspapers and News Publishers, a Paris-based trade association, will send a delegation of 'concerned' publishers and editors from five continents to London in January on a 'U.K. press freedom mission.' 'The kind of threats and intimidation being experienced by the Guardian, especially compared to the different responses in the United States and Germany, is something that we should all be very worried about,' said Jo Glanville, director of English PEN, a London-based freedom of expression group. The Guardian is among the global news outlets thoroughly studying the Snowden files and publishing key parts, a club that in addition to The Post has expanded to include the New York Times and Germany’s Der Spiegel, among others.... The Post does not show stories to U.S. officials in advance of publication, nor does it routinely agree to official requests. But language in some articles has occasionally been modified when officials cited very specific risks to certain intelligence operations and individuals, according to the paper’s executive editor, Martin Baron. A spokeswoman for the New York Times pointed to statements by executive editor Jill Abramson in which she said the paper had turned down at least one request by U.S. officials to withhold a story. Although legal experts say the First Amendment offers stronger protection for the news media in the United States than their counterparts enjoy in Britain, U.S. authorities still have tools at their disposal to limit the disclosure of classified data. Those tools include the 1917 Espionage Act, which federal prosecutors have used to charge Snowden. Nevertheless, U.S. officials have thus far stopped short of the more aggressive tactics being deployed against the Guardian in Britain. The German government has also taken a relatively hands-off approach. 'At Der Spiegel we have not encountered anything similar,' managing editor Klaus Brinkbäumer said in an e-mail. 'There is no serious pressure.' In contrast, Rusbridger must explain to the parliamentary committee the paper’s dissemination and handling of the Snowden data. The move came after Prime Minister David Cameron, speaking on the floor of Parliament in October, offered comments that seemed to open the door for the editor’s public grilling. Scotland Yard, meanwhile, has suggested that it might be investigating the Guardian in connection with the authorities’ continuing probe of David Miranda, the partner of Brazil-based freelance journalist Glenn Greenwald, who formerly worked with the Guardian on its Snowden stories. In August, British authorities arrested Miranda at Heathrow Airport while he was on an information-gathering trip funded by the Guardian. British officials interrogated Miranda for nine hours before confiscating his laptop, cellphone, USB memory sticks and video-game consoles. Miranda was released after being questioned, but the confiscated items remain in official custody. After Miranda’s arrest, Rusbridger disclosed that more-direct pressure had been brought to bear on the paper from the top levels of the British government. In June, he said he was contacted by a senior official in the first of several communications aimed at pressuring the Guardian to destroy hard drives storing data from Snowden that were being kept at the paper’s London headquarters. Ultimately, Rusbridger said, he agreed to the government’s request for two reasons. First, because copies of the data were already being safely kept outside Britain, and secondly, because government officials had implied that they would take far more drastic action against the paper if he did not comply. 'Some of this behavior is clearly designed to be intimidatory and/or chilling,' Rusbridger said in an e-mail. 'Most of it would be unimaginable in America or parts of Europe. So, yes, I think there are disturbing implications for press freedom in the U.K.'"
Britain targets Guardian newspaper over intelligence leaks related to Edward Snowden
Washington Post, 30 November 2013

"Governments wade into treacherous waters when they compile lists of people who might cause their countries harm. As fears about Japanese-Americans and Communists have demonstrated in the past, predictions about individual behavior are often inaccurate, the motivations for list-making aren’t always noble and concerns about threats are frequently overblown. So it might seem that current efforts to identify and track potential terrorists would be approached with caution. Yet the federal government’s main terrorist watch list has grown to at least 700,000 people, with little scrutiny over how the determinations are made or the impact on those marked with the terrorist label. What’s more, the government refuses to confirm or deny whether someone is on the list, officially called the Terrorist Screening Database, or divulge the criteria used to make the decisions — other than to say the database includes 'individuals known or suspected to be or have been engaged in conduct constituting, in preparation for, in aid of, or related to terrorism and terrorist activities.' Even less is known about the secondary watch lists that are derived from the main one, including the no-fly list (used to prevent people from boarding aircraft), the selectee and expanded selectee lists (used to flag travelers for extra screening at airport checkpoints), the TECS database (used to vet people entering or leaving the United States), the Consular Lookout and Support System (used to screen visa applications) and the known or suspected terrorists list (used by law enforcement in routine police encounters). For people who have landed on these lists, the terrorist designation has been difficult to challenge legally — although that may be about to change. On Monday, a lawsuit brought by a traveler seeking removal of her name from the no-fly list, or at least due process to challenge that list, is going to trial in Federal District Court in San Francisco, after almost eight years of legal wrangling."
Who Is Watching the Watch Lists?
New York Times, 30 November 2013

"A stunning new report compiles extensive evidence showing how some of the world's largest corporations have partnered with private intelligence firms and government intelligence agencies to spy on activist and nonprofit groups. Environmental activism is a prominent though not exclusive focus of these activities. The report by the Center for Corporate Policy (CCP) in Washington DC titled Spooky Business: Corporate Espionage against Nonprofit Organizations draws on a wide range of public record evidence, including lawsuits and journalistic investigations. It paints a disturbing picture of a global corporate espionage programme that is out of control, with possibly as much as one in four activists being private spies. The report argues that a key precondition for corporate espionage is that the nonprofit in question: '... impairs or at least threatens a company's assets or image sufficiently.' One of the groups that has been targeted the most, and by a range of different corporations, is Greenpeace. In the 1990s, Greenpeace was tracked by private security firm Beckett Brown International (BBI) on behalf of the world's largest chlorine producer, Dow Chemical, due to the environmental organisation's campaigning against the use of chlorine to manufacture paper and plastics. The spying included: '... pilfering documents from trash bins, attempting to plant undercover operatives within groups, casing offices, collecting phone records of activists, and penetrating confidential meetings.'... Oil companies Shell and BP had also reportedly hired Hackluyt, a private investigative firm with 'close links' to MI6, to infiltrate Greenpeace by planting an agent who 'posed as a left -wing sympathiser and film maker.' His mission was to 'betray plans of Greenpeace's activities against oil giants,' including gathering 'information about the movements of the motor vessel Greenpeace in the north Atlantic.' The CCP report notes that: 'A diverse array of nonprofits have been targeted by espionage, including environmental, anti-war, public interest, consumer, food safety, pesticide reform, nursing home reform, gun control, social justice, animal rights and arms control groups. Many of the world's largest corporations and their trade associations - including the US Chamber of Commerce, Walmart, Monsanto, Bank of America, Dow Chemical, Kraft, Coca-Cola, Chevron, Burger King, McDonald's, Shell, BP, BAE, Sasol, Brown & Williamson and E.ON - have been linked to espionage or planned espionage against nonprofit organizations, activists and whistleblowers.' ....The report uncovers compelling evidence that much corporate espionage is facilitated by government agencies, particularly the FBI. The CCP report examines a September 2010 document from the Office of the Inspector General in the US Justice Department, which reviewed FBI investigations between 2001 and 2006. It concluded that: '... the factual basis of opening some of the investigations of individuals affiliated with the groups was factually weak... In some cases, we also found that the FBI extended the duration of investigations involving advocacy groups or their members without adequate basis…. In some cases, the FBI classified some of its investigations relating to nonviolent civil disobedience under its 'Acts of Terrorism' classification.' For instance, on an FBI investigation of Greenpeace, the Justice Department found that: '... the FBI articulated little or no basis for suspecting a violation of any federal criminal statute... the FBI's opening EC [electronic communication] did not articulate any basis to suspect that they were planning any federal crimes….We also found that the FBI kept this investigation open for over 3 years, long past the corporate shareholder meetings that the subjects were supposedly planning to disrupt... We concluded that the investigation was kept open 'beyond the point at which its underlying justification no longer existed,' which was inconsistent with the FBI's Manual of Investigative and Operational Guidelines (MIOG).' The FBI's involvement in corporate espionage has been institutionalised through 'InfraGard', 'a little-known partnership between private industry, the FBI and the Department of Homeland Security.' The partnership involves the participation of 'more than 23,000 representatives of private industry,' including 350 of the Fortune 500 companies. But it's not just the FBI. According to the new report, 'active-duty CIA operatives are allowed to sell their expertise to the highest bidder', a policy that gives 'financial firms and hedge funds access to the nation's top-level intelligence talent. Little is known about the CIA's moonlighting policy, or which corporations have hired current CIA operatives.' The report concludes that, due to an extreme lack of oversight, government effectively tends to simply 'rubber stamp' such intelligence outsourcing: 'In effect, corporations are now able to replicate in miniature the services of a private CIA, employing active-duty and retired officers from intelligence and/or law enforcement. Lawlessness committed by this private intelligence and law enforcement capacity, which appears to enjoy near impunity, is a threat to democracy and the rule of law. In essence, corporations are now able to hire a private law enforcement capacity - which is barely constrained by legal and ethical norms - and use it to subvert or destroy civic groups. This greatly erodes the capacity of the civic sector to countervail the tremendous power of corporate and wealthy elites.' Gary Ruskin, author of the report, said: 'Corporate espionage against nonprofit organizations is an egregious abuse of corporate power that is subverting democracy. Who will rein in the forces of corporate lawlessness as they bear down upon nonprofit defenders of justice?'"
The war on democracy
EarthInsight (Guardian), 28 November 2013

"In an attempt to discover what the NSA can learn about people from the data it harvests from telecommunications companies, researchers at Stanford have set out to compile their own massive database of call and text logs—and they want you to help. The MetaPhone project asks volunteers to install an Android app that sends the researchers copies of a device’s call logs and basic data from a person’s Facebook account. The researchers say that a large collection of such data will make it possible to use data-mining techniques to discover which aspects of people’s lives—as recorded in their Facebook data—can be revealed by examining just their calling and texting logs.The NSA was revealed to routinely collect such logs from Verizon in some of the first documents leaked by erstwhile intelligence agency contractor Edward Snowden this year (see 'NSA Surveillance Reflects a Broader Interpretation of the Patriot Act'). Other companies are believed to be under similar obligations.... With details of the NSA’s data-analysis capabilities unknown, Jonathan Mayer, cofounder of the MetaPhone Project, says that a crowdsourced collection of metadata will add valuable hard evidence to the debate. 'Some defenders of the NSA’s bulk collection programs have taken the position that metadata is not revealing,' he says. 'We want to provide empirical evidence on the issue.' Call-log data released by telecommunications companies for research purposes has previously been found to include patterns that reveal cultural trends such as language use. In cases where call logs include a record of location, it is sometimes possible to infer people’s movements (See 'Mobile Call Logs Can Reveal a Lot to the NSA' and 'Mobile Data: A Goldmine for Telcos'). The NSA metadata collection program excludes location information, but Mayer expects to find that many details from people’s lives can be deduced from their call and text patterns. 'Our hypothesis is that phone metadata is packed with meaning.' Preliminary results posted online this morning back up that claim. Using the small amount of data already collected by their app, Mayer and colleagues show that calling and texting patterns can reveal whether a person is in a relationship."
Call-Log App Aims to Reverse-Engineer NSA Surveillance
MIT Technology Review, 28 November 2013

"A radical plan to allow Britons to vote in parliamentary elections using the internet is to be drawn up by the Commons Speaker, John Bercow, as part of a drive to bridge the divide between politicians and the public. Mr Bercow will call in bosses from Facebook, Apple, Twitter, Google and Microsoft to advise him how technology can assist the expansion of 'e-democracy' over the coming years. He will chair the first-ever Speaker’s commission on 'digital democracy', which will examine ways to modernise the system and ensure that Parliament reaches out to the electorate. In a speech on Wednesday night to the Hansard Society, a charity that promotes parliamentary democracy, Mr Bercow said: 'What we are talking about here is nothing less than a Parliament version 2.0.'.... Party officials in Britain reacted cautiously to the idea. One said: 'It may happen one day, but not yet. There would be big questions about security. Our system is one of the least corrupt, but there have been a few problems with postal voting and that highlights the potential danger of moving to online.''
Facebook democracy: the face of things to come?
Independent, 28 November 2013

"Across the country, local law enforcement agencies are using an investigative technique called a tower dump to access data on cell phone towers, even of people who are not related to a specific investigation. The Richland County Sheriff's Department used a tower dump during the investigation into a string of car breakins, where weapons and computers were stolen. They combined the Tower Dump information with DNA evidence and in 2011 arrested Phillip Tate on three counts of 'breaking and entering a motor vehicle' and one count of 'larceny.'.... The dump gave investigators information on every cell phone connected to those towers during the requested time, even if they were not related to the crime. 'So for example if you have a smart phone and you're checking your email, that would cause some communication between your cell phone and one or more cell towers,' said Christopher Sogohian, a principal technologist for the ACLU. He says a connection would also be made if you're texting, tweeting, on Facebook, on SnapChat, or just making a regular phone call. 'The police can then go back to the phone company and ask for identifying information,' Sogohian said. As long as police have a search warrant or court order, cell phone companies will provide the information. 'In recognizing that it's not just the CIA or FBI tracking a terrorist that may have flown over here, this is local law enforcement. As citizens, we sort of have a question: how often is this happening?' said Keith Pounds, president of counterrorism consulting firm Countercon. .... When your cell information ends up in a police database, it could stay there a long time. South Carolina evidence control laws say if a suspect is convicted or pleads guilty, police could keep everything they get from a Tower Dump for up to seven years. 'What we recognize is that could not just be hundreds, but thousands of people,' Pounds said. Law enforcement don't have to tell you if they've got what was on your phone. Currently, there's little legal guidance on how Tower Dumps should be used and what rules law enforcement should follow."
Tower Dumps in SC Could Give Your Cell Data to Police
WLTX, 27 November 2013

"British voters could soon be allowed to cast their general election ballot online under plans being pushed by John Bercow, speaker of the House of Commons. Revealing plans to update democracy in Britain to allow greater participation, Mr Bercow suggested the UK should follow the example set in Estonia, where a quarter of people voted online at the last election. Mr Bercow said: 'For representative democracy to thrive it has to evolve and there has to be a step-change improvement in its responsiveness to the electorate and the country at large.' Politicians have been battling for years to find ways to stop the rapid decline in voter turnout at general elections. More than 80 per cent of people voted at the 1950 general election, but by 2010 that proportion was down to 65 per cent. Online voting has previously been proposed as a way of making it easier for people to vote and so halt that decline, but officials have been concerned about the possibility of fraud. The surge in postal voting at the last election brought about a rise in the number of complaints about fraud, and electoral experts warn the problem could be worse if online voting was allowed."
Bercow outlines plans to allow online voting
Financial Times, 27 November 2013

"Top secret documents retrieved by U.S. whistleblower Edward Snowden show that Prime Minister Stephen Harper's government allowed the largest American spy agency to conduct widespread surveillance in Canada during the 2010 G8 and G20 summits. The documents are being reported exclusively by CBC News. The briefing notes, stamped 'Top Secret,' show the U.S. turned its Ottawa embassy into a security command post during a six-day spying operation by the National Security Agency while U.S. President Barack Obama and 25 other foreign heads of government were on Canadian soil in June of 2010. The covert U.S. operation was no secret to Canadian authorities. An NSA briefing note describes the American agency's operational plans at the Toronto summit meeting and notes they were 'closely co-ordinated with the Canadian partner.' The NSA and its Canadian "partner," the Communications Security Establishment Canada, gather foreign intelligence for their respective governments by covertly intercepting phone calls and hacking into computer systems around the world."
New Snowden docs show U.S. spied during G20 in Toronto
CBC, 27 November 2013

"Microsoft is moving toward a major new effort to encrypt its Internet traffic amid fears that the National Security Agency may have broken into its global communications links, said people familiar with the emerging plans. Suspicions at Microsoft, while building for several months, sharpened in October when it was reported that the NSA was intercepting traffic inside the private networks of Google and Yahoo, two industry rivals with similar global infrastructures, said people with direct knowledge of the company’s deliberations. They said top Microsoft executives are meeting this week to decide what encryption initiatives to deploy and how quickly. Documents obtained from former NSA contractor Edward Snowden suggest — but do not prove — that the company is right to be concerned. Two previously unreleased slides that describe operations against Google and Yahoo include references to Microsoft’s Hotmail and Windows Live Messenger services. A separate NSA e-mail mentions Microsoft Passport, a Web-based service formerly offered by Microsoft, as a possible target of that same surveillance project, called MUSCULAR, which was first disclosed by The Washington Post last month. Though Microsoft officials said they had no independent verification of the NSA targeting the company in this way, general counsel Brad Smith said Tuesday that it would be 'very disturbing' and a possible constitutional breach if true. Microsoft’s move to expand encryption would allow it to join Google, Yahoo, Facebook and other major technology firms in hardening its defenses in response to news reports about once-secret NSA."
Microsoft, suspecting NSA spying, to ramp up efforts to encrypt its Internet traffic
Washington Post, 27 November 2013

"The American spy agency NSA tracked the online s**ual habits of suspected terrorists in a bid to expose them as hypocrites, it emerged yesterday. The latest leak of classified documents by whistleblower Edward Snowden reveals the agency monitored the online movements of people who spread radical views in an attempt to discredit them. It identified six targets, all of whom Muslim, as examples of how electronic surveillance could be used to gather potentially embarrassing information on individuals, such as visits to p**n sites. .... The classified document, which is dated Oct 3, 2012, was distributed by the office of the NSA director to the US department of justice and the department of customs. .... the campaign group Privacy International called it 'frightening'. Its spokesman Mike Rispoli said: 'What is frightening about the NSA’s capabilities are that they collect massive amounts of information on everyone, including your political beliefs, contacts, relationships, and internet histories.' A spokesman for the NSA declined to comment."
NSA 'tracked online sexual habits of suspected terrorists'
Telegraph, 27 November 2013

"According to an article on the Huffington Post, the National Security Agency gathered evidence of Muslim 'radicalizers' who — wait for it — looked at 'sexually explicit material' on the Web. The suggestion was that counter-terrorism agents could use that information to discredit these reprehensible people, who espouse a religion that discourages porn surfing. On one level, this is old news — using embarrassing sexual information against enemies. Spy novels are replete with the fabled 'honey trap' in which a tempting woman is placed in the path of an intelligence target in the hope that he will succumb and be vulnerable to blackmail. The only progress we’ve made in our digital times is that no actual person need be involved anymore, just images on the web........ beyond the absurdity of it all, this is precisely the way that politically directed, clandestine surveillance goes off the rails — by digging into personal behavior. Because all of these operations are conducted in secret, according to secret rules, the public has no way of knowing whether the targets are actually enemies of the state, or just individuals who have fallen out of the state’s favor. In fact, according to The Huffington Post, 'none of the six individuals targeted by the N.S.A. is accused in the document of being involved in terror plots.' J. Edgar Hoover compiled secret dossiers on the sexual peccadillos and private misbehavior of those he labeled as enemies — really dangerous people like Martin Luther King Jr. and President John F. Kennedy, for example. Government officials have repeatedly claimed that the National Security Agency’s collection of metadata is perfectly legal. We should not worry about the N.S.A., according to President Obama, because there are safeguards in place to protect our constitutional rights. Agents would never, ever misuse that information to, say, check on where you’ve been web surfing."
Andrew Rosenthal - The N.S.A. Dips Into P***ography
New York Times (Blog), 27 November 2013

"You are sitting in bed in your pyjamas, drinking a cup of cocoa. A loved one lies next to you, watching late-night television. Pillow talk is exchanged. An alarm clock is set. Eventually the lights are turned out. Earlier, you sat on the living-room sofa eating supper, before loading the dishwasher and heading upstairs. You have, in other words, just enjoyed a perfectly normal night, in a perfectly normal home. The curtains are drawn, the central heating turned up. It’s cosy, relaxing and, above all, completely private. Or so you thought. The truth turns out to be quite the opposite. For on the other side of the world, people you didn’t know existed are keeping a beady eye on your every move. These characters can see what clothes you have been wearing and what food you’ve eaten. They heard every word you said, and logged every TV show you watched. Some are criminals, others work for major corporations. And now they know your most intimate secrets. It may sound like a plot summary for a futuristic science-fiction movie. But real-life versions of this Orwellian scenario are being played out every day in towns and cities across the globe — and in most cases the victims have no idea. At fault is a common electronic device invented nearly a century ago and found in almost every modern household: the domestic television set. Put simply, our TVs have started spying on us. Last week, there was a high-profile case in point. An IT consultant called Jason Huntley, who lives in a village near Hull, uncovered evidence that a flat-screen television, which had been sitting in his living room since the summer, was secretly invading his family’s privacy. He began investigating the £400 LG device after noticing that its home screen appeared to be showing him ‘targeted’ adverts — for cars, and Knorr stock cubes — based on programmes he’d just been watching. Huntley decided to monitor information that the so-called smart TV — which connects to the internet — was sending and receiving. He did this by using his laptop effectively as a bridge between his television and the internet receiver, so the laptop was able to show all the data being sucked out of his set. He soon discovered that details of not just every show he watched but every button he pressed on his remote control were being sent back to LG’s corporate headquarters in South Korea. There, the electronics company appeared to be using its customers’ data to make money. A promotional video shown to commercial clients suggested that data was being used to provide ‘the ad experience you have always dreamed of’. The information Huntley’s TV had sent — without his knowledge — included the contents of his private digital video collection, which he’d watched on the television. This included camcorder footage of family celebrations containing images of his wife and two young children. Most worrying of all, the device continued sending such information to Korea even after Huntley had adjusted the television’s default settings to ‘opt out’ of data sharing. Huntley wrote about the findings on his blog. After his case was picked up by mainstream news outlets, LG announced an investigation. ‘Customer privacy is a top priority,’ the firm said. ‘We are looking into reports that certain viewing information on LG smart TVs was shared without consent.’ LG has also removed its promotional video about targeted advertising from its website. The Information Commissioner’s Office says it is now investigating the firm for a ‘possible breach’ of the Data Protection Act..... Talk to any IT security expert and they will tell you that Huntley’s discovery is probably the tip of the iceberg. What’s to blame is the continuing rise of smart televisions, which account for most new TV sets sold and are predicted to be in more than half of British homes by 2016. These high-tech devices differ from traditional televisions in that they are not just passive boxes that receive a signal and transfer it to a backlit screen. Instead, they are essentially computers that connect to the internet — and so also send information back the other way. In theory, this can be extremely useful. For example, many smart TVs have shopping ‘apps’ to access Amazon. They connect to iTunes. They allow us to watch YouTube, instantly download films via Netflix, stream BBC shows on iPlayer, and talk to friends using the video phone link Skype. But in practice, like almost every type of computer, they can be all-too-easily hacked. And unlike PCs, almost all of which have fairly good anti-virus ‘firewalls’, smart TVs have little or no such software. Indeed, most have been designed so that outside software — including anti-virus programmes — can never be installed. This year, Luigi Auriemma, an IT security researcher and computer programmer from Malta, demonstrated the risks that these devices pose when he showed it was possible to hack into several types of Samsung smart television....After accessing the devices via the internet, Auriemma was able to control them: turning the TVs off and on, and secretly accessing data they held about a user’s viewing habits. Had he been a criminal, he could also have obtained details of the credit cards that users had uploaded to access pay-per-view TV, download films or use shopping apps. Other experts recently made the chilling discovery that it is possible to remotely access the video cameras built into the front of thousands of smart televisions, and spy on the users in their own home. One such expert is Kurt Stammberger, who works for the IT security firm Mocana. He says the company was recently asked by a television manufacturer to do ‘penetration tests’ on its devices. ‘We weren’t just able to find out what someone was watching, and had watched,’ he says. ‘We could also install 'spyware' that could, if they had a video camera, allow us to see through that camera — without even activating the little light that indicates it’s on. ‘It was a fairly straightforward thing to do. People who work in IT often place tape over their computer’s camera lens [in a laptop they are usually set into the inside of the lid] unless they want to actually use it, because it’s so common to hack them. We should all do the same with smart TVs.’"
Is your TV spying on YOU?
Mail, 26 November 2013

"As the global public reels from yet another Snowden revelation – this time, that the US and UK intelligence forces have hacked into and planted spyware on more than 50,000 computer networks worldwide – the hypocrisy of the US and British governments is brought into sharp relief. Less than four years ago Hillary Clinton, chastising China, declared that 'countries or individuals that engage in cyber attacks should face consequences and international condemnation. In an interconnected world, an attack on one nation's networks can be an attack on all.' Given what we now know to be the 'Five Eyes' complete stranglehold on the world's internet infrastructure, how can we possibly reconcile repeated American appeals to internet freedom and condemnation of Chinese internet monitoring with US-sponsored network hacking? Intelligence agencies and the governments that operate them have been revealed to be not merely secretive, but also hypocritical, and dismissive of any legitimate public concerns. It is time to bring these practices, and the covert agreements that underpin them, into the light. For more than 60 years, the secret patchwork of spying arrangements and intelligence-sharing agreements that makes up the Five Eyes alliance has remained obfuscated by the states that it benefits – Australia, the US, Canada, New Zealand and the UK. Save for one critically important release of declassified documents in 2010, the Five Eyes states have spent almost 70 years concealing from their citizens the scope and extent of their global surveillance ambitions – eroding the public's ability to communicate privately and securely without examination or question. That's why today, Privacy International has written to the governments of the Five Eyes states demanding the publication of the treaties and agreements that underpin the alliance. At the same time, a group of civil society actors are launching a Campaign to End Mass Surveillance, enlisting citizens from around the world to urgently call on their governments to put down this mysterious arrangement. While these arrangements have been in existence for decades, the alliance is now coming out of the shadows to block UN resolutions condemning the mass surveillance that has been revealed over the summer. Despite the fact that the Five Eyes comprises democratic governments, the rules that govern the arrangement – rules that have allowed the infiltration of every aspect of the modern global communications systems – are entirely hidden from the public. Providing for a complex division of roles, responsibilities and lines of authority, and the establishment of jointly run operations centres, the Five Eyes arrangement creates a signals intelligence architecture vaster than Nato. And while its actions implicate the private communications of every connected individual across the globe, the arrangement was executed and operates clandestinely, hidden from the scrutiny of public oversight mechanisms and – until recently – the public.... A fundamental principle of a democratic society is that people should know the laws and rules that govern the society in which they live. We cannot allow the Five Eyes to continue to operate shrouded in vague justifications of promoting security and defending against terrorism. There is an urgent need to unmask this two-faced, five-eyed monster and subject it to the rigours of modern democratic criticism and scrutiny. The Five Eyes must be held to a new legal framework that respects the rights of all individuals, not just the citizens that live within a respective government's borders. Without acting swiftly, the five-eyed monster will continue to grow in ambition, size, and scale, swallowing up everything in its path until we have no privacy left."
Snowden spyware revelations: we need to unmask the five-eyed monster
Guardian, Comment Is Free, 26 November 2013

"The usefulness of the bulk collection program has been greatly exaggerated. We have yet to see any proof that it provides real, unique value in protecting national security. In spite of our repeated requests, the N.S.A. has not provided evidence of any instance when the agency used this program to review phone records that could not have been obtained using a regular court order or emergency authorization. Despite this, the surveillance reform bill recently ratified by the Senate Intelligence Committee would explicitly permit the government to engage in dragnet collection as long as there were rules about when officials could look at these phone records. It would also give intelligence agencies wide latitude to conduct warrantless searches for Americans’ phone calls and emails. This is not the true reform that poll after poll has shown the American people want. It is preserving business as usual. When the Bill of Rights was adopted, it established that Americans’ papers and effects should be seized only when there was specific evidence of suspicious activity. It did not permit government agencies to issue general warrants as long as records seized were reviewed with the permission of senior officials. Congress has a crucial opportunity to reassert constitutionally guaranteed liberties by reforming the N.S.A.’s overbroad collection of Americans’ personal data. But the Intelligence Committee bill squanders this chance. It would enable some of the most constitutionally questionable surveillance activities now exposed to the public eye. The Senate should be reining in these programs, not giving them a stamp of approval. As members of the Intelligence Committee, we strongly disagree with this approach. We had already proposed our own, bipartisan surveillance reform legislation, the Intelligence Oversight and Surveillance Reform Act, which we have sponsored with a number of other senators. Our bill would prohibit the government from conducting warrantless 'backdoor searches' of Americans’ communications — including emails, text messages and Internet use — under Section 702 of the Foreign Intelligence Surveillance Act. It would also create a 'constitutional advocate' to present an opposing view when the F.I.S.C. is considering major questions of law or constitutional interpretation. Rather than adopt our legislation, the Intelligence Committee chose to codify excessively broad domestic surveillance authorities. Rather than adopt our legislation, the Intelligence Committee chose to codify excessively broad domestic surveillance authorities."
Senators Udall and Heinrich - End the N.S.A. Dragnet, Now
New York Times, 25 November 2013

"Privacy may not be the only casualty of the National Security Agency’s massive surveillance program. Major sectors of the US economy are reporting financial damage as the recent revelations shake consumer confidence and US trade partners distance themselves from companies that may have been compromised by the NSA or, worse, are secretly collaborating with the spy agency. Member of Congress, especially those who champion America’s competitiveness in the global marketplace, should take note and rein in the NSA now if they want to stem the damage. The Wall Street Journal recently reported that AT&T’s desired acquisition of the European company Vodafone is in danger due to the company’s well-documented involvement in the NSA’s data-collection programs. European officials said the telecommunications giant would face 'intense scrutiny' in its bid to purchase a major cell phone carrier. The Journal went on to say: 'Resistance to such a deal, voiced by officials in interviews across Europe, suggests the impact of the NSA affair could extend beyond the diplomatic sphere and damage US economic interests in key markets.' In September, analysts at Cisco Systems reported that the fallout 'reached another level,' when the National Institute of Standards and Technology (NIST) told companies not to use cryptographic standards that may have been undermined by the NSA’s BULLRUN program. The Cisco analysts said that if cryptography was compromised 'it would be a critical blow to trust required across the Internet and the security community.' This forecast was proven true in mid-November, when Cisco reported a 12 percent slump in its sales in the developing world due to the NSA revelations. As the Financial Times reported, new orders fell by 25 percent in Brazil and 30 percent in Russia and Cisco predicts its overall sales could drop by as much 10 percent this quarter. Cisco executives were quoted saying the NSA’s activities have created 'a level of uncertainty or concern' that will have a deleterious impact on a wide-range of tech companies. ... This summer, European Parliament’s civil liberties committee was presented with a proposal to require every American website to place surveillance notices to EU citizens in order to force the US government to reverse course: 'The users should be made aware that the data may be subject to surveillance (under FISA 702) by the US government for any purpose which furthers US foreign policy. A consent requirement will raise EU citizen awareness and favour growth of services solely within EU jurisdiction. This will thus have economic impact on US business and increase pressure on the US government to reach a settlement.' [emphasis ours] Meanwhile, Telenor, Norway’s largest telecom provider has reportedly halted its plans to move its customers to a US-based cloud provider. Brazil seems to be moving ahead to create its own email service and require US companies locate an office there if they wish to do business with Brazilian customers. Laws like this mean that companies like Google 'could be barred from doing business in one of the world’s most significant markets,' according to Google’s director for law enforcement and information security at Google, Richard Selgado. Google has been warning of this as far back as July, when in FISA court documents it argued that the continued secrecy surrounding government surveillance demands would harm its business. Many commentators have been warning about the economic ramifications for months."
How NSA Mass Surveillance is Hurting the US Economy
EFF, 25 November 2013

"Your phone knows everything about you -- how much you walk, talk and what level of Candy Crush you're stuck on -- but soon it could be spilling secrets to your doctor. More and more physicians are prescribing apps that help track their patients' illnesses through information collected by their smartphones. '[The trend] just seems to be exploding,' said Seth S. Martin, a Pollin cardiovascular prevention fellow at Johns Hopkins Hospital in Baltimore. 'With the widespread use now of smartphones, it's a really exciting opportunity to help people live healthier lives.' Apps like Ginger.io and those developed by the Center for Behavioral Intervention Technologies (CBITs) at Northwestern University collect data through smartphones and web activity and relay that information to healthcare providers—without the patient needing to lift a finger. This, they argue, enriches the healthcare process by integrating technology and primary care. This is most apparent with the app Ginger.io, which is currently invite only -- it's being tested in larger hospital systems before it expands to the public -- and deals with a small number of specific diseases like diabetes and ulcerative colitis. According to their website, Ginger.io 'works in the background to collect data about your movement, call, and texting patterns. Once the application has gathered enough data to understand your behavior patterns, we will provide you with health insights and alerts.' These alerts range from condition-specific health tips to insights into the patient's own health patterns. 'It forms an automated diary of your life,' said Anmol Madan, co-founder and CEO of Ginger.io. 'The idea is to provide support to patients and families.'"
Your phone is talking behind your back -- to your doctor
WTOP, 25 November 2013

"British and U.S. intelligence officials say they are worried about a 'doomsday' cache of highly classified, heavily encrypted material they believe former National Security Agency contractor Edward Snowden has stored on a data cloud. The cache contains documents generated by the NSA and other agencies and includes names of U.S. and allied intelligence personnel, seven current and former U.S. officials and other sources briefed on the matter said. The data is protected with sophisticated encryption, and multiple passwords are needed to open it, said two of the sources, who like the others spoke on condition of anonymity to discuss intelligence matters. The passwords are in the possession of at least three different people and are valid for only a brief time window each day, they said. The identities of persons who might have the passwords are unknown. Spokespeople for both NSA and the U.S. Office of the Director of National Intelligence declined to comment. One source described the cache of still unpublished material as Snowden's 'insurance policy' against arrest or physical harm. U.S. officials and other sources said only a small proportion of the classified material Snowden downloaded during stints as a contract systems administrator for NSA has been made public. Some Obama Administration officials have said privately that Snowden downloaded enough material to fuel two more years of news stories. 'The worst is yet to come,' said one former U.S. official who follows the investigation closely. Snowden, who is believed to have downloaded between 50,000 and 200,000 classified NSA and British government documents, is living in Russia under temporary asylum, where he fled after traveling to Hong Kong. He has been charged in the United States under the Espionage Act. Cryptome, a website which started publishing leaked secret documents years before the group WikiLeaks or Snowden surfaced, estimated that the total number of Snowden documents made public so far is over 500....Glenn Greenwald, who met with Snowden in Hong Kong and was among the first to report on the leaked documents for the Guardian newspaper, said the former NSA contractor had 'taken extreme precautions to make sure many different people around the world have these archives to insure the stories will inevitably be published.' 'If anything happens at all to Edward Snowden, he has arranged for them to get access to the full archives,' Greenwald said in a June interview with the Daily Beast website. He added: 'I don't know for sure whether has more documents than the ones he has given me... I believe he does.' In an email exchange with Reuters, Greenwald, who has said he remains in contact with Snowden, affirmed his statements about Snowden's 'precautions' but said he had nothing to add. Officials believe that the 'doomsday' cache is stored and encrypted separately from any material that Snowden has provided to media outlets.... U.S. security officials have indicated in briefings they do not know what, if any, of the material is still in Snowden's personal possession. Snowden himself has been quoted as saying he took no such materials with him to Russia."
Spies worry over 'doomsday' cache stashed by ex-NSA contractor Snowden
Guardian, 25 November 2013

"A new slide leaked by Edward Snowden shows where the NSA infected more than 50,000 computer networks worldwide with malware, according to Dutch media outlet NRC. The NSA management presentation slide from 2012 shows a world map spiderwebbed with 'Computer Network Exploitation' access points in more than 50,000 locations around the globe."
NSA malware infected over 50,000 computer networks worldwide
ZDNet, 23 November 2013

"The dystopian Brave New World [by Aldous Huxley] ... is read as an addendum to Nineteen Eighty-Four [by George Orwell], but is nothing of the sort. True, Huxley deals with totalitarianism, but a totalitarianism of happiness. His great insight is that the real danger is not that our freedom will be taken away, but that we will hand it over willingly. In this Fordian age of tech companies that file away our data for advertisers and governments, when every transaction is traced, Brave New World is a book for the present."
JFK overshadowed the death of two greats
London Times, 23 November 2013, Print Edition, P23

"Google, the giant of the Internet, thought about moving its servers out of the U.S. after the NSA debacle, said Eric Schmidt, the company's chairman, on Friday at the Paley International Council Summit in New York. 'Actually, we thought about that and there are many, many reasons why it's impossible for Google to leave the United States, although it's attractive,' Schmidt said. 'But the reason it's an interesting idea is because American firms are subject to these rules, the [Foreign Intelligence Surveillance Act] rules, Patriot Act and so forth, and this government surveillance is really a problem.' Schmidt said that Google was presented with data of internal monitoring of traffic between its servers where the government had reversed engineered protocols that exchanged random data between the company's servers. 'Google's position is we are outraged on this,' he said. 'It's government overreach, is the best way to explain it. This kind of government surveillance is also a huge business risk, he said. Because other governments do not want the U.S. breaching their citizens' data, they will begin to demand control over the servers of American businesses located in their country. If you're a member of the government from one of these countries, what are you going to do? You're going to say 'what can I do in my country to prevent this?'' he said. 'Well, the most obvious thing you can do is prevent all of those American services, and all of that snooping and so forth, by requiring data localization. By requiring servers be in your country under your control, which breaks the Internet.' Still though, Schmidt said that the U.S. still beats other countries for businesses because companies can fire back at the government. 'One of the great things about America is its OK to complain about this in public and we are doing so,' he said. 'We have taken legal actions, we have filed a lawsuit in a secret court, it's called a FISA court.' Google wants the right to be able to disclose information about the government's requests for user data. So far, it has been unsuccessful at getting the right to share that information."
Google mulled ditching US after NSA scandal
CNBC, 22 November 2013

"On 22 November 1963 the world was too preoccupied with the Kennedy assassination to pay much attention to the passing of two writers from the other side of the Atlantic: CS Lewis and Aldous Huxley. Fifty years on, Lewis is being honoured with a plaque in Poets' Corner at Westminster Abbey, to be unveiled in a ceremony on Friday. The fanfare for Huxley has been more muted....In the novel [Brave New World Aldous] Huxley describes the mass production of children by what we would now call in vitro fertilisation; interference in the development process of infants to produce a number of 'castes' with carefully modulated levels of capacities to enable them to fit without complaining into the various societal and industrial roles assigned to them; and Pavlovian conditioning of children from birth.In this world nobody falls ill, everyone has the same lifespan, there is no warfare, and institutions and marriage and sexual fidelity are dispensed with. Huxley's dystopia is a totalitarian society, ruled by a supposedly benevolent dictatorship whose subjects have been programmed to enjoy their subjugation through conditioning and the use of a narcotic drug – soma – that is less damaging and more pleasurable than any narcotic known to us. The rulers of Brave New World have solved the problem of making people love their servitude. Which brings us back to the two Etonian bookends of our future. On the Orwellian front, we are doing rather well – as the revelations of Edward Snowden have recently underlined. We have constructed an architecture of state surveillance that would make Orwell gasp. And indeed for a long time, for those of us who worry about such things, it was the internet's capability to facilitate such comprehensive surveillance that attracted most attention. In the process, however, we forgot about Huxley's intuition. We failed to notice that our runaway infatuation with the sleek toys produced by the likes of Apple and Samsung – allied to our apparently insatiable appetite for Facebook, Google and other companies that provide us with 'free' services in exchange for the intimate details of our daily lives – might well turn out to be as powerful a narcotic as soma was for the inhabitants of Brave New World. So even as we remember CS Lewis, let us spare a thought for the writer who perceived the future in which we would come to love our digital servitude."
Aldous Huxley: the prophet of our brave new digital dystopia
Guardian, 22 November 2013

"After years of secrecy, the National Security Agency's phone records surveillance program had its day in open court on Friday, as civil liberties lawyers asked a federal judge in New York to shut it down, and government lawyers claimed ordinary Americans cannot legally challenge it. U.S. District Court Judge William H. Pauley III did not immediately rule on issuing an injunction against the NSA program. But he did push the government on whether it respected Americans' rights to privacy and freedom of association, and whether Congress was adequately informed about the program.... Department of Justice attorney Stuart Delery said ordinary Americans have no standing to challenge the collection of their call records. Citing a 1979 Supreme Court ruling, he said Americans have no reasonable expectation of privacy for those records, and that only phone companies can challenge their collection. No telecommunications firm has ever fought an order from the Foreign Intelligence Surveillance Court, which oversees the NSA program and is closed to the public."
Government Claims Americans Have No Right To Challenge NSA Phone Surveillance
Huffington Post, 22 November 2013

"The UK and US must do more to protect internet users' privacy, the inventor of the world wide web, Sir Tim Berners-Lee, has warned as a survey of online freedoms is released. Berners-Lee warned that 'a growing tide of surveillance and censorship' posed a threat to the future of democracy, even as more and more people were using the internet to expose wrongdoing. His remarks came before the second annual release of a global league table that classifies countries according to a set of freedoms. Since last year, the US has dropped from second place to fourth, while the UK has remained in third place. Sweden still tops the list, with Norway in second place. All of the Scandinavian countries – Sweden, Denmark and Norway – feature in the top 10. The UK was poorly placed on privacy rights but was lifted by its high scores for availability of relevant content and the internet's political impact. The table is compiled by comparing 81 countries, combining measures such as the extent of access to the internet, how much censorship is employed, and how 'empowered' people are by its availability. The list has been expanded from the 61 countries surveyed last year....The survey found that 76 of the 81 countries examined did not meet 'best practice' standards for checks and balances on government interception of electronic communications. Speaking before an event to launch the updated version of the index, the 58-year-old British computer scientist said: 'One of the most encouraging findings of this year's Web Index is how the web and social media are increasingly spurring people to organise, take action and try to expose wrongdoing in every region of the world. But some governments are threatened by this, and a growing tide of surveillance and censorship now threatens the future of democracy. Bold steps are needed now to protect our fundamental rights to privacy and freedom of opinion and association online.' The survey also found that almost a third of countries surveyed block politically sensitive content.... Democratisation of information and communication flows was further constrained by a global trend towards greater online censorship and surveillance, the report warned. Along with many other countries including the UK and US, Sweden's leading record in web innovation could be at risk from excessive state surveillance."
Tim Berners-Lee: UK and US must do more to protect internet users' privacy
Guardian, 22 November 2013

"Officials at the National Security Agency, intent on maintaining its dominance in intelligence collection, pledged last year to push to expand its surveillance powers, according to a top-secret strategy document. In a February 2012 paper laying out the four-year strategy for the N.S.A.’s signals intelligence operations, which include the agency’s eavesdropping and communications data collection around the world, agency officials set an objective to 'aggressively pursue legal authorities and a policy framework mapped more fully to the information age.' Written as an agency mission statement with broad goals, the five-page document said that existing American laws were not adequate to meet the needs of the N.S.A. to conduct broad surveillance in what it cited as 'the golden age of Sigint,' or signals intelligence.....Using sweeping language, the paper also outlined some of the agency’s other ambitions. They included defeating the cybersecurity practices of adversaries in order to acquire the data the agency needs from 'anyone, anytime, anywhere.' The agency also said it would try to decrypt or bypass codes that keep communications secret by influencing 'the global commercial encryption market through commercial relationships,' human spies and intelligence partners in other countries. It also talked of the need to 'revolutionize' analysis of its vast collections of data to 'radically increase operational impact.' The strategy document, provided by the former N.S.A. contractor Edward J. Snowden, was written at a time when the agency was at the peak of its powers and the scope of its surveillance operations was still secret. Since then, Mr. Snowden’s revelations have changed the political landscape. ... The N.S.A. document, titled 'Sigint Strategy 2012-2016,' does not make clear what legal or policy changes the agency might seek....Critics, including some congressional leaders, say that the role of N.S.A. surveillance in thwarting terrorist attacks — often cited by the agency to justify expanded powers — has been exaggerated. In response to the controversy about its activities after Mr. Snowden’s disclosures, agency officials claimed that the N.S.A.’s sweeping domestic surveillance programs had helped in 54 'terrorist-related activities.' But under growing scrutiny, congressional staff members and other critics say that the use of such figures by defenders of the agency has drastically overstated the value of the domestic surveillance programs in counterterrorism.... Intent on unlocking the secrets of adversaries, the paper underscores the agency’s long-term goal of being able to collect virtually everything available in the digital world. To achieve that objective, the paper suggests that the N.S.A. plans to gain greater access, in a variety of ways, to the infrastructure of the world’s telecommunications networks. .... Above all, the strategy paper suggests the N.S.A.’s vast view of its mission: nothing less than to 'dramatically increase mastery of the global network.' Other N.S.A. documents offer hints of how the agency is trying to do just that. One program, code-named Treasure Map, provides what a secret N.S.A. PowerPoint presentation describes as 'a near real-time, interactive map of the global Internet.' According to the undated PowerPoint presentation, disclosed by Mr. Snowden, Treasure Map gives the N.S.A. 'a 300,000 foot view of the Internet.' Relying on Internet routing data, commercial and Sigint information, Treasure Map is a sophisticated tool, one that the PowerPoint presentation describes as a 'massive Internet mapping, analysis and exploration engine.' It collects Wi-Fi network and geolocation data, and between 30 million and 50 million unique Internet provider addresses — code that can reveal the location and owner of a computer, mobile device or router — are represented each day on Treasure Map, according to the document. It boasts that the program can map 'any device, anywhere, all the time.'...The program takes advantage of the capabilities of other secret N.S.A. programs. To support Treasure Map, for example, the document states that another program, called Packaged Goods, tracks the 'traceroutes' through which data flows around the Internet. Through Packaged Goods, the N.S.A. has gained access to '13 covered servers in unwitting data centers around the globe,' according to the PowerPoint. The document identifies a list of countries where the data centers are located, including Germany, Poland, Denmark, South Africa and Taiwan as well as Russia, China and Singapore. Despite the document’s reference to 'unwitting data centers,' government officials said that the agency does not hack into those centers. Instead, the officials said, the intelligence community secretly uses front companies to lease space on the servers."
N.S.A. Report Outlined Goals for More Power
New YorkTimes, 22 November 2013

"Germany's two main parties have agreed on measures to keep their internal communications safe – including all politicians using encrypted mobile phones, it emerged on Thursday. The interior ministry of the Christian Democratic Union (CDU) and their Social Democratic Party (SPD) counterparts have, Bild newspaper said, decided on 'urgent' guidelines for ministers' and top ranking officials' mobile phones. The parties are currently in coalition negotiations over forming Germany's next government. Under the new government politicians will only make calls on encrypted phones, meaning mobiles which are not protected will become the exception instead of the norm. It means iPhones will no longer be allowed for official correspondence. 'Our conversations and communication structure have to be safer,' the government report said, following news at the end of October that Chancellor Angela Merkel's phone was being tapped by US intelligence agencies, and that both the UK and US embassies in Berlin allegedly had listing posts on the roof of their buildings."
German politicians to get encrypted phones
Local (Germany), 21 November 2013

"With every fresh leak, the world learns more about the U.S. National Security Agency's massive and controversial surveillance apparatus. Lost in the commotion has been the story of the NSA's indispensable partner in its global spying operations: an obscure, clandestine unit of the Federal Bureau of Investigation that, even for a surveillance agency, keeps a low profile. When the media and members of Congress say the NSA spies on Americans, what they really mean is that the FBI helps the NSA do it, providing a technical and legal infrastructure that permits the NSA, which by law collects foreign intelligence, to operate on U.S. soil. It's the FBI, a domestic U.S. law enforcement agency, that collects digital information from at least nine American technology companies as part of the NSA's Prism system. It was the FBI that petitioned the Foreign Intelligence Surveillance Court to order Verizon Business Network Services, one of the United States' biggest telecom carriers for corporations, to hand over the call records of millions of its customers to the NSA. But the FBI is no mere errand boy for the United States' biggest intelligence agency. It carries out its own signals intelligence operations and is trying to collect huge amounts of email and Internet data from U.S. companies -- an operation that the NSA once conducted, was reprimanded for, and says it abandoned. The heart of the FBI's signals intelligence activities is an obscure organization called the Data Intercept Technology Unit, or DITU (pronounced DEE-too). The handful of news articles that mentioned it prior to revelations of NSA surveillance this summer did so mostly in passing. It has barely been discussed in congressional testimony. An NSA PowerPoint presentation given to journalists by former NSA contractor Edward Snowden hints at DITU's pivotal role in the NSA's Prism system -- it appears as a nondescript box on a flowchart showing how the NSA 'task[s]' information to be collected, which is then gathered and delivered by the DITU. But interviews with current and former law enforcement officials, as well as technology industry representatives, reveal that the unit is the FBI's equivalent of the National Security Agency and the primary liaison between the spy agency and many of America's most important technology companies, including Google, Facebook, YouTube, and Apple. The DITU is located in a sprawling compound at Marine Corps Base Quantico in Virginia, home of the FBI's training academy and the bureau's Operational Technology Division, which runs all the FBI's technical intelligence collection, processing, and reporting. Its motto: 'Vigilance Through Technology.' The DITU is responsible for intercepting telephone calls and emails of terrorists and foreign intelligence targets inside the United States. According to a senior Justice Department official, the NSA could not do its job without the DITU's help. The unit works closely with the 'big three' U.S. telecommunications companies -- AT&T, Verizon, and Sprint -- to ensure its ability to intercept the telephone and Internet communications of its domestic targets, as well as the NSA's ability to intercept electronic communications transiting through the United States on fiber-optic cables. For Prism, the DITU maintains the surveillance equipment that captures what the NSA wants from U.S. technology companies, including archived emails, chat-room sessions, social media posts, and Internet phone calls. The unit then transmits that information to the NSA, where it's routed into other parts of the agency for analysis and used in reports. After Prism was disclosed in the Washington Post and the Guardian, some technology company executives claimed they knew nothing about a collection program run by the NSA. And that may have been true. The companies would likely have interacted only with officials from the DITU and others in the FBI and the Justice Department, said sources who have worked with the unit to implement surveillance orders. 'The DITU is the main interface with providers on the national security side,' said a technology industry representative who has worked with the unit on many occasions. It ensures that phone companies as well as Internet service and email providers are complying with surveillance law and delivering the information that the government has demanded and in the format that it wants. And if companies aren't complying or are experiencing technical difficulties, they can expect a visit from the DITU's technical experts to address the problem. Recently, the DITU has helped construct data-filtering software that the FBI wants telecom carriers and Internet service providers to install on their networks so that the government can collect large volumes of data about emails and Internet traffic. The software, known as a port reader, makes copies of emails as they flow through a network. Then, in practically an instant, the port reader dissects them, removing only the metadata that has been approved by a court. The FBI has built metadata collection systems before. In the late 1990s, it deployed the Carnivore system, which the DITU helped manage, to pull header information out of emails. But the FBI today is after much more than just traditional metadata -- who sent a message and who received it. The FBI wants as many as 13 individual fields of information, according to the industry representative. The data include the route a message took over a network, Internet protocol addresses, and port numbers, which are used to handle different kinds of incoming and outgoing communications. Those last two pieces of information can reveal where a computer is physically located -- perhaps along with its user -- as well as what types of applications and operating system it's running. That information could be useful for government hackers who want to install spyware on a suspect's computer -- a secret task that the DITU also helps carry out....One former law enforcement official said the DITU helped build the FBI's Magic Lantern keystroke logging system, a device that could be implanted on a computer and clandestinely record what its user typed. The system was devised to spy on criminals who had encrypted their communications. It was part of a broader surveillance program known as Cyber Knight."
Meet the Spies Doing the NSA's Dirty Work
Foreign Policy, 21 November 2013

"The revelations from Edward Snowden’s documents get ever more breathtaking. It had always previously been thought that under the so-called Five-Eyes intelligence-sharing arrangements (established under the UKUSA Signals Intelligence Agreement in 1946) between the US, UK, Canada, Australia and New Zealand, the citizens of each of these countries were off-limits from surveillance by any of the other countries. Now Snowden has brought to light that in 2007 there was a major change of policy which allowed the US National Security Agency (NSA) to collect, analyse and retain the mobile phone and fax numbers, emails and IP addresses of any British citizens. That immediately raises 5 crucial questions. Who took the decision to allow this? Why was this momentous decision which affects the security and privacy of every person in the UK kept secret? What should be done now? What does it tell us about the state of oversight of the intelligence services in the UK? And why has this huge scandal, so far at least, not attracted the furore that it has in the US? On the first point, it is inconceivable that the heads of the UK intelligence services would have made a decision of this magnitude without referring it upwards to ministers. Significantly, Snowden has also revealed a separate memorandum in 2005 about a proposed NSA procedure for spying on UK citizens and those of the other 3 Five-Eyes even where the government of that country has denied permission. The foreign secretary in 2005 was Straw and in 2007 Beckett, but it seems likely that the decision to proceed with this secret mass surveillance of British citizens was taken by Blair himself. Second, it is obvious that the decision was kept secret because it was recognised there would be great, and probably insurmountable, political resistance. So why was this overridden and a blanket of total secrecy thrown over it which could have kept mass surveillance hidden indefinitely had there not been a whistleblower called Edward Snowden? Because Blair (or whoever) was keen to accommodate the Americans in every way and at any price, just as he kept secret (and is still doing so) the deal he struck with Bush to join with the Americans in invading Iraq, without any consultation of the Cabinet, Parliament, or the British people? Third, it is imperative that a top-level external and independent inquiry, chaired by a judge, be established to get at the full truth about what has been happening in the intelligence and security services behind closed doors over the last 20 years. The internal review of procedures by the parliamentary poodle, the Intelligence and Security Committee (ISC) made up largely of establishment stooges, is a risible fob-off. Only when we know the full truth will we be able to formulate effective scrutiny powers. Fourth, this whole saga – so far as it is known, and what still remains to be revealed? – shows the security services out of control. There is no adequate ministerial or political scrutiny whatever. The security network only tells ministers what it chooses to. Who took the decision to allow GCHQ to adopt the Tempora programme as a comprehensive dragnet of all internet data flowing in and out of the UK via the transatlantic sub-sea cables, without telling Parliament or the British people? Fifth, the comparative lack of protest in the UK at all these revelations is surprising."
Who gave away access for US surveillance of all communication networks of all British citizens?
Michael Meacher MP » Blog Archive » 21 November 2013

"The United States and its key intelligence allies are quietly working behind the scenes to kneecap a mounting movement in the United Nations to promote a universal human right to online privacy, according to diplomatic sources and an internal American government document obtained by The Cable. The diplomatic battle is playing out in an obscure U.N. General Assembly committee that is considering a proposal by Brazil and Germany to place constraints on unchecked internet surveillance by the National Security Agency and other foreign intelligence services. American representatives have made it clear that they won't tolerate such checks on their global surveillance network. The stakes are high, particularly in Washington -- which is seeking to contain an international backlash against NSA spying -- and in Brasilia, where Brazilian President Dilma Roussef is personally involved in monitoring the U.N. negotiations. The Brazilian and German initiative seeks to apply the right to privacy, which is enshrined in the International Covenant on Civil and Political Rights (ICCPR), to online communications. Their proposal, first revealed by The Cable, affirms a 'right to privacy that is not to be subjected to arbitrary or unlawful interference with their privacy, family, home, or correspondence.' It notes that while public safety may 'justify the gathering and protection of certain sensitive information,' nations 'must ensure full compliance' with international human rights laws. A final version the text is scheduled to be presented to U.N. members on Wednesday evening and the resolution is expected to be adopted next week. A draft of the resolution, which was obtained by The Cable, calls on states to 'to respect and protect the right to privacy,' asserting that the 'same rights that people have offline must also be protected online, including the right to privacy.' It also requests the U.N. high commissioner for human rights, Navi Pillay, present the U.N. General Assembly next year with a report on the protection and promotion of the right to privacy, a provision that will ensure the issue remains on the front burner. Publicly, U.S. representatives say they're open to an affirmation of privacy rights. 'The United States takes very seriously our international legal obligations, including those under the International Covenant on Civil and Political Rights,' Kurtis Cooper, a spokesman for the U.S. mission to the United Nations, said in an email. 'We have been actively and constructively negotiating to ensure that the resolution promotes human rights and is consistent with those obligations.' But privately, American diplomats are pushing hard to kill a provision of the Brazilian and German draft which states that 'extraterritorial surveillance' and mass interception of communications, personal information, and metadata may constitute a violation of human rights. The United States and its allies, according to diplomats, outside observers, and documents, contend that the Covenant on Civil and Political Rights does not apply to foreign espionage.... The privacy resolution, like most General Assembly decisions, is neither legally binding nor enforceable by any international court. But international lawyers say it is important because it creates the basis for an international consensus -- referred to as 'soft law' -- that over time will make it harder and harder for the United States to argue that its mass collection of foreigners' data is lawful and in conformity with human rights norms. 'They want to be able to say ‘we haven't broken the law, we're not breaking the law, and we won't break the law,'' said Dinah PoKempner, the general counsel for Human Rights Watch, who has been tracking the negotiations. The United States, she added, wants to be able to maintain that 'we have the freedom to scoop up anything we want through the massive surveillance of foreigners because we have no legal obligations."
Inside America's Plan to Kill Online Privacy Rights Everywhere
Foreign Policy (The Cable), 21 November 2013

"The phone, internet and email records of UK citizens not suspected of any wrongdoing have been analysed and stored by America’s National Security Agency (NSA) under a secret deal that was approved by British intelligence officials, according to documents from the whistleblower Edward Snowden. In the first explicit confirmation that UK citizens have been caught up in US mass surveillance programmes, an NSA memo describes how in 2007 an agreement was reached that allowed the agency to 'unmask' and hold on to personal data about Britons that had previously been off limits. The memo, published in a joint investigation by the Guardian and Britain’s Channel 4 News, says the material is being put in databases where it can be made available to other members of the US intelligence and military community. Britain and the US are the main two partners in the 'Five-Eyes' intelligence-sharing alliance, which also includes Australia, New Zealand and Canada. Until now, it had been generally understood that the citizens of each country were protected from surveillance by any of the others.... The NSA has been using the UK data to conduct so-called 'pattern of life' or 'contact-chaining' analyses, under which the agency can look up to three 'hops' away from a target of interest – examining the communications of a friend of a friend of a friend. Guardian analysis suggests three hops for a typical Facebook user could pull the data of more than 5 million people into the dragnet. A separate draft memo, marked top secret and dated from 2005, reveals a proposed NSA procedure for spying on the citizens of the UK and other Five-Eyes nations, even where the partner government has denied the US permission to do so. The memo makes clear that partner countries must not be informed about this surveillance, or even the procedure itself. The 2007 briefing was sent out to all analysts in the NSA’s Signals Intelligence Directorate, which is responsible for collecting, processing and sharing information gleaned from US surveillance programs. Up to this point, the Americans had only been allowed to retain the details of British landline phone numbers that had been collected incidentally in any of their trawls."
Secret deal was made to allow NSA store personal data on Britons
Irish Times, 21 November 2013

"The U.S. Army plans to monitor the online behavior of its employees with tracking software that will be woven into Army Network 2020, an in-house computer network set to launch in seven years.The network, which aims to catch anyone who might download and distribute classified documents, comes after former National Security Agency contractor Edward Snowden leaked information revealing that the agency collects data on everyone from average American citizens to world leaders. The order for a tracking system dates back to last November, when U.S. President Barack Obama issued a memo that describes programs meant to 'deter, detect and mitigate actions by employees who may represent a threat to national security.' The network will use 'behavior-based analytics' to monitor the activity of soldiers, according to National Defense Magazine, citing Maj. Gen. Alan Lynn. In particular, the army plans to target employees who have just started or are about to leave their job, as they are seen as most likely to leak information. The system will be able to detect a range of behaviors, including how many emails someone sends per day, and the amount of information that person downloads."
U.S. Army to Track Employees' Web Activity to Thwart Future Snowdens
Mashable, 20 November 2013

"...the other 'Five Eyes' members (UK, Canada, New Zealand, Australia) which became one unit to spy on the world. In order for Americans to bypass their national restrictions to spy on Americans, they just reroute their traffic through UK fibre and the UK spy agency takes that traffic and organises it in a nice way -- putting voice into text and making it searchable in giant databases. Then if the Americans want to spy on their citizens all they have to do is use the little Prism tool. They type in the email address of a person and one of the Five Eyes partners makes that data available to them. The NSA is hacking its own laws by utilising foreign organisations to spy on their own citizens."
Kim Dotcom: the TPP 'proves' that Wall St and Hollywood own Obama
Wired, 20 November 2013

"Millions of innocent British citizens may have been spied on by the US after an agreement with Tony Blair's Government, it was claimed last night.Secret memos suggested a deal was approved that allowed the American National Security Agency to store and analyse the phone, email and internet records of Britons who were 'incidentally' caught up in surveillance operations. One document suggests that the US were even prepared to carry out such surveillance without notifying their UK partners, despite assurances intended to make them think they would. The policy was revealed in documents stolen by the former CIA contractor Edward Snowden, according to the Guardian and Channel 4 News. It suggests a dramatic change in an agreement between the US and UK which dates back to 1946 that the two countries would not spy on each other's citizens. One Tory MP last night said those in charge at the time need to explain what was agreed to. A memo from June 2007 suggests that Britain agreed the Americans could 'unminimise' British landline numbers as early as 2004. Previously, data on people 'incidentally' caught up in any dragnet on individuals that were not suspected of any wrongdoing was supposed to be 'minimised', meaning deleted. The new policy was said to have been extended to data from mobile, email, fax and internet data in the same way in the latter days of the Blair administration, it was claimed. The NSA is said to have used the UK data to conduct so-called 'pattern of life' or 'contact-chaining' analyses - looking at the communications of a friend of the person or a friend of a friend- making the potential scope for collection enormous. A separate secret memo, dated from 2005, suggested that the data mining could go on without the permission or knowledge of the UK or others in the so-called Five Eyes intelligence relationship - Australia, Canada and New Zealand. It was claimed different parts of the memo would be shown to the UK, which suggested permission would be sought, while other parts that contradicted that were kept only for the eyes of the NSA. The document, titled 'Collection, Processing and Dissemination of Allied Communications', had separate classifications from paragraph to paragraph, it was reported. Those marked 'NF', for No Foreign, were to be kept strictly within the agency. The memo stated that the Five-Eyes agreement 'has evolved to include a common understanding that both governments will not target each other's citizens/persons'. But in the next sentence – marked not to shared with foreign partners – it was stated that governments 'reserved the right' to conduct intelligence operations against each other's citizens 'when it is in the best interests of each nation'. 'Therefore,' the draft memo said, 'under certain circumstances, it may be advisable and allowable to target second party persons and second party communications systems unilaterally, when it is in the best interests of the US and necessary for US national security.' The US and UK authorities declined to comment on the reports, as did Jack Straw, who was Foreign Secretary until 2006, and Margaret Beckett, who was Foreign Secretary in 2007."
US and UK struck secret deal to collect innocent Britons' personal data
Telegraph, 20 November 2013

"Erik Prince is not the kind of man one expects to make the case for slashing U.S. intelligence and military budgets. After 9-11, his company, Blackwater, expanded exponentially, winning contracts to protect diplomats and politicians in Iraq and to train and work with CIA paramilitary teams hunting terrorists. In an interview Monday, Prince said the national security state he once served has grown too large. 'America is way too quick to trade freedom for the illusion of security,' he told The Daily Beast. 'Whether it’s allowing the NSA to go way too far in what it intercepts of our personal data, to our government monitoring of everything domestically and spending way more than we should. I don’t know if I want to live in a country where lone wolf and random terror attacks are impossible ‘cause that country would look more like North Korea than America.' Today Prince is out of the contracting business and is promoting a book telling his side of the Blackwater story....'I am all in favor of killing terrorists,' Prince said. 'But the fact that [Anwar] al-Awlaki was killed and his 16-year-old son, born in Colorado, was killed with no due process other than that he got on the ‘kill list’ is troubling to me.' The Obama administration has claimed that Awlaki, an American citizen who was killed in a drone strike in 2011, was an operational leader of al Qaeda’s affiliate in Yemen. Prince said he believes al-Awlaki’s son was deliberately targeted in a second strike after the one that killed Awlaki. The Obama administration has said that strike was not targeting Awlaki’s son, but someone else. Prince also said the over-reliance on drone warfare in the Middle East and South Asia would likely reap 'a bitter harvest,' because of the scale of collateral damage from drone strikes."
Blackwater Founder Erik Prince: War on Terror Has Become Too Big
The Daily Beast, 19 November 2013

"'We don’t discuss intelligence matters,' Australia’s bewildered prime minister told the media again this morning, making him the only person left on earth not discussing intelligence matters. Seven months after the fuse was lit, the scandal of the US National Security Agency surveillance state has finally detonated in Australia. That’s how long it has been since the general public got a look at the first cheesy powerpoint presentations originating from deep within the US national security establishment. .... The revelations of a single brave whistleblower, combined with journalists willing to risk offending some of the most powerful and secretive institutions on earth, started an avalanche. Congressional inquiries, international delegations, UN resolutions – and still the revelations kept coming. The NSA and its affiliate 'five eyes' agencies have gradually unmoored themselves from the rule of law, and it is no longer clear on exactly whose authority they operate. As the scandal reached the highest levels of government in Europe and North America, in Australia we’ve been subjected to a bipartisan consensus of angry silence. Nothing to see here, move along..... As a global society we are now reaping the consequences of the deliberate and systematic blurring of the boundaries between terrorism, journalism, whistleblowing and democratic dissent. The counter-movement is alive and well everywhere else on earth; today I feel for the first time that maybe we can advance the conversation here in Australia."
Scott Ludlam - The NSA scandal has detonated in Australia - we can no longer look away
Guardian, Comment Is Free, 19 November 2013

"Newly declassified court documents indicate that the National Security Agency shared its trove of American bulk email and internet data with other government agencies in violation of specific court-ordered procedures to protect Americans’ privacy. The dissemination of the sensitive data transgressed both the NSA’s affirmations to the secret surveillance court about the extent of the access it provided, and prompted incensed Fisa court judges to question both the NSA’s truthfulness and the value of the now-cancelled program to counter-terrorism. While the NSA over the past several months has portrayed its previous violations of Fisa court orders as 'technical'violations or inadvertent errors, the oversharing of internet data is described in the documents as apparent widespread and unexplained procedural violations. 'NSA’s record of compliance with these rules has been poor,'wrote judge John Bates in an opinion released on Monday night in which the date is redacted. 'Most notably, NSA generally disregarded the special rules for disseminating United States person information outside of NSA until it was ordered to report such disseminations and to certify to the [Fisa court] that the required approval had been obtained. In addition to improperly permitting access to the email and internet data – intended to include information such as the 'to' from'and 'BCC' lines of an email – Bates found that the NSA engaged in 'systemic overcollection', suggesting that content of Americans’ communications was collected as well. Privacy experts have long noted that email metadata is inherently content-rich, as it will show interactions with businesses; or political affiliations such as listserv membership. The court had required the NSA to comply with a longstanding internal procedure for protecting Americans’ sensitive information prior to sharing the data internally within NSA, known as United States Signals Intelligence Directive 18 (USSID 18) and also declassified on Monday night; and additionally required a senior NSA official to determine that any material shared outside the powerful surveillance agency was related to counter-terrorism. Yet in a separate Fisa court document, the current presiding judge, Reggie Walton, blasted the government’s secret declaration that it followed USSID 18 'rather than specifically requiring that the narrower dissemination provision set forth in the Court’s orders in this matter be strictly adhered to'. Walton wrote: 'The court understands this to mean that the NSA likely has disseminated US person information derived from the [email and internet bulk] metadata outside NSA without a prior determination from the NSA official designated in the court’s orders that the information is related to counter-terrorism information and is necessary to understand the counter-terrorism information or assess its importance.' In an opinion apparently written in June 2009, Walton said the court was 'gravely concerned' that 'NSA analysts, cleared and otherwise, have generally not adhered to the dissemination restrictions proposed by the government, repeatedly relied on by the court in authorizing the [email and internet bulk] metadata, and incorporated into the court’s orders in this matter [redacted] as binding on NSA.' Walton said the NSA’s legal team had failed to satisfy the training requirements that NSA frequently points to in congressional testimony as demonstrating its scrupulousness. Walton added that he was 'seriously concerned' by the placement of Americans’ email and internet metadata into 'databases accessible by outside agencies, which, as the government has acknowledged, violates not only the court’s orders, but also NSA’s minimization and dissemination procedures as set forth in USSID 18. Bates’ heavily redacted opinion suggests that the collection of the internet and email metadata from Americans in bulk provided only minimal relevant information to FBI for generating terrorism investigation leads, the entire purpose of the program. Bates questioned, as a 'threshold concern', the government’s willingness to represent its activities to the Fisa court it cites as the principal check on its surveillance powers. 'The government’s poor track record with bulk [internet and email] acquisition … presents threshold concerns about whether implementation will conform with, or exceed, what the government represents and what the court may approve,' Bates wrote. Previously disclosed documents show that Bates and Walton wrestled with NSA’s veracity and its overcollection repeatedly, in 2009 and 2011, over different bulk surveillance programs. For much of 2009, Walton prevented NSA analysts from querying its bulk American phone records database until he was satisfied the government complied with court-ordered restrictions. In 2011, Bates wrote that the 'volume and nature'of the NSA’s bulk collection on foreign internet content was 'fundamentally different from what the court had been led to believe'..... Elizabeth Goitien of the Brennan Center for Justice at New York University said that the declassified opinions raise disturbing questions about the NSA’s truthfulness. 'Either the NSA is really trying to comply with the court’s orders and is absolutely incapable of doing so, in which case it’s terrifying that they’re performing this surveillance, or they’re not really trying to comply,' Goitien said. 'Neither of those explanations is particularly comforting.'"
Fisa court documents reveal extent of NSA disregard for privacy restrictions
Guardian, 19 November 2013

"As more NSA-related documents are forced out into the public eye, the narrative contained within the court opinions is at odds with the NSA's continuous declarations that utmost care has been taken to prevent violating the privacy of Americans. A previous release detailed how FISC Judge Reggie Walton nearly shuttered the Section 215 program in 2009 due to widespread abuse by NSA analysts. The evidence uncovered by internal audits and the agency's own admissions led Walton to issue this damning statement: 'The minimization procedures… have been so frequently and systemically violated that it can fairly be said that this critical element of the overall BR regime has never functioned effectively.' The NSA's bulk internet metadata program (Stellar Wind) was also suspended for several months due to numerous violations. Judge John Bates, taking over for Kollar-Kotelly (who issued the opinion granting the NSA permission to collect internet metadata on Americans by using a very generous reading of the pen register statute), makes it clear he's wholly unimpressed with the agency's trustworthiness. 'Although the specific terms of authorization under those orders varied over time, there were important constants. Notably, each order limited the authorized acquisition to [redacted] categories of metadata. As detailed herein, the government acknowledges that NSA exceeded the scope of authorized acquisition continuously during the more than [redacted] years of acquisition under these orders.' Although all dates are redacted, the opinion does cite Judge Walton's 2009 findings (in reference to the Section 215 program). The authorization of the email metadata collection seems to have been granted in 2005 (at least in terms of targeting Americans), suggesting that we're looking at close to another half-decade of abuse by the agency in this program -- abuse that saw this program temporarily suspended as well."
Declassified Opinion On Bulk Email Collection Details More Abuse By The NSA
Techdirt, 19 November 2013

"The technology used by Britain's intelligence agencies is 'out of control', former Liberal Democrat leader Lord Ashdown has warned. Lord Ashdown, a former special forces soldier and spy, called for an inquiry to address questions of privacy in the digital age. He said surveillance should be targeted against individuals or groups, not against 'the whole nation' as recent operations exposed by whistleblower Edward Snowden were. But in an interview with The Guardian, which has revealed details of the activities of British eavesdropping agency GCHQ based on documents disclosed by US intelligence whistleblower Mr Snowden, Lord Ashdown defended the right of the state to intercept communications."
Ashdown: Intelligence technologies 'out of control'
ITV, 19 November 2013

"Earlier this month I discovered that my new LG Smart TV was displaying ads on the Smart landing screen. After some investigation, I found a rather creepy corporate video advertising their data collection practices to potential advertisers. It's quite long but a sample of their claims are as follows: 'LG Smart Ad analyses users favourite programs, online behaviour, search keywords and other information to offer relevant ads to target audiences. For example, LG Smart Ad can feature sharp suits to men, or alluring cosmetics and fragrances to women. Furthermore, LG Smart Ad offers useful and various advertising performance reports. That live broadcasting ads cannot. To accurately identify actual advertising effectiveness.' In fact, there is an option in the system settings called 'Collection of watching info:' which is set ON by default. This setting requires the user to scroll down to see it and, unlike most other settings, contains no 'balloon help' to describe what it does. At this point, I decided to do some traffic analysis to see what was being sent. It turns out that viewing information appears to be being sent regardless of whether this option is set to On or Off. Here you can clearly see that a unique device ID is transmitted, along with the Channel name 'BBC NEWS' and a unique device ID.....This information appears to be sent back unencrypted and in the clear to LG every time you change channel, even if you have gone to the trouble of changing the setting above to switch collection of viewing information off. It was at this point, I made an even more disturbing find within the packet data dumps. I noticed filenames were being posted to LG's servers and that these filenames were ones stored on my external USB hard drive. .... It would easily be possible to infer the presence of adult content or files that had been downloaded from file sharing sites. My wife was shocked to see our children's names being transmitted in the name of a Christmas video file that we had watched from USB."
LG Smart TVs logging USB filenames and viewing info to LG servers
Doctor Beets Blog, 18 November 2013

"Britain’s spy-infested embassy in Moscow has taken the lead among the «FIVE EYES» signals intelligence allies to locate the whereabouts of National Security Agency whistleblower Edward Snowden in Russia. In fact, the British government is more avid in its desire to locate and possibly rendition Snowden to the United Kingdom or United States than is either the U.S. or the other governments of the FIVE EYES signals intelligence (SIGINT) partnership, which also includes Canada, Australia, and New Zealand. Britain’s desire to bag Snowden has more to do with the alleged damage his revelations caused British electronic surveillance operations around the world than any desire to ingratiate Britain’s Government Communications Headquarters (GHCQ) and Secret Intelligence Service (MI6) with their American counterparts, the NSA and CIA, respectively. The government of Prime Minister David Cameron has made it clear that it views Snowden, as well as those who have assisted him in the publication of NSA’s and GCHQ’s most closely-guarded espionage secrets as «terrorists». Britain’s apoplectic reaction to Snowden’s disclosures was on display during testimony before the British Parliament when Britain’s top three intelligence chiefs — John Sawers of MI-6; Andrew Parker of MI-5; and Iain Lobben of the Government Communications Headquarters (GCHQ), the British counterpart of NSA — accused Snowden and those who published his leaked documents of aiding Al Qaeda… Former British Defense Secretary Liam Fox, presently a Conservative MP, went even further, accusing those who publish the leaked NSA and GCHQ secrets, including The Guardian staff, of being terrorists. Fox asked Britain’s Director of Public Prosecutions to investigate whether The Guardian, its editor Alan Rusbridger, its former reporter Glenn Greenwald, and Greenwald’s partner David Miranda were in breach of British anti-terrorism laws. Miranda was detained by British authorities on August 18 as he was transiting through Heathrow airport en route from Berlin to Rio de Janeiro. British authorities claimed it seized from Miranda’s computer equipment 58,000 digital documents appropriated by Snowden while he was working as an NSA contractor in Hawaii..... In October, Snowden met with four other American national whistleblowers — Ray McGovern, formerly of the CIA; Colleen Rowley, formerly with the FBI; former NSA official Tom Drake, and former Justice Department prosecutor Jesselyn Radack — met with Snowden at an undisclosed location in Moscow. The four Americans traveled to Moscow to present Snowden with the Sam Adams Award for Integrity and Intelligence. After the receipt by Snowden of the award, British MI-6 case officers assigned to the British embassy at Smolenskaya Naberezhnaya 10 in Moscow began using NSA and GCHQ «contact chaining» intelligence gathered from surveillance of Facebook and other social networking systems to identify Snowden’s location. The contact chaining began with the Facebook, Twitter, as well as phone call metadata, information derived from the four American visitors to Moscow. In turn, their contacts in Moscow were identified, thus expanding the chain used to determine Snowden’s location and daily schedule. Thanks to Snowden’s disclosure of documents on contact chaining, it is now known that SID Management Directive (SMD) 424 (SIGINT Development — Communications Metadata Analysis), signed on November 29, 2010, permits NSA and its partners, including GCHQ, to permit contact chaining, and other analysis, from and through any selector, irrespective of nationality or location, in order to follow or discover valid foreign intelligence targets». The new directive permits GCHQ and NSA to share contact chaining intelligence against foreign targets, including «U.S. communicants» as long as there is a «foreign intelligence (FI) justification». In Snowden’s case, a foreign intelligence justification was recognized and approved..... The operation to locate Snowden is one of the highest priority operations for the embassy, even eclipsing the recent «thaw» in relations between the British and Russian security and intelligence services. The operation is known to involve the number one MI-6 officer at the embassy, whose diplomatic cover is «director of regional security». Capturing Snowden through a kidnapping, known as «rendition,» is more problematic for the British. However, Russian security services, including the FSB, are devoting much of their attention to the Winter Olympics, which begin on February 7, 2014 in Sochi. The tactic of MI-6 may be to wait for a lapse in the security provided by FSB to Snowden to arrange for an operation to capture him and spirit him out of Russia during a time when Moscow and the rest of Russia will be playing host to tens of thousands of foreign visitors to the Olympics."
British Intelligence Operation to Kidnap Snowden? Number One MI-6 Officer Working Undercover in Moscow Embassy
Global Research, 18 November 2013

"The bosses of Britain's three spy agencies who were supposedly 'grilled' by MPs agreed questions with them in advance, it has emerged. The revelation has led one Tory MP to dub the hearings two weeks ago 'a total pantomime'. MPs summoned the heads of MI5, MI6 and GCHQ to an historic public session of the secretive intelligence and security committee to discuss leaks by the whistleblower Edward Snowden. The committee is usually held in private and the hearing, which was televised and an hour and a half long, was trumped as heralding a new era of transparency. But sources told the Sunday Times there was a row between the committee's nine members, who are all senior MPs and Lords, after they were told the chiefs would only appear on the condition that they were told questions beforehand. It raises fears over whether the MPs had no choice but to follow a softer line of questioning instead of holding the spy chiefs to account. Committee chairman Sir Malcolm Rifkind told the Sunday Times: 'We gave them the initial questions... We cannot suddenly put a question to an intelligence chief that they might only be able to answer by reference to secret material.' MI5's Andrew Parker, MI6's John Sawers and GCHQ's Iain Lobban appeared before the committee on November 7 after high-profile leaks by the whistleblower Edward Snowden were published in the Guardian newspaper. He released files detailing how the U.S. National Security Agency, with the help of British counterparts, routinely collate e-mails from ordinary people and tapped the phone of the German Chancellor Angela Merkel.... Before the hearing.... chiefs agreed to devote only a third of the allotted time to Edward Snowden, the Sunday Times reported, and agreed the line of questioning in advance. There were criticisms after the hearing that it had not given any real answers and that the spy chiefs had simply refused to answer several questions - citing security concerns. Professor Anthony Glees, director for the Centre for Security and Intelligence Studies at Buckingham University, told the newspaper: 'Stage-managing is reminiscent of the old Soviet Union, everybody applauding themselves. That is not the impression they should be giving. They should not be about mutual self-congratulation. It should be about holding people to account.' An anonymous Tory MP also told the newspaper: 'Evidently the whole thing was a total pantomime'."
So much for the interrogation: Spy chiefs knew what questions were going to be asked BEFORE parliamentary committee
Mail, 17 November 2013

"A programme devised by British intelligence allowed analysts to monitor the bookings of foreign diplomats at 350 top hotels across the world, according to documents leaked by the whistleblower Edward Snowden. The German news magazine Der Spiegel reported on Sunday that the automated system alerted the UK's eavesdropping centre, GCHQ, to the timings and locations of diplomats' travel arrangements. The papers make clear that these details allowed the 'technical operations community' to make necessary preparations before the visits, the magazine said, suggesting that the diplomats' rooms would be monitored or bugged. The GCHQ programme, called Royal Concierge, was first trialled in 2010 and has been in operation since then, the papers reveal. The programme worked by intercepting reservation confirmations when they were sent to government addresses from any of the 350 monitored hotels, said Spiegel online. The papers did not name any hotels or diplomats who had been spied upon, though unnamed hotels in Zurich and Singapore were cited as examples. Separate documents seen by Spiegel listed the potential capabilities for monitoring a hotel room, which included wiretapping the telephone and fax machine as well as monitoring computers hooked up to the hotel network. According to Spiegel, one of the presentations describing Royal Concierge was entitled Tales from the Wild, Wild West of GCHQ Operational Data-Mining. GCHQ said it would not confirm or deny the story, which is the latest to emerge from the cache of documents leaked by Snowden this year."
Snowden cache reveals diplomats' hotel bookings being tracked by GCHQ
Guardian, 17 November 2013

"Britain's intelligence chiefs may have exaggerated the threat posed to national security by the leaking of the NSA files, according to a former lord chancellor who has questioned whether the legal oversight of MI6, MI5 and GCHQ is 'fit for purpose'. Lord Falconer of Thoroton said he was sceptical of the claim by the heads of GCHQ, MI6 and MI5 that the leaks represent the most serious blow to their work in a generation, and warned that the NSA files highlighted 'bulk surveillance' by the state. Falconer, who also said he deprecated attempts to portray the Guardian as an 'enemy of the state', pointed out that 850,000 people had access to the files leaked by the US whistleblower Edward Snowden. Falconer, a close ally of Tony Blair who served as lord chancellor from 2003-07, told the Guardian: 'I am aware that the three heads of the agencies said what has been published has set back the fight against terrorism for years. Sir John Sawers [the chief of MI6] said al-Qaida would be rubbing their hands with glee. This is in the context of maybe 850,000 people literally having access to this material.' Falconer, who is in charge of Ed Miliband's preparations for government, added: 'It seems to me to be inconceivable that the intelligence agencies in the US and the UK were not aware that it would not be possible to keep secret these sorts of broad issues for any length of time. If the position was that the USA and the UK were intending to keep the general points I have been talking about secret then that seemed to me to be a very unrealistic position. 'Although I take very seriously what they say [about the importance of secrecy] I am sceptical that the revelations about the broad picture have necessarily done the damage that is being asserted.'....The Sunday Times quoted a Tory MP describing the joint appearance by Sawers, the GCHQ director, Sir Iain Lobban, and the MI5 director general, Andrew Parker, as a 'total pantomime' after it emerged that they were told of questions in advance as part of a secret deal with the committee. Lobban told the committee that his agents collect, though do not intercept, 'innocent communications from innocent people' when they gather what he called the 'haystack' of metadata. Falconer said: 'The material which has been revealed through the Snowden revelations about the NSA raises very, very serious questions about whether or not the United Kingdom's legal framework for oversight of the intelligence services' work in relation to the interception of communications and the obtaining of communications data from mobile telephone and other providers is fit for purpose.'.... Falconer said: 'If you look at the codes of practice and the Ripa 2000 act, they both proceed on the basis that the warrant issued by the secretary of state for interception – ie listening in or looking at emails, their content – will be based upon individual cases. The agencies' right to get metadata about communications is also, I think, to be done on an individual basis even though no warrant is required. What the NSA data reveals is in effect bulk – and I use this word advisedly – surveillance. What the agency chiefs were saying to the ISC appeared to be in relation to that communications data: it is the way that we create the haystack within which we look for the needle. It may well be that the way that that is policed is adequate. But the current arrangements involve there being no decider other than the agencies as to what communications data shall be sought from servers and mobile telephone providers. In particular there is no warrant required from a secretary of state and there is no judicial permission given, albeit that the judge responsible for looking at the intelligence services generally will look at it on an annual basis."
Threat from NSA leaks may have been overstated by UK, says Lord Falconer
Guardian, 17 November 2013

"Even if MI6 had no involvement in the mysterious death of Gareth Williams, it would still have an interest in covering up the circumstances. The organisation always has been, and always will be, very, very secretive. A coroner last year ruled that the 31-year-old codebreaker was 'probably unlawfully killed' after his body was found padlocked into a holdall in a bathtub.... It would argue there are areas of its work it doesn’t want to reveal.And it doesn’t want people digging too deeply into the actual work Gareth Williams was engaged in. He operated in an area involving GCHQ and its liaison with MI6, and probing questions would lead on to the sensitive nature of these operations, particularly in the light of the Edward Snowden revelations. We know from the former CIA man’s leaks how important GCHQ is to British intelligence gathering and that there is extensive monitoring of emails, phones and every kind of digital traffic. But we still have no clear picture as to what Gareth was working on....Was the crime scene cleaned up? Police say there is no evidence of a 'deep clean'. But forensic scientists found no fingerprints around the rim of the bath, not even Gareth’s own, which suggests someone cleaned up after his death. And that means someone else was involved. The coroner said it was likely that the mystery would never be solved, and for that some blame must attach to the reticence of MI6. Even questions about why Gareth was staying in this flat in Pimlico, South West London – used by both MI6 and GCHQ and only a mile from MI6 HQ – brings with it awkward queries about other safe houses and the agents who uses them. MI6 also has a long history of covering up its mistakes. It has been less than candid about its intelligence gathering and reliability in the run-up to the war with Iraq. There are the 'rendition' scandals of people packed off to the USA and, for some, their subsequent torture. What little we know had to be dragged out of MI6 by various inquiries and ongoing court cases, and it’s clear that there is still a good deal that remains hidden. But the service does make sure it gets out its own version of events. It co-operates with certain newspapers, journalists and MPs to get its message across. MI6 controls what it reveals – it doesn’t want people digging around too much and it certainly doesn’t want full-scale inquiries into what they do. And in this case a lot of stories about Gareth came from security and defence correspondents with MI6 contacts rather than crime correspondents covering the case. If something like this had happened in the United States we would know far more about it. The powers of US Senate committees on intelligence are stronger and they are willing to look at things in far greater depth. It isn’t a perfect system but it is far better than ours. We do know a lot more about MI6 than we did 20 years ago but, still, no official documents are ever released. The service is open in saying it doesn’t reveal information because secrecy is its trade and unless it remains super-secret it will lose credibility in the world and agents will not be able to trust it. But that also means that with the Gareth Williams case we have to be very sceptical about the official version of events."
Dr Stephen Dorrill - Spy-in-the-bag mystery: Why I think MI6 WERE involved in Gareth Williams cover-up
Mirror, 16 November 2013

"In the human rights and free expression communities, it is a widely shared assumption that the explosive growth and proliferating uses of surveillance technologies must be harmful—to intellectual freedom, to creativity, and to social discourse. But how exactly do we know, and how can we demonstrate, that pervasive surveillance is harming freedom of expression and creative freedom? In October 2013, PEN partnered with independent researchers at the FDR Group to conduct a survey of over 520 American writers to better understand the specific ways in which awareness of far-reaching surveillance programs influences writers’ thinking, research, and writing. The results of this survey—the beginning of a broader investigation into the harms of surveillance—substantiate PEN’s concerns: writers are not only overwhelmingly worried about government surveillance, but are engaging in self-censorship as a result."
Chilling Effects
PEN America, 11 November 2013

"The team, known by the codename UK/N, allegedly kept tabs on the Princess’s every move in the weeks leading up to her death in a car crash in August 1997. The existence of the hush-hush UK/N group carrying out 'discreet surveillance' on her was revealed by barrister Michael Mansfield QC at her inquest.... His claims were revealed last night in documents related to the inquest, detailing evidence which went unreported at the time.... Mr Mansfield, 72, said: 'One of the paparazzi who routinely followed the Princess of Wales was a member of UK/N, a small corps of part-time MI6 agents who provide miscellaneous services to MI6, such as surveillance.'.... Bosses of the SAS, based in Hereford, are now opening up their confidential files to police to reveal exactly how many of their people were in Paris at the time of Diana’s death."
Spy 'hit squad' plotted Princess Diana's death
Daily Star, 5 November 2013

"A group of lawyers, journalists and privacy advocates in the Netherlands is taking the government to court to prevent Dutch intelligence using phone data illegally acquired by the US National Security Agency. Five individuals, among them a prominent investigative journalist and a well-known hacker, and four organisations filed the case before The Hague district court on Wednesday, according to their lawyer Christiaan Alberdingk Thijm. The case comes after recent revelations that the NSA monitored 1.8 million phonecalls in a month in the Netherlands and then passed some of the data to Dutch intelligence services. The NSA has been at the centre of a global furore set off by a series of bombshell leaks from former intelligence contractor Edward Snowden, who lifted the lid on the US government's far-reaching digital dragnet. Dutch Home Affairs Minister Ronald Plasterk, whose ministry is the defendant in the case, last week confirmed the NSA's phone intercepts, telling national television that 'whether it's about politicians or ordinary citizens it's not acceptable'. He said the Dutch secret service (AIVD) did exchange information with the NSA but was not necessarily aware where the information came from."
Dutch government sued over NSA spying claims
AFP, 6 November 2013

"Consider the now forgotten story of Echelon. In 2000, European leaders raged at reports that the U.S. was covertly gathering data on the continent’s economic activity. A report commissioned by the European Parliament condemned the U.S.’s activities. But in the game of foreign surveillance, there are few clean hands. In 2004 a former British Cabinet minister alleged that U.K. agents had bugged the office of U.N. Secretary-General Kofi Annan. An official document leaked to a British newspaper in 2009 showed that the U.K. was a high-priority espionage target for 20 countries — including chums like France and Germany. America too is a routine target of its allies. At a 2009 NATO summit in France, Obama’s aides ditched their BlackBerrys, presumably for fear of eavesdropping. In 2010, National Intelligence Director Dennis Blair proposed an espionage cease-fire with the nosy French on the grounds that the two countries were wasting valuable counterintelligence assets dueling each other that were better applied to nations like China and Russia. (The White House shot down the idea.)"
Spies Like Us: Friends Always Spy on Friends
TIME, 31 October 2013

"The documents leaked to media outlets by former NSA contractor Edward Snowden this year have brought national intelligence gathering and surveillance operations under a level of scrutiny not seen in decades. Often left out of this conversation, though, is the massive private surveillance industry that provides services to law enforcement, defense agencies and corporations in the U.S. and abroad – a sprawling constellation of companies and municipalities. 'It's a circle where everyone [in these industries] is benefitting,' says Eric King, lead researcher of watchdog group Privacy International. 'Everyone gets more powerful, and richer.' Promotional materials for numerous private spy companies boast of how law enforcement organizations can use their products to monitor people at protests or other large crowds – including by keeping tabs on individual people's social media presence. Kenneth Lipp, a journalist who attended the International Association of Chiefs of Police conference in Philadelphia from October 19th to 23rd, tells Rolling Stone that monitoring Twitter and Facebook was a main theme of the week. 'Social media was the buzzword,' says Lipp. He says much of the discussion seemed to be aimed at designing policies that wouldn't trigger potentially limiting court cases: 'They want to avoid a warrant standard.'"
Promotional materials for private spy companies show that mass surveillance technology is being sold to police departments as a way to monitor dissent
Rolling Stone, 24 October 2013

"Western Union slumped 5 percent in trading Friday following a report by the Wall Street Journal that the CIA is building a database of international money transfer data. The report, citing unnamed officials familiar with the program, says the program collects information from U.S. money-transfer companies including Western Union. It is carried out under the same provision of the Patriot Act that enables the National Security Agency to collect nearly all American phone records. The mass collection of financial data includes millions of Americans' financial and personal data. The CIA is barred from targeting Americans in its intelligence collection. But as a foreign-intelligence agency, it can conduct domestic operations for foreign intelligence purposes. The CIA program is meant to fill what U.S. officials see as an important gap in their ability to track terrorist financing world-wide, officials told the newspaper. Western Union said last month it would be spending about 4 percent of its revenue in 2014 on compliance with rules under the Patriot Act, the Treasury Department's Office of Foreign Assets Control and other anti-money-laundering and terrorist-financing requirements. Company spokesman Dan Díaz said that Western Union collects consumer information to comply with the Bank Secrecy Act and other laws. In doing so, the company also protect customers' privacy and works to prevent consumer fraud."
Western Union shares fall on reported CIA news
Associated Press, 15 November 2013

"Two U.S. newspapers are reporting the U.S. Central Intelligence Agency has been collecting records of international money transfers, using the same law the National Security Agency used to collect telephone and Internet records. The New York Times and The Wall Street Journal reported Friday that former and current U.S. officials, speaking anonymously, confirmed the existence of the program. The reports say the financial transactions program is covered under the Patriot Act, which was enacted after the September 11, 2001 attacks on the United States. The wire transfer company Western Union was mentioned in the Times report. Western Union did not confirm its participation in the program, saying only that it complies with federal laws, which require banks to report suspicious transactions. The Times quoted an official as saying federal law requires a tie to a terrorist organization before a search of such financial transactions can be conducted, and search results must be erased after a certain number of years. The scope of data collection undertaken by the U.S. government has begun to be revealed since former NSA contractor Edward Snowden leaked documents to the web site Wikileaks earlier this year. In the past, the Obama administration has defended the revealed programs as crucial to national security. The Times hinted in Friday's report that it has information that more such programs may come to light."
Reports: CIA Collecting International Money Transfer Records
Voice of America, 15 November 2013

".... the Church Committee .... inquiry was launched in 1974 after it was revealed US intelligence agencies had been engaged in large-scale domestic spying as well as international extrajudicial killings and assassinations. When he finished his investigation in 1975 Senator Frank Church said of the NSA, 'In the need to develop a capacity to know what potential enemies are doing, the United States government has perfected a technological capability that enables us to monitor the messages that go through the air. Now, that is necessary and important … [but] we must know, at the same time, that capability at any time could be turned around on the American people, and no American would have any privacy left, such is the capability to monitor everything - telephone conversations, telegrams, it doesn't matter. There would be no place to hide. If this government ever became a tyrant, if a dictator ever took charge in this country, the technological capacity that the intelligence community has given the government could enable it to impose total tyranny, and there would be no way to fight back because the most careful effort to combine together in resistance to the government, no matter how privately it was done, is within the reach of the government to know. Such is the capability of this technology.'''
Careful, he can hear you
Syndey Morning Herald, 2 November 2013

"An official inquiry into whether British spies were complicit in the torture and rendition of terror suspects is to recommend further investigation into what intelligence agencies told Labour ministers. A report prepared by the Gibson Inquiry, to be published next week, is understood to conclude that there is evidence that UK agents were aware that detainees were being maltreated in Pakistan, Afghanistan, Guantanamo Bay and elsewhere. While it may not contain direct criticism of Jack Straw, Foreign Secretary from 2001 to 2006, it is believed to recommend investigation of how much his office new and the extent of ministerial oversight. The government is not, however, fully committed to continued investigation of the matter...... A source familiar with the inquiry's work said the publication was likely to add to the pressure for greater scrutiny after the revelations in The Guardian newspaper by US whistleblower Edward Snowden that revealed the extent of Britain's intelligence cooperation with the US.... It is understood that the report sets out a series of questions including the extent of ministerial oversight. There is expected to be a recommendation of further investigation of why Mr Straw's office was apparently not told of operations, particularly as regards the renditions of Libyan rebels."
Spy inquiry asks whether ministers knew of torture
London Times, 14 November 2013, Print Edition, P5

"The internet backbone — the infrastructure of networks upon which internet traffic travels — went from being a passive infrastructure for communication to an active weapon for attacks. According to revelations about the QUANTUM program, the NSA can 'shoot' (their words) an exploit at any target it desires as his or her traffic passes across the backbone. It appears that the NSA and GCHQ were the first to turn the internet backbone into a weapon; absent Snowdens of their own, other countries may do the same and then say, 'It wasn’t us. And even if it was, you started it.' If the NSA can hack Petrobras, the Russians can justify attacking Exxon/Mobil. If GCHQ can hack Belgacom to enable covert wiretaps, France can do the same to AT&T. If the Canadians target the Brazilian Ministry of Mines and Energy, the Chinese can target the U.S. Department of the Interior. We now live in a world where, if we are lucky, our attackers may be every country our traffic passes through except our own. Which means the rest of us — and especially any company or individual whose operations are economically or politically significant — are now targets. All cleartext traffic is not just information being sent from sender to receiver, but is a possible attack vector. Here’s how it works. The QUANTUM codename is deliciously apt for a technique known as 'packet injection,' which spoofs or forges packets to intercept them. The NSA’s wiretaps don’t even need to be silent; they just need to send a message that arrives at the target first. It works by examining requests and injecting a forged reply that appears to come from the real recipient so the victim acts on it. In this case, packet injection is used for 'man-on-the-side' attacks — which are more failure-tolerant than man-in-the-middle attacks because they allow one to observe and add (but not also subtract, as the man-in-the-middle attacks do). That’s why these are particularly popular in censorship systems. It can’t keep up? That’s okay. Better to miss a few than to not work at all."
Our Government Has Weaponized the Internet. Here’s How They Did It
Wired, 13 November 2013

"The Home Office's head of counter-terrorism has revived his fight to secure the return of the 'snooper's charter' legislation, insisting that the government's spy listening centre GCHQ has never collected the communications data required by Britain's police and security services under the ditched bill. Charles Farr, the head of the office of security and counter-terrorism, told MPs on Tuesday he had learned new things about particular GCHQ operations from the Guardian's disclosures but not about its capabilities. He said he had seen material about the US National Security Agency that had been completely new to him but it was information he had not needed to know. He told the Commons home affairs select committee there was 'no doubt' disclosures about GCHQ's capabilities based on Edward Snowden's leaks had made them less effective but refused to provide any evidence, arguing that to do so would make a bad situation worse.... Farr told the MPs that the home secretary, Theresa May, shared his belief that the communications data bill, which would require phone and internet companies to track and store for 12 months the details of everyone's email, text, and other internet use, was essential to enable the police and security services to do their job. The bill was blocked in April by Nick Clegg who said the 'snooper's charter' legislation was not going to happen with the Liberal Democrats in government. Liberty's director, Shami Chakrabarti, claimed the Snowden material had shown 'we got taken for mugs' because the security services were 'doing this stuff anyway'. But Farr insisted this was not the case and said GCHQ's capabilities were not a substitute for the powers of the communications data bill. 'That is not the case. It's incorrect. GCHQ has never collected the data required by law enforcement … and it never would, it's never been considered,' he said. When he was pressed on this by the Lib Dem home affairs spokesman, Julian Huppert, Farr replied: 'GCHQ has never and will never collect … the communications data required by law enforcement … which we were seeking to provide for in the communications data legislation. 'Of course they do … collect communications and communications data. My point was specifically about the UK and the data we were seeking to obtain through legislation. GCHQ cannot provide that data itself.' The Snowden documents detailed how GCHQ's Tempora programme scoops up and stores for up to 30 days the personal communications data flowing out of Britain to the US computer servers of companies such Facebook, Google and Twitter. The 'snooper's charter' would require phone and internet companies to collect and store all UK communications data for 12 months for access by the police and security services. When Farr was pressed by Huppert on whether GCHQ collected the communications data when it was sent overseas he declined to answer. Huppert said after the hearing: 'It is no surprise that Charles Farr is committed to the communications data bill but it will not happen this parliament because we in the Liberal Democrats have said 'no'.' Earlier in the hearing, the government's official counter-terrorism watchdog, David Anderson QC, told the MPs he believed the debate in Britain over the NSA/GCHQ disclosures had been muted compared with many other countries because the public were proud of their security services thanks to Bletchley Park and 007. But he warned the MPs about adopting a 'zero risk mentality' in the wake of the latest disappearance of a suspect under the terrorist prevention and investigation measures, known as TPIMs, saying the only foolproof method to keep everybody safe was to lock up all suspects for ever. Britain was not that kind of country, he said."
Counter-terror chief renews fight for 'snooper's charter'
Guardian, 12 November 2013

"Controversy has broken out in Seattle over whether the city’s police department is using its Wi-Fi network to spy on anyone with a smartphone. According to Seattle TV station KIRO, the SPD’s emergency services Wi-Fi network has the ability to identify any Wi-Fi device emitting a signal within range of one of its 160 wireless access points and record its location. In reality, any Wi-Fi network can do this. I advocate consumer privacy as much as the next person, but in the world of wireless networking, complete anonymity is a luxury we don’t have. Wireless networks, by definition, don’t have the benefit of a dedicated wire through which to funnel traffic. Our devices are communicating among a miasma of signals; in order for an access point to send the right data to the right person, every device has to have a unique identifier. In Wi-Fi networks, that identity tag is known as a media access control—or MAC—address, and it is available to anyone who cares to look. When your phone’s Wi-Fi radio is turned it on, it constantly scans the unlicensed airwaves for networks as it exchanges information with access points as to what they are and whether it has permission to connect to them A network owner can record these MAC addresses, then correlate them with specific devices and thus, specific people. Because network owners know the exact location of their access points, they can track any person moving between their network nodes. Many companies and organizations are already doing this in order to mine their networks for data and to offer location-based services. Through these fleeting network handshakes, Boingo Wireless (WIFI) is able to tabulate the number of iPhones (AAPL) and iPads that fly in and out of O’Hare Airport each day. In many cases, we’re freely giving that data over our phone’s own cellular connections. Anyone who owns an Android phone or uses Google (GOOG) or hundreds of other companies’ location-based services is aggregating Wi-Fi location data. That data can be used to send ads that are eerily specific to your whereabouts. It also helps your mapping app plot its location when a GPS signal isn’t readily available. For good or bad, Wi-Fi location data is already a critical component of the mobile Internet. Our phones are very social creatures. To them, the world is one big singles bar. Every time we leave our homes, our phones virtually scream 'Here I am! Let’s hook up!' over every radio at their disposal. We can rein our phones in by turning off radios, but that seems to obviate much of the point of a smartphone. Also, the tendency in the industry is to use our radios to share more location data, not less. Increasingly Bluetooth is being used as a proximity-based location technology that can pinpoint our location in specific rooms, not just specific buildings..... if we adopt a shared-bandwidth model, we must also announce our presence to the networks that do the sharing. The question is: Should the inherent capabilities of a communications network be used to create ad hoc surveillance networks? This isn’t exactly advanced espionage here. The information the SPD can collect, if it chooses to do so, is data we are freely broadcasting. It’s the equivalent of a cop looking at license plate numbers in a parking lot. Still, there’s potential for more than just passive observation. With some coordinated effort, any Wi-Fi network can start storing those MAC addresses, effectively creating a database of every smartphone or tablet’s movements throughout a city. Sure, we’re already sharing much of this data with a dozen companies, but the privacy issue surfaces when government gets involved. The fine line between crowdsourcing and crowd surveillance is a line that shouldn’t be crossed."
Wi-Fi Networks Shouldn't Become Spy Networks
Bloomberg, 12 November 2013

"Earlier this year, The Washington Post claimed that the National Security Agency (NSA) had developed a method nine years ago to locate cellphones when they were powered down. The publication didn’t provide technical details on the software or hardware involved, leaving security researchers puzzled by the revelations. Seeking clarification on the technologies invoked, British privacy watchdog Privacy International conducted a survey of eight cellphone manufacturers in August to obtain details on how it would be possible to track a cellphone once it’s turned off. Half of the firms involved in Privacy International’s research have responded, but none of the companies have provided a clear explanation for The Washington Post’s claims. Google, one of four companies to respond, rejects the idea that it could control Android handsets that are powered down. 'When a mobile device running the Android Operating System is powered off, there is no part of the Operating System that remains on or emits a signal,' explains a Google spokesperson to Privacy International. 'Google has no way to turn on a device remotely.' Similarly, Samsung seems unaware of how an NSA process could track cellphones that are not powered on. 'Without the power source it is not possible to transmit any signal, due to the components being inactive,' says Samsung vice president Hyunjoon Kim. Could malware be key to the alleged tracking? Nokia is equally clueless over the claims. 'We are not aware of any way they [radio transceivers] could be reactivated until the user switches the device on again,' says Nokia’s chief ethics and compliance officer Chad Fentress. Nokia also claims its devices are designed so that radio transceivers 'should be powered off' once a handset is switched off. Conversely, Ericsson explains that while, generally, its handsets do not transmit signals or identify themselves while they’re powered off, the tracking might be possible using malware. 'There could, however, be potential risks that once the phone runs there could be means to construct malicious applications that can exploit the phone,' says Elaine Weidman Grunewald, an Ericsson vice president. Ars Technica reports that Samsung’s response also includes a mention of 'spyware which mimics the status of the battery being fully drained.' Malware controlling modern handsets certainly isn’t unheard of, but it invites questions over how such complex software could be installed on handsets nearly 10 years ago. Privacy International is still awaiting comment from Apple, BlackBerry, HTC, and Microsoft, but the current responses provide little technical explanation on the claims."
Nokia and Samsung say they can’t track powered-down phones despite NSA claims
The Verge, 12 November 2013

"Recent disclosures of the NSA's widespread dragnet program coupled with its frequent targeting of journalists are having a 'chilling effect' on American writers, stifling their freedom of expression at great detriment to society, says a new report Chilling Effects: NSA Surveillance Drives U.S. Writers to Self Censor...... Journalists and nonfiction writers responding to the poll were overwhelmingly concerned over how best to protect their sources in this new climate of repressed press freedoms. Eighty-one percent of writers surveyed said they are 'very concerned about government efforts to compel journalists to reveal sources of classified information, and another 15% are somewhat concerned.' 'The NSA’s surveillance will damage the ability of the press to report on the important issues of our time,' note the report authors, 'if journalists refrain from contacting sources for fear that their sources will be found out and harmed, or if sources conclude that they cannot safely speak to journalists and thus stay silent.' As a craft, writing demands extensive research into any number of topics. What the survey found was that disclosures of NSA spying, revealed by whistleblower Edward Snowden, have caused the respondents to shy away from speaking or writing about certain subjects, pursuing research about certain subjects, or communicating with sources abroad. The report notes, 'writers reported self-censoring on subjects including military affairs, the Middle East North Africa region, mass incarceration, drug policies, p**n*graphy, the Occupy movement, the study of certain languages, and criticism of the U.S. government.' Further, many writers said they 'assume that their communications are being monitored,' and have thus changed their behavior in many ways which, according to the authors, 'curtail their freedom of expression and restrict the free flow of information.'"
Scared Silent: NSA Surveillance has 'Chilling Effect' on American Writers
Common Dreams, 12 November 2013

"In the first likely structural reform of the National Security Agency since the Guardian began publishing Edward Snowden’s revelations, the Obama administration is giving strong consideration to appointing a civilian to run the surveillance apparatus and splitting it from the military command that has been its institutional twin since 2010. But skeptics say those plans appear more cosmetic than substantive, leaving alone the central questions of bulk surveillance and potentially leaving the military with diminished capacity to safeguard its data from foreign attacks. General Keith Alexander is scheduled to retire from the agency in the spring of 2014. The White House is reportedly compiling a list of civilians to replace the embattled director, giving a new and potentially reassuring face to a surveillance agency now infamous for bulk spying."
White House considers appointing civilian NSA chief amid calls for reform
Guardian, 11 November 2013

"America's NSA and Britain's GCHQ are both spying on the OPEC oil cartel, documents from whistleblower Edward Snowden reveal. The security of the global energy supply is one of the most important issues for the intelligence agencies. Documents disclosed by whistleblower Edward Snowden reveal that both America's National Security Agency (NSA) and Britain's Government Communications Headquarters (GCHQ) have infiltrated the computer network of the the Organization of the Petroleum Exporting Countries (OPEC). In January 2008, the NSA department in charge of energy issues reported it had accomplished its mission. Intelligence information about individual petroleum-exporting countries had existed before then, but now the NSA had managed, for the first time, to infiltrate OPEC in its entirety. OPEC, founded in 1960, has its headquarters in a box-like building in Vienna. Its main objective is to control the global oil market, and to keep prices high. The 12 member states include Saudi Arabia, Venezuela, Iran and Iraq. When the NSA used the Internet to infiltrate OPEC's computers, its analysts discovered an internal study in the OPEC Research Division. It stated that OPEC officials were trying to cast the blame for high oil prices on speculators. A look at files in the OPEC legal department revealed how the organization was preparing itself for an antitrust suit in the United States. And a review of the section reserved for the OPEC secretary general documented that the Saudis were using underhanded tactics, even within the organization. According to the NSA analysts, Riyadh had tried to keep an increase in oil production a secret for as long as possible. Saudi Arabia's OPEC governor is also on the list of individuals targeted for surveillance, for which the NSA had secured approval from the secret Foreign Intelligence Surveillance Court. The documents show how careful the Americans were to suspend their surveillance when the Saudi visited the United States. But as soon as he had returned to Riyadh, the NSA analysts began infiltrating his communications once again. According to a 2010 report, one of the analysts' conclusions was that the Saudis had released incorrect oil production figures. The typical 'customers' for such information were the CIA, the US State Department and the Department of Energy, which promptly praised the NSA for confirming what it had suspected for years. The British, who also targeted OPEC's Vienna headquarters, were at least as successful as the NSA. A secret GCHQ document dating from 2010 states that the agency had traditionally had 'poor access' to OPEC. But that year, after a long period of meticulous work, it had managed to infiltrate the computers of nine OPEC employees by using the 'Quantum Insert' method, which then creates a gateway to gain access into OPEC's computer system. GCHQ analysts were even able to acquire administrator privileges for the OPEC network and gain access to two secret servers containing 'many documents of interest.' OPEC appears in the 'National Intelligence Priorities Framework,' which the White House issues to the US intelligence community. Although the organization is still listed as an intelligence target in the April 2013 list, it is no longer a high-priority target. Now that the United States is less dependent on Saudi petroleum, thanks to fracking and new oil discoveries, the fact that OPEC is not identified as a top priority anymore indicates that interest in the organization has declined."
Oil Espionage: How the NSA and GCHQ Spied on OPEC
Der Spiegel, 11 November 2013

"I can believe Sawers [head of MI6] when he declared that Greenwald's activities had 'put our operations at risk ... al-Qaeda is lapping it up'. But without giving a single concrete example, this comes across as bluster. It is not the The Guardian that should be the target of his fury - and he knows it. The disaster was waiting to happen, the inevitable result of America giving hundreds of thousands of people - including private contractors to the NSA such as Snowden - access to the most sensitive material. .... my sympathies are with those British officials who concede - though not in an open hearing - that they are now in the dreadful position of being unable to trust the Americans to keep a single secret, while still having no choice but to stick to the policy of complete integration of the two nation's electronic eavesdropping. ... To the deep and obvious irritation of The Guardian, there is little public concern at the epic scale and scope of data capture revealed by Snowden. This is the legacy of that mass slaughter in central London eight years ago. If there were another such attack, undetected by our intelligence services, the guaranteed result is that the public would rage not just at the perpetrators, but also at what would be described as an abject failure of the security services. The press would be the first to ask the awkward question: why did our guardians let us down."
Dominic Lawson - The prying state isn't the problem - it's us casual with our privacy
Sunday Times, 11 November 2013, Print Edition, P32

"The biggest lie of the internet age is: 'I have read and understood all the terms and conditions.' In the case of Facebook's billion or so members, this involves granting it a licence to use your content in any way it sees fit and to transfer or sub-licence its rights over users' content to any other company. Or to quote those rarely-read terms and conditions, you, with less foresight than Faust, 'grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide licence to use any IP content that you post on or in connection with Facebook.'"
Dominic Lawson - The prying state isn't the problem - it's us casual with our privacy
Sunday Times, 11 November 2013, Print Edition, P32

"A former cabinet minister has said that politicians did have a 'broad understanding' of British spies' massive snooping operations before they were revealed in the Edward Snowden leaks. Hazel Blears made the claim after a Commons committee - which she sits on - questioned spy chiefs over the legality of their methods. The heads of MI5, MI6 and GCHQ all robustly defended their agencies, and told the Intelligence and Security Committee that the revelations has undermined their fight against terrorism. Later that day, Ms Blears, a former Home Office minister, told BBC Newsnight that the ISC did have a 'broad understanding' of what GCHQ's capabilities were. Former cabinet member Chris Huhne wrote in The Guardian last month that ministers were in 'utter ignorance' of the two biggest covert data-gathering operations, Tempora and Prism. He made no specific mention of the committee. Ms Blears said: 'We didn't know the names of these projects, and I'm sure the exact same situation applies in America. But in terms of broad capabilities, yes we did. We have been looking at them now for several years, we have been on several visits to GCHQ, we've had very, very confidential briefings about what the capabilities were and obviously we were satisfied that they were operating within our legal framework. They can collect that information but in order to go further and look at content or data they then have to have a target set of people of interest so the rest of the population are not people of interest."
Hazel Blears says security committee did know the scope of GCHQ snooping
Independent, 8 November 2013

"Britain's three senior spy chiefs came into the public glare for the first time to claim that leaks by the former NSA analyst Edward Snowden were being 'lapped up' by the country's adversaries, but also to concede that the disclosures had prompted discussion with the government over how to be more transparent about their methods. Despite an often gentle first public cross-examination of the heads of MI5, MI6 and GCHQ, some members of the intelligence and security committee, including the former head of the civil service Lord Butler, expressed their concern at the legal oversight of the intelligence agencies..... the GCHQ boss said there were some people who would be monitored, and it was the job of the intelligence agency to monitor 'a terrorist, a serious criminal, a proliferator, a target or if your activities pose a genuine threat to the national or economic security of the UK'."
NSA leaks: UK's enemies are 'rubbing their hands with glee', says MI6 chief
Guardian, 8 November 2013

"To call it a grilling would be unfair to fried fish. It was a soft-centre velvet-glove exchange between decent establishment chaps which only confirmed just how feeble and inadequate the present system of so-called oversight of the security services really is. It is incredible that not once in the whole 90-minute encounter was the word Tempora mentioned, even though the hoovering up of unimaginable amounts of internet traffic from the transatlantic under-sea cables by GCHQ is at the heart of public concerns about the biggest potential breach in personal privacy in history. Worse, none of the three heads of MI5, MI6 or GCHQ showed any awareness that the public are right to be worried about how such a powerful capability might be used, or that the deployment of such a capacity beyond the scope of any existing law might show that the spymasters were simply out of control. Why were neither the ISC nor the cabinet nor the National Security Council never let into the secret about Tempora, which we would still know nothing about were it not for Snowden’s revelations? .... The idea that such pussyfooting around in front of the cameras constitutes scrutiny is risible. Until a proper committee of inquiry is set up that is external and independent, chaired by a senior judge, and with membership and terms of reference approved by parliament (not simply appointed by the PM), the public unrest about Britain’s security services operating out of control will not subside."
Farcical ‘grilling’ of spooks before ISC proves urgent need for external independent committee of inquiry
Michael Meacher MP » Blog Archive » 8 November 2013

"Former U.S. National Security Agency contractor Edward Snowden used login credentials and passwords provided unwittingly by colleagues at a spy base in Hawaii to access some of the classified material he leaked to the media, sources said. A handful of agency employees who gave their login details to Snowden were identified, questioned and removed from their assignments, said a source close to several U.S. government investigations into the damage caused by the leaks. Snowden may have persuaded between 20 and 25 fellow workers at the NSA regional operations center in Hawaii to give him their logins and passwords by telling them they were needed for him to do his job as a computer systems administrator, a second source said. The revelation is the latest to indicate that inadequate security measures at the NSA played a significant role in the worst breach of classified data in the super-secret eavesdropping agency's 61-year history."
Snowden persuaded other NSA workers to give up passwords - sources
Reuters, 7 November 2013

"The former legal chief of MI5 and MI6 told a hearing at the European parliament that Britain should adopt a French model of judicial oversight of the intelligence agencies to limit abuse.... But he said the British system, in which government ministers authorise covert surveillance operations and MPs look into cases of abuse 'ex post facto' is 'not adequate,' however. The French model, in which a judge weighs up national security needs against people's rights 'at the coalface' of individual operations is the best compromise, he said. The system 'allows intelligence agencies to do their work while limiting the margins for abuse', Bickford said."
Ex-MI5 and MI6 legal chief says UK should adopt French oversight model
Guardian, 7 November 2013

"The inventor of the world wide web criticises spy agencies for breaching privacy and calls for a 'full and frank public debate' about the scale and scope of state surveillance. Sir Tim Berners-Lee said that the checks and balances put in place to oversee the agencies had failed, and accused the security agencies of weakening online security. He told the Guardian: 'Whistleblowers, and responsible media outlets that work with them, play an important role. 'We need powerful agencies to combat criminal activity online - but any powerful agency needs checks and balances, and based on recent revelations it seems the current system of checks and balances has failed.' He added: 'Here is where whistleblowing and responsible reporting can step in to protect society's interests.' Calling for an international system to protect whistleblowers such as Edward Snowden, he said: 'Civilisation has to a certain extent depended on whistleblowers, and therefore you have to protect them.' Sir Tim said that while he had anticipated many of the surveillance activities that have been exposed, he 'didn't realise it would be so big'. He criticised GCHQ and America's National Security Agency (NSA) for cracking online encryption which protects millions of users' data, saying it would weaken online security and benefit criminal gangs and hostile states. His comments come as A group of MPs call on the Guardian to take responsibility for the security implications of reporting information leaked by former US intelligence operative Mr Snowden."
Tim Berners-Lee: spy agencies 'failed checks and balances'
Channel 4 News, 7 November 2013

"As the director of the World Wide Web Consortium (W3C) that seeks to forward global standards for the web, Berners-Lee is a leading authority on the power and the vulnerabilities of the internet. He said the Guardian's coverage of the Snowden leaks had to be seen within the context of the failure of oversight of GCHQ's and the NSA's surveillance activities. 'Here is where whistleblowing and responsible reporting can step in to protect society's interests. It seems clear that the Guardian's reporting around the scale and scope of state surveillance has been in the public interest and has uncovered many important issues which now need a full and frank public debate.'.... The scientist, who was honoured in the opening ceremony of the London Olympics, reserved his harshest words for GCHQ and the NSA's undermining of the protection afforded by encryption, which he said would benefit organised criminal hacker gangs and hostile states. 'In a totalitarian state where it reckoned it was the only strong state in the world, I can imagine that being a reasonable plan. But in this situation, internet security is hard. It's naïve to imagine that if you introduce a weakness into a system you will be the only one to use it.' He also criticised the cracking of encryption on ethical grounds: 'Any democratic country has to take the high road; it has to live by its principles. I'm very sympathetic to attempts to increase security against organised crime, but you have to distinguish yourself from the criminal.' Berners-Lee said that the series of Snowden disclosures revealed a failure at the heart of oversight in both the US and UK governments, which he called 'dysfunctional and unaccountable'. The leaked documents raised the question: who guards the guards themselves? In practice, he said, the only practical answer to that question was the whistleblowers. He called for the introduction of an international system of protection for whistleblowers such as Snowden, who has taken a year's temporary refuge in Russia. The Obama administration has pursued official leakers heavily, launching eight prosecutions under the 1917 Espionage Act including that of Snowden himself – more than twice the total number under all previous presidents. 'Civilisation has to a certain extent depended on whistleblowers, and therefore you have to protect them,' Berners-Lee said."
Tim Berners-Lee: encryption cracking by spy agencies 'appalling and foolish'
Guardian, 7 November 2013

"A British engineer who works on anti-hacking systems at Google has furiously accused the UK and US spying agencies of 'industrial scale subversion of the judicial process' by tapping the company's internal networks. Mike Hearn, who says he worked for two years on the networks that replicate Google data between its different computing centres, says that 'GCHQ [the British surveillance centre] turns out to be even worse than the NSA [the US National Security Agency]'. .... His complaint follows the revelation by the Washington Post of slides leaked by Edward Snowden which show that GCHQ tapped the private networks between Google's centres in order to monitor traffic. Hearn, a senior engineer at Google since 2010, complains that 'nobody at GCHQ or the NSA will ever stand before a judge and answer for this industrial-scale subversion of the judicial process'. The Washington Post slides show that GCHQ has been tapping into private optic fibre cables, which Google leases from Level 3 Communications to coordinate its data stores between Finland, Dublin and Belgium, in order to monitor traffic and extract data. Hearn says that one of the slides 'shows a database recording a user login as part of this [anti-hacking] system' – itself prima facie evidence that the tapping occurred. While Google has declined to comment publicly on the revelation, Hearn's post has been widely circulated by other staff at Google, suggesting a groundswell of anger inside the company over the actions of GCHQ and the NSA. 'We designed this system to keep criminals out. There's no ambiguity here,' Hearn wrote on his personal Google+ page. He added that the warrant system, with monitoring allowed through judges, 'represents as good a balance as we've got between the need to restrain the state and the need to keep crime in check. Bypassing that system is illegal for a good reason."
Google engineer accuses NSA and GCHQ of subverting 'judicial process'
Guardian, 6 November 2013

"Former US vice-president Al Gore has described the activities of the National Security Agency as 'outrageous' and 'completely unacceptable' and said whistleblower Edward Snowden has 'revealed evidence' of crimes against the US constitution. Gore, speaking Tuesday night at McGill University in Montreal, said he was in favour of using surveillance to ensure national security, but Snowden's revelations showed that those measures had gone too far. 'I say that as someone who was a member of the National Security Council working in the White House and getting daily briefings from the CIA,' Gore said, in comments reported by the Canadian Press. Gore had previously said he believed the practice of the NSA collecting US citizens phone records was unlawful and 'not really the American way', but his comments on Tuesday represent his strongest criticism yet. Asked about Snowden, the NSA whistleblower whose revelations have been reported extensively by the Guardian, Gore said the leaks had revealed uncovered unconstitutional practices. 'He has revealed evidence of what appears to be crimes against the Constitution of the United States,' Gore said."
Al Gore: Snowden 'revealed evidence' of crimes against US constitution
Guardian, 6 November 2013

"Apple has joined the likes of Facebook and Google by releasing figures showing how many times governments around the world have requested personal information about its customers. From 1 January to 30 June this year there were almost 3,000 data requests made from 31 countries - with the U.S and UK topping the list. Apple said the most common requests related to ‘robberies and other crimes’, requests from law enforcement agencies searching for missing people or hoping to prevent a suicide, and data about the owners of lost or stolen phones.... The U.S has forbidden Apple from declaring exact figures, but the California-based tech giant said it received between 1,000 and 2,000 requests from law enforcements across various states. It granted between zero and 1,000 of these requests. The UK made 127 requests for personal information concerning a total of 141 accounts. Only 37 per cent of these were granted. Third place went to Spain with 102 requests made about 104 accounts, with 22 per cent of these granted. Surprisingly, Germany – renowned for its strong stance on privacy – was in fourth place asking for information about 93 accounts and receiving data on six per cent."
Revealed: Apple lists the governments that request the most personal information about its customers - and the U.S and UK top the list
Mail, 6 November 2013

"Germany’s Foreign Ministry said today it had asked the British ambassador to come and discuss a report that Britain was operating a covert spying station in Berlin using hi-tech equipment housed on the embassy roof. 'At the instigation of Foreign Minister (Guido) Westerwelle, the British ambassador was asked to come for a talk at the Foreign Ministry,' the ministry said in a statement. 'The director of the European department asked for an explanation of current reports in British media and indicated that tapping communications from a diplomatic mission would be a violation of international law.' The move comes after documents leaked by former US National Security Agency contractor Edward Snowden show Britain’s surveillance agency is operating a network of 'electronic spy posts' from within a stone’s throw of the Bundestag and German chancellor’s office. The documents, in conjunction with aerial photographs and information about past spying activities in Germany, suggest that Britain is operating its own covert listening station close to the German parliament, and Chancellor Angela Merkel’s offices in the Chancellery, using hi-tech equipment housed on the embassy roof, according to the Independent newspaper in Britain."
British ambassador summoned over alleged spy posts in Berlin
Irish Times, 5 November 2013

"The British ambassador in Berlin was called in for a meeting at the German foreign ministry on Tuesday to explain allegations that Britain had been using its embassy to carry out covert electronic surveillance on Angela Merkel's government. The meeting marked the latest fallout from the revelations of US and British espionage leaked by the former NSA contractor, Edward Snowden, and followed a report in the Independent about a covert listening post at the British embassy on Wilhelmstrasse, which the paper claimed to be based in part on the Snowden files. If the report is confirmed, it could worsen British-German relations, which are already strained by a growing German sense that it has been marginalised by a global electronic espionage network led by the US and UK and confined to English-speaking states."
Germany calls in UK ambassador over spy claims
Guardian, 5 November 2013

"New Zealand's parliament has narrowly passed new legislation compelling telecommunication companies to allow the intelligence agencies to access customers' emails, texts and phone calls. Under the telecommunications interceptions and security capability bill, firms must also consult with the electronic eavesdropping agency, the Government Communications Security Bureau, (GCSB), when developing new infrastructure and networks, and allow interception equipment to be installed on their networks. The law, which passed by 61 votes to 59, would give GCSB powers similar to Britain's Government Communications Headquarters (GCHQ) and the US National Security Agency (NSA). Along with the Australian and Canadian intelligence agencies, GCSB shares large amounts of data with its US and UK counterparts through the 'Five Eyes' electronic espionage alliance."
New Zealand approves email and phone-snooping law
Guardian, 5 November 2013

"Britain's intelligence laws need to be urgently reviewed to keep up with new technologies and provide a stronger framework for spy agencies, which can 'get carried away' unless they are kept in check, the former Labour home secretary David Blunkett has said. Calling for a commission to address the issue, Blunkett said governments were put under enormous pressure by the secret services – and he had learned to treat some of their demands with healthy scepticism. In an interview with the Guardian, he said it was human nature for the agencies and the police to push the boundaries, and that meant laws could be used in a way parliament never intended. 'Human nature is you get carried away, so we have to protect ourselves from ourselves,' he said. 'In government you are pressed by the security agencies. They come to you with very good information and they say 'you need to do something'. So you do need the breath of scepticism, not cynicism, breathing on them. You need to be able to take a step back. If you don't have this, you can find yourself being propelled in a particular direction..... Blunkett's remarks are particularly striking because he was regarded as a hardline home secretary and once described concerns about human rights as 'airy-fairy'. He was appointed home secretary months before 9/11 and tried to bring in new anti-terrorism measures, including the detention without trial of suspect foreign nationals who could not be extradited or deported. He was also responsible for reviewing the early use of a key piece of anti-terror legislation, the Regulation of Investigatory Powers Act 2000 (Ripa), which has provided the legal underpinning for some of GCHQ's mass-surveillance programmes revealed by the whistleblower Edward Snowden. The Labour heavyweight now concedes that Ripa is a problem law that was introduced by his predecessor, Jack Straw, 'to provide a framework for what was a free-for-all in a growing but little understood area'. But Blunkett said the law's limitations were quickly exposed because technology moved so fast. 'We were moving into an entirely new era. We were at the very start of understanding what we were dealing with, and understanding the potential. You have to have constant vigilance and return to these issues on a regular basis because the world changes and you should be prepared to change with it. I think Ripa needs trimming back. It is being used for things for which it was never intended.' The Guardian has revealed that GCHQ relies on Ripa to provide the legal cover for programmes such as Tempora, which taps undersea cables that carry internet traffic in and out of the country.'"
David Blunkett calls for urgent review of laws governing security services
Guardian, 4 November 2013

"Seventy of the world's leading human rights organisations have written to David Cameron to warn that the government's reaction to the mass surveillance revealed by Edward Snowden is leading to an erosion of fundamental rights and freedoms in the UK. The coalition, which includes organisations from 40 countries, said it had become increasingly alarmed at the way the UK government has applied pressure on media groups covering the leaks and its use of national security concerns to close down important public interest debates. 'We have joined together as an international coalition because we believe that the United Kingdom government's response to the revelations of mass surveillance of digital communications is eroding fundamental human rights in the country,' the letter states. 'The government's response has been to condemn, rather than celebrate investigative journalism, which plays a crucial role in a healthy democratic society.' The intervention comes five months after the Guardian, and major media organisations in other countries, including the New York Times and the Washington Post, began disclosing details of the extent and reach of secret surveillance programmes run by Britain's eavesdropping centre, GCHQ, and its US counterpart, the National Security Agency. The revelations – now appearing in European media outlets – have sparked a huge debate on the scale and oversight of surveillance by the US and UK intelligence agencies."
UK government reaction to NSA leaks eroding freedom, rights groups warn
Guardian, 3 November 2013

"An increasing number of public figures are calling for Edward Snowden to be offered asylum in Germany, with more than 50 asking Berlin to step up it support of the US whistleblower in the new edition of Der Spiegel magazine. Heiner Geissler, the former general secretary of Angela Merkel's Christian Democrats, says in the appeal: 'Snowden has done the western world a great service. It is now up to us to help him.' The writer and public intellectual Hans Magnus Enzensberger argues in his contribution that 'the American dream is turning into a nightmare' and suggests that Norway would be best placed to offer Snowden refuge, given its track record of offering political asylum to Leon Trotsky in 1935. He bemoans the fact that in Britain, 'which has become a US colony', Snowden is regarded as a traitor. Other public figures on the list include the actor Daniel Brühl, the novelist Daniel Kehlmann, the entrepreneur Dirk Rossmann, the feminist activist Alice Schwarzer and the German football league president, Reinhard Rauball. The weekly news magazine also publishes a 'manifesto for truth', written by Snowden, in which the former NSA employee warns of the danger of spy agencies setting the political agenda. At the beginning, some of the governments who were exposed by the revelations of mass surveillance initiated an unprecedented smear campaign. They intimidated journalists and criminalised the publication of the truth. Today we know that this was a mistake, and that such behaviour is not in the public interest. The debate they tried to stop is now taking place all over the world', Snowden writes in the short comment piece sent to Der Spiegel via an encrypted channel."
Germany 'should offer Edward Snowden asylum after NSA revelations'
Guardian, 3 November 2013

"Barack Obama hailed United Nations secretary general Ban Ki-moon as a 'good friend' after the two had sat down in the White House in April to discuss the issues of the day: Syria and alleged chemical weapons attacks, North Korea, Israel-Palestine, and climate change. But long before Ban's limousine had even passed through the White House gates for the meeting, the US government knew what the secretary general was going to talk about, courtesy of the world's biggest eavesdropping organisation, the National Security Agency. One NSA document – leaked to the Guardian by whistleblower Edward Snowden just a month after the meeting and reported in partnership with the New York Times - boasts how the spy agency had gained 'access to UN secretary general talking points prior to meeting with Potus' (president of the United States). The White House declined to comment on whether Obama had read the talking points in advance of the meeting. Spying on Ban and others at the UN is in contravention of international law, and the US, forced on the defensive this week over the Snowden leaks about worldwide snooping, ordered an end to surveillance of the organization, according to Reuters. That the US spied on Ban is no great surprise. What is a revealing is that the disclosure is listed in the NSA's 'top-secret' weekly report from around the world as an 'operational highlight'.... It is indiscriminate in the information it is collecting. Nothing appears to be too small for the NSA. Nothing too trivial. Rivals, enemies, allies and friends – US citizens and 'non-Americans' – are all scooped up. The documents show the NSA, intent on exploiting the communications revolution to the full, developing ever more intrusive programmes in pursuit of its ambition to have surveillance cover of the whole planet: total command of what the NSA refers to as the 'digital battlefield'.... The question critics of the NSA raise is: just because it has the technical ability to do these things, should it? One document shows the NSA engaged in a massive snooping operation targeting a United Nations climate change conference in Bali in 2007. Ban, speaking at the conference, which attracted thousands from around the world, described combating climate change as 'the moral challenge of our generation'. However, the NSA's Australian base at Pine Gap was less interested in combating climate change than collecting the numbers of Indonesian security officials in case of a future emergency. 'Highlights include the compromise of the mobile phone number' for one senior Balinese official, an NSA report boasted. 'Site efforts revealed previously unknown Indonesian communications networks and postured us to increase collection in the event of a crisis.' This effort-filled collection of the cell phone number falls under the category of information that spies have always gathered. The rationale is: should there be an attack at the conference or some future outrage, such numbers could be valuable. The counter-argument is that Indonesia is a friend of the US and might be expected to share information in the event of an attack, so why does the NSA devote grand resources to harvesting such numbers?.... The NSA's closest ties are with the GCHQ. Documents suggest the British contribution is significant. In a random selection of NSA documents monitoring weekly reports, the British agency is frequently listed alongside the US agency's biggest regional bases such as Texas and Georgia. GCHQ operates a vast internet tapping operation based on partnerships between the UK government and telecoms companies based in the UK and overseas. This allows the NSA to 'touch' about 90% of the traffic crossing the UK. Given the UK's location, this is a huge proportion of the internet: the UK hosts one of the major transatlantic internet cables, as well as numerous cables connecting Europe and the Middle East. Each day, a quarter of all internet traffic traverses the UK. The information collected and stored by the programme, codenamed Tempora, is stored by GCHQ for up to a month, with NSA analysts granted direct access to the intelligence. The NSA – in theory at least – operates inside a legal framework that requires warrants to target Americans. But the Fisa court turns down few such requests. GCHQ operates in an even looser environment. One GCHQ document, referring to UK oversight, says: So far they have always found in our favour.' A GCHQ legal briefing suggests some of the distinctions stressed in policy documents and public statements by staff of both agencies may not be so rigorously enforced in practice. A lengthy legal training slideshow includes several slides explaining the often-complex differences between content and metadata, which requires substantially different handling, especially under US law. However, the notes for the presentation say: 'GCHQ policy is to treat it pretty much all the same, whether it's content or metadata.'"
Portrait of the NSA: no detail too small in quest for total surveillance
Observer, 2 November 2013

"When Ban Ki-moon, the United Nations secretary general, sat down with President Obama at the White House in April to discuss Syrian chemical weapons, Israeli-Palestinian peace talks and climate change, it was a cordial, routine exchange. The National Security Agency nonetheless went to work in advance and intercepted Mr. Ban’s talking points for the meeting, a feat the agency later reported as an 'operational highlight' in a weekly internal brag sheet. It is hard to imagine what edge this could have given Mr. Obama in a friendly chat, if he even saw the N.S.A.’s modest scoop. (The White House won’t say.) But it was emblematic of an agency that for decades has operated on the principle that any eavesdropping that can be done on a foreign target of any conceivable interest — now or in the future — should be done. After all, American intelligence officials reasoned, who’s going to find out? From thousands of classified documents, the National Security Agency emerges as an electronic omnivore of staggering capabilities, eavesdropping and hacking its way around the world to strip governments and other targets of their secrets, all the while enforcing the utmost secrecy about its own operations. It spies routinely on friends as well as foes, as has become obvious in recent weeks; the agency’s official mission list includes using its surveillance powers to achieve 'diplomatic advantage' over such allies as France and Germany and 'economic advantage' over Japan and Brazil, among other countries. Mr. Obama found himself in September standing uncomfortably beside the president of Brazil, Dilma Rousseff, who was furious at being named as a target of N.S.A. eavesdropping. Since then, there has been a parade of such protests, from the European Union, Mexico, France, Germany and Spain. Chagrined American officials joke that soon there will be complaints from foreign leaders feeling slighted because the agency had not targeted them. James R. Clapper Jr., the director of national intelligence, has repeatedly dismissed such objections as brazen hypocrisy from countries that do their own share of spying. But in a recent interview, he acknowledged that the scale of eavesdropping by the N.S.A., with 35,000 workers and $10.8 billion a year, sets it apart. 'There’s no question that from a capability standpoint we probably dwarf everybody on the planet, just about, with perhaps the exception of Russia and China,' he said. Since Edward J. Snowden began releasing the agency’s documents in June, the unrelenting stream of disclosures has opened the most extended debate on the agency’s mission since its creation in 1952.... Matthew M. Aid, an intelligence historian and author of a 2009 book on the N.S.A., said there is no precedent for the hostile questions coming at the agency from all directions. 'From N.S.A.’s point of view, it’s a disaster,' Mr. Aid said. 'Every new disclosure reinforces the notion that the agency needs to be reined in. There are political consequences, and there will be operational consequences.' A review of classified agency documents obtained by Mr. Snowden and shared with The New York Times by The Guardian, offers a rich sampling of the agency’s global operations and culture. (At the agency’s request, The Times is withholding some details that officials said could compromise intelligence operations.) The N.S.A. seems to be listening everywhere in the world, gathering every stray electron that might add, however minutely, to the United States government’s knowledge of the world. To some Americans, that may be a comfort. To others, and to people overseas, that may suggest an agency out of control....the N.S.A., born when the long-distance call was a bit exotic, has seen its potential targets explode in number with the advent of personal computers, the Internet and cellphones. Today’s N.S.A. is the Amazon of intelligence agencies, as different from the 1950s agency as that online behemoth is from a mom-and-pop bookstore. It sucks the contents from fiber-optic cables, sits on telephone switches and Internet hubs, digitally burglarizes laptops and plants bugs on smartphones around the globe. Mr. Obama and top intelligence officials have defended the agency’s role in preventing terrorist attacks. But as the documents make clear, the focus on counterterrorism is a misleadingly narrow sales pitch for an agency with an almost unlimited agenda. Its scale and aggressiveness are breathtaking. The agency’s Dishfire database — nothing happens without a code word at the N.S.A. — stores years of text messages from around the world, just in case. Its Tracfin collection accumulates gigabytes of credit card purchases.... even that vast American-run web is only part of the story. For decades, the N.S.A. has shared eavesdropping duties with the rest of the so-called Five Eyes, the Sigint agencies of Britain, Canada, Australia and New Zealand. More limited cooperation occurs with many more countries, including formal arrangements called Nine Eyes and 14 Eyes and Nacsi, an alliance of the agencies of 26 NATO countries. The extent of Sigint sharing can be surprising: 'N.S.A. may pursue a relationship with Vietnam,' one 2009 G.C.H.Q. document reported. But a recent G.C.H.Q. training document suggests that not everything is shared, even between the United States and Britain. 'Economic well-being reporting,' it says, referring to intelligence gathered to aid the British economy, 'cannot be shared with any foreign partner.' ... The alliances, and the need for stealth, can get complicated. At one highly valued overseas listening post, the very presence of American N.S.A. personnel violates a treaty agreed to by the agency’s foreign host. Even though much of the eavesdropping is run remotely from N.S.A.’s base at Fort Gordon, Ga., Americans who visit the site must pose as contractors, carry fake business cards and are warned: 'Don’t dress as typical Americans.' 'Know your cover legend,' a PowerPoint security briefing admonishes the N.S.A. staff members headed to the overseas station, directing them to 'sanitize personal effects,' send no postcards home and buy no identifiably local souvenirs.... American and British [government] eavesdroppers exchange the peculiar shoptalk of the secret world. 'I don’t normally use Heretic to scan the fax traffic, I use Nucleon,' one user writes, describing technical tools for searching intercepted documents. .... sometimes the agency’s expensive and expansive efforts accomplish little. Despite the agency’s embrace of corporate jargon on goal-setting and evaluation, it operates without public oversight in an arena in which achievements are hard to measure. .... William E. Binney, a former senior N.S.A. official who has become an outspoken critic, says he has no problem with spying on foreign targets like Brazil’s president or the German chancellor, Angela Merkel. 'That’s pretty much what every government does,' he said. 'It’s the foundation of diplomacy.' But Mr. Binney said that without new leadership, new laws and top-to-bottom reform, the agency will represent a threat of 'turnkey totalitarianism' — the capability to turn its awesome power, now directed mainly against other countries, on the American public. 'I think it’s already starting to happen,' he said. 'That’s what we have to stop.' "
No Morsel Too Minuscule for All-Consuming N.S.A.
New York Times, 2 November 2013

"British authorities claimed the domestic partner of reporter Glenn Greenwald was involved in 'terrorism' when he tried to carry documents from former U.S. intelligence contractor Edward Snowden through a London airport in August, according to police and intelligence documents. Greenwald's partner, David Miranda, was detained and questioned for nine hours by British authorities at Heathrow on August 18, when he landed there from Berlin to change planes for a flight to Rio De Janeiro, Brazil. After his release and return to Rio, Miranda filed a legal action against the British government, seeking the return of materials seized from him by British authorities and a judicial review of the legality of his detention. At a London court hearing this week for Miranda's lawsuit, a document called a 'Ports Circulation Sheet' was read into the record. It was prepared by Scotland Yard - in consultation with the MI5 counterintelligence agency - and circulated to British border posts before Miranda's arrival. The precise date of the document is unclear. 'Intelligence indicates that Miranda is likely to be involved in espionage activity which has the potential to act against the interests of UK national security," according to the document. 'We assess that Miranda is knowingly carrying material the release of which would endanger people's lives,' the document continued. 'Additionally the disclosure, or threat of disclosure, is designed to influence a government and is made for the purpose of promoting a political or ideological cause. This therefore falls within the definition of terrorism..."
UK: Snowden reporter's partner involved in 'espionage' and 'terrorism'
Reuters, 1 November 2013

"Former Secret Service agent Dan Bongino, who is running for Congress in Maryland, appeared on the Glenn Beck Program Thursday to discuss why he chose to run for elected office. 'We’re at a very dangerous point, Glenn,' Bongino began. 'We’re in a lot of trouble. The president sees government — and I think it’s because of his lack of experience, and maybe community organizing in the past — as like this shiny new toy. And for all the disagreements I had with Clinton, Carter, and Bush, there were always limits. There was that line you just didn’t cross — we cross that seemingly every day…'... Beck and Bongino also spoke about the NSA and the U.S. government’s domestic surveillance programs. 'You give the government information, it will be abused,' Bongino warned flatly. 'It is not a matter of if it will be abused, it’s only a matter of when.' He added that while most will say 'I have nothing to hide,' you do. Whether it’s something personal but not necessarily illegal, or some regulatory offense you didn’t even know you are committing, the government will get you if it wants to. 'It’s only a matter of time before someone slaps an email on your desk that you sent fifteen years ago threatening to punch out your neighbor for not pruning his trees, and says, ‘Look at what I got against you. We need your information on whatever…' He said the NSA scandal 'gets at the roots of what liberty means…That flag means something. It’s undermining the very principles that made this country great.' 'Remember,' Bongino concluded, 'when the key is held by someone else, liberty means absolutely nothing.''
Former Secret Service Agent Warns: President Obama Sees Government as a ‘Shiny New Toy’
The Blaze TV, 31 October 2013

"Massive cloud networks from companies like Google and Yahoo cache and serve up much of the data on the Internet -- and the NSA has secretly tapped into the unencrypted links behind those company’s enormous servers, according to a new report from the Washington Post. By tapping into that link, the NSA can collect data at will from hundreds of millions of user accounts, the Post reported -- including not just foreign citizens and 'metadata' but emails, videos and audio from American citizens. Operation MUSCULAR, a joint program of the NSA and its British equivalent GCHQ, relies on an unnamed telecommunications provider outside of the U.S. to offer secret access to a cable or switch through with Google and Yahoo pass unencrypted traffic between their servers. The massive servers run by the company are carefully guarded and strictly audited, the companies say; according to Google, buildings housing its servers are guarded around the clock by trained personnel, and secured with heat-sensitive cameras, biometric verification, and more. Two engineers with close ties to Google exploded in profanity when they saw a drawing of the NSA’s hack revealed by Edward Snowden; the drawing includes a smiley face next to the point at which the agency apparently was able to tap into the world’s data.... NSA director Gen. Keith Alexander said Wednesday his agency doesn't access such networks servers without a court order, according to Politico. The NSA also released a statement saying the agency only uses attorney general-approved processes in data collection. 'NSA has multiple authorities that it uses to accomplish its mission, which is centered on defending the nation,' the statement reads. 'The Washington Post's assertion that we use Executive Order 12333 collection to get around the limitations imposed by the Foreign Intelligence Surveillance Act and FAA 702 is not true. The assertion that we collect vast quantities of U.S. persons' data from this type of collection is also not true.' In a statement, Google said it was 'troubled by allegations of the government intercepting traffic between our data centers, and we are not aware of this activity.'"
NSA secretly tapped Google, Yahoo data centers worldwide, new report claims
Fox News, 30 October 2013

"[Investigative journalist Seymour Hersh] is certain that NSA whistleblower Edward Snowden 'changed the whole nature of the debate' about surveillance. Hersh says he and other journalists had written about surveillance, but Snowden was significant because he provided documentary evidence – although he is sceptical about whether the revelations will change the US government's policy. 'Duncan Campbell [the British investigative journalist who broke the Zircon cover-up story], James Bamford [US journalist] and Julian Assange and me and the New Yorker, we've all written the notion there's constant surveillance, but he [Snowden] produced a document and that changed the whole nature of the debate, it's real now,' Hersh says. 'Editors love documents. Chicken-shit editors who wouldn't touch stories like that, they love documents, so he changed the whole ball game,' he adds, before qualifying his remarks. 'But I don't know if it's going to mean anything in the long [run] because the polls I see in America – the president can still say to voters 'al-Qaida, al-Qaida' and the public will vote two to one for this kind of surveillance, which is so idiotic,' he says. Holding court to a packed audience at City University in London's summer school on investigative journalism, 76-year-old Hersh is on full throttle, a whirlwind of amazing stories of how journalism used to be; how he exposed the My Lai massacre in Vietnam, how he got the Abu Ghraib pictures of American soldiers brutalising Iraqi prisoners, and what he thinks of Edward Snowden.... Nor does he understand why the Washington Post held back on the Snowden files until it learned the Guardian was about to publish..... 'The republic's in trouble, we lie about everything, lying has become the staple.' And he implores journalists to do something about it."
Seymour Hersh on Obama, NSA and the 'pathetic' American media
Guardian (Blog), 27 September 2013

"Lord King, as Mervyn King, made the threat to disclose how America’s Central Intelligence Agency had been secretly accessing people’s financial information in the wake of the 9/11 terrorist attacks at a meeting of the G7 finance ministers in Florida in February 2004. Damian McBride, Mr Brown’s former spin doctor, said in his memoirs published on Tuesday that Lord King had felt uncomfortable about the CIA’s access to the Worldwide Interbank Financial Telecommunication system, known as Swift. Mr McBride told how 'Mervyn’s conscience told him that he had a duty to blow the gaff on the Swift deal, and tell the British people that the CIA had –with the Treasury’s connivance – been secretly accessing that financial data'. Mr McBride described how 'when Mervyn announced his intentions in a small meeting room in Boca Raton, Gordon quietly told everyone else to leave, aside from the Swift expert, Mark Bowman'. Mr McBride then told how, with the room cleared, 'for the next five minutes, Gordon unleashed a volcanic tirade at Mervyn, very properly saying that he’d be putting Britain’s counter-terror operations at threat if he went public about Swift and that it would do huge damage to our relationship with America'. Mr McBride said Mr Brown had continued 'perhaps rather harshly – that Mervyn was talking ‘f****** bull****' when he said he had a duty to speak out and that it was his ‘f****** ego’ dictating his position, not his duty to the country.' Mr McBride clearly took Mr Brown’s side in the argument. He added: 'However rudely Mervyn felt he was treated – and he enjoyed some cold revenge in his future Mansion House speeches and economic forecasts – there is no question that Gordon was right and, as a result of his intervention, the Swift deal remained a secret for another two years, until it was exposed by the New York Times, and safeguards and formal treaties were put in place governing its use.''
Gordon Brown 'launched f-word tirade at former Bank Governor Mervyn King', says Damian McBride
Telegraph, 24 September 2013

"Germany and Brazil have presented a draft resolution to a UN general assembly committee that calls for an end to excessive electronic surveillance, data collection and other gross invasions of privacy. The draft resolution, which both Germany and Brazil made public on Friday, does not name any specific countries, although UN diplomats said it was clearly aimed at the US, which has been embarrassed by revelations of a massive international surveillance programme from a former US contractor. The German-Brazilian draft would have the 193-nation assembly declare that it is 'deeply concerned at human rights violations and abuses that may result from the conduct of any surveillance of communications, including extraterritorial surveillance of communications'. It would also call on UN member states 'to take measures to put an end to violations of these rights and to create the conditions to prevent such violations, including by ensuring that relevant national legislation complies with their obligations under international human rights law'. The resolution will likely undergo changes as it is debated in the general assembly's third committee, which focuses on human rights. It is expected to be put to a vote in the committee this month and then again in the general assembly next month, diplomats said."
NSA spying: Germany and Brazil produce draft UN resolution
Guardian, 2 November 2013

"The key role private companies play in National Security Agency surveillance programs is detailed in a top-secret document provided to the Guardian by whistleblower Edward Snowden and published for the first time on Friday. One slide in the undated PowerPoint presentation, published as part of the Guardian's NSA Files: Decoded project, illustrates the number of intelligence reports being generated from data collected from the companies. In the five weeks from June 5 2010, the period covered by the document, data from Yahoo generated by far the most reports, followed by Microsoft and then Google. Between them, the three companies accounted for more than 2,000 reports in that period – all but a tiny fraction of the total produced under one of the NSA's main foreign intelligence authorities, the Fisa Amendents Act (FAA). It is unclear how the information in the NSA slide relates to the companies' own transparency reports, which document the number of requests for information received from authorities around the world."
Snowden document reveals key role of companies in NSA data collection
Guardian, 1 November 2013

"The German, French, Spanish and Swedish intelligence services have all developed methods of mass surveillance of internet and phone traffic over the past five years in close partnership with Britain's GCHQ eavesdropping agency. The bulk monitoring is carried out through direct taps into fibre optic cables and the development of covert relationships with telecommunications companies. A loose but growing eavesdropping alliance has allowed intelligence agencies from one country to cultivate ties with corporations from another to facilitate the trawling of the web, according to GCHQ documents leaked by the former US intelligence contractor Edward Snowden. The files also make clear that GCHQ played a leading role in advising its European counterparts how to work around national laws intended to restrict the surveillance power of intelligence agencies. The German, French and Spanish governments have reacted angrily to reports based on National Security Agency (NSA) files leaked by Snowden since June, revealing the interception of communications by tens of millions of their citizens each month. US intelligence officials have insisted the mass monitoring was carried out by the security agencies in the countries involved and shared with the US. The US director of national intelligence, James Clapper, suggested to Congress on Tuesday that European governments' professed outrage at the reports was at least partly hypocritical. 'Some of this reminds me of the classic movie Casablanca: 'My God, there's gambling going on here,' ' he said. Sweden, which passed a law in 2008 allowing its intelligence agency to monitor cross-border email and phone communications without a court order, has been relatively muted in its response. The German government, however, has expressed disbelief and fury at the revelations from the Snowden documents, including the fact that the NSA monitored Angela Merkel's mobile phone calls. After the Guardian revealed the existence of GCHQ's Tempora programme, in which the electronic intelligence agency tapped directly into the transatlantic fibre optic cables to carry out bulk surveillance, the German justice minister, Sabine Leutheusser-Schnarrenberger, said it sounded 'like a Hollywood nightmare', and warned the UK government that free and democratic societies could not flourish when states shielded their actions in 'a veil of secrecy'. However, in a country-by-country survey of its European partners, GCHQ officials expressed admiration for the technical capabilities of German intelligence to do the same thing. The survey in 2008, when Tempora was being tested, said the Federal Intelligence Service (BND), had 'huge technological potential and good access to the heart of the internet – they are already seeing some bearers running at 40Gbps and 100Gbps'. Bearers is the GCHQ term for the fibre optic cables, and gigabits per second (Gbps) measures the speed at which data runs through them. Four years after that report, GCHQ was still only able to monitor 10 Gbps cables, but looked forward to tap new 100 Gbps bearers eventually. Hence the admiration for the BND. The document also makes clear that British intelligence agencies were helping their German counterparts change or bypass laws that restricted their ability to use their advanced surveillance technology. 'We have been assisting the BND (along with SIS [Secret Intelligence Service] and Security Service) in making the case for reform or reinterpretation of the very restrictive interception legislation in Germany,' it says.... In the case of the Spanish intelligence agency, the National Intelligence Centre (CNI), the key to mass internet surveillance, at least back in 2008, was the Spaniards' ties to a British telecommunications company (again unnamed. Corporate relations are among the most strictly guarded secrets in the intelligence community). That was giving them 'fresh opportunities and uncovering some surprising results..... GCHQ held a conference with its Swedish counterpart 'for discussions on the implications of the new legislation being rolled out' and hailed as 'a success in Sweden' the news that FRA 'have finally found a pragmatic solution to enable release of intelligence to SAEPO [the internal Swedish security service.]' GCHQ also maintains strong relations with the two main Dutch intelligence agencies, the external MIVD and the internal security service, the AIVD.... In the score-card of European allies, it appears to be the Italians who come off the worse. GCHQ expresses frustration with the internal friction between Italian agencies and the legal limits on their activities.....It is clear from the Snowden documents that GCHQ has become Europe's intelligence hub in the internet age, and not just because of its success in creating a legally permissive environment for its operations. Britain's location as the European gateway for many transatlantic cables, and its privileged relationship with the NSA has made GCHQ an essential partner for European agencies. The documents show British officials frequently lobbying the NSA on sharing of data with the Europeans and haggling over its security classification so it can be more widely disseminated. In the intelligence world, far more than it managed in diplomacy, Britain has made itself an indispensable bridge between America and Europe's spies."
GCHQ and European spy agencies worked together on mass surveillance
Guardian, 1 November 2013

"The White House sought on Friday to distance itself from the National Security Agency's monitoring of foreign leaders, rejecting criticism that President Barack Obama was understating his knowledge of the agency's activities.In a further sign of the growing blame game within Washington over the affair, spokesman Jay Carney said Obama paid close attention to terrorism intercepts but had no need to personally bug the phones of allies. 'The president is a very deliberate consumer of the intelligence gathered for him on national security matters,' said Carney. 'But when the president wants to find out what the heads of state of friendly nations think, he calls them.' The White House comments followed an admission on Thursday from secretary of state John Kerry that some surveillance practices were carried out 'on auto-pilot' and had not been known to the president. That was followed on Thursday night by the NSA director, Keith Alexander, blaming Kerry's own department for driving its spying on friendly world leaders. 'The intelligence agencies don't come up with the requirements. The policymakers come up with the requirements,' Alexander said. 'One of those groups would have been, let me think, hold on, oh: ambassadors.' Alexander said the NSA collected information when it was asked by policy officials to discover the 'leadership intentions' of foreign countries. 'If you want to know leadership intentions, these are the issues,' he said. On Friday, veteran US diplomats questioned that assertion. Thomas Pickering, who served as ambassador to Russia, India, Israel, Jordan and the United Nations, said he found it puzzling that intelligence agencies would interpret requests for information as a green light to bug the phones of friendly government leaders. 'To point the finger at ambassadors as being responsible for generating these requests seems, in my experience, to be far fetched,' Pickering told the Guardian. 'In my time, intelligence requirements were never based on collection methods, they were based on intelligence interests. That an ambassador may have been interested in the views of a foreign leader is not a reason to say they had any responsibility for how that information was gathered.' Pickering, who recently led a White House review of the 2012 assassination of the US ambassador to Libya, said he had no direct knowledge but would be surprised to find the NSA was taking direction from ambassadors on such matters."
White House rejects criticism of Obama over NSA surveillance as rift deepens
Guardian, 1 November 2013

"On every count the platitudinous apologists for mass surveillance took a kicking in yesterday’s Commons debate. Julian Smith, the previously unknown Tory MP who tried to get the Guardian prosecuted for treasonous behaviour in publishing details from the Snowden files, was reminded that the secretary of the D Notice committee, which advises the press against making revelations which could threaten national security, had made clear that the Guardian material did not involve a threat to anyone’s life. Smith was also reminded that he himself had published on his website pictures of staff from RAF Menwith Hill, which is a breach of national security, whilst the Guardian which reproduced one of these pictures had pixelated their faces – so hypocrites should not throw stones. Furthermore, if the Guardian revelations had really breached national security, why has nobody at the Guardian been charged or arrested since their offices were searched last July? It did raise questions however as to whether the threat to national security was real or simply being used as a cover to block disclosures that were plainly embarrassing. The killer question for the securocrat hardliners was when the Intelligence and Security Committee (ISC) found out about GCHQ’s deployment of the Tempora programme with its capability for mass surveillance? It emerged that it was only after the Guardian began its revelations in June. But the chair of the ISC, Tory MP Malcolm Rifkind, a pompous stooge of the establishment, let the cat out of the bag when he said he couldn’t divulge the answer because it was ‘classified’! But what punctured Rifkind’s balloon most dramatically was the realisation that had it not been for the Guardian’s (carefully selective) revelations from the Snowden files, we would still have not an inkling that the security services had the capability to access every phone, email, text or other internet traffic of every private citizen in the country. The ISC, supposedly providing oversight of GCHQ and MI5, hadn’t a clue. Rifkind then delivered a defensive speech of surpassing blandness. He even seemed to be suggesting at one point that there was no need for reform of the ISC because he/they had already done that. When he finally agreed that some review was necessary, he rejected my demand for a fully independent committee of inquiry, and insisted that the ISC should review itself, preferably not by initiating a new inquiry but rather by slightly tweaking their own existing work programme. And when I reminded him that the real reason that Theresa May had been so anxious to push through the Communications Data Bill was to legitimise retrospectively the new technological capabilities that GCHQ had already been deploying for years, most notably the Tempora programme, he simply looked away."
The defend-the-security-services-right-or-wrong mob get a bollocking
Michael Meacher MP » Blog Archive » 1 November 2013

"John Kerry, the US secretary of state, conceded on Thursday that some of the country's surveillance activities had gone too far, saying that certain practices had occurred 'on autopilot' without the knowledge of senior officials in the Obama administration. In the most stark comments yet by a senior administration official, Kerry promised that a previously announced review of surveillance practices would be thorough and that some activities would end altogether. 'The president and I have learned of some things that have been happening in many ways on an automatic pilot, because the technology is there and the ability is there,' he told a conference in London via video link. 'In some cases, some of these actions have reached too far and we are going to try to make sure it doesn't happen in the future.' In recent days, the Obama administration has put some distance between it and the National Security Agency (NSA). Kerry's comments are a reflection in particular of a concern about the diplomatic fallout from the revelation that the US monitored the cellphone of the German chancellor, Angela Merkel. The tactic has irritated senior intelligence officials. On Thursday evening, the director of the NSA, General Keith Alexander, blamed US diplomats for requests to place foreign leaders under surveillance. During a pointed exchange with a former US ambassador to Romania, James Carew Rosapepe, Alexander said: 'We, the intelligence agencies, don't come up with the requirements. The policy-makers come up with the requirements.' He added: 'One of those groups would have been, let me think, hold on, oh: ambassadors.' Alexander said that the NSA collected information when it was asked by policy officials to discover the 'leadership intentions' of foreign countries. 'If you want to know leadership intentions, these are the issues,' he said at a discussion hosted by the Baltimore Council on Foreign Relations."
US surveillance has gone too far, John Kerry admits
Guardian, 1 November 2013

"US secretary of state John Kerry says US spying has gone too far in some cases, in an unprecedented admission by Washington. The top diplomat, speaking to a London conference via video link, also sought to assure Europe that such steps, which have roiled close allies like Germany, would not be repeated. 'I assure you, innocent people are not being abused in this process, but there's an effort to try to gather information,' Mr Kerry told the conference. 'And yes, in some cases, it has reached too far inappropriately. 'And the president, our president, is determined to try to clarify and make clear for people, and is now doing a thorough review in order that nobody will have the sense of abuse.' Mr Kerry added that what Washington was trying to do was, in a 'random way,' find ways of determining if there were threats that needed responding to. 'And in some cases, I acknowledge to you, as has the president, that some of these actions have reached too far, and we are going to make sure that does not happen in the future,' he said. Recent allegations and reports of widespread spying by the US National Security Agency (NSA) have sparked a major rift in trans-Atlantic ties."
US secretary of state John Kerry admits spying has gone 'too far'
ABC (Australia), 1 November 2013

"The United States faces a tough task undoing the damage inflicted by allegations it has spied on leaders of allied countries, Russian Prime Minister Dmitry Medvedev said. Reports that the U.S. National Security Agency tapped German Chancellor Angela Merkel's cellphone and conducted widespread electronic snooping in nations such as France, Italy, Spain and elsewhere have sparked anger among American allies. 'It's not very pleasant when you are spied on ... so the leaders are angry. I understand them,' Medvedev told Reuters in an interview on Thursday. Medvedev suggested such spying was not unusual, but he added that 'it is assumed that it is not done in such an absolutely cynical way'. 'Can the situation be calmed? I think it's possible. But to be honest, no assurances will help here,' he said. 'What can you say in this situation? 'Sorry, we won't do it anymore' or 'We will not try to listen in on you'? Nobody will believe it.'"
Russia's PM says U.S. hurt by evidence of "cynical" spying
Reuters, 1 November 2013

"There has been some suggestion from the White House that the president 'didn’t know' about the spying on Merkel and other leaders. Clapper and NSA Director Keith Alexander have denied that the president was kept in the dark about its spying on leaders of friendly nations, but both men are known to be liars regarding the NSA’s actions. Clapper indeed was forced to admit that he lied to Congress — and right there we have prima facie evidence that the NSA has been blackmailing members of Congress, or at least that the members of Congress think they are vulnerable to blackmail. This is because despite Clapper’s outrageous offense of lying to the Congress about his agency’s massive spying program, not one member of either Senate or House, or of the two Congressional Intelligence Committees, has called for a contempt resolution against him. How can that be? Members of Congress routinely cite or threaten to cite sports figures for contempt of Congress for lying to senators or representatives about their steroid use, and yet when the head of the nation’s spying organization network lies about an unprecedentedly huge spying operation, they just let it pass? ....I would argue that it is almost a certainty that the NSA spying on foreign leaders is just the tip of the political spying iceberg, and that the real horror is that it is spying on domestic politicians, and probably dropping hints to make it clear that it is in a position to blackmail them. On behalf of whom the NSA is acting is the question. ..... This might explain the phenomenal weakness and lack of political will and courage of the current president. .... Could it be that he too is afraid of blackmail, or that has he already been successfully blackmailed? I of course don’t know the answer to these questions, but at this point they clearly need to be asked and contemplated..... another NSA whistleblower, Russell Tice, has said that he was aware while at the NSA, that the agency, back in 2004, was spying on Barack Obama, then just a Democratic Senate candidate from Chicago. Besides, even if members of Congress and judges on the federal bench just think they’re being spied on and are thus vulnerable to blackmail, they are not likely to step out of line and vote or rule the wrong way. The only remaining question is who is behind all this spying and potential blackmail? Is the NSA itself a rogue operator acting to protect and expand its own power? Perhaps, but more likely, I would guess, is that some larger 'permanent government' composed of the heads of key corporate interests — perhaps key leaders of the financial and the military/intelligence sectors and a few other key industries like the oil companies — is pulling the strings. Maybe Snowden has the answer to this question. If not, we’ll just have to wait for the next courageous whistleblower to come forward."
Dave Lindorff - Is NSA Spying Really About Blackmail?
CounterPunch, 1 November 2013

"The vast scale of online surveillance revealed by Edward Snowden is leading to the breakup of the internet as countries scramble to protect private or commercially sensitive emails and phone records from UK and US security services, according to experts and academics. They say moves by countries, such as Brazil and Germany, to encourage regional online traffic to be routed locally rather than through the US are likely to be the first steps in a fundamental shift in the way the internet works. The change could potentially hinder economic growth. 'States may have few other options than to follow in Brazil's path,' said Ian Brown, from the Oxford Internet Institute. 'This would be expensive, and likely to reduce the rapid rate of innovation that has driven the development of the internet to date … But if states cannot trust that their citizens' personal data – as well as sensitive commercial and government information – will not otherwise be swept up in giant surveillance operations, this may be a price they are willing to pay.' Since the Guardian's revelations about the scale of state surveillance, Brazil's government has published ambitious plans to promote Brazilian networking technology, encourage regional internet traffic to be routed locally, and is moving to set up a secure national email service. In India, it has been reported that government employees are being advised not to use Gmail and last month, Indian diplomatic staff in London were told to use typewriters rather than computers when writing up sensitive documents."
NSA surveillance may cause breakup of internet, warn experts
Guardian, 1 November 2013

"Sen. Dianne Feinstein, the chairman of the Senate Intelligence Committee and one of the NSA’s biggest defenders, released what she calls an NSA 'reform' bill today....We learned for the first time in June that the NSA secretly twisted and re-interpreted Section 215 of the Patriot Act six years ago to allow them to vacuum up every phone record in America—continuing an unconstitutional program that began in 2001. The new leaks about this mass surveillance program four months ago have led to a sea change in how Americans view privacy, and poll after poll has shown the public wants it to stop. But instead of listening to her constituents, Sen. Feinstein put forth a bill designed to allow the NSA to monitor their calls. Sen. Feinstein wants the NSA to continue to collect the metadata of every phone call in the United States—that’s who you call, who calls you, the time and length of the conversation, and under the government’s interpretation, potentially your location—and store it for five years. This is not an NSA reform bill, it’s an NSA entrenchment bill. Other parts of the bill claim to bring a modicum of transparency to small parts of the NSA, but requiring some modest reporting requirements, like how many times NSA searches this database and audit trails for who does the searching. But its real goal seems to be to just paint a veneer of transparency over still deeply secret programs. It does nothing to stop NSA from weakening entire encryption systems, it does nothing to stop them from hacking into the communications links of Google and Yahoo’s data centers, and it does nothing to reform the PRISM Internet surveillance program."
Sen. Dianne Feinstein’s New NSA Bill Will Codify and Extend Mass Surveillance of Americans
EEF, 31 October 2013

"EU leaders are calling for the suspension of a trade pact with the US worth billions of dollars over NSA spying. The 28-nation bloc suspects the so-called ‘Safe Harbor’ deal is being undermined by US espionage and has demanded safeguards for EU citizens. The EU’s top politicians have slammed Washington for a 'breakdown of trust' and seek guarantees for the safety of EU customer data. 'For ambitious and complex negotiations to succeed there needs to be trust among the negotiating partners,' EU Justice Commissioner Viviane Reding said Wednesday in a speech at Yale University. The Safe Harbor agreement has been in place for 13 years and it allows over 4,300 American companies to collect and process sales, emails and photos from EU customers. In order for firms to be able to collate this information they have to comply with seven directives to prevent data loss and disclosure. However, EU officials believe the system is flawed and can be manipulated by the NSA. 'If you look at the US legal environment, there is no adequate legal protection for EU citizens,' said the European Parliament’s leading data protection lawmaker Jan Philipp Albrecht after talks with officials in Washington. In the light of the spy scandal the EU has threatened to suspend the treaty pending stipulated changes that would sure up security. EU leaders are expected to urge the US to strengthen its privacy laws to allow European citizen more control over how their private data is used. If the ‘Safe Harbor’ pact is suspended it could have a massive knock-on effect, costing the US and EU billions of dollars in trade. Moreover, the pact allows US companies to get around the lengthy approval procedure by the European data protection authorities, without it some US firms would be forced to stop doing business in the EU. 'I don’t think the US government can be convinced by arguments or outrage alone, but by making it clear that American interests will suffer if this global surveillance is simply continued,'said Peter Schaar, the head of Germany’s data protection watchdog."
EU calls for suspension of multi-billion ‘Safe Harbor’ deal over NSA spying
RT, 31 October 2013

"I really urge everyone to take note of, and stand against, what I and others have written about for years, but which is becoming increasingly more threatening: namely, a sustained and unprecedented attack on press freedoms and the news gathering process in the US. That same menacing climate is now manifest in the UK as well, as evidenced by the truly stunning warnings issued this week by British Prime Minister David Cameron: British Prime Minister David Cameron said on Monday his government was likely to act to stop newspapers publishing what he called damaging leaks from former US intelligence operative Edward Snowden unless they began to behave more responsibly. 'If they (newspapers) don't demonstrate some social responsibility it will be very difficult for government to stand back and not to act,' Cameron told parliament, saying Britain's Guardian newspaper had 'gone on' to print damaging material after initially agreeing to destroy other sensitive data. There are extremist though influential factions in both countries which want to criminalize not only whistleblowing but the act of journalism itself (pdf). I'm not leaving because of those threats – if anything, they make me want to stay and continue to publish here – but I do believe it's urgent that everyone who believes in basic press freedoms unite against this. Allowing journalism to be criminalized is in nobody's interest other than the states which are trying to achieve that. As Thomas Jefferson wrote in an 1804 letter to John Tyler: 'Our first object should therefore be, to leave open to him all the avenues to truth. The most effectual hitherto found, is the freedom of the press. It is, therefore, the first shut up by those who fear the investigation of their actions.'"
Glen Greenwald - On leaving the Guardian
Guardian, Comment Is Free, 31 October 2013

"The National Security Agency doesn't have access to servers run by Internet giants Google and Yahoo, its chief said in a pushback to a Washington Post report that the U.S. spy network taps into overseas data links to slurp up millions of text, video and audio records every day. But Gen. Keith Alexander's comments at a cybersecurity conference Wednesday don't appear to address the substance of the newspaper's allegations -- that the NSA has found a way to tap into the data as it moves between servers around the world without many of the restrictions imposed by U.S. law and court oversight. Asked about the report by a Bloomberg Television reporter who interviewed him on stage at the conference, Alexander denied breaking into servers or databases run by Internet companies. 'Not to my knowledge,' he said in response to a question about tapping into company databases. 'It would be illegal for us to do that. So, I don't know what the report is,' Alexander said. 'But I can tell you factually we do not have access to Google servers, Yahoo servers. We go through a court order.' However, the allegations published by The Post -- based on documents leaked by former NSA contractor Edward Snowden -- aren't that the NSA has hacked into data centers or databases owned by the companies. Instead, the newspaper -- citing the Snowden documents and unnamed 'knowledgeable officials' -- reported that the NSA gets access to the data as it passes through vulnerable points overseas on its way to databases around the world. According to The Post, the NSA and the British Government Communications Headquarters found a way to exploit a weakness in Internet architecture to copy data as it moves from the public Internet into data centers maintained by the companies. The agency then uses custom-built software to decode the companies' internal data formats and filter the resulting data for information it wants to collect, the newspaper reported. The material collected under the program -- code-named MUSCULAR -- includes e-mail addressing information, as well as 'content such as text, audio and video,' according to The Post. The agency's Fort Meade, Maryland, headquarters received 181,280,466 such records in the 30 days preceding the top-secret January 9, 2013, accounting on which The Post's report is based, according to the newspaper. In a statement, the NSA said 'the assertion that we collect vast quantities of U.S. persons' data from this type of collection is also not true.' 'NSA applies Attorney General-approved processes to protect the privacy of U.S. persons,' the agency said. It's unclear how much of the material collected involves what the NSA calls 'U.S. persons,' a category that includes U.S. citizens, permanent residents, groups predominantly made up of those groups and businesses incorporated in the United States. But unlike domestic programs that fall under restrictions imposed by law and the oversight of a secret court, surveillance conducted overseas falls under an executive order with less restrictive standards, The Post reported. The report raised concerns from Google and Yahoo, with the Internet behemoths saying they never gave the NSA permission to access communication links to their servers. 'We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency,' said Yahoo spokeswoman Sarah Meron."
NSA chief addresses report that agency taps into Google, Yahoo data links
CNN, 31 October 2013

"The union representing German journalists advised its members on Thursday to stop using Google and Yahoo because of reported snooping by U.S. and British intelligence. 'The German Federation of Journalists recommends journalists to avoid until further notice the use of search engines and e-mail services from Google and Yahoo for their research and digital communication,' the union said in a statement. It cited 'scandalous' reports of interception of both companies' web traffic by the U.S. National Security Agency (NSA) and Britain's GCHQ. 'The searches made by journalists are just as confidential as the contact details of their sources and the contents of their communication with them,' said Michael Konken, head of the union which represents about 38,000 journalists. He said there were safe alternatives for both searches and email. The Washington Post reported on Wednesday that the NSA had tapped directly into communications links used by Google and Yahoo to move large amounts of email and other user information between overseas data centers. It said the program was operated jointly with GCHQ. Google's chief legal officer said it was 'outraged' at the apparent interception of data from its private fiber networks. The company declined to comment on the German union move. Yahoo said it had strict security in place at its data centers and had not given access to the NSA or other agencies. Revelations by fugitive U.S. intelligence contractor Edward Snowden about the scale of NSA surveillance worldwide, from the alleged mass trawling of emails to the tapping of world leaders' phones, have caused international outrage."
German journalists urged to shun Google and Yahoo
Guardian, 31 October 2013

"Boris Johnson has issued a staunch defence of the Guardian's 'salient and interesting' revelations showing the extent of mass surveillance by US and UK intelligence agencies. The mayor of London told an audience at the World Islamic Economic Forum on Wednesday that it was important that governments and their spies were held to account by a 'beady-eyed' media. 'I think the public deserves to know,' said Johnson. 'The world is better for government being kept under the beady-eyed scrutiny of the media and for salient and interesting facts about public espionage being brought into the public domain.' Johnson's intervention puts him at odds with David Cameron, who has said the leaks based on files from the whistleblower Edward Snowden have made the UK less safe. This week the prime minister issued a veiled threat to take 'tougher measures' against the Guardian and other newspapers unless they showed a more socially responsible attitude. 'I don't want to have to use injunctions or D notices or the other tougher measures,' Cameron said. 'I think it's much better to appeal to newspapers' sense of social responsibility. But if they don't demonstrate some social responsibility it would be very difficult for government to stand back and not to act.' Johnson highlighted the news that the German chancellor Angela Merkel's phone had been bugged by the US National Security Agency for a decade, a story originally reported in the German news weekly Der Spiegel. 'I personally defend the Guardian's right to publish interesting information such as that Angela Merkel's phone was bugged by Barack Obama. I think that is an interesting fact,' he said. 'I don't believe that the fact that Angela Merkel's phone was bugged by the NSA does anything to jeopardise anybody's security, it's merely colossally embarrassing and it should come out.'"
Boris Johnson defends Guardian over NSA revelations
Guardian, 30 October 2013

"It is important that a country spying on its own citizens does so under careful controls. In a democracy, the government of the day has tools at its command which – in the absence of self-restraint or clear law – can easily be used to perpetuate its own rule. This then puts at risk the democratic nature of the state and could lead to tyranny. As the means of surveillance have become more sophisticated and the expenditure on security services has increased, so the risk of abuse has grown. Sometimes this is trivial but oppressive – as when local councils spy on people to see if they have correctly claimed school places. However, as the initial crime of Watergate showed it can be used against political adversaries. The scandal that led to the fall of Richard Nixon originated with a break-in at the headquarters of the Democratic National Committee. It was a low-level and bungled crime to steal political secrets. In a more sophisticated technological age it is much easier to eavesdrop without leaving any signs of a burglary. Information gathered in this way could then be used to counter another party’s strategy while in a more sinister fashion it could lead to blackmail or intimidation. Although in the UK it is thought that governments will not behave like this as they did in the United States, albeit in an amateur manner 40 years ago, it would be wrong to be too complacent. Dictatorships, as in North Korea, use surveillance to cow the population. The fear that somebody is listening and that unpleasant consequences may follow prevents any open discussion of the regime’s failings. This enables the propaganda of Kim Jong-un and his father and grandfather before him to pass unchallenged, which helps to perpetuate a brutal government. In recent years the threat of terrorism in Britain has reduced the domestic protections against an intrusive state. But in spite of this risk it is essential that the domestic security services are controlled and operate under rather than above the law."
Jacob ReesMogg, MP - MI6 and the CIA are spying on foreign leaders? Thank God!
Telegraph, 30 October 2013

"The US National Security Agency allegedly eavesdropped on cardinals before the conclave in March to elect a new pope, Italian weekly magazine Panorama claimed on Wednesday. 'The National Security Agency wire-tapped the pope,' the magazine said, accusing the United States of listening in to telephone calls to and from the Vatican, including cardinal Jorge Mario Bergoglio before he was elected Pope Francis. The allegations follow a report on surveillance website, Cryptome, which said the US intercepted 46 million telephone calls in Italy in December last year and early January this year. Among those, 'there are apparently also calls from and to the Vatican', Panorama said. 'It is feared that the great American ear continued to tap prelates' conversations up to the eve of the conclave,' it said, adding that there were 'suspicions that the conversations of the future pope may have been monitored'. Bergoglio 'had been a person of interest to the American secret services since 2005, according to Wikileaks', it said. The bugged conversations were divided into four categories: 'leadership intentions', 'threats to financial systems', 'foreign policy objectives' and 'human rights', it claimed. Vatican spokesman Federico Lombardi said 'we have heard nothing of this and are not worried about it'. If true, the US spying would be an embarrassing blow to an institution famous for its secrecy. The goings-on of the conclave are particularly clock-and-dagger, with a system installed in the Sistine chapel where the cardinals meet in order to scramble any mobile phone communications and excommunication for those who spill the beans."
US 'spied on Vatican in run-up to conclave'
Al-Jareera, 30 October 2013

"The National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world, according to documents obtained from former NSA contractor Edward Snowden and interviews with knowledgeable officials. By tapping those links, the agency has positioned itself to collect at will from hundreds of millions of user accounts, many of them belonging to Americans. The NSA does not keep everything it collects, but it keeps a lot. NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say. According to a top-secret accounting dated Jan. 9, 2013, the NSA’s acquisitions directorate sends millions of records every day from internal Yahoo and Google networks to data warehouses at the agency’s headquarters at Fort Meade, Md. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — including 'metadata,' which would indicate who sent or received e-mails and when, as well as content such as text, audio and video. The NSA’s principal tool to exploit the data links is a project called MUSCULAR, operated jointly with the agency’s British counterpart, the Government Communications Headquarters. From undisclosed interception points, the NSA and the GCHQ are copying entire data flows across fiber-optic cables that carry information among the data centers of the Silicon Valley giants. The infiltration is especially striking because the NSA, under a separate program known as PRISM, has front-door access to Google and Yahoo user accounts through a court-approved process. The MUSCULAR project appears to be an unusually aggressive use of NSA tradecraft against flagship American companies. The agency is built for high-tech spying, with a wide range of digital tools, but it has not been known to use them routinely against U.S. companies. In a statement, the NSA said it is 'focused on discovering and developing intelligence about valid foreign intelligence targets only.' 'NSA applies Attorney General-approved processes to protect the privacy of U.S. persons — minimizing the likelihood of their information in our targeting, collection, processing, exploitation, retention, and dissemination,' it said."
NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say
Washington Post, 30 October 2013

"The majority of Brits believe surveillance whistleblower Edward Snowden is a hero, according to a survey, and have a far more favourable view of the former National Security Agency contractor than Americans. The Angus Reid Global Survey, released exclusively to The Huffington Post, suggests 60% of Brits are supportive of Snowden, who leaked secure volumes about government surveillance abuses to the Guardian's Glenn Greenwald. In Canada 67% favour his actions. But in the US, opinion is fractured, with 51% calling Snowden a hero, and 40% dubbing him a traitor. And the dividing lines show a generation gap - with a majority of Americans under 35 applauding Snowden while those over 55 condemn him. That division has been reflected in the traditional conservative media in the UK, like the Daily Mail and the Telegraph, both of which have been highly critical of the Guardian's surveillance exposes, despite regularly championing press freedom in other quarters. Labour and Lib Dem supporters, in turn more likely Guardian readers, are likely to consider Snowden more of a hero, and are much more wary of surveillance activities generally, and much less trustful of their national government as information guardian. 'What’s really interesting on this issue of trust is how it breaks by political support,' Angus Reid, chairman of Angus Reid Public Opinion. 'I’ve rarely in my career seen American Republicans, British Labour supporters and Canadian Liberal and NDP supporters more or less taking the same position on an issue.' Brits are prepared to tolerate far more intrusion into their private lives than our transatlantic cousins, the survey found. In the UK, 52% said monitoring internet communications of the general public should not be tolerated, compared to 60 per cent in the US and Canada. 'There’s no question that he [Snowden] has become the catalyst and the concrete manifestation of an issue that otherwise seems to be very abstract and vague,' said Reid. 'It’s an interesting issue because it’s come from nowhere. Now it occupies a top-five spot as a significant issue in each of the three countries.'"
Edward Snowden A 'Hero' In UK, But Americans Are More Divided (POLL)
Huffington, 30 October 2013

"The director of the National Security Agency says millions of telephone phone records of European citizens were swept up as part of a NATO program to protect the alliance's member nations and military operations. Gen. Keith Alexander told a House Intelligence panel Tuesday that the U.S. did not collect the European records alone, as was reported over the last week to an outcry of criticism across Europe. Alexander said NSA slides of the phone programs outlined intelligence that the U.S. was given from NATO partners. He also disputed that the program targeted European citizens, but did not offer specifics. The U.S. has been under fire over the last week over reports of intrusive spying on European citizens. Alexander denied those report."
NSA chief says phone records were swept up as part of a NATO defence program, not NSA spying
Associated Press, 29 October 2013

"The current revelations on the NSA’s spying are just the tip of the iceberg and affect 'almost every country in the world,' said Glenn Greenwald. He stressed the NSA stores data for 'as long as it can,' so they can target a citizen whenever they want. Glenn Greenwald, the man behind the reports on the NSA global spy program, spoke to El Mundo journalist German Aranda and stressed that the US espionage activities went much further than just Europe. 'There are a lot of countries, and journalists in a lot of different countries, who have been asking for stories and to work on documents for a long time,' Greenwald said. He added that he was working as fast as possible to 'make sure that all of these documents get reported in every single country there are documents for, which is most countries in the world.' Shedding light on the NSA’s motives in compiling metadata on citizens, he said the spy organization’s main aim was to store the information to be able to dip into it whenever necessary. 'The very clear objective of the NSA is not just to collect all this, but to keep it for as long as they can,' said Greenwald. 'So they can at any time target a particular citizen of Spain or anywhere else and learn what they've been doing, in terms of who they have been communicating with.''
NSA stores data to target any citizen at any time - Greenwald
RT, 29 October 2012

"The chair of the Senate intelligence committee, who has been a loyal defender of the National Security Agency, dramatically broke ranks on Monday, saying she was 'totally opposed' to the US spying on allies and demanding a total review of all surveillance programs. California Democratic senator Dianne Feinstein strongly criticised the NSA's monitoring of the calls of friendly world leaders such as German chancellor Angela Merkel. Feinstein, who has steadfastly defended the NSA's mass surveillance programs, added that both Barack Obama and members of her committee, which is supposed to received classified briefings, had been kept in the dark about operations to target foreign leaders. 'It is abundantly clear that a total review of all intelligence programs is necessary so that members of the Senate Intelligence Committee are fully informed as to what is actually being carried out by the intelligence community,' Feinstein said in a statement to reporters. 'Unlike NSA's collection of phone records under a court order, it is clear to me that certain surveillance activities have been in effect for more than a decade and that the Senate Intelligence Committee was not satisfactorily informed. 'With respect to NSA collection of intelligence on leaders of US allies – including France, Spain, Mexico and Germany – let me state unequivocally: I am totally opposed,' she said. Feinstein also provided the first official confirmation of a German report that indicated Merkel's phone had been monitored for more than a decade. 'It is my understanding that President Obama was not aware Chancellor Merkel's communications were being collected since 2002,' Feinstein said. 'That is a big problem.' The senator's dramatic intervention comes as the White House struggles to contain the diplomatic fallout from a series of revelations about the NSA's spy operations abroad. They include a report in the Guardian, based on documents leaked by NSA whistleblower Edward Snowden, that at least 35 world leaders have been monitored by the agency. 'Unless the United States is engaged in hostilities against a country or there is an emergency need for this type of surveillance, I do not believe the United States should be collecting phone calls or emails of friendly presidents and prime ministers. The president should be required to approve any collection of this sort,' Feinstein added.' 'The White House has informed me that collection on our allies will not continue, which I support. But as far as I'm concerned, Congress needs to know exactly what our intelligence community is doing. To that end, the committee will initiate a major review into all intelligence collection programs.' Feinstein's statement comes at a crucial time for the NSA. Legislation will be introduced in Congress on Tuesday that would curtail the agency's powers, and there are the first signs that the White House may be starting to distance itself from security chiefs. On Monday, the White House's chief spokesman, Jay Carney, said the administration 'acknowledged the tensions' caused by Snowden's disclosures..... On Tuesday morning, James Sensenbrenner, the Wisconsin Republican and author of the 2001 Patriot Act, will introduce a bill called the USA Freedom Act that will ban warrantless bulk phone metadata collection and prevent the NSA from querying its foreign communications databases for identifying information on Americans. Patrick Leahy, the Vermont Democrat who chairs the Senate judiciary committee, will introduce the bill's Senate counterpart that same day. Also on Tuesday, the two most senior intelligence leaders are due to testify before the House intelligence committee. Both are now expected to be grilled on why they appear not to have informed either the White House or congressional oversight committees about the spying activities directed at foreign leaders. James Clapper, the director of national intelligence who is under fire for misleading Congress on bulk domestic collection, will testify about surveillance reform Tuesday afternoon. He will be accompanied by General Keith Alexander, the director of the NSA, who last week mused to a Pentagon blog that 'we ought to come up with a way of stopping' reporters' stories about the NSA's bulk collection programs. ... Feinstein's shifting position was not the only emerging challenge confronting the NSA late Monday. A new disclosure from the Electronic Frontier Foundation added to the agency's woes by suggesting that it began testing means to gather location data on cellphones inside the US before informing the secret surveillance court that oversees it. A short document apparently written in 2011 by an NSA lawyer discussed a 2010 'mobility testing effort' involving 'cell site locations.' ..... Alexander recently conceded that the so-called 'pilot program' for cellular geolocation collection existed and said it was potentially a 'future requirement for the country.' It was previously unknown that the pilot program proceeded before the Fisa Court knew of it. Just a month ago, in her own committee, Feinstein, delivered a full-throated and unequivocal defence of every surveillance activity conducted by the NSA. 'It is my opinion that the surveillance activities conducted under FISA, and other programs operated by the National Security Agency, are lawful, they are effective, and they are conducted under careful oversight within the NSA, by the Department of Justice and the Office of the Director of National Intelligence, and by the FISA Court and the Congress,' Feinstein said on September 26. In August, following disclosures that the NSA had improperly collected data on thousands of Americans, Feinstein accused the Washington Post of misquoting her, saying her committee 'has never identified an instance in which the NSA has intentionally abused its authority to conduct surveillance for inappropriate purposes'.....Feinstein's about-face presents the major challenge for the White House, which perceives the California Democrat as a key Senate surrogate on surveillance issues."
NSA: Dianne Feinstein breaks ranks to oppose US spying on allies
Guardian, 29 October 2013

"The chairman of the Senate judiciary committee, Patrick Leahy, warned against cosmetic reform of US surveillance practices as he launched sweeping new legislation to rein in the nation's intelligence agencies. 'It is time for serious and meaningful reforms so we can restore confidence in our intelligence community,' he said in a statement accompanying the legislation's formal introduction before Congress. 'Modest transparency and oversight provisions are not enough. We need real reform.' Leahy, the longest-serving US senator, launched the USA Freedom Act on Tuesday morning in partnership with congressman Jim Sensenbrenner, who in 2001 co-authored the Patriot Act, which first open the door to the wide-ranging surveillance programs. The two veterans of House and Senate legal oversight said it was time to restore the balance between privacy and security. 'Following 9/11, the Patriot Act passed the judiciary committees with overwhelming bipartisan support,' said Sensenbrenner. 'But somewhere along the way, the balance between security and privacy was lost. It’s now time for the judiciary committees to again come together in a bipartisan fashion to ensure the law is properly interpreted, past abuses are not repeated and American liberties are protected.' Their new legislation, simultaneously introduced in both House and Senate, aims to ban the National Security Agency from using the Patriot Act to collect bulk telephone records in the US and close a similar loophole in the Foreign Intelligence Surveillance Act (Fisa) which has allowed the content of American communications to be targeted. 'The government surveillance programs conducted under the Foreign Intelligence Surveillance Act are far broader than the American people previously understood,' said Leahy.... The bill also calls for a special advocate to focus on the protection of privacy rights and civil liberties before the court that oversees Fisa requests by the NSA, and requires more detailed public reporting about the numbers and types of court orders that are issued. It does not yet include reforms of overseas activity, although such amendments are expected to be introduced soon, according to congressional staff involved in the drafting."
Congressional duo launch NSA overhaul bill and urge 'meaningful reform'
Guardian, 29 October 2013

"The US and UK human intelligence services (the CIA and MI6) do not run operations inside the other's country without permission, but while the CIA and MI6 do share information they are not nearly as closely intertwined as their counterparts GCHQ and NSA. They deal in what is known as signals intelligence, which deals with communications. Under UKUSA, they share nearly - but not quite - everything, and do not target each other's nationals without permission. One document leaked by the fugitive Edward Snowden reveals that the protection extends when intelligence is shared with other countries outside the club (so called 'third parties', a 'second party' being any other member of the club). An agreement between the NSA and Israel published by the Guardian newspaper read that Israel 'recognises that the NSA has agreements with Australia, Canada, New Zealand and the United Kingdom that require it to protect information associated with UK persons, Australian persons, Canadian persons and New Zealand persons using procedures and safeguards similar to those applied for US persons'. In a way, Edward Snowden himself shows how close the alliance is. An American, he had access to thousands of documents belonging to British intelligence. And so GCHQ has, in a strange way, become a victim of the club's intimacy and openness within its wall."
Spying scandal: Will the 'five eyes' club open up?
BBC Online, 29 October 2013

"David Cameron last night threatened to take legal action against newspapers that leak ‘damaging’ details of intelligence operations. The Prime Minister warned the Left-wing Guardian newspaper, which has printed classified information from renegade spy Edward Snowden, that it faced court injunctions if it continues to print claims about the activities of the GCHQ listening station. The newspaper, he said, was refusing to behave with ‘social responsibility’ despite repeated warnings that the revelations are damaging to national security. Mr Cameron threatened to impose a D-Notice – an official Whitehall instruction not to print specific items– on newspapers which reveal details of highly sensitive intelligence operations. While a D-Notice is not legally enforceable, Mr Cameron signalled that ministers could also seek court injunctions to prevent publication. Mr Cameron acknowledged that The Guardian had let agents of the security services destroy computer hard drives containing some of Snowden’s material after being warned that terrorists could access it on their servers. But he made clear that his patience is wearing thin after the latest batch of revelations – that the Americans have bugged the phones of 35 world leaders and that British intelligence has eavesdropped on Italian and Spanish citizens.... A Downing Street source said the government could intervene ‘if we were aware that they have material that could be published’. That would give ministers broad scope to gag newspapers in the courts since security chiefs are already aware of material stolen by Snowden which has not yet seen the light of day in the media."
Prime Minister threatens Guardian with legal action over 'damaging' spy leaks
Mail, 29 October 2013

"The White House and State Department signed off on surveillance targeting phone conversations of friendly foreign leaders, current and former U.S. intelligence officials said Monday, pushing back against assertions that President Obama and his aides were unaware of the high-level eavesdropping. Professional staff members at the National Security Agency and other U.S. intelligence agencies are angry, these officials say, believing the president has cast them adrift as he tries to distance himself from the disclosures by former NSA contractor Edward Snowden that have strained ties with close allies. The resistance emerged as the White House said it would curtail foreign intelligence collection in some cases and two senior U.S. senators called for investigations of the practice. France, Germany, Italy, Mexico and Sweden have all publicly complained about the NSA surveillance operations, which reportedly captured private cellphone conversations by German Chancellor Angela Merkel, among other foreign leaders. Until now, members of Congress have chiefly focused their attention on Snowden's disclosures about the NSA's collection of U.S. telephone and email records under secret court orders. 'With respect to NSA collection of intelligence on leaders of U.S. allies — including France, Spain, Mexico and Germany — let me state unequivocally: I am totally opposed,' said Sen. Dianne Feinstein (D-Calif.), who chairs the Senate Intelligence Committee. 'Unless the United States is engaged in hostilities against a country or there is an emergency need for this type of surveillance, I do not believe the United States should be collecting phone calls or emails of friendly presidents and prime ministers,' she said in a statement. Feinstein said the Intelligence Committee had not been told of 'certain surveillance activities' for more than a decade, and she said she would initiate a major review of the NSA operation. She added that the White House had informed her that 'collection on our allies will not continue,' although other officials said most U.S. surveillance overseas would not be affected. Sen. John McCain (R-Ariz.), ranking minority member of the Armed Services Committee, said Congress should consider creating a special select committee to examine U.S. eavesdropping on foreign leaders. 'Obviously, we're going to want to know exactly what the president knew and when he knew it,' McCain told reporters in Chicago. 'We have always eavesdropped on people around the world. But the advance of technology has given us enormous capabilities, and I think you might make an argument that some of this capability has been very offensive both to us and to our allies.'... Precisely how the surveillance is conducted is unclear. But if a foreign leader is targeted for eavesdropping, the relevant U.S. ambassador and the National Security Council staffer at the White House who deals with the country are given regular reports, said two former senior intelligence officials, who spoke on condition of anonymity in discussing classified information. Obama may not have been specifically briefed on NSA operations targeting a foreign leader's cellphone or email communications, one of the officials said. 'But certainly the National Security Council and senior people across the intelligence community knew exactly what was going on, and to suggest otherwise is ridiculous.' If U.S. spying on key foreign leaders was news to the White House, current and former officials said, then White House officials have not been reading their briefing books. Some U.S. intelligence officials said they were being blamed by the White House for conducting surveillance that was authorized under the law and utilized at the White House. 'People are furious,' said a senior intelligence official who would not be identified discussing classified information. 'This is officially the White House cutting off the intelligence community.' Any decision to spy on friendly foreign leaders is made with input from the State Department, which considers the political risk, the official said. ... Jay Carney, the White House press secretary, said Monday that Obama had ordered a review of surveillance capabilities, including those affecting America's closest foreign partners and allies. 'Our review is looking across the board at our intelligence gathering to ensure that as we gather intelligence, we are properly accounting for both the security of our citizens and our allies and the privacy concerns shared by Americans and citizens around the world,' Carney said..... Citing documents from Snowden, the German news magazine Der Spiegel reported last week that the NSA's Special Collection Service had monitored Merkel's cellphone since 2002. Obama subsequently called Merkel and told her he was not aware her phone had been hacked, U.S. officials said. Intelligence officials also disputed a Wall Street Journal article Monday that said the White House had learned only this summer — during a review of surveillance operations that might be exposed by Snowden — about an NSA program to monitor communications of 35 world leaders. Since then, officials said, several of the eavesdropping operations have been stopped because of political sensitivities."
White House OKd spying on allies, U.S. intelligence officials say
Los Angeles Times, 28 October 2013

"The Obama administration's international surveillance crisis deepened on Monday as representatives from a Latin American human rights panel told US diplomats that oversight of the programs was 'illusory'. Members of the Inter-American Commission on Human Rights, an arm of the Organization of American States, expressed frustration and dissatisfaction with the National Security Agency's mass surveillance of foreign nationals – something the agency argues is both central to its existence and necessary to prevent terrorism. 'With a program of this scope, it's obvious that any form of control becomes illusory when there's hundreds of millions of communications that become monitored and surveilled,' said Felipe Gonzales, a commissioner and Chilean national. 'This is of concern to us because maybe the Inter-American Committee on Human Rights may become a target as well of surveillance,' said Rodrigo Escobar Gil, a commissioner and Colombian citizen. Frank La Rue, the United Nations special rapporteur on the right to freedom of opinion and expression, told the commission that the right to privacy was 'inextricably linked' to free expression. 'What is not permissible from a human rights point of view is that those that hold political power or those that are in security agencies or, even less, those in intelligence agencies decide by themselves, for themselves, what the scope of these surveillance activities are, or who will be targeted, or who will be blank surveilled,' La Rue said."
NSA oversight dismissed as 'illusory' as anger intensifies in Europe and beyond
Guardian, 28 October 2013

"Journalist Glenn Greenwald is once again rejecting claims that he and National Security Agency leaker Edward Snowden are endangering American efforts to fight terrorism — and he’s using recent reports that the NSA might have spied on German Chancellor Angela Merkel to prove his point. 'What we revealed is that this spying system is devoted not to terrorists, but is directed to innocent people around the world,' Greenwald told CNN’s Christiane Amanpour in an interview that aired Monday. 'None of this has anything to do with terrorism. Is Angela Merkel a terrorist?' 'This is clearly about political power and economic espionage. And the claim that this is all about terrorism is seen around the world as what it is, which is pure deceit,' he added.... 'Every terrorist who is capable of tying their own shoes has long known that the U.S. government and the U.K. government are trying to monitor their communications in every way that they can,' Greenwald said. 'That isn’t new. We didn’t reveal anything to terrorists that they didn’t already know.''
Glenn Greenwald: Spying not about terror
Politico, 28 October 2013

"Germany should protect former US intelligence contractor Edward Snowden, the former Guardian reporter who broke many of the recent stories about secret US surveillance programmes said Monday. 'Germany is precisely one of the countries that has benefited most from Snowden's revelations, from the start,' Glenn Greenwald said on ARD public TV, according to a statement. He told an ARD news programme that the German government did not have to be grateful 'but it should do what it is lawfully bound to do, namely protect people who are politically persecuted'. Berlin is permitting that 'American authorities threaten him and restrict his rights', he added, in comments released in German. The interview comes amid heightened tensions between the US and its international partners in a widening scandal over US snooping on telephone and online communications of citizens and world leaders, including German Chancellor Angela Merkel. Merkel confronted US President Barack Obama last Wednesday with evidence uncovered in classified documents provided by Snowden. Merkel has faced accusations of having played down the NSA scandal until it affected her. 'Germans should ask themselves why their government is acting this way and they should ask their government to ultimately protect the basic liberties of Mr Snowden effectively,' Greenwald said. Several German deputies have called for Snowden, who has sought asylum at a secret location in Russia, to be summoned to give evidence in a probe of the National Security Agency's (NSA) activities in Germany. 'To question Edward Snowden is obvious,' Greenwald said."
Germany should 'protect' Snowden, says Greenwald
Daily Star (Lebanon), 28 October 2013

"The Spanish prime minister, Mariano Rajoy, has summoned the US ambassador to explain the latest revelations to emerge from the files leaked by Edward Snowden, which suggest the National Security Agency tracked more than 60m phone calls in Spain in the space of a month. Spain's European secretary of state, Íñigo Méndez de Vigo, is meeting James Costos as the White House struggles to contain a growing diplomatic crisis following accusations that the NSA monitored the phones of scores of allies, including the German chancellor, Angela Merkel. El Mundo newspaper reported on Monday that it had seen an NSA document that showed the US spy agency had intercepted 60.5m phone calls in Spain between 10 December 2012 and 8 January this year. An NSA graphic, entitled 'Spain – last 30 days', reportedly shows the daily flow of phone calls within Spain, and that on one day alone – 11 December 2012 – the NSA monitored more than 3.5m phone calls. It appears that the content of the calls was not monitored but the serial and phone numbers of the handsets used, the locations, sim cards and the duration of the calls were. Emails and other social media were also monitored."
Spain summons US ambassador over claim NSA tracked 60m calls a month
Guardian, 28 October 2013

"Intelligence services in America intercepted 60.5 million telephone calls in Spainover the course of just month, according todata obtained by Spanish newspaper El Mundo. The National Security Agency (NSA) recorded the telephone calls between December 2012 and January 2013, noting where the call was made, the series number of the handset used, the number of the SIM card and the duration of the call. The content was not recorded. During the same period they also secretly monitored 46 million calls in Italy. Italian intelligence sources said they had 'no evidence' to support the claim, which was made on Cryptome, a US-based website that gathers intelligence on spying, surveillance and national security. They did, however, increase security around the American embassy in Rome. James Costos, America’s ambassador to Spain, has been summoned by Mariano Rajoy, the Spanish prime minister, to explain the revelations. He was due to meet Íñigo Méndez de Vigo, Spain’s European secretary of state, on Monday, in a meeting organised on Friday, after El Pais published reports suggesting the monitoring of communications – but without giving details. ..... The article in El Mundo shows a day-by-day account of American eavesdropping. Written by Glenn Greenwald – the Brazil-based American journalist, who has worked with former CIA contractor Edward Snowden to publish the NSA spying revelations – the article stated that on one day alone, December 11, a total of 3.5 million calls were recorded. On December 30, New Year’s Day and Jan 2 no calls were monitored. 'The interception carried out by the United States also includes the intrusion in personal information through the internet browser, email and social networks such as Twitter and Facebook,' the authors write. El Mundo claims that the Americans used software called 'Boundless Informant' to process the information obtained. Interception of telephone calls is illegal under Spanish law 25/2007, which forbids the conservation of data relating to electronic communications and public networks. The El Mundo newspaper report comes a week after the French paper Le Monde reported similar allegations of US spying in France, and German magazine Der Spiegel reported that Washington tapped Chancellor Angela Merkel’s mobile phone. The leaders of Brazil and Mexico are also reported to have been spied on. A European summit last week was dominated by anger over the reported extent of US spying on allies and Germany was sending its spy chiefs to Washington to demand answers. At a European Union summit on Friday, Mrs Merkel and French President Francois Hollande said they would press the Obama administration to agree by year’s end to limits that could put an end to the alleged American eavesdropping on foreign leaders, businesses and innocent citizens. Nine European Parliament deputies were visiting Washington on Monday to get more information on the US mass surveillance by the NSA."
NSA 'tracked 60 million phone calls in Spain in a month'
Telegraph, 28 October 2013

"A senior administration official rebutted Sen. Dianne Feinstein’s statement on Monday that the White House had assured her that they would no longer spy on allies. 'The statement that ‘…collection on our allies will not continue…’ is not accurate,' a senior administration official told BuzzFeed. 'While we have made some individual changes, which I cannot detail, we have not made across the board changes in policy like, for example, terminating intelligence collection that might be aimed at all allies.' Feinstein, chair of the Senate Intelligence Committee, put out a statement on Monday criticizing the administration for not briefing her committee on the National Security Agency’s surveillance of foreign leaders."
Administration Official Rebuts Feinstein Claim That White House Will No Longer Spy On Allies
Buzzfeed, 28 October 2013

"President Barack Obama personally authorised the phone tapping of Chancellor Angela Merkel’s mobile because he wanted to 'know everything' about the world’s most powerful woman, it was claimed on Sunday. Bild newspaper in Germany - which also reported surveilance on the phone of her predecessor Gerhard Schroeder who opposed the war in Iraq - called US denials of eavesdropping 'diplomatic lies' as new documents from the Nation security Agency in Washington suggest the bugging against the politicians began at least ten years ago, during the Bush administration. Bild quoted a secret intelligence source saying the president was informed in 2010 about the operation against Merkel by NSA boss Keith Alexander and he sanctioned it. ‘Obama did not stop the action at that time but allowed it to continue,’ said an intelligence official familiar with the NSA operation against Merkel image on Sunday. 'Obama did not stop the action but rather furthered it,' said the Bild informant. 'The reason for the action?' said Bild. 'Obama wanted to know exactly who this woman was.' German handling of the eurozone crisis and its refusal to get involved militarily in Libya increased White House suspicions of who it was dealing with in Europe, it added. It was also claimed that as well as listening into the Nokia supplied to her by her CDU conservative party the electronic wizards of the NSA also cracked her secure personal mobile only last summer - receiving both text messages and overhearing calls from that device too - even though it was supposed to have been made bug-proof by German intelligence boffins. German media said there was little doubt that ‘Handygate’ - the name given to the scandal from the German word Handy for mobile phone - was launched from the American embassy at Pariser Platz in the heart of the capital Berlin. According to German newspapers, 18 NSA specialists are currently stationed in Berlin, working from a soundproofed, bombproof room on the fourth floor of the ultra-modern, ultra secure embassy that is less than two miles from the chancellor’s office. According to media reports it was Tony Blair’s mentor in the war against Iraq, President George W. Bush, who instigated the surveillance against the socialist premier Gerhard Schroeder. 'Where do the Germans stand, can we trust Schroeder?' was allegedly the question, according to Bild, posted in the White House when Bush sanctioned the hacking of his phone. He apparently was particularly disturbed about the closeness of the relationship that Schroeder had with Vladimir Putin of Russia - a friendship which led to Schroeder gaining a five million pound a year job with Russian energy giant Gazprom when he left office. 'Schroeder knew that he had greatly angered America with his opposition to the Iraq war,' said Bild. 'In his inner circle he made no secret of his conviction that he was being bugged by the American secret services.' German politicians together with spy chiefs are scheduled to fly to the USA this week for talks with their counterparts about the snooping programme."
Obama 'gave the go-ahead for Merkel phone tapping' as he wanted to 'know everything' about world's most powerful woman, German newspaper claims
Mail, 28 October 2013

"President Barack Obama was dragged into the trans-Atlantic spying row after it was claimed he personally authorised the monitoring of Angela Merkel’s phone three years ago. The president allegedly allowed US intelligence to listen to calls from the German Chancellor’s mobile phone after he was briefed on the operation by Keith Alexander, director of the National Security Agency (NSA), in 2010. The latest claim, reported in the German newspaper Bild am Sonntag, followed reports in Der Spiegel that the surveillance of Mrs Merkel’s phone began as long ago as 2002, when she was still the opposition leader, three years before being elected Chancellor. That monitoring only ended in the weeks before Mr Obama visited Berlin in June this year, the magazine added. Citing leaked US intelligence documents, it also reported that America conducted eavesdropping operations on the German government from a listening post at its embassy beside the Brandenburg Gate in Berlin, one of more than 80 such centres worldwide. Mr Obama’s European allies will now ask him to say what he personally knew about the NSA’s global eavesdropping operation and its targeting of world leaders, including those from friendly states. The White House declined to comment on the German media reports. Last week, however, Mr Obama assured Mrs Merkel that her phone is not being monitored now – and will not be in future. But the US has pointedly declined to discuss the NSA’s actions in the past. Its surveillance operations raises questions about whether US officials breached domestic laws. Hans-Peter Friedrich, the German interior minister, said: 'If the Americans intercepted cellphones in Germany, they broke German law on German soil'. He noted that wiretapping was a crime in Germany and 'those responsible must be held accountable'.... According to the leaked documents in Spiegel, NSA officials acknowledged that any disclosure of the existence of the foreign listening posts would lead to 'grave damage' for US relations with other governments. Such posts exist in 19 European cities, including Paris, Madrid, Rome and Frankfurt, according to the magazine, which has based its reports on documents provided by Edward Snowden, the former NSA contractor. Mr Obama did not comment, but Republican supporters of the US intelligence community began a fightback on the political talk-shows."
Barack Obama 'approved tapping Angela Merkel's phone 3 years ago'
Telegraph, 27 October 2013

"Merkel has often said -- half in earnest, half in jest -- that she operates under the assumption that her phone calls are being monitored. But she apparently had in mind countries like China and Russia, where data protection is not taken very seriously, and not Germany's friends in Washington. Last Wednesday Merkel placed a strongly worded phone call to US President Barack Obama. Sixty-two percent of Germans approve of her harsh reaction, according to a survey by polling institute YouGov. A quarter think it was too mild. In a gesture of displeasure usually reserved for rogue states, German Foreign Minister Guido Westerwelle summoned the new US ambassador, John Emerson, for a meeting at the Foreign Ministry. The NSA affair has shaken the certainties of German politics. Even Merkel's CDU, long a loyal friend of Washington, is now openly questioning the trans-Atlantic free trade agreement. At the Chancellery it's now being said that if the US government doesn't take greater pains to clarify the situation, certain conclusions will be drawn and talks over the agreement could potentially be put on hold. 'Spying between friends, that's just not done,' said Merkel on Thursday at a European Union summit in Brussels. 'Now trust has to be rebuilt.' But until recently it sounded as if the government had faith in its ally's intelligence agencies. In mid-August Merkel's chief of staff, Ronald Pofalla, offhandedly described the NSA scandal as over. German authorities offered none of their own findings -- just a dry statement from the NSA leadership saying the agency adhered to all agreements between the countries. Now it is not just Pofalla who stands disgraced, but Merkel as well. She looks like a head of government who only stands up to Obama when she herself is a target of the US intelligence services. The German website Der Postillon published a satirical version last Thursday of the statement given by Merkel's spokesman, Steffen Seibert: 'The chancellor considers it a slap in the face that she has most likely been monitored over the years just like some mangy resident of Germany..... Wiretapping from an embassy is illegal in nearly every country. But that is precisely the task of the SCS, as is evidenced by another secret document. According to the document, the SCS operates its own sophisticated listening devices with which they can intercept virtually every popular method of communication: cellular signals, wireless networks and satellite communication. The necessary equipment is usually installed on the upper floors of the embassy buildings or on rooftops where the technology is covered with screens or Potemkin-like structures that protect it from prying eyes. That is apparently the case in Berlin, as well. SPIEGEL asked British investigative journalist Duncan Campbell to appraise the setup at the embassy. In 1976, Campbell uncovered the existence of the British intelligence service GCHQ. In his so-called 'Echelon Report' in 1999, he described for the European Parliament the existence of the global surveillance network of the same name. Campbell refers to window-like indentations on the roof of the US Embassy. They are not glazed but rather veneered with 'dielectric' material and are painted to blend into the surrounding masonry. This material is permeable even by weak radio signals. The interception technology is located behind these radio-transparent screens, says Campbell. The offices of SCS agents would most likely be located in the same windowless attic.'.... When SPIEGEL confronted the government on Oct. 10 with evidence that the chancellor's cellphone had been targeted, the German security apparatus became deeply unsettled. The Chancellery ordered the country's foreign intelligence agency, the Federal Intelligence Service (BND), to scrutinize the information. In parallel, Christoph Heusgen, Merkel's foreign policy adviser, also contacted his US counterpart, National Security Adviser Susan Rice, to tell her about SPIEGEL's research, which had been summarized on a single sheet of paper. Rice said she would look into it. Shortly afterwards, German security authorities got back to the Chancellery with a preliminary result: The numbers, dates and secret codes on the paper indicated the information was accurate. It was probably some kind of form from an intelligence agency department requesting surveillance on the chancellor's cellphone, they said. At this point, a sense of nervousness began to grow at government headquarters. It was clear to everyone that if the Americans were monitoring Merkel's phone, it would be a political bomb. But then Rice called the Chancellery on Friday evening to explain that if reports began to circulate that Merkel's phone had been targeted, Washington would deny it -- or at least that is how the Germans understood the message..... Merkel spoke with Obama on Wednesday afternoon, calling him from her secure landline in her Chancellery office. Both spoke English. According to the Chancellery, the president said that he had known nothing of possible monitoring, otherwise he would have stopped it. Obama also expressed his deepest regrets and apologized. The scandal revives an old question: Are the German security agencies too trusting of the Americans? Until now, German agencies have typically concerned themselves with China and Russia in their counterintelligence work, for which the domestic intelligence agency, the Federal Office for the Protection of the Constitution (BFV), is responsible..... Even to seasoned German intelligence officials, the revelations that have come to light present a picture of surprising unscrupulousness. It's quite possible that the BFV could soon be tasked with investigating the activities of the CIA and NSA.... now German-American relations are threatened with an ice age. Merkel's connection to Obama wasn't particularly good before the spying scandal. The chancellor is said to consider the president overrated -- a politician who talks a lot but does little, and is unreliable to boot. One example, from Berlin's perspective, was the military operation in Libya almost three years ago, which Obama initially rejected. When then-Secretary of State Hillary Clinton convinced him to change his mind, he did so without consulting his allies. Berlin saw this as evidence of his fickleness and disregard for their concerns. ... The chancellor's office is also now considering the possibility that the much-desired trans-Atlantic free trade agreement could fail if the NSA affair isn't properly cleared up. Since the latest revelations came out, some 58 percent of Germans say they support breaking off ongoing talks, while just 28 percent are against it. 'We should put the negotiations for a free-trade agreement with the US on ice until the accusations against the NSA have been clarified,' says Bavarian Economy Minister Ilse Aigner, a member of the Christian Social Union, the Bavarian sister party to Merkel's Christian Democrats.... The American spying tactics weren't far from the minds of leaders at the EU summit in Brussels last Thursday, either. French President Hollande was the first to bring it up at dinner, saying that while he didn't want to demonize the intelligence agencies, the Americans had so blatantly broken the law on millions of counts that he couldn't imagine how things could go on this way. Hollande called for a code of conduct among the intelligence agencies, an idea for which Merkel also showed support. But soon doubts emerged: Wouldn't Europe also have to take a look at its own surveillance practices? What if a German or French Snowden came forward to reveal dirty spy tactics?"
Embassy Espionage: The NSA's Secret Spy Hub in Berlin
Der Spiegel, 27 October 2013

"Washington Post journalist Bob Woodward said Sunday a huge 'secret government' and a government on 'automatic pilot' has led to many of the concerns now making headlines. 'They need to review this secret world,' he said of the Obama administration on 'Face the Nation' on CBS. 'You get to a point where it’s what do you worry about? Secret government.''
Woodward: 'Secret government' at the root of problems
Politico, 27 October 2013

"We now know – but only thanks to Edward Snowden and the Guardian, both of whom have performed a stellar public service – that GCHQ knowingly perpetrated a mass surveillance programme for which there was no adequate legal authorisation and then sought to stifle any public debate which might generate a challenge under privacy laws or reveal how far they were operating beyond or outside the law. We now know that the large telecoms companies lied in response to the Tempora revelations by declaring they simply complied with the law when in fact they far exceeded what the law provided for. And we now know that the Home Office and GCHQ campaigned to reject the use of intercepts as evidence, not as they said at the time because of the risk to national security, but because it would expose how far they had gone beyond the law including accessing communications networks abroad. The governance of Britain’s power institutions has all but collapsed. The feeble and ineffective Intelligence and Security Committee should be swept away and replaced by a powerful Select Committee responsible to Parliament, not the Executive."
Who can you trust in Britain today?
Michael Meacher MP » Blog Archive, 27 October 2013

"As America's road planners struggle to find the cash to mend a crumbling highway system, many are beginning to see a solution in a little black box that fits neatly by the dashboard of your car. The devices, which track every mile a motorist drives and transmit that information to bureaucrats, are at the center of a controversial attempt in Washington and state planning offices to overhaul the outdated system for funding America's major roads. The usually dull arena of highway planning has suddenly spawned intense debate and colorful alliances. Libertarians have joined environmental groups in lobbying to allow government to use the little boxes to keep track of the miles you drive, and possibly where you drive them — then use the information to draw up a tax bill."
A black box in your car? Some see a source of tax revenue
Los Angeles Times, 26 October 2013

"New claims emerged last night over the extent that US intelligence agencies have been monitoring the mobile phone of Angela Merkel. The allegations were made after German secret service officials were already preparing to travel to Washington to seek explanations into the alleged surveillance of its chancellor.A report in Der Spiegel said Merkel's mobile number had been listed by the NSA's Special Collection Service (SCS) since 2002 and may have been monitored for more than 10 years. It was still on the list – marked as 'GE Chancellor Merkel' – weeks before President Barack Obama visited Berlin in June.In an SCS document cited by the magazine, the agency said it had a 'not legally registered spying branch' in the US embassy in Berlin, the exposure of which would lead to 'grave damage for the relations of the United States to another government'. From there, NSA and CIA staff were tapping communication in Berlin's government district with high-tech surveillance. Quoting a secret document from 2010, Der Spiegel said such branches existed in about 80 locations around the world, including Paris, Madrid, Rome, Prague, Geneva and Frankfurt. Merkel's spokesman and the White House declined to comment on the report. The nature of the monitoring of Merkel's mobile phone is not clear from the files, Der Spiegel said. It might be that the chancellor's conversations were recorded, or that her contacts were simply assessed. Ahead of the latest claims , the German government's deputy spokesman, Georg Streiter, said a high-level delegation was heading to the White House and National Security Agency to 'push forward' investigations into earlier surveillance allegations..... Germany and Brazil are spearheading efforts at the UN to protect the privacy of electronic communications. Diplomats from the two countries, which have both been targeted by the NSA, are leading efforts by a coalition of nations to draft a UN general assembly resolution calling for the right to privacy on the internet. Although non-binding, the resolution would be one of the strongest condemnations of US snooping to date. 'This resolution will probably have enormous support in the GA [general assembly] since no one likes the NSA spying on them,' a western diplomat told Reuters on condition of anonymity. The Brazilian president, Dilma Rousseff, had previously cancelled a state visit to Washington over the revelation that the NSA was scooping up large amounts of Brazilian communications data, including from the state-run oil company Petrobras. The drafting of the UN resolution was confirmed by the country's foreign ministry. The Associated Press quoted a diplomat who said the language of the resolution would not be 'offensive' to any nation, particularly the US. He added that it would expand the right to privacy guaranteed by the international covenant on civil and political rights, which went into force in 1976."
NSA surveillance: Germany to send intelligence officials to US
Observer, 26 October 2013

"The US National Security Agency has been accused of monitoring the mobile phones of at least 35 'world leaders', including the German chancellor Angela Merkel. On Friday, Prime Minister David Cameron was forced on the defensive at an EU summit that was overshadowed by claims of snooping by the NSA and Britain's GCHQ in Cheltenham. Now two senior Lockerbie campaigners said they believe the Americans also targeted the Scottish Government, including the First Minister and Justice Secretary Kenny MacAskill, in 2009. At the time, political leaders on both sides of the Atlantic were looking on anxiously as Mr MacAskill decided the fate of Abdelbaset Ali Mohmed al-Megrahi. The Libyan, jailed for his part in the 1988 bombing of Pan Am Flight 103, had contracted terminal prostate cancer and was eventually sent back to Tripoli to die. Despite the outraged reaction in Washington, sources close to Megrahi said the US Government appeared to have advance knowledge of Mr MacAskill's decision. Professor Robert Black, the architect of Megrahi's trial under Scots Law, said: 'From my own contacts with the Libyan regime, I was led to believe that although the Americans huffed and puffed about the release they were reconciled to it. 'I was led to understand that they knew in advance of the decision. [Former foreign minister Abdul Ati] Obeidi always told me he knew and the Americans knew, by one means or another. 'The question is whether Alex Salmond's phone was one of those with a 'flag' on it from the NSA - although I bet it wasn't until the Megrahi release. 'Now with the referendum coming up, and the future of Trident and Nato and all that sort of thing, I think it might still be flagged.' .... Dr Swire, another JFM member whose daughter Flora was among the 270 people killed in the atrocity, said it was not 'remotely difficult to believe' the Americans had bugged Scottish ministers. He added: 'There is no way of telling whether Kenny MacAskill or Alex Salmond have had their conversations bugged but personally I'm sure they have, whether it was by GCHQ at Cheltenham or by the Americans.' Dr Swire said he believes he has been under surveillance since the 1990s and once put the theory to the test by sending a fax containing false information to a trusted contact. The information - which could not have come from any other source - appeared in the London Evening Standard newspaper the following day. He said: 'This indicated that my faxes in those days were being intercepted. Considering how much technology has advanced since then, I have no doubt that my emails and phone calls are actually monitored all the time.' Members of the so-called 'Five Eyes' alliance - the UK, the USA, Australia, New Zealand and Canada - have agreed not to spy on each other. Both the Scottish Government and the White House press office declined to comment on the latest claims."
American spies 'bugged' phone belonging to Scottish minister Alex Salmond
Scottish Express, 26 October 2013

"The UK intelligence agency GCHQ has repeatedly warned it fears a 'damaging public debate' on the scale of its activities because it could lead to legal challenges against its mass-surveillance programmes, classified internal documents reveal. Memos contained in the cache disclosed by the US whistleblower Edward Snowden detail the agency's long fight against making intercept evidence admissible as evidence in criminal trials – a policy supported by all three major political parties, but ultimately defeated by the UK's intelligence community. Foremost among the reasons was a desire to minimise the potential for challenges against the agency's large-scale interception programmes, rather than any intrinsic threat to security, the documents show. The papers also reveal that: • GCHQ lobbied furiously to keep secret the fact that telecoms firms had gone 'well beyond' what they were legally required to do to help intelligence agencies' mass interception of communications, both in the UK and overseas. • GCHQ feared a legal challenge under the right to privacy in the Human Rights Act if evidence of its surveillance methods became admissible in court. • GCHQ assisted the Home Office in lining up sympathetic people to help with 'press handling', including the Liberal Democrat peer and former intelligence services commissioner Lord Carlile, who this week criticised the Guardian for its coverage of mass surveillance by GCHQ and America's National Security Agency. - The most recent attempt to make intelligence gathered from intercepts admissible in court, proposed by the last Labour government, was finally stymied by GCHQ, MI5 and MI6 in 2009. A briefing memo prepared for the board of GCHQ shortly before the decision was made public revealed that one reason the agency was keen to quash the proposals was the fear that even passing references to its wide-reaching surveillance powers could start a 'damaging' public debate. Referring to the decision to publish the report on intercept as evidence without classification, it noted: 'Our main concern is that references to agency practices (ie the scale of interception and deletion) could lead to damaging public debate which might lead to legal challenges against the current regime.' A later update, from May 2012, set out further perceived 'risks' of making intercepts admissible, including 'the damage to partner relationships if sensitive information were accidentally released in open court'. It also noted that the 'scale of interception and retention required would be fairly likely to be challenged on Article 8 (Right to Privacy) grounds'."
Leaked memos reveal GCHQ efforts to keep mass surveillance secret
Guardian, 25 October 2013

"GCHQ's internet surveillance programme is the subject of a challenge in the European court of human rights, mounted by three privacy advocacy groups. The Open Rights Group, English PEN and Big Brother Watch argue the 'unchecked surveillance' of Tempora is a challenge to the right to privacy, as set out in the European convention on human rights. That the Tempora programme appears to rely at least in part on voluntary co-operation of telecoms firms could become a major factor in that ongoing case. The revelation could also reignite the long-running debate over allowing intercept evidence in court.GCHQ's submission goes on to set out why its relationships with telecoms companies go further than what can be legally compelled under current law. It says that in the internet era, companies wishing to avoid being legally mandated to assist UK intelligence agencies would often be able to do so 'at little cost or risk to their operations' by moving 'some or all' of their communications services overseas. As a result, 'it has been necessary to enter into agreements with both UK-based and offshore providers for them to afford the UK agencies access, with appropriate legal authorisation, to the communications they carry outside the UK'. The submission to ministers does not set out which overseas firms have entered into voluntary relationships with the UK, or even in which countries they operate, though documents detailing the Tempora programme made it clear the UK's interception capabilities relied on taps located both on UK soil and overseas. There is no indication as to whether the governments of the countries in which deals with companies have been struck would be aware of the GCHQ cable taps. Evidence that telecoms firms and GCHQ are engaging in mass interception overseas could stoke an ongoing diplomatic row over surveillance ignited this week after the German chancellor, Angela Merkel, accused the NSA of monitoring her phone calls, and the subsequent revelation that the agency monitored communications of at least 35 other world leaders. On Friday, Merkel and the French president, François Hollande, agreed to spearhead efforts to make the NSA sign a new code of conduct on how it carried out intelligence operations within the European Union, after EU leaders warned that the international fight against terrorism was being jeopardised by the perception that mass US surveillance was out of control. Fear of diplomatic repercussions were one of the prime reasons given for GCHQ's insistence that its relationships with telecoms firms must be kept private. Telecoms companies 'feared damage to their brands internationally, if the extent of their co-operation with HMG [Her Majesty's government] became apparent', the GCHQ document warned. It added that if intercepts became admissible as evidence in UK courts 'many CSPs asserted that they would withdraw their voluntary support'.... Shami Chakrabarti, Director of Liberty and Anthony Romero Executive Director of the American Civil Liberties Union issued a joint statement stating: 'The Guardian's publication of information from Edward Snowden has uncovered a breach of trust by the US and UK Governments on the grandest scale. The newspaper's principled and selective revelations demonstrate our rulers' contempt for personal rights, freedoms and the rule of law..'"
Leaked memos reveal GCHQ efforts to keep mass surveillance secret
Guardian, 25 October 2013

"The most under-discussed aspect of the NSA story has long been its international scope. That all changed this week as both Germany and France exploded with anger over new revelations about pervasive NSA surveillance on their population and democratically elected leaders. As was true for Brazil previously, reports about surveillance aimed at leaders are receiving most of the media attention, but what really originally drove the story there were revelations that the NSA is bulk-spying on millions and millions of innocent citizens in all of those nations. The favorite cry of US government apologists -–everyone spies! – falls impotent in the face of this sort of ubiquitous, suspicionless spying that is the sole province of the US and its four English-speaking surveillance allies (the UK, Canada, Australia and New Zealand)...... is there any doubt at all that the US government repeatedly tried to mislead the world when insisting that this system of suspicionless surveillance was motivated by an attempt to protect Americans from The Terrorists™? Our reporting has revealed spying on conferences designed to negotiate economic agreements, the Organization of American States, oil companies, ministries that oversee mines and energy resources, the democratically elected leaders of allied states, and entire populations in those states. Can even President Obama and his most devoted loyalists continue to maintain, with a straight face, that this is all about Terrorism?.... Speaking of an inability to maintain claims with a straight face, how are American and British officials, in light of their conduct in all of this, going to maintain the pretense that they are defenders of press freedoms and are in a position to lecture and condemn others for violations? In what might be the most explicit hostility to such freedoms yet – as well as the most unmistakable evidence of rampant panic – the NSA's director, General Keith Alexander, actually demanded Thursday that the reporting being done by newspapers around the world on this secret surveillance system be halted .... What kind of person wants the government to forcibly shut down reporting by the press? Whatever kind of person that is, he is not someone to be trusted in instituting and developing a massive bulk-spying system that operates in the dark. For that matter, nobody is."
Glen Greenwald - As Europe erupts over US spying, NSA chief says government must stop media
Guardian, Comment Is Free, 25 October 2012

"In the 1970s, Congressman Otis Pike of New York chaired a special congressional committee to investigate abuses by the American so-called 'intelligence community' – the spies. After the investigation, Pike commented: 'It took this investigation to convince me that I had always been told lies, to make me realize that I was tired of being told lies. I'm tired of the spies telling lies, too.' Pike's investigation initiated one of the first congressional oversight debates for the vast and hidden collective of espionage agencies, including the Central Intelligence Agency (CIA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA). Before the Pike Commission, Congress was kept in the dark about them – a tactic designed to thwart congressional deterrence of the sometimes illegal and often shocking activities carried out by the 'intelligence community'. Today, we are seeing a repeat of this professional voyeurism by our nation's spies, on an unprecedented and pervasive scale..... Despite being a member of Congress possessing security clearance, I've learned far more about government spying on me and my fellow citizens from reading media reports than I have from 'intelligence' briefings. If the vote on the Amash-Conyers amendment is any indication, my colleagues feel the same way. In fact, one long-serving conservative Republican told me that he doesn't attend such briefings anymore, because, 'they always lie'.... Many of us worry that Congressional Intelligence Committees are more loyal to the 'intelligence community' that they are tasked with policing, than to the Constitution. And the House Intelligence Committee isn't doing anything to assuage our concerns. I've requested classified information, and further meetings with NSA officials. The House Intelligence Committee has refused to provide either. Supporters of the NSA's vast ubiquitous domestic spying operation assure the public that members of Congress can be briefed on these activities whenever they want. Senator Saxby Chambliss says all a member of Congress needs to do is ask for information, and he'll get it. Well I did ask, and the House Intelligence Committee said 'no', repeatedly. And virtually every other member not on the Intelligence Committee gets the same treatment. .... Edward Snowden's revelations demonstrate that the members of Congress, who are asked to authorize these programs, are not privy to the same information provided to junior analysts at the NSA, and even private contractors who sell services to foreign governments. The only time that these intelligence committees disclose classified information to us, your elected representatives, is when it serves the purposes of the 'intelligence community'..... As the country continues to debate the supposed benefits of wall-to-wall spying programs on each and every American, without probable cause, the spies, 'intelligence community' and Congressional Intelligence Committees have a choice: will they begin sharing comprehensive information about these activities, so that elected public officials have the opportunity to make informed decisions about whether such universal snooping is necessary, or constitutional? Or will they continue to obstruct our efforts to understand these programs, and force us to rely on information provided by whistleblowers who undertake substantial risks to disseminate this information about violations of our freedom in an increasingly hostile environment? And why do Generals Alexander and Clapper remain in office, when all the evidence points to them committing the felony of lying to Congress and the American people? Representative Pike would probably say that rank-and-file representatives will never get the information we need from the House Intelligence Committee, because the spying industrial complex answers only to itself."
Alan Greyson - US Congressman
Congressional oversight of the NSA is a joke. I should know, I'm in Congress
Guardian, 25 October 2013

"The National Security Agency monitored the phone conversations of 35 world leaders after being given the numbers by an official in another US government department, according to a classified document provided by whistleblower Edward Snowden. The confidential memo reveals that the NSA encourages senior officials in its 'customer' departments, such the White House, State and the Pentagon, to share their 'Rolodexes' so the agency can add the phone numbers of leading foreign politicians to their surveillance systems. The document notes that one unnamed US official handed over 200 numbers, including those of the 35 world leaders, none of whom is named. These were immediately 'tasked' for monitoring by the NSA. The revelation is set to add to mounting diplomatic tensions between the US and its allies, after the German chancellor Angela Merkel on Wednesday accused the US of tapping her mobile phone. After Merkel's allegations became public, White House press secretary Jay Carney issued a statement that said the US 'is not monitoring and will not monitor' the German chancellor's communications. But that failed to quell the row, as officials in Berlin quickly pointed out that the US did not deny monitoring the phone in the past. The NSA memo obtained by the Guardian suggests that such surveillance was not isolated, as the agency routinely monitors the phone numbers of world leaders – and even asks for the assistance of other US officials to do so."
NSA monitored calls of 35 world leaders after US official handed over contacts
Guardian, 24 October 2013

"The United States monitored the phone conversations of 35 world leaders according to classified documents leaked by fugitive whistleblower Edward Snowden, Britain's Guardian newspaper said on Thursday. Phone numbers were passed on to the U.S. National Security Agency (NSA) by an official in another government department, according to the documents, the Guardian said on its website. It added that staff in the White House, State Department and the Pentagon were urged to share the contact details of foreign politicians. The revelations come after Germany demanded answers from Washington over allegations Chancellor Angela Merkel's phone was bugged, the worst spat between the two countries in a decade. The White House did not deny the bugging, saying only it would not happen in future. 'In one recent case, a U.S. official provided NSA with 200 phone numbers to 35 world leaders,' reads an excerpt from a confidential memo dated October 2006 which was quoted by the Guardian. The identities of the politicians in question were not revealed. The revelations in the centre-left Guardian suggested that the bugging of world leaders could be more widespread than originally thought, with the issue set to overshadow an EU summit in Brussels."
U.S. monitored the phone calls of 35 world leaders - report
Reuters, 24 October 2013

"German Chancellor Angela Merkel complained to President Barack Obama on Wednesday after learning that U.S. intelligence may have targeted her mobile phone, saying that would be 'a serious breach of trust' if confirmed. For its part, the White House denied that the U.S. is listening in on Merkel’s phone calls now.... 'The magnitude of the eavesdropping is what shocked us,' [former French foreign minister] Bernard Kouchner said in a radio interview. 'Let’s be honest, we eavesdrop too. Everyone is listening to everyone else. But we don’t have the same means as the United States, which makes us jealous.'"
Merkel complains to Obama as Germany says US spies may have targeted her mobile phone
Associated Press, 23 October 2013

"European lawmakers narrowly approved a resolution seeking to scrap an agreement that grants U.S. authorities access to bank data for terrorism-related investigations. The non-binding resolution on Wednesday followed leaks by Edward Snowden alleging the U.S. National Security Agency targeted a Belgium-based system of international bank transfers, known as SWIFT. The resolution — adopted 280-254 with 30 abstentions — comes as a major rebuke, and shows the continuing outrage in Europe over Washington's surveillance programs. The measure's opponents say cancelling the agreement would jeopardize a powerful tool in the fight against terrorism. Supporters say the alleged spying grossly violated the agreement and thereby voided it. A majority of the 28-nation bloc's member states could decide to scrap the so-called Terrorist Finance Tracking Program if a violation were to be proven.....The BBC's Christian Fraser in Paris says the outrage is largely for public consumption, because the French government has been accused of running its own snooping operation similar to the US. Le Monde reported in July that the French government was storing vast amounts of personal data of its citizens on a supercomputer at the headquarters of the DGSE intelligence service. Connections inside France and between France and other countries were all monitored, Le Monde reported. Emails, text messages, telephone and internet browsing records are stored for years, it said. The latest revelations follow claims in the German media that US agents hacked into the email account of former Mexican President Felipe Calderon. Mr Snowden, a former NSA worker, went public with revelations about US spying operations in June. The information he leaked led to claims of systematic spying by the NSA and CIA on a global scale. Targets included rivals like China and Russia, as well as allies like the EU and Brazil. The NSA was also forced to admit it had captured email and phone data from millions of Americans."
EU Parliament Urges Ending Data Agreement With US
Associated Press, 23 October 2013

"The Tory chairman of the Intelligence and Security Committee told University College London's debating society that the approval of the Foreign Secretary or the Home Secretary is required before a human can look at the content of an email. Sir Malcolm [Rifkind], who denied the suggestion that the UK is a 'surveillance state', said the committee has access to all the information held by the intelligence agencies. 'We have been given - particularly over the last year - the powers by the Government which we have never had before, to require the intelligence agencies to share all their information with us when we seek them,' he said. 'Our staff can go - and do go - into MI6, MI5, GCHQ and can see their files when we are carrying out an investigation.'"
Malcolm Rifkind: all British terror plots since 'July 7' were foiled through intercept info
Telegraph, 22 Ocotober 2013

"What are we to make of Edward Snowden? I know what I once made of him. He was no real whistleblower, I wrote, but 'ridiculously cinematic' and 'narcissistic' as well. As time has proved, my judgments were just plain wrong. Whatever Snowden is, he is curiously modest and has bent over backward to ensure that the information he has divulged has done as little damage as possible. As a 'traitor,' he lacks the requisite intent and menace..... My initial column on Snowden was predicated on the belief that, really, nothing he revealed was new. Didn’t members of Congress know all this stuff and hadn’t much of it leaked? Yes, that’s largely true. But my mouth is agape at the sheer size of these data-gathering programs — a cascade of news stories that leads me to conclude that this very column was known to the National Security Agency before it was known to my editors. I also wrote that 'No one lied about the various programs' Snowden disclosed. But then we found out that James Clapper did. The director of national intelligence was asked at a Senate hearing in March if 'the story that we have millions or hundreds of millions of dossiers on people is completely false' and he replied that it was. Actually, it was his answer that was 'completely false.'.... [Snowden] may have been technically disloyal to America but not, after some reflection, to American values."
Richard Cohen - Edward Snowden is no traitor
Washington Post, 22 October 2013

"France's foreign ministry has summoned the US ambassador over allegations the US National Security Agency spied on millions of phone calls in France. Prime Minister Jean-Marc Ayrault said he was 'deeply shocked' by the claims made in the Le Monde newspaper. The data, based on leaks from ex-intelligence analyst Edward Snowden, suggest the NSA monitored officials and businesses as well as terror suspects. The White House said 'all nations' conducted spying operations. Le Monde says the NSA spied on 70.3 million phone calls in France in just 30 days between 10 December last year and 8 January 2013. The intercepts were apparently triggered by certain key words. The agency also apparently captured millions of text messages. It was unclear whether the content of the calls and messages was stored, or just the metadata - the details of who was speaking to whom. And the paper did not say whether the operation, codenamed US-985D, was still in progress. Prime Minister Ayrault said: 'It's incredible that an allied country like the United States at this point goes as far as spying on private communications that have no strategic justification, no justification on the basis of national defence.'"
Snowden leaks: France summons US envoy over spying claims
BBC Online, 21 October 2013

"The NSA has been systematically eavesdropping on the Mexican government for years. It hacked into the president's public email account and gained deep insight into policymaking and the political system. The news is likely to hurt ties between the US and Mexico. The National Security Agency (NSA) has a division for particularly difficult missions. Called 'Tailored Access Operations' (TAO), this department devises special methods for special targets. That category includes surveillance of neighboring Mexico, and in May 2010, the division reported its mission accomplished. A report classified as 'top secret' said: 'TAO successfully exploited a key mail server in the Mexican Presidencia domain within the Mexican Presidential network to gain first-ever access to President Felipe Calderon's public email account.' According to the NSA, this email domain was also used by cabinet members, and contained 'diplomatic, economic and leadership communications which continue to provide insight into Mexico's political system and internal stability.' The president's office, the NSA reported, was now 'a lucrative source.' This operation, dubbed 'Flatliquid,' is described in a document leaked by whistleblower Edward Snowden, which SPIEGEL has now had the opportunity to analyze. The case is likely to cause further strain on relations between Mexico and the United States, which have been tense since Brazilian television network TV Globo revealed in September that the NSA monitored then-presidential candidate Enrique Peña Nieto and others around him in the summer of 2012. Peña Nieto, now Mexico's president, summoned the US ambassador in the wake of that news, but confined his reaction to demanding an investigation into the matter. Now, though, the revelation that the NSA has systematically infiltrated an entire computer network is likely to trigger deeper controversy, especially since the NSA's snooping took place during the term of Peña Nieto's predecessor Felipe Calderón, a leader who worked more closely with Washington than any other Mexican president before him. Reports of US surveillance operations have caused outrage in Latin America in recent months. Brazilian President Dilma Rousseff cancelled a planned trip to Washington five weeks ago and condemned the NSA's espionage in a blistering speech to the United Nations General Assembly. The US surveillance of politicians in Mexico and Brazil is not a one-off. Internal documents show these countries' leaders represent important monitoring targets for the NSA, with both Mexico and Brazil ranking among the nations high on an April 2013 list that enumerates the US' surveillance priorities. That list, classified as 'secret,' was authorized by the White House and 'presidentially approved,' according to internal NSA documents. The list ranks strategic objectives for all US intelligence services using a scale from '1' for high priority to '5' for low priority. In the case of Mexico, the US is interested primarily in the drug trade (priority level 1) and the country's leadership (level 3). Other areas flagged for surveillance include Mexico's economic stability, military capabilities, human rights and international trade relations (all ranked at level 3), as well as counterespionage (level 4). It's much the same with Brazil -- ascertaining the intentions of that country's leadership ranks among the stated espionage targets. Brazil's nuclear program is high on the list as well."
Fresh Leak on US Spying: NSA Accessed Mexican President's Email
Der Spiegel, 20 October 2013

"Snowden said he had decided to become a whistleblower and flee America because he had no faith in the internal reporting mechanisms of the US government, which he believed would have destroyed him and buried his message forever. One of the main criticisms levelled at Snowden by the Obama administration has been that he should have taken up an official complaint within the NSA rather than travelling to Hong Kong to share his concerns about the agency's data dragnet with the Guardian and other news organisations. But Snowden dismissed that option as implausible. 'The system does not work,' he said, pointing to the paradox that 'you have to report wrongdoing to those most responsible for it'. If he had tried to sound the alarm internally, he would have been 'discredited and ruined' and the substance of his warnings 'would have been buried forever'. Snowden's comments go to the heart of the dichotomy within the Obama administration's policy towards whistleblowers. It has introduced new protections for whistleblowers uncovering corruption and inefficiency, including a presidential order that extends the safeguards to the intelligence services. But contract workers such as Snowden are not protected by the executive order, and the government has pursued official leakers with an aggression rarely seen before. Eight leakers, including Snowden, have been prosecuted under the 1917 Espionage Act – more than twice the number under all previous presidents combined....He said he was shocked when he came across a copy of a classified report from 2009 dealing with the NSA's warrantless wiretapping under Bush. 'If the highest officials in government can break the law without fearing punishment or even any repercussions at all, secret powers become tremendously dangerous.' He said his main objection to the NSA dragnet of data was that it was being conducted in secret. 'The secret continuance of these programmes represents a far greater danger than their disclosure. It represents a dangerous normalisation of 'governing in the dark', where decisions with enormous public impact occur without any public input.'"
Edward Snowden: I brought no leaked NSA documents to Russia
Guardian, 18 October 2013

"Nick Clegg has welcomed the decision of parliament's intelligence and security committee (ISC) to launch an inquiry into the extent and scale of mass surveillance undertaken by Britain's spy agencies. The deputy prime minister said it was right to assess how 'big, new, powerful technologies' are used by the intelligence agencies. Clegg spoke out on his weekly LBC radio phone-in after the ISC, the body tasked with overseeing the work of GCHQ, MI5 and MI6, announced an investigation in response to concern raised by the leaks from the whistleblower Edward Snowden. The Guardian has published a number of articles based on the leaks. Sir Malcolm Rifkind, the committee chair, said an informed and proper debate was needed. One Whitehall source described the investigation as 'a public inquiry in all but name'.... The admission that legitimate issues have been raised by the Guardian investigation also undercuts those on the Conservative benches demanding that the primary response to the Guardian disclosures should be prosecution of the newspaper for breaking the Official Secrets Act. Those demands surfaced again in parliament on Wednesday. At prime minister's questions David Cameron criticised the Guardian and urged select committees to hold inquiries, following a question from the former defence secretary Liam Fox asking whether it was a double standard to prosecute newspapers that hacked the phones of celebrities but not those papers that released information that endangered national security."
Nick Clegg welcomes inquiry into scale of spy agency work in Britain
Guardian, 17 October 2013

"New European rules aimed at curbing questionable transfers of data from EU countries to the US are being finalised in Brussels in the first concrete reaction to the Edward Snowden disclosures on US and British mass surveillance of digital communications. Regulations on European data protection standards are expected to pass the European parliament committee stage on Monday after the various political groupings agreed on a new compromise draft following two years of gridlock on the issue. The draft would make it harder for the big US internet servers and social media providers to transfer European data to third countries, subject them to EU law rather than secret American court orders, and authorise swingeing fines possibly running into the billions for the first time for not complying with the new rules. 'As parliamentarians, as politicians, as governments we have lost control over our intelligence services. We have to get it back again,' said Jan Philipp Albrecht, the German Greens MEP who is steering the data protection regulation through the parliament. Data privacy in the EU is currently under the authority of national governments with standards varying enormously across the 28 countries, complicating efforts to arrive at satisfactory data transfer agreements with the US. The current rules are easily sidestepped by the big Silicon Valley companies, Brussels argues. The new rules, if agreed, would ban the transfer of data unless based on EU law or under a new transatlantic pact with the Americans complying with EU law. 'Without any concrete agreement there would be no data processing by telecommunications and internet companies allowed,' says a summary of the proposed new regime."
New EU rules to curb transfer of data to US after Edward Snowden revelations
Guardian, 17 October 2013

"The extent and scale of mass surveillance undertaken by Britain's spy agencies is to be scrutinised in a major inquiry to be formally launched on Thursday. Parliament's intelligence and security committee (ISC), the body tasked with overseeing the work of GCHQ, MI5 and MI6, will say the investigation is a response to concern raised by the leaks from the whistleblower Edward Snowden. Sir Malcolm Rifkind, the committee chair, said 'an informed and proper debate was needed'. One Whitehall source described the investigation as 'a public inquiry in all but name'. The announcement comes four months after the Guardian, and leading media groups in other countries, including the New York Times and the Washington Post, began disclosing details of secret surveillance programmes run by Britain's eavesdropping centre, GCHQ, and its US counterpart, the National Security Agency. The Guardian has been urging a debate about programmes such as GCHQ's Tempora and the NSA's Prism, which allow the agencies to harvest vast amounts of personal data from millions of people – intelligence that is routinely shared between the two countries. In a change from its usual protocol, the normally secretive committee also announced that part of its inquiry would be held in public. It will also take written evidence from interested groups and the public, as well as assessing secret material supplied by the intelligence agencies. The Guardian will also consider submitting evidence. Conceding that public concerns had to be addressed, Rifkind, a former foreign secretary, added: 'There is a balance to be found between our individual right to privacy and our collective right to security.' The ISC, which has been criticised for being too close to the agencies, has been under pressure to provide more robust scrutiny of the intelligence community. In recent weeks Lord King, a former chair of the committee, Sir David Omand, a former director of GCHQ, and Stella Rimington, a former head of MI5, have all raised concerns about the laws governing the secret services and the amount of scrutiny they are subjected too."
Extent of spy agencies' surveillance to be investigated by parliamentary body
Guardian, 17 October 2013

"Most people know Facebook stores your data. They understand that when you send a message or post a photo on the site those files don't disappear into the internet's ether. There might even be a nodding of heads when the breadth of what's held is explained: every joke cracked, birthday message posted and person 'poked' remains logged on the site for posterity. It makes sense after all. But few realise how much a fraudster could do within minutes of access to an account. A few simple searches could bring enough information to help a criminal open a credit card, loan or new bank account in your name. How? And who is to blame? Anyone can download all the data Facebook holds on them. Thanks to Europe-wide data protection rules companies are obliged to reveal what information they store on you. Normally this involves a written request, small fee and 40-day wait. Luckily Facebook makes this easy. By clicking on account settings (the small cog icon at the top right), picking 'general' and going to 'download a copy of your Facebook data' you can get hold of everything. Browsing the folders at first is fairly amusing. Old messages track forgotten relationships as they spark up and peter out. Gossip from university days resurfaces. AmDram productions you promised friends you would attend remain in a list of past events. You realise biographers of the future won't be combing through dusty collections of letters but double-clicking on folders containing Facebook profiles. But what if the data fell into the wrong hands? To see what useful info could be gleaned I downloaded my own personal Facebook data, which has been building up for the last seven years. Through simple word searches a host of sensitive information could be uncovered within minutes. Searching for the word 'bank' in the file containing past messages returned my bank account details. Sort code; account number; card number; bank name; the lot. Turns out I had sent them to a friend who needed to transfer money in 2010. Typing 'my address' bought up my home address, including postcode, as well as a flat I had rented in London. Searches for 'my number' and 'my email' found the correct details instantly. Date of birth could be worked out via 'happy birthday' posts. Relatives could be found by searching the friends list for my surname. Recent sessions logged the IP address of the computer used. A criminal could even work out the exact times I would be out of the house for dinner or on holiday by looking at which events I was attending. 'There are all sorts of things you could do with that,' says Tony Neate, an ex-policeman who spent 30 years in the force and now heads up the government-backed Get Safe Online campaign. 'I know from talking to people within the police and the Serious Organised Crime Agency that you are well on your way as a criminal to having everything you need to steal your identity.' He adds: 'They can mirror who you are and then start looking at where they can actually make money from the information they have got ... The amount of information you have given me is 90 per cent there for someone to be able to [commit identity fraud]....some are predicting a boom in Facebook fraud over the coming years. Our lives may be becoming ever more integrated with social media, but awareness of the risks still lags way behind. Unless something changes, Neal Munroe says, criminals will increasingly target the 'rich pickings' offered by our Facebook profiles.'"
Facebook hacked: how criminals can exploit your data
Telegraph, 16 October 2013

"Britain's spy agencies may be operating outside the law in the mass internet surveillance programmes uncovered by the US whistleblower Edward Snowden, according to Lord Blencathra, the former Conservative Home Office minister who led a formal inquiry into the data communications bill. The Tory peer – David Maclean when he was an MP – said he felt 'deeply, deeply uneasy' about programmes that allow the security services to examine the internet activities of British citizens without the consent of parliament. In an interview with the Guardian, Blencathra said that the public had a right to know their internet data might be 'lifted' and shared with US intelligence services – and that MPs should either vote to approve the surveillance programmes or put a stop to them. He also condemned the fact that his committee scrutinising the data communications bill – subsequently killed off by the Liberal Democrats – was never told about GCHQ's existing mass surveillance capabilities. A joint memo from MI5, MI6 and GCHQ made no mention of them, he added. 'Some people were very economical with the actuality. I think we would have regarded this as highly, highly relevant. I personally am annoyed we were not given this information,' said Blencathra, who was an ally of Michael Howard and considered on the right of his party."
Conservative peer Lord Blencathra hits out at online spying by GCHQ
Guardian, 14 October 2013

"Thanks to former NSA man Edward Snowden, we now know a fair amount about the NSA's ability to collect data about what people do online, and it's all rather disturbing. But the future looks even more worrisome. Some of the biggest companies in tech are assembling new forms of online tracking that would follow users more aggressively than the open technologies used today. Just this week, word arrived that Microsoft is developing such a system, following, apparently, in the footsteps of Google. The new data troves are to be used for advertising, not government surveillance, and only made available to authorised third parties. Yet the NSA has proven adept at co-opting large pools of data for its own ends. 'Users did not have much control in the cookie era,' says Marc Rotenberg, executive director of the Electronic Privacy Information Center, a nonprofit advocacy group in Washington. 'But the problem is about to get much worse -- tracking techniques will become more deeply embedded and a much smaller number of companies will control advertising data.' Rotenberg says potential NSA use of the next-generation tracking data is all the more reason to move away from behavioural tracking. And he points out that there's already evidence that ad data could have been used by government spies. NSA documents published by the Guardian earlier this month appear to postulate that cookies set by the pervasive Google-owned ad network DoubleClick could be used to spot internet users who also use the Tor anonymity system. The NSA Tor attack could only work on people who made mistakes using what is otherwise a strong system. But yesterday, Ad Age reported that Microsoft is developing a system that has intimate tracking at its core, following people as they hop from the web to apps and from PCs to tablets to phones to videogame consoles. By shoving aside cookies for an unspecified new identification technology built into devices at a lower level, Microsoft and its authorised partners would gain detailed tracking ability -- though the report also says that the system could lock out non-authorised parties, who are harder to exclude from the data flow in cookie-based tracking. That may sound like a good thing, but keep in mind that Snowden's documents indicate that the NSA has previously helped itself to big company data, with authorisation or without. Under Microsoft's system, web 'search data could inform TV-style ads within streaming video apps on Xbox,' Ad Age wrote. 'Microsoft's cookie replacement would essentially be a device identifier, meaning consumers could give permission for its advertising use when opting in to a device's regular user agreement or terms of service.' Requiring an opt-in is better than not, but the reality is that most people opt in to such things, simply because services require or encourage them to do so.... Right now, ordinary internet users are more angry than they've ever been about the government sweeping their private data into big, concentrated surveillance databases. At the same time, large corporations are eagerly improving their ability to sweep private data into big, concentrated advertising databases. At the very least, Microsoft and Google will have to walk a fine line to deploy these systems. But perhaps this time, the protests will be louder -- and more effective."
Amid NSA outrage, big tech companies plan to track you even more aggressively
Wired, 14 October 2013

"The National Security Agency is harvesting hundreds of millions of contact lists from personal e-mail and instant messaging accounts around the world, many of them belonging to Americans, according to senior intelligence officials and top-secret documents provided by former NSA contractor Edward Snowden. The collection program, which has not been disclosed before, intercepts e-mail address books and 'buddy lists' from instant messaging services as they move across global data links. Online services often transmit those contacts when a user logs on, composes a message, or synchronizes a computer or mobile device with information stored on remote servers. Rather than targeting individual users, the NSA is gathering contact lists in large numbers that amount to a sizable fraction of the world’s e-mail and instant messaging accounts. Analysis of that data enables the agency to search for hidden connections and to map relationships within a much smaller universe of foreign intelligence targets. During a single day last year, the NSA’s Special Source Operations branch collected 444,743 e-mail address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, 33,697 from Gmail and 22,881 from unspecified other providers, according to an internal NSA PowerPoint presentation. Those figures, described as a typical daily intake in the document, correspond to a rate of more than 250 million a year. Each day, the presentation said, the NSA collects contacts from an estimated 500,000 buddy lists on live-chat services as well as from the inbox displays of Web-based e-mail accounts. The collection depends on secret arrangements with foreign telecommunications companies or allied intelligence services in control of facilities that direct traffic along the Internet’s main data routes. Although the collection takes place overseas, two senior U.S. intelligence officials acknowledged that it sweeps in the contacts of many Americans. They declined to offer an estimate but did not dispute that the number is likely to be in the millions or tens of millions."
NSA collects millions of e-mail address books globally
Washington Post, 14 October 2013

"...we learn that GCHQ, in all its technological majesty, can scoop up every last word that passes through those sleek cables beneath the Atlantic, everything we say and every last key that our fingers stroke. So it seems obvious that when it comes to surveillance and techniques of domestic spying, the law should be the master of technology. Anything else risks an increasing subservience of democracy to the unaccountability of security power. This means, at the very least, that as technologies develop, parliament should consider afresh the rules that govern their use by state agencies. What is the law that defines GCHQ's power over the internet; and how many warrants, and signed by whom, does it take to permit our spies access to everything? No one seems to know. Not the least of the inadequacies exposed by fallout from the Snowden revelations has been the sickly character of parliamentary oversight of the security agencies, even after recent reforms. An intelligence and security committee that goes into brief private session, only to emerge blinking into the daylight with protestations of apparent fealty to the security services, is a poor substitute for grown-up scrutiny. Co-option is not a uniquely British problem, but it surely is underlined when, amazingly, the ISC is chaired by Sir Malcolm Rifkind – once responsible for MI6 as foreign secretary. He seems badly compromised, and the ISC should never again be led by someone whom the public might perceive as having an axe to grind or an interest to defend. But worst of all has been the argument, heavily deployed in recent days, including by Sir Malcolm himself, that any more daylight than we currently enjoy simply assists the nation's enemies. Andrew Parker, the new director general of MI5, should be slower to employ this foolish, self-serving rhetoric that naively raises a perfectly legitimate question: how should we ensure that those privileged to be granted special powers to intrude into everything that is private serve a real public interest, rather than the dangerously false god of securitisation for its own sake? There is still great trust placed in the security agencies by the mass of British people. No doubt this results from a confidence that our spooks are in the business of targeting and going after our enemies, that we are on the same side and that they work for us. But nothing could be more damaging to this public support than a notion that, in pursuing a broadening vocation, the spies somehow find themselves squinting through lenses not just at the villains, but at the rest of us too."
Ken MacDonald, Director of Public Prosecutions (DPP) of England and Wales (2003–2008)
NSA affair shows the law should be the master of technology
Guardian, 14 October 2013

"Germany’s biggest communications company, Deutsche Telekom, has put forward plans for the country to use German only connections in a bid to combat the threat of foreign spy agencies and hackers. The former state-owned communications giant outlined the plans at a secret meeting in the Economy Ministry, according to magazine Wirtschaftswoche. The country's three biggest email providers, Deutsche Telekom, GMX and Web.de, announced in August that they would bolster security by encrypting their email traffic. But Telekom now wants to go a step further by using domestic only connections to protect the private data of German users in the wake of the NSA spying scandal. Whistleblower Edward Snowden revealed a massive electronic surveillance programme by the US and British security agencies. Email data is currently exchanged between users worldwide via international network hubs, where the data is processed and then sent on to its destination. But this system has come into disrepute since information leaked by Snowden showed the US and UK governments had used the hubs to spy on millions of private emails. Deutsche Telekom's plan would change the system so that emails between German users are no longer transferred via the international hubs, but stay in networks within German borders. 'We want to guarantee that between sender and receiver in Germany, not a single byte leaves the country, or even crosses the border temporarily,' explained Thomas Kremer, the firm's director of data protection. But on Monday it was unclear how Deutsche Telekom would achieve this feat, which would also require the company's competitors to agree to bypass the international hubs, some of which are in the UK."
Comms giant pushes anti-spy network
The Local (German Edition), 14 October 2013

"An easy-to-exploit backdoor has been found in seven different models of domestic routers made by D-Link and Planex. The backdoor, if used, would let an attacker take complete control of a router or modem and spy on a home's browsing activity. D-Link has acknowledged the existence of the backdoor and said a fix would be available by the end of October. So far, the backdoor does not seem to have been exploited 'in the wild'. The backdoor was discovered by security researcher Craig Heffner, who reverse-engineered the software used to control a D-Link DIR-100 router. Deep analysis of the code revealed a string of letters that, if used in the right way, unlocked remote access to the gadget."
Backdoor found in D-Link home routers
BBC Online, 14 October 2013

"The editor of the New York Times, Jill Abramson, has confirmed that senior British officials attempted to persuade her to hand over secret documents leaked by the former National Security Agency contractor Edward Snowden. Giving the newspaper's first official comments on the incident, Abramson said that she was approached by the UK embassy in Washington after it was announced that the New York Times was collaborating with the Guardian to explore some of the files disclosed by Snowden. Among the files are several relating to the activities of GCHQ, the agency responsible for signals interception in the UK. 'They were hopeful that we would relinquish any material that we might be reporting on, relating to Edward Snowden. Needless to say I considered what they told me, and said no,' Abramson told the Guardian in an interview to mark the International Herald Tribune's relaunch as the International New York Times. The incident shows the lengths to which the UK government has gone to try to discourage press coverage of the Snowden leaks. In July, the government threatened to take legal action against the Guardian that could have prevented publication, culminating in the destruction of computer hard drives containing some of Snowden's files. Abramson said the spectacle of angle grinders and drills being used to destroy evidence in a newspaper basement was hard to conceive in the US, where the First Amendment offers free speech guarantees. 'I can't imagine that. The only equivalent I can think of is years ago when the New York Times was enjoined by a lower court from publishing the Pentagon papers, but the supreme court came in and overruled that decision. Prior restraint is pretty much unthinkable to me in this country.'.... In both the US and Britain, Abramson argued, 'there's a war on terror being waged in the name of the public, and the public has a right to have information about it. That's critical. The Guardian as well as the New York Times are providing a very valuable service, allowing people to decide for themselves whether the intelligence agencies are being too intrusive in their data collection. 'President Obama has said he welcomes such a debate, and I think it's not only healthy but vital to have that.' Abramson added that she found the reaction of the Daily Mail to the series of stories published by the Guardian on the back of the Snowden leaks 'unusual to me'. On Thursday, the Mail accused the Guardian of 'lethal irresponsibility' in revealing the vast data grab of ordinary people's phone and internet records by the NSA. 'The political tradition is different, and British press laws are more restrictive,' she said. 'There isn't the same acceptance or devotion to the idea that we have here: that a free press is fundamental to free society, and that the free flow of information is essential to having an informed public making decisions about how they want to be governed.'"
New York Times says UK tried to get it to hand over Snowden documents
Guardian, 13 October 2013

"We have allowed our online behaviour to be commoditised in the interests of convenience and access to cheap communications. Our online behaviour is analysed and sold on by the service providers on whom we have come to depend to the point where it has now become impossible to know who holds what data on us. The service providers claim this data is anonymised, but no IT expert I know believes that the measures taken provide real personal anonymity. And anyway, who is responsible for verifying that? And what measures are in place to control the activities of the big IT service providers? There needs to be a debate about big data. The intelligence dimension is a part – but only a part – of that. And the intelligence dimension is, ironically, the best regulated part and the part most susceptible to being held to account. Big data changes our relationship with information and requires us to think about privacy in different ways. We need to develop a new set of criteria, new professional competencies and professional standards for handling big data. And we do need limitations on what information can be held by whom and for how long. But as a citizen, I am more concerned by the fact that ill-considered social media postings can haunt people for their entire lives than by the fact that the intelligence agencies hold some data for defined periods that they can only access for legally defined purposes."
Nigel Inkster, former deputy head of MI6
Spooks and secrets: what is the public's right to know
Observer, 12 October 2013

"The four laptop computers that former US spy contractor Edward Snowden carried with him to Hong Kong and Moscow were a 'diversion' and contained no secrets, according to an ex-CIA official who met with Snowden in Russia this week. The classified documents that Snowden had downloaded from the US National Security Agency were stored on smaller devices, such as hard drives and thumb drives, and they have not been turned over to the Russian or Chinese authorities, said Mr Ray McGovern, a former Central Intelligence Agency analyst. On Wednesday, Snowden held a six-hour meeting in Moscow with Mr McGovern and three other former US intelligence and law enforcement officials who have all become critics of government surveillance programs. Snowden, 30, is living in a secret location in Russia, beyond the reach of US authorities who want him on espionage charges because he leaked the details of top-secret electronic spying programmes to the media."
Laptops Snowden took to Hong Kong, Russia were a 'diversion'
Reuters, 12 October 2013

"... [regarding Snowden's] disclosures about the broad scope of the NSA's electronic surveillance ... little about them is new. The agency's prodigious eavesdropping capabilities have been extensively chronicled by James Bamford, Matthew Aid and The New York Times long before Snowden broke cover."
Freedom and Security
London Times, 12 October 2013, Print Edition, P28

"The Guardian performed a considerable public service after making the 'entirely correct and right' and 'courageous' decision to publish details from secret NSA files leaked by the US whistleblower Edward Snowden, Vince Cable has said. The business secretary, who reserved judgment on Snowden's decision to leak the files, confirmed that Nick Clegg was setting in train a review of the oversight of Britain's intelligence agencies. In an interview on the Today programme on BBC Radio 4, Cable said that 'arguably' Britain did not have proper oversight of the domestic intelligence service MI5, overseas agency MI6 and eavesdropping centre GCHQ. Cable confirmed a report in the Guardian that the deputy prime minister's aides are to start conversations in Whitehall about improving the legal oversight of the intelligence agencies in light of Snowden's revelations. These suggest that powerful new technologies appear to have outstripped the current system of legislative and political oversight. The business secretary said: 'I think the Guardian has done a very considerable public service … The conclusion which Nick Clegg came to, and set out this morning, is that we do need to have proper political oversight of the intelligence services and arguably we haven't until now. What they [the Guardian] did was, as journalists, entirely correct and right. Mr Snowden is a different kettle of fish.' Cable later elaborated on his comments in an interview with BBC News. He said: 'I think we've got to separate out the two things. There's the Guardian acting as a newspaper, bringing things to public attention, things that shouldn't have happened that did happen, and they have brought that out. That's their role, and they have done that very well and courageously.' He said that likening Snowden's actions to the Cambridge spy ring, as the former No 10 security adviser Sir David Omand has, was 'frankly somewhat bizarre'. 'I mean, they were acting covertly over a long period of time. This was a whistleblower acting very publicly,' he said. 'There is a question about sensitive intelligence he put into the wrong hands. That will obviously have to be pursued.' Asked whether there was a distinction between the decision to leak the information and the right to publish it, the business secretary replied: 'I think there is a distinction between whistleblowing to draw the public's attention to things happening in the intelligence world that shouldn't have been happening – absolutely right – and actually putting into the hands of other people a lot of very, very detailed intelligence information which they shouldn't have had. I think it is an important distinction and I think most people would understand that."
Guardian was 'entirely correct' to publish NSA stories, says Vince Cable
Guardian, 11 October 2013

"US fugitive Edward Snowden has been honored with a prize awarded annually by former CIA staff for exhibiting 'integrity in intelligence,' the group said. The 30-year-old, currently in Russia, is wanted by Washington on espionage charges after disclosing details about the vast scope of the US government's surveillance operations. The Government Accountability Project said Snowden received the Sam Adams Award -- a 'symbolic candlestick' -- at a ceremony in Moscow late Wednesday. Those present included former National Security Agency senior analyst Thomas Drake, former Department of Justice ethics advisor Jesselyn Radack, former FBI agent Coleen Rowley and former CIA analyst Ray McGovern, the group said. In a statement on its website, the group said the award is 'given annually by a group of retired CIA officers for members of the intelligence community who exhibit integrity in intelligence.' Word of the prize surfaced the same day that Snowden's father landed in the Russian capital hoping to meet his son for the first time since the former US spy agency contractor became a fugitive. In comments heavily dubbed into Russian from English, he admitted he still didn't know where his son was staying. Snowden's whereabouts have been a mystery ever since Russia granted him temporary asylum. The group -- which says its mission is to promote corporate and government accountability -- did not disclose any details about where in Moscow Wednesday's ceremony took place."
Edward Snowden given 'integrity in intelligence' award
AFP, 11 October 2013

"The nursery story hitherto has been that for MI5/6 to target an individual or group, they had to get a warrant from the Home Secretary. The truth is, and has been for some time already, that the NSA in the US via the Prism programme and GCHQ in the UK via the Tempora programme have mutually acquired the capability to hoover up untold vast quantities of personal data from the undersea cables that carry internet data in and out of the UK on a colossal scale, and without any check or accountability at all. Is this legal? MI5 very dubiously claims justification under section 8, paragraph 4, of the Regulation of Investigatory Powers Act (RIPA) 2000 which refers to ‘external warrants’. This permits GCHQ to carry out sweeping and indiscriminate trawling through external data if a minister signs a certificate together with the warrant. This scintilla of constraint has been easily broken by certificates issued under a number of themes which effectively allow the whole range of GCHQ’s intelligence work to proceed in any area unchecked. Does this matter? It does. Tempora already allows GCHQ the capacity to collect more than 21 petabytes of data per day. To put that in context, that is the equivalent of sending all the data in all the books in the British Library 192 times every 24 hours. Already 2 years ago there were 550 British and American analysts ploughing through this Tempora database. The balance between safeguarding personal safety and tracking down terrorism and serious crime has been drastically breached. The security agencies are out of control and operating via outdated laws without any genuine public mandate. The counter-argument used by the agencies and the government is that the revelation of these unlicensed powers by the Snowden files compromises national security. On the contrary it is highly unlikely that terrorists or international criminals have learnt anything from the Snowden (and Guardian and New York Times) revelations that they didn’t know already. What is much more to the point is that the protestations about national security are being used to try to shut down the fact that these powers universally breaching personal privacy were adopted long before there was any attempt to legalise their use."
We need a public inquiry into mass surveillance & the (inadequate) role of the ISC
Michael Meacher MP » Blog Archive » 11 October 2013

"A new study by KU Leuven-iMinds researchers has uncovered that 145 of the Internet’s 10,000 top websites track users without their knowledge or consent. The websites use hidden scripts to extract a device fingerprint from users’ browsers. Device fingerprinting circumvents legal restrictions imposed on the use of cookies and ignores the Do Not Track HTTP header. The findings suggest that secret tracking is more widespread than previously thought. Device fingerprinting, also known as browser fingerprinting, is the practice of collecting properties of PCs, smartphones and tablets to identify and track users. These properties include the screen size, the versions of installed software and plugins, and the list of installed fonts. A 2010 study by the Electronic Frontier Foundation (EFF) showed that, for the vast majority of browsers, the combination of these properties is unique, and thus functions as a ‘fingerprint’ that can be used to track users without relying on cookies. Device fingerprinting targets either Flash, the ubiquitous browser plugin for playing animations, videos and sound files, or JavaScript, a common programming language for web applications. This is the first comprehensive effort to measure the prevalence of device fingerprinting on the Internet. The team of KU Leuven-iMinds researchers analysed the Internet’s top 10,000 websites and discovered that 145 of them (almost 1.5%) use Flash-based fingerprinting. Some Flash objects included questionable techniques such as revealing a user's original IP address when visiting a website through a third party (a so-called proxy). The study also found that 404 of the top 1 million sites use JavaScript-based fingerprinting, which allows sites to track non-Flash mobile phones and devices. The fingerprinting scripts were found to be probing a long list of fonts – sometimes up to 500 – by measuring the width and the height of secretly-printed strings on the page. The researchers identified a total of 16 new providers of device fingerprinting, only one of which had been identified in prior research. In another surprising finding, the researchers found that users are tracked by these device fingerprinting technologies even if they explicitly request not to be tracked by enabling the Do Not Track (DNT) HTTP header.... To detect websites using device fingerprinting technologies, the researchers developed a tool called FPDetective. The tool crawls and analyses websites for suspicious scripts. This tool will be freely available at http://homes.esat.kuleuven.be/~gacar/fpdetective/ for other researchers to use and build upon. The findings will be presented at the 20th ACM Conference on Computer and Communications Security this November in Berlin."
Several top websites use device fingerprinting to secretly track users
Ku Leven, 10 October 2013

"The conservative Republican who co-authored America's Patriot Act is preparing to unveil bipartisan legislation that would dramatically curtail the domestic surveillance powers it gives to intelligence agencies. Congressman Jim Sensenbrenner, who worked with president George W Bush to give more power to US intelligence agencies after the September 11 terrorist attacks, said the intelligence community had misused those powers by collecting telephone records on all Americans, and claimed it was time 'to put their metadata program out of business'. His imminent bill in the House of Representatives is expected to be matched by a similar proposal from Senate judiciary committee chair Patrick Leahy, a Democrat. It pulls together existing congressional efforts to reform the National Security Agency in the wake of disclosures by whistleblower Edward Snowden. Sensenbrenner has called his bill the Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-Collection, and Online Monitoring Act – or USA Freedom Act, and a draft seen by the Guardian has four broad aims. It seeks to limit the collection of phone records to known terrorist suspects; to end 'secret laws' by making courts disclose surveillance policies; to create a special court advocate to represent privacy interests; and to allow companies to disclose how many requests for users' information they receive from the USA. The bill also tightens up language governing overseas surveillance to remove a loophole which it has been abused to target internet and email activities of Americans.... the main opposition to Sensenbrenner and Leahy's twin-pronged effort is likely to come from the chair of the Senate intelligence committee, Dianne Feinstein, who is supportive of the NSA but who has proposed separate legislation focusing on greater transparency and checks rather than an outright ban on bulk collection. Sensenbrenner and other reformers have been scathing of this rival legislative approach, calling it a 'fig leaf' and questioning the independence of the intelligence committee. 'I do not want to see Congress pass a fig leaf because that would allow the NSA to say 'Well, we've cleaned up our act' until the next scandal breaks,' he said..... Sensenbrenner also called for the prosecution of Obama's director of national intelligence, James Clapper, who admitted misleading the Senate intelligence committee about the extent of bulk collection of telephone records. 'Oversight only works when the agency that oversight is directed at tells the truth, and having Mr Clapper say he gave the least untruthful answer should, in my opinion, have resulted in a firing and a prosecution,' said the congressman. Clapper has apologised for the incident, but reformers expect a fierce backlash to their proposals to rein in his powers in future. 'I anticipate a big fight, and Senator Feinstein has already basically declared war,' said Sensenbrenner. 'If they use a law like Senator Feinstein is proposing, it will just allow them to do business as usual with a little bit of a change in the optics."
Patriot Act author prepares bill to put NSA bulk collection 'out of business'
Guardian, 10 October 2013

"Earlier this year, following revelations that the NSA was spying on communications to Brazilian oil giant Petrobras, Director of National Intelligence James Clapper released a statement, noting: 'It is not a secret that the Intelligence Community collects information about economic and financial matters, and terrorist financing. We collect this information for many important reasons: for one, it could provide the United States and our allies early warning of international financial crises which could negatively impact the global economy. It also could provide insight into other countries’ economic policy or behavior which could affect global markets.' Michael Degerald wrote in Salon at the time that Clapper’s reference here to avoiding financial crises at best rang hollow, at worst smacked of U.S. exceptionalist hypocrisy. 'To go down the logical path laid by Clapper’s own claims as a hypothetical exercise,' wrote Degerald, 'why doesn’t the NSA spy on Wall Street? This could get them all the evidence they could need to successfully prosecute those responsible, and truly move toward stabilizing the economy. If any part of American society or business had shown itself to be corrupt to the core, and thus in need of surveillance, it’s Wall Street.' According to reports from Foreign Policy this week, and NSA chief Keith Alexander’s public remarks on Tuesday, the NSA does spy on Wall Street — but not, of course, to watch for malfeasance; rather, to protect and defend it. Alexander told lawmakers that he wanted his spy agency to have the ability to prevent cyberattacks against U.S. banking institutions. In no uncertain terms, Alexander was asking for expanded legal authority to further expand the NSA’s surveillance programs."
NSA wants even greater powers … to defend Wall Street
Salon, 9 October 2013

"SPIEGEL has learned from internal NSA documents that the US intelligence agency has the capability of tapping user data from the iPhone, devices using Android as well as BlackBerry, a system previously believed to be highly secure. The United States' National Security Agency intelligence-gathering operation is capable of accessing user data from smart phones from all leading manufacturers. Top secret NSA documents that SPIEGEL has seen explicitly note that the NSA can tap into such information on Apple iPhones, BlackBerry devices and Google's Android mobile operating system. The documents state that it is possible for the NSA to tap most sensitive data held on these smart phones, including contact lists, SMS traffic, notes and location information about where a user has been. The documents also indicate that the NSA has set up specific working groups to deal with each operating system, with the goal of gaining secret access to the data held on the phones. In the internal documents, experts boast about successful access to iPhone data in instances where the NSA is able to infiltrate the computer a person uses to sync their iPhone. Mini-programs, so-called 'scripts,' then enable additional access to at least 38 iPhone features. The documents suggest the intelligence specialists have also had similar success in hacking into BlackBerrys. A 2009 NSA document states that it can 'see and read SMS traffic.' It also notes there was a period in 2009 when the NSA was temporarily unable to access BlackBerry devices. After the Canadian company acquired another firm the same year, it changed the way in compresses its data. But in March 2010, the department responsible at Britain's GCHQ intelligence agency declared in a top secret document it had regained access to BlackBerry data and celebrated with the word, 'champagne!'. The documents also state that the NSA has succeeded in accessing the BlackBerry mail system, which is known to be very secure. This could mark a huge setback for the company, which has always claimed that its mail system is uncrackable."
Privacy Scandal: NSA Can Spy on Smart Phone Data
Der Spiegel, 7 October 2013

"Cabinet ministers and members of the national security council were told nothing about the existence and scale of the vast data-gathering programmes run by British and American intelligence agencies, a former member of the government has revealed. Chris Huhne, who was in the cabinet for two years until 2012, said ministers were in 'utter ignorance' of the two biggest covert operations, Prism and Tempora. The former Liberal Democrat MP admitted he was shocked and mystified by the surveillance capabilities disclosed by the Guardian from files leaked by the whistleblower Edward Snowden. 'The revelations put a giant question mark into the middle of our surveillance state,' he said. 'The state should not feel itself entitled to know, see and memorise everything that the private citizen communicates. The state is our servant.' Writing in Monday's Guardian, Huhne also questioned whether the Home Office had deliberately misled parliament about the need for the communications data bill when GCHQ, the government's eavesdropping headquarters, already had remarkable and extensive snooping capabilities. ... As a cabinet minister and member of the national security council (NSC), Huhne said he would have expected to be told about these operations, particularly as they were relevant to proposed legislation. 'The cabinet was told nothing about GCHQ's Tempora or its US counterpart, the NSA's Prism, nor about their extraordinary capability to hoover up and store personal emails, voice contact, social networking activity and even internet searches. 'I was also on the national security council, attended by ministers and the heads of the Secret [Intelligence Service, MI6] and Security Service [MI5], GCHQ and the military. If anyone should have been briefed on Prism and Tempora, it should have been the NSC. 'I do not know whether the prime minister or the foreign secretary (who has oversight of GCHQ) were briefed, but the NSC was not. This lack of information, and therefore accountability, is a warning that the supervision of our intelligence services needs as much updating as their bugging techniques.' Huhne said Prism and Tempora 'put in the shade Tony Blair's proposed ID cards, 90-day detention without trial and the abolition of jury trials'. He added: 'Throughout my time in parliament, the Home Office was trying to persuade politicians to invest in 'upgrading' Britain's capability to recover data showing who is emailing and phoning whom. Yet this seems to be exactly what GCHQ was already doing. Was the Home Office trying to mislead? 'The Home Office was happy to allow the NSC and the cabinet – let alone parliament – to remain in utter ignorance of Prism/Tempora while deciding on the communications data bill.' The draft bill would have given police and the security services access, without a warrant, to details of all online communication in the UK – such as the time, duration, originator and recipient, and the location of the device from which it was made. The legislation was eventually dropped after splits in the coalition. Proper scrutiny of the intelligence agencies was vital, said Huhne, and surveillance techniques needed to be tempered. 'Joseph Goebbels was simply wrong when he argued that 'if you have nothing to hide, you have nothing to fear'. Information is power, and the necessary consequence is that privacy is freedom. Only totalitarians pry absolutely."
Cabinet was told nothing about GCHQ spying programmes, says Chris Huhne
Guardian, 6 October 2013

"On Monday, a former legal director of MI5 and MI6 will add his weight to the calls for change. David Bickford told the Guardian Britain's intelligence agencies should seek authority for secret operations from a judge rather than a minister because public unease about their surveillance techniques is at an all-time high. Bickford said the government should pass responsibility to the courts because of widespread 'dissatisfaction with the covert, intrusive powers of the UK intelligence and law enforcement agencies'..... Bickford was drafted in to MI5 and MI6 following a series of scandals, including the furore over the book Spycatcher, written by the senior former MI5 officer Peter Wright. He worked for almost a decade until 1995 and still advises governments on countering international organised crime and terrorist money laundering. Bickford said giving judges rather than cabinet ministers responsibility for authorising sensitive operations would 'reduce the risk of perception of collusion … and limit the room for accusations of political interference.' 'Government may argue that all this is unnecessary as there is adequate oversight of the agencies. However, that cannot substitute for independent judicial authority at the coal face.'"
Cabinet was told nothing about GCHQ spying programmes, says Chris Huhne
Guardian, 6 October 2013

"Why are apparently so few people worried that a state employee can now select on a computer any item in their individual make-up – their address, phone, mobile, email, passport number, credit card number (any of them), any of their logins to a web service, etc. – and can thus access the content of their communications, who they communicate with, the full range of their internet use, their location, and a great deal else? Presumably because there has not yet been a horror story revealing how these powers have been used to abuse people’s lives. But it cannot be long coming. Power corrupts, as we know, and the degree of power which digital technology has now put into the hands of state officials is greater than exists anywhere else in the Western world. Before long the abuse of that power will be exposed, the enormity of its misuse will be revealed, and a national scandal will erupt. But uncannily, for the moment all is quiet.....all this activity is supposed to be firmly controlled by the Regulation of Investigatory Powers Act 2000 (RIPA), but actually RIPA is more about facilitating such exercises than curtailing them. RIPA is so poorly drafted (deliberately?) and open to such broad interpretation that it really allows government agencies like GCHQ to do whatever they like. Oh yes, we’re assured by the Home Office that they’re only concerned with the ‘metadata’ (the technical wherewithall of communication systems), but the Snowden documents tell us the truth: 'GCHQ policy is to treat it pretty much all the same whether it’s content or metadata'. "
The total surveillance state is a nightmare waiting to happen
Michael Meacher MP » Blog Archive » 5 October 2013

"Top-secret NSA documents, disclosed by whistleblower Edward Snowden, reveal that the agency's current successes against Tor rely on identifying users and then attacking vulnerable software on their computers. One technique developed by the agency targeted the Firefox web browser used with Tor, giving the agency full control over targets' computers, including access to files, all keystrokes and all online activity. But the documents suggest that the fundamental security of the Tor service remains intact. One top-secret presentation, titled 'Tor Stinks', states: 'We will never be able to de-anonymize all Tor users all the time.' It continues: 'With manual analysis we can de-anonymize a very small fraction of Tor users,' and says the agency has had 'no success de-anonymizing a user in response' to a specific request. Another top-secret presentation calls Tor 'the king of high-secure, low-latency internet anonymity'. Tor – which stands for The Onion Router – is an open-source public project that bounces its users' internet traffic through several other computers, which it calls 'relays' or 'nodes', to keep it anonymous and avoid online censorship tools. It is relied upon by journalists, activists and campaigners in the US and Europe as well as in China, Iran and Syria, to maintain the privacy of their communications and avoid reprisals from government. To this end, it receives around 60% of its funding from the US government, primarily the State Department and the Department of Defense – which houses the NSA. Despite Tor's importance to dissidents and human rights organizations, however, the NSA and its UK counterpart GCHQ have devoted considerable efforts to attacking the service, which law enforcement agencies say is also used by people engaged in terrorism... "
NSA and GCHQ target Tor network that protects anonymity of web users
Guardian, 4 October 2013

"Using powerful data analysis tools with codenames such as Turbulence, Turmoil and Tumult, the NSA automatically sifts through the enormous amount of internet traffic that it sees, looking for Tor connections. Last month, Brazilian TV news show Fantastico showed screenshots of an NSA tool that had the ability to identify Tor users by monitoring internet traffic. The very feature that makes Tor a powerful anonymity service, and the fact that all Tor users look alike on the internet, makes it easy to differentiate Tor users from other web users. On the other hand, the anonymity provided by Tor makes it impossible for the NSA to know who the user is, or whether or not the user is in the US. After identifying an individual Tor user on the internet, the NSA uses its network of secret internet servers to redirect those users to another set of secret internet servers, with the codename FoxAcid, to infect the user's computer. FoxAcid is an NSA system designed to act as a matchmaker between potential targets and attacks developed by the NSA, giving the agency opportunity to launch prepared attacks against their systems. Once the computer is successfully attacked, it secretly calls back to a FoxAcid server, which then performs additional attacks on the target computer to ensure that it remains compromised long-term, and continues to provide eavesdropping information back to the NSA. Tor is a well-designed and robust anonymity tool, and successfully attacking it is difficult. The NSA attacks we found individually target Tor users by exploiting vulnerabilities in their Firefox browsers, and not the Tor application directly. This, too, is difficult. Tor users often turn off vulnerable services like scripts and Flash when using Tor, making it difficult to target those services. Even so, the NSA uses a series of native Firefox vulnerabilities to attack users of the Tor browser bundle."
Attacking Tor: how the NSA targets users' online anonymity
Guardian, 4 October 2013

"The National Security Agency has been trying to crack the online anonymity provided by Tor, a US-funded Internet tool designed to keep Net activity private and said to be widely used by dissidents in oppressive countries, as well as by terrorists. That's according to the latest secret intelligence documents drawn from the cache leaked by Edward Snowden and published by the UK's Guardian newspaper. The NSA hasn't been able to crack Tor outright, but through various means it's been able to 'de-anonymize a very small fraction of Tor users,' says an internal NSA document quoted by the Guardian. The news of the agency's interest in Tor follows a report last month on the NSA's efforts to circumvent privacy-ensuring encryption of all kinds. The New York Times said the agency has sidestepped common Net encryption methods in a number of ways, including hacking into the servers of private companies to steal encryption keys, collaborating with tech companies to build in back doors, and covertly introducing weaknesses into encryption standards. The revelations are all part of the outcry over surveillance that's been kicked up by the Snowden leaks. Tor -- originally TOR, or 'The Onion Router' -- was first developed by the US Naval Research Laboratory and is currently funded in part by the US State Department and Department of Defense. To put it simply, Tor facilitates anonymous Web surfing, forum posting, instant messaging, and other Internet communication by wrapping signals in layers of encryption and then sending them on an unpredictable path through a network of routers. Each router peels off one 'skin' of encryption to send the signal along, but no one router has access to all the details -- thus the signal can't be traced back to its sender. US government funding is based, in part, on the desire to help Internet users in a country like China, say, access restricted sites or communicate about prohibited subjects without fear of reprisal. But Tor might also be used by journalists (in the US and elsewhere; Americans use Tor as well) -- who are looking to protect communications. .... The newly published NSA documents say the agency will 'never be able to de-anonymize all Tor users all the time' and that it's also had 'no success de-anonymizing a user in response' to a specific request. But the Guardian reports that the agency secretly tries to 'direct traffic toward NSA-operated servers,' that it measures 'the timings of messages going in and out of the [Tor] network to try to identify users,' that it 'attempts to degrade or disrupt' Tor so people will stop using it, and that it has implanted 'malicious code on the computers of Tor users who visit particular Web sites.' One NSA technique, code-named EgotisticalGiraffe, took advantage of a flaw in a version of the Firefox browser that was packaged by the Tor Project with other software designed to let people easily get up and running with the service. If people using that software bundle visited particular Web sites, the NSA placed malware on their machines that let the agency access their files and monitor their keystrokes and Web activity. That flaw has since been fixed in more recent versions of Firefox.... a representative for the Electronic Frontier Foundation, a past Tor Project funder and a self-described defender of free speech and privacy in the realm of technology, was troubled by the revelations. Citing the example of a battered woman who might use Tor to hide her visits to an online help service from her attacker, as well as uses by dissidents, EFF Legal Director Cindy Cohn told CNET, 'Of course the government should get to go after bad guys, but they shouldn't be able to break the security and trust promises of the Internet to do that.'"
NSA sought to unmask users of Net-privacy tool Tor, says report
CNET, 4 October 2013

"The UK spy agency GCHQ is facing a legal challenge in the European courts over claims that its mass online surveillance programmes have breached the privacy of tens of millions of people across the UK and Europe. Three campaign groups – Big Brother Watch, the Open Rights Group and English PEN – together with the German internet activist Constanze Kurz, have filed papers at the European court of human rights alleging that the collection of vast amounts of data, including the content of emails and social media messages, by Britain's spy agencies is illegal. The move follows revelations by the US whistleblower Edward Snowden that GCHQ has the capacity to collect more than 21 petabytes of data a day – equivalent to sending all the information in all the books in the British Library 192 times every 24 hours. Daniel Carey, solicitor at Deighton Pierce Glynn, which is taking the case, said: 'We are asking the court to declare that unrestrained surveillance of much of Europe's internet communications by the UK government, and the outdated regulatory system that has permitted this, breach our rights to privacy. Files leaked by Snowden show GCHQ and its American counterpart, the National Security Agency, for which he worked, have developed capabilities to undertake industrial-scale surveillance of the web and mobile phone networks. This is done by trawling the servers of internet companies and collecting raw data from the undersea cables that carry web traffic. Two of the programmes, Prism and Tempora, can sweep up vast amounts of private data, which is shared between the two countries. The revelations have led to widespread concern in Europe and the US about the power of the UK and US security services to gather online communications. Last week Lord King, a former Conservative defence secretary, called for a review of the laws used to justify surveillance and interception techniques."
GCHQ faces legal challenge in European court over online privacy
Guardian, 3 October 2013

"The director of the National Security Agency admitted today that the agency collects data from social networks and other private databases to hunt terror suspects but is not using the information to build dossiers, or personal files, on Americans. NSA Director Gen. Keith Alexander testified during a Senate Judiciary Committee hearing Wednesday that not all social network searches are authorized by a secret Foreign Intelligence Surveillance court, but the agency's actions are proper and audited internally....Defending the work of the NSA's surveillance efforts which have been under fire since the revelations of whistle-blower Edward Snowden in June, General Alexander said that the agency uses social networks to 'enrich' information on suspects."
NSA director admits agency trawls Twitter and Facebook… but insists they are NOT building personal files on Americans
Mail, 2 October 2013

"The Obama administration’s credibility on intelligence suffered another blow Wednesday as the chief of the National Security Agency admitted that officials put out numbers that vastly overstated the counterterrorism successes of the government’s warrantless bulk collection of all Americans’ phone records.Pressed by the Democratic chairman of the Senate Judiciary Committee at an oversight hearing, Gen. Keith B. Alexander admitted that the number of terrorist plots foiled by the NSA’s huge database of every phone call made in or to America was only one or perhaps two — far smaller than the 54 originally claimed by the administration. Gen. Alexander and other intelligence chiefs have pleaded with lawmakers not to shut down the bulk collection of U.S. phone records despite growing unease about government overreach in the program, which was revealed in documents leaked by former NSA contractor Edward Snowden. 'There is no evidence that [bulk] phone records collection helped to thwart dozens or even several terrorist plots,' Sen. Patrick J. Leahy, Vermont Democrat and committee chairman, told Gen. Alexander of the 54 cases that administration officials — including the general himself — have cited as the fruit of the NSA’s domestic snooping. 'These weren’t all plots and they weren’t all foiled,' he said. Mr. Leahy and Rep. F. James Sensenbrenner Jr., Wisconsin Republican and author of the USA Patriot Act, which the government says allows bulk data collection, are working on a bill to roll back that authority.... Mr. Leahy, who has been a chief critic of the NSA, asked Gen. Alexander to admit that only 13 of the 54 cases had any connection at all to the U.S., 'Would you agree with that, yes or no?' 'Yes,' Gen. Alexander replied in a departure from normal practice. Administration officials giving testimony to Congress, even when asked to confine themselves to a simple yes or no, rarely do. In response to a follow-up question, Gen. Alexander also acknowledged that only one or perhaps two of even those 13 cases had been foiled with help from the NSA’s vast phone records database. The database contains so-called metadata — the numbers dialing and dialed, time and duration of call — for every phone call made in or to the U.S. Director of National Intelligence James R. Clapper denied that the number of plots foiled should be the sole metric by which the success of the program is measured. 'I think there’s another metric here that’s very important. … I would call it the ‘peace of mind’ metric.'.... Gen. Alexander’s dramatic concession is the latest in a series of recent, or recently revealed, intelligence misstatements that have embarrassed the Obama administration.... Mr. Clapper told Congress under oath this year that U.S. intelligence agencies did not collect any kind of data about millions of Americans, before Mr. Snowden’s stolen documents revealed the metadata program."
NSA chief’s admission of misleading numbers adds to Obama administration blunders
Washington Times, 2 October 2013

"Uninsured drivers will soon have more trouble tooling around once Britain’s 'no insurance, no fuel' plan goes into effect, Petrol Plaza News reports. The Prime Minister’s office has spent the past year and a half working on the plan, which would use automatic number plate recognition technology (ANPR) to identify uninsured drivers at the pump. Once identified, the uninsured motorist would be barred from adding fuel to his vehicle. Britain estimates that one in 25 drivers have not purchased the required auto insurance. Experts say that prohibiting them from filling up would reduce each household’s annual car insurance policy by £33. To allay fears that the government would be gathering intel for a database, accounting firm Ernst & Young, which is assisting the government on the plan, said no new database was being formed. 'No vehicles are tracked and no record is kept. It’s simply a new rule of no insurance equals no fuel,' said Graeme Swan, Ernst & Young partner. The Department for Transport said that 'work is ongoing to see how these proposals could be brought into effect.''
Britain Moves Forward With ‘No Insurance, No Fuel’ Plan
NACS, 2 October 2013

".... that’s why the recent New York Times story on the NSA’s systematic effort to weaken and sabotage commercially available encryption used by individuals and businesses around the world is so important—and not just to people who care about political organizing, journalists or whistleblowers. Thanks to additional reporting, we now know it matters deeply to companies including Brazil’s Petrobras and Belgium’s Belgacom, who are concerned about protecting their infrastructure, negotiating strategies and trade secrets. But really, it matters to all of us. By weakening encryption, the NSA allows others to more easily break it. By installing backdoors and other vulnerabilities in systems, the NSA exposes them to other malicious hackers—whether they are foreign governments or criminals. As security expert Bruce Schneier explained, 'It’s sheer folly to believe that only the NSA can exploit the vulnerabilities they create.'...."
The NSA is Making Us All Less Safe
EFF, 2 October 2013

"Uninsured drivers will soon have more trouble tooling around once Britain’s 'no insurance, no fuel' plan goes into effect, Petrol Plaza News reports. The Prime Minister’s office has spent the past year and a half working on the plan, which would use automatic number plate recognition technology (ANPR) to identify uninsured drivers at the pump. Once identified, the uninsured motorist would be barred from adding fuel to his vehicle.... To allay fears that the government would be gathering intel for a database, accounting firm Ernst & Young, which is assisting the government on the plan, said no new database was being formed. 'No vehicles are tracked and no record is kept. It’s simply a new rule of no insurance equals no fuel,' said Graeme Swan, Ernst & Young partner. The Department for Transport said that 'work is ongoing to see how these proposals could be brought into effect.' The ANPR technology would use existing databases to check the numbers before allowing the driver to access the pump."
Britain Moves Forward With ‘No Insurance, No Fuel’ Plan
NACS Online, 2 October 2013

"The chairman of the Senate Judiciary Committee complained Wednesday at an oversight hearing that he learns more about the NSA's programs in the newspapers than in classified briefings. Asking whether a New York Times article last week about the agency's use of social network analysis of metadata was accurate, Sen. Patrick Leahy (D-Vt.) complained that he had never heard of the program. 'We sometimes find we get far more in the newspapers -- we get crossword puzzles as well -- we get more in the newspapers than in classified briefings,' Leahy said. The New York Times story was based on documents leaked by Edward Snowden. New York Times staff reporter James Risen and freelance journalist Laura Poitras reported that the NSA program creates 'sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information.' 'If it's accurate,' Leahy said, 'it appears to contradict earlier representations the NSA is not collecting profiles or dossiers of American people.'"
Patrick Leahy At NSA Hearing: 'We Get More In The Newspapers Than In Classified Briefings'
Huffington Post, 2 October 2013

"National Security Agency chief Gen. Keith Alexander revealed Wednesday that his spy agency once tested whether it could track Americans' cellphone locations, in addition to its practice of sweeping broad information about calls made. Alexander and Director of National Intelligence James Clapper testified at a Senate Judiciary Committee hearing on proposed reforms to the NSA's surveillance of phone and internet usage around the world, exposed in June by former NSA analyst Edward Snowden. But neither spy chief spent much time discussing proposed reforms; instead they were questioned about new potential abuses that have come to light since then. Alexander denied a New York Times report published Saturday that said NSA searched social networks of Americans searching for foreign terror connections, and detailed 12 previously revealed cases of abuse by NSA employees who used the network for unsanctioned missions like spying on a spouse. ... Only last week, Alexander refused to answer questions from Sen. Ron Wyden, D-Ore., about whether his agency had ever collected or planned to collect such 'cell-site' data, as it is called, saying it was classified, but the general said the NSA released the information in letters to the House and Senate Intelligence Committees ahead of the Judiciary Committee meeting Wednesday. Wyden was not satisfied with Alexander's answer. 'After years of stonewalling on whether the government has ever tracked or planned to track the location of law abiding Americans through their cellphones, once again, the intelligence leadership has decided to leave most of the real story secret - even when the truth would not compromise national security,' he said. Alexander acknowledged his agency collects data from social networks and other commercial databases to hunt foreign terror suspects but is not using the information to build private files on Americans. He said the operations are only used in pursuing foreign agents and sweeping up information on Americans if they are connected to those suspects by phone calls or other data. Alexander said that not all social network searches are authorized by the secret FISA court, but he added the agency's searches are proper and audited internally. The authority flows from a presidential executive order on national security dating back to the Reagan administration in 1981, he said, adding: 'It allows us to understand what the foreign nexus is.' Alexander called a recent New York Times report on the searches 'inaccurate and wrong.' The Times said the NSA was exploiting huge collections of personal data to create sophisticated graphs of some Americans' social connections. The Times said the private data included Facebook posts and banking, flight, GPS location and voting records. Alexander denied the NSA was building 'dossiers,' or personal files on Americans, even though the Times story never specifically suggested that was being done."
NSA chief admits testing US cellphone tracking
Associated Press, 2 October 2013

"Dame Stella Rimmington is right that the covert, intrusive powers of the UK intelligence agencies and law enforcement agencies require greater oversight (report, Oct 1). However, the problem also lies in the executive's responsibility for approving those agencies' eavesdropping, electronic surveillance and informant operations. As long as ministers control these operations, the public will believe that there is an unhealthy, seamless relationship between those ministers and the agencies they supervise. The executive must leave the authorisation of these highly intrusive methods to the judiciary. That means that application must be made direct to the judiciary for authority to eavesdrop, intercept telephone and electronic communications, mine the communications data sought by the Communications Data Bill, and employ informants. Judicial supervision reduces the risk or perception of collusion and it also limits the room for accusations of political interference. This concept of judicial authority for intrusive covert surveillance is not new. Many jurisdictions adhere to it and appoint judges for the task. I have worked under this system, and I was relieved not only to have those balances ascertained judicially but also at trial. It is a system I would wish to see in all the UK agencies' covert, targeted operations."
David Bickford, Former Legal Director, Intelligence [MI5 and MI6]
'Security Services'
Letter - London Times, 2 October 2013, Print Edition, P27

"Dame Stella, the former head of MI5, said openness about the role of the intelligence services would help public trust, after revelations about how information is gathered. ... She said the 'main issue' which now needed to be addressed is the 'question of intrusion by our security services into everybody's lives'... 'It's very important for our intelligence services to have a kind of oversight which people have confidence in,' she said. 'So that we can be quite sure that in giving them these powers we know they are being properly supervised in the way they are using them. .... it may be that we need something more complex to convince the nation our intelligence services are actually acting on their behalf and not acting against them."
Dame Stella Rimington: MI5 and MI6 must convince public they are working for them and not against them
Telegraph, 30 September 2013

"Using Department of Motor Vehicles records as its core, the state government is quietly developing a master identity database of Virginia residents for use by state agencies. The state enterprise record - the master electronic ID database - would help agencies ferret out fraud and help residents do business electronically with the state more easily, officials said. While officials say the e-ID initiative will be limited in scope and access, it comes at a time of growing public concern about electronic privacy, identity theft and government intrusion. 'It makes it easier to compromise your privacy,' said Claire Guthrie Gastañaga, executive director of the American Civil Liberties Union of Virginia. 'They're using DMV for some other purpose than driving.' DMV points out that, in today's world, state driver's licenses are the fundamental identification documents used by most Americans. State officials say participation in the e-ID system will be voluntary, but the reason that the state has been moving to offer 'privacy-enhancing credentials' to Virginia residents is the increasing number of government services offered online. However, 'anything you make more accessible and efficient for the user, you potentially open up for opportunities for risk, for attack,' said Robby Demeria, executive director of RichTech, Richmond's technology council."
Va. starting to develop a master identity database
Richmond Times-Dispatch, 30 September 2013

"Part-time fugitive and antivirus software founder John McAfee has a new invention he's working on. After spending some of his time filming a drug-fueled video tutorial to uninstall the antivirus program he helped create, McAfee now believes he can outsmart the NSA. Speaking at the C2SV Technology Conference on Saturday, McAfee unveiled his grand plan to create a 'D-Central' gadget that communicates with smartphones, tablets, and laptops to create decentralized networks that can't be accessed by government agencies. The gadget might sound like something straight out of a Bond movie, but McAfee wants to build it and sell it for less than $100. 'There will be no way [for the government] to tell who you are or where you are,' McAfee says. Effectively, it works by creating small private networks that act as a dark web that's inaccessible to others. McAfee says he has been planning the technology for a few years, but work on the project has intensified 'rapidly' over the past few months. It's not designed to replace the internet; instead it provides a localized dynamic network where users can communicate in private and share files. It will provide a private and public mode, and McAfee says he's planning to use public nodes too. McAfee will sell D-Central even if it gets banned in the US. McAfee explains the device is localized and has a range of around three blocks. Everyone in those three blocks can then communicate with each other and that will obviously change as users move in and out of a local area. McAfee says he's around six months away from a prototype device, and the current one is a round shape with no screens.... While McAfee claims he has developed unique encryption that 'the NSA won't get into it,' the main use for such a gadget might be at college campuses across the US. Napster rose to fame in the '90s when it used peer-to-peer technology to make sharing MP3s quick and easy. McAfee's gadget could be used widely to share files at colleges, making it difficult for authorities to police. 'I cannot imagine any college student not standing in line to buy one of these,' he claims."
John McAfee wants to sell you a $100 gadget that blocks the NSA
The Verge, 30 September 2013

"Phil Zimmermann, the creator of the email encryption software PGP, has warned that anyone who uses consumer email services needs to be aware of the threats of exposing their metadata to eavesdroppers. Zimmermann created the 'Pretty Good Privacy' software in 1991, providing a more secure alternative to consumer email and file transfer that is encrypted. Speaking exclusively to the Guardian, he said his assessment of security threats has changed radically since he created the software 22 years ago. 'When I developed PGP, all I wanted to do was to protect the content of the message,' said Zimmermann, who is now the president and co-founder of secure communications firm Silent Circle. 'I didn't think that it was even doable to protect the email message headers. And still don't, at least if you want to comply with email protocols. 'So what's happened more recently is just that everyone has become aware that metadata is becoming increasingly important – that the message headers mean a lot.' The risks associated with exposing metadata to potential eavesdroppers was highlighted when the Guardian revealed that the National Security Agency had been collecting data about phone calls from Verizon. The US government insisted that that data was not private, but in aggregate it can build a detailed picture of people’s lives. Zimmermann argues that unprotected metadata isn’t just dangerous in aggregate. 'You're a journalist for the Guardian,' he told this reporter. 'You know that the Guardian sometimes writes stories that are of great interest to intelligence agencies. Well, what if the intelligence agencies want to see if a journalist at the Guardian is talking to a particular sensitive source?' 'You don't have to do a lot of data mining for that. All you have to do is find that so-and-so, some government employee, is talking to some journalist at the Guardian. Then somebody's in a heap of trouble.' That risk also led Zimmermann to develop a new feature for his Silent Phone app, encrypting conversations earlier in the call process. Dubbed 'tunnelling', the feature hides the knowledge of who is talking to who from any eavesdroppers. Zimmermann had the idea for the feature 'quite a few months before the Edward Snowden revelations', but its upcoming release will be timely."
Email surveillance could reveal journalists' sources, expert claims
Guardian, 30 September 2013

"The National Security Agency is storing the online metadata of millions of internet users for up to a year, regardless of whether or not they are persons of interest to the agency, top secret documents reveal. Metadata provides a record of almost anything a user does online, from browsing history – such as map searches and websites visited – to account details, email activity, and even some account passwords. This can be used to build a detailed picture of an individual's life. The Obama administration has repeatedly stated that the NSA keeps only the content of messages and communications of people it is intentionally targeting – but internal documents reveal the agency retains vast amounts of metadata.An introductory guide to digital network intelligence for NSA field agents, included in documents disclosed by former contractor Edward Snowden, describes the agency's metadata repository, codenamed Marina. Any computer metadata picked up by NSA collection systems is routed to the Marina database, the guide explains. Phone metadata is sent to a separate system."
NSA stores metadata of millions of web users for up to a year, secret files show
Guardian, 30 September 2013

"MPs have given the green light to companies who make money by harvesting personal data from internet connected gadgets, prompting disquiet over Parliament's commitment to protecting consumer rights. A Commons committee dismissed privacy concerns to back advertising based targeted according to a wealth of personal details gleaned from smartphone apps, social networks and internet connections. Such details can include users' physical location, Facebook likes and web browsing history, as well as any data shared with an app or online service, which may include anything from diet to sexual activity. Buried deep in a report to Parliament, the The Commons Culture, Media and Sport committee noted: 'Increasing use is being made of personal data to target online advertising better. 'While concerns around this have prompted reviews of data protection legislation, we do not think the targeting of appropriate advertising —essential to so many business models — represents the greatest threat to privacy.' But campaigners warn that individuals are losing control of their personal lives and that once this information is collected there is little way of knowing how it will be used. 'We do not control when the gadgets and services we use leak information about us,' said Peter Bradwell of the Open Rights Group. 'The rules about what companies who get that data can do with it are woefully inadequate."
MPs give green light to online firms that spy on your personal data from mobile apps and social networks to show you targeted ads
Mail, 28 September 2013

"Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials. The spy agency began allowing the analysis of phone call and e-mail logs in November 2010 to examine Americans’ networks of associations for foreign intelligence purposes after N.S.A. officials lifted restrictions on the practice, according to documents provided by Edward J. Snowden, the former N.S.A. contractor. The policy shift was intended to help the agency 'discover and track' connections between intelligence targets overseas and people in the United States, according to an N.S.A. memorandum from January 2011. The agency was authorized to conduct 'large-scale graph analysis on very large sets of communications metadata without having to check foreignness' of every e-mail address, phone number or other identifier, the document said. Because of concerns about infringing on the privacy of American citizens, the computer analysis of such data had previously been permitted only for foreigners....N.S.A. officials declined to say how many Americans have been caught up in the effort, including people involved in no wrongdoing. The documents do not describe what has resulted from the scrutiny, which links phone numbers and e-mails in a 'contact chain' tied directly or indirectly to a person or organization overseas that is of foreign intelligence interest."
N.S.A. Gathers Data on Social Connections of U.S. Citizens
New York Times, 28 September 2013

"A National Security Agency employee was able to secretly intercept the phone calls of nine foreign women for six years without ever being detected by his managers, the agency's internal watchdog has revealed. The unauthorised abuse of the NSA's surveillance tools only came to light after one of the women, who happened to be a US government employee, told a colleague that she suspected the man – with whom she was having a sexual relationship – was listening to her calls. The case is among 12 documented in a letter from the NSA's inspector general to a leading member of Congress, who asked for a breakdown of cases in which the agency's powerful surveillance apparatus was deliberately abused by staff. One relates to a member of the US military who, on the first day he gained access to the surveillance system, used it to spy on six email addresses belonging to former girlfriends. The letter, from Dr George Ellard, only lists cases that were investigated and later 'substantiated' by his office. But it raises the possibility that there are many more cases that go undetected. In a quarter of the cases, the NSA only found out about the misconduct after the employee confessed. It also reveals limited disciplinary action taken against NSA staff found to have abused the system. In seven cases, individuals guilty of abusing their powers resigned or retired before disciplinary action could be taken. Two civilian employees kept their jobs – and, it appears, their security clearance – and escaped with only a written warning after they were found to have conducted unauthorised interceptions."
NSA employee spied on nine women without detection, internal file shows
Guardian, 27 September 2013

"The National Security Agency has revealed at least a dozen instances of employees using their surveillance powers to snoop on their lovers or spouses. The agency’s inspector general responded to an inquiry by Sen. Charles Grassley (R-IA) about possible abuses of the controversial surveillance capabilities, listing 12 substantiated cases of intentional misuse of the signals intelligence authorities. In one case, a foreign national who worked for the U.S. government told a colleague she suspected that her boyfriend, who worked for the NSA, was eavesdropping on her phone calls. Investigators found the employee had been collected his girlfriend’s phone conversations with nine different women without valid purpose between 1998 and 2003, and he was suspended without pay and then resigned before he could be disciplined. In another case, a woman told the NSA that she’d recorded a conversation between her husband and a foreign telephone number because she suspected he’d been unfaithful. She also resigned before she could be punished, the inspector general said. Another woman said she’d made a habit of entering foreign phone numbers she obtained in her social life into the SIGINT system to make sure she wasn’t talking to 'shady characters,' which she said was intended to assist the NSA’s mission. But the inspector general’s office disagreed and referred her case to the Department of Justice. A military service member admitted to querying six email addresses, including his ex-girlfriend’s, on his first day of SIGINT access, the inspector general said, because he wanted to practice using the system."
NSA employees used surveillance system to spy on spouses, lovers
Raw Story, 27 September 2013

"US intelligence chiefs used an appearance before Congress on Thursday to urge lawmakers not to allow public anger over the extent of government surveillance to result in changes to the law that would impede them from preventing terrorist attacks. General Keith Alexander, the director of the National Security Agency, conceded that disclosures by the whistleblower Edward Snowden 'will change how we operate'. But he urged senators, who are weighing a raft of reforms, to preserve the foundational attributes of a program that allows officials to collect the phone data of millions of American citizens. In testy exchanges at the Senate intelligence committee, Alexander and the director of national intelligence, James Clapper, refused to say on the record where the NSA had ever sought to trawl cell site data, which pinpoints the location of individuals via their phones. They were challenged by Democratic senator Ron Wyden who, as a member of the committee, has for years been privy to classified briefings that he cannot discuss in public. 'You talk about the damage that has been done by disclosures, but any government official who thought this would never be disclosed was ignoring history. The truth always manages to come out,' he said. 'The NSA leadership built an intelligence data collection system that repeatedly deceived the American people. Time and time again the American people were told one thing in a public forum, while intelligence agencies did something else in private....The NSA director evaded repeated questions from Wyden over whether the NSA had either collection of cell site phone data, or planned to do so. Alexander eventually replied: 'What I don't want to do senator is put out in an unclassified form anything that is classified.'"
US intelligence chiefs urge Congress to preserve surveillance programs
Guardian, 26 September 2013

"The National Security Agency secretly tapped into the overseas phone calls of prominent critics of the Vietnam War, including Martin Luther King, Muhammad Ali and two actively serving US senators, newly declassified material has revealed. The NSA has been forced to disclose previously secret passages in its own official four-volume history of its Cold War snooping activities. The newly-released material reveals the breathtaking – and probably illegal – lengths the agency went to in the late 1960s and 70s, in an attempt to try to hold back the rising tide of anti-Vietnam war sentiment. That included tapping into the phone calls and cable communications of two serving senators – the Idaho Democrat Frank Church and Howard Baker, a Republican from Tennessee who, puzzlingly, was a firm supporter of the war effort in Vietnam. The NSA also intercepted the foreign communications of prominent journalists such as Tom Wicker of the New York Times and the popular satirical writer for the Washington Post, Art Buchwald. Alongside King, a second leading civil rights figure, Whitney Young of the National Urban League, was also surreptitiously monitored. The heavyweight boxing champion, Muhammad Ali, was put on the watch list in about 1967 after he spoke out about Vietnam – he was jailed having refused to be drafted into the army, was stripped of his title, and banned from fighting – and is thought to have remained a target of surveillance for the next six years. The agency went to great lengths to keep its activities, known as operation Minaret, from public view. All reports generated for Minaret were printed on plain paper unadorned with the NSA logo or other identifying markings other than the stamp 'For Background Use Only'. They were delivered by hand directly to the White House, often going specifically to successive presidents Lyndon Johnson who set the programme up in 1967 and Richard Nixon. The lack of judicial oversight of the snooping programme led even the NSA's own history to conclude that Minaret was 'disreputable if not outright illegal'. The new disclosures were prized from the current NSA following an appeal to the Security Classification Appeals Panel by the National Security Archive, an independent research institute based at the George Washington university. 'Clearly the NSA didn't want to release this material but they were forced to do so by the American equivalent of the supreme court of freedom of information law,' said Matthew Aid, an intelligence historian specialising in the NSA. Together with William Burr of the National Security Archive, Aid has co-authored an article in Foreign Policy that explores the significance of the new disclosures. In addition to the seven names of spying targets listed in the NSA history, the two authors confirmed the names of other targets on the watch list from a declassified document at the Gerald Ford presidential library in Ann Arbor, Michigan. They include the actor Jane Fonda, Weather Underground member Kathy Boudin and black power activist Stokely Carmichael. In total, some 1,650 individuals were tracked by the NSA between 1967 and 1973, though the identities of most of those people remain unknown. Aid told the Guardian that, in his view, the new material underscores the dangers of unfettered surveillance. Minaret was initially intended for drug traffickers and terrorist suspects, but was twisted, at the request of the White House, to become a tool for tracking legitimate political activities of war protesters. 'If there's a lesson to be learned from all this, when we are dealing with a non-transparent society such as the intelligence community that has a vast amount of power, then abuses can and usually do happen.'"
Declassified NSA files show agency spied on Muhammad Ali and MLK
Guardian, 26 September 2013

"Two US intelligence chiefs will begin a public lobbying campaign on Capitol Hill on Thursday, as they try to dissuade Congress from dismantling any part of the vast surveillance apparatus constructed in the aftermath of September 11 terrorist attacks. Their appearance before the Senate intelligence committee comes a day after a group of Democratic and Republican senators proposed a package of comprehensive reforms to surveillance powers, including what would amount to a ban on the bulk collection of millions of records of telephone calls in the US. The director of the National Security Agency, General Keith Alexander, and the director of national intelligence, James Clapper, have been involved in an intensive campaign, both public and behind the scenes, to prevent lawmakers from responding to disclosures by the whistleblower Edward Snowden with new legislation that would curb the powers of the intelligence establishment. Alexander defended the mass collection of phone records earlier this week in a speech in Washington, in which he said the program had been used in some capacity during investigations into the Boston Marathon bombing, and in assessing possible threats against US embassies abroad. Clapper has a history of controversial congressional experiences. In the aftermath of Snowden's disclosures he was forced to apologise for misleading Congress. He had told a hearing of the Senate intelligence committee that the US did not wittingly collect data on millions of Americans, but a secret court document, disclosed by Snowden and published by the Guardian, proved the declaration to be untrue."
US intelligence chiefs lobby to prevent Congress curbing surveillance powers
Guardian, 26 September 2013

"Stephen Fry will join 40 free speech groups and other high-profile authors and artists on Tuesday to demand an end to the mass surveillance revealed by the whistleblower Edward Snowden. They will urge European leaders to take a stand against industrial-scale spying by US and British intelligence agencies. Author AL Kennedy, artist Anish Kapoor and blogger Cory Doctorow are also among those who have signed a petition asking government heads to discuss the issues raised by Snowden when they meet at the European Council in October. Fry said Snowden's disclosures raised fundamental issues for Europeans: 'Privacy and freedom from state intrusion are important for everyone. You can't just scream 'terrorism' and use it as an excuse for Orwellian snooping."
Stephen Fry joins demand to end NSA and GCHQ mass surveillance
Guardian, 24 September 2013

"The US National Security Agency may have accessed computers within the Indian embassy in Washington and mission at the United Nations in New York as part of a huge clandestine effort to mine electronic data held by its south Asian ally. Documents released by the US whistleblower Edward Snowden also reveal the extent and aggressive nature of other NSA datamining exercises targeting India as recently as March of this year. The latest revelations – published in the Hindu newspaper – came as Manmohan Singh, the Indian prime minister, flew to Europe on his way to the US, where he will meet President Barack Obama. The NSA operation targeting India used two datamining tools, Boundless Informant and Prism, a system allowing the agency easy access to the personal information of non-US nationals from the databases of some of the world's biggest tech companies, including Apple, Google, Microsoft and Yahoo. In June, the Guardian acquired and published top-secret documents about Boundless Informant describing how in March 2013 the NSA, alongside its effort to capture data within the US, also collected 97bn pieces of intelligence from computer networks worldwide."
NSA spied on Indian embassy and UN mission, Edward Snowden files reveal
Guardian, 25 September 2013

"NSA spooks risk alienating yet another US ally after new documents released by whistleblower Edward Snowden apparently revealed extensive surveillance of Indian domestic politics as well as the country’s nuclear and space programs.The top secret document, obtained by The Hindu, suggests American spying activity in the sub-continent has gone far beyond that claimed by US and Indian officials. Washington has said in the past that any snooping programs were only done as a counter terrorism measure, and that the content of emails and telephone conversations was never accessed. India’s IT minister Kapil Sibal reiterated these statements in August, claiming US agencies only tap the origin and destination of comms data because to access content would require a local court order. However, the document seen by The Hindu apparently proves that India was a target of the NSA’s infamous PRISM program, with US spooks tapping internet service providers including Google, Yahoo, Microsoft and Facebook for politically and commercially sensitive content. Dubbed A Week in the Life of PRISM reporting, the 'Special Source Operations' document apparently shows 589 'end product reports' distilled from raw intelligence across the globe, with a specific section on India. 'As politics, space and nuclear are mentioned as ‘end products’ in this document, it means that emails, texts and phones of important people related to these fields were constantly monitored and intelligence was taken from them, and then the NSA prepared official reports on the basis of raw intelligence,' an anonymous Indian intelligence agency official told the paper. 'It means, they are listening in real time to what our political leaders, bureaucrats and scientists are communicating with each other.'
Report says PRISM snooped on India's space, nuclear programs
The Register, 24 September 2013

"Brazil's president, Dilma Rousseff, has launched a blistering attack on US espionage at the UN general assembly, accusing the NSA of violating international law by its indiscriminate collection of personal information of Brazilian citizens and economic espionage targeted on the country's strategic industries. Rousseff's angry speech was a direct challenge to President Barack Obama, who was waiting in the wings to deliver his own address to the UN general assembly, and represented the most serious diplomatic fallout to date from the revelations by former NSA contractor Edward Snowden. Rousseff had already put off a planned visit to Washington in protest at US spying, after NSA documents leaked by Snowden revealed that the US electronic eavesdropping agency had monitored the Brazilian president's phone calls, as well as Brazilian embassies and spied on the state oil corporation, Petrobras. 'Personal data of citizens was intercepted indiscriminately. Corporate information – often of high economic and even strategic value – was at the centre of espionage activity. Also, Brazilian diplomatic missions, among them the permanent mission to the UN and the office of the president of the republic itself, had their communications intercepted,' Rousseff said, in a global rallying cry against what she portrayed as the overweening power of the US security apparatus. 'Tampering in such a manner in the affairs of other countries is a breach of international law and is an affront of the principles that must guide the relations among them, especially among friendly nations. A sovereign nation can never establish itself to the detriment of another sovereign nation. The right to safety of citizens of one country can never be guaranteed by violating fundamental human rights of citizens of another country."
Brazilian president: US surveillance a 'breach of international law'
Guardian, 24 September 2013

"The potential of the surveillance state goes way beyond anything in George Orwell's 1984, Alan Rusbridger, the Guardian's editor-in-chief, told an audience in New York on Monday. Speaking in the wake of a series of revelations in the Guardian about the extent of the National Security Agency's surveillance operations, Rusbridger said: 'Orwell could never have imagined anything as complete as this, this concept of scooping up everything all the time. This is something potentially astonishing about how life could be lived and the limitations on human freedom,' he said. Rusbridger said the NSA stories were 'clearly' not a story about totalitarianism, but that an infrastructure had been created that could be dangerous if it fell into the wrong hands. 'Obama is a nice guy. David Cameron is a nice social Democrat. About three hours from London in Greece there are some very nasty political parties. What there is is the infrastructure for total surveillance. In history, all the precedents are unhappy,' said Rusbridger, speaking at the Advertising Week conference."
NSA surveillance goes beyond Orwell's imagination – Alan Rusbridger
Guardian, 23 September 2013

"All existing data sharing agreements between Europe and the US should be revoked, and US web site providers should prominently inform European citizens that their data may be subject to government surveillance, according to the recommendations of a briefing report for the European Parliament. The report was produced in response to revelations about the US National Security Agency (NSA) snooping on internet traffic, and aims to highlight the subsequent effect on European Union (EU) citizens' rights. The report warns that EU data protection authorities have failed to understand the 'structural shift of data sovereignty implied by cloud computing', and the associated risks to the rights of EU citizens. It suggests 'a full industrial policy for development of an autonomous European cloud computing capacity' should be set up to reduce exposure of EU data to NSA surveillance that is undertaken by the use of US legislation that forces US-based cloud providers to provide access to data they hold. Current regulations such as Safe Harbour allow US firms to process EU data outside EU borders subject to conditions about how that data is handled. But the European Parliament report, written by British privacy expert Caspar Bowden, says that recent revelations show that such agreements are no longer sufficient, citing US legislation such as the Patriot Act and Foreign Intelligence Surveillance Act (FISA). 'Since the main mechanisms for data export [such as] model contracts [and] Safe Harbour, are not protective against FISA or Patriot, they should be revoked and renegotiated,' said the report."
US websites should inform EU citizens about NSA surveillance, says report
ComputerWeekly, 23 September 2013

"GPs are threatening to boycott a ‘Big Brother’ database being introduced by the NHS. Under the new General Practice Extraction Service (GPES), doctors will be forced to send confidential patient records to a central database. The idea is a pet project of Health Secretary Jeremy Hunt – who argues sharing GP records with universities and private companies will be valuable for medical research and screening for common diseases. But GPs say NHS England has failed to tell patients about the ‘care.data’ scheme or to promote it properly. Dr Jane Lothian, a GP and medical secretary of Northumberland Local Medical Committee (LMC), said patients were not getting ‘an informed choice’. Despite assurances the sensitive information will be kept anonymous, she feared patients could be identified from the data, saying: ‘With anything but very common conditions, people are identifiable.’"
GPs threaten to boycott 'Big Brother' NHS database which would force them to send confidential patient records to private firms
Mail, 21 September 2013

"The FBI has vastly expanded its domestic spying powers since 9/11, often justifying surveillance and infiltration of activist or religious communities under the banner of fighting terrorism, according to a new report by the ACLU. Requirements for opening investigations into groups or individuals have been repeatedly watered-down over the past decade, and the report documents many examples of FBI investigations based on what seems to be protected First Amendment activity. 'Before 9/11, the FBI operated within rules designed to focus its investigative efforts on people reasonably suspected of wrongdoing. These rules didn't always prevent abuse, but at least when abuse was discovered the agency could be held to account,' says Mike German, the former FBI agent who authored the ACLU report. 'What has changed since 9/11 is that Congress and successive administrations loosened the rules and at the same time increasing secrecy demands reduced oversight opportunities.' With the creation of the FBI Office of Intelligence in 2003, the FBI began a massive new intelligence-gathering project with the stated goal of preventing terrorist attacks before they occurred. With this new mandate came new powers, such as the ability to issue National Security Letters (NSLs), authorized under the Patriot Act – which author Tim Weiner's FBI history Enemies describes as having 'the combined power of a subpoena and a gag order.' The use of NSLs remains controversial today, and the constitutionality of their gag order element has been called into question by a federal judge."
Is the FBI's Domestic Spying Out of Control?
Rolling Stone, 19 September 2013

"Speaking at the keynote LinuxCon panel this year, Linus Torvalds, who created the open-source Linux operating system 22 years ago, revealed that the government had approached him about installing a backdoor into system’s structure. Linux is the preferred operating system for the privacy conscious infosec community. It’s just the latest in a string of revelations illustrating how the NSA have for a number of years attempted to intervene in the very structuring of online communications and cryptography to enable easier surveillance. EWeek.com reported on Torvalds’ panel admission (although the suggestion is that the Linux creator resisted government pressure): 'Torvalds was also asked if he had ever been approached by the U.S. government to insert a backdoor into Linux. Torvalds responded 'no' while [nodding] his head 'yes,' as the audience broke into spontaneous laughter.'."
Linux creator admits NSA demanded backdoor
Salon, 19 September 2013

"Brazil plans to divorce itself from the US-centric internet over Washington’s widespread online spying, a move that many experts fear will be a potentially dangerous first step toward politically fracturing a global network built with minimal interference by governments. President Dilma Rousseff has ordered a series of measures aimed at greater Brazilian online independence and security following revelations that the US National Security Agency intercepted her communications, hacked into the state-owned Petrobras oil company’s network and spied on Brazilians who entrusted their personal data to US tech companies such as Facebook and Google. 'The global backlash is only beginning and will get far more severe in coming months,' said Sascha Meinrath, director of the Open Technology Institute at the Washington-based New America Foundation think-tank. 'This notion of national privacy sovereignty is going to be an increasingly salient issue around the globe.' While Brazil isn’t proposing to bar its citizens from US-based Web services, it wants their data to be stored locally as the nation assumes greater control over Brazilians’ internet use to protect them from NSA snooping. Ms. Rousseff says she intends to push for new international rules on privacy and security in hardware and software during the UN General Assembly meeting later this month. Most of Brazil’s global internet traffic passes through the United States, so Ms. Rousseff’s government plans to lay underwater fibber optic cable directly to Europe and also link to all South American nations to create what it hopes will be a network free of US eavesdropping."
Brazil plans to go offline from US-centric internet
Associated Press, 17 September 2013

"A U.S. secret surveillance court has ruled the mass collection of telephone call data by the U.S. government as lawful, despite fears that the practice may fall in breach of Fourth Amendment rights against unwarranted searches. In an opinion released on Tuesday, dated August 29, U.S. Foreign Intelligence Court Judge Claire Eagen said the initial ruling allowing U.S. intelligence agencies to vacuum up vast amounts of domestic and international call data does not violate the law. The document [PDF], released by the Foreign Intelligence Surveillance Court (FISC), said it found 'there is no Constitutional impediment to the requested production' of metadata from phone companies order to hand over 'all tangible things' under Section 215 of the Patriot Act. 'The Court concludes that there are facts showing reasonable grounds to believe that the records sought are relevant to authorized investigations,' the document read. In spite of this, Eagen said the court was 'mindful' that the opinion comes at a time when 'unprecedented disclosures' have been made about 'highly-sensitive programs,' such as the PRISM and Upstream programs. Noting the public's reaction, the opinion was declassified to allay fears of lack of transparency within the secret court."
U.S. secret surveillance court rules phone metadata collection lawful
ZDNet, 17 September 2013

"The United States' NSA intelligence agency is interested in international payments processed by companies including Visa, SPIEGEL has learned. It has even set up its own financial database to track money flows through a 'tailored access operations' division. The National Security Agency (NSA) widely monitors international payments, banking and credit card transactions, according to documents seen by SPIEGEL. The information from the American foreign intelligence agency, acquired by former NSA contractor and whistleblower Edward Snowden, show that the spying is conducted by a branch called 'Follow the Money' (FTM). The collected information then flows into the NSA's own financial databank, called 'Tracfin,' which in 2011 contained 180 million records. Some 84 percent of the data is from credit card transactions. Further NSA documents from 2010 show that the NSA also targets the transactions of customers of large credit card companies like VISA for surveillance. NSA analysts at an internal conference that year described in detail how they had apparently successfully searched through the US company's complex transaction network for tapping possibilities. Their aim was to gain access to transactions by VISA customers in Europe, the Middle East and Africa, according to one presentation. The goal was to 'collect, parse and ingest transactional data for priority credit card associations, focusing on priority geographic regions.' In response to a SPIEGEL inquiry, however, VISA issued a statement in which it said, 'We are not aware of any unauthorized access to our network. Visa takes data security seriously and, in response to any attempted intrusion, we would pursue all available remedies to the fullest extent of the law. Further, its Visa's policy to only provide transaction information in response to a subpoena or other valid legal process."
'Follow the Money': NSA Spies on International Payments
Der Spiegel, 15 September 2013

"French newspaper L'Express has published a memo it says comes from Christophe Chantepy, chief of staff to French prime minister Jean-Marc Ayrault, and which recommends French cabinet ministers stop using smartphones for phone calls because they are not secure. The paper's report includes three images of the memo, one for each of its pages."
French ministers told to use only secure comms post-PRISM
The Register, 13 September 2013

"Buried in a Brazilian television report on Sunday was the disclosure that the NSA has impersonated Google and possibly other major internet sites in order to intercept, store, and read supposedly secure online communications. The spy agency accomplishes this using what's known as a 'man-in-the-middle (MITM) attack,' a fairly well-known exploit used by elite hackers. This revelation adds to the growing list of ways that the NSA is believed to snoop on ostensibly private online conversations. In what appears to be a slide taken from an NSA presentation that also contains some GCHQ slides, the agency describes 'how the attack was done' on 'target' Google users. According to the document, NSA employees log into an internet router—most likely one used by an internet service provider or a backbone network. (It's not clear whether this was done with the permission or knowledge of the router's owner.) Once logged in, the NSA redirects the 'target traffic' to an 'MITM,' a site that acts as a stealthy intermediary, harvesting communications before forwarding them to their intended destination. The brilliance of an MITM attack is that it defeats encryption without actually needing to crack any code. If you visit an impostor version of your bank's website, for example, the NSA could harvest your login and password, use that information to establish a secure connection with your real bank, and feed you the resulting account information—all without you knowing. Browsers are supposed to automatically foil MITM attacks, John Hopkins University cryptography expert Matthew Green told me. They rely on data from of certificate authorities, which verify the legitimacy of websites and issue them certificates, or digital stamps of approval. Browsers automatically ask for these certificates and alert you if they don't exist—you may have encountered such pop-up warnings. But here's where that system breaks down: Not all certificate authorities are completely trustworthy. 'If you are big enough and spend enough money,' Green says, 'you can actually get them to give you your own signing key'—the signature that they use to certify websites. With that, the NSA could create a fake certificate for any site on the internet, which is probably what it did when it impersonated Google, Green says. 'This is actually relatively easy to do,' he adds, 'because there are so many certificate authorities'—between 100 and 200."
Jack Harrison - Report: NSA Mimics Google to Monitor "Target" Web Users
Mother Jones, 12 September 2013

"A former senior British secret intelligence officer on Thursday played down any potential damage done by the leaks to the Guardian of the spying activities of GCHQ and America's National Security Agency, apparently contradicting claims made by UK security chiefs. The leaks, by former NSA contractor Edward Snowden were 'very embarrassing, uncomfortable, and unfortunate', Nigel Inkster, former deputy chief of MI6, said. While Inkster said it was too early to draw any definite conclusions about the impact of the leaks, he added: 'I sense that those most interested in the activities of the NSA and GCHQ have not been told very much they didn't know already or could have inferred.' Al-Qaida leaders in the tribal areas of Pakistan had been 'in the dark' for some time - in the sense that they had not used any form of electronic media that would 'illuminate' their whereabouts, Inkster said. He was referring to counter measures they had taken to avoid detection by western intelligence agencies. Other 'serious actors' were equally aware of the risks to their own security from NSA and GCHQ eavesdroppers, he said. As for the impact of the revelations about the capabilities of the NSA and GCHQ on allies, Inkster said the reality was any government with a national communications system also had a national signal intelligence capability. 'The tears that have been shed internationally have been of the crocodile variety,' he said in an apparent reference to US allies, notably Germany, which have expressed concern about the activities of the NSA and GCHQ and the extent of their ability to intercept communications. Inkster was speaking at a press conference at the launch of the latest annual Strategic Survey published by the International Institute for Strategic Studies. He left MI6 after the invasion of Iraq and subsequently criticised how Britain 'got dragged into a war'. He is currently director of transnational threats and political risk at the institute."
Ex-MI6 deputy chief plays down damage caused by Snowden leaks
Guardian, 12 September 2013

"The latest series of Apple’s iPhone will not only continue to cultivate numerous apps that track your location through GPS and transmit data directly back to corporations and government, but contain a fingerprint sensor that stores your fingerprint in order to purchase apps and unlock the phone for use. And that’s really just the beginning. As millions will most likely continue through the Apple food chain and purchase this phone, the NSA and bloated federal government at large will be beyond ecstatic. Because after all, it’s a real dream come true for the Big Daddy government spy state. No longer will you actually need to be arrested to gather your fingerprints — we’re talking about millions nationwide willingly submitting their biometrics to a database that most certainly is accessible by Apple and big government. But don’t worry, the same company that has given away all of your chats and personal data through the NSA’s top secret PRISM program says that you’re perfectly safe. Security experts and high level tech analysts, however, seem to disagree. In addition to the fact that it seems consumer trust is all but dead in regards to Apple and its ties to the spying grid, it seems these ‘safety’ features are actually quite vulnerable in reality. To the point now where hackers can access a massive database of fingerprints just waiting to be taken and utilized fraudulently."
Apple iPhone 5S: Big Brother Dream Come True
StoryLeak, 11 September 2013

"The National Security Agency routinely shares raw intelligence data with Israel without first sifting it to remove information about US citizens, a top-secret document provided to the Guardian by whistleblower Edward Snowden reveals. Details of the intelligence-sharing agreement are laid out in a memorandum of understanding between the NSA and its Israeli counterpart that shows the US government handed over intercepted communications likely to contain phone calls and emails of American citizens. The agreement places no legally binding limits on the use of the data by the Israelis. The disclosure that the NSA agreed to provide raw intelligence data to a foreign country contrasts with assurances from the Obama administration that there are rigorous safeguards to protect the privacy of US citizens caught in the dragnet. The intelligence community calls this process 'minimization', but the memorandum makes clear that the information shared with the Israelis would be in its pre-minimized state. The deal was reached in principle in March 2009, according to the undated memorandum, which lays out the ground rules for the intelligence sharing. The five-page memorandum, termed an agreement between the US and Israeli intelligence agencies 'pertaining to the protection of US persons', repeatedly stresses the constitutional rights of Americans to privacy and the need for Israeli intelligence staff to respect these rights. But this is undermined by the disclosure that Israel is allowed to receive 'raw Sigint' – signal intelligence. The memorandum says: 'Raw Sigint includes, but is not limited to, unevaluated and unminimized transcripts, gists, facsimiles, telex, voice and Digital Network Intelligence metadata and content.... In another top-secret document seen by the Guardian, dated 2008, a senior NSA official points out that Israel aggressively spies on the US. 'On the one hand, the Israelis are extraordinarily good Sigint partners for us, but on the other, they target us to learn our positions on Middle East problems,' the official says. 'A NIE [National Intelligence Estimate] ranked them as the third most aggressive intelligence service against the US.' Later in the document, the official is quoted as saying: 'One of NSA's biggest threats is actually from friendly intelligence services, like Israel. There are parameters on what NSA shares with them, but the exchange is so robust, we sometimes share more than we intended."
NSA shares raw intelligence including Americans' data with Israel
Guardian, 11 September 2013

"The US intelligence agency NSA has been taking advantage of the smartphone boom. It has developed the ability to hack into iPhones, android devices and even the BlackBerry, previously believed to be particularly secure. Michael Hayden has an interesting story to tell about the iPhone. He and his wife were in an Apple store in Virginia, Hayden, the former head of the United States National Security Agency (NSA), said at a conference in Washington recently. A salesman approached and raved about the iPhone, saying that there were already '400,000 apps' for the device. Hayden, amused, turned to his wife and quietly asked: 'This kid doesn't know who I am, does he? Four-hundred-thousand apps means 400,000 possibilities for attacks.' Hayden was apparently exaggerating only slightly. According to internal NSA documents from the Edward Snowden archive that SPIEGEL has been granted access to, the US intelligence service doesn't just bug embassies and access data from undersea cables to gain information. The NSA is also extremely interested in that new form of communication which has experienced such breathtaking success in recent years: smartphones. In Germany, more than 50 percent of all mobile phone users now possess a smartphone; in the UK, the share is two-thirds. About 130 million people in the US have such a device. The mini-computers have become personal communication centers, digital assistants and life coaches, and they often know more about their users than most users suspect. For an agency like the NSA, the data storage units are a goldmine, combining in a single device almost all the information that would interest an intelligence agency: social contacts, details about the user's behavior and location, interests (through search terms, for example), photos and sometimes credit card numbers and passwords. Smartphones, in short, are a wonderful technical innovation, but also a terrific opportunity to spy on people, opening doors that even such a powerful organization as the NSA couldn't look behind until now....A detailed NSA presentation titled, 'Does your target have a smartphone?' shows how extensive the surveillance methods against users of Apple's popular iPhone already are. In three consecutive transparencies, the authors of the presentation draw a comparison with '1984,' George Orwell's classic novel about a surveillance state, revealing the agency's current view of smartphones and their users. 'Who knew in 1984 that this would be Big Brother …' the authors ask, in reference to a photo of Apple co-founder Steve Jobs. And commenting on photos of enthusiastic Apple customers and iPhone users, the NSA writes: '… and the zombies would be paying customers?' In fact, given the targets it defines, the NSA can select a broad spectrum of user data from Apple's most lucrative product, at least if one is to believe the agency's account. The results the intelligence agency documents on the basis of several examples are impressive. They include an image of the son of a former defense secretary with his arm around a young woman, a photo he took with his iPhone. A series of images depicts young men and women in crisis zones, including an armed man in the mountains of Afghanistan, an Afghan with friends and a suspect in Thailand. All the images were apparently taken with smartphones. A photo taken in January 2012 is especially risqué: It shows a former senior government official of a foreign country who, according to the NSA, is relaxing on his couch in front of a TV set and taking pictures of himself -- with his iPhone. To protect the person's privacy, SPIEGEL has chosen not to reveal his name or any other details. The access to such material varies, but much of it passes through an NSA department responsible for customized surveillance operations against high-interest targets. One of the US agents' tools is the use of backup files established by smartphones. According to one NSA document, these files contain the kind of information that is of particular interest to analysts, such as lists of contacts, call logs and drafts of text messages. To sort out such data, the analysts don't even require access to the iPhone itself, the document indicates. The department merely needs to infiltrate the target's computer, with which the smartphone is synchronized, in advance. Under the heading 'iPhone capability,' the NSA specialists list the kinds of data they can analyze in these cases. The document notes that there are small NSA programs, known as 'scripts,' that can perform surveillance on 38 different features of the iPhone 3 and 4 operating systems. They include the mapping feature, voicemail and photos, as well as the Google Earth, Facebook and Yahoo Messenger applications. The NSA analysts are especially enthusiastic about the geolocation data stored in smartphones and many of their apps, data that enables them to determine a user's whereabouts at a given time. The NSA and its partner agency, Britain's GCHQ, focused with similar intensity on another electronic toy: the BlackBerry. This is particularly interesting given that the Canadian company's product is marketed to a specific target group: companies that buy the devices for their employees. In fact, the device, with its small keypad, is seen as more of a manager's tool than something suspected terrorists would use to discuss potential attacks. The NSA also shares this assessment, noting that Nokia devices were long favored in extremist forums, with Apple following in third place and BlackBerry ranking a distant ninth. According to several documents, the NSA spent years trying to crack BlackBerry communications, which enjoy a high degree of protection, and maintains a special 'BlackBerry Working Group' specifically for this purpose. But the industry's rapid development cycles keep the specialists assigned to the group on their toes, as a GCHQ document marked 'UK Secret' indicates. According to the document, problems with the processing of BlackBerry data were suddenly encountered in May and June 2009, problems the agents attributed to a data compression method newly introduced by the manufacturer. In July and August, the GCHQ team assigned to the case discovered that BlackBerry had previously acquired a smaller company. At the same time, the intelligence agency had begun studying the new BlackBerry code. In March 2010, the problem was finally solved, according to the internal account. 'Champagne!' the analysts remarked, patting themselves on the back.'"
iSpy: How the NSA Accesses Smartphone Data
Der Spiegel, 9 September 2013

"US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden. The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments. The agencies, the documents reveal, have adopted a battery of methods in their systematic and ongoing assault on what they see as one of the biggest threats to their ability to access huge swathes of internet traffic – 'the use of ubiquitous encryption across the internet'. Those methods include covert measures to ensure NSA control over setting of international encryption standards, the use of supercomputers to break encryption with 'brute force', and – the most closely guarded secret of all – collaboration with technology companies and internet service providers themselves. Through these covert partnerships, the agencies have inserted secret vulnerabilities – known as backdoors or trapdoors – into commercial encryption software. The files, from both the NSA and GCHQ, were obtained by the Guardian, and the details are being published today in partnership with the New York Times and ProPublica. They reveal... The NSA spends $250m a year on a program which, among other goals, works with technology companies to 'covertly influence' their product designs."
Revealed: how US and UK spy agencies defeat internet privacy and security
Guardian, 6 September 2013

"The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents. The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show. Many users assume — or have been assured by Internet companies — that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way. The agency treats its recent successes in deciphering protected information as among its most closely guarded secrets, restricted to those cleared for a highly classified program code-named Bullrun, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor. Beginning in 2000, as encryption tools were gradually blanketing the Web, the N.S.A. invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. Having lost a public battle in the 1990s to insert its own 'back door' in all encryption, it set out to accomplish the same goal by stealth. The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated. The N.S.A. hacked into target computers to snare messages before they were encrypted. In some cases, companies say they were coerced by the government into handing over their master encryption keys or building in a back door. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.... For at least three years, one document says, GCHQ, almost certainly in collaboration with the N.S.A., has been looking for ways into protected traffic of popular Internet companies: Google, Yahoo, Facebook and Microsoft’s Hotmail. By 2012, GCHQ had developed 'new access opportunities' into Google’s systems, according to the document. (Google denied giving any government access and said it had no evidence its systems had been breached)....The documents are among more than 50,000 shared by The Guardian with The New York Times and ProPublica, the nonprofit news organization. They focus on GCHQ but include thousands from or about the N.S.A.... The full extent of the N.S.A.’s decoding capabilities is known only to a limited group of top analysts from the so-called Five Eyes: the N.S.A. and its counterparts in Britain, Canada, Australia and New Zealand. Only they are cleared for the Bullrun program, the successor to one called Manassas — both names of an American Civil War battle. A parallel GCHQ counterencryption program is called Edgehill, named for the first battle of the English Civil War of the 17th century. Unlike some classified information that can be parceled out on a strict 'need to know' basis, one document makes clear that with Bullrun, 'there will be NO ‘need to know.’ ' Only a small cadre of trusted contractors were allowed to join Bullrun. It does not appear that Mr. Snowden was among them, but he nonetheless managed to obtain dozens of classified documents referring to the program’s capabilities, methods and sources."
N.S.A. Able to Foil Basic Safeguards of Privacy on Web
New York Times, 5 September 2013

"... the National Security Agency has moved beyond its historic role as a code-breaker to become a saboteur of the encryption systems. Its work has allegedly weakened the scrambling not just of terrorists' emails but also bank transactions, medical records and communications among coworkers..... The latest Snowden-leaked documents outline a multi-pronged assault by the NSA on the various forms of encryption used online. ... the implication of the mass of documents leaked thus far is that the NSA is not just monitoring seemingly every utterance on the planet, it is planting weaknesses in the security technology that protects legitimate online communications for the sake of decrypting illegitimate ones."
Latest Snowden revelation: NSA sabotaged electronic locks
Los Angeles Times, 5 September 2013

"U.S. spy agencies have built an intelligence-gathering colossus since the attacks of Sept. 11, 2001, but remain unable to provide critical information to the president on a range of national security threats, according to the government’s top-secret budget. The $52.6 billion 'black budget' for fiscal 2013, obtained by The Washington Post from former intelligence contractor Edward Snowden, maps a bureaucratic and operational landscape that has never been subject to public scrutiny. Although the government has annually released its overall level of intelligence spending since 2007, it has not divulged how it uses the money or how it performs against the goals set by the president and Congress."
U.S. spy network’s successes, failures and objectives detailed in ‘black budget’ summary
Washington Post, 29 August 2013

"Facebook Inc is considering incorporating most of its 1 billion-plus members' profile photos into its growing facial recognition database, expanding the scope of the social network's controversial technology. The possible move, which Facebook revealed in an update to its data use policy on Thursday, is intended to improve the performance of its 'Tag Suggest' feature. The feature uses facial recognition technology to speed up the process of labeling or 'tagging' friends and acquaintances who appear in photos posted on the network. The technology currently automatically identifies faces in newly uploaded photos by comparing them only to previous snapshots in which users were tagged. Facebook users can choose to remove tags identifying them in photos posted by others on the site.The changes would come at a time when Facebook and other Internet companies' privacy practices are under scrutiny, following the revelations of a U.S. government electronic surveillance program."
Facebook considers adding profile photos to facial recognition
Reuters, 29 August 2013

"WikiLeaks founder and Australian Senate candidate Julian Assange has accused the Obama administration of waging a war on whistleblowers. Mr Assange made the comments after a military judge found US soldier Bradley Manning guilty of several counts of espionage but not of aiding the enemy. 'Barack Obama has proceeded with more prosecutions against whistleblowers for espionage than all previous presidents combined going all the way back to 1917,' he told the ABC's AM program on July 31, 2013. .... Seven whistleblowers have been prosecuted for espionage during Mr Obama's presidency. The number for all previous presidents since 1917 is six.... In each case, the charges were brought under the Espionage Act of 1917. They included the former National Security Agency contractor now living in Russia, Edward Snowden, a state department contractor accused of leaking classified information about North Korea to Fox News, Stephen Kim, and a CIA officer who was charged in 2010 with leaking information about Iran's nuclear program to the New York Times, Jeffrey Sterling. No journalist who received the leaks has been prosecuted, but James Risen of the Times has been ordered to testify in the Sterling case..... Seven whistleblowers have been prosecuted under the Espionage Act during Mr Obama's presidency. Before 2009, charges were laid against six whistleblowers, albeit in only three cases."
Julian Assange goes too far on Barack Obama's prosecutions against whistleblowers
ABC (Australia), 21 August 2013

"Britain's apparent lack of concern [about mass surveillance] is not political, but cultural, a response conditioned by decades of reverence for the intelligence services and a faith in secrecy that is embedded in our historicial DNA. We like spies, from James Bond to George Smiley, and we are taught that they are on our side......"
Big Brother is watching us? How comforting
London Times, 30 August, Print Edition, P27

"In Germany the Foreign Minister condemns mass surveillance of private communications by British and US intelligence agencies as a 'Hollywood nightmare'. In America the libertarian Right and the liberal Left form an unlikely alliance to condemn the covert monitoring of data by the National Security Agency revealed by the whistleblower Edward Snowden.... But in Britain news that the Government Communications Headquarters runs a mass programme of digital surveillance is greeted with a public shrug, a few emollient words from the Government and almost no political debate. One document leaked by Mr Snowden revealed that GCHQ intends to 'exploit any phone, anywhere, any time'. Britain's response has been a resounding 'whatever'.... Much of the world is outraged that we are not more outraged by he evidence of mass snooping on our private communications.... While condemning the Snowden leaks, Barack Obama has welcomed the ensuing debate over privacy and security and has promised a review of NSA procedures and there is certain to be a major legislative overhaul of how America's intelligence agencies gather and store mass data. No such reform is likely in Britain, because no such debate is underway. Across Europe, there has been widespread anger over Britain's programme of monitoring global telephone and internet traffic - nowhere more than in Germany, where memories of Gestapo and Stasi prying remain fresh and painful.... Writing in Der Speigel, the columnist Christoph Scheuermann criticised the British public's meek acquiescence to mass surveillance. 'It is astonishing to see how many Britons blindly and uncritically trust the world of their intelligence services,' he wrote. 'Some still see the GCHQ as a club of amiable gentlemen in shabby tweed jackets who cracked the Nazis Enigma coding machine in World War II. He is right. British deference towards the intelligence services is a legacy of that war... a legacy of government concealment enshrined in the Official Secrets Act, a deeply flawed piece of legislation intended to protect against spies, but too often used to intimidate journalists, silence critics and muzzle inconvenient truths. As Edward Heath pointed out, Britain became the most secretive state in Europe; simply revealing the colour of the carpets in MI6 was a crime.... The Snowdon affair should spur a full investigation into how intelligence agencies gather and store electronic communications, a debate on what truly constitutes a secret state, greater oversight of intelligence collection, and complete revision of the Official Secrets Act. But it will not, because in this country we are more reassured than dismayed by being spied upon."
Ben Macintyre - Big Brother is watching us? How comforting
London Times, 30 August 2013, Print Edition, P27

"Britain's GCHQ is reported to have wider access to Europe's electronic communications than previously thought. The media reports are based partly on documents released by former US intelligence officer Edward Snowden. The reports published by the German public broadcaster NDR and the Süddeutsche newspaper said documents made available to them by Edward Snowden indicate that Britain's Government Communications Headquarters (GCHQ) is capable of gathering and analyzing data from almost all of the traffic that passes through Europe's internet network. According to the reports, the GCHQ's capabilities are particularly strong with regard to Germany's electronic communications. This is made possible in large part due to a total of 14 fiber optic cables worldwide, which are used to deliver data between and countries and continents. Some of these lead to and from Germany's northern coast, and the German telecommunications giant Deutsche Telekom belongs to a consortium, which operates two of them. These cables, the reports said, help the GCHQ to snoop on emails not just within Europe, but even within Germany. However, there is also another major contributing factor. 'Many online services have their servers for the European market in England or Ireland. And here too, the German traffic travels via Great Britain,' journalist Jörg Schieb, who specializes in computers and the internet, told NDR. The reports also say at least six communications companies cooperate with the GCHQ, albeit, not necessarily voluntarily. These include BT, Level-3, Viatel, Interoute, Verizon and Vodafone. Each of these companies is involved in Germany and a large part of the country's internet traffic moves through its networks. However, according to another whistleblower, US or British intelligence agencies could gain access even without their cooperation. Thomas Drake, a former senior executive of the National Security Agency, where Snowden was a subcontractor, told the Süddeutsche that most emails, even those sent to addresses within the same country travelled through international cables. Asked to respond to the Süddeutsche and NDR findings, Deutsche Telekom issued a statement in which it declared that it allowed 'foreign services no access to data or telecommunications and internet traffic in Germany.'"
GCHQ reported to have access to almost all European internet traffic
Deutsche Welle, 29 August 2013

"Consider the deep messaging of the NSA’s brand. Only forty years removed from the blackmail-tinged reign of J. Edgar Hoover, the NSA has developed an image which implies the agency is vacuuming up more than enough incriminating phone records, emails and text/sext messages to politically torpedo any rank-and-file congressman, should that congressman step out of line. And here’s the thing: for all the agita intelligence officials express about new disclosures, those disclosures illustrate the sheer size and scope of governement surveillance. That doesn’t weaken the NSA – on the contrary, it serves to politically strengthen the agency by constantly reminding lawmakers that the NSA 1) probably has absolutely everything on them and 2) could use that stuff against them."
David Sirota - Saying Boo To A Ghost: It's No Secret Why Congress Fears Crossing The NSA
NSFW Corp, 22 August 2013

"The editor of the Guardian, a major outlet for revelations based on leaks from former U.S. intelligence contractor Edward Snowden, says the British government threatened legal action against the newspaper unless it either destroyed the classified documents or handed them back to British authorities. In an article posted on the British newspaper's website on Monday, Guardian editor Alan Rusbridger said that a month ago, after the newspaper had published several stories based on Snowden's material, a British official advised him: 'You've had your fun. Now we want the stuff back.' After further talks with the government, Rusbridger said, two 'security experts' from Government Communications Headquarters, the British equivalent of the ultra-secretive U.S. National Security Agency, visited the Guardian's London offices. In the building's basement, Rusbridger wrote, government officials watched as computers which contained material provided by Snowden were physically pulverized. 'We can call off the black helicopters,' Rusbridger says one of the officials joked. The Guardian's decision to publicize the government threat - and the newspaper's assertion that it can continue reporting on the Snowden revelations from outside of Britain - appears to be the latest step in an escalating battle between the news media and governments over reporting of secret surveillance programs. On Sunday, British authorities detained for nine hours the domestic partner of Glenn Greenwald, a Guardian writer who met face to face in Hong Kong with Snowden and has written or co-authored many of the newspaper's stories based on his material....Rusbridger, in his article on the Guardian's website, said that despite the destruction of the computers in London, he told British officials that due to the nature of 'international collaborations' among journalists, it would remain possible for media organizations to 'take advantage of the most permissive legal environments.' Henceforth, he said, the Guardian 'did not have to do our reporting from London.' A source familiar with the matter said that this meant British authorities were on notice that the Guardian was likely to continue to report on the Snowden revelations from outside British government jurisdiction."
Britain forced Guardian to destroy copy of Snowden material
Reuters, 20 August 2013

"In this work he is regularly helped by David Miranda. Miranda is not a journalist, but he still plays a valuable role in helping his partner do his journalistic work. Greenwald has his plate full reading and analysing the Snowden material, writing, and handling media and social media requests from around the world. He can certainly use this back-up. That work is immensely complicated by the certainty that it would be highly unadvisable for Greenwald (or any other journalist) to regard any electronic means of communication as safe. The Guardian's work on the Snowden story has involved many individuals taking a huge number of flights in order to have face-to-face meetings. Not good for the environment, but increasingly the only way to operate. Soon we will be back to pen and paper. Miranda was held for nine hours under schedule 7 of the UK's terror laws, which give enormous discretion to stop, search and question people who have no connection with "terror", as ordinarily understood. Suspects have no right to legal representation and may have their property confiscated for up to seven days. Under this measure – uniquely crafted for ports and airport transit areas – there are none of the checks and balances that apply once someone is in Britain proper. There is no need to arrest or charge anyone and there is no protection for journalists or their material. A transit lounge in Heathrow is a dangerous place to be..... The detention of Miranda has rightly caused international dismay because it feeds into a perception that the US and UK governments – while claiming to welcome the debate around state surveillance started by Snowden – are also intent on stemming the tide of leaks and on pursuing the whistleblower with a vengeance. That perception is right. Here follows a little background on the considerable obstacles being placed in the way of informing the public about what the intelligence agencies, governments and corporations are up to.... We will continue to do patient, painstaking reporting on the Snowden documents, we just won't do it in London. The seizure of Miranda's laptop, phones, hard drives and camera will similarly have no effect on Greenwald's work. The state that is building such a formidable apparatus of surveillance will do its best to prevent journalists from reporting on it. Most journalists can see that. But I wonder how many have truly understood the absolute threat to journalism implicit in the idea of total surveillance, when or if it comes – and, increasingly, it looks like 'when'.... We are not there yet, but it may not be long before it will be impossible for journalists to have confidential sources. Most reporting – indeed, most human life in 2013 – leaves too much of a digital fingerprint. Those colleagues who denigrate Snowden or say reporters should trust the state to know best (many of them in the UK, oddly, on the right) may one day have a cruel awakening. One day it will be their reporting, their cause, under attack. But at least reporters now know to stay away from Heathrow transit lounges."
Alan Rusbridger - Editor of the Guardian
David Miranda, schedule 7 and the danger that all reporters now face
Guardian, 19 August 2013

"Two US senators on the intelligence committee said on Friday that thousands of annual violations by the National Security Agency on its own restrictions were 'the tip of the iceberg.' 'The executive branch has now confirmed that the rules, regulations and court-imposed standards for protecting the privacy of Americans' have been violated thousands of times each year,' said senators Ron Wyden and Mark Udall, two leading critics of bulk surveillance, who responded Friday to a Washington Post story based on documents provided by whistleblower Edward Snowden. 'We have previously said that the violations of these laws and rules were more serious than had been acknowledged, and we believe Americans should know that this confirmation is just the tip of a larger iceberg.' On July 31, Wyden, backed by Udall, vaguely warned other senators in a floor speech that the NSA and the director of national intelligence were substantively misleading legislators by describing improperly collected data as a matter of innocent and anodyne human or technical errors. In keeping with their typically cautious pattern when discussing classified information, Wyden and Udall did not provide details about their claimed 'iceberg' of surveillance malfeasance. But they hinted that the public still lacks an adequate understanding of the NSA's powers to collect data on Americans under its controversial interpretation of the Patriot Act."
NSA revelations of privacy breaches 'the tip of the iceberg' – Senate duo
Guardian, 16 August 2013

"Since the tragic events of 9/11, the U.S. government has been collecting vast amounts of information through domestic surveillance of its citizens. These mountains of metadata have compromised the basic freedoms of Americans but have not helped the National Security Agency (NSA) predict a single terrorist plot against the United States. It’s a sorry saga and its latest chapter concerns the recent revelations about PRISM – a massive clandestine surveillance program run by the National Security Agency. NSA whistle-blower Edward Snowden revealed that, under PRISM, wireless operator Verizon was being forced to turn over metadata to the NSA concerning all calls made by its customers. While the public may have been shocked by this news, I wasn’t. As Time.com’s intelligence columnist and a former Central Intelligence Agency (CIA) case officer, I have often talked to people in government who have pointed to my iPhone and said, 'Anything that goes across that phone – whether it’s e-mail, calls, metadata, or Skype – can be intercepted by the government.' They didn’t talk about PRISM, of course, but the message was clear. One aspect of PRISM does shock me, though: the fact that it involves search and seizure without a warrant. I know several cases in which the Department of Justice has accessed the metadata of a reporter to find out who his or her sources are. After that, it has trolled metadata about the sources to see if it can come up with enough evidence to justify investigating them. You might think that if you’re a law-abiding citizen, you have nothing to fear from all this. If so, think again. The people who work for the government don’t always obey the law. The opportunities for abuse are rife – getting into your Internal Revenue Service (IRS) tax data, for instance, or checking out your text messages. The government could destroy the reputation of an opposition politician with this kind of information. Remember Watergate and then ask yourself whether it’s a good idea to give people who aren’t exactly honest the tools to ruin others. There is, quite frankly, no need for this level of surveillance. ... To justify it, Washington often tells us that Najibullah Zazi, a member of an al-Qaeda group that was accused of plotting to bomb the New York City subway in 2009, was caught as a result of information obtained through PRISM. That’s not true. British authorities were led to Zazi, and then told Washington. The United States examined the metadata and found evidence to continue the investigation. Without the tip-off, though, it would have been in the dark....The threat of terrorism from the Muslim world has been hugely overplayed. We thought our world was caving in after 9/11. We wondered where the next attack would come from. We pictured terrorists setting off bombs in malls. It just hasn’t happened – except for Boston, which was a weird anomaly."
Robert Baer - Nothing to fear? Think again
Cyrprus Mail, 14 August 2013

"For years, the Central Intelligence Agency denied it had a secret file on MIT professor and famed dissident Noam Chomsky. But a new government disclosure obtained by The Cablereveals for the first time that the agency did in fact gather records on the anti-war iconoclast during his heyday in the 1970s. The disclosure also reveals that Chomsky's entire CIA file was scrubbed from Langley's archives, raising questions as to when the file was destroyed and under what authority. The breakthrough in the search for Chomsky's CIA file comes in the form of a Freedom of Information Act (FOIA) request to the Federal Bureau of Investigation. For years, FOIA requests to the CIA garnered the same denial: 'We did not locate any records responsive to your request.' The denials were never entirely credible, given Chomsky's brazen anti-war activism in the 60s and 70s -- and the CIA's well-documented track record of domestic espionage in the Vietnam era. But the CIA kept denying, and many took the agency at its word. Now, a public records request by Chomsky biographer Fredric Maxwell reveals a memo between the CIA and the FBI that confirms the existence of a CIA file on Chomsky. Dated June 8, 1970, the memo discusses Chomsky's anti-war activities and asks the FBI for more information about an upcoming trip by anti-war activists to North Vietnam. The memo's author, a CIA official, says the trip has the 'ENDORSEMENT OF NOAM CHOMSKY' and requests 'ANY INFORMATION' about the people associated with the trip. ... It's worth noting that the destruction of records is a legally treacherous activity. Under the Federal Records Act of 1950, all federal agencies are required to obtain advance approval from the national Archives for any proposed record disposition plans. The Archives is tasked with preserving records with 'historical value.' .... What does Chomsky think? When The Cablepresented him with evidence of his CIA file, the famous linguist responded with his trademark cynicism. 'Some day it will be realized that systems of power typically try to extend their power in any way they can think of,' he said. When asked if he was more disturbed by intelligence overreach today (given the latest NSA leaks) or intelligence overreach in the 70s, he dismissed the question as an apples-to-oranges comparison. 'What was frightening in the ‘60s into early ‘70s was not so much spying as the domestic terror operations, COINTELPRO,' he said, referring to the FBI's program to discredit and infiltrate domestic political organizations. 'And also the lack of interest when they were exposed.'"
Exclusive: After Multiple Denials, CIA Admits to Snooping on Noam Chomsky
Foreign Policy, 13 August 2013

"This past January, Laura Poitras received a curious e-mail from an anonymous stranger [who eventually turned out to be NSA whistleblower Edward Snowden] requesting her public encryption key. For almost two years, Poitras had been working on a documentary about surveillance, and she occasionally received queries from strangers. She replied to this one and sent her public key — allowing him or her to send an encrypted e-mail that only Poitras could open, with her private key — but she didn’t think much would come of it. The stranger responded with instructions for creating an even more secure system to protect their exchanges. Promising sensitive information, the stranger told Poitras to select long pass phrases that could withstand a brute-force attack by networked computers. 'Assume that your adversary is capable of a trillion guesses per second,' the stranger wrote. Before long, Poitras received an encrypted message that outlined a number of secret surveillance programs run by the government. She had heard of one of them but not the others. After describing each program, the stranger wrote some version of the phrase, 'This I can prove.'"
How Laura Poitras Helped Snowden Spill His Secrets
New York Times, 13 August 2013

"William Binney, a former top N.S.A. official who publicly accused the agency of illegal surveillance, was at home one morning in 2007 when F.B.I. agents burst in and aimed their weapons at his wife, his son and himself. Binney was, at the moment the agent entered his bathroom and pointed a gun at his head, naked in the shower. His computers, disks and personal records were confiscated and have not yet been returned. Binney has not been charged with any crime."
How Laura Poitras Helped Snowden Spill His Secrets
New York Times, 13 August 2013

"President Obama in a press conference on Friday announced tighter restrictions on the National Security Agency’s domestic surveillance program, but most voters still don’t trust the government to protect their constitutional rights. Very few expect the program to cut back on monitoring the phone calls of innocent Americans. Despite the president’s pronouncement of greater 'transparency,' only 11% of Likely U.S. Voters think it is now less likely that the federal government will monitor the private phone calls of ordinary Americans. A new Rasmussen Reports national telephone survey finds that 30% believe it is more likely now that the government will monitor these calls, while 49% expect the level of surveillance to remain about the same."
Just 11% Think NSA Less Likely Now to Monitor Phone Calls of Innocent Americans
Rassmusen Reports, 12 August 2013

"The National Security Agency has a secret backdoor into its vast databases under a legal authority enabling it to search for US citizens' email and phone calls without a warrant, according to a top-secret document passed to the Guardian by Edward Snowden. The previously undisclosed rule change allows NSA operatives to hunt for individual Americans' communications using their name or other identifying information. Senator Ron Wyden told the Guardian that the law provides the NSA with a loophole potentially allowing 'warrantless searches for the phone calls or emails of law-abiding Americans'. The authority, approved in 2011, appears to contrast with repeated assurances from Barack Obama and senior intelligence officials to both Congress and the American public that the privacy of US citizens is protected from the NSA's dragnet surveillance programs. The intelligence data is being gathered under Section 702 of the of the Fisa Amendments Act (FAA), which gives the NSA authority to target without warrant the communications of foreign targets, who must be non-US citizens and outside the US at the point of collection. The communications of Americans in direct contact with foreign targets can also be collected without a warrant, and the intelligence agencies acknowledge that purely domestic communications can also be inadvertently swept into its databases. That process is known as 'incidental collection' in surveillance parlance. But this is the first evidence that the NSA has permission to search those databases for specific US individuals' communications."
NSA loophole allows warrantless search for US citizens' emails and phone calls
Guardian, 9 August 2013

"Ladar Levison, 32, has spent ten years building encrypted email service Lavabit, attracting over 410,000 users. When NSA whistleblower Edward Snowden was revealed to be one of those users in July, Dallas-based Lavabit got a surge of new customers: $12,000 worth of paid subscribers, triple his usual monthly sign-up. On Thursday, though, Levison pulled the plug on his company, posting a cryptic message about a government investigation that would force him to 'become complicit in crimes against the American people' were he to stay in business. Many people have speculated that the investigation concerned the government trying to get access to the email of Edward Snowden, who has been charged with espionage. There are legal restrictions which prevent Levison from being more specific about a protest of government methods that has forced him to shutter his company, an unprecedented move. 'This is about protecting all of our users, not just one in particular. It’s not my place to decide whether an investigation is just, but the government has the legal authority to force you to do things you’re uncomfortable with,' said Levison in a phone call on Friday. 'The fact that I can’t talk about this is as big a problem as what they asked me to do.'... 'I’m taking a break from email,' said Levison. 'If you knew what I know about email, you might not use it either.'"
Lavabit's Ladar Levison: 'If You Knew What I Know About Email, You Might Not Use It'
Forbes, 9 August 2013

"The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, according to an internal audit and other top-secret documents. Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by statute and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. e-mails and telephone calls....The NSA audit obtained by The Post, dated May 2012, counted 2,776 incidents in the preceding 12 months of unauthorized collection, storage, access to or distribution of legally protected communications. Most were unintended. Many involved failures of due diligence or violations of standard operating procedure. The most serious incidents included a violation of a court order and unauthorized use of data about more than 3,000 Americans and green-card holders."
NSA broke privacy rules thousands of times per year, audit finds
Washington Post, 15 August 2013

"The National Security Agency admitted in a statement Friday that there have been 'very rare' instances of willful violations of agency protocols by agency officers. The Wall Street Journal reports that some of those willful violations involved officials turning their private eyes on love interests..... The 'LOVEINT' examples constitute most episodes of willful misconduct by NSA employees, officials said. While troubling, this type of snooping is by no means unprecedented. There are plenty of cases in which local law enforcement officials have been accused of abusing their access to databases to acquire information about potential romantic interests."
LOVEINT: When NSA officers use their spying power on love interests
Washington Post, 24 August 2013

"President Barack Obama turned serious in an interview with late-night television host Jay Lenothree weeks ago and sought to reassure the nation about top-secret U.S. electronic surveillance programs. 'There is no spying on Americans,' Obama insisted to Leno. 'We don’t have a domestic spying program.' A classified court opinion released Aug. 21 showed that the National Security Agency intercepted as many as 56,000 e-mails a year of Americans who weren’t suspected of having ties to terrorism -- another in a steady drip of revelations testing Obama’s credibility on surveillance issues among voters. .... The New York Times editorial page, which often backs the Obama administration, said in an editorial published June 6 after the surveillance program was exposed that the president 'has now lost all credibility on this issue.'... The NSA surveillance programs were exposed more than two months ago by former U.S. intelligence contractor Edward Snowden, who leaked classified documents to the Washington Post and U.K.-based Guardian newspapers."
Court Finding of Domestic Spying Risks Obama Credibility
Bloomberg, 23 August 2013

"According to leaked internal documents from the German Federal Office for Security in Information Technology (BSI) that Die Zeit obtained, IT experts figured out that Windows 8, the touch-screen enabled, super-duper, but sales-challenged Microsoft operating system is outright dangerous for data security. It allows Microsoft to control the computer remotely through a built-in backdoor. Keys to that backdoor are likely accessible to the NSA – and in an unintended ironic twist, perhaps even to the Chinese. The backdoor is called 'Trusted Computing,' developed and promoted by the Trusted Computing Group, founded a decade ago by the all-American tech companies AMD, Cisco, Hewlett-Packard, IBM, Intel, Microsoft, and Wave Systems. Its core element is a chip, the Trusted Platform Module (TPM), and an operating system designed for it, such as Windows 8. Trusted Computing Group has developed the specifications of how the chip and operating systems work together.Its purpose is Digital Rights Management and computer security. The system decides what software had been legally obtained and would be allowed to run on the computer, and what software, such as illegal copies or viruses and Trojans, should be disabled. The whole process would be governed by Windows, and through remote access, by Microsoft. Now there is a new set of specifications out, creatively dubbed TPM 2.0. While TPM allowed users to opt in and out, TPM 2.0 is activated by default when the computer boots up. The user cannot turn it off. Microsoft decides what software can run on the computer, and the user cannot influence it in any way. Windows governs TPM 2.0. And what Microsoft does remotely is not visible to the user. In short, users of Windows 8 with TPM 2.0 surrender control over their machines the moment they turn it on for the first time. It would be easy for Microsoft or chip manufacturers to pass the backdoor keys to the NSA and allow it to control those computers. NO, Microsoft would never do that, we protest. Alas, Microsoft, as we have learned from the constant flow of revelations, informs the US government of security holes in its products well before it issues fixes so that government agencies can take advantage of the holes and get what they’re looking for."
LEAKED: German Government Warns Key Entities Not To Use Windows 8 – Links The NSA
TestosteronePit, 21 August 2013

"The National Security Agency (NSA) is collecting e-mails and other text communications that are sent internationally or are received from foreign sources, a new report claims. The NSA's e-mail data-collection efforts include both those who communicate with potential overseas targets, as well as anyone who might cite a particular individual or something even partially related to that person, The New York Times reported on Thursday, citing intelligence officials with knowledge of the agency's work. The NSA has long conceded that it's tracking the communications of foreigners who might pose a threat to the U.S. However, the officials' revelation to the Times is the first acknowledgement on the part of the intelligence community that ostensibly innocent communications with people overseas are being collected. According to the Times, the NSA is acting within the legal framework outlined in the FISA Amendments Act of 2008, which paved the way for intelligence officials to monitor domestic communication without a warrant as long as the individual they were targeting was not a U.S. citizen. The sources also confirmed to the Times that no voice communication is intercepted as part of this data-collection."
NSA taps into e-mail, text communication to and from U.S. -- report
CNet News, 8 August 2013

"The news media fell down on the job of acting as a restraint against excess government power after the 9/11 terrorist attacks, Edward Snowden says in an interview with The New York Times Magazine published Tuesday. 'After 9/11, many of the most important news outlets in America abdicated their role as a check to power — the journalistic responsibility to challenge the excesses of government — for fear of being seen as unpatriotic and punished in the market during a period of heightened nationalism,' said Snowden, the former National Security Agency contractor who created a worldwide storm of controversy with his leaks about the U.S. government's top-secret data collection program. 'From a business perspective, this was the obvious strategy, but what benefited the institutions ended up costing the public dearly. The major outlets are still only beginning to recover from this cold period.' Snowden fled to Russia to avoid prosecution for his information leaks, which were first reported by The Washington Post and The Guardian newspapers. He has been granted asylum by Moscow for at least a year, to the anger and frustration of the Obama administration. He told the Times magazine he was amazed to learn while his disclosures were being turned into stories that journalists didn't realize the extent to which they were being monitored by the government. 'I was surprised to realize there were people in news organizations who didn’t recognize any unencrypted message sent over the Internet is being delivered to every intelligence service in the world,' Snowden said. 'In the wake of this year’s disclosures, it should be clear that unencrypted journalist-source communication is unforgivably reckless.'"
Snowden: US Media 'Abdicated Role' of Government Watchdog After 9/11
Newsmax, 13 August 2013

"It would be passing strange to expect that the tendency of bureacracies to look after their own interests rather than those of their customers applies to nationalised industries and quangos in the public eye, but not at all to spy agencies living behind a wall of secrecy. Even if you think the police and the security services do a good job, you must concede they also generally love a bit of mission creep, power accretion, threat exaggeration, budget maximisation and spin. Their obsession with sttopping the Snowden leaks has more to do with avoiding bureacratic embarrassment than securing our safety.... The problem, I find, with this topic is that if entirely depends on how necessary the powers given to the police and security services under Tony Blair are to avert serious threats to our safety. And that is something we mortals can never know. The suspicion that they have become an excuse for tyranny therefore lingers."
Matt Ridley - Why I'm torn between freedom and security
London Times, 22 August 2013, Print Edition, P31

"The National Security Agency bugged the UN's headquarters in New York and other major organisations, according to reports. Citing secret US documents obtained by former intelligence contractor Edward Snowden, Germany's Der Spiegel newspaper said the files showed the US systematically spied on other states and institutions. The report said the European Union and the UN's Vienna-based nuclear watchdog, the International Atomic Energy Agency (IEAA), was also among those targeted by intelligence agents. According to one of the documents, NSA experts succeeded in getting into the UN video conferencing system and cracking its coding in 2012. The document said: 'The data traffic gives us internal video teleconferences of the United Nations (yay!).' According to the documents, the NSA ran a bugging programme in more than 80 embassies and consulates worldwide called the Special Collection Service. Der Spiegel wrote: 'The surveillance is intensive and well-organised and has little or nothing to do with warding off terrorists.' Snowden's leaks have embarrassed the US by exposing the global extent of its surveillance programmes.'"
NSA Bugged UN Headquarters In New York
Sky, 26 August 2013

"Britain runs a secret internet-monitoring station in the Middle East to intercept and process vast quantities of emails, telephone calls and web traffic on behalf of Western intelligence agencies, The Independent has learnt. The station is able to tap into and extract data from the underwater fibre-optic cables passing through the region. The data-gathering operation is part of a £1bn internet project still being assembled by GCHQ. It is part of the surveillance and monitoring system, code-named 'Tempora', whose wider aim is the global interception of digital communications, such as emails and text messages. Across three sites, communications – including telephone calls – are tracked both by satellite dishes and by tapping into underwater fibre-optic cables.... The Independent is not revealing the precise location of the station but information on its activities was contained in the leaked documents obtained from the NSA by Edward Snowden.....The Maryland headquarters of the NSA and the Defence Department in Washington have pushed for greater co-operation and technology sharing between US and UK intelligence agencies. The Middle East station was set up under a warrant signed by the then Foreign Secretary David Miliband, authorising GCHQ to monitor and store for analysis data passing through the network of fibre-optic cables that link up the internet around the world. The certificate authorised GCHQ to collect information about the 'political intentions of foreign powers', terrorism, proliferation, mercenaries and private military companies, and serious financial fraud. However, the certificates are reissued every six months and can be changed by ministers at will. GCHQ officials are then free to target anyone who is overseas or communicating from overseas without further checks or controls if they think they fall within the terms of a current certificate. The precise budget for this expensive covert technology is regarded as sensitive by the Ministry of Defence and the Foreign Office. However, the scale of Middle East operation, and GCHQ’s increasing use of sub-sea technology to intercept communications along high-capacity cables, suggest a substantial investment. Intelligence sources have denied the aim is a blanket gathering of all communications, insisting the operation is targeted at security, terror and organised crime."
Exclusive: UK’s secret Mid-East internet surveillance base is revealed in Edward Snowden leaks
Independent, 23 August 2013

"Two great forces are now in fierce but unresolved contention. The material revealed by Edward Snowden through the Guardian and the Washington Post is of a wholly different order from WikiLeaks and other recent whistle-blowing incidents. It indicates not just that the modern state is gathering, storing and processing for its own ends electronic communication from around the world; far more serious, it reveals that this power has so corrupted those wielding it as to put them beyond effective democratic control. It was not the scope of NSA surveillance that led to Snowden's defection. It was hearing his boss lie to Congress about it for hours on end. Last week in Washington, Congressional investigators discovered that the America's foreign intelligence surveillance court, a body set up specifically to oversee the NSA, had itself been defied by the agency 'thousands of times'. It was victim to 'a culture of misinformation' as orders to destroy intercepts, emails and files were simply disregarded... The American (or Anglo-American?) surveillance industry has grown so big by exploiting laws to combat terrorism that it is as impossible to manage internally as it is to control externally. It cannot sustain its own security. Some two million people were reported to have had access to the WikiLeaks material disseminated by Bradley Manning from his Baghdad cell. Snowden himself was a mere employee of a subcontractor to the NSA, yet had full access to its data. The thousands, millions, billions of messages now being devoured daily by US data storage centres may be beyond the dreams of Space Odyssey's HAL 9000. But even HAL proved vulnerable to human morality. Manning and Snowden cannot have been the only US officials to have pondered blowing a whistle on data abuse. There must be hundreds more waiting in the wings – and always will be.... at least Congress has put the US director of national intelligence, James Clapper, under severe pressure. Even President Barack Obama has welcomed the debate and accepted that the Patriot Act may need revision. In Britain, there has been no such response. GCHQ could boast to its American counterpart of its 'light oversight regime compared to the US'. Parliamentary and legal control is a charade, a patsy of the secrecy lobby. The press, normally robust in its treatment of politicians, seems cowed by a regime of informal notification of 'defence sensitivity'. This D-Notice system used to be confined to cases where the police felt lives to be at risk in current operations. In the case of Snowden the D-Notice has been used to warn editors off publishing material potentially embarrassing to politicians and the security services under the spurious claim that it 'might give comfort to terrorists'. Most of the British press (though not the BBC, to its credit) has clearly felt inhibited.... it remains worrying that many otherwise liberal-minded Britons seem reluctant to take seriously the abuses revealed in the nature and growth of state surveillance. The arrogance of this abuse is now widespread. The same police force that harassed Miranda for nine hours at Heathrow is the one recently revealed as using surveillance to blackmail Lawrence family supporters and draw up lists of trouble-makers to hand over to private contractors. We can see where this leads."
Simon Jenkins, former editor of the London Times
So the innocent have nothing to fear? After David Miranda we now know where this leads
Guardian, 20 August 2013

"At least 100 people were victims of private investigators involved in the ‘blue-chip’ hacking scandal, police have admitted. As the first details of the true scale of the scandal emerged, an MP said it was likely to be just ‘the tip of the iceberg’. The figure was revealed in a letter from the Serious Organised Crime Agency to MPs on the home affairs committee, which is investigating the illegal activities of private eyes employed by leading non-media companies."
At least a HUNDRED victims have been hacked by private investigators working for blue-chip companies
Mail, 21 August 2013

"Worldwide internet traffic plunged by about 40 per cent as Google services suffered an 'unprecedented' black-out, web experts have revealed. The tech company said all of its services from Google Search to Gmail to YouTube to Google Drive went down for between one and five minutes last night but it refused to elaborate on the reasons why. According to web analytics firm GoSquared, global internet traffic fell by around 40% during the black-out, reflecting Google's massive grip on the web. 'That’s huge,' GoSquared developer Simon Tabor told Sky News. 'As internet users, our reliance on Google.com being up is huge."
Internet apocalypse: Google blackout sees global web traffic plunge by 40 per cent
Mail, 18 August 2013

"A secret plan to sell confidential medical records to private companies for as little as £1 has been drawn up by officials. From next month, GPs will start sending detailed NHS patient records to a central database for the first time under the new General Practice Extraction Service (GPES). Yet doctors do not have to tell patients about the project, described by campaigners as an ‘unprecedented threat’ to medical confidentiality. The records – held for every person registered with a GP – will contain details of medical conditions, as well as ‘identifiable’ information including a patient’s NHS number, postcode and date of birth. Private firms such as Bupa can then apply to the Health Service to buy and use data from the records for research."
Your confidential medical records for sale... at just £1
Mail, 18 August 2013

"There is no longer any doubt that Director of National Intelligence James Clapper lied to Congress. Likewise, there is no doubt that his lie runs afoul of federal law. And, of course, there is no doubt that in terms of its implications for oversight, constitutional precepts and privacy for millions of Americans, his lies were far more serious than those that have gotten other people prosecuted for perjury. The question now is whether his brazen dishonesty will become a political issue — or whether it will simply disappear into the ether. As evidenced by President Obama this week attempting to promote Clapper to head an 'independent' NSA reform panel, the White House clearly believes it will be the latter. But a set of new polls out today suggests such a calculation may be wrong. Commissioned by the Progressive Change Campaign Committee and Credo and conducted by Public Policy Polling in five ideologically diverse states, the surveys find that huge majorities want Clapper prosecuted. The question posed to respondents was: 'Edward Snowden revealed that the Director of National Intelligence lied to Congress about whether the government was collecting millions of phone and Internet records from ordinary Americans. The Director has since admitted he did not tell the truth. Do you think the Director of National Intelligence should be prosecuted for perjury?' In the Democratic states of California and Hawaii, 54 percent and 58 percent of voters, respectively, want him prosecuted. In middle-of-the-road Iowa, it’s 65 percent. And in Republican Texas and Kentucky, it is 68 percent and 69 percent, respectively. These are particularly striking numbers because the 'not sure' numbers are relatively small. Oftentimes, Washington scandals have a Las Vegas-style quality to them in that what happens in D.C. stays in D.C. That often means voters don’t have strong feelings about a controversy — or don’t feel informed enough to have a strong opinion. But in this case, the polls show relatively few voters expressing such a sentiment. That suggests not only that the NSA story has seeped into the national consciousness, but also that people are specifically aware of — and disgusted by — the rampant lying by the Obama administration."
Huge majority wants Clapper prosecuted for perjury
Salon.com, 15 August 2013

"A majority of U.S. registered voters consider Edward Snowden a whistle-blower, not a traitor, and a plurality says government anti-terrorism efforts have gone too far in restricting civil liberties, a poll released today shows. Fifty-five percent said Snowden was a whistle-blower in leaking details about top-secret U.S. programs that collect telephone and Internet data, in the survey from Hamden, Connecticut-based Quinnipiac University. Thirty-four percent said he’s a traitor. Snowden, 30, worked for McLean, Virginia-based federal contractor Booz Allen Hamilton Holding Corp. (BAH). The poll also showed that by 45 percent to 40 percent, respondents said the government goes too far in restricting civil liberties as part of the war on terrorism. That was a reversal from January 2010, when in a similar survey 63 percent said anti-terrorism activities didn’t go far enough to protect the U.S. from attacks, compared with 25 percent who disagreed. 'The massive swing in public opinion about civil liberties and governmental anti-terrorism efforts, and the public view that Edward Snowden is more whistle-blower than traitor, are the public reaction and apparent shock at the extent to which the government has gone in trying to prevent future terrorist incidents,' said Peter Brown, assistant director of Quinnipiac’s polling institute. The view of Snowden as a whistle-blower rather than traitor predominated among almost every group of respondents broken down by party, gender, income, education and age. Black voters were the lone exception, with 43 percent calling Snowden a traitor compared with 42 percent saying he was a whistle-blower."
Snowden Seen as Whistle-Blower by Majority in New Poll
Bloomberg, 10 July 2013

"Senators Mark Udall and Ron Wyden, who serve on the U.S. Senate Select Committee on Intelligence, issued the following statement regarding reports that the NSA has violated rules intended to protect Americans' privacy rights: 'The executive branch has now confirmed that the rules, regulations and court-imposed standards for protecting the privacy of Americans have been violated thousands of times each year. We have previously said that the violations of these laws and rules were more serious than had been acknowledged, and we believe Americans should know that this confirmation is just the tip of a larger iceberg.'"
Udall, Wyden Issue Statement on Reports of Compliance Violations Made Under NSA Collection Programs
Official Website of Mark Udall, 16 August 2013

"German companies believe the US now poses almost as big a risk as China when it comes to industrial espionage and data theft, a survey has revealed. The startling finding of a survey of 400 companies conducted in mid-July underscores the shift in German public and business opinion caused by revelations about US surveillance activities. Some 26 per cent of German managers, IT and security professionals described the US as a high-risk place for industrial espionage and data theft, according to the survey commissioned by EY, the consultancy. This was second only to the 28 per cent of respondents who view China as a particularly high-risk country for industrial espionage. Russia was ranked third, with 12 per cent saying it posed a significant risk. When they were asked the same question two years ago only 6 per cent of German companies described the US as a high-risk centre for industrial espionage and data theft. High quality global journalism requires investment. US surveillance has become a core issue in Germany’s election campaign following disclosures about Prism, the US data mining programme, and reports in Der Spiegel, the German magazine, that the US has spied on EU offices and is obtaining around 500m pieces of metadata a month from Germany. .... The US says its cyber activities are focused on combating terrorism and do not target companies, in contrast to China, which Washington accuses of cyber snooping to obtain corporate secrets. These assurances do not appear to have convinced a significant portion of Germany’s business community. Germany’s dependence on high-tech exports means the protection of patents and intellectual property are of perennial concern. Modern Germany’s tolerance of mass surveillance is also far lower than in other countries because of their experience of Nazism and East Germany’s Stasi secret police. .... there are signs that disclosures made by Edward Snowden, the former NSA official turned whistleblower, are affecting the cloud computing industry, which involves storage of data and software on huge external servers rather than local hard drives. A separate survey carried out last month by the Cloud Security Alliance, a trade body, found that 10 per cent of non-US members had cancelled plans to use a US-based cloud provider. Some 56 per cent said they would be less likely to use a US cloud company in future."
Germans’ fear of American spying surges
Financial Times, 5 August 2013

"Fear of being snooped on by the US secret service would see mobile phones banned from cabinet meetings if the opposition wins September's election, Chancellor Angela Merkel's rival said on Tuesday. Chancellor candidate Peer Steinbrück of the Social Democratic Party (SPD) told Berlin's Tagesspiegel newspaper he will ban politicians from having mobile phones in cabinet meetings if he is handed Germany's reins after the upcoming election. 'It is unthinkable that we would run the risk of being eavesdropped through our mobile phones,' he told the newspaper. His comments come as Chancellor Angela Merkel called on the US to adopt more stringent data protection laws equivalent to those in the EU. Yet as US intelligence services operate outside of EU law, limiting what they listen to or how remains beyond German control."
Spying fears prompt talk of cabinet phone ban
The Local (Germany), 6 August 2013

"While online data storage services claim your data is encrypted, there are no guarantees. With recent revelations that the federal government taps into the files of Internet search engines, email and cloud service providers, any myth about data 'privacy' on the Internet has been busted. Experts say there's simply no way to ever be completely sure your data will remain secure once you've moved it to the cloud. 'You have no way of knowing. You can't trust anybody. Everybody is lying to you,' said security expert Bruce Schneier. 'How do you know which platform to trust? They could even be lying because the U.S. government has forced them to.' While providers of email, chat, social network and cloud services often claim -- even in their service agreements -- that the data they store is encrypted and private, most often they -- not you -- are the ones who hold the keys. That means a rogue employee or any government 'legally' requesting encryption keys can decrypt and see your data. Even when service providers say only customers can generate and maintain their own encryption keys, Schneier said there's no way to be sure others won't be able to gain access."
No, your data isn't secure in the cloud
Computerworld, 13 August 2013

"This brings us closer to having phones that continually monitor their auditory environment to detect the phone owner’s voice, discern what room or other setting the phone is in, or pick up other clues from background noise. Such capacities make it possible for software to detect your moods, know when you are talking and not to disturb you, and perhaps someday keep a running record of everything you hear.... How far could this go? Much will depend on the willingness of phone owners to let their apps transmit audio of their environments over the wireless network. People skittish about surveillance might have second thoughts."
The Era of Ubiquitous Listening Dawns
Technologyreview, 8 August 2013

"Fear not, says the NSA, we 'touch' only 1.6% of daily internet traffic. If, as they say, the net carries 1,826 petabytes of information per day, then the NSA 'touches' about 29 petabytes a day. .... Keep in mind that most of the data passing on the net is not email or web pages. It's media. According to Sandvine data (pdf) for the US fixed net from 2013, real-time entertainment accounted for 62% of net traffic, P2P file-sharing for 10.5%. The NSA needn't watch all those episodes of Homeland (or maybe they should) or listen to all that Coldplay – though, I'm sure the RIAA and MPAA are dying to know what the NSA knows about who's 'stealing' what, since that 'stealing' allegedly accounts for 23.8% of net traffic. HTTP – the web – accounts for only 11.8% of aggregated and download traffic in the US, Sandvine says. Communications – the part of the net the NSA really cares about – accounts for 2.9% in the US. So, by very rough, beer-soaked-napkin numbers, the NSA's 1.6% of net traffic would be half of the communication on the net. That's one helluva lot of 'touching'. Keep in mind that, by one estimate, 68.8% of email is spam."
How much data the NSA really gets
Guardian, 13 August 2013

"A second secret list of clients who used corrupt private investigators lies hidden under lock and key in a Scotland Yard archive. Three wealthy businessmen were jailed for using Active Investigation Services (AIS), but scores of businesses and individuals who hired the firm, run by former police officers, escaped prosecution when the inquiry — which led to the seizure of 60 computers containing more than a million e-mails — was wound up in 2007. Questions about the case have surfaced amid growing concern that private and business clients have not been investigated with the same rigour as police have pursued journalists..."
List of clients who used corrupt private eyes may have been ‘swept under the carpet’
London Times, 3 August 2013

"Some of the world's leading telecoms firms, including BT and Vodafone, are secretly collaborating with Britain's spy agency GCHQ, and are passing on details of their customers' phone calls, email messages and Facebook entries, documents leaked by the whistleblower Edward Snowden show. BT, Vodafone Cable, and the American firm Verizon Business – together with four other smaller providers – have given GCHQ secret unlimited access to their network of undersea cables. The cables carry much of the world's phone calls and internet traffic. In June the Guardian revealed details of GCHQ's ambitious data-hoovering programmes, Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. It emerged GCHQ was able to tap into fibre-optic cables and store huge volumes of data for up to 30 days. That operation, codenamed Tempora, has been running for 20 months. On Friday Germany's Süddeutsche newspaper published the most highly sensitive aspect of this operation – the names of the commercial companies working secretly with GCHQ, and giving the agency access to their customers' private communications. The paper said it had seen a copy of an internal GCHQ powerpoint presentation from 2009 discussing Tempora. The document identified for the first time which telecoms companies are working with GCHQ's "special source" team. It gives top secret codenames for each firm, with BT ("Remedy"), Verizon Business ("Dacron"), and Vodafone Cable ("Gerontic"). The other firms include Global Crossing ("Pinnage"), Level 3 ("Little"), Viatel ("Vitreous") and Interoute ("Streetcar"). The companies refused to comment on any specifics relating to Tempora, but several noted they were obliged to comply with UK and EU law. The revelations are likely to dismay GCHQ and Downing Street, who are fearful that BT and the other firms will suffer a backlash from customers furious that their private data and intimate emails have been secretly passed to a government spy agency. In June a source with knowledge of intelligence said the companies had no choice but to co-operate in this operation. They are forbidden from revealing the existence of warrants compelling them to allow GCHQ access to the cables."
BT and Vodafone among telecoms companies passing details to GCHQ
Guardian, 2 August 2013

"The US government has paid at least £100m to the UK spy agency GCHQ over the last three years to secure access to and influence over Britain's intelligence gathering programmes. The top secret payments are set out in documents which make clear that the Americans expect a return on the investment, and that GCHQ has to work hard to meet their demands. 'GCHQ must pull its weight and be seen to pull its weight,' a GCHQ strategy briefing said. The funding underlines the closeness of the relationship between GCHQ and its US equivalent, the National Security Agency. But it will raise fears about the hold Washington has over the UK's biggest and most important intelligence agency, and whether Britain's dependency on the NSA has become too great. In one revealing document from 2010, GCHQ acknowledged that the US had 'raised a number of issues with regards to meeting NSA's minimum expectations'. It said GCHQ 'still remains short of the full NSA ask'. Ministers have denied that GCHQ does the NSA's 'dirty work', but in the documents GCHQ describes Britain's surveillance laws and regulatory regime as a 'selling point' for the Americans. The papers are the latest to emerge from the cache leaked by the American whistleblower Edward Snowden, the former NSA contractor who has railed at the reach of the US and UK intelligence agencies. Snowden warned about the relationship between the NSA and GCHQ, saying the organisations have been jointly responsible for developing techniques that allow the mass harvesting and analysis of internet traffic. 'It's not just a US problem,' he said. 'They are worse than the US.' As well as the payments, the documents seen by the Guardian reveal: • GCHQ is pouring money into efforts to gather personal information from mobile phones and apps, and has said it wants to be able to 'exploit any phone, anywhere, any time'. • Some GCHQ staff working on one sensitive programme expressed concern about 'the morality and ethics of their operational work, particularly given the level of deception involved'. • The amount of personal data available to GCHQ from internet and mobile traffic has increased by 7,000% in the past five years – but 60% of all Britain's refined intelligence still appears to come from the NSA....The details of the NSA payments, and the influence the US has over Britain, are set out in GCHQ's annual 'investment portfolios'. The papers show that the NSA gave GCHQ £22.9m in 2009. The following year the NSA's contribution increased to £39.9m, which included £4m to support GCHQ's work for Nato forces in Afghanistan, and £17.2m for the agency's Mastering the Internet project, which gathers and stores vast amounts of 'raw' information ready for analysis. The NSA also paid £15.5m towards redevelopments at GCHQ's sister site in Bude, north Cornwall, which intercepts communications from the transatlantic cables that carry internet traffic. 'Securing external NSA funding for Bude has protected (GCHQ's core) budget,' the paper said. In 2011/12 the NSA paid another £34.7m to GCHQ. The papers show the NSA pays half the costs of one of the UK's main eavesdropping capabilities in Cyprus. In turn, GCHQ has to take the American view into account when deciding what to prioritise. A document setting out GCHQ's spending plans for 2010/11 stated: 'The portfolio will spend money supplied by the NSA and UK government departments against agreed requirements.'"
Exclusive: NSA pays £100m in secret funding for GCHQ
Guardian, 1 August 2013

"Earlier, we reported the personal narrative of Michele Catalano who recounted how one day she found herself face to face with six agents from the joint terrorism task force. The reason? 'Our seemingly innocent, if curious to a fault, Googling of certain things was creating a perfect storm of terrorism profiling. Because somewhere out there, someone was watching. Someone whose job it is to piece together the things people do on the internet raised the red flag when they saw our search history.' The answer of 'who' was watching should be far clearer in the aftermath of the Snowden revelations from the past two months. But instead of rehashing the old story of the NSA intercepting and recording virtually every form of electronic communication that exists, or ruminating on what filters Ms. Catalano triggered to lead to this truly disturbing outcome, perhaps a better question is just what is it that Google knows about each and everyone who uses its interface daily, which in this day and age means everyone with a computer. As it turns out, pretty much everything. Here is the thought, and not so 'thought' experiment that the WSJ's Tom Gara ran yesterday, before Ms. Catalano's story had hit, to uncover just how rich his informational tapestry is in the repositories of the firm that once upon a time urged itself, rhetorically, to 'not be evil.'...."
What Google Knows About You
Zero Hedge, 1 August 2013

"The United States were, at that time, using satellites to spy on American citizens. At that time, it was news organizations, the State Department, including Colin Powell, and an awful lot of senior military people and industrial types. This was in 2002-2003 time frame. The NSA were targeting individuals. In that case, they were judges like the Supreme Court. I held in my hand Judge Alito's targeting information for his phones and his staff and his family.... they are collecting everything, contents word for word, everything of every domestic communication in this country."
Russell Tice, former NSA analyst
NSA Collects 'Word for Word' Every Domestic Communication, Says Former Analyst
PBS Newshour, 1 August 2013

"... that's why they had to build Bluffdale, that facility in Utah with that massive amount of storage that could store all these recordings and all the data being passed along the fiberoptic networks of the world. I mean, you could store 100 years of the world's communications here. That's for content storage. That's not for metadata. Metadata if you were doing it and putting it into the systems we built, you could do it in a 12-by-20-foot room for the world. That's all the space you need. You don't need 100,000 square feet of space that they have at Bluffdale to do that. You need that kind of storage for content."
William Binney, former NSA mathematician
NSA Collects 'Word for Word' Every Domestic Communication, Says Former Analyst
PBS Newshour, 1 August 2013

"Law-enforcement officials in the U.S. are expanding the use of tools routinely used by computer hackers to gather information on suspects, bringing the criminal wiretap into the cyber age. Federal agencies have largely kept quiet about these capabilities, but court documents and interviews with people involved in the programs provide new details about the hacking tools, including spyware delivered to computers and phones through email or Web links—techniques more commonly associated with attacks by criminals.... Surveillance technologies are coming under increased scrutiny after disclosures about data collection by the National Security Agency. The NSA gathers bulk data on millions of Americans, but former U.S. officials say law-enforcement hacking is targeted at very specific cases and used sparingly. Still, civil-liberties advocates say there should be clear legal guidelines to ensure hacking tools aren't misused. 'People should understand that local cops are going to be hacking into surveillance targets,' said Christopher Soghoian, principal technologist at the American Civil Liberties Union. 'We should have a debate about that.'"
Wall St Journal, 1 August 2013

"When NSA Director [General] Keith Alexander appeared at the Las Vegas security conference Black Hat Wednesday morning, he hoped to mend the NSA’s reputation in the eyes of thousands of the conference’s hackers and security professionals. It didn’t go exactly as planned. Alexander was about a half hour into his talk when a 30-year-old security consultant named Jon McCoy shouted 'Freedom!' 'Exactly,' responded Alexander. 'We stand for freedom.' 'Bulls**t!' McCoy shouted. 'Not bad,' Alexander said, as applause broke out in the crowd. 'But I think what you’re saying is that in these cases, what’s the distinction, where’s the discussion and what tools do we have to stop this.' 'No, I’m saying I don’t trust you!' shouted McCoy. 'You lied to Congress. Why would people believe you’re not lying to us right now?' another voice in the crowd added.... 'The whole reason I came here was to ask you to help you to help us make it better,' said the general. 'And if you disagree with what we’re doing, you should help us twice as much.' 'Read the constitution!' shouted McCoy in one last heckle."
NSA Director Heckled At Conference As He Asks For Security Community's Understanding
Forbes, 31 July 2013

"A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden. The NSA boasts in training materials that the program, called XKeyscore, is its 'widest-reaching' system for developing intelligence from the internet. The latest revelations will add to the intense public and congressional debate around the extent of NSA surveillance programs..... The files shed light on one of Snowden's most controversial statements, made in his first video interview published by the Guardian on June 10. 'I, sitting at my desk,' said Snowden, could 'wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email'. US officials vehemently denied this specific claim. Mike Rogers, the Republican chairman of the House intelligence committee, said of Snowden's assertion: 'He's lying. It's impossible for him to do what he was saying he could do.' But training materials for XKeyscore detail how analysts can use it and other systems to mine enormous agency databases by filling in a simple on-screen form giving only a broad justification for the search. The request is not reviewed by a court or any NSA personnel before it is processed. XKeyscore, the documents boast, is the NSA's 'widest reaching' system developing intelligence from computer networks – what the agency calls Digital Network Intelligence (DNI). One presentation claims the program covers 'nearly everything a typical user does on the internet', including the content of emails, websites visited and searches, as well as their metadata. Analysts can also use XKeyscore and other NSA systems to obtain ongoing 'real-time' interception of an individual's internet activity. Under US law, the NSA is required to obtain an individualized Fisa warrant only if the target of their surveillance is a 'US person', though no such warrant is required for intercepting the communications of Americans with foreign targets. But XKeyscore provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst. The purpose of XKeyscore is to allow analysts to search the metadata as well as the content of emails and other internet activity, such as browser history, even when there is no known email account (a 'selector' in NSA parlance) associated with the individual being targeted. Analysts can also search by name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used....A slide entitled 'plug-ins' in a December 2012 document describes the various fields of information that can be searched. It includes 'every email address seen in a session by both username and domain', 'every phone number seen in a session (eg address book entries or signature block)' and user activity – 'the webmail and chat activity to include username, buddylist, machine specific cookies etc'. In a second Guardian interview in June, Snowden elaborated on his statement about being able to read any individual's email if he had their email address. He said the claim was based in part on the email search capabilities of XKeyscore, which Snowden says he was authorized to use while working as a Booz Allen contractor for the NSA. One top-secret document describes how the program 'searches within bodies of emails, webpages and documents', including the 'To, From, CC, BCC lines' and the 'Contact Us' pages on websites'. To search for emails, an analyst using XKS enters the individual's email address into a simple online search form, along with the 'justification' for the search and the time period for which the emails are sought. The analyst then selects which of those returned emails they want to read by opening them in NSA reading software. The system is similar to the way in which NSA analysts generally can intercept the communications of anyone they select, including, as one NSA document put it, 'communications that transit the United States and communications that terminate in the United States'. One document, a top secret 2010 guide describing the training received by NSA analysts for general surveillance under the Fisa Amendments Act of 2008, explains that analysts can begin surveillance on anyone by clicking a few simple pull-down menus designed to provide both legal and targeting justifications. Once options on the pull-down menus are selected, their target is marked for electronic surveillance and the analyst is able to review the content of their communications...An NSA tool called DNI Presenter, used to read the content of stored emails, also enables an analyst using XKeyscore to read the content of Facebook chats or private messages. An analyst can monitor such Facebook chats by entering the Facebook user name and a date range into a simple search screen. Analysts can search for internet browsing activities using a wide range of information, including search terms entered by the user or the websites viewed. As one slide indicates, the ability to search HTTP activity by keyword permits the analyst access to what the NSA calls 'nearly everything a typical user does on the internet'. The XKeyscore program also allows an analyst to learn the IP addresses of every person who visits any website the analyst specifies. The quantity of communications accessible through programs such as XKeyscore is staggeringly large. One NSA report from 2007 estimated that there were 850bn 'call events' collected and stored in the NSA databases, and close to 150bn internet records. Each day, the document says, 1-2bn records were added. William Binney, a former NSA mathematician, said last year that the agency had 'assembled on the order of 20tn transactions about US citizens with other US citizens', an estimate, he said, that 'only was involving phone calls and emails'. A 2010 Washington Post article reported that 'every day, collection systems at the [NSA] intercept and store 1.7bn emails, phone calls and other type of communications.' The XKeyscore system is continuously collecting so much internet data that it can be stored only for short periods of time. Content remains on the system for only three to five days, while metadata is stored for 30 days. One document explains: 'At some sites, the amount of data we receive per day (20+ terabytes) can only be stored for as little as 24 hours.' To solve this problem, the NSA has created a multi-tiered system that allows analysts to store 'interesting' content in other databases, such as one named Pinwale which can store material for up to five years. It is the databases of XKeyscore, one document shows, that now contain the greatest amount of communications data collected by the NSA. In 2012, there were at least 41 billion total records collected and stored in XKeyscore for a single 30-day period..... all communications between Americans and someone on foreign soil are included in the same databases as foreign-to-foreign communications, making them readily [i.e. legally] searchable without warrants.".
XKeyscore: NSA tool collects 'nearly everything a user does on the internet'
Guardian, 31 July 2013

"Intelligence officials today released top secret internal briefings they had provided to members of Congress that outline the dragnet phone call metadata surveillance program lawmakers secretly knew about but could not tell Americans when publicly voting for it. The disclosure of the classified documents back assertions from the government, and even some members of Congress, that lawmakers were well in the loop of the dragnet surveillance program disclosed by the Guardian newspaper last month based on secret documents from National Security Agency leaker Edward Snowden. Yet lawmakers were prohibited from publicly discussing the classified program, although the House and Senate subsequently authorized the dragnet in public votes on at least two occasions without the general public’s knowledge. The release of the documents is intended to allay concerns that the Obama administration was overstepping its legal authority in carrying out the spy program, which is now under attack in courtrooms from San Francisco to the District of Columbia. It could also be that the NSA is feeling lonely in taking all the heat for the surveillance, and wants to bring its congressional co-conspirators into the party."
Declassified Memos Confirm Dragnet Phone Surveillance Program Was No Secret From Congress
Wired, 31 July 2013

"Students at the University of Texas have used a James Bond-style custom-made GPS device to divert an $80 million yacht from its course, highlighting a potential threat to maritime travel. The effort was led by graduate students from the Cockrell School of Engineering at the end of June. It is known as 'spoofing,' meaning sending false signals to gain control of a vessel's GPS receivers. The students, led by professor Todd Humphreys, used a device to divert the White Rose Of Drachs from its original course by sending the fabricated data. It was done without the ship's navigational system detecting the intrusion. On this occasion the crew had been told what was being attempted. The experiment, announced Monday, was conducted on June 30 as the yacht travelled the Mediterranean Sea."
U.S. students fake GPS signal and take control of an $80million 213-foot superyacht in the Mediterranean
Mail, 30 July 2013

"Numerous polls taken since our reporting on previously secret NSA activities first began have strongly suggested major public opinion shifts in how NSA surveillance and privacy are viewed. But a new comprehensive poll released over the weekend weekend by Pew Research provides the most compelling evidence yet of how stark the shift is. Among other things, Pew finds that 'a majority of Americans – 56% – say that federal courts fail to provide adequate limits on the telephone and internet data the government is collecting as part of its anti-terrorism efforts. And 'an even larger percentage (70%) believes that the government uses this data for purposes other than investigating terrorism.' Moreover, '63% think the government is also gathering information about the content of communications.' That demonstrates a decisive rejection of the US government's three primary defenses of its secret programs: there is adequate oversight; we're not listening to the content of communication; and the spying is only used to Keep You Safe™. But the most striking finding is this one: 'Overall, 47% say their greater concern about government anti-terrorism policies is that they have gone too far in restricting the average person's civil liberties, while 35% say they are more concerned that policies have not gone far enough to protect the country. This is the first time in Pew Research polling that more have expressed concern over civil liberties than protection from terrorism since the question was first asked in 2004.'"
Glenn Greenwald - Major opinion shifts, in the US and Congress, on NSA surveillance and privacy
Guardian, Comment Is Free, 29 July 2013

"Today on 'This Week,' Glenn Greenwald – the reporter who broke the story about the National Security Agency’s surveillance programs – claimed that those NSA programs allowed even low-level analysts to search the private emails and phone calls of Americans. 'The NSA has trillions of telephone calls and emails in their databases that they’ve collected over the last several years,' Greenwald told ABC News’ George Stephanopoulos. 'And what these programs are, are very simple screens, like the ones that supermarket clerks or shipping and receiving clerks use, where all an analyst has to do is enter an email address or an IP address, and it does two things. It searches that database and lets them listen to the calls or read the emails of everything that the NSA has stored, or look at the browsing histories or Google search terms that you’ve entered, and it also alerts them to any further activity that people connected to that email address or that IP address do in the future.' Greenwald explained that while there are 'legal constraints' on surveillance that require approval by the FISA court, these programs still allow analysts to search through data with little court approval or supervision. 'There are legal constraints for how you can spy on Americans,' Greenwald said. 'You can’t target them without going to the FISA court. But these systems allow analysts to listen to whatever emails they want, whatever telephone calls, browsing histories, Microsoft Word documents.' 'And it’s all done with no need to go to a court, with no need to even get supervisor approval on the part of the analyst,' he added."
Glenn Greenwald: Low-Level NSA Analysts Have ‘Powerful and Invasive’ Search Tool
George Stephanopoulos, Blog - 28 July 2013

"A majority of Americans – 56% – say that federal courts fail to provide adequate limits on the telephone and internet data the government is collecting as part of its anti-terrorism efforts. An even larger percentage (70%) believes that the government uses this data for purposes other than investigating terrorism. And despite the insistence by the president and other senior officials that only 'metadata,' such as phone numbers and email addresses, is being collected, 63% think the government is also gathering information about the content of communications – with 27% believing the government has listened to or read their phone calls and emails.... While views of the program itself are mixed, the debate has raised public concern about whether anti-terror programs are restricting civil liberties. Overall, 47% say their greater concern about government anti-terrorism policies is that they have gone too far in restricting the average person’s civil liberties, while 35% say they are more concerned that policies have not gone far enough to protect the country. This is the first time in Pew Research polling that more have expressed concern over civil liberties than protection from terrorism since the question was first asked in 2004."
Few See Adequate Limits on NSA Surveillance Program
Pew Research Center for the People and the Press, 26 July 2013

"The numbers tell the story — in votes and dollars. On Wednesday, the House voted 217 to 205 not to rein in the NSA’s phone-spying dragnet. It turns out that those 217 'no' voters received twice as much campaign financing from the defense and intelligence industry as the 205 'yes' voters. That’s the upshot of a new analysis by MapLight, a Berkeley-based non-profit that performed the inquiry at WIRED’s request. The investigation shows that defense cash was a better predictor of a member’s vote on the Amash amendment than party affiliation. House members who voted to continue the massive phone-call-metadata spy program, on average, raked in 122 percent more money from defense contractors than those who voted to dismantle it.... Of the top 10 money getters, only one House member — Rep. Jim Moran (D-Virginia) — voted to end the program. 'How can we trust legislators to vote in the public interest when they are dependent on industry campaign funding to get elected? Our broken money and politics system forces lawmakers into a conflict of interest between lawmakers’ voters and their donors,' said Daniel G. Newman, MapLight’s president and co-founder. The Guardian newspaper disclosed the phone-metadata spying last month with documents leaked by former NSA contractor Edward Snowden. The House voted 205-217 Wednesday and defeated an amendment to the roughly $600 billion Department of Defense Appropriations Act of 2014 that would have ended authority for the once-secret spy program the White House insisted was necessary to protect national security."
Lawmakers Who Upheld NSA Phone Spying Received Double the Defense Industry Cash
Wired, 26 July 2013

"Police could be forced drastically to scale back their use of ‘Big Brother’ road cameras which record the movements of millions of motorists every day. In a landmark ruling, the privacy watchdog declared that a ring of cameras installed around the quiet market town of Royston in Hertfordshire was unlawful and excessive. Privacy campaigners said yesterday’s ruling would affect every police force in the country and would make them carry out a full audit of the automatic number plate recognition (ANPR) system, a network of 10,000 cameras across the UK. Every day, these record the detailed movements of some 16million motorists. The cameras record the number plate of every vehicle that passes. Police say they allow officers to track criminals in real time as they drive around. But critics say the cameras amount to an ‘automated checkpoint system’. In Royston, police installed seven cameras in 2010 at a cost of £45,000. Cameras operating 24 hours a day on every major road made it impossible for residents to enter or leave the town without their number plates registering on the system. Details of their movements are collected and stored on a giant database, in effect giving police a full record of all significant car journeys by the town’s 16,000 residents. But residents campaigned for the cameras to be removed, and privacy groups complained to the Information Commissioner’s Office. The watchdog ruled that the blanket use of the cameras was excessive and unlawful because it breached the Data Protection Act. Hertfordshire Constabulary was given 90 days to reduce its use of the cameras. In his judgment, Information Commissioner Christopher Graham condemned the police force for failing to justify the extent of the surveillance. He said the chief constable had given ‘no satisfactory explanation for his policy of covering the road network’. Hertfordshire Constabulary had not properly assessed the impact of the cameras on either privacy or crime, the watchdog said. In its ruling – the first time a police force has been ordered to decrease the level of ANPR use – the watchdog warned that the data could be used for ‘purposes other than those originally intended’ and that there was a risk that it could be unlawfully accessed or released... Last night Hertfordshire Constabulary said it intended to carry on using the cameras – and was developing a ‘privacy impact assessment’ to justify their use."
Police could be forced to axe Big Brother road cameras
Mail, 25 July 2013

"The European Commission should suspend agreements that allow European companies to transfer personal data of European citizens to the U.S., the German Conference of Data Protection Commissioners has urged. The Commission, meanwhile, is working on an assessment of the agreements that it will present before the end of the year. Due to the mass surveillance of communications by the U.S. National Security Agency (NSA), U.S. companies can no longer fulfill European requirements for the exchange of personal data, said Germany’s Conference of Data Protection Commissioners in a joint letter sent to German chancellor Angela Merkel that was published on Wednesday. The conference consists of the federal data protection commissioner and the data protection commissioners of the German states. The European Commission’s data protection directive prohibits the transfer of personal data to non-E.U. countries that do not meet E.U. standards for privacy protection. To allow exchange of personal data with U.S. organizations, the U.S. Department of Commerce and the European Commission developed a 'Safe Harbor' framework, allowing E.U. companies to keep exchanging personal information within the bounds of the agreement. Under the Safe Harbor conditions companies, for example, must show that they prevent penetration of their networks, Imke Sommer, the Bremen Commissioner for Data Protection and Freedom of Information said on Thursday. She added, however, that, 'As we know by now there is no safe network, the NSA is watching.' Therefore, the German data protection authorities have asked the Commission to suspend the Safe Harbor agreements and review whether U.S. companies can still comply with them, she said. If the agreements are suspended, that would mean that no European company would be allowed to send personal data to the U.S., Sommer said."
European companies should stop sending data to the US, German privacy officials say
PCWorld, 25 July 2013

"Reports indicate that the NSA is gathering metadata on millions of people in the United States and around the world, targeting diplomatic missions of both friends and foes.... When the Congress and the courts work in secret; when massive amounts of data are collected from Americans and enterprises; when government’s power of intrusion into the lives of ordinary citizens, augmented by the awesome power of advanced technologies, is hugely expanded without public debate or discussion over seven years, then our sense of constitutional process and accountability is deeply offended. Officials insist that the right balance has been struck between security and privacy. But how would we know, when all the decisions have been made in secret, with almost no oversight? Much of this surveillance activity raises sharp questions: Is it necessary to collect and preserve this vast amount of data rather than pursue targeted individuals?... Government, once granted authority, rarely relinquishes it and often expands it. Even if its actions are well intentioned, we must consider the precedent of expansive government power to be used 10, 20 or 50 years hence, when the justification may be less compelling than safeguarding lives."
Thomas Kean and Lee Hamilton - former Chairman and Vice Chairman of the official 9/11 Report
It's time to debate NSA program
Politico, 23 July 2013

"The NSA has a diverse range of surveillance capabilities—from monitoring Google Maps use to sifting through millions of phone call records and spying on Web searches. But it doesn’t end there. The agency can also track down the location of a cellphone even if the handset is turned off, according to a new report. On Monday, the Washington Post published a story focusing on how massively the NSA has grown since the 9/11 attacks. Buried within it, there was a small but striking detail: By September 2004, the NSA had developed a technique that was dubbed 'The Find' by special operations officers. The technique, the Post reports, was used in Iraq and 'enabled the agency to find cellphones even when they were turned off.' This helped identify 'thousands of new targets, including members of a burgeoning al-Qaeda-sponsored insurgency in Iraq,' according to members of the special operations unit interviewed by the Post. It is not explained in the report exactly how this technique worked. But to spy on phones when they are turned off, agencies would usually have to infect the handset with a Trojan that would force it to continue emitting a signal if the phone is in standby mode, unless the battery is removed. In most cases, when you turn your phone off—even if you do not remove the battery—it will stop communicating with nearby cell towers and can be traced only to the location it was in when it was powered down. In 2006, it was reported that the FBI had deployed spyware to infect suspects’ mobile phones and record data even when they were turned off. The NSA may have resorted to a similar method in Iraq, albeit on a much larger scale by infecting thousands of users at one time. Though difficult, the mass targeting of populations with Trojan spyware is possible—and not unheard of. In 2009, for instance, thousands of BlackBerry users in the United Arab Emirates were targeted with spyware that was disguised as a legitimate update. The update drained users’ batteries and was eventually exposed by researchers, who identified that it had apparently been designed by U.S. firm SS8, which sells 'lawful interception' tools to help governments conduct surveillance of communications."
NSA Can Reportedly Track Phones Even When They're Turned Off
Slate, 22 July 2013

"Revelations that the IRS has thoroughly politicized its use of taxpayer information has ominous implications for the National Security Agency's attempts to collect a broader spectrum of data on American citizens. The IRS scandal has expanded from its original focus upon the non-profit office in Cincinnati to presidentially appointed officials in Washington, and from the delay of Tea Party-related non-profit applications for 501(c)4 status to the release of tax information on political candidates....The IRS scandal is instructive about how the federal government could — and likely eventually would — use the broader spectrum of information being collected by the NSA. The IRS scandal involves only tax records, but the NSA collects the full spectrum of electronic information. And officials in charge of the NSA programs already have the same pattern of administration lying and stonewalling that have been revealed in the IRS scandal. The claims by Obama administration officials with regard to warrantless surveillance have a history of dubious reliability at best. Director of National Intelligence James Clapper denied in a March 12, 2013 Senate Select Intelligence Committee hearing that the NSA was collecting data on millions of Americans, perjuring himself on the issue of government surveillance of Americans. Clapper's office, the Office of National Intelligence, issued a press release July 19 noting that a secret FISA court renewed the NSA's warrantless wiretapping program — the same program he flatly denied had existed five months earlier. Although the Obama officials currently claim that it is not collecting the audio of telephone calls, and only call 'metadata' unrelated to the audio transcript, there is virtually no limitation on the Internet traffic being seized by the NSA — e-mails, web traffic, video conferencing, chats, etc. — are all snared. Even assuming it's true that the NSA's PRISM program is not collecting the contents of telephone calls, and the Obama administration is no longer lying to Congress and the public about its surveillance, the NSA may still be collecting the content of telephone calls. Edward Snowden's revelations to the London Guardian revealed that the NSA had other warrantless surveillance programs besides PRISM. The Snowden Powerpoint describes an NSA effort called 'Upstream' in addition to PRISM, the former including several wiretapping programs that were named: Fairview, Stormbrew, Blarney, and Oakstar. Any one of those could also involve the collection of the kind of audio and/or transcript of telephone conversations that PRISM does not officially collect. In other words, because these other programs — and not PRISM — may be the programs collecting telephone audio, it's technically true to claim publicly that PRISM doesn't collect the audio or transcripts of telephone calls."
Cost of Surveillance: What the IRS Scandal Means for NSA Snooping
New American, 21 July 2013

"When Timothy P. Murray crashed his government-issued Ford Crown Victoria in 2011, he was fortunate, as car accidents go. Mr. Murray, then the lieutenant governor of Massachusetts, was not seriously hurt, and he told the police he was wearing a seat belt and was not speeding. But a different story soon emerged. Mr. Murray was driving over 100 miles an hour and was not wearing a seat belt, according to the computer in his car that tracks certain actions. He was given a $555 ticket; he later said he had fallen asleep. The case put Mr. Murray at the center of a growing debate over a little-known but increasingly important piece of equipment buried deep inside a car: the event data recorder, more commonly known as the black box. About 96 percent of all new vehicles sold in the United States have the boxes, and in September 2014, if the National Highway Traffic Safety Administration has its way, all will have them. The boxes have long been used by car companies to assess the performance of their vehicles. But data stored in the devices is increasingly being used to identify safety problems in cars and as evidence in traffic accidents and criminal cases. And the trove of data inside the boxes has raised privacy concerns, including questions about who owns the information, and what it can be used for, even as critics have raised questions about its reliability. ... to consumer advocates, the data is only the latest example of governments and companies having too much access to private information. Once gathered, they say, the data can be used against car owners, to find fault in accidents or in criminal investigations. 'These cars are equipped with computers that collect massive amounts of data,' said Khaliah Barnes of the Electronic Privacy Information Center, a Washington-based consumer group. 'Without protections, it can lead to all kinds of abuse.'... Unlike the black boxes on airplanes, which continually record data including audio and system performance, the cars’ recorders capture only the few seconds surrounding a crash or air bag deployment. A separate device extracts the data, which is then analyzed through computer software. ...But privacy advocates have expressed concern that the data collected will only grow to include a wider time frame and other elements like GPS and location-based services. 'The rabbit hole goes very deep when talking about this stuff,' said Thomas Kowalick, an expert in event data recorders and a former co-chairman of the federal committee that set the standard for black boxes. Today, the boxes have spawned a cottage industry for YouTube videos on how to expunge the data. And Mr. Kowalick, seeing an opportunity, invented a device that safeguards access to in-vehicle electronics networks. It is controlled by the vehicle’s owner with a key and is useful in the event of theft, he said.'
A Black Box for Car Crashes
New York Times, 21 July 2013

"Angela Merkel and her ministers claim they first learned about the US government's comprehensive spying programs from press reports. But SPIEGEL has learned that German intelligence services themselves use one of the NSA's most valuable tools. Germany's foreign intelligence service, the BND, and its domestic intelligence agency, the Federal Office for the Protection of the Constitution (BfV), used a spying program of the American National Security Agency (NSA). This is evident in secret documents from the US intelligence service that have been seen by SPIEGEL journalists. The documents show that the Office for the Protection of the Constitution was equipped with a program called XKeyScore intended to 'expand their ability to support NSA as we jointly prosecute CT (counterterrorism) targets.' The BND is tasked with instructing the domestic intelligence agency on how to use the program, the documents say.... According to an internal NSA presentation from 2008, the program is a productive espionage tool. Starting with the metadata -- or information about which data connections were made and when -- it is able, for instance, to retroactively reveal any terms the target person has typed into a search engine, the documents show. In addition, the system is able to receive a 'full take' of all unfiltered data over a period of several days -- including, at least in part, the content of communications. This is relevant from a German perspective, because the documents show that of the up to 500 million data connections from Germany accessed monthly by the NSA, a major part is collected with XKeyScore (for instance, around 180 million in December 2012). The BND and BfV, when contacted by SPIEGEL, would not discuss the espionage tool. The NSA, as well, declined to comment, referring instead to the words of US President Barack Obama during his visit to Berlin and saying there was nothing to add."
'Prolific Partner': German Intelligence Used NSA Spy Program
Spiegel, 20 July 2013

"Dozens of companies, non-profits and trade organizations including Apple Inc, Google Inc and Facebook Inc sent a letter on Thursday pushing the Obama administration and Congress for more disclosures on the government's national security-related requests for user data.... Together with LinkedIn Corp, Yahoo! Inc, Microsoft Corp, Twitter and many others, the companies asked for more transparency of secret data gathering in the letter addressed to Alexander as well as President Barack Obama, Attorney General Eric Holder and national security leaders in Congress. Tech companies have been scrambling to assert their independence after documents leaked last month by former U.S. security contractor Edward Snowden raised questions about how much data on their clients they handed over to the government to aid its surveillance efforts. The leaks have renewed a public debate over the balance between national security and privacy, and have put tech companies in an awkward position, especially because many have been assailed for their own commercial use of customer data."
Apple, Google, dozens of others urge U.S. surveillance disclosures
Reuters, 19 July 2013

"Former U.S. president Jimmy Carter is so concerned about the NSA spying scandal that he thinks it has essentially resulted in a suspension of American democracy. 'America does not at the moment have a functioning democracy,' he said at an event in Atlanta on Tuesday sponsored by the Atlantik Bruecke, a private nonprofit association working to further the German-U.S. relationship. The association's name is German for 'Atlantic bridge.' Carter’s remarks didn't appear in the American mainstream press but were reported from Atlanta by the German newsmagazine Der Spiegel, whose Washington correspondent Gregor Peter Schmitz said on Twitter he was present at the event. The story doesn't appear in the English-language section of the Spiegel website and is only available in German."
NSA Controversy: Jimmy Carter Says U.S. 'Has No Functioning Democracy'
International Business Times, 18 July 2013

"During a coffee break at an intelligence conference held in The Netherlands a few years back, a senior Scandinavian counterterrorism official regaled me with a story. One of his service's surveillance teams was conducting routine monitoring of a senior militant leader when they suddenly noticed through their high-powered surveillance cameras two men breaking into the militant's apartment. The target was at Friday evening prayers at the local mosque. But rather than ransack the apartment and steal the computer equipment and other valuables while he was away -- as any right-minded burglar would normally have done -- one of the men pulled out a disk and loaded some programs onto the resident's laptop computer while the other man kept watch at the window. The whole operation took less than two minutes, then the two trespassers fled the way they came, leaving no trace that they had ever been there. It did not take long for the official to determine that the two men were, in fact, Central Intelligence Agency (CIA) operatives conducting what is known in the U.S. intelligence community as either a 'black bag job' or a 'surreptitious entry' operation. Back in the Cold War, such a mission might have involved cracking safes, stealing code books, or photographing the settings on cipher machines. Today, this kind of break-in is known inside the CIA and National Security Agency as an 'off-net operation,' a clandestine human intelligence mission whose specific purpose is to surreptitiously gain access to the computer systems and email accounts of targets of high interest to America's spies. As we've learned in recent weeks, the National Security Agency's ability to electronically eavesdrop from afar is massive. But it is not infinite. There are times when the agency cannot gain access to the computers or gadgets they'd like to listen in on. And so they call in the CIA's black bag crew for help. The CIA's clandestine service is now conducting these sorts of black bag operations on behalf of the NSA, but at a tempo not seen since the height of the Cold War. Moreover, these missions, as well as a series of parallel signals intelligence (SIGINT) collection operations conducted by the CIA's Office of Technical Collection, have proven to be instrumental in facilitating and improving the NSA's SIGINT collection efforts in the years since the 9/11 terrorist attacks. Over the past decade specially-trained CIA clandestine operators have mounted over one hundred extremely sensitive black bag jobs designed to penetrate foreign government and military communications and computer systems, as well as the computer systems of some of the world's largest foreign multinational corporations. Spyware software has been secretly planted in computer servers; secure telephone lines have been bugged; fiber optic cables, data switching centers and telephone exchanges have been tapped; and computer backup tapes and disks have been stolen or surreptitiously copied in these operations. In other words, the CIA has become instrumental in setting up the shadowy surveillance dragnet that has now been thrown into public view. Sources within the U.S. intelligence community confirm that since 9/11, CIA clandestine operations have given the NSA access to a number of new and critically important targets around the world, especially in China and elsewhere in East Asia, as well as the Middle East, the Near East, and South Asia. ... In one particularly significant operation conducted a few years back in a strife-ridden South Asian nation, a team of CIA technical operations officers installed a sophisticated tap on a switching center servicing several fiber-optic cable trunk lines, which has allowed NSA to intercept in real time some of the most sensitive internal communications traffic by that country's general staff and top military commanders for the past several years. .... Since 9/11, the NCS has also developed a variety of so-called 'black boxes' which can quickly crack computer passwords, bypass commercially-available computer security software systems, and clone cellular telephones -- all without leaving a trace. To use one rudimentary example, computer users oftentimes forget to erase default accounts and passwords when installing a system, or incorrectly set protections on computer network servers or e-mail accounts. This is a vulnerability which operatives now routinely exploit. For many countries in the world, especially in the developing world, CIA operatives can now relatively easily obtain telephone metadata records, such as details of all long distance or international telephone calls, through secret liaison arrangements with local security services and police agencies.... U.S. intelligence officials are generally comfortable with the new collaboration. Those I have spoken to over the past three weeks have only one major concern. The fear is that details of these operations, including the identities of the targets covered by these operations, currently reside in the four laptops reportedly held by Edward Snowden, who has spent the past three weeks in the transit lounge at Sheremetyevo Airport outside Moscow waiting for his fate to be decided. Officials at both the CIA and NSA know that the public disclosure of these operations would cause incalculable damage to U.S. intelligence operations abroad as well as massive embarrassment to the U.S. government. If anyone wonders why the U.S. government wants to get its hands on Edward Snowden and his computers so badly, this is an important reason why."
The CIA's New Black Bag Is Digital
Foreign Policy, 17 July 2013

"Former president Jimmy Carter condemned the effect U.S. intelligence programs had on U.S. moral authority in the wake of NSA revelations brought to light by leaker Edward Snowden, Der Spiegel reports. 'America has no functioning democracy,' Carter said at a meeting of The Atlantic Bridge in Atlanta, Georgia on Tuesday.... Carter also voiced support for Snowden in June. 'He’s obviously violated the laws of America, for which he’s responsible, but I think the invasion of human rights and American privacy has gone too far,' he told CNN. 'I think that the secrecy that has been surrounding this invasion of privacy has been excessive, so I think that the bringing of it to the public notice has probably been, in the long term, beneficial. I think the American people deserve to know what their Congress is doing.''
Jimmy Carter: ‘America no longer has a functioning democracy’
The Daily Caller, 17 July 2013

"Chances are, your local or state police departments have photographs of your car in their files, noting where you were driving on a particular day, even if you never did anything wrong. Using automated scanners, law enforcement agencies across the country have amassed millions of digital records on the location and movement of every vehicle with a license plate, according to a study published Wednesday by the American Civil Liberties Union. Affixed to police cars, bridges or buildings, the scanners capture images of passing or parked vehicles and note their location, uploading that information into police databases. Departments keep the records for weeks or years, sometimes indefinitely.... While the Supreme Court ruled in 2012 that a judge's approval is needed to track a car with GPS, networks of plate scanners allow police effectively to track a driver's location, sometimes several times every day, with few legal restrictions. The ACLU says the scanners assemble what it calls a 'single, high-resolution image of our lives.' 'There's just a fundamental question of whether we're going to live in a society where these dragnet surveillance systems become routine,' said Catherine Crump, a staff attorney with the ACLU. The civil rights group is proposing that police departments immediately delete any records of cars not linked to a crime."
Driving somewhere? There's a gov't record of that
Associated Press, 17 July 2013

"A media report on Wednesday alleged that a NATO document proves the German military knew about the NSA's Prism surveillance program in 2011. But both Berlin and the country's foreign intelligence agency deny the account, saying there was a NATO program with the same name in Afghanistan. The German government has so far claimed that it knew nothing of the United States' Prism spying program, revealed by whistleblower Edward Snowden last month. But parts of a confidential NATO document published by daily Bild on Wednesday show that the German military, the Bundeswehr, may have already been aware of the National Security Agency's operations in 2011, the paper alleged. The document, reportedly sent on Sept. 1, 2011 to all regional commands by the joint NATO headquarters in Afghanistan, gives specific instructions for working together on a program called Prism, which the paper said was the same as that run by the NSA. According to Bild, the document was also sent to the regional command in northern Afghanistan, for which Germany was responsible at the time under General Major Markus Kneip. Should the media report be confirmed, Berlin's claims of ignorance will prove to have been false. But on Wednesday afternoon, Chancellor Angela Merkel's spokesman Steffen Seibert denied the Bild story, saying that the document referred to a separate program that had been run by NATO troops, and not the US. The programs were 'not identical,' he said."
Media Report: Berlin Denies Military Knew About Prism
Der Speigel, 17 July 2013

"The Consumer Financial Protection Bureau (CFPB) is looking to create a 'Google Earth' of every financial transaction of every American, Sen. Mike Enzi (R-WY) warned today in a Senate speech opposing confirmation of Richard Cordray as CFPB director. 'This bill (creating the CFPB) was supposed to be about regulating Wall Street. Instead, it's creating a Google Earth on every financial transaction. That's right: the government will be able to see every detail of your finances. Your permission - not needed,' Sen. Enzi said. 'They can look right down to the tiny details of the time and place where you pulled cash out of an ATM,' Enzi warned. And, there's nothing you can do about, since Americans don't have the ability to 'opt out' or prohibit the government from collecting their personal financial data, Enzi said: 'You can't tell 'em to stay out of your records. It's not possible. If your data is being collected, you do not have the option to opt out. Nor, does the CFPD need any kind of permission from you to gather your personal information.'"
Gov't Bureau 'Creating a Google Earth on Every Financial Transaction,' Senator Warns
CNS News, 16 July 2013

"... in October 2001 President Bush ordered the NSA to commence covert monitoring of private communications through the nation's telephone companies without the requisite warrants. According to the Associated Press, he also 'secretly authorized the NSA to plug into the fiber optic cables that enter and leave the United States' carrying the world’s 'emails, telephone calls, video chats, websites, bank transactions, and more.' Since his administration had already conveniently decided that 'metadata was not constitutionally protected,' the NSA began an open-ended program, Operation Stellar Wind, 'to collect bulk telephony and Internet metadata.' By 2004, the Bush White House was so wedded to Internet metadata collection that top aides barged into Attorney General John Ashcroft’s hospital room to extract a reauthorization signature for the program. They were blocked by Justice Department officials led by Deputy Attorney General James Comey, forcing a two-month suspension until that FISA court, brought into existence in the Carter years, put its first rubber-stamp on this mass surveillance regime. Armed with expansive FISA court orders allowing the collection of data sets rather than information from specific targets, the FBI’s 'investigative Data Warehouse' acquired more than a billion documents within five years, including intelligence reports, social security files, drivers’ licenses, and private financial information. All of this was accessible to 13,000 analysts making a million queries monthly. In 2006, as the flood of data surging through fiber optic cables strained NSA computers, the Bush administration launched the Intelligence Advanced Research Projects Activity to develop supercomputing searches powerful enough to process this torrent of Internet information. In 2005, a New York Times investigative report exposed the administration’s illegal surveillance for the first time. A year later, USA Today reported that the NSA was 'secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon, and Bell South.' One expert called it 'the largest database ever assembled in the world,' adding presciently that the Agency's goal was 'to create a database of every call ever made.' In August 2007, in response to these revelations, Congress capitulated. It passed a new law, the Protect America Act, which retrospectively legalized this illegal White House-inspired set of programs by requiring greater oversight by the FISA court. This secret tribunal -- acting almost as a 'parallel Supreme Court' that rules on fundamental constitutional rights without adversarial proceedings or higher review -- has removed any real restraint on the National Security Agency’s bulk collection of Internet metadata and regularly rubberstamps almost 100% of the government’s thousands of surveillance requests. Armed with expanded powers, the National Security Agency promptly launched its PRISM program (recently revealed by Edward Snowden). To feed its hungry search engines, the NSA has compelled nine Internet giants, including Microsoft, Yahoo, Google, Facebook, AOL, and Skype, to transfer what became billions of emails to its massive data farms.... the NSA has continued to collect the personal communications of Americans by the billions under its PRISM and other programs. In the Obama years as well, the NSA began cooperating with its long-time British counterpart, the Government Communications Headquarters (GCHQ), to tap into the dense cluster of Trans-Atlantic Telecommunication fiber optic cables that transit the United Kingdom.... The historic alliance between the NSA and GCHQ dates back to the dawn of the Cold War. In deference to it, the NSA has, since 2007, exempted its '2nd party' Five Eyes allies from surveillance under its 'Boundless Informant' operation. According to another recently leaked NSA document, however, 'we can, and often do, target the signals of most 3rd party foreign partners.' This is clearly a reference to close allies like Germany, France, and Italy. On a busy day in January 2013, for instance, the NSA collected 60 million phone calls and emails from Germany -- some 500 million German messages are reportedly collected annually -- with lesser but still hefty numbers from France, Italy, and non-European allies like Brazil. To gain operational intelligence on such allies, the NSA taps phones at the European Council headquarters in Brussels, bugs the European Union (EU) delegation at the U.N., has planted a 'Dropmire' monitor 'on the Cryptofax at the EU embassy DC,' and eavesdrops on 38 allied embassies worldwide. Such secret intelligence about its allies gives Washington an immense diplomatic advantage, says NSA expert James Bamford. 'It’s the equivalent of going to a poker game and wanting to know what everyone’s hand is before you place your bet.' And who knows what scurrilous bits of scandal about world leaders American surveillance systems might scoop up to strengthen Washington’s hand in that global poker game called diplomacy.... While cutting conventional armaments, Obama is investing billions in constructing a new architecture for global information control. To store and process the billions of messages sucked up by its worldwide surveillance network (totaling 97 billion items for March alone), the NSA is employing 11,000 workers to build a $1.6 billion data center in Bluffdale, Utah, whose storage capacity is measured in 'yottabytes,' each the equivalent of a trillion terabytes. That’s almost unimaginable once you realize that just 15 terabytes could store every publication in the Library of Congress. From its new $1.8 billion headquarters, the third-biggest building in the Washington area, the National Geospatial-Intelligence Agency deploys 16,000 employees and a $5 billion budget to coordinate a rising torrent of surveillance data from Predators, Reapers, U-2 spy planes, Global Hawks, X-37B space drones, Google Earth, Space Surveillance Telescopes, and orbiting satellites.... To protect those critical orbiting satellites, which transmit most U.S. military communications, the Pentagon is building an aerospace shield of pilotless drones. In the exosphere, the Air Force has since April 2010 been successfully testing the X-37B space drone that can carry missiles to strike rival satellite networks such as the one the Chinese are currently creating.... Sadly, Mark Twain was right when he warned us just over 100 years ago that America could not have both empire abroad and democracy at home. To paraphrase his prescient words, by 'trampling upon the helpless abroad' with unchecked surveillance, Americans have learned, 'by a natural process, to endure with apathy the like at home.'"
Alfred W. McCoy, J.R.W. Smail Professor of History at the University of Wisconsin-Madison
Surveillance Blowback - The Making of the U.S. Surveillance State, 1898-2020
TomDispatch, 14 July 2013

"The American surveillance state is now an omnipresent reality, but its deep history is little known and its future little grasped. Edward Snowden’s leaked documents reveal that, in a post-9/11 state of war, the National Security Agency (NSA) was able to create a surveillance system that could secretly monitor the private communications of almost every American in the name of fighting foreign terrorists. The technology used is state of the art; the impulse, it turns out, is nothing new. For well over a century, what might be called 'surveillance blowback' from America’s wars has ensured the creation of an ever more massive and omnipresent internal security and surveillance apparatus. Its future (though not ours) looks bright indeed..... In response to the civil rights and anti-Vietnam protests of the 1960s, the FBI deployed its COINTELPRO operation, using what Senator Frank Church’s famous investigative committee later called 'unsavory and vicious tactics... including anonymous attempts to break up marriages, disrupt meetings, ostracize persons from their professions, and provoke target groups into rivalries that might result in deaths.' In assessing COINTELPRO’s 2,370 actions from 1960 to 1974, the Church Committee branded them a 'sophisticated vigilante operation' that 'would be intolerable in a democratic society even if all of the targets had been involved in violent activity.' Significantly, even this aggressive Senate investigation did not probe Director Hoover’s notorious 'private files' on the peccadilloes of leading politicians that had insulated his Bureau from any oversight for more than 30 years. After New York Times reporter Seymour Hersh exposed illegal CIA surveillance of American antiwar activists in 1974, Senator Church’s committee and a presidential commission under Nelson Rockefeller investigated the Agency’s 'Operation Chaos,' a program to conduct massive illegal surveillance of the antiwar protest movement, discovering a database with 300,000 names. These investigations also exposed the excesses of the FBI’s COINTELPRO, forcing the Bureau to reform. To prevent future abuses, President Jimmy Carter signed the Foreign Intelligence Surveillance Act (FISA) in 1978, creating a special court to approve all national security wiretaps. In a bitter irony, Carter’s supposed reform ended up plunging the judiciary into the secret world of the surveillance managers where, after 9/11, it became a rubberstamp institution for every kind of state intrusion on domestic privacy.... "
Alfred W. McCoy is the J.R.W. Smail Professor of History at the University of Wisconsin-Madison
Surveillance Blowback - The Making of the U.S. Surveillance State, 1898-2020
TomDispatch, 14 July 2013

"The little-known watchdog responsible for ensuring that Britain’s spy agencies act within the law over communication interceptions has been condemned as 'ineffective' by civil liberties campaigners – amid concerns that it failed to scrutinise the systems revealed by Edward Snowden. The Independent has established that the watchdog’s annual report had to be delayed and revised because the first draft made no mention of the hi-tech GCHQ spying programmes exposed by the US whistleblower. The updated 2012 report of the Interception of Communications Commissioner Office (ICCO) will now be published later this month, after hastily organised revisions were ordered by Whitehall officials. In documents disclosed by Mr Snowden, it was revealed that Britain’s spy centre in Cheltenham has for at least two years been using advanced technology to access hundreds of trans-Atlantic fibre-optic cables which daily carry hundreds of millions of private telecommunications messages. The programme goes by the codename Operation Tempora. Gathered legally because digital traffic 'leaves' the UK as fibre-optic traffic, the interceptions include phone calls, emails and records of internet usage. This step-change in access technology has exposed the inadequate oversight regimes under which the spy agencies operate, privacy activists say. David Davis, a former Foreign Office minister and former shadow Home Secretary, told The Independent: 'For ‘light touch’ read ‘ineffective’. This is an ineffective oversight arrangement. For the small number of ICCO staff expected to supervise the block hand-over of material [now in the hands of the US intelligence authorities] this is an impossible task and they cannot have any grip on this at all.' Mr Davis said the changing nature of specialist digital technology and the potential block-transfer of data out of the UK into the hands of US spy agencies should have been factored into the 2000 Regulation of Investigatory Powers Act (Ripa) which led to the establishment of the ICCO. He added 'This is a serious issue that no one over 40 years of age really gets. It is about our lives.' He called on the European Union to intervene, saying, 'They will be more effective in changing these practices than the UK acting alone.''
GCHQ spying programme: Spy watchdog ‘is understaffed and totally ineffective'
Independent, 14 July 2013

"Thousands of innocent holidaymakers and travellers are having their phones seized and personal data downloaded and stored by the police, The Telegraph can disclose. Officers use counter-terrorism laws to remove a mobile phone from any passenger they wish coming through UK air, sea and international rail ports and then scour their data. The blanket power is so broad they do not even have to show reasonable suspicion for seizing the device and can retain the information for 'as long as is necessary'. Data can include call history, contact books, photos and who the person is texting or emailing, although not the contents of messages. David Anderson QC, the independent reviewer of terrorism laws, is expected to raise concerns over the power in his annual report this week. He will call for proper checks and balances to ensure it is not being abused. It echoes concerns surrounding an almost identical power police can use on the streets of the UK, which is being reviewed by the Information Commissioner. However, in those circumstances police must have grounds for suspicion and the phone can only be seized if the individual is arrested. .... Up to 60,000 people a year are 'stopped and examined' as they enter or return to the UK under powers contained in the Terrorism Act 2000. It is not known how many of those have their phone data taken. Dr Gus Hosein, of the campaign group Privacy International, said: 'We are extremely concerned by these intrusive tactics that have been highlighted by the independent terrorism reviewer. These practices have been taking place under the radar for far too long and if Mr Anderson calls for reform and new safeguards we would be very supportive of that.' He added: 'Seizing and downloading your phone data is the modern equivalent of searching your home and office, searching through family albums and business records alike, and identifying all your friends and family, then keeping this information for years. If you were on the other side of the border, the police would rightly have to apply for warrants and follow strict guidelines. But nowhere in Britain do you have less rights than at the border. 'Under law, seizing a mobile phone should be only when the phone is essential to an investigation, and then even certain rules should apply. Without these rules, everyone should be worried.' Under the Act, police or border staff can question and even hold someone while they ascertain whether the individual poses a terrorism risk. But no prior authorization is needed for the person to be stopped and there does not have to be any suspicion. It means a police officer can stop any passenger at random, scour their phone and download and retain data, even of the individual is then immediately allowed to proceed."
Travellers' mobile phone data seized by police at border
Telegraph, 13 July 2013

"Microsoft has collaborated closely with US intelligence services to allow users' communications to be intercepted, including helping the National Security Agency to circumvent the company's own encryption, according to top-secret documents obtained by the Guardian. The files provided by Edward Snowden illustrate the scale of co-operation between Silicon Valley and the intelligence agencies over the last three years. They also shed new light on the workings of the top-secret Prism program, which was disclosed by the Guardian and the Washington Post last month."
How Microsoft handed the NSA access to encrypted messages
Guardian, 12 July 2013

"The Luxembourg government today resigned, brought down by a spying and corruption scandal that shook the tiny country better known for wealthy bankers than political intrigue. Jean-Claude Juncker, prime minister since 1995 and the European Union's longest serving government chief, tendered his resignation to Grand Duke Henri, the royal head of state who himself has been implicated in media reports of espionage. The government was forced to resign after junior coalition partners withdrew their support in protest at Juncker's apparent failure to rein in a secret service spiralling out of control. Juncker has proposed holding a general election in October, seven months ahead of schedule. The catalyst for the resignation was a parliamentary inquiry published last week that said Luxembourg's security agency illegally bugged politicians and members of the public, purchased cars for private use and took payments and favours in exchange for access to influential officials. In a scene reminiscent of a spy novel, former security chief Marco Mille recorded a conversation with Juncker in 2008 using a microphone in his watch. Mille told Juncker he had reliable reports that Grand Duke Henri was in constant contact with Britain's secret services, according to one newspaper. The Grand Duke's office has denied the allegation. The government was already under pressure due to renewed interest in a mysterious series of sabotage bomb attacks in the 1980s, known as the Bommeleeer affair, whose targets included electricity pylons and an airport radar system as well as a newspaper office. Two former members of a special police force went on trial for the attacks at the start of this year. Last month, the government and Finance Minister Luc Frieden survived twin votes of no-confidence in parliament over accusations that the minister had put pressure on investigators to close their inquiry into the bombings."
Entire government of Luxembourg resigns after spying and corruption scandal forces its prime minister to quit
Mail, 11 July 2013

"The Kremlin is returning to typewriters in an attempt to avoid damaging leaks from computer hardware, it has been claimed. A source at Russia's Federal Guard Service (FSO), which is in charge of safeguarding Kremlin communications and protecting President Vladimir Putin, claimed that the return to typewriters has been prompted by the publication of secret documents by WikiLeaks, the whistle-blowing website, as well as Edward Snowden, the fugitive US intelligence contractor. The FSO is looking to spend 486,000 roubles – around £10,000 – on a number of electric typewriters, according to the site of state procurement agency, zakupki.gov.ru. The notice included ribbons for German-made Triumph Adlew TWEN 180 typewriters, although it was not clear if the typewriters themselves were this kind. The service declined to comment on the notice, which was posted last week. However an FSO source told Izvestiya newspaper: 'After scandals with the distribution of secret documents by WikiLeaks, the exposes by Edward Snowden, reports about Dmitry Medvedev being listened in on during his visit to the G20 summit in London, it has been decided to expand the practice of creating paper documents.''
Kremlin returns to typewriters to avoid computer leaks
Telegraph, 11 July 2013

"Recent debate over U.S. government surveillance has focused on the information that American technology companies secretly provide to the National Security Agency. But that is only one of the ways the NSA eavesdrops on international communications. A classified NSA slide obtained by The Washington Post lists 'Two Types of Collection.' One is PRISM, the NSA program that collects information from technology companies, which was first revealed in reports by the Post and Britain’s Guardian newspaper last month. The slide also shows a separate category labeled 'Upstream,' described as accessing 'communications on fiber cables and infrastructure as data flows past.'"
The NSA slide you haven’t seen
Washington Post, 10 July 2013

"Xmission, Utah's first independent and oldest internet service provider, has spent the past 15 years resolutely shielding customers' privacy from government snoops in a way that larger rivals appear to have not. The company, a comparative midget with just 30,000 subscribers, cited the Fourth Amendment in rebuffing warrantless requests from local, state and federal authorities, showing it was possible to resist official pressure. 'I would tell them I didn't need to respond if they didn't have a warrant, that (to do so) wouldn't be constitutional,' the founder and chief executive, Pete Ashdown, said in an interview at his Salt Lake City headquarters. Since 1998 he rejected dozens of law enforcement requests, including Department of Justice subpoenas, on the grounds they violated the US constitution and state law. 'I would tell them, please send us a warrant, and then they'd just drop it.' Ashdown, 46, assented just once, on his lawyer's advice, to a 2010 FBI request backed by a warrant from the Foreign Intelligence Surveillance Court. 'I believe under the fourth amendment digital data is protected. I'm not an unpaid branch of government or law enforcement.' Ashdown was wary about Silicon Valley's carefully worded insistence that the government had no direct access to servers. Access to networks, not servers, was the key, he said. ....Ashdown, 46, attributes part of his wariness of authority to his mother, who saw the Nazis overrun Denmark."
Tiny Utah-based ISP makes a name for itself by rebuffing government snoops
Guardian, 9 July 2013

"Your life today has a digital signature. Where you eat, shop and travel; whom you call, e-mail and text; every website, café and museum you visit even once is all stored in the great digital cloud. And you can't delete anything, ever. 'This will be the first generation of humans to have an indelible record,' write Eric Schmidt and Jared Cohen in their book The New Digital Age. The second is Big Data. Americans were probably most shocked by the revelation that the U.S. government is collecting massive quantities of their digital signatures--billions of phone calls and e-mails and Internet searches. The feds aren't monitoring every last one. But they easily could, and this is the essence of the age of Big Data.....As far as we know, the U.S. government has broken no laws and has followed all established procedures, and Congress approved this program, though it did so in secret, writing laws that aren't public. Obama Administration officials, echoing their (slightly less transparent) predecessors in the Bush era, insist that any fishing expeditions undertaken through terabytes of collected data are highly targeted and do not involve innocent Americans. Maybe so, but over the past 33 years, the Executive Branch has made 33,900 requests for surveillance to a special court created to make sure there are solid grounds to grant these surveillance powers. The court has approved all but 11 of them. Is that genuine oversight? It is hard to say, for the court itself is secret. Shouldn't we know more? The larger question Big Data raises is, Should any government be permitted to use computer analysis--even if highly accurate--to observe, inform on, quarantine or even arrest people simply because they are likely to do something bad? That seems like a scenario from a horrifying sci-fi thriller. Yet here we are, very close to a real-world version. Is that compatible with life in a free society?"
Fareed Zakaria - Big Data, Meet Big Brother
TIME, 8 July 2013

"America's National Security Agency works closely with Germany and other Western states on a 'no questions asked'-basis, former NSA employee Edward Snowden said in comments that undermine Chancellor Angela Merkel's indignant talk of 'Cold War' tactics. 'They are in bed with the Germans, just like with most other Western states,' German magazine Der Spiegel quotes him as saying in an interview published on Sunday that was carried out before he fled to Hong Kong in May and divulged details of extensive secret U.S. surveillance. 'Other agencies don't ask us where we got the information from and we don't ask them. That way they can protect their top politicians from the backlash in case it emerges how massively people's privacy is abused worldwide,' he said. His comments about cooperation with governments overseas, which he said were led by the NSA's Foreign Affairs Directorate, appear to contradict the German government's show of surprise at the scale of the U.S. electronic snooping. Germany has demanded explanations for Snowden's allegations of large-scale spying by the NSA, and by Britain via a programme codenamed 'Tempora', on their allies including Germany and other European Union states, as well as EU institutions and embassies....Der Spiegel has reported that on an average day, the NSA monitored about 20 million German phone connections and 10 million internet data sets, rising to 60 million phone connections on busy days. Germans are particularly sensitive about eavesdropping because of the intrusive surveillance in the communist German Democratic Republic (GDR) and during the Nazi era....Der Spiegel said the interview was conducted while Snowden was living in Hawaii, via encrypted emails with U.S. documentary maker Laura Poitras and hacker Jacob Appelbaum. Snowden told them that America's closest allies sometimes went even further than the NSA in their zeal for gathering data. The Tempora programme of Britain's GCHQ eavesdropping agency is known in the intelligence world as a 'full take'. 'It sucks up all information, no matter where it comes from and which laws are broken,' Snowden said. 'If you send a data packet and goes through Britain, we'll get it. If you download anything, and the server is in Britain, we'll get it.' If the NSA is ordered to target an individual, it virtually take over that person's data 'so the target's computer no longer belongs to him, it more or less belongs to the U.S. government'."
America's NSA 'in bed with' Germany and most others: Snowden
Reuters, 7 July 2013

"For weeks now, officials at intelligence services around the world have been in suspense as one leak after another from whistleblower Edward Snowden has been published. Be it America's National Security Agency, Britain's GCHQ or systems like Prism or Tempora, he has been leaking scandalous information about international spying agencies. In an interview published by SPIEGEL in its latest issue, Snowden provides additional details, describing the closeness between the US and German intelligence services as well as Britain's acquisitiveness when it comes to collecting data. In Germany, reports of the United States' vast espionage activities have surprised and upset many, including politicians. But Snowden isn't buying the innocence of leading German politicians and government figures, who say that they were entirely unaware of the spying programs. On the contrary, the NSA people are 'in bed together with the Germans,' the whistleblower told American cryptography expert Jacob Appelbaum and documentary filmmaker Laura Poitras in an interview conducted with the help of encrypted emails shortly before Snowden became a globally recognized name. Snowden describes the intelligence services partnerships in detail. The NSA even has a special department for such cooperation, the Foreign Affairs Directorate, he says. He also exposes a noteworthy detail about how government decision-makers are protected by these programs. The partnerships are organized in a way so that authorities in other countries can 'insulate their political leaders from the backlash' in the event it becomes public 'how grievously they're violating global privacy,' the former NSA employee says.... But it's not just the BND's activities that are the focus of the interview with Snowden. The 30-year-old also provides new details about Britain's Government Communications Headquarters (GCHQ). He says that Britain's Tempora system is the signal intelligence community's first 'full-take Internet buffer,' meaning that it saves all of the data passing through the country. The scope of this 'full take' system is vast. According to Snowden and Britain's Guardian newspaper, Tempora stores communications data for up to 30 days and saves all content for up to three days in a so-called Internet buffer. 'It snarfs everything in a rolling buffer to allow retroactive investigation without missing a single bit,' Snowden says. Asked if it is possible to get around this total surveillance of all Internet communication, he says: 'As a general rule, so long as you have any choice at all, you should never route through or peer with the UK under any circumstances.' In other words, Snowden says, one can only prevent GCHQ from accessing their data if they do not send any information through British Internet lines or servers. However, German Internet experts believe this would be almost impossible in practice. The attempt to conduct total data retention is noteworthy because most of the leaks so far in the spying scandal have pertained to so-called metadata. In the interview, Snowden reiterates just how important metadata -- which can include telephone numbers, IP addresses and connection times, for example -- really are. 'In most cases, content isn't as valuable as metadata,' Snowden says. Those in possession of metadata can determine who has communicated with whom. And using the metadata, they can determine which data sets and communications content they would like to take a closer look at. 'The metadata tells you what out of their data stream you actually want,' Snowden says. It is becoming increasingly clear to recognize the way in which surveillance programs from the NSA and GCHQ -- including Prism, Tempora and Boundless Informant -- cooperate. The metadata provides analysts with tips on which communications and content might be interesting. Then, Snowden says, with the touch of a button they can then retrieve or permanently collect the full content of communications that have already been stored for a specific person or group, or they can collect future communications. But a person can also be "selected for targeting based on, for example, your Facebook or webmail content.'"
Snowden Claims: NSA Ties Put German Intelligence in Tight Spot
Der Spiegel, 7 July 2013

"The US government had a problem: Spying in the digital age required access to the fibre-optic cables traversing the world's oceans, carrying torrents of data at the speed of light. And one of the biggest operators of those cables was being sold to an Asian firm, which might complicate American surveillance efforts. Enter 'Team Telecom.' In months of private talks, the team of lawyers from the FBI and the departments of Defense, Justice and Homeland Security demanded that the company maintain what amounted to an internal corporate cell of American citizens with government clearances. Among their jobs, documents show, was ensuring that surveillance requests got fulfilled quickly and confidentially. This 'Network Security Agreement,' signed in September 2003 by Global Crossing, became a model for other deals over the past decade as foreign investors increasingly acquired pieces of the world's telecommunications infrastructure. The publicly available agreements offer a window into efforts by US officials to safeguard their ability to conduct surveillance through the fibre-optic networks that carry a huge majority of the world's voice and internet traffic. The agreements, whose main purpose is to secure the US telecommunications networks against foreign spying and other actions that could harm national security, do not authorise surveillance. But they ensure that when US government agencies seek access to the massive amounts of data flowing through their networks, the companies have systems in place to provide it securely, say people familiar with the deals. Negotiating leverage has come from a seemingly mundane government power: the authority of the Federal Communications Commission to approve cable licenses. In deals involving a foreign company, say people familiar with the process, the FCC has held up approval for many months while the squadron of lawyers dubbed Team Telecom developed security agreements that went beyond what's required by the laws governing electronic eavesdropping. The security agreement for Global Crossing, whose fibre-optic network connected 27 nations and four continents, required the company to have a 'Network Operations Center' on US soil that could be visited by government officials with 30 minutes of warning. Surveillance requests, meanwhile, had to be handled by US citizens screened by the government and sworn to secrecy — in many cases prohibiting information from being shared even with the company's executives and directors. 'Our telecommunications companies have no real independence in standing up to the requests of government or in revealing data,' said Susan Crawford, a Yeshiva University law professor and former Obama White House official. 'This is yet another example where that's the case.' The full extent of the National Security Agency's access to fibre-optic cables remains classified....As people worldwide chat, browse and post images through online services, much of the information flows within the technological reach of US surveillance. Though laws, procedural rules and internal policies limit how that information can be collected and used, the data from billions of devices worldwide flow through internet choke points that the United States and its allies are capable of monitoring. This broad-based surveillance of fibre-optic networks runs parallel to the NSA's PRISM program, which allows analysts access to data from nine major internet companies, including Google, Facebook, Microsoft, Yahoo, AOL and Apple, according to classified NSA PowerPoint slides."
How US snoops on fibre-optic data flows
Sydney Morning Herald, 7 July 2013

"I have repeatedly posted, and have been saying in public speeches for ten years, that under the UK/US intelligence sharing agreements the NSA spies on UK citizens and GCHQ spies on US citizens and they swap the information. As they use a shared technological infrastructure, the division is simply a fiction to get round the law in each country restricting those agencies from spying on their own citizens. I have also frequently remarked how extraordinary it is that the media keep this 'secret', which they have all known for years."
All Law is Gone: Naked Power Remains
Craig Murray » Blog Archive » 3 July 2013

"The Bluebox Security research team – Bluebox Labs – recently discovered a vulnerability in Android’s security model that allows a hacker to modify APK code without breaking an application’s cryptographic signature, to turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end user. The implications are huge! This vulnerability, around at least since the release of Android 1.6 (codename: 'Donut' ), could affect any Android phone released in the last 4 years1 – or nearly 900 million devices2– and depending on the type of application, a hacker can exploit the vulnerability for anything from data theft to creation of a mobile botnet. While the risk to the individual and the enterprise is great (a malicious app can access individual data, or gain entry into an enterprise), this risk is compounded when you consider applications developed by the device manufacturers (e.g. HTC, Samsung, Motorola, LG) or third-parties that work in cooperation with the device manufacturer (e.g. Cisco with AnyConnect VPN) – that are granted special elevated privileges within Android – specifically System UID access. Installation of a Trojan application from the device manufacturer can grant the application full access to Android system and all applications (and their data) currently installed. The application then not only has the ability to read arbitrary application data on the device (email, SMS messages, documents, etc.), retrieve all stored account & service passwords, it can essentially take over the normal functioning of the phone and control any function thereof (make arbitrary phone calls, send arbitrary SMS messages, turn on the camera, and record calls). Finally, and most unsettling, is the potential for a hacker to take advantage of the always-on, always-connected, and always-moving (therefore hard-to-detect) nature of these 'zombie' mobile devices to create a botnet."
Uncovering Android Master Key That Makes 99% of Devices Vulnerable
Blue Box (Blog), 3 July 2013

"Leslie James Pickering noticed something odd in his mail last September: a handwritten card, apparently delivered by mistake, with instructions for postal workers to pay special attention to the letters and packages sent to his home. 'Show all mail to supv' — supervisor — 'for copying prior to going out on the street,' read the card. It included Mr. Pickering’s name, address and the type of mail that needed to be monitored. The word 'confidential' was highlighted in green. 'It was a bit of a shock to see it,' said Mr. Pickering, who with his wife owns a small bookstore in Buffalo. More than a decade ago, he was a spokesman for the Earth Liberation Front, a radical environmental group labeled eco-terrorists by the Federal Bureau of Investigation. Postal officials subsequently confirmed they were indeed tracking Mr. Pickering’s mail but told him nothing else. As the world focuses on the high-tech spying of the National Security Agency, the misplaced card offers a rare glimpse inside the seemingly low-tech but prevalent snooping of the United States Postal Service. Mr. Pickering was targeted by a longtime surveillance system called mail covers, a forerunner of a vastly more expansive effort, the Mail Isolation Control and Tracking program, in which Postal Service computers photograph the exterior of every piece of paper mail that is processed in the United States — about 160 billion pieces last year. It is not known how long the government saves the images. Together, the two programs show that postal mail is subject to the same kind of scrutiny that the National Security Agency has given to telephone calls and e-mail. The mail covers program, used to monitor Mr. Pickering, is more than a century old but is still considered a powerful tool. At the request of law enforcement officials, postal workers record information from the outside of letters and parcels before they are delivered. (Opening the mail would require a warrant.) The information is sent to the law enforcement agency that asked for it. Tens of thousands of pieces of mail each year undergo this scrutiny. The Mail Isolation Control and Tracking program was created after the anthrax attacks in late 2001 that killed five people, including two postal workers. Highly secret, it seeped into public view last month when the F.B.I. cited it in its investigation of ricin-laced letters sent to President Obama and Mayor Michael R. Bloomberg. It enables the Postal Service to retrace the path of mail at the request of law enforcement. No one disputes that it is sweeping. 'In the past, mail covers were used when you had a reason to suspect someone of a crime,' said Mark D. Rasch, who started a computer crimes unit in the fraud section of the criminal division of the Justice Department and worked on several fraud cases using mail covers. 'Now it seems to be, ‘Let’s record everyone’s mail so in the future we might go back and see who you were communicating with.’ Essentially you’ve added mail covers on millions of Americans.' ... 'It’s a treasure trove of information,' said James J. Wedick, a former F.B.I. agent who spent 34 years at the agency and who said he used mail covers in a number of investigations, including one that led to the prosecution of several elected officials in California on corruption charges. 'Looking at just the outside of letters and other mail, I can see who you bank with, who you communicate with — all kinds of useful information that gives investigators leads that they can then follow up on with a subpoena.' But, he said: 'It can be easily abused because it’s so easy to use and you don’t have to go through a judge to get the information. You just fill out a form.' For mail cover requests, law enforcement agencies submit a letter to the Postal Service, which can grant or deny a request without judicial review. Law enforcement officials say the Postal Service rarely denies a request. In other government surveillance programs, like wiretaps, a federal judge must sign off on the requests. The mail cover surveillance requests are granted for about 30 days, and can be extended for up to 120 days. There are two kinds of mail covers: those related to criminal activity and those requested to protect national security. Criminal activity requests average 15,000 to 20,000 per year, said law enforcement officials, who spoke on the condition of anonymity because they are prohibited by law from discussing them. The number of requests for antiterrorism mail covers has not been made public. Law enforcement officials need warrants to open the mail, although President George W. Bush asserted in a signing statement in 2007 that the federal government had the authority to open mail without warrants in emergencies or in foreign intelligence cases."
U.S. Postal Service Logging All Mail for Law Enforcement
New York Times, 3 July 2013

"If you are worried about the US spying on you, you need to stop using Google and Facebook, Germany's top security official has warned. Internet users who fear their data is being intercepted by U.S. intelligence agencies such as the National Security Agency's should stay away from American websites run through American servers, Interior Minister Hans-Peter Friedrich said. Leaked revelations about the NSA’s wholesale information on foreign web users has prompted outrage in Europe and calls for tighter international rules on data protection. Leaks by Edward Snowden, a former NSA systems analyst, have revealed the NSA's sweeping data collection of U.S. phone records and some Internet traffic. According to U.S. intelligence officials, the programs target foreigners and terrorist suspects mostly overseas. Interior Minister Hans-Peter Friedrich told reporters in Berlin on Wednesday that ‘whoever fears their communication is being intercepted in any way should use services that don't go through American servers.’ Friedrich says German officials are in touch with their U.S. counterparts ‘on all levels’ and a delegation is scheduled to fly to Washington next week to discuss the claims that ordinary citizens and even European diplomats were being spied upon."
STOP using Google and Facebook if you fear US spying, says Germany
Mail, 3 July 2013

"Tech giants listed as part of the National Security Agency’s Prism spying program have gone to some lengths to convince the world they aren’t in bed with the U.S. government. Google (GOOG) has filed a request with the U.S. Foreign Intelligence Surveillance Act court asking permission to disclose more information about the government’s data requests. So there’s a certain irony that NSA programmers are now refining code that Google has approved for the company’s mobile operating system, Android. Google spokeswoman Gina Scigliano confirms that the company has already inserted some of the NSA’s programming in Android OS. 'All Android code and contributors are publicly available for review at source.android.com,' Scigliano says, declining to comment further. Through its open-source Android project, Google has agreed to incorporate code, first developed by the agency in 2011, into future versions of its mobile operating system, which according to market researcher IDC runs on three-quarters of the smartphones shipped globally in the first quarter. NSA officials say their code, known as Security Enhancements for Android, isolates apps to prevent hackers and marketers from gaining access to personal or corporate data stored on a device. Eventually all new phones, tablets, televisions, cars, and other devices that rely on Android will include NSA code, agency spokeswoman Vanee’ Vines said in an e-mailed statement. NSA researcher Stephen Smalley, who works on the program, says, 'Our goal is to raise the bar in the security of commodity mobile devices.' In a 2011 presentation obtained by Bloomberg Businessweek, Smalley listed among the benefits of the program that it’s 'normally invisible to users.' The program’s top goal, according to that presentation: 'Improve our understanding of Android security.' Vines wouldn’t say whether the agency’s work on Android and other software is part of or helps with Prism. 'The source code is publicly available for anyone to use, and that includes the ability to review the code line by line,' she said in her statement. Most of the NSA’s suggested additions to the operating system can already be found buried in Google’s latest release—on newer devices including Sony’s (SNE) Xperia Z, HTC’s (2498:TT) One, and Samsung Electronics’ (005930:KS) Galaxy S4. Although the features are not turned on by default, according to agency documentation, future versions will be. In May the Pentagon approved the use of smartphones and tablets that run Samsung’s mobile enterprise software, Knox, which also includes NSA programming, the company wrote in a June white paper. Sony, HTC, and Samsung declined to comment. 'Apple (AAPL) does not accept source code from any government agencies for any of our operating systems or other products,' says Kristin Huguet, a spokeswoman for the company.....The NSA developed a separate Android project because Google’s mobile OS required markedly different programming, according to Smalley’s 2011 presentation. Brian Honan, an information technology consultant in Dublin, says his clients in European governments and multinational corporations are worried about how vulnerable their data are when dealing with U.S. companies. The information security world had been preoccupied with Chinese hacking until recently, Honan says. 'With Prism, the same accusations can be laid against the U.S. government.'"
Security-Enhanced Android: NSA Edition
Bloomberg, 3 July 2013

"A hidden microphone has been found inside the Ecuadorean embassy in London, where the WikiLeaks founder Julian Assange is holed up, according to the country's foreign minister. Ricardo Patiño said the device had been discovered a fortnight ago inside the office of the Ecuadorean ambassador, Ana Alban, while he was in the UK to meet Assange and discuss the whistleblower's plight with the British foreign secretary, William Hague. 'We regret to inform you that in our embassy in London we have found a hidden microphone,' Patiño told a news conference in Quito on Tuesday. 'I didn't report this at the time because we didn't want the theme of our visit to London to be confused with this matter,' he said. 'Furthermore, we first wanted to ascertain with precision the origin of this interception device in the office of our ambassador.' He described the discovery of the device as "another instance of a loss of ethics at the international level in relations between governments" and said he would reveal more details as to who might have planted the microphone on Wednesday. The Foreign Office declined to comment immediately on the allegation, while a No 10 spokesman said he did not comment on security issues."
Hidden microphone found at Ecuador's embassy in UK, says foreign minister
Guardian, 3 July 2013

"Barack Obama sought to defuse growing international tension on Monday over fresh revelations of US surveillance programmes on its allies by claiming European countries are also spying on him. Amid an outcry among EU leaders at alleged diplomatic espionage including the bugging of embassies and parliament buildings, the president insisted the US was behaving no differently from other countries. 'We should stipulate that every intelligence service – not just ours, but every European intelligence service, every Asian intelligence service, wherever there's an intelligence service … here's one thing that they're going to be doing: they're going to be trying to understand the world better and what's going on in world capitals,' he told a press conference during a long-scheduled trip Tanzania. 'If that weren't the case, then there'd be no use for an intelligence service.' 'And I guarantee you that in European capitals, there are people who are interested in, if not what I had for breakfast, at least what my talking points might be should I end up meeting with their leaders. That's how intelligence services operate,' Obama added."
Obama tries to ease NSA tensions and insists: Europe spies on US too
Guardian, 1 July 2013

"The Washington Post has released four previously unpublished slides from the NSA's PowerPoint presentation on Prism, the top-secret programme that collects data on foreign surveillance targets from the systems of nine participating internet companies. The newly published top-secret documents, which the newspaper has released with some redactions, give further details of how Prism interfaces with the nine companies, which include such giants as Google, Microsoft and Apple. According to annotations to the slides by the Washington Post, the new material shows how the FBI 'deploys government equipment on private company property to retrieve matching information from a participating company, such as Microsoft or Yahoo and pass it without further review to the NSA'. The new slides underline the scale of the Prism operation, recording that on 5 April there were 117,675 active surveillance targets in the programme's database. They also explain Prism's ability to gather real-time information on live voice, text, email or internet chat services, as well as to analyse stored data. The 41-slide PowerPoint was leaked by the former NSA contractor Edward Snowden to the Guardian and Washington Post, with both news organizations publishing a selection of the slides on 6 June. The revelation of a top-secret programme to data-mine digital information obtained with the co-operation of the nine companies added to a storm of controversy surrounding the NSA's surveillance operations. Several of the participating companies listed on the third new slide released by the Washington Post – Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL and Apple – denied at the time of the initial publication that they had agreed to giving the NSA direct access to their systems. Google told the Guardian that it did not 'have a back door for the government to access private user data'. The new slides show how Prism interfaces with the internet companies as government agents track a new surveillance target. The process begins, one annotated slide suggests, when an NSA supervisor signs off on search terms – called 'selectors' – used for each target. Analysts are tasked with ensuring that the target is by 'reasonable belief' of at least 51% confidence likely to be a foreign national who is not within the US at the time of data collection. The internal NSA supervision is the only check of the analysts' determination; a further layer of supervision is added with stored communications, where the FBI checks against its own database to filter out known Americans. There is also broad authorization by federal judges in the secret Foreign Intelligence Surveillance Court, which the new slides refer to as 'Special FISA Oversight and Processing'. But this is of a generic nature and not made on an individual warrant basis. The data is intercepted by the FBI's 'Data Intercept Technology Unit', the new slides suggest. From there it can be analysed by the FBI itself, or can be passed to the CIA 'upon request'."
Washington Post releases four new slides from NSA's Prism presentation
Washington Post, 30 June 2013

"The head of the European Parliament has demanded 'full clarification' from the US over a report that key EU premises in America have been bugged. Martin Schultz said that if this was true, it would have a 'severe impact' on ties between the EU and the US. The report, carried by Germany's Der Spiegel magazine, cites a secret 2010 document alleging that the US spied on EU offices in New York and Washington. Fugitive ex-CIA analyst Edward Snowden leaked the paper, Der Spiegel says. Mr Snowden - a former contractor for the CIA and also the National Security Agency (NSA) - has since requested asylum in Ecuador. According to the document - which Der Spiegel says comes from the NSA - the agency spied on EU internal computer networks in Washington and at the 27-member bloc's UN office in New York. The document also allegedly referring to the EU as a 'target'. It is not known what information US spies might have got, but details of European positions on to trade and military matters would have been useful to those involved in negotiations between Washington and European governments, the BBC's Stephen Evans says. In a statement on Saturday, Mr Shultz said: 'On behalf of the European Parliament, I demand full clarification and require further information speedily from the US authorities with regard to these allegations.' Der Spiegel also quotes Luxembourg Foreign Minister Jean Asselborn as saying: 'If these reports are true, it's disgusting. The United States would be better off monitoring its secret services rather than its allies.' The US government has so far made no public comments on the Spiegel's report."
EU concern over Der Spiegel claim of US spying
BBC Online, 30 June 2013

"The latest reports of NSA snooping on Europe – and on Germany in particular – went well beyond previous revelations of electronic spying said to be focused on identifying suspected terrorists, extremists and organised criminals. The German publication Der Spiegel reported that it had seen documents and slides from the NSA whistleblower Edward Snowden indicating that US agencies bugged the offices of the EU in Washington and at the United Nations in New York. They are also accused of directing an operation from Nato headquarters in Brussels to infiltrate the telephone and email networks at the EU's Justus Lipsius building in the Belgian capital, the venue for EU summits and home of the European council. Without citing sources, the magazine reported that more than five years ago security officers at the EU had noticed several missed calls apparently targeting the remote maintenance system in the building that were traced to NSA offices within the Nato compound in Brussels....There were calls from MEPs for Herman Van Rompuy, the president of the European council – who has his office in the building allegedly targeted by the US – and José Manuel Barroso, the president of the European commission, to urgently appear before the chamber to explain what steps they were taking in response to the growing body of evidence of US and British electronic surveillance of Europe through the Prism and Tempora operations."
Key US-EU trade pact under threat after more NSA spying allegations
Guardian, 30 June 2013

"America's NSA intelligence service allegedly targeted the European Union with its spying activities. According to SPIEGEL information, the US placed bugs in the EU representation in Washington and infiltrated its computer network. Cyber attacks were also perpetrated against Brussels in New York and Washington. Information obtained by SPIEGEL shows that America's National Security Agency (NSA) not only conducted online surveillance of European citizens, but also appears to have specifically targeted buildings housing European Union institutions. The information appears in secret documents obtained by whistleblower Edward Snowden that SPIEGEL has in part seen. A "top secret" 2010 document describes how the secret service attacked the EU's diplomatic representation in Washington. The document suggests that in addition to installing bugs in the building in downtown Washington, DC, the European Union representation's computer network was also infiltrated. In this way, the Americans were able to access discussions in EU rooms as well as emails and internal documents on computers. The attacks on EU institutions show yet another level in the broad scope of the NSA's spying activities. For weeks now, new details about Prism and other surveillance programs have been emerging from what had been compiled by whistleblower Snowden. It has also been revealed that the British intelligence service GCHQ operates a similar program under the name Tempora with which global telephone and Internet connections are monitored..... The documents also indicate the US intelligence service was responsible for an electronic eavesdropping operation in Brussels. A little over five years ago, EU security experts noticed several telephone calls that were apparently targeting the remote maintenance system in the Justus Lipsius Building, where the EU Council of Ministers and the European Council are located. The calls were made to numbers that were very similar to the one used for the remote administration of the building's telephone system. Security officials managed to track the calls to NATO headquarters in the Brussels suburb of Evere. A precise analysis showed that the attacks on the telecommunications system had originated from a building complex separated from the rest of the NATO headquarters that is used by NSA experts. A review of the remote maintenance system showed that it had been called and reached several times from precisely that NATO complex."
Attacks from America: NSA Spied on European Union Offices
Spiegel, 29 June 2013

"It now seems the two spy agencies, GCHQ via the Tempora project and NSA via Prism, cynically swap data in which each respects the letter of the law in protecting the rights of its own people, but then lets the other do the snooping on its own population. Hague in his most panglossian mood brushed aside all criticisms, without even so much as mentioning Prism or Tempora at all, claiming that all surveillance operations were subject to ministerial warrant. It now emerges that some of these warrants give a generalised power to engage in spying. He also referred to oversight by the Commons Intelligence Sevices Committee. This is a pure facade. All its mambers are chosen by the PM, they only know about what MI5/6 deign to tell them, they report to the PM not to Parliament, and the PM only publishes their reports if he chooses to, and after editing them in any way he wants without anyone else knowing what may have been deleted or added. Some oversight. Because the level of public scrutiny is feeble, as is the right of redress, the securitocracy will inevitably push their powers beyond any acceptable limit. But until there is proper and trustworthy public scrutiny there will be no democratic support for the spooks. The answer to the threat of Muslim plots is a fundamental change in foreign policy towards the Middle East, not mass surveillance of the captive population in the West."
Edward Snowden fugitive saga is distracting attention away from real unanswered issues
Michael Meacher MP » Blog Archive » 29 June 2013

"In May 2010, I received a brown envelope. In it was a CD with an encrypted file containing six months of my life. Six months of metadata, stored by my cellphone provider, T-Mobile. This list of metadata contained 35,830 records. That’s 35,830 times my phone company knew if, where and when I was surfing the Web, calling or texting. The truth is that phone companies have this data on every customer. I got mine because, in 2009, I filed a suit against T-Mobile for the release of all the data on me that had been gathered and stored. The reason this information had been preserved for six months was because of Germany’s implementation of a 2006 European Union directive. All of this data had to be kept so that law enforcement agencies could gain access to it. That meant that the metadata of 80 million Germans was being stored, without any concrete suspicions and without cause. This 'preventive measure' was met with huge opposition in Germany. Lawyers, journalists, doctors, unions and civil liberties activists started to protest. In 2008, almost 35,000 people signed on to a constitutional challenge to the law. In Berlin, tens of thousands of people took to the streets to protest data retention. In the end, the Constitutional Court ruled that the implementation of the European Union directive was, in fact, unconstitutional. In Germany, whenever the government begins to infringe on individual freedom, society stands up. Given our history, we Germans are not willing to trade in our liberty for potentially better security. Germans have experienced firsthand what happens when the government knows too much about someone. In the past 80 years, Germans have felt the betrayal of neighbors who informed for the Gestapo and the fear that best friends might be potential informants for the Stasi. Homes were tapped. Millions were monitored. Although these two dictatorships, Nazi and Communist, are gone and we now live in a unified and stable democracy, we have not forgotten what happens when secret police or intelligence agencies disregard privacy. It is an integral part of our history and gives young and old alike a critical perspective on state surveillance systems.... Together with Zeit Online, the online edition of the weekly German newspaper Die Zeit, I published an infographic of six months of my life for all to see. With these 35,830 pieces of data, you can follow my travels across Germany, you can see when I went to sleep and woke up, a trail further enriched with public information from my social networking sites: six months of my life viewable for everybody to see what exactly is possible with 'just metadata.'... My records revealed the movements of a single individual; now imagine if you had access to millions of similar data sets. You could easily draw maps, tracing communication and movement. You could see which individuals, families or groups were communicating with one another. You could identify any social group and determine its major actors. All of this is possible without knowing the specific content of a conversation, just technical information — the sender and recipient, the time and duration of the call and the geolocation data....When courts and judges negotiate secretly, when direct data transfers occur without limits, when huge data storage rather than targeted pursuit of individuals becomes the norm, all sense of proportionality and accountability is lost."
Germans Loved Obama. Now We Don’t Trust Him.
New York Times, 29 June 2013

"Were you under the impression that your credit card transactions are private? If so, I am sorry to burst your bubble. As you will see below, there are actually multiple government agencies that are gathering and storing records of your credit card transactions. And in turn, those government agencies share that information with other government agencies that want it. So if you are making a purchase that you don't want anyone to know about, don't use a credit card. This is one of the reasons why the government hates cash so much. It is just so hard to track. In this day and age, the federal government seems to be absolutely obsessed with gathering as much information about all of us as it possibly can. But there is one big problem. What they are doing directly violates the U.S. Constitution. For those that are not familiar with it, the following is what the Fourth Amendment actually says: 'The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.' Unfortunately, the Fourth Amendment is essentially dead at this point. The federal government is investigating all of us and gathering information on all of us all day, every day without end. Many Americans have never even heard of the Consumer Financial Protection Bureau, but Judicial Watch has discovered that they are spending millions of dollars to collect and analyze our financial transactions... 'Judicial Watch announced today that it has obtained records from the Consumer Financial Protection Bureau (CFPB) revealing that the agency has spent millions of dollars for the warrantless collection and analysis of Americans’ financial transactions. The documents also reveal that CFPB contractors may be required to share the information with 'additional government entities.''
Michael Snyder - Multiple Government Agencies Are Keeping Records Of Your Credit Card Transactions
The Economic Collapse (Blog), 28 June 2013

"A review of top-secret NSA documents suggests that the surveillance agency still collects and sifts through large quantities of Americans' online data – despite the Obama administration's insistence that the program that began under Bush ended in 2011. Shawn Turner, the Obama administration's director of communications for National Intelligence, told the Guardian that 'the internet metadata collection program authorized by the Fisa court was discontinued in 2011 for operational and resource reasons and has not been restarted.' But the documents indicate that the amount of internet metadata harvested, viewed, processed and overseen by the Special Source Operations (SSO) directorate inside the NSA is extensive. While there is no reference to any specific program currently collecting purely domestic internet metadata in bulk, it is clear that the agency collects and analyzes significant amounts of data from US communications systems in the course of monitoring foreign targets. On December 26 2012, SSO announced what it described as a new capability to allow it to collect far more internet traffic and data than ever before. With this new system, the NSA is able to direct more than half of the internet traffic it intercepts from its collection points into its own repositories. One end of the communications collected are inside the United States. The NSA called it the 'One-End Foreign (1EF) solution'. It intended the program, codenamed EvilOlive, for 'broadening the scope'; of what it is able to collect. It relied, legally, on 'AA Authority', a reference to the 2008 Fisa Amendments Act that relaxed surveillance restrictions. This new system, SSO stated in December, enables vastly increased collection by the NSA of internet traffic. 'The 1EF solution is allowing more than 75% of the traffic to pass through the filter,' the SSO December document reads. 'This milestone not only opened the aperture of the access but allowed the possibility for more traffic to be identified, selected and forwarded to NSA repositories.' It continued: 'After the EvilOlive deployment, traffic has literally doubled.' The scale of the NSA's metadata collection is highlighted by references in the documents to another NSA program, codenamed ShellTrumpet....A substantial portion of the internet metadata still collected and analyzed by the NSA comes from allied governments, including its British counterpart, GCHQ. An SSO entry dated September 21, 2012, announced that 'Transient Thurible, a new Government Communications Head Quarters (GCHQ) managed XKeyScore (XKS) Deep Dive was declared operational.' The entry states that GCHQ 'modified' an existing program so the NSA could 'benefit' from what GCHQ harvested. 'Transient Thurible metadata [has been] flowing into NSA repositories since 13 August 2012,' the entry states."
How the NSA is still harvesting your online data
Guardian, 27 June 2013

"The Guardian has reported on a new leaked document which reveals that from 2001 until 2011 the US government was collecting e-mail metadata en masse. That program shut down two years ago, but there's also evidence of other ongoing 'big data' digging into e-mails. There are some key differences between this massive metadata collection and the collection of telephony data revealed earlier this month. First, the e-mail collection is supposed to only occur when there is at least one foreign communicant, while the phone call metadata is collected on US-to-US calls as well. Second, the Obama administration has said the bulk collection of e-mail metadata, a program which went by the name Stellar Wind, ended in 2011. The collection of telephone metadata is ongoing. That metadata includes the names on the 'To,' 'From,' and 'BCC' lines of every e-mail. It also includes the Internet protocol (IP) addresses, which show the physical location of most e-mail users. Given the way e-mail works, such metadata could reveal a huge amount of information about the user: not just who they're e-mailing, but where they are, what they're reading and sharing, and what kind of ads they might be responding to."
New leak shows NSA harvests To, From, and BCC lines of e-mail data
ArsTechnica, 27 June 2013

"The Obama administration for more than two years permitted the National Security Agency to continue collecting vast amounts of records detailing the email and internet usage of Americans, according to secret documents obtained by the Guardian. The documents indicate that under the program, launched in 2001, a federal judge sitting on the secret surveillance panel called the Fisa court would approve a bulk collection order for internet metadata 'every 90 days'. A senior administration official confirmed the program, stating that it ended in 2011. The collection of these records began under the Bush administration's wide-ranging warrantless surveillance program, collectively known by the NSA codename Stellar Wind. According to a top-secret draft report by the NSA's inspector general – published for the first time today by the Guardian – the agency began 'collection of bulk internet metadata' involving 'communications with at least one communicant outside the United States or for which no communicant was known to be a citizen of the United States'. Eventually, the NSA gained authority to 'analyze communications metadata associated with United States persons and persons believed to be in the United States', according to a 2007 Justice Department memo, which is marked secret.... The internet metadata of the sort NSA collected for at least a decade details the accounts to which Americans sent emails and from which they received emails. It also details the internet protocol addresses (IP) used by people inside the United States when sending emails – information which can reflect their physical location. It did not include the content of emails. 'The internet metadata collection program authorized by the Fisa court was discontinued in 2011 for operational and resource reasons and has not been restarted,' Shawn Turner, the Obama administration's director of communications for National Intelligence, said in a statement to the Guardian. 'The program was discontinued by the executive branch as the result of an interagency review,' Turner continued. He would not elaborate further. But while that specific program has ended, additional secret NSA documents seen by the Guardian show that some collection of Americans' online records continues today. In December 2012, for example, the NSA launched one new program allowing it to analyze communications with one end inside the US, leading to a doubling of the amount of data passing through its filters.... In reality, it is hard to distinguish email metadata from email content. Distinctions that might make sense for telephone conversations and data about those conversations do not always hold for online communications. 'The calls you make can reveal a lot, but now that so much of our lives are mediated by the internet, your IP [internet protocol] logs are really a real-time map of your brain: what are you reading about, what are you curious about, what personal ad are you responding to (with a dedicated email linked to that specific ad), what online discussions are you participating in, and how often?' said Julian Sanchez of the Cato Institute. 'Seeing your IP logs – and especially feeding them through sophisticated analytic tools – is a way of getting inside your head that's in many ways on par with reading your diary,' Sanchez added. The purpose of this internet metadata collection program is detailed in the full classified March 2009 draft report prepared by the NSA's inspector general (IG). One function of this internet record collection is what is commonly referred to as 'data mining', and which the NSA calls 'contact chaining'. The agency 'analyzed networks with two degrees of separation (two hops) from the target', the report says. In other words, the NSA studied the online records of people who communicated with people who communicated with targeted individuals."
NSA collected US email records in bulk for more than two years under Obama
Guardian, 27 June 2013

"When the city of San Leandro, Calif., purchased a license-plate reader for its police department in 2008, computer security consultant Michael Katz-Lacabe asked the city for a record of every time the scanners had photographed his car. The results shocked him. The paperback-size device, installed on the outside of police cars, can log thousands of license plates in an eight-hour patrol shift. Katz-Lacabe said it had photographed his two cars on 112 occasions, including one image from 2009 that shows him and his daughters stepping out of his Toyota Prius in their driveway. That photograph, Katz-Lacabe said, made him 'frightened and concerned about the magnitude of police surveillance and data collection.' The single patrol car in San Leandro equipped with a plate reader had logged his car once a week on average, photographing his license plate and documenting the time and location. At a rapid pace, and mostly hidden from the public, police agencies throughout California have been collecting millions of records on drivers and feeding them to intelligence fusion centers operated by local, state and federal law enforcement. With heightened concern over secret intelligence operations at the National Security Agency, the localized effort to track drivers highlights the extent to which the government has committed to collecting large amounts of data on people who have done nothing wrong....Then-California state Sen. Joe Simitian, D-Palo Alto, introduced a bill last year that would have required California police to purge license-plate data after 60 days and applied that rule to companies that collect such data. Law enforcement and private businesses involved in the technology resisted, and the bill died. 'Do we really want to maintain a database that tracks personal movements of law-abiding citizens in perpetuity? That’s the fundamental question here,' said Simitian, now a Santa Clara County supervisor. 'Larger and larger amounts of data collected over longer periods of time provide a very detailed look at the personal movements of private citizens.''
License-plate readers let police collect millions of records on drivers
Centre for Investigative Reporting, 26 June 2013

"Wolfgang Schmidt was seated in Berlin’s 1,200-foot-high TV tower, one of the few remaining landmarks left from the former East Germany. Peering out over the city that lived in fear when the communist party ruled it, he pondered the magnitude of domestic spying in the United States under the Obama administration. A smile spread across his face. 'You know, for us, this would have been a dream come true,' he said, recalling the days when he was a lieutenant colonel in the defunct communist country’s secret police, the Stasi. In those days, his department was limited to tapping 40 phones at a time, he recalled. Decide to spy on a new victim and an old one had to be dropped, because of a lack of equipment. He finds breathtaking the idea that the U.S. government receives daily reports on the cellphone usage of millions of Americans and can monitor the Internet traffic of millions more. 'So much information, on so many people,' he said. East Germany’s Stasi has long been considered the standard of police state surveillance during the Cold War years, a monitoring regime so vile and so intrusive that agents even noted when their subjects were overheard engaging in s*xual intercourse. Against that backdrop, Germans have greeted with disappointment, verging on anger, the news that somewhere in a U.S. government databank are the records of where millions of people were when they made phone calls or what video content they streamed on their computers in the privacy of their homes. Even Schmidt, 73, who headed one of the more infamous departments in the infamous Stasi, called himself appalled. The dark side to gathering such a broad, seemingly untargeted, amount of information is obvious, he said. 'It is the height of naivete to think that once collected this information won’t be used,' he said. 'This is the nature of secret government organizations. The only way to protect the people’s privacy is not to allow the government to collect their information in the first place.'... 'Everyone knows that gathering so much information is bullshit,' said Reinhard Weisshuhn, a political activist and foreign policy adviser. 'It’s a total breach of trust by the government. This is how a society destroys itself.' For 15 years, the Stasi tracked Weisshuhn’s every move and conversation. His Stasi file, which he, like many other Stasi targets, reviewed after the Berlin Wall collapsed, ran to 9,000 pages....Weisshuhn shares a common German perception on the scandal: Snowden, who’s been charged under the Espionage Act for leaking news of the domestic spying, isn’t the bad guy. 'In our case, we thought we were being paranoid until we saw what they’d gathered and realized we’d been naive,' Weisshuhn said. 'Here, it’s not the whistle-blower who is wrong, it’s the gathering of information.' Germans, especially those raised in the east, are unconvinced by arguments that the sweeping collection of information is used only to track terrorists. The assertions by U.S. officials that unspecified attacks have been thwarted don’t persuade them, either. They haven’t forgotten the fear of living under a government that used vague threats to justify blanket spying. In East Germany, the threats came under the banner of disloyalty to socialist ideals. In the United States, the monitoring programs come under the banner of anti-terrorism."
Memories of Stasi color Germans’ view of U.S. surveillance programs
McClatchy, 26 June 2013

"The German government has expressed its rising anger over Britain's monitoring of global phone and internet traffic and has directly challenged the legality of the controversial surveillance project. On Tuesday, justice minister Sabine Leutheusser-Schnarrenberger sent two letters to the British justice secretary, Chris Grayling, and the home secretary, Theresa May, demanding to know the extent to which German citizens have been targeted and warning that democracy could not flourish when states employ a 'veil of secrecy' to obscure their actions. Describing the revelations over GCHQ's surveillance operation as 'like a Hollywood nightmare', Leutheusser-Schnarrenberger asked for clarification of the legal basis for Project Tempora and demanded to know whether the programme has been authorised by any judicial authority, according to the Guardian. She also asked for information on the specific nature of data that was collected and whether 'concrete suspicions' triggered the data collection. 'I feel that these issues must be raised in a European Union context at minister's level and should be discussed in the context of ongoing discussions on the EU data protection regulation,' Ms Leutheusser-Schnarrenberger wrote. The move by the Germany government to highlight its discomfort over the actions of GCHQ is the first time Britain has been asked to publicly justify its mass surveillance operation....William Hague, meanwhile, has shrugged off criticism, saying Britain should have nothing but pride in its 'indispensable' intelligence-sharing relationship with the US. But condemnation of the practice continues, with a senior Conservative warning British intelligence agencies had 'violated the rights' of the public if they have handed personal information to the US without proper legal checks. David Davis accused GCHQ of circumventing 'inconvenient laws' by handing information to the US. Writing in The Guardian, he said: 'As the Prism controversy has exposed, there is nothing to stop GCHQ from handing over our personal information to US security services so they can pick through it at will.' He said such actions 'would constitute an extremely serious violation of the rights and freedoms of British citizens'. The British inventor of the world wide web, Sir Tim Berners-Lee, also waded into the controversy yesterday, accusing the West of hypocrisy and questioning the ability of governments to keep the personal data they have collected safe.... Documents disclosed by the American whistle-blower Edward Snowden suggest that the intelligence agency accessed fibre-optic cables. The agency is said to be able to tap into and store data from the cables for up to 30 days for analysis under an operation code-named Tempora. GCHQ is also said to have accessed information about British citizens via the US National Security Agency's secret Prism monitoring programme."
Germany demands answers from Britain over GCHQ surveillance
Telegraph, 26 June 2013

"The secretive parts of the British State are slowly being exposed to the light, and it’s a pretty ugly vista. Today we learn that over 8,900 political activists are being monitored by a secret police organisation called the National Domestic Extremism Unit within the Met. Apparently it uses surveillance techniques, paid informers, intercepts and under-cover police operations against these so-called ‘domestic extremists’. One might have thought that Britain was in the throes of revolution, yet senior officers have admitted that many of those listed on the secret database had no criminal record. So who are these ‘extremists’? Apart from far-right racists in the EDL, the list includes anti-capitalist and anti-war demonstrators, animal rights protesters, and environmental campaigners. One was an 88-year old pensioner. Leaving aside the tiny violent fringe, is this really a sensible priority for police time? Is it morally or even legally proper for police to spy on legitimate political protest at all? The trouble with secret power in all societies, even in relatively stable countries like Britain, is that it always becomes perverted. Only a perverted police force would secretly try to dig up ‘dirt’ against the Lawrence family after a horrifying murder – not protecting citizens against attack, but protecting the police themselves against scrutiny of their failure (or unwillingness) to discover the killers. .... The real problem with secret power is that, allowed to operate outside the bounds of regular open accountability, it readily strays into areas that were never sanctioned. Surveillance was intended to detect spies, criminals and those who threaten violence, not to spy on foreign representatives of friendly countries attending international conferences like the G20. ‘National security’, always a panjandrum phrase concealing a multitude of sins, was never meant to be used to facilitate industrial espionage.... Whether it is police spying that is out of control or GCHQ’s Tempora project of indiscriminate mass surveillance which has comprehensively breached privacy rights and civil liberties, there is an urgent need now for an independent commission of inquiry – not Cameron’s merely extending the scope of existing internal police inquiries – into the ethics and standards of policing as much as, if not more than, in the case of the banks."
Time for a full public inquiry into standards & ethics of policing
Michael Meacher MP » Blog Archive » 26 June 2013

"Sir Tim Berners-Lee has said his invention of the world wide web should be safeguarded from being controlled by governments or large corporations. The computer scientist's words of warning came as he and five colleagues were recognised by the Queen for their pioneering work in helping to create the internet. Berners-Lee, Robert Kahn, Vint Cerf and Louis Pouzin were jointly awarded the inaugural £1m Queen Elizabeth prize for engineering during a glittering Buckingham Palace reception attended by David Cameron, Nick Clegg and Ed Miliband. Their work in establishing first the internet, a network of interconnected computer systems, then interlinked web pages accessed via the internet has revolutionised communication. The Queen described how their achievements had completely changed aspects of modern life and hailed engineering as the 'noble profession.'"
Tim Berners-Lee: internet freedom must be safeguarded
Guardian, 26 June 2013

"Most voters think the National Security Agency is likely to have violated one of the country’s most cherished constitutional standards – the checks and balances between the three branches of government – by spying on the private communications of Congress and judges. The latest Rasmussen Reports national telephone survey finds that 72% of Likely U.S. Voters think it is at least somewhat likely that the NSA has monitored the private communications of Congress, military leaders and judges. That includes 45% who believe it is Very Likely. This concern takes on even more significance given that 57% of voters believe it is likely the NSA data will be used by other government agencies to harass political opponents. Most Republicans, Democrats and unaffiliated voters all think the NSA is likely to have monitored those in the other branches of the government. Most unaffiliated voters (56%) and those in the GOP (50%) consider it Very Likely. Thirty-two percent (32%) of those in President Obama’s party (32%) share that view.... Despite the president’s assurance that 'nobody is listening to your telephone calls,' 68% believe it is likely that 'government agencies are listening in on private conversations of American citizens.''
72% Think NSA May Have Monitored Congress, Military Leaders, Judges
Rasmussen Reports, 26 June 2013

"Britain's intelligence agencies are only subject to the law 'in theory', raising the prospect of an 'extremely serious violation' of the rights of British citizens over the use of personal data, the former Tory leadership contender David Davis has warned. In a Guardian article, Davis accuses the GCHQ eavesdropping centre of circumventing 'inconvenient laws' in Britain by handing over personal information to the US that is examined 'at will' by its security services. The former shadow home secretary, who triggered a parliamentary byelection on the issue of civil liberties in 2008, issues his warning in his first newspaper article about Britain's intelligence agencies since Edward Snowden leaked details of the Prism programme to the Guardian. Davis writes: 'As the Prism controversy has exposed, there is nothing to stop GCHQ from handing over our personal information to US security services so they can pick through it at will. What is more, they appear to have been doing so on a large scale. Like Google sending its money offshore to avoid taxes, our intelligence agencies can send our personal data abroad to get around inconvenient laws at home.' The former frontbencher says the US authorities, which have to abide by strict laws on the data of US citizens, do not need to make any distinction between citizens of allied and enemy countries: 'They can treat information regarding British citizens like that of North Koreans, Syrians or Iranians. If GCHQ has indeed been sending personal data to the US to be mined in this way, it would constitute a extremely serious violation of the rights and freedoms of British citizens.'...He writes: 'To make sure they remain accountable, and their methods acceptable in a free society, our security services must operate within a clearly defined legal framework. We cannot expect James Bond to behave like Mother Theresa. That is why there must be clear limits to the spies' powers. It is inevitable that any big bureaucracy – government departments or agencies – will at some point misuse the powers it has and the data it holds. This is especially true when that bureaucracy is coming under a very public attack and is forced to defend itself.' Davis is speaking out after he challenged the foreign secretary, William Hague, during his parliamentary statement on 10 June, in the wake of the Guardian's revelations that GCHQ had benefited from the Prism programme, over the lack of protection for overseas citizens under US law."
David Davis warns that spy agencies are only subject to law 'in theory'
Guardian, 25 June 2013

"It is inevitable that any big bureaucracy – government departments or agencies – will at some point misuse the powers it has and the data it holds. This is especially true when that bureaucracy is coming under a very public attack and is forced to defend itself. Take the Metropolitan police, for example. Yesterday a former undercover police officer revealed that, shortly after the racist murder of Stephen Lawrence in 1993, he was asked by Scotland Yard – already being accused of racism – to find information that would discredit the grieving family's campaign in the eyes of the press and public."
David Davis - Don't expect James Bond to act like Mother Teresa
Guardian, 25 June 2013

"Few can possibly doubt the bravery of undercover agents who put themselves in great danger to expose criminal activity or terrorist plots. But when the same techniques are used to spy on political organisations or campaign groups, they do not appear quite so heroic – though they might be just as risky. And allegations this week that a covert Metropolitan Police unit tried to collect 'dirt' on the family of the murdered black teenager Stephen Lawrence have revived the controversy over the extent of such secret activity. The worries began with the extraordinary story of Mark Kennedy, a police officer who lived among climate change campaigners and had several relationships with women on whom he spied, one of which lasted six years. Three senior judges later found that Kennedy might have acted as an agent provocateur. More recently, there have been revelations about how the identities of dead children were used by officers on clandestine missions, in an echo of The Day of the Jackal. This practice, described as 'ghoulish and disrespectful' by a Commons select committee, is still the subject of an internal investigation. Undercover operations against groups planning protests at international summits have also been criticised. The impression has developed of a widespread and largely unaccountable secret network, operating in a netherworld beyond the control of senior officers and with legal authority that is ambiguous to say the least. But is this fair? If the alleged smear campaign against the Lawrences did indeed take place, then most people will consider that to have been reprehensible. ... bosses are often kept in the dark: to ensure the safety of the officers involved, undercover work must be conducted on a need-to-know basis, with as few people as possible in the loop. Yet this also means that the rules under which it takes place must be clear – and that has not been true for many years. Over time, a bewildering variety of groups tasked with clandestine investigations has grown up, all with varying lines of accountability. They include the Special Demonstration Squad (SDS), a unit within the Met’s Special Branch, whose job is to prevent violent public disorder on the streets of the capital. Originally established to combat demonstrations against the Vietnam War in 1968, it was funded by the Home Office for 40 years and was allegedly so secretive that even senior officers were unaware of its existence. It was recently replaced by the National Public Order Intelligence Unit (NPOIU), which also targets subversives and political extremists."
Who’s keeping tabs on the undercover cops?
Telegraph, 24 June 2013

"'If you are a law-abiding citizen of this country, going about your business and your personal life, you have nothing to fear.' That's how William Hague, the foreign secretary, responded to the revelations of mass surveillance in the US and the UK. Try telling that to Stephen Lawrence's family. Four police officers were deployed to spy on the family and friends of the black teenager murdered by white racists. The Lawrences and the people who supported their fight for justice were law-abiding citizens going about their business. Yet undercover police were used, one of the spies now tells us, to hunt for 'disinformation' and 'dirt'. Their purpose? 'We were trying to stop the campaign in its tracks.'... The two unfolding spy stories resonate powerfully with each other. One, gathered by Paul Lewis and Rob Evans, shows how police surveillance has been comprehensively perverted. Instead of defending citizens and the public realm, it has been used to protect the police from democratic scrutiny and stifle attempts to engage in politics. The other, arising from the documents exposed by Edward Snowden, shows that the US and the UK have been involved in the mass interception of our phone calls and use of the internet. William Hague insists that we should 'have confidence in the work of our intelligence agencies, and in their adherence to the law and democratic values'. Why? Here are a few of the things we have learned about undercover policing in Britain. A unit led by a policeman called Bob Lambert deployed officers to spy on peaceful activists. They adopted the identities of dead children and then infiltrated protest groups. Nine of the 11 known spies formed long-term relationships with women in the groups, in some cases (including Lambert's) fathering children with them. Then they made excuses and vanished. They left a trail of ruined lives, fatherless children and women whose confidence and trust have been wrecked beyond repair. They have also walked away from other kinds of mayhem. On Friday we discovered that Lambert co-wrote the leaflet for which two penniless activists spent three years in the high court defending a libel action brought by McDonald's. The police never saw fit to inform the court that one of their own had been one of the authors. Bob Lambert has been accused of using a false identity during a criminal trial. And, using parliamentary privilege, the MP Caroline Lucas alleged that he planted an incendiary device in a branch of Debenhams while acting as an agent provocateur. The device exploded, causing £300,000 of damage. Lambert denies the allegation. Police and prosecutors also failed to disclose, during two trials of climate-change activists, that an undercover cop called Mark Kennedy had secretly taped their meetings, and that his recordings exonerated the protesters. Twenty people were falsely convicted. Those convictions were later overturned. If the state is prepared to abuse its powers and instruments so widely and gravely in cases such as this, where there is a high risk of detection, and if it is prepared to intrude so far into people's lives that its officers live with activists and father their children, what is it not prepared to do while spying undetectably on our private correspondence? Already we know that electronic surveillance has been used in this country for purposes other than the perennial justifications of catching terrorists, foiling foreign spies and preventing military attacks. It was deployed, for example, to spy on countries attending the G20 meeting the UK hosted in 2009. If the government does this to other states, which might have the capacity to detect its spying and which certainly have the means to object to it, what is it doing to defenceless citizens? It looks as if William Hague may have misled parliament a fortnight ago. He claimed that 'to intercept the content of any individual's communications in the UK requires a warrant signed personally by me, the home secretary, or by another secretary of state'. We now discover that these ministers can also issue general certificates, renewed every six months, which permit mass interception of the kind that GCHQ has been conducting. Among the certificates issued to GCHQ is a 'global' one authorising all its operations, including the trawling of up to 600m phone calls and 39m gigabytes of electronic information a day. A million ministers, signing all day, couldn't keep up with that."
How can we invest our trust in a government that spies on us?
Guardian, 24 June 2013

"Barclays Bank is to sell data on the spending habits of millions of its current and savings account customers to third parties. The bank has written to customers to tell them it is going to package together ‘information about the transactions on your account’ to compile reports on spending trends across Britain. The data could then be sold on other companies or government departments. It comes as civil liberties organisation Big Brother Watch released details today of a poll, which showed three quarters of people around the globe are concerned about their privacy online. The poll of over 10,000 individuals across nine countries including the UK, German and France carried out by ComRe also found 41 per cent of people felt consumers were being harmed by big companies gathering large amounts of personal data for internal use."
Barclays tells customers it will sell their spending habits as poll finds growing public concern about online privacy
This Is Money, 24 June 2013

"The debate over the U.S. government’s monitoring of digital communications suggests that Americans are willing to allow it as long as it is genuinely targeted at terrorists. What they fail to realize is that the surveillance systems are best suited for gathering information on law-abiding citizens. People concerned with online privacy tend to calm down when told that the government can record their calls or read their e-mail only under special circumstances and with proper court orders. The assumption is that they have nothing to worry about unless they are terrorists or correspond with the wrong people. The infrastructure set up by the National Security Agency, however, may only be good for gathering information on the stupidest, lowest-ranking of terrorists. The Prism surveillance program focuses on access to the servers of America’s largest Internet companies, which support such popular services as Skype, Gmail and iCloud. These are not the services that truly dangerous elements typically use. In a January 2012 report titled 'Jihadism on the Web: A Breeding Ground for Jihad in the Modern Age,' the Dutch General Intelligence and Security Service drew a convincing picture of an Islamist Web underground centered around 'core forums.' These websites are part of the Deep Web, or Undernet, the multitude of online resources not indexed by commonly used search engines. The Netherlands’ security service, which couldn’t find recent data on the size of the Undernet, cited a 2003 study from the University of California at Berkeley as the 'latest available scientific assessment.' The study found that just 0.2 percent of the Internet could be searched. The rest remained inscrutable and has probably grown since. In 2010, Google Inc. said it had indexed just 0.004 percent of the information on the Internet.... Similarly, monitoring phone calls is hardly the way to catch terrorists. They’re generally not dumb enough to use Verizon. Granted, Russia’s special services managed to kill Chechen separatist leader Dzhokhar Dudayev with a missile that homed in on his satellite-phone signal. That was in 1996. Modern-day terrorists are generally more aware of the available technology. At best, the recent revelations concerning Prism and telephone surveillance might deter potential recruits to terrorist causes from using the most visible parts of the Internet. Beyond that, the government’s efforts are much more dangerous to civil liberties than they are to al-Qaeda and other organizations like it."
U.S. Surveillance Is Not Aimed at Terrorists
Bloomberg, 23 June 2013

"Britain's European partners have described reports of Britain's surveillance of international electronic communications as a catastrophe and will seek urgent clarification from London. Sabine Leutheusser-Schnarrenberger, the German justice minister said the report in the Guardian read like the plot of a film. 'If these accusations are correct, this would be a catastrophe,' Leutheusser-Schnarrenberger said in a statement to Reuters. 'The accusations against Great Britain sound like a Hollywood nightmare. The European institutions should seek straight away to clarify the situation.' Britain's Tempora project enables it to intercept and store immense volumes of British and international communications for 30 days. With a few months to go before federal elections, the minister's comments are likely to please Germans who are highly sensitive to government monitoring, having lived through the Stasi secret police in communist East Germany and with lingering memories of the Gestapo under the Nazis. 'The accusations make it sound as if George Orwell's surveillance society has become reality in Great Britain,' said Thomas Oppermann, floor leader of the opposition Social Democrats. Orwell's novel 1984 envisioned a futuristic security state where 'Big Brother' spied on the intimate details of people's lives. 'This is unbearable,' Oppermann told the Frankfurter Allgemeine Sonntagszeitung. 'The government must clarify these accusations and act against a total surveillance of German citizens.'"
Guardian, 22 June 2013

"It's possible to be shocked but not surprised at this blanket surveillance on a breathtaking scale. The authorities appear to be kidding themselves with a very generous interpretation of the law that cannot stand with article 8 of the European convention on human rights. 'To argue this isn't snooping because they haven't got time to read all this private information is like arguing we'd all be comfortable with our homes being raided and our private papers copied – as long as the authorities stored them in sealed plastic bags.'"
Shami Chakrabarti, director of Liberty
Guardian, 22 June 2013

"Senior figures inside British intelligence have been alarmed by GCHQ's secret decision to tap into transatlantic cables in order to engage in the bulk interception of phone calls and internet traffic. According to one source who has been directly involved in GCHQ operations, concerns were expressed when the project was being discussed internally in 2008: 'We felt we were starting to overstep the mark with some of it. People from MI5 were complaining that they were going too far from a civil liberties perspective … We all had reservations about it, because we all thought: 'If this was used against us, we wouldn't stand a chance'....The key law is the Regulation of Investigatory Powers Act 2000, Ripa, which requires the home secretary or foreign secretary to sign warrants for the interception of the communications of defined targets. But the law also allows the foreign secretary to sign certificates that authorise GCHQ to trawl for broad categories of information on condition that one end of the communication is outside the UK. According to the UK source: 'Not so long ago, this was all about attaching crocodile clips to copper wires. And it was all about voice. Now, it's about the internet – massive scale – but still using the same law that was devised for crocodile clips. Ripa was primarily designed for voice, not for this level of interception. They are going round Ripa. The legislation doesn't exist for this. They are using old legislation and adapting it.' The source claimed that even the conventional warrant system has been distorted – whereas police used to ask for a warrant before intercepting a target's communications, they will now ask GCHQ to intercept the target's communications and then use that information to seek a warrant....Beyond the detail of the operation of the programme, there is a larger, long-term anxiety, clearly expressed by the UK source: 'If there was the wrong political change, it could be very dangerous. All you need is to have the wrong government in place. It is capable of abuse because there is no independent scrutiny.'"
MI5 feared GCHQ went 'too far' over phone and internet monitoring
Observer, 22 June 2013

"Russ Tice worked as an offensive National Security Agency (NSA) agent from 2002 to 2005, before becoming a source for this Pulitzer Prize-winning New York Times article exposing NSA domestic spying. This week he appeared on the Boiling Frogs Show and detailed how he had his hands 'in the nitty-gritty, the nuts and bolts' during his 20 years as a U.S. intelligence analyst. Tice claimed that he held NSA wiretap orders targeting numerous members of the U.S. government, including one for a young senator from Illinois named Barack Obama. 'In the summer of 2004, one of the papers that I held in my hand was to wiretap a bunch of numbers associated with a forty-some-year-old senator from Illinois. You wouldn't happen to know where that guy lives now would you? It's a big White House in Washington D.C. That's who the NSA went after. That's the President of the United States now.' Tice added that he also saw orders to spy on Hillary Clinton, Senators John McCain and Diane Feinstein, then-Secretary of State Colin Powell, Gen. David Petraeus, and a current Supreme Court Justice. That sounds like a lot of abuse of the rules that govern NSA domestic spying. And that's exactly what Tice is claiming. 'The abuse is rampant and everyone is pretending that it's never happened, and it couldn't happen. ... I know [there was abuse] because I had my hands on the papers for these sorts of things: They went after high-ranking military officers; they went after members of congress — Senate and the House — especially on the intelligence committees and the armed services committees, lawyers, law firms, judges, State Department officials, part of the White House, multinational companies, financial firms, NGOs, civil rights groups ...' Tice told Sibel Edmonds' radio show that back in 2005 the NSA didn't have the processing power, infrastructure, and storage to collect everything, but a source inside the NSA today confirmed to him that increased capabilities allow the spy agency to copy 'every domestic communication in this country, word for word, content, every phone conversation, every email — they are collecting everything in bulk and putting it in databases.'... according to Tice: 'Outrageous abuses ... have happened, and it's all being kept hush hush.'"
ORIGINAL NSA WHISTLEBLOWER: I Saw The Order To Wiretap Barack Obama In 2004
Business Insider, 22 June 2013

"British spies are running an online eavesdropping operation so vast that internal documents say it even outstrips the United States’ international Internet surveillance effort, the Guardian newspaper reported Friday. The paper cited British intelligence memos leaked by former National Security Agency contractor Edward Snowden to claim that U.K. spies were tapping into the world’s network of fiber optic cables to deliver the 'biggest internet access' of any member of the Five Eyes — the name given to the espionage alliance composed of the United States, Britain, Canada, Australia, and New Zealand. That access could in theory expose a huge chunk of the world’s everyday communications — including the content of people’s emails, calls, and more — to scrutiny from British spies and their American allies. How much data the Brits are copying off the fiber optic network isn’t clear, but it’s likely to be enormous. The Guardian said the information flowing across more than 200 cables was being monitored by more than 500 analysts from the NSA and its U.K. counterpart, GCHQ. 'This is a massive amount of data!' the Guardian quoted a leaked slide as boasting. The paper said other leaked slides, including one labeled 'Collect-it-all,' gave hints as to the program’s ambition. 'Why can’t we collect all the signals all the time?' NSA chief Lt. Gen. Keith Alexander was quoted as saying in another slide. 'Sounds like a good summer project for Menwith' — a reference to GCHQ’s Menwith Hill eavesdropping site in northern England. The NSA declined to comment on Friday’s report. GCHQ also declined to comment on the report, although in an emailed statement it repeated past assurances about the legality of its actions.... The Guardian, whose revelations about America and Britain’s globe-spanning surveillance programs have reignited an international debate over the ethics of espionage, said GCHQ was using probes to capture and copy data as it crisscrossed the Atlantic between Western Europe and North America. It said that, by last year, GCHQ was in some way handling 600 million telecommunications every day — although it did not go into any further detail and it was not clear whether that meant that GCHQ could systematically record or even track all the electronic movement at once.... The Guardian said GCHQ’s probes did more than just monitor the data live; British eavesdroppers can store content for three days and metadata — information about who was talking to whom, for how long, from where, and through what medium — for 30 days. The paper quoted Snowden, the leaker, as saying that the surveillance was 'not just a US problem. The U.K. has a huge dog in this fight ... They (GCHQ) are worse than the U.S.'"
Guardian: Leaked documents expose massive UK spying operation involving 200 fiber optic cables
Associated Press, 21 June 2013

"GCHQ, Britain’s electronic eavesdropping agency, is tapping into vast numbers of emails and internet messages and is 'worse' than US spy agencies, a former American intelligence worker has said. Edward Snowden said Britain’s Government Communications Headquarters had gained access to the network of cables that transmitted international phone and internet traffic. Mr Snowden, who worked for the Central Intelligence Agency and the National Security Agency, has passed a number of documents to the Guardian newspaper in recent weeks. Among those are papers suggesting that GCHQ has programmes named Mastering the Internet and Global Telecoms Exploitation, which are focused on online and telephone communications. The documents refer to information derived from global communications networks as 'special source exploitation'. They are said to show that last year GCHQ handled 600 million 'telephone events' each day, had tapped into more than 200 fibre-optic cables and was able to process data from at least 46 of them at any one time. Mr Snowden, who has accused US intelligence agencies of violating privacy, was quoted as saying: 'It’s not just a US problem. The UK has a huge dog in this fight. They [GCHQ] are worse than the US.' "
GCHQ is a greater problem than American spies, claims intelligence whistleblower
Telegraph, 21 June 2013

"William Hague was adamant when he addressed MPs on Monday last week. In an emergency statement (video) forced by the Guardian's disclosures about GCHQ involvement with the Prism programme, the foreign secretary insisted the agency operated within a 'strong framework of democratic accountability and oversight'. The laws governing the intelligence agencies provide 'the strongest systems of checks and balances for secret intelligence anywhere in the world', he said. Leaked documents seen by the Guardian give the impression some high-ranking officials at GCHQ have a different view. In confidential briefings, one of Cheltenham's senior legal advisers, whom the Guardian will not name, made a note to tell his guests: 'We have a light oversight regime compared with the US'. The parliamentary intelligence and security committee, which scrutinises the work of the agencies, was sympathetic to the agencies' difficulties, he suggested. 'They have always been exceptionally good at understanding the need to keep our work secret,' the legal adviser said. Complaints against the agencies, undertaken by the interception commissioner, are conducted under 'the veil of secrecy'. And the investigatory powers tribunal, which assesses complaints against the agencies, has 'so far always found in our favour'. The briefings offer important glimpses into the GCHQ's view of itself, the legal framework in which it works, and, it would seem, the necessity for reassuring the UK's most important intelligence partner, the United States, that sensitive information can be shared without raising anxiety in Washington....The Tempora programme appears to have given Britain's spymasters that resource, with documents seen by the Guardian showing Britain can retain for up to 30 days an astronomical amount of unfiltered data garnered from cables carrying internet traffic.... So how did GCHQ secure the legal authority for setting up Tempora, and what safeguards are in place for sharing the intelligence with the Americans? According to the documents, the British government used Ripa to get taps on to the fibre-optic cables. These cables carry internet traffic in and out of the country and contain details of millions of emails and web searches. The information from these cables went straight into the Tempora storage programme. In one presentation, which appeared to be for US analysts from the NSA, GCHQ explained: 'Direct access to large volumes of unselected SSE data [is] collected under a Ripa warrant.' The precise arrangement between the firms is unclear, as are the legal justifications put before ministers. Isa gives GCHQ some powers for the 'passive collection' of data, including from computer networks. But it appears GCHQ has relied on paragraph four of section 8 of Ripa to gain 'external warrants' for its programmes. They allow the agency to intercept external communications where, for instance, one of the people being targeted is outside Britain. In most Ripa cases, a minister has to be told the name of an individual or company being targeted before a warrant is granted. But section 8 permits GCHQ to perform more sweeping and indiscriminate trawls of external data if a minister issues a 'certificate' along with the warrant. According to the documents, the certificate authorises GCHQ to search for material under a number of themes, including: intelligence on the political intentions of foreign governments; military postures of foreign countries; terrorism, international drug trafficking and fraud. The briefing document says such sweeping certificates, which have to be signed off by a minister, 'cover the entire range of GCHQ's intelligence production'. 'The certificate is issued with the warrant and signed by the secretary of state and sets out [the] class of work we can do under it … cannot list numbers or individuals as this would be an infinite list which we couldn't manage.' Lawyers at GCHQ speak of having 10 basic certificates, including a 'global' one that covers the agency's support station at Bude in Cornwall, Menwith Hill in North Yorkshire, and Cyprus.... In May last year, an internal GCHQ memo said it had 300 analysts working on intelligence from Tempora, and the NSA had 250. The teams were supporting 'the target discovery mission'. But the safeguards for the sharing of this information are unclear. Though GCHQ says it only keeps the content of messages for three working days, and the metadata for up to 30 days, privacy campaigners here and in the US will want to know if the NSA is adhering to the same self-imposed rules. One concern for privacy campaigners is that GCHQ and the NSA could conduct intercepts for each other, and then offer to share the information – a manoeuvre that could bypass the domestic rules they have to abide by."
The legal loopholes that allow GCHQ to spy on the world
Guardian, 21 June 2013

"Britain's spy agency GCHQ has secretly gained access to the network of cables which carry the world's phone calls and internet traffic and has started to process vast streams of sensitive personal information which it is sharing with its American partner, the National Security Agency (NSA). The sheer scale of the agency's ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. This is all being carried out without any form of public acknowledgement or debate. One key innovation has been GCHQ's ability to tap into and store huge volumes of data drawn from fibre-optic cables for up to 30 days so that it can be sifted and analysed. That operation, codenamed Tempora, has been running for some 18 months. GCHQ and the NSA are consequently able to access and process vast quantities of communications between entirely innocent people, as well as targeted suspects. This includes recordings of phone calls, the content of email messages, entries on Facebook and the history of any internet user's access to websites – all of which is deemed legal, even though the warrant system was supposed to limit interception to a specified range of targets. The existence of the programme has been disclosed in documents shown to the Guardian by the NSA whistleblower Edward Snowden as part of his attempt to expose what he has called 'the largest programme of suspicionless surveillance in human history'. 'It's not just a US problem. The UK has a huge dog in this fight,' Snowden told the Guardian. 'They [GCHQ] are worse than the US.'... Britain's technical capacity to tap into the cables that carry the world's communications – referred to in the documents as special source exploitation – has made GCHQ an intelligence superpower. By 2010, two years after the project was first trialled, it was able to boast it had the 'biggest internet access' of any member of the Five Eyes electronic eavesdropping alliance, comprising the US, UK, Canada, Australia and New Zealand. UK officials could also claim GCHQ 'produces larger amounts of metadata than NSA'. (Metadata describes basic information on who has been contacting whom, without detailing the content.) By May last year 300 analysts from GCHQ, and 250 from the NSA, had been assigned to sift through the flood of data. The Americans were given guidelines for its use, but were told in legal briefings by GCHQ lawyers: 'We have a light oversight regime compared with the US'. When it came to judging the necessity and proportionality of what they were allowed to look for, would-be American users were told it was 'your call'. The Guardian understands that a total of 850,000 NSA employees and US private contractors with top secret clearance had access to GCHQ databases. The documents reveal that by last year GCHQ was handling 600m 'telephone events' each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time. Each of the cables carries data at a rate of 10 gigabits per second, so the tapped cables had the capacity, in theory, to deliver more than 21 petabytes a day – equivalent to sending all the information in all the books in the British Library 192 times every 24 hours. And the scale of the programme is constantly increasing as more cables are tapped and GCHQ data storage facilities in the UK and abroad are expanded with the aim of processing terabits (thousands of gigabits) of data at a time. For the 2 billion users of the world wide web, Tempora represents a window on to their everyday lives, sucking up every form of communication from the fibre-optic cables that ring the world. The NSA has meanwhile opened a second window, in the form of the Prism operation, revealed earlier this month by the Guardian, from which it secured access to the internal systems of global companies that service the internet. The GCHQ mass tapping operation has been built up over five years by attaching intercept probes to transatlantic fibre-optic cables where they land on British shores carrying data to western Europe from telephone exchanges and internet servers in north America. This was done under secret agreements with commercial companies, described in one document as 'intercept partners'."
GCHQ taps fibre-optic cables for secret access to world's communications
Guardian, 21 June 2013

"GCHQ appears to have intercepts placed on most of the fibre-optic communications cables in and out of the country. This seems to involve some degree of co-operation – voluntary or otherwise – from companies operating either the cables or the stations at which they come into the country. These agreements, and the exact identities of the companies that have signed up, are regarded as extremely sensitive, and classified as top secret. Staff are instructed to be very careful about sharing information that could reveal which companies are 'special source' providers, for fear of 'high-level political fallout'. In one document, the companies are described as 'intercept partners'. The system seems to operate by allowing GCHQ to survey internet traffic flowing through different cables at regular intervals, and then automatically detecting which are most interesting, and harvesting the information from those. The documents suggest GCHQ was able to survey about 1,500 of the 1,600 or so high-capacity cables in and out of the UK at any one time, and aspired to harvest information from 400 or so at once – a quarter of all traffic. As of last year, the agency had gone halfway, attaching probes to 200 fibre-optic cables, each with a capacity of 10 gigabits per second. In theory, that gave GCHQ access to a flow of 21.6 petabytes in a day, equivalent to 192 times the British Library's entire book collection. GCHQ documents say efforts are made to automatically filter out UK-to-UK communications, but it is unclear how this would be defined, or whether it would even be possible in many cases. For example, an email sent using Gmail or Yahoo from one UK citizen to another would be very likely to travel through servers outside the UK. Distinguishing these from communications between people in the UK and outside would be a difficult task. GCHQ and NSA analysts, who share direct access to the system, are repeatedly told they need a justification to look for information on targets in the system and can't simply go on fishing trips – under the Human Rights Act, searches must be necessary and proportionate. However, when they do search the data, they have lots of specialist tools that let them obtain a huge amount of information from it: details of email addresses, IP addresses, who people communicate with, and what search terms they use. The simple analogy for content and metadata is that content is a letter, and metadata is the envelope. However, internet metadata can reveal much more than that: where you are, what you are searching for, who you are messaging and more. One of the documents seen by the Guardian sets out how GCHQ defines metadata in detail, noting that 'we lean on legal and policy interpretations that are not always intuitive'. It notes that in an email, the 'to', 'from' and 'cc' fields are metadata, but the subject line is content. The document also sets out how, in some circumstances, even passwords can be regarded as metadata. The distinction is a very important one to GCHQ with regard to the law, the document explains: 'There are extremely stringent legal and policy constraints on what we can do with content, but we are much freer in how we can store metadata. Moreover, there is obviously a much higher volume of content than metadata. 'For these reasons, metadata feeds will usually be unselected – we pull everything we see; on the other hand, we generally only process content that we have a good reason to target.'"
How does GCHQ's internet surveillance work
Guardian, 21 June 2013

"Russ Tice, a former intelligence analyst who in 2005 blew the whistle on what he alleged was massive unconstitutional domestic spying across multiple agencies, claimed Wednesday that the NSA had ordered wiretaps on phones connected to then-Senate candidate Barack Obama in 2004. Speaking on 'The Boiling Frogs Show,' Tice claimed the intelligence community had ordered surveillance on a wide range of groups and individuals, including high-ranking military officials, lawmakers and diplomats. 'Here's the big one ... this was in summer of 2004, one of the papers that I held in my hand was to wiretap a bunch of numbers associated with a 40-something-year-old wannabe senator for Illinois,' he said. 'You wouldn't happen to know where that guy lives right now would you? It's a big white house in Washington, D.C. That's who they went after, and that's the president of the United States now.' Host Sibel Edmonds and Tice both raised concerns that such alleged monitoring of subjects, unbeknownst to them, could provide the intelligence agencies with huge power to blackmail their targets. 'I was worried that the intelligence community now has sway over what is going on,' Tice said. After going public with his allegations in 2005, Tice later admitted that he had been a key source in a bombshell New York Times report that blew the lid off the Bush administration's use of warrantless wiretapping of international communications in the U.S. The article forced Bush to admit that the practice was indeed used on a small number of Americans, but Tice maintained that the NSA practice was likely being used the gather records for millions of Americans. The NSA denied Tice's allegations."
Russ Tice, Bush-Era Whistleblower, Claims NSA Ordered Wiretap Of Barack Obama In 2004
Huffington Post, 20 June 2013

"If you tweet a picture from your living room using your smartphone, you’re sharing far more than your new hairdo or the color of the wallpaper. You’re potentially revealing the exact coordinates of your house to anyone on the Internet. The GPS location information embedded in a digital photo is an example of so-called metadata, a once-obscure technical term that’s become one of Washington’s hottest new buzzwords. The word first sprang from the lips of pundits and politicians earlier this month, after reports disclosed that the government has been secretly accessing the telephone metadata of Verizon customers, as well as online videos, emails, photos and other data collected by nine Internet companies. President Barack Obama hastened to reassure Americans that 'nobody is listening to your phone calls,' while other government officials likened the collection of metadata to reading information on the outside of an envelope, which doesn’t require a warrant. But privacy experts warn that to those who know how to mine it, metadata discloses much more about us and our daily lives than the content of our communications. So what is metadata? Simply put, it’s data about data. An early example is the Dewey Decimal System card catalogs that libraries use to organize books by title, author, genre and other information. In the digital age, metadata is coded into our electronic transmissions.'Metadata is information about what communications you send and receive, who you talk to, where you are when you talk to them, the lengths of your conversations, what kind of device you were using and potentially other information, like the subject line of your emails,' said Peter Eckersley, the technology projects director at the Electronic Frontier Foundation, a digital civil liberties group. Powerful computer algorithms can analyze the metadata to expose patterns and to profile individuals and their associates, Eckersley said. 'Metadata is the perfect place to start if you want to troll through millions of people’s communications to find patterns and to single out smaller groups for closer scrutiny,' he said. 'It will tell you which groups of people go to political meetings together, which groups of people go to church together, which groups of people go to nightclubs together or sleep with each other.' Metadata records of search terms and webpage visits also can reveal a log of your thoughts by documenting what you’ve been reading and researching, Eckersley said. 'That’s certainly enough to know if you’re pregnant or not, what diseases you have, whether you’re looking for a new job, whether you’re trying to figure out if the NSA is watching you or not,' he said, referring to the National Security Agency. Such information provides 'a deeply intimate window into a person’s psyche,' he added. The more Americans rely on their smartphones and the Internet, the more metadata is generated. Metadata with GPS locations, for example, can trace a teenage girl to an abortion clinic or a patient to a psychiatrist’s office, said Karen Reilly, the development director for The Tor Project, a U.S.-based nonprofit that produces technology to provide online anonymity and circumvent censorship.... 'People don’t realize all the information that they’re giving out,' she said. 'You can try to secure it – you can use some tech tools, you can try to be a black hole online – but if you try to live your life the way people are expecting it, it’s really difficult to control the amount of data that you’re leaking all over the place.' A former senior official of the National Security Agency said the government’s massive collection of metadata allowed the agency to construct 'maps' of an individual’s daily movements, social connections, travel habits and other personal information. 'This is blanket. There is no constraint. No probable cause. No reasonable suspicion,' said Thomas Drake, who worked unsuccessfully for years to report privacy violations and massive waste at the agency to his superiors and Congress. Metadata 'is more useful than (the) content' of a telephone call, email or Internet search, Drake said in an interview. 'It gets you a map over time. I get to map movements, connections, communities of interest. It’s also a tracking mechanism.' The NSA 'can easily associate' a phone number with an identity, he added. 'All location information comes from a (cellular) tower. There are tower records. They are doing this every single day. It’s basically a data tap on metadata, and I can build a profile (of an individual) instantly.'"
Government could use metadata to map your every move
McClatchy, 20 June 2013

"If you use privacy tools, according to the apparent logic of the National Security Agency, it doesn’t much matter if you’re a foreigner or an American: Your communications are subject to an extra dose of surveillance. Since 29-year-old systems administrator Edward Snowden began leaking secret documentation of the NSA’s broad surveillance programs, the agency has reassured Americans that it doesn’t indiscriminately collect their data without a warrant, and that what it does collect is deleted after five years. But according to a document signed by U.S. Attorney General Eric Holder and published Thursday by the Guardian, it seems the NSA is allowed to make ambiguous exceptions for a laundry list of data it gathers from Internet and phone companies. One of those exceptions applies specifically to encrypted information, allowing it to gather the data regardless of its U.S. or foreign origin and to hold it for as long as it takes to crack the data’s privacy protections. The agency can collect and indefinitely keep any information gathered for 'cryptanalytic, traffic analysis, or signal exploitation purposes,' according to the leaked 'minimization procedures' meant to restrict NSA surveillance of Americans. 'Such communications can be retained for a period sufficient to allow thorough exploitation and to permit access to data that are, or are reasonably believed likely to become, relevant to a future foreign intelligence requirement,' the procedures read. And one measure of that data’s relevance to foreign intelligence? The simple fact that the data is encrypted and that the NSA wants to crack it may be enough to let the agency keep it indefinitely. 'In the context of cryptanalytic effort, maintenance of technical data bases requires retention of all communications that are enciphered or reasonably believed to contain secret meaning,' the criteria for the exception reads. 'Sufficient duration [for retaining the data] may consist of any period of time during which encrypted material is subject to, or of use in, cryptanalysis.'...In other words, privacy advocates may be facing a nasty Catch-22: Fail to encrypt your communications, and they’re vulnerable to any eavesdropper’s surveillance. But encrypt them, and they become legally subject to eavesdropping by the most powerful surveillance agency in the world.'
Leaked NSA Doc Says It Can Collect And Keep Your Encrypted Data As Long As It Takes To Crack It
Forbes, 20 June 2013

"America's National Security Agency (NSA) and its close British partner, GCHQ, the electronic eavesdropping centre based in Cheltenham, defend their activities on the grounds that they are fighting terrorism and serious crime. Top-secret documents now passed to the Guardian reveal that they are also spending time and money spying on Russia, Turkey, South Africa, and other delegates to international conferences in bugging operations that have nothing to do with terrorism or crime. The purpose is to give the UK a competitive and negotiating advantage. It is justified on legal grounds because the 1994 Intelligence Services Act says the job of GCHQ is gather information 'in the interests of the economic wellbeing of the United Kingdom'. The extraordinary scope of the act was spelled out by the then lord chancellor, Lord Mackay, during the bill's first reading. After stressing the importance of keeping 'a particular eye on Britain's access to key commodities, like oil or metals', Mackay added: 'The profits of Britain's myriad international business interests … and the jobs of a great many British people are dependent on the ability to plan, to invest and to trade effectively without worry or danger.' Three years earlier, the Guardian revealed how GCHQ bugged the communications of wide range of targets which on the face of it had nothing to do with protecting the nation's security. They included intelligence that would benefit large British companies, including the oil giants and banks, as well as the internal communications of those companies. GCHQ even bugged the pope. The data is intercepted by GCHQ's supercomputers, and the even bigger ones operated by the agency's close partner, the NSA. The intercepts are picked up by ground stations, including the NSA base at Menwith Hill in North Yorkshire, and GCHQ's listening post at Morwenstow, Cornwall, and distributed to their closest intelligence partners – Canada, Australia, and New Zealand – via a large 'Five Eyes' network called Echelon. The capacity of this data-gathering network, and the uses to which it has been put, has been atacked by France as an Anglo-Saxon club indulging in industrial and economic espionage that has prevented French arms companies, for example, winning contracts where it has competed with UK and US firms. Leaks to the Guardian have revealed the huge capacity of NSA and GCHQ computers as well as the way they are used. The law cannot keep up with developments in intrusive, surveillance technology, as intelligence officers admit. How the data is used – against terror suspects, but not innocent individuals – is, they admit, a matter of trust, not the law. Leaks of the documents suggest it is impossible to quench the appetite of the intelligence agencies and their clients, notably the ministers to whom they are responsible. Britain's spies say they are ultimately accountable to ministers, the people who are urging the spies on, unable to resist the secret product of their covert operations."
Richard Norton Taylor - Spying for spying's sake: spooks and their intelligence addiction
Guardian (Blog), 17 June 2013

"Foreign politicians and officials who took part in two G20 summit meetings in London in 2009 had their computers monitored and their phone calls intercepted on the instructions of their British government hosts, according to documents seen by the Guardian. Some delegates were tricked into using internet cafes which had been set up by British intelligence agencies to read their email traffic. The revelation comes as Britain prepares to host another summit on Monday – for the G8 nations, all of whom attended the 2009 meetings which were the object of the systematic spying. It is likely to lead to some tension among visiting delegates who will want the prime minister to explain whether they were targets in 2009 and whether the exercise is to be repeated this week. The disclosure raises new questions about the boundaries of surveillance by GCHQ and its American sister organisation, the National Security Agency, whose access to phone records and internet data has been defended as necessary in the fight against terrorism and serious crime. The G20 spying appears to have been organised for the more mundane purpose of securing an advantage in meetings. Named targets include long-standing allies such as South Africa and Turkey. There have often been rumours of this kind of espionage at international conferences, but it is highly unusual for hard evidence to confirm it and spell out the detail. The evidence is contained in documents – classified as top secret – which were uncovered by the NSA whistleblower Edward Snowden and seen by the Guardian. They reveal that during G20 meetings in April and September 2009 GCHQ used what one document calls "ground-breaking intelligence capabilities" to intercept the communications of visiting delegations. This included: •?Setting up internet cafes where they used an email interception programme and key-logging software to spy on delegates' use of computers; •?Penetrating the security on delegates' BlackBerrys to monitor their email messages and phone calls; •?Supplying 45 analysts with a live round-the-clock summary of who was phoning who at the summit; •?Targeting the Turkish finance minister and possibly 15 others in his party; •?Receiving reports from an NSA attempt to eavesdrop on the Russian leader, Dmitry Medvedev, as his phone calls passed through satellite links to Moscow."
GCHQ intercepted foreign politicians' communications at G20 summits
Guardian, 17 June 2013

"The faces of more than 120 million people are in searchable photo databases that state officials assembled to prevent driver’s-license fraud but that increasingly are used by police to identify suspects, accomplices and even innocent bystanders in a wide range of criminal investigations. The facial databases have grown rapidly in recent years and generally operate with few legal safeguards beyond the requirement that searches are conducted for 'law enforcement purposes.' Amid rising concern about the National Security Agency’s high-tech surveillance aimed at foreigners, it is these state-level facial-recognition programs that more typically involve American citizens. The most widely used systems were honed on the battlefields of Afghanistan and Iraq as soldiers sought to identify insurgents. The increasingly widespread deployment of the technology in the United States has helped police find murderers, bank robbers and drug dealers, many of whom leave behind images on surveillance videos or social-media sites that can be compared against official photo databases. But law enforcement use of such facial searches is blurring the traditional boundaries between criminal and non-criminal databases, putting images of people never arrested in what amount to perpetual digital lineups. The most advanced systems allow police to run searches from laptop computers in their patrol cars and offer access to the FBI and other federal authorities.... 'Where is government going to go with that years from now?' said Louisiana state Rep. Brett Geymann, a conservative Republican who has fought the creation of such systems there. 'Here your driver’s license essentially becomes a national ID card.'"
State photo-ID databases become troves for police
Washington Post, 16 June 2013

"Guardian columnist Glenn Greenwald on Wednesday night ripped into Rep. Peter King (R-NY) and pointed out the congressman’s support of the Irish Republican Army (IRA). Greenwald told CNN’s Anderson Cooper that it was “staggering” to see King call for him to face criminal charges for reporting on secret information about the National Security Agency’s surveillance program. 'It’s bad enough to call for that, it is extraordinarily menacing that he did so based on a complete falsehood, the idea that I ever threatened to [disclose CIA agents],' he said. Greenwald said he had no idea why King was making the false accusation. 'The last thing I would try to do is read what goes on internally in the swamp of Peter King’s brain,' he remarked. 'What I do know is that he has a history of all kinds of radical and extremist statements. He himself was a supporter of terrorism for several decades when it was done by the IRA.' King has increasingly elevated his rhetoric. On Monday, he called for NSA whistleblower Edward Snowden to be extradited to the United States and prosecuted. On Tuesday, he said that journalists who reported on leaked government information should also be prosecuted. On Wednesday, he said that Greenwald in particular should be arrested and prosecuted."
Glenn Greenwald slams Rep. Peter King: He supported terrorism for decades
Raw Story, 12 June 2013

"Among all the uncertainties and denials over the interception of communications by GCHQ and America's National Security Agency some things should be crystal clear. The bilateral relationship between GCHQ and the NSA is uniquely special. It is the core of the 'special relationship'. The two agencies are truly intertwined. There are NSA liaison officers assigned to GCHQ in Cheltenham, and GCHQ officers at the NSA's headquarters in Fort Meade, Maryland. Though officially described as an RAF base, Menwith Hill in North Yorkshire is the NSA's largest eavesdropping centre outside the US. It is a satellite receiving station that monitors foreign military traffic but is also plugged into Britain's telecommunications network..... GCHQ and the NSA trawl through the airwaves, harvesting a huge amount of data consisting of both the content of conversations, and the numbers, addresses, and websites, used by individuals on the telephone, in emails, or on the internet. Ministers and commissioners (former senior judges) appointed to monitor GCHQ's activities cannot possibly know the content or the quantity, of all the data the agency collects on a daily basis. So it boils down to a question of trust. Dennis Mitchell, a senior GCHQ official who resigned in protest against the trade union ban imposed there by the Thatcher government in 1984, described the agency as a powerful, unaccountable, arm of government whose only watchdog was the workforce. 'It is they on whom the general public must rely if errors of judgment, excessive zeal or malpractices are to be averted...' GCHQ staff, he said, had 'considerable discretion'. In the Commons on Monday, the foreign secretary, William Hague, praised GCHQ staff for their 'professionalism, dedication, and integrity'. The staff may well share those qualities. We should remember, however, how in the late 1960s GCHQ cooperated in the illegal eavesdropping on the communications of such civil rights activists as the actress Jane Fonda, the singer Joan Baez, and the US paediatrician and best-selling author, Benjamin Spock. With the help of a US-funded GCHQ listening station at Bude on North Cornwall, the two agencies did each other's dirty work, getting round their domestic laws by spying on each other's citizens. The past may be another country but it was not long ago that GCHQ was embroiled in a controversy leading to one of its employees charged under the Official Secrets Act for blowing the whistle. In the run-up to the invasion of Iraq in March 2003, Katharine Gun was charged with leaking a secret email from the NSA requesting GCHQ for help in what amounted to a dirty tricks campaign: a plan for the bugging of offices and homes in New York belonging to UN diplomats from the six 'swing states', countries whose support would be vital if Washington and London were to win a Security Council resolution authorising the invasion of Iraq. We do not know how GCHQ responded to the request because the authorities, apparently afraid of what may emerge in a criminal trial, suddenly dropped the charges. Hague suggested in his blustering — and carefully worded — response to the NSA leaks in the Commons on Monday that everything about the way GCHQ gathers intelligence is tickety-boo. It may be, but ministers have not explained how their assertions should be accepted on trust now."
Richard Norton-Taylor - Intelligence-gathering by British state out of control
Guardian (Blog), 11 June 2013

"Despite another whistleblower detailing the National Security Agency's alleged practice of collecting and analyzing virtually all U.S. electronic communications, many Americans are still skeptical about the allegations that America is essentially a surveillance state. They shouldn't be, according to cyber security expert Mark Wuergler. Wuergler, the chief senior security researcher at security firm Immunity, told us that he is 'not surprised in the least that this is happening,' and actually 'would be surprised if it wasn't happening — from an agency like that, it would mean they are not doing their job.'....The strongest accusation against the NSA is that it hired two Israeli companies to tap the nation's telecommunications network so that the world's largest spy agency could continuously collect and data-mining all of the phone and Internet traffic streaming through the country. 'We already know that's a possibility and with the right amount of money and resources — the NSA has both — then you would be able to come up with [a siphoning system] that would be rather challenging to detect.' The detection of the domestic dragnet has occurred mostly through whistleblowers like former spy Mike Frost, who told 60 Minutes that all electronic communications are captured and analyzed for key words by super computers. And AT&T engineer Mark Klein, who stumbled into the room where the surveillance hardware has been installed and then blew the whistle after he realized that the the NSA actively 'vacuumed up Internet and phone-call data from ordinary Americans with the cooperation of AT&T' through the wiretapping rooms. Klein emphasized that 'much of the data sent through AT&T to the NSA was purely domestic.'.... The bottom line in all of this: If the government is running a vast domestic dragnet with weak oversight, it's a brazen violation of the fourth Amendment — but that wouldn't necessarily mean that it will stop. Wuergler noted that the spying is likely to continue in some form or another. 'Everything in the security industry is an arms race,' he said. 'And if you're figured out a way — you have some secret on how to tap these networks that nobody else has figured out before — you're going to bank on that until it's discovered. Once it's discovered you're going to say, 'Oops ... sorry about that,' and then you're going to find another way that hasn't been detected. That has probably been the pattern for years and always will be the pattern.'"
CYBER EXPERT: The NSA Has The Means And Motive To Spy On Everyone
Business Insider, 10 June 2013

"....what is not legitimate is to use a secrecy system to hide programs that are blatantly unconstitutional in their breadth and potential abuse. Neither the president nor Congress as a whole may by themselves revoke the fourth amendment – and that's why what Snowden has revealed so far was secret from the American people. In 1975, Senator Frank Church spoke of the National Security Agency in these terms: 'I know the capacity that is there to make tyranny total in America, and we must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision, so that we never cross over that abyss. That is the abyss from which there is no return.' The dangerous prospect of which he warned was that America's intelligence gathering capability – which is today beyond any comparison with what existed in his pre-digital era – 'at any time could be turned around on the American people and no American would have any privacy left.' That has now happened. That is what Snowden has exposed, with official, secret documents. The NSA, FBI and CIA have, with the new digital technology, surveillance powers over our own citizens that the Stasi – the secret police in the former 'democratic republic' of East Germany – could scarcely have dreamed of. Snowden reveals that the so-called intelligence community has become the United Stasi of America."
Daniel Ellsberg, former US military analyst who in 1971 leaked the Pentagon Papers, which revealed how the US public had been misled about the Vietnam war
Edward Snowden: saving us from the United Stasi of America
Guardian, Comment Is Free, 10 June 2013

"For those of you who are still unaware, the Washington Post and the Guardian released stories yesterday claiming that an anonymous NSA official released information to them about a secret wiretapping system called the PRISM / US-984XN. This system ties into virtually every major email and social media provider, allowing NSA officials to view every electronic transaction a user engages in through those social media systems. The list of providers working with the NSA include Google, Microsoft, Facebook, Apple, Yahoo, YouTube, Skype and AOL. This system is always up, and does not limit the NSA's access based on warrants issued by a judge. A whistle-blower tried to expose this system of integrated intelligence collection years ago. William Binney, a former NSA employee with the signals intelligence agency within the DoD, stated the NSA 'has the capability to do individualized searches, similar to Google, for particular electronic communications in real time through such criteria as target addresses, locations, countries and phone numbers, as well as watch-listed names, keywords, and phrases in email.' Binney said the system at the time was called 'Stellar Wind.'"
Domestic Spying: How the NSA is Watching You Through a PRISM
PolicyMic, 7 June 2013

"The journalist who broke the news that the government is monitoring vast quantities of American phone records is claiming the U.S. is building a 'massive' snooping apparatus committed to destroying privacy worldwide. 'There is a massive apparatus within the United States government that with complete secrecy has been building this enormous structure that has only one goal, and that is to destroy privacy and anonymity, not just in the United States but around the world,' charged Glenn Greenwald, a reporter for the British newspaper 'The Guardian,' speaking on CNN. 'That is not hyperbole. That is their objective.'... He added, 'There is this massive surveillance state that the United States government has built up that has extraordinary implications for how we live as human beings on the earth and as Americans in our country, and we have the right to know what it is that that government and that agency is doing. I intend to continue to shine light on that, and Dianne Feinstein can beat her chest all she wants and call for investigations, and none of that is going to stop and none of it is going to change.'''
Glenn Greenwald: U.S. wants to destroy privacy worldwide
Politico, 7 June 2013

"The personal data and private online conversations that the National Security Administration is accused of mining could be stashed in a one million square-foot, $1.9 billion facility in the Utah Valley. Concerns over what the government will store at the Utah Data Center have been reinvigorated by the revelation that U.S. intelligence agencies have been extracting audio, video, photos, e-mails, documents and other information to track people's movements and contacts. Apple, Facebook, Microsoft, Google, Yahoo, YouTube, Skype, AOL and the lesser known Internet company PalTalk are all involved with the PRISM program, which the government insists is for national security. The Utah Data Center which is being constructed on Camp Williams on the Salt Lake-Utah County line will be completed in October - but officials have been tight-lipped about what will be stored there."
Inside America's $1.9billion data mine
Mail, 7 June 2013

"Britain's secret spy agency has been snooping on UK citizens through a backroom deal with US agents to share personal data mined from the world's biggest internet companies, top-secret documents have revealed. GCHQ has had direct access to the personal information of any Briton with a profile on almost all the mainstream social media sites since 2010 - all courtesy of America's National Security Agency. The explosive leak comes as it emerged the NSA has been pulling individual data from the mainframes of nine top US tech giants, including Facebook, Google and Apple, as part of a covert initiative codenamed Prism. But news that the scandal has bled across the Atlantic not only sheds light on the sinister lengths to which the British Government is prepared to go to spy on its own people but also raises serious questions over which politicians knew about the programme. It means any Brit who sent an email, uploaded a photograph, shared a link or watched a video on one of the breached sites in the past three years, may have done so under the watchful eyes of government spies. Indeed, it will also pile pressure on Prime Minister David Cameron to explain how much he knew about the intrusion as he prepares to attend the secretive Bilderberg conference today, a closed-door meeting that conspiracy theorists already believe is where leaders plot world domination.... Documents, leaked to the Guardian, reveal that the mutual legal assistance treaty generated 197 British intelligence reports last year alone - a 137 per cent increase on the previous 12 months. Nick Pickles, director of privacy and civil liberties campaign group Big Brother Watch, said: 'If British citizens have had their emails and social media messages seized by the US Government without any justification or legal authority, serious questions must be asked at the highest levels. The revelations call into question the integrity of cloud services that are used by millions of non-US citizens every day, while setting a dangerous precedent that less-democratic regimes around the world may rush to copy. How many Members of Parliament, business leaders and key security figures use US-based services that may have been compromised?'.... All forms of wiretapping of U.S. citizens by the NSA requires a warrant from a three-judge court set up under the Foreign Intelligence Surveillance Act passed in 1978. But former President George W. Bush issued an executive order shortly after the September 11, 2001, attacks in New York that authorised the NSA to monitor certain phone calls without obtaining a warrant. The warrantless wiretapping programme remained a secret until 2005, when a whistleblower went to the press to reveal the extent of the surveillance.... The particulars of the program have been outlined in a top-secret PowerPoint presentation for senior intelligence analysts, which ended up being leaked to The [Washington] Post and Britain's The Guardian."
Britons ARE being spied on by surveillance agencies
Mail, 7 June 2013

"The UK's electronic eavesdropping and security agency, GCHQ, has been secretly gathering intelligence from the world's biggest internet companies through a covertly run operation set up by America's top spy agency, documents obtained by the Guardian reveal. The documents show that GCHQ, based in Cheltenham, has had access to the system since at least June 2010, and generated 197 intelligence reports from it last year. The US-run programme, called Prism, would appear to allow GCHQ to circumvent the formal legal process required to seek personal material such as emails, photos and videos from an internet company based outside the UK. The use of Prism raises ethical and legal issues about such direct access to potentially millions of internet users, as well as questions about which British ministers knew of the programme. In a statement to the Guardian, GCHQ, insisted it 'takes its obligations under the law very seriously'. The details of GCHQ's use of Prism are set out in documents prepared for senior analysts working at America's National Security Agency, the biggest eavesdropping organisation in the world. Dated April this year, the papers describe the remarkable scope of a previously undisclosed 'snooping' operation which gave the NSA and the FBI easy access to the systems of nine of the world's biggest internet companies. The group includes Google, Facebook, Microsoft, Apple, Yahoo and Skype. The documents, which appear in the form of a 41-page PowerPoint presentation, suggest the firms co-operated with the Prism programme. Technology companies denied knowledge of Prism, with Google insisting it 'does not have a back door for the government to access private user data'. But the companies acknowledged that they complied with legal orders. The existence of Prism, though, is not in doubt. Thanks to changes to US surveillance law introduced under President George W Bush and renewed under Barack Obama in December 2012, Prism was established in December 2007 to provide in-depth surveillance on live communications and stored information about foreigners overseas. The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US. The documents make clear the NSA has been able to obtain unilaterally both stored communications as well as real-time collection of raw data for the last six years, without the knowledge of users, who would assume their correspondence was private. The NSA describes Prism as 'one of the most valuable, unique and productive accesses' of intelligence, and boasts the service has been made available to spy organisations from other countries, including GCHQ."
UK gathering secret intelligence via covert NSA operation
Guardian, 7 June 2013

"US intelligence chief James Clapper has said the law that allows American government agencies to collect communications from internet companies only permits the targeting of 'non-US persons' outside the United States. The response comes after The Guardian reported The National Security Agency had obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, as part of a previously undisclosed program called PRISM. PRISM allows officials to collect material including search history, the content of emails, file transfers and live chats. Mr Clapper, the director of national intelligence, said in a statement the story, which also appeared in the Washington Post, contained 'numerous inaccuracies,' but did not offer any details."
Intelligence chief: Surveillance targets non-US citizens
ITV, 7 June 2013

"Dianne Feinstein, a Democrat from liberal Northern California and the chairman of the Senate Select Committee on Intelligence, assured the public earlier today that the government’s secret snooping into the phone records of Americans was perfectly fine, because the information it obtained was only 'meta,' meaning it excluded the actual content of the phone conversations, providing merely records, from a Verizon subsidiary, of who called whom when and from where.... according to the mathematician and former Sun Microsystems engineer Susan Landau, whom I interviewed while reporting on the plight of the former N.S.A. whistleblower Thomas Drake and who is also the author of 'Surveillance or Security?,' is that it’s worse than many might think. 'The public doesn’t understand,' she told me, speaking about so-called metadata. 'It’s much more intrusive than content.' She explained that the government can learn immense amounts of proprietary information by studying 'who you call, and who they call. If you can track that, you know exactly what is happening—you don’t need the content.' For example, she said, in the world of business, a pattern of phone calls from key executives can reveal impending corporate takeovers. Personal phone calls can also reveal sensitive medical information: 'You can see a call to a gynecologist, and then a call to an oncologist, and then a call to close family members.' And information from cell-phone towers can reveal the caller’s location. Metadata, she pointed out, can be so revelatory about whom reporters talk to in order to get sensitive stories that it can make more traditional tools in leak investigations, like search warrants and subpoenas, look quaint. 'You can see the sources,' she said. When the F.B.I. obtains such records from news agencies, the Attorney General is required to sign off on each invasion of privacy. When the N.S.A. sweeps up millions of records a minute, it’s unclear if any such brakes are applied. Metadata, Landau noted, can also reveal sensitive political information, showing, for instance, if opposition leaders are meeting, who is involved, where they gather, and for how long. Such data can reveal, too, who is romantically involved with whom, by tracking the locations of cell phones at night."
Jane Mayer - What’s the Matter with Metadata?
New Yorker (Blog), 6 June 2013

"The National Security Agency is currently collecting the telephone records of millions of US customers of Verizon, one of America's largest telecoms providers, under a top secret court order issued in April. The order, a copy of which has been obtained by the Guardian, requires Verizon on an 'ongoing, daily basis' to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries. The document shows for the first time that under the Obama administration the communication records of millions of US citizens are being collected indiscriminately and in bulk – regardless of whether they are suspected of any wrongdoing. The secret Foreign Intelligence Surveillance Court (Fisa) granted the order to the FBI on April 25, giving the government unlimited authority to obtain the data for a specified three-month period ending on July 19. Under the terms of the blanket order, the numbers of both parties on a call are handed over, as is location data, call duration, unique identifiers, and the time and duration of all calls. The contents of the conversation itself are not covered. The disclosure is likely to reignite longstanding debates in the US over the proper extent of the government's domestic spying powers. Under the Bush administration, officials in security agencies had disclosed to reporters the large-scale collection of call records data by the NSA, but this is the first time significant and top-secret documents have revealed the continuation of the practice on a massive scale under President Obama. The unlimited nature of the records being handed over to the NSA is extremely unusual. Fisa court orders typically direct the production of records pertaining to a specific named target who is suspected of being an agent of a terrorist group or foreign state, or a finite set of individually named targets. The Guardian approached the National Security Agency, the White House and the Department of Justice for comment in advance of publication on Wednesday. All declined."
NSA collecting phone records of millions of Verizon customers daily
Guardian, 6 June 2013

"A United Nations human rights expert called Tuesday for closer scrutiny of government wiretapping efforts around the world, saying most countries' laws don't properly protect free speech. The U.N.'s independent investigator on freedom of expression warned that while efforts to ensure national security and prevent crimes could justify 'exceptional use of communications surveillance,' little was known about the massive amounts of data collected on individuals — including journalists and human rights defenders — who were often unaware that they were being spied upon. 'States should be completely transparent about the use and scope of communications surveillance techniques and powers,' Frank La Rue, a legal scholar from Guatemala, said in a report to the Geneva-based U.N. Human Rights Council. He said states should regularly publish data on the kind of phone and Internet surveillance they conduct, and those who are the subject of them should have the right to be notified afterward."
UN rights expert critical of government wiretaps
Associated Press, 4 June 2013

"Security concerns don't give state authorities the right to curb freedom of expression, a privacy envoy for the United Nations said Tuesday in Geneva. Frank La Rue, U.N. special envoy on the right to free speech, called on the international community to focus more on the use of surveillance of communication by state authorities concerned about national security. La Rue said national security concerns may justify the 'exceptional use' of surveillance, but national laws that spell out what's necessary or legitimate don't always exist."
U.N. envoy frustrated by state censorship
UPI, 4 June 2013

"[There is] the dispiriting history of using anti-terrorist legislation for extraneous ends. The Regulation of Investigatory Powers Act, introduced in 2000 to combat terrorism, was deployed also to authorise surveillance of parking offences."
Security and Incitement
London Times, 28 May 2013, Print Edition, P2

"Google won’t -- but they will. Amid growing privacy concerns and repeated statements from Google that its futuristic wearable computer can’t recognize faces, a California software developer has done just that, releasing facial recognition software for Google Glass. Lambda Labs software lets anyone wearing Google Glass look up faces in a crowd against a computer database, instantly showing someone’s name and any other vital bits of data contained in the app. And even the app developer acknowledges the implications for privacy. 'We have no plans to provide a global facial recognition database,' Stephen Balaban, founder of Lambda Labs, told FoxNews.com. 'That’s probably not a good idea.' Instead, Balaban’s technology is an API intended to allow other software developers working with early versions of Glass to write their own apps. Those software developers will provide databases of faces, which Glass will use to identify a face in a photo. Picture a doctor with 1,000 patients who could quickly look up the name and medical history of his patients while doing rounds, thanks to a custom medical app using the tech. But Lambda Labs will put out its own app around the consumer launch of Glass to show off the technology, Balaban said.... Earlier this month, eight members of Congress demanded answers from the company about such privacy concerns, in particular raising the issue of facial recognition."
Eye spy: Facial recognition software is coming to Google Glass
Fox News, 28 May 2013

"As it was disclosed that the two men suspected of murdering Drummer Lee Rigby were known to the security services, politicians warned that it was a 'terrible mistake' to have shelved the so-called 'snoopers' charter'. Nick Clegg, the Deputy Prime Minister, last month forced the Conservatives to abandon plans for a Communications Data Bill after warning that the measures would represent a 'significant reduction in personal privacy'. Security officials and ministers had warned that the powers were essential to protect Britain from terrorists. There are now growing calls for the plan to be resurrected in the wake of the killing of Drummer Rigby, 25, by two suspected Islamic terrorists. Lord Reid, the former Labour home secretary, said that such measures were essential to combat terrorism. He warned it could now take 'some huge tragedy' to show that the decision over the 'snoopers’ charter' was wrong..... Lord West, the former First Sea Lord and security minister, said it was 'a terrible mistake' to abandon the scheme because of Mr Clegg’s intervention. He said that having a database of people’s internet and phone usage would help the authorities to determine whether the terrorists have links to other groups."
Woolwich attack: Snoopers’ charter 'could have prevented machete tragedy’
Telegraph, 23 May 2013

"When the Justice Department began investigating possible leaks of classified information about North Korea in 2009, investigators did more than obtain telephone records of a working journalist suspected of receiving the secret material. They used security badge access records to track the reporter’s comings and goings from the State Department, according to a newly obtained court affidavit. They traced the timing of his calls with a State Department security adviser suspected of sharing the classified report. They obtained a search warrant for the reporter’s personal e-mails. The case of Stephen Jin-Woo Kim, the government adviser, and James Rosen, the chief Washington correspondent for Fox News, bears striking similarities to a sweeping leaks investigation disclosed last week in which federal investigators obtained records over two months of more than 20 telephone lines assigned to the Associated Press. At a time when President Obama’s administration is under renewed scrutiny for an unprecedented number of leak investigations, the Kim case provides a rare glimpse into the inner workings of one such probe. Court documents in the Kim case reveal how deeply investigators explored the private communications of a working journalist — and raise the question of how often journalists have been investigated as closely as Rosen was in 2010. The case also raises new concerns among critics of government secrecy about the possible stifling effect of these investigations on a critical element of press freedom: the exchange of information between reporters and their sources."
A rare peek into a Justice Department leak probe
Washington Post, 20 May 2013

"If you think the private messages you send over Skype are protected by end-to-end encryption, think again. The Microsoft-owned service regularly scans message contents for signs of fraud, and company managers may log the results indefinitely, Ars has confirmed. And this can only happen if Microsoft can convert the messages into human-readable form at will."
Think your Skype messages get end-to-end encryption? Think again
Arstechnica, 20 May 2013

"The internet has turned into a massive surveillance tool. We're constantly monitored on the internet by hundreds of companies -- both familiar and unfamiliar. Everything we do there is recorded, collected, and collated – sometimes by corporations wanting to sell us stuff and sometimes by governments wanting to keep an eye on us. Ephemeral conversation is over. Wholesale surveillance is the norm. Maintaining privacy from these powerful entities is basically impossible, and any illusion of privacy we maintain is based either on ignorance or on our unwillingness to accept what's really going on. It's about to get worse, though. Companies such as Google may know more about your personal interests than your spouse, but so far it's been limited by the fact that these companies only see computer data. And even though your computer habits are increasingly being linked to your offline behaviour, it's still only behaviour that involves computers. The Internet of Things refers to a world where much more than our computers and cell phones is internet-enabled. Soon there will be internet-connected modules on our cars and home appliances. Internet-enabled medical devices will collect real-time health data about us. There'll be internet-connected tags on our clothing. In its extreme, everything can be connected to the internet. It's really just a matter of time, as these self-powered wireless-enabled computers become smaller and cheaper. Lots has been written about the 'Internet of Things' and how it will change society for the better. It's true that it will make a lot of wonderful things possible, but the 'Internet of Things' will also allow for an even greater amount of surveillance than there is today. The Internet of Things gives the governments and corporations that follow our every move something they don't yet have: eyes and ears. Soon everything we do, both online and offline, will be recorded and stored forever. The only question remaining is who will have access to all of this information, and under what rules. We're seeing an initial glimmer of this from how location sensors on your mobile phone are being used to track you. Of course your cell provider needs to know where you are; it can't route your phone calls to your phone otherwise. But most of us broadcast our location information to many other companies whose apps we've installed on our phone. Google Maps certainly, but also a surprising number of app vendors who collect that information. It can be used to determine where you live, where you work, and who you spend time with. Another early adopter was Nike, whose Nike+ shoes communicate with your iPod or iPhone and track your exercising. More generally, medical devices are starting to be internet-enabled, collecting and reporting a variety of health data. Wiring appliances to the internet is one of the pillars of the smart electric grid. Yes, there are huge potential savings associated with the smart grid, but it will also allow power companies – and anyone they decide to sell the data to – to monitor how people move about their house and how they spend their time....In the longer term, the Internet of Things means ubiquitous surveillance. If an object 'knows' you have purchased it, and communicates via either Wi-Fi or the mobile network, then whoever or whatever it is communicating with will know where you are. Your car will know who is in it, who is driving, and what traffic laws that driver is following or ignoring. No need to show ID; your identity will already be known. Store clerks could know your name, address, and income level as soon as you walk through the door. Billboards will tailor ads to you, and record how you respond to them. Fast food restaurants will know what you usually order, and exactly how to entice you to order more. Lots of companies will know whom you spend your days – and nights – with. Facebook will know about any new relationship status before you bother to change it on your profile. And all of this information will all be saved, correlated, and studied.... You'd think that your privacy settings would keep random strangers from learning everything about you, but it only keeps random strangers who don't pay for the privilege – or don't work for the government and have the ability to demand the data. Power is what matters here: you'll be able to keep the powerless from invading your privacy, but you'll have no ability to prevent the powerful from doing it again and again."
Will giving the internet eyes and ears mean the end of privacy?
Guardian (Technology), 16 May 2013

"A federal magistrate judge in New York recently ruled that cell phone location data deserves no protection under the Fourth Amendment and that accordingly, the government can engage in real-time location surveillance without a search warrant. In an opinion straight from the Twilight Zone, magistrate judge Gary Brown ruled two weeks ago that 'cell phone users who fail to turn off their cell phones do not exhibit an expectation of privacy.' In his puzzling opinion, the judge squarely criticizes people naive enough to expect privacy while also leaving their cell phones on when they’re not using them. 'Given the ubiquity and celebrity of geolocation technologies, an individual has no legitimate expectation of privacy in the prospective location of a cellular telephone where that individual has failed to protect his privacy by taking the simple expedient of powering it off.... As to control by the user, all of the known tracking technologies may be defeated by merely turning off the phone. Indeed—excluding apathy or inattention—the only reason that users leave cell phones turned on is so that the device can be located to receive calls. Conversely, individuals who do not want to be disturbed by unwanted telephone calls at a particular time or place simply turn their phones off, knowing that they cannot be located.' ... The Catch-22 here is that the only people who the judge believes would have any reasonable expectation of privacy are those whose phones are turned off (and thus, not generating any location data that the government could access, even with a warrant). And it ignores the necessity of keeping your cell phone turned on for communicating with family or for work.....We are also baffled by the judge’s willingness to tie a reasonable expectation of privacy to the use of a cellphone power button. We’re not sure if the judge has watched the Onion’s spoof news video describing a fictional 'Google Opt Out Village' for people who don’t want to be tracked by the advertising company, but the logic in his opinion is consistent with the absurdity of that spoof. If you don’t want Google to track you, stop using all modern technology and move to a remote village. If you don’t want the government to covertly track your phone, turn it off and leave it off. What could be simpler, right?"
Federal Judge: Only Powered-Off Cell Phones Deserve Privacy Protections
American Civil Liberties Union, 15 May 2013

"The Justice Department secretly obtained two months of telephone records of reporters and editors for The Associated Press in what the news cooperative's top executive called a 'massive and unprecedented intrusion' into how news organizations gather the news. The records obtained by the Justice Department listed outgoing calls for the work and personal phone numbers of individual reporters, for general AP office numbers in New York, Washington and Hartford, Conn., and for the main number for the AP in the House of Representatives press gallery, according to attorneys for the AP. It was not clear if the records also included incoming calls or the duration of the calls. In all, the government seized the records for more than 20 separate telephone lines assigned to AP and its journalists in April and May of 2012. The exact number of journalists who used the phone lines during that period is unknown, but more than 100 journalists work in the offices where phone records were targeted, on a wide array of stories about government and other matters. In a letter of protest sent to Attorney General Eric Holder on Monday, AP President and Chief Executive Officer Gary Pruitt said the government sought and obtained information far beyond anything that could be justified by any specific investigation. He demanded the return of the phone records and destruction of all copies.... The government would not say why it sought the records. Officials have previously said in public testimony that the U.S. attorney in Washington is conducting a criminal investigation into who may have provided information contained in a May 7, 2012, AP story about a foiled terror plot. The story disclosed details of a CIA operation in Yemen that stopped an al-Qaida plot in the spring of 2012 to detonate a bomb on an airplane bound for the United States."
Gov't obtains wide AP phone records in probe
Associated Press, 13 May 2013

"EE has been accused of selling customers' personal data to an analytics firm, which in turn looked to sell it on to the Met Police for tracking purposes, according to The Sunday Times. The report alleges that the data passed on to Ipsos MORI included gender and age information, users' postcodes, as well as information on when and to whom calls were made, plus web and app use details - and would be able to track a user's location within 100 metres. The Sunday Times said the Metropolitan Police admitted it was considering buying access to such data, but has now decided not to. Ipsos MORI denied the claims it's selling personal data, saying the information is "anonymised" and contains groups of people no smaller than 50. Ipos MORI said it didn't have access to names, addresses, postcode or phone numbers, but can see how many people visited a website, for example. It's unclear how anonymised data would be of any use to the Met Police, but further details from The Sunday Times report claims Ipsos MORI ran a location-tracking trial last summer on Olympic visitors and shoppers, with a document claiming: 'We can understand not only where people are going, but what they have been doing before, during and after they visited these various locations'"
EE data 'being sold to track customers'
PC Pro, 13 May 2013

"Even as the U.S. government confronts rival powers over widespread Internet espionage, it has become the biggest buyer in a burgeoning gray market where hackers and security firms sell tools for breaking into computers. The strategy is spurring concern in the technology industry and intelligence community that Washington is in effect encouraging hacking and failing to disclose to software companies and customers the vulnerabilities exploited by the purchased hacks. That's because U.S. intelligence and military agencies aren't buying the tools primarily to fend off attacks. Rather, they are using the tools to infiltrate computer networks overseas, leaving behind spy programs and cyber-weapons that can disrupt data or damage systems. The core problem: Spy tools and cyber-weapons rely on vulnerabilities in existing software programs, and these hacks would be much less useful to the government if the flaws were exposed through public warnings. So the more the government spends on offensive techniques, the greater its interest in making sure that security holes in widely used software remain unrepaired. Moreover, the money going for offense lures some talented researchers away from work on defense, while tax dollars may end up flowing to skilled hackers simultaneously supplying criminal groups. 'The only people paying are on the offensive side,' said Charlie Miller, a security researcher at Twitter who previously worked for the National Security Agency. A spokesman for the NSA agreed that the proliferation of hacking tools was a major concern but declined to comment on the agency's own role in purchasing them, citing the 'sensitivity' of the topic....Officials have never publicly acknowledged engaging in offensive cyber-warfare, though the one case that has been most widely reported - the use of a virus known as Stuxnet to disrupt Iran's nuclear-research program - was lauded in Washington. Officials confirmed to Reuters previously that the U.S. government drove Stuxnet's development, and the Pentagon is expanding its offensive capability through the nascent Cyber Command. Stuxnet, while unusually powerful, is hardly an isolated case. Computer researchers in the public and private sectors say the U.S. government, acting mainly through defense contractors, has become the dominant player in fostering the shadowy but large-scale commercial market for tools known as exploits, which burrow into hidden computer vulnerabilities.... Former NSA Director Hayden and others with high-level experience have boasted that U.S. offensive capabilities in cyberspace are the best in the world. But few outsiders had any idea what was possible before 2010, when a small laboratory discovered the worm called Stuxnet. It took teams of security experts in several countries months to dissect the program. They discovered that it had been meticulously engineered to launch invisibly from a portable flash drive and spread through connected Windows-based personal computers in search of machines running a specific piece of industrial control software made by Siemens AG of Germany. If Stuxnet found that software and a certain configuration, it changed some of the instructions in the program and hid its tracks. Eventually, the truth came out: The only place deliberately affected was an Iranian nuclear facility, where the software sped up and slowed down uranium-enriching centrifuges until they broke. Stuxnet was unique in many ways, one of them being that it took advantage of four previously unknown flaws in Windows. In the industry, exploits of such vulnerabilities are called 'zero-days,' because the software maker has had zero days' notice to fix the hole before the tool's discovery. It can take months for security patches to be widely installed after a vulnerability is reported, so even a 'two-day' exploit, one released two days after a warning, is valuable. But exploits can't be counted on to work once the holes they rely on are disclosed. That means contractors are constantly looking for new ones that can be swapped in to a particular program after the original vulnerability is fixed. Some security firms sell subscriptions for exploits, guaranteeing a certain number per year. 'My job was to have 25 zero-days on a USB stick, ready to go,' said a former executive at a defense contractor that bought vulnerabilities from independent hackers and turned them into exploits for government use. Zero-day exploits will work even when the targeted software is up to date, and experts say the use of even a single zero-day in a program signals that a perpetrator is serious. A well-publicized hacking campaign against Google and scores of other companies in early 2010, attributed by U.S. officials and private experts to Chinese government hackers, used one zero-day. Many zero-day exploits appear to have been produced by intelligence agencies. But private companies have also sprung up that hire programmers to do the grunt work of identifying vulnerabilities and then writing exploit code. The starting rate for a zero-day is around $50,000, some buyers said, with the price depending on such factors as how widely installed the targeted software is and how long the zero-day is expected to remain exclusive.... Much of the work on offensive cyber-warfare is done by publicly traded U.S. defense contractors, now joined by a handful of venture capital-backed start-ups seeking government buyers for a broad array of cyber-weapons that use exploits. Defense contractors both buy exploits and produce them in-house. Major players in the field include Raytheon Co, Northrop Grumman Corp and Harris Corp, all of which have acquired smaller companies that specialize in finding new vulnerabilities and writing exploits. Those companies declined to discuss their wares. 'It's tough for us, when you get into the realm of offensive,' said Northrop spokesman Mark Root. Reuters reviewed a product catalogue from one large contractor, which was made available on condition the vendor not be named. Scores of programs were listed. Among them was a means to turn any iPhone into a room-wide eavesdropping device. Another was a system for installing spyware on a printer or other device and moving that malware to a nearby computer via radio waves, even when the machines aren't connected to anything. There were tools for getting access to computers or phones, tools for grabbing different categories of data, and tools for smuggling the information out again. There were versions of each for Windows, Apple and Linux machines. Most of the programs cost more than $100,000, and a solid operation would need several components that work together. The vast majority of the programs rely on zero-day exploits."
Special Report: U.S. cyberwar strategy stokes fear of blowback
Reuters, 10 May 2013

"Even as the U.S. government confronts rival powers over widespread Internet espionage, it has become the biggest buyer in a burgeoning gray market where hackers and security firms sell tools for breaking into computers. The strategy is spurring concern in the technology industry and intelligence community that Washington is in effect encouraging hacking and failing to disclose to software companies and customers the vulnerabilities exploited by the purchased hacks. That's because U.S. intelligence and military agencies aren't buying the tools primarily to fend off attacks. Rather, they are using the tools to infiltrate computer networks overseas, leaving behind spy programs and cyber-weapons that can disrupt data or damage systems.The core problem: Spy tools and cyber-weapons rely on vulnerabilities in existing software programs, and these hacks would be much less useful to the government if the flaws were exposed through public warnings. So the more the government spends on offensive techniques, the greater its interest in making sure that security holes in widely used software remain unrepaired."
Special Report: U.S. cyberwar strategy stokes fear of blowback
Reuters, 10 May 2013

"A simple act of cash changing hands could become a lot less private. U.S. researchers have developed a new way of embedding traceable chips within 'smart' paper—raising the possibility of banks and governments guarding against counterfeiting and even tracking the usage of paper money. The new method of embedding radio frequency identification chips (RFID) in paper came from North Dakota State University in Fargo. Researchers used a patent-pending technology—called Laser Enabled Advanced Packaging (LEAP)—to transfer and assemble the traceable RFID chips on paper. Such 'smart' paper could lead to new types of banknotes, legal documents, tickets and smart labels. 'I believe our scheme is the first to demonstrate a functional RFID tag embedded in paper,' says Val Marinov, an associate professor of industrial & manufacturing engineering at North Dakota State University, in a BBC News interview.'.... Banks and governments have played up the idea of using the RFID chips to verify the authenticity of paper money in an effort to fight counterfeiting. Law enforcement agencies could also track smart money as part of its efforts to fight drug trafficking or other organized crime schemes. But the applied RFID technology could also herald a future world where trackable banknotes further diminish the privacy of how people use money. For instance, the government might track the flow of money in the so-called 'gray economy' that relies on mostly untraceable cash exchanges."
Smart Paper Makes Traceable Money Possible
IEEE Spectrum, 2 May 2013

"Nordstrom says it wants to serve you better, so it’s tracking your movements through their stores. The CBS 11 I-Team has learned the retailer is using software to track how much time you spend in specific departments within the store. The technology is being used in 17 Nordstrom and Nordstrom Rack stores nationwide, including the NorthPark store in Dallas. A company spokesperson says sensors within the store collect information from customer smart phones as they attempt to connect to Wi-Fi service. The sensors can monitor which departments you visit and how much time you spend there. However, the sensors do not follow your phone from department to department, nor can they identify any personal information tied to the phone’s owner, says spokesperson Tara Darrow. 'This is literally measuring a signal. You are not connected to the signal,' says Darrow. The store calls the information 'anonymous aggregate reports that give us a better sense of customer foot traffic' and will ultimately be used to increase the shopping experience for Nordstrom customers. Darrow says the company could use the information to increase staffing during certain high-traffic times or change the layout of a department. While Nordstrom has been collecting the information since October, the company has not implemented any changes based on the information it has collected. The store has posted a sign at its NorthPark entrance to alert customers and advise them they can opt out by turning off their phones."
Nordstrom Using Smart Phones To Track Customers Movements
CBS News, 7 May 2013

"The real capabilities and behavior of the US surveillance state are almost entirely unknown to the American public because, like most things of significance done by the US government, it operates behind an impenetrable wall of secrecy. But a seemingly spontaneous admission this week by a former FBI counterterrorism agent provides a rather startling acknowledgment of just how vast and invasive these surveillance activities are. Over the past couple days, cable news tabloid shows such as CNN's Out Front with Erin Burnett have been excitingly focused on the possible involvement in the Boston Marathon attack of Katherine Russell, the 24-year-old American widow of the deceased suspect, Tamerlan Tsarnaev. As part of their relentless stream of leaks uncritically disseminated by our Adversarial Press Corps, anonymous government officials are claiming that they are now focused on telephone calls between Russell and Tsarnaev that took place both before and after the attack to determine if she had prior knowledge of the plot or participated in any way. On Wednesday night, Burnett interviewed Tim Clemente, a former FBI counterterrorism agent, about whether the FBI would be able to discover the contents of past telephone conversations between the two. He quite clearly insisted that they could... 'All of that stuff' - meaning every telephone conversation Americans have with one another on US soil, with or without a search warrant - 'is being captured as we speak'. On Thursday night, Clemente again appeared on CNN, this time with host Carol Costello, and she asked him about those remarks. He reiterated what he said the night before but added expressly that 'all digital communications in the past' are recorded and stored...all digital communications - meaning telephone calls, emails, online chats and the like - are automatically recorded and stored and accessible to the government after the fact. To describe that is to define what a ubiquitous, limitless Surveillance State is. There have been some previous indications that this is true. Former AT&T engineer Mark Klein revealed that AT&T and other telecoms had built a special network that allowed the National Security Agency full and unfettered access to data about the telephone calls and the content of email communications for all of their customers. Specifically, Klein explained 'that the NSA set up a system that vacuumed up Internet and phone-call data from ordinary Americans with the cooperation of AT&T" and that 'contrary to the government's depiction of its surveillance program as aimed at overseas terrorists . . . much of the data sent through AT&T to the NSA was purely domestic.' That every single telephone call is recorded and stored would also explain this extraordinary revelation by the Washington Post in 2010: Every day, collection systems at the National Security Agency intercept and store 1.7 billion e-mails, phone calls and other types of communications. It would also help explain the revelations of former NSA official William Binney, who resigned from the agency in protest over its systemic spying on the domestic communications of US citizens, that the US government has 'assembled on the order of 20 trillion transactions about US citizens with other US citizens' (which counts only communications transactions and not financial and other transactions), and that 'the data that's being assembled is about everybody. And from that data, then they can target anyone they want.' Despite the extreme secrecy behind which these surveillance programs operate, there have been periodic reports of serious abuse. Two Democratic Senators, Ron Wyden and Mark Udall, have been warning for years that Americans would be 'stunned' to learn what the US government is doing in terms of secret surveillance."
Are all telephone calls recorded and accessible to the US government?
Guardian (Comment Is Free), 4 May 2013

"Google's Glass wearable computer have been hacked so video and audio can be transmitted online to anyone. Hackers have been able to remotely watch and hear everything a wearer does, and today warned 'nothing is safe once your Glass has been hacked.' Although Glass does not go on sale to the public until next year, the attack raises major security and privacy questions over Google's plans for the device. 'Once the attacker has root on your Glass, they have much more power than if they had access to your phone or even your computer: they have control over a camera and a microphone that are attached to your head,' wrote Jay 'saurik' Freeman, a well known programmer who has previously developed hacked to bypass security on iPhones and Android handsets. 'A bugged Glass doesn't just watch your every move: it watches everything you are looking at (intentionally or furtively) and hears everything you do. 'The obvious problem, of course, is that you might be using it in fairly private situations. 'The only thing it doesn't know are your thoughts.'"
Google Glass HACKED to transmit everything you see and hear - and experts warn 'the only thing it doesn't know are your thoughts'
Mail, 2 May 2013

"Fridges and freezers in millions of British homes will automatically be switched off without the owner’s consent under a ‘Big Brother’ regime to reduce the strain on power stations. The National Grid is demanding that all new appliances be fitted with sensors that could shut them down when the UK’s generators struggle to meet demand for electricity. Electric ovens, air-conditioning units and washing machines will also be affected by the proposals, which are already backed by one of the European Union’s most influential energy bodies. They are pushing for the move as green energy sources such as wind farms are less predictable than traditional power stations, increasing the risk of blackouts....The sensors will automatically detect spikes in demand for power that the grid is struggling to meet, and temporarily shut off the appliances. Viktor Sundberg, energy strategy manager at Electrolux, warned: ‘This is Big Brother technology on a grand scale. The device inside the fridge or freezer will automatically change the way the appliance operates in response to the output of the grid. This method of shutting down household appliances could to be carried out almost instantly, saving the energy companies millions because they won’t have to start up the turbines or pay huge industrial companies to cut production. Consumers are not benefiting at all and will be left paying more when they buy the appliances, as well as having their private goods controlled by outside forces.’"
Big brother to switch off your fridge: Power giants to make millions - but you must pay for 'sinister' technology
Mail, 27 April 2013

"The rhetoric in the wake of the Boston Marathon bombings is starting to recall the heightened fear that took hold after the terrorist attacks on September 11th, 2001. That's especially true in New York City, where the suspected bombers were allegedly planning a second attack. In a press conference yesterday, both Mayor Michael Bloomberg and police commissioner Ray Kelly used the suspects' alleged plot to make the case for more surveillance cameras. 'You’re never going to know where all of our cameras are,' Bloomberg said. 'And that’s one of the ways you deter people; they just don’t know whether the person sitting next to you is just somebody sitting there or a detective watching.' Kelly promised that the New York City Police Department (NYPD) is expanding its already massive network of cameras. The number of public sector surveillance cameras in New York City is reportedly between 3,500 and 6,000. In an interview earlier this week, Kelly praised the network of 'smart cameras' that allow police to remotely read licenses and recognize suspicious packages. The cameras are part of the NYPD's elite surveillance system, developed by Microsoft over a three year period. It's known as The Domain Awareness System or simply 'the dashboard,' with the total costs reportedly between $30 million and $40 million. The dashboard aggregates data from cameras, mapped crime patterns, 911 alerts, arrest records, parking tickets, and radiation detectors, and it's getting smarter all the time. The cameras can detect when a bag or package is abandoned in a public place, Kelly told MSNBC earlier this week, and he hopes to expand this capability, which he refers to as 'video analytics.' There are questions as to whether surveillance cameras actually prevent attacks: Boston's relatively extensive network of cameras still failed to catch the bombers in the act or dissuade them from their crime. The extensiveness and sophistication of the NYPD's surveillance network also has the American Civil Liberties Union and other public rights advocates worried, but Kelly believes standards of privacy are changing. 'The privacy issue has really been taken off the table,' he said. 'I don’t think people are concerned about it. I think people accept it in a post-9/11 world.' Kelly's sense of conviction is reminiscent of Mayor Bloomberg's statement on the use of drones to monitor civilians: 'get used to it.'"
Privacy is 'off the table' in a 'post-9/11 world,' says New York City police chief
The Verge, 26 April 2013

"Nick Clegg has gone to war with David Cameron and Theresa May over controversial Government plans for a 'snoopers’ charter' allowing the police and security services access to records of individuals' internet use. Mr Clegg, the Deputy Prime Minister, appeared to put a stop to the Tory proposals during his weekly Call Clegg programme on LBC Radio, saying they are 'not going to happen'. Mr Cameron’s official spokesman insisted that discussions about the plans are still 'ongoing', however senior Lib Dems said that Mr Clegg had 'killed' the proposals....Conservative backbenchers also welcomed the developments, with Dominic Raab, the Esher and Walton MP saying they should 'be buried for good'. 'This Orwellian scheme should be buried for good. For the billions it would cost, there are far better ways to strengthen law enforcement without snooping on every law-abiding citizen,' Mr Raab said. Nick De Bois, the MP for Enfield North added: 'It’s good news that this Bill is dead. The proposals would not have worked, would not have made us safer and yet would have carried massive costs. The Bill’s scattergun approach to monitoring personal data would have made us all suspects.'"
Nick Clegg takes on the Tories over 'snoopers' charter'
Telegraph, 25 April 2013

"Nick Clegg took the axe to the 'snoopers’ charter' today and poured scorn on proposals to temporarily opt out of the European Convention on Human Rights to deport Abu Qatada. In a double Coalition bust-up, the Deputy Prime Minister sought to kill off the Draft Communications Data Bill and tore into the idea being floated in Downing Street of a possible limited withdrawal from the ECHR to send hate preacher Qatada to Jordan. The draft Bill is now not expected to be in the Queen’s Speech next month. The Liberal Democrats had already forced the Home Office to go back to the drawing board on the plans for internet service providers to have to store details of internet use in the United Kingdom for a year to allow police and intelligence services to access it. Records would include people’s activity on social network sites, webmail, internet phone calls and online gaming. But despite a series of changes to the legislation, Mr Clegg today ruled out supporting the draft Bill which is backed by security services chiefs but opposed by many civil rights campaigners. Speaking on his weekly Call Clegg phone-in on LBC 97.3 radio, he said: 'The idea was that the Government would pass a law which means there would be a record kept of every website you visit, who you communicate with on social media sites... it is certainly not going to happen with Liberal Democrats in government.''
Nick Clegg takes on Tories over snoopers' charter and scorns efforts to deport Abu Qatada
Evening Standard, 25 April 2013

"Senior Obama administration officials have secretly authorized the interception of communications carried on portions of networks operated by AT&T and other Internet service providers, a practice that might otherwise be illegal under federal wiretapping laws. The secret legal authorization from the Justice Department originally applied to a cybersecurity pilot project in which the military monitored defense contractors' Internet links. Since then, however, the program has been expanded by President Obama to cover all critical infrastructure sectors including energy, healthcare, and finance starting June 12. 'The Justice Department is helping private companies evade federal wiretap laws,' said Marc Rotenberg, executive director of the Electronic Privacy Information Center, which obtained over 1,000 pages of internal government documents and provided them to CNET this week. 'Alarm bells should be going off.' Those documents show the National Security Agency and the Defense Department were deeply involved in pressing for the secret legal authorization, with NSA director Keith Alexander participating in some of the discussions personally. Despite initial reservations, including from industry participants, Justice Department attorneys eventually signed off on the project. The Justice Department agreed to grant legal immunity to the participating network providers in the form of what participants in the confidential discussions refer to as '2511 letters,' a reference to the Wiretap Act codified at 18 USC 2511 in the federal statute books. The Wiretap Act limits the ability of Internet providers to eavesdrop on network traffic except when monitoring is a 'necessary incident' to providing the service or it takes place with a user's 'lawful consent.' An industry representative told CNET the 2511 letters provided legal immunity to the providers by agreeing not to prosecute for criminal violations of the Wiretap Act. It's not clear how many 2511 letters were issued by the Justice Department."
U.S. gives big, secret push to Internet surveillance
CNet, 24 April 2013

"Last week’s terrorist attack in Boston was an emotional play in four acts. First came grief, then anger, then the morbid excitement of a manhunt. The last act was jubilation: When police officers zeroed in on Dzokhar Tsarnaev and took him into custody, they were applauded by a huge cheering Watertown crowd that had gathered to watch. It was essentially an anti-terrorism street party, with the police being celebrated as heroes. Americans are famously skeptical of the police state: Many Second Amendment advocates even cite the possibility of righteous rebellion as an argument in support of maintaining private paramilitary weapon inventories. But it turns out that all it takes to make this libertarian spirit melt away is a pair of murderous idiots with some pressure cookers.... The whole episode presents a case study in why the campaign to protect our civil liberties from the surveillance state seems doomed. In times of peace, civil libertarians who oppose ubiquitous closed-circuit TV cameras, Internet snooping and other privacy infringements are lucky to fight for a draw. But even that rearguard battle is lost as soon as bombs start exploding. Britons once fretted over the proliferation of CCTV cameras in their country — but then came the 2005 transit bombings, and the complaints ebbed. In the United States, the same will be true in the aftermath of Boston, where CCTV footage played an important role in identifying the Marathon-bombing suspects."
Jonathan Kay: Every time a bomb goes off, the surveillance state grows stronger
National Post, 22 April 2013

"David Cameron should scrap the government's 'dangerous' and costly snooping proposals and invest in more police officers instead, leading cyber security specialists have warned. In a letter to the Prime Minister, Professor Ross Anderson from Cambridge University and eight other senior British academics said the Communications Data Bill offered little benefit for real police work. The billions of pounds it was likely to cost would be better spent elsewhere. Dubbed a snoopers' charter by many, the bill was sent back to the drawing board by Nick Clegg last year after mounting concerns over privacy invasions. Home Secretary Theresa May had insisted measures would not mean state snooping and that the new police powers would not result in spying on people's emails. But a cross party committee was not convinced, calling for 'significant amendment' to the bill and arguing that British citizens must not be made to feel that "the state is monitoring their every move". After months of modification the proposals are likely to be pushed forward again in the Queen's Speech next month. But according to The Times the senior academics have warned against the move. 'One year ago, we learnt that the Home Secretary intended to resurrect plans to monitor every British person's internet activity,' they wrote. 'One year on, the plans remain as naïve and technically dangerous as when they were floated by the last government. It seems government has not learnt the lessons of that ill-fated legislation and is intent on trying to foist onto the internet a surveillance system designed for landline telephones. 'The bill combines high financial and privacy costs with low benefits for real police work. The money would be better spent on more police officers, on improving our police forces' computer forensic capabilities, and on international collaboration to tackle cyber crime, than on yet another IT project that already shows the classic symptoms of becoming a failure.' They urged to the government to "abandon the Communications Data Bill and to work with the technical community and the police to meet the real challenges of law enforcement in a connected world"."
Snoopers' charter must be scrapped, warn cyber experts
Public Service, 22 April 2013

"Scotland Yard’s yearly requests to access telephone and postal records have jumped to nearly 57,000 amid fears of a creeping 'surveillance society' in Britain. The Standard today reveals the growing number of requests by the Metropolitan police for surveillance of landlines, mobiles and letters. The figures, obtained under Freedom of Information laws, sparked a fresh row over existing surveillance powers and moves to extend them.... many Tory and Liberal Democrat MPs are concerned over the 'snooping' powers. Esher and Walton Conservative MP Dominic Raab said: ‘Intrusive surveillance should be limited to tackling terrorism and serious crime, not snooping on ordinary citizens.' Campaign group Big Brother Watch, which used FOI laws to ask for communication data requests by the Met, said not enough was being done to investigate how the data already available was being used. The Met’s figures reveals that in 2009 there were more than 51,000 requests for communications data, rising to more than 56,000 in 2010 and nearly 57,000 the following year."
Met police deny snooping as surveillance of phones rises
Evening Standard, 18 April 2013

"Council staff, health and safety inspectors and even Royal Mail want to harness the Government’s proposed 'Snoopers’ Charter' to monitor private emails, telephone records and internet use. It had been thought that only police, intelligence agencies and the taxman would be able to use the Communication Data Act, which will also allow scrutiny of social network sites including Twitter and Facebook. But dozens of public sector organisations have applied to use the powers. They include nine Whitehall departments, NHS trusts, the Environment Agency, the Charity Commission and the Pensions Regulator. Theresa May, the Home Secretary, has argued that the legislation is vital to combat terrorism and other serious offences. But the Home Office confirmed that it was considering all the submissions made by public bodies. Dominic Raab, one of 40 Conservative MPs who oppose the legislation, said: 'This scheme is Orwellian...' ... The proposed legislation obliges internet service providers to keep all records of their customers’ online activity for 12 months. This includes every email, posting on a social networking site, video or telephone calls over the internet. Approved bodies would need a warrant for the content of any message to be handed over."
Town halls join rush to use the snoopers’ charter
Telegraph, 13 April 2013

"Israel is drafting a tender for smart meters to be mandated in every vehicle in the country, tracking drivers to allow for differential taxation, but only once the privacy issues have been resolved. The plan is to vary vehicle tax based on usage, so drivers who don't drive during peak times, or stay out of city centres, get discounted road tax, but the Ministry of Finance and the Ministry of Transport are adamant that any solution will have to protect the privacy of drivers who might not want every journey recorded and logged forever. 'Without a full solution to the privacy problem, we cannot even think about implementing the new tax method,' a source in the transportation department told local business site Globes. 'We want a system which will not notify Big Brother about where a vehicle is located, but in which the device will make the calculations, and allow the car owner to delete data after use.'... The UK system of recording every numberplate which enters the city centre is much easier and has the added benefit of feeding an enormous database of our movements, and as long as you've nothing to hide then presumably you have nothing to fear. We're told this is the way a congestion charge is run, so it will be interesting to see if the Israelis can come up with a better solution, and if such a thing would ever be acceptable to our own government."
Who wants a smart meter to track'n'tax your car? Hello, Israel
The Register, 10 April 2013

"A legal fight over the government’s use of a secret surveillance tool has provided new insight into how the controversial tool works and the extent to which Verizon Wireless aided federal agents in using it to track a suspect. Court documents in a case involving accused identity thief Daniel David Rigmaiden describe how the wireless provider reached out remotely to reprogram an air card the suspect was using in order to make it communicate with the government’s surveillance tool so that he could be located. Rigmaiden, who is accused of being the ringleader of a $4 million tax fraud operation, asserts in court documents that in July 2008 Verizon surreptitiously reprogrammed his air card to make it respond to incoming voice calls from the FBI and also reconfigured it so that it would connect to a fake cell site, or stingray, that the FBI was using to track his location. Air cards are devices that plug into a computer and use the wireless cellular networks of phone providers to connect the computer to the internet. The devices are not phones and therefore don’t have the ability to receive incoming calls, but in this case Rigmaiden asserts that Verizon reconfigured his air card to respond to surreptitious voice calls from a landline controlled by the FBI. The FBI calls, which contacted the air card silently in the background, operated as pings to force the air card into revealing its location. In order to do this, Verizon reprogrammed the device so that when an incoming voice call arrived, the card would disconnect from any legitimate cell tower to which it was already connected, and send real-time cell-site location data to Verizon, which forwarded the data to the FBI. This allowed the FBI to position its stingray in the neighborhood where Rigmaiden resided. The stingray then 'broadcast a very strong signal' to force the air card into connecting to it, instead of reconnecting to a legitimate cell tower, so that agents could then triangulate signals coming from the air card and zoom-in on Rigmaiden’s location....The Electronic Frontier Foundation and the American Civil Liberties Union of Northern California, who have filed an amicus brief in support of Rigmaiden’s motion, maintain that the order does not qualify as a warrant and that the government withheld crucial information from the magistrate — such as identifying that the tracking device they planned to use was a stingray and that its use involved intrusive measures — thus preventing the court from properly fulfilling its oversight function.... The secretive technology, generically known as a stingray or IMSI catcher, allows law enforcement agents to spoof a legitimate cell tower in order to trick nearby mobile phones and other wireless communication devices like air cards into connecting to the stingray instead of a phone carrier’s legitimate tower. When devices connect, stingrays can see and record their unique ID numbers and traffic data, as well as information that points to the device’s location. By moving the stingray around and gathering the wireless device’s signal strength from various locations in a neighborhood, authorities can pinpoint where the device is being used with much more precision than they can get through data obtained from a mobile network provider’s fixed tower location."
Secrets of FBI Smartphone Surveillance Tool Revealed in Court Fight
Wired, 9 April 2013

"Britain is attempting to opt out of a European initiative enabling anyone to delete their personal details from online service providers – a power known as the 'right to be forgotten'. The clash between Brussels and the Ministry of Justice has erupted in the final stages of negotiations over the EU's General Data Protection Regulation, which aims to rebalance the relationship between the individual and the internet. The debate reflects growing tensions between freedom of expression and privacy as increasing numbers of people complain that their online reputation is being corroded by outdated, inaccurate or malicious information that cannot be removed. In France, the number of complaints concerning the right to be forgotten rose 42% last year. A Guardian project has unearthed hundreds of cases of people alarmed at the mishandling of their data or personal information. The UK's chief objection to the EU move is that unrealistic expectations will be created by the right's expansive title because the controls proposed will be relatively modest in their impact on the way data spreads, or is traded, across websites. The right to be forgotten, article 17 of the Data Protection Regulation, has been developed by the EU justice commissioner's office primarily in response to complaints about the way social media, such as Facebook, retain and handle information. Although the terms of the regulation have not yet been finalised, its current form provides for punitive fines – up to 2% of global turnover – for companies that refuse to comply with requests to erase customers' personal details."
Britain seeks opt-out of new European social media privacy laws
Guardian, 4 April 2013

"Encryption used in Apple's iMessage chat service has stymied attempts by federal drug enforcement agents to eavesdrop on suspects' conversations, an internal government document reveals. An internal Drug Enforcement Administration document seen by CNET discusses a February 2013 criminal investigation and warns that because of the use of encryption, "it is impossible to intercept iMessages between two Apple devices" even with a court order approved by a federal judge."
Apple's iMessage encryption trips up feds' surveillance
Cnet, 4 April 2013

"Government documents obtained by the Partnership for Civil Justice Fund (PCJF) through its FOIA records requests reveal that the Department of Homeland Security (DHS), an agency created after the September 11 attacks under the rubric of combating terrorism, conducts daily monitoring of peaceful, lawful protests as a matter of policy. Functioning as a secret political police force against people participating in lawful, peaceful free speech activity, the heavily redacted documents show that the DHS 'Threat Management Division' directed Regional Intelligence Analysts to provide a 'Daily Intelligence Briefing' that includes a category of reporting on 'Peaceful Activist Demonstrations' along with 'Domestic Terrorist Activity.' (p. 68) The PCJF has obtained thousands of pages of documents pursuant to its Freedom of Information Act demands and made them available for public viewing. The newly obtained documents show coordination and intelligence monitoring by the DHS, the FBI, the NYPD and other law enforcement agencies of 'Occupy-type' protests. The documents show the routine use of Fusion Centers for intelligence gathering on peaceful demonstrations as well as the use of DHS’ 'Mega Centers' for collection of surveillance information on demonstrations."
New Documents Reveal: DHS spying on Peaceful Demonstrations and Activists
The Partnership For Civil Justice Fund, 2 April 2013

"Despite the pervasiveness of law enforcement surveillance of digital communication, the FBI still has a difficult time monitoring Gmail, Google Voice, and Dropbox in real time. But that may change soon, because the bureau says it has made gaining more powers to wiretap all forms of Internet conversation and cloud storage a 'top priority' this year. Last week, during a talk for the American Bar Association in Washington, D.C., FBI general counsel Andrew Weissmann discussed some of the pressing surveillance and national security issues facing the bureau. He gave a few updates on the FBI’s efforts to address what it calls the 'going dark' problem—how the rise in popularity of email and social networks has stifled its ability to monitor communications as they are being transmitted. It’s no secret that under the Electronic Communications Privacy Act, the feds can easily obtain archive copies of emails. When it comes to spying on emails or Gchat in real time, however, it’s a different story. That’s because a 1994 surveillance law called the Communications Assistance for Law Enforcement Act only allows the government to force Internet providers and phone companies to install surveillance equipment within their networks. But it doesn’t cover email, cloud services, or online chat providers like Skype. Weissmann said that the FBI wants the power to mandate real-time surveillance of everything from Dropbox and online games ('the chat feature in Scrabble') to Gmail and Google Voice. 'Those communications are being used for criminal conversations,' he said. While it is true that CALEA can only be used to compel Internet and phone providers to build in surveillance capabilities into their networks, the feds do have some existing powers to request surveillance of other services. Authorities can use a 'Title III' order under the 'Wiretap Act' to ask email and online chat providers furnish the government with 'technical assistance necessary to accomplish the interception.' However, the FBI claims this is not sufficient because mandating that providers help with 'technical assistance' is not the same thing as forcing them to 'effectuate' a wiretap. In 2011, then-FBI general counsel Valerie Caproni—Weissmann’s predecessor—stated that Title III orders did not provide the bureau with an 'effective lever' to 'encourage providers' to set up live surveillance quickly and efficiently. In other words, the FBI believes it doesn’t have enough power under current legislation to strong-arm companies into providing real-time wiretaps of communications. Because Gmail is sent between a user’s computer and Google’s servers using SSL encryption, for instance, the FBI can’t intercept it as it is flowing across networks and relies on the company to provide it with access. Google spokesman Chris Gaither hinted that it is already possible for the company to set up live surveillance under some circumstances. 'CALEA doesn't apply to Gmail but an order under the Wiretap Act may,' Gaither told me in an email."
Ryan Gallagher - FBI Pursuing Real-Time Gmail Spying Powers as 'Top Priority' for 2013
Slate (Blog), 26 March 2013

"Microsoft said the Federal Bureau of Investigation is secretly spying on its customers with so-called National Security Letters that don’t require a judge’s approval, a revelation Thursday that mirrors one Google announced two weeks ago. Redmond, Washington-based Microsoft announced that the type of accounts the feds are targeting with National Security Letters, warrants or court orders include Hotmail/Outlook.com, SkyDrive, Xbox LIVE, Microsoft Account, Messenger and Office 365. The announcements by the two tech giants mark the first time U.S. companies have divulged they were secretly responding to National Security Letters and coughing up user data to the bureau without probable-cause warrants. And the Microsoft announcement comes six days after a federal judge declared National Security Letters unconstitutional and gave the President Barack Obama administration 90 days to appeal the ruling."
Microsoft, Too, Says FBI Secretly Surveilling Its Customers
Wired, 21 March 2013

"From Iran to Zimbabwe and New York to Sydney, the world’s media has reacted with astonishment to the assault on a free Press in Britain. As plans to shackle newspapers with state regulation were unveiled, the French declared it a ‘sad day’, the Canadians said it was ‘a mess’ and the Australians branded it ‘scary’. Even the Russians are aghast, with Britain’s humiliation complete as newspapers in Moscow and authoritarian regimes such as Ukraine accused the UK of censorship. Meanwhile, the Germans mocked us as the country that invented Press freedom only to throw it away. The most significant criticism of the new Press regulator — cooked up in a late-night deal by politicians and anti-Press campaigners — came from the U.S., where freedom of expression is enshrined in the constitution. The globally-respected New York Times delivered a damning verdict demolishing David Cameron’s claims that the new system would be free of Government interference. It said the Prime Minister’s claims were ‘without substance’ and condemned the new plans as having a chilling effect on free speech. In Britain, the backlash was growing as the New Statesman followed The Spectator and Private Eye magazines by defying the new proposals. The New Statesman vowed it would not defer to a system ‘designed to suit politicians’.... In a powerful editorial, the New York Times warned the ‘unwieldy regulations’ would ‘chill free speech and threaten the survival of small publishers and internet sites’.It wrote: ‘Prime Minister David Cameron has argued that the plan will keep the Press free because it will be enacted through a Royal Charter, which is technically not a law because it is formally issued by the Queen, not Parliament. But that is a distinction largely without substance. ‘In reality the proposal would effectively create a system of government regulation of Britain’s vibrant free Press, something that has not happened since 1695, when licensing of newspapers was abolished. ‘The kind of Press regulations proposed by British politicians would do more harm than good because an unfettered Press is essential to democracy. It is worth keeping in mind that journalists at newspapers like The Guardian and The Times, not the police, first brought to light the scope and extent of hacking by British tabloids. ‘It would be perverse if regulations enacted in response to this scandal ended up stifling the kind of hard-hitting investigative journalism that brought it to light in the first place.’ It said misdeeds such as phone hacking were ‘far better handled as violations of existing British laws, which already provide ways to prosecute and sue reporters for defamation or hacking.’ Elsewhere, Matt Storin, a former editor of the Boston Globe, the Chicago Sun-Times and a managing editor of the New York Daily News, wrote in his blog: ‘I believe I can speak for virtually all American journalists in saying the new British Press regulations are not only appalling but also, in an American context, unimaginable.’"
How even the Kremlin and Iran scorn Britain for shackling a free Press
Mail, 21 March 2013

"The famous former teenage conman whose exploits were immortalised in the Hollywood blockbuster Catch Me If You Can has issued a stark warning about the dangers of Facebook. Frank Abagnale, portrayed by Leonardo DiCaprio in the Steven Spielberg film, said that the personal information revealed by millions on the social network is a rich seam for identity thieves. Children in particular need to be made aware of the serious risks of unwittingly revealing personal information online, he added.... The 64-year-old is now a security consultant for US law enforcement agencies - including the FBI - having switched sides when he was eventually caught. He said Facebook gives away too much personal information about you and this can allow con artists and impersonators to use your history of ‘likes’ to discern your personal info, lifestyle choices and personality traits. He also warned against using ‘passport style’ photos as profile picture and said being pictured in group photos was safer. ‘If you tell me your date of birth and where you’re born on Facebook, I’m 98 per cent of the way to stealing your identity,’ he told the Guardian. ‘Never state your date of birth and where you were born on personal profiles, otherwise you are saying 'come and steal my identity',’ he warned."
Catch Me If You Can conman issues stark warning on the dangers of revealing personal information on Facebook
Mail, 21 March 2013

"The CIA's chief technology officer outlined the agency's endless appetite for data in a far-ranging speech on Wednesday. Speaking before a crowd of tech geeks at GigaOM's Structure:Data conference in New York City, CTO Ira 'Gus' Hunt said that the world is increasingly awash in information from text messages, tweets, and videos -- and that the agency wants all of it. 'The value of any piece of information is only known when you can connect it with something else that arrives at a future point in time,' Hunt said. 'Since you can't connect dots you don't have, it drives us into a mode of, we fundamentally try to collect everything and hang on to it forever.' Hunt's comments come two days after Federal Computer Week reported that the CIA has committed to a massive, $600 million, 10-year deal with Amazon for cloud computing services. The agency has not commented on that report, but Hunt's speech, which included multiple references to cloud computing, indicates that it does indeed have interest in storage and analysis capabilities on a massive scale. The CIA is keenly interested in capabilities for so-called 'big data' -- the increasingly massive data sets created by digital technology. The agency even has a page on its website pitching big data jobs to prospective employees. Hunt acknowleded that at some scale, data storage becomes impractical, adding that he meant 'forever being in quotes' when he said the agency wants to keep data 'forever.' But he also indicated that he was interested in computing capabilities like 1 petabyte of RAM, a massive capacity for on-the-fly calculations that has heretofore been seen only in computers that simulate nuclear explosions. 'It is really very nearly within our grasp to be able to compute on all human generated information,' Hunt said. After that mark is reached, Hunt said, the agency would also like to be able to save and analyze all of the digital breadcrumbs people don't even know they are creating. 'You're already a walking sensor platform,' he said, nothing that mobiles, smartphones and iPads come with cameras, accelerometers, light detectors and geolocation capabilities. 'You are aware of the fact that somebody can know where you are at all times, because you carry a mobile device, even if that mobile device is turned off,' he said. 'You know this, I hope? Yes? Well, you should.'.... 'Technology in this world is moving faster than government or law can keep up,' he said. 'It's moving faster I would argue than you can keep up: You should be asking the question of what are your rights and who owns your data.'"
CIA's Gus Hunt On Big Data: We 'Try To Collect Everything And Hang On To It Forever'
Huffington Post, 21 March 2013

"If law enforcement wanted to read your letters or other paper correspondence, they have to get a warrant. But in this age of technology, you don't have the same protections. If your email has already been opened or is more than 6 months old, law enforcement and other government agencies can read them. 'The courts have said that the laws are very confusing and have permitted the government to search your emails held by providers without a warrant,' said Francisco Loboco with the American Civil Liberties Union. While government investigators generally look at email for evidence of criminal activity, that's not always the case. Email privacy became a national debate after CIA Director David Petraeus resigned over an extramarital affair. Privacy groups asked if the CIA can't keep the FBI from reading Petraeus' private email, what protections do ordinary people have? State Sen. Mark Leno (D-San Francisco) wants to clearly define the line in California. Electronic communications should be no different than paper communications: They're all private. 'All we're saying is you need to go to court, make the case that there is a reasonable cause to believe that some illegal activity is ongoing,' said Leno."
Emails should be protected like regular mail, California senator says
ABC, 21 March 2013

"The Justice Department said on Tuesday that it supports rewriting 26-year-old legislation that has allowed US law enforcement officials to read a person's emails without a search warrant so long as the email is older than six months or already opened. The law has long been criticized by privacy advocates as a loophole when it comes to protecting Americans from government snooping. 'There is no principled basis to treat email less than 180 days old differently than email more than 180 days old,' Elana Tyrangiel, acting assistant attorney general in the Office of Legal Policy, told a House judiciary subcommittee. She also said emails deserve the same legal protections whether they have been opened or not. Tyrangiel's testimony gives Congress a starting point as it begins to review a complicated 1986 law known as the Electronic Communications Privacy Act. Written at a time before the internet was popularized and before many Americans used Yahoo or Google servers to store their emails indefinitely, the law allows federal authorities to obtain a subpoena approved by a federal prosecutor – not a judge – to access electronic messages older than 180 days. The Justice Department also has interpreted the law to mean that law enforcement with only a subpoena can review emails that have already been opened by the user, although that has been challenged by the courts. To obtain more recent or unopened communications, a warrant from a judge is required. This is a higher standard that requires proof of probable cause that a crime is being committed."
Justice Department backs rewriting law that allows police to read emails
Guardian, 19 March 2013

"The Obama administration will argue before a federal appeals court on Tuesday that law enforcement must regain the ability to use GPS tracking devices without a warrant, which it says is necessary to continue the fight against terrorism. The use of GPS devices in warrantless snooping has been illegal since January 2012, when the Supreme Court ruled that vehicles are private property protected by the Fourth Amendment, which guarantees freedom from unreasonable search and seizure. If the Obama administration is successful on its appeal however, GPS devices will be fair game for police nationwide."
Obama administration: Warrantless GPS tracking needed to fight terrorism
Raw Story, 19 March 2013

"AT&T, Verizon Wireless, Sprint, and other wireless providers would be required to capture and store Americans' confidential text messages, according to a proposal that will be presented to a congressional panel today. The law enforcement proposal would require wireless providers to record and store customers' SMS messages -- a controversial idea akin to requiring them to surreptitiously record audio of their customers' phone calls -- in case police decide to obtain them at some point in the future. ... While the SMS retention proposal could open a new front in Capitol Hill politicking over electronic surveillance, the concept of mandatory data retention is hardly new. The Justice Department under President Obama has publicly called for new laws requiring Internet service providers to record data about their customers, and a House panel approved such a requirement in 2011."
Cops: U.S. law should require logs of your text messages
CNet News, 19 March 2013

"James Goodale has a message for journalists: Wake up. In his new book, Fighting for the Press (CUNY Journalism Press, 2013), Goodale, chief counsel to The New York Times when its editors published the Pentagon Papers in 1971, argues that President Obama is worse for press freedom than former President Richard Nixon was. The Obama administration has prosecuted more alleged leakers of national security information under the 1917 Espionage Act than all previous administrations combined, a course critics say is overly aggressive. Former New York Times executive editor Bill Keller wrote in a March op-ed that the administration 'has a particular, chilling intolerance' for those who leak. If the Obama administration indicts WikiLeaks founder Julian Assange for conspiracy to violate the Espionage Act, Goodale argues, the president will have succeeded where Nixon failed by using the act to 'end-run' the First Amendment.'"
James Goodale: It’s a bad time for press freedoms
Columbia Journalism Review, 19 March 2013

"Paula Broadwell,who had an affair with CIA director David Petraeus, similarly took extensive precautions to hide her identity. She never logged in to her anonymous e-mail service from her home network. Instead, she used hotel and other public networks when she e-mailed him. The FBI correlated hotel registration data from several different hotels -- and hers was the common name. The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we're being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks us on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies tracked his Internet use during one 36-hour period. Increasingly, what we do on the Internet is being combined with other data about us. Unmasking Broadwell's identity involved correlating her Internet activity with her hotel stays. Everything we do now involves computers, and computers produce data as a natural by-product. Everything is now being saved and correlated, and many big-data companies make money by building up intimate profiles of our lives from a variety of sources. Facebook, for example, correlates your online behavior with your purchasing habits offline. And there's more. There's location data from your cell phone, there's a record of your movements from closed-circuit TVs. This is ubiquitous surveillance: All of us being watched, all the time, and that data being stored forever. This is what a surveillance state looks like, and it's efficient beyond the wildest dreams of George Orwell. Sure, we can take measures to prevent this. We can limit what we search on Google from our iPhones, and instead use computer web browsers that allow us to delete cookies. We can use an alias on Facebook. We can turn our cell phones off and spend cash. But increasingly, none of it matters. There are simply too many ways to be tracked. The Internet, e-mail, cell phones, web browsers, social networking sites, search engines: these have become necessities, and it's fanciful to expect people to simply refuse to use them just because they don't like the spying, especially since the full extent of such spying is deliberately hidden from us and there are few alternatives being marketed by companies that don't spy. This isn't something the free market can fix. We consumers have no choice in the matter. All the major companies that provide us with Internet services are interested in tracking us. Visit a website and it will almost certainly know who you are; there are lots of ways to be tracked without cookies. Cellphone companies routinely undo the web's privacy protection. One experiment at Carnegie Mellon took real-time videos of students on campus and was able to identify one-third of them by comparing their photos with publicly available tagged Facebook photos. Maintaining privacy on the Internet is nearly impossible. If you forget even once to enable your protections, or click on the wrong link, or type the wrong thing, and you've permanently attached your name to whatever anonymous service you're using. Monsegur slipped up once, and the FBI got him. If the director of the CIA can't maintain his privacy on the Internet, we've got no hope. In today's world, governments and corporations are working together to keep things that way. Governments are happy to use the data corporations collect -- occasionally demanding that they collect more and save it longer -- to spy on us. And corporations are happy to buy data from governments. Together the powerful spy on the powerless, and they're not going to give up their positions of power, despite what the people want. Fixing this requires strong government will, but they're just as punch-drunk on data as the corporations. Slap-on-the-wrist fines notwithstanding, no one is agitating for better privacy laws. So, we're done. Welcome to a world where Google knows exactly what sort of porn you all like, and more about your interests than your spouse does. Welcome to a world where your cell phone company knows exactly where you are all the time. Welcome to the end of private conversations, because increasingly your conversations are conducted by e-mail, text, or social networking sites. And welcome to a world where all of this, and everything else that you do or is done on a computer, is saved, correlated, studied, passed around from company to company without your knowledge or consent; and where the government accesses it at will without a warrant."
The Internet is a surveillance state
CNN, 16 March 2013

".... researchers at the University of Cambridge published a study this week, titled 'Private traits and attributes are predictable from digital records of human behavior' that shows—with alarming accuracy—the types of sensitive, personal information that can be predicted based solely on your Facebook likes. The researchers—Michal Kosinski, David Stillwell and Thore Graepel—write in the lastest Proceedings of the National Academy of Sciences: 'We show that a wide variety of people’s personal attributes, ranging from sexual orientation to intelligence, can be automatically and accurately inferred using their Facebook Likes. Similarity between Facebook Likes and other widespread kinds of digital records, such as browsing histories, search queries, or purchase histories suggests that the potential to reveal users’ attributes is unlikely to be limited to Likes. Moreover, the wide variety of attributes predicted in this study indicates that, given appropriate training data, it may be possible to reveal other attributes as well.' EFF and other privacy organizations often warn users of social media sites to be mindful of the type of information they make publicly available. We advocate locking down your privacy settings and opting out of tracking programs launched by marketing companies, so your data, to the extent it can, remains under your control. Nevertheless, the seemingly innocuous things you 'like' on Facebook may reveal far more about your life than what you actually like. The authors write: 'Commercial companies, governmental institutions, or even one’s Facebook friends could use software to infer attributes such as intelligence, sexual orientation, or political views that an individual may not have intended to share. One can imagine situations in which such predictions, even if incorrect, could pose a threat to an individual’s well-being, freedom, or even life. Importantly, given the ever-increasing amount of digital traces people leave behind, it becomes difficult for individuals to control which of their attributes are being revealed.'"
You Won't Like What Your Facebook 'Likes' Reveal
EFF, 13 March 2013

"The Obama administration is drawing up plans to give all U.S. spy agencies full access to a massive database that contains financial data on American citizens and others who bank in the country, according to a Treasury Department document seen by Reuters. The proposed plan represents a major step by U.S. intelligence agencies to spot and track down terrorist networks and crime syndicates by bringing together financial databanks, criminal records and military intelligence. The plan, which legal experts say is permissible under U.S. law, is nonetheless likely to trigger intense criticism from privacy advocates.... A move like the FinCEN proposal 'raises concerns as to whether people could find their information in a file as a potential terrorist suspect without having the appropriate predicate for that and find themselves potentially falsely accused,' said Sharon Bradford Franklin, senior counsel for the Rule of Law Program at the Constitution Project, a non-profit watchdog group....The plan calls for the Office of the Director of National Intelligence - set up after 9/11 to foster greater collaboration among intelligence agencies - to work with Treasury. The Director of National Intelligence declined to comment. More than 25,000 financial firms - including banks, securities dealers, casinos, and money and wire transfer agencies - routinely file 'suspicious activity reports' to FinCEN. The requirements for filing are so strict that banks often over-report, so they cannot be accused of failing to disclose activity that later proves questionable. This over-reporting raises the possibility that the financial details of ordinary citizens could wind up in the hands of spy agencies. Stephen Vladeck, a professor at American University's Washington College of Law, said privacy advocates have already been pushing back against the increased data-sharing activities between government agencies that followed the September 11 attacks. 'One of the real pushes from the civil liberties community has been to move away from collection restrictions on the front end and put more limits on what the government can do once it has the information,' he said."
U.S. to let spy agencies scour Americans' finances
Reuters, 13 March 2013

"We have found command and control servers for FinSpy backdoors, part of Gamma International’s FinFisher 'remote monitoring solution,' in a total of 25 countries: Australia, Bahrain, Bangladesh, Brunei, Canada, Czech Republic, Estonia, Ethiopia, Germany, India, Indonesia, Japan, Latvia, Malaysia, Mexico, Mongolia, Netherlands, Qatar, Serbia, Singapore, Turkmenistan, United Arab Emirates, United Kingdom, United States, Vietnam.... FinFisher is a line of remote intrusion and surveillance software developed by Munich-based Gamma International GmbH. FinFisher products are marketed and sold exclusively to law enforcement and intelligence agencies by the UK-based Gamma Group. Although touted as a 'lawful interception' suite for monitoring criminals, FinFisher has gained notoriety because it has been used in targeted attacks against human rights campaigners and opposition activists in countries with questionable human rights records. In late July 2012, we published the results of an investigation into a suspicious e-mail campaign targeting Bahraini activists.3 We analyzed the attachments and discovered that they contained the FinSpy spyware, FinFisher’s remote monitoring product. FinSpy captures information from an infected computer, such as passwords and Skype calls, and sends the information to a FinSpy command & control (C2) server. The attachments we analyzed sent data to a command & control server inside Bahrain.... We published our list of servers in late August 2012, in addition to an analysis of mobile phone versions of FinSpy. FinSpy servers were apparently updated again in October 2012 to disable this newer fingerprinting technique, although it was never publicly described. Nevertheless, via analysis of existing samples and observation of command & control servers, we managed to enumerate yet more fingerprinting methods and continue our survey of the internet for this surveillance software. We describe the results in this post.... Civil society groups have found cause for concern in these findings, as they indicate the use of FinFisher products by countries like Turkmenistan and Bahrain with problematic records on human rights, transparency, and rule of law.... In February 2013, Privacy International, the European Centre for Constitutional and Human Rights (ECCHR), the Bahrain Center for Human Rights, Bahrain Watch, and Reporters Without Borders filed a complaint with the Organization for Economic Cooperation and Development (OECD), requesting that this body investigate whether Gamma violated OECD Guidelines for Multinational Enterprises by exporting FinSpy to Bahrain. ... According to recent reporting, German Federal Police appear to have plans to purchase and use the FinFisher suite of tools domestically within Germany.5 Meanwhile, findings by our group and others continue to illustrate the global proliferation of FinFisher’s products.... Our new scan identified a total of 36 FinSpy servers, 30 of which were new and 6 of which we had found during previous scanning. The servers operated in 19 different countries. Among the FinSpy servers we found, 7 were in countries we hadn’t seen before....Companies selling surveillance and intrusion software commonly claim that their tools are only used to track criminals and terrorists. FinFisher, VUPEN and Hacking Team have all used similar language. Yet a growing body of evidence suggests that these tools are regularly obtained by countries where dissenting political activity and speech is criminalized. Our findings highlight the increasing dissonance between Gamma’s public claims that FinSpy is used exclusively to track 'bad guys' and the growing body of evidence suggesting that the tool has and continues to be used against opposition groups and human rights activists....The unchecked global proliferation of products like FinFisher makes a strong case for policy debate about surveillance software and the commercialization of offensive cyber-capabilities.... We urge civil society groups and journalists to follow up on our findings within affected countries. We also hope that our findings will provide valuable information to the ongoing technology and policy debate about surveillance software and the commercialisation of offensive cyber-capabilities."
You Only Click Twice: FinFisher’s Global Proliferation
The Citizen Lab, 13 March 2013

"The shadow of secret justice has ‘chillingly’ reached the highest court in Britain, campaigners warned last night. Liberty reacted with horror to a ruling by the Supreme Court that it was prepared to consider material delivered behind closed doors. In the past, neither the court nor its predecessor - the Law Lords - had considered secret evidence. But a panel of nine Supreme Court justices concluded that the court had the jurisdiction to consider a secret High Court ruling based on evidence given to a judge at a private hearing. Liberty had argued - at a Supreme Court hearing in London - that the Supreme Court had no statutory power to consider the ruling, delivered by High Court judge Mr Justice Mitting three years ago. Isabella Sankey, Director of Policy for Liberty, said: ‘Chillingly the shadow of secret justice now spreads to the highest court in the land.’ The Supreme Court justices had been considering a secret ruling given during a case involving the Government and an Iranian bank accused of indirectly helping finance Iran’s nuclear weapons programme.... Bank Mellat, which has not seen Mr Justice Mitting’s secret ruling, had argued that the Supreme Court had no statutory power to consider the secret judgment and did not need to consider the secret judgment when making a decision on whether or not to overturn the Treasury order. Liberty had also said the Supreme Court had no statutory power to consider secret material."
Now 'chilling secret justice' reaches the highest court in UK
Mail, 12 March 2013

"Growing numbers of women are being spied on by hackers who access their webcams then take secret pictures and post them on 's*x slave' forums. The hackers - known as Rats - infect the device with a remote administration tool (RAT) that opens up the woman's screen, webcam, files and microphone. These women can then be monitored in secret or taunted by the hacker who sends mocking messages and pictures into her computer. The phenomenon is not new but has now reached giant proportions with tech site Arstechnica revealing that one of the 'slave forums' has 23 million total posts. One user wrote: 'Poor people think they are alone in their private homes, but have no idea they are the laughing stock on HackForums.'... The scheme works by fooling the victim into downloading a small piece of software onto their machine. This can be done by sending them an email asking them to click to see a picture or listen to a song, for example. Once installed, the RAT software allows the hacker to take control of the machine at any time - rather like the system some big firms use to update their machine's software and fix IT problems. Hackers can control the machine as if they were sitting at it - doing everything from switching on the webcam to looking through files on the hard drive to find bank details and personal pictures."
Beware new 'ratters' plague: Men are spying on women through their OWN webcams by injecting virus into computer
Mail, 11 March 2013

"Privacy experts say that a pair of new mobile privacy bills recently introduced in Texas are among the 'most sweeping' ever seen. And they say the proposed legislation offers better protection than a related privacy bill introduced this week in Congress. If passed, the new bills would establish a well-defined, probable-cause-driven warrant requirement for all location information. That's not just data from GPS, but potentially pen register, tap and trace, and tower location data as well. Such data would be disclosed to law enforcement 'if there is probable cause to believe the records disclosing location information will provide evidence in a criminal investigation.'.... 'Location information can reveal a great deal about an individual’s professional and personal life—her friends and associates, her participation in political or religious activities, her regular visits to a health clinic or support group, and more,' said Chris Conley, an attorney with the ACLU of Northern California. 'That’s why we think it is essential that the government get a search warrant, approved by a judge, before demanding this kind of information from cell phone providers. The Texas bill would require just that. In addition, the Texas bill would also require companies to report how often they receive such demands from law enforcement and how much information they disclose. This kind of transparency is essential to carry on an informed dialog about appropriate law enforcement powers in the modern world.''
Texas proposes one of nation’s 'most sweeping' mobile privacy laws
ArsTechnica, 7 March 2013

"[Following] a deal brokered with the President Barack Obama administration, Google on 5 March published a 'range' of times it received National Security Letters demanding it divulge account information to the authorities without warrants. It was the first time a company has ever released data chronicling the volume of National Security Letter requests..... In each year from 2009 to 2012, Google said it received '0-999' National Security Letters.... 'You'll notice that we're reporting numerical ranges rather than exact numbers. This is to address concerns raised by the FBI, Justice Department and other agencies that releasing exact numbers might reveal information about investigations. We plan to update these figures annually,' Richard Salgado, a Google legal director, wrote in a blog post. Salgado was not available for comment. What makes the US government's position questionable is that it is required by Congress to disclose the number of times the bureau issues National Security Letters. In 2011, the year with the latest available figures, the FBI issued 16,511 National Security Letters pertaining to 7,201 different persons. (.pdf) Google said the number of accounts connected to National Security letters ranged between '1000-1999' for each of the reported years other than 2010. In that year, the range was '2000-2999.' Google noted that the FBI may "obtain 'the name, address, length of service, and local and long distance toll billing records' of a subscriber to a wire or electronic communications service. The FBI can't use NSLs to obtain anything else from Google, such as Gmail content, search queries, YouTube videos or user IP addresses.' Google often must disclose that data via other means, as described here.... National Security Letters are a powerful tool because they do not require court approval, and they come with a built-in gag order, preventing recipients from disclosing to anyone that they have even received an NSL.... the lack of court oversight raises the possibility for extensive abuse. In 2007 a Justice Department Inspector General audit found that the FBI had indeed abused its authority and misused NSLs on many occasions. After 9/11, for example, the FBI paid multimillion-dollar contracts to AT&T and Verizon requiring the companies to station employees inside the FBI and to give these employees access to the telecom databases so they could immediately service FBI requests for telephone records. The IG found that the employees let FBI agents illegally look at customer records without paperwork and even wrote NSLs for the FBI."
Google says the FBI is secretly spying on some of its customers
Wired, 6 March 2013

"The Pentagon’s blue-sky researchers are funding a project that uses crowdsourcing to improve how machines analyze our speech. Even more radical: Darpa [Defense Advanced Research Projects Agency] wants to make systems so accurate, you’ll be able to easily record, transcribe and recall all the conversations you ever have. Analyzing speech and improving speech-to-text machines has been a hobby horse for Darpa in recent years. But this takes it a step further, in exploring the ways crowdsourcing can make it possible for our speech to be recorded and stored forever. But it’s not just about better recordings of what you say. It’ll lead to more recorded conversations, quickly transcribed and then stored in perpetuity — like a Twitter feed or e-mail archive for everyday speech. Imagine living in a world where every errant utterance you make is preserved forever. University of Texas computer scientist Matt Lease has studied crowdsourcing for years, including for an earlier Darpa project called Effective Affordable Reusable Speech-to-text, or EARS.... How? The answer, Lease says, is in widespread use of recording technologies like smartphones, cameras and audio recorders — a kind of 'democratizing force of everyday people recording and sharing their daily lives and experiences through their conversations.' But the trick to making the concept functional and searchable, says Lease, is blending automated voice analysis machines with large numbers of human analysts through crowdsourcing. .... 'There’s a linguistic sense in that conversational speech is quite different than text,' Lease says. 'So we really need to think about how we make this form of our language, which is so natural to us in speech, something that is accessible to us when it’s written down, in a way that it may not naturally be.' It also raises some thorny legal and social questions about privacy. For one, there is an issue with 'respecting the privacy rights of multiple people involved,' Lease says. ... A 2003 memorandum from the Congressional Research Service described EARS as focusing on speech picked up from broadcasts and telephone conversations, 'as well as extract clues about the identity of speakers' for 'the military, intelligence and law enforcement communities.' Though Lease didn’t mention automatically recognizing voices. But the research may not have to go that far — if we’re going to be recording ourselves."
Darpa Wants You to Transcribe, and Instantly Recall, All of Your Conversations
Wired, 4 March 2013

"A book published earlier this month, Deep State: Inside the Government Secrecy Industry, contains revelations about the NSA’s snooping efforts, based on information gleaned from NSA sources. According to a detailed summary by Shane Harris at the Washingtonian yesterday, the book discloses that a codename for a controversial NSA surveillance program is 'Ragtime'—and that as many as 50 companies have apparently participated, by providing data as part of a domestic collection initiative. Deep State, which was authored by Marc Ambinder and D.B. Grady, also offers insight into how the NSA deems individuals a potential threat. The agency uses an automated data-mining process based on 'a computerized analysis that assigns probability scores to each potential target,' as Harris puts it in his summary. The domestic version of the program, dubbed 'Ragtime-P,' can process as many as 50 different data sets at one time, focusing on international communications from or to the United States. Intercepted metadata, such as email headers showing 'to' and 'from' fields, is stored in a database called 'Marina,' where it generally stays for five years. About three dozen NSA officials have access to Ragtime's intercepted data on domestic counter-terrorism, the book claims, though outside the agency some 1000 people 'are privy to the full details of the program." Internally, the NSA apparently only employs four or five individuals as 'compliance staff' to make sure the snooping is falling in line with laws and regulations. Another section of the Ragtime program, 'Ragtime-A,' is said to involve U.S.-based interception of foreign counterterrorism data, while 'Ragtime-B' collects data from foreign governments that transits through the U.S., and 'Ragtime-C' monitors counter proliferation activity."
Details Revealed on Secret U.S. 'Ragtime” Domestic Surveillance Program
Slate (Blog), 28 February 2013

"Lawyers and civil rights activists can’t challenge a federal law that allows government surveillance of international phone calls and e-mail, the U.S. Supreme Court ruled in a victory for the Obama administration. The justices, voting 5-4 along ideological lines, today said groups and people represented by the American Civil Liberties Union hadn’t shown they were being harmed by the surveillance. The ACLU’s clients include Amnesty International, lawyers, international rights activists and journalists. The activists contended that the 2008 law violates the Constitution by allowing the monitoring, with minimal court supervision, of international communications by Americans who aren’t suspected of criminal or terrorist activities. .... The law 'is a sweeping surveillance statute with far-reaching implications for Americans’ privacy,' Jameel Jaffer, the ACLU lawyer who argued the case, said in an e-mailed statement. 'This ruling insulates the statute from meaningful judicial review and leaves Americans’ privacy rights to the mercy of the political branches.' A separate provision in the law protects telecommunications companies, including AT&T Inc. (T) and Verizon Communications Inc. (VZ), from lawsuits claiming they let the government use their networks for improper wiretaps. The ACLU sued, and the 2nd U.S. Circuit Court of Appeals in New York said the suit could proceed. The 2008 law requires the government to get authorization from a special body, the Foreign Intelligence Surveillance Court, to establish wiretaps. The ACLU says the law’s requirements are so minimal that an order from the special court can authorize surveillance of thousands or millions of communications. Barring the lawsuit may mean people can never challenge the law because they won’t know they were under surveillance, it says. The case is Clapper v. Amnesty International USA, 11-1025."
Wiretapping-Law Challenges Barred by U.S. Supreme Court
Bloomberg, 26 February 2013

"A divided Supreme Court halted a legal challenge Tuesday to a once-secret warrantless surveillance project that gobbles up Americans’ electronic communications, a program that Congress eventually legalized in 2008 and again in 2012. The 5-4 decision (.pdf) by Justice Samuel Alito was a clear victory for the President Barack Obama administration, which like its predecessor, argued that government wiretapping laws cannot be challenged in court. What’s more, the outcome marks the first time the Supreme Court decided any case touching on the eavesdropping program that was secretly employed in the wake of 9/11 by the President George W. Bush administration, and eventually codified into law twice by Congress."
Supreme Court Thwarts Challenge to Warrantless Surveillance
Wired, 26 February 2013

"Your company already knows whether you have been taking your meds, getting your teeth cleaned and going for regular medical checkups. Now some employers or their insurance companies are tracking what staffers eat, where they shop and how much weight they are putting on—and taking action to keep them in line.... Blue Cross and Blue Shield of North Carolina recently began buying spending data on more than 3 million people in its employer group plans. If someone, say, purchases plus-size clothing, the health plan could flag him for potential obesity—and then call or send mailings offering weight-loss solutions. Marketing firms have sold this data to retailers and credit-card companies for years, and health plans have recently discovered they can use it to augment claims data. 'Everybody is using these databases to sell you stuff,' says Daryl Wansink, director of health economics for the Blue Cross unit. 'We happen to be trying to sell you something that can get you healthier.' Some critics worry that the methods cross the line between protective and invasive—and could lead to job discrimination. 'It's a slippery-slope deal,' says Dr. Deborah Peel, founder of Patient Privacy Rights, which advocates for medical-data confidentiality. She worries employers could conceivably make other conclusions about people who load up the cart with butter and sugar."
How the Insurer Knows You Just Stocked Up on Ice Cream and Beer
Wall Street Journal, 25 February 2013

"If you have a Facebook profile, you know there are all kind of different settings and choices you can make to customize your personal level of privacy; but are those tools working how you want them to?... here in Ohio you can't delete your way out of your messy social media life. It is legal in Ohio for employers, employment agencies and labor unions to ask you to surrender your personal password, and as we learned in a recent experiment, your password can open your entire history to inspection and judgment. ... Using the volunteer's password, Sara was able to access every item the volunteer posted on her Facebook wall since the day she signed on – in December 2007. She was able to see every picture and every video the volunteer posted, every ad she ever viewed, a list of all her current and deleted friends. What I found most surprising, however, is that even the private messages to single individuals that the volunteer had typed into a pop-up message box were available for viewing. We printed out more than 200 pages of conversations the volunteer believed to be private – even those she thought were deleted. If an employer has your password all of this information will be at their fingertips. Ohio Senator Charleta Tavares calls it an invasion of privacy. She has re-introduced a bill that stalled in the legislature last year that would make it illegal for an employer, an employment agency or a labor union to ask you to surrender your personal passwords. It is vital to note that the Tavares bill would not ban employers from looking at your social media pages, it would merely deny them access to the password that opens to examination your hidden files, deleted items and history. ... Our volunteer vows to never have another private conversation on Facebook. Are you re-examining your on-line habits? Experts have always said you should not post anything on social media that you don't want your grandmother to see. You might want to also think about how your online posts would be viewed by your employer."
You Can't Delete Your Way Out Of Social Media
NBC4, 19 February 2013

"Remote-controlled drones that can record video footage are being sold in large retail stores, alarming privacy experts who say they could be used to spy on people. The drones sell for as little as $350, making them increasingly popular with the general public, and worrying those who believe the technology has the potential to be a peeping Tom in the sky. Associate Professor Kevin Heller from the Melbourne Law School says the idea that private citizens can buy drones and record footage directly onto smartphones had serious privacy implications. He said that while ''not everybody who buys these drones is a closet criminal … there are infinite mischievous possibilities. 'It doesn't take a genius to imagine flying one over the neighbours' lawn and capturing photos of them nude,' he said. Australian Privacy Commissioner Timothy Pilgrim is cautious about the growing use of camera drones. 'It is concerning that this type of equipment can be easily purchased and used by individuals, potentially without any limitation on their use,' said Mr Pilgrim, who recently wrote to the Attorney-General raising his concerns. As Mr Pilgrim points out, under Australia's 1988 Privacy Act, private sector organisations with a turnover of less than $3 million are not subject to regulation, leaving plenty of scope for abuse. The situation has been exacerbated by the growth in DIY-drones available from hobby shops. Guided by GPS and tiny autopilots, hobby drones now have the ability to fly for kilometres, providing sharp video vision directly back to the pilot."
Spying eyes or a bit of fun, drones fly off the shelves
Sydney Morning Herald, 17 February 2013

"Perhaps even more startling than the government’s little-known Rapid DNA project, the U.S. Department of Defense begun a new project that will turn smartphones into devices that can collect biometric data. The DoD has awarded a $3 million research contract to technology firm AOptix to develop the technology. The company will provide the DoD with hardware and software that can turn commercially available smartphones into invasive accessories that have the ability to record and send iris scans, face scans, thumb prints and the users voice. The 'Smart Mobile Identity' platform also has the ability to record biometric data at a distance and completion of the project is not expected until after 2014. The DoD awarded the contract based on a demonstration by the firm at the Biometrics Consortium Conference in September. AOptix will also work CACI International Inc, an information solutions and services provider....Initially, it has been claimed that the biometric enabled phones will only be used by soldiers and marines on patrol that need to record information about suspicious individuals, but as we seen all too often with invasive technology, it is usually developed under one pretense and used under another....During the Iraq war, the U.S. Central Command gathered and kept the biometric information of three million people. Big brother won’t just be watching, he’ll be smelling you too. Right now Darpa-funded projects are also creating even more invasive biometric technology that can scan the area around your eye, the way you walk and even your odor."
Smartphones To Collect Biometric Data
RINF, 14 February 2013

"The passwords on iPhones can be hacked, giving someone the ability to make calls, listen to your recent messages and tinker with your contact list, according to a new video posted to YouTube. The apparent security flaw is shown on an iPhone 5 and can be exploited on phones running Apple's iOS 6.1, the most recent version of its mobile operating system, and some earlier versions. The technique was posted by a Spanish-speaking user with the account name 'videosdebarraquito,' who has posted other videos that show what appear to be ways to tweak settings on the iPhone. CNN is not linking to the video, which was published January 31 but recently discovered by tech bloggers. It involves using another phone placed nearby to make a call to the phone, canceling it, then answering with the targeted phone and fiddling with the power button."
Security flaw allows snoopers to access locked iPhones
CNN, 14 February 2013

"Many motorists don't know it, but it's likely that every time they get behind the wheel, there's a snitch along for the ride. This week ended the public comment period on a proposed law that would put so-called black boxes in every new car sold by September 1, 2014. The thing is, most cars already have them unbeknownst to many drivers. Automakers have been quietly tucking the devices, which automatically record the actions of drivers and the responses of their vehicles in a continuous information loop, into most new cars for years.... 'Right now we're in an environment where there are no rules, there are no limits, there are no consequences and there is no transparency,' said Lillie Coney, associate director of the Electronic Privacy Information Center, a privacy advocacy group. 'Most people who are operating a motor vehicle have no idea this technology is integrated into their vehicle.' Part of the concern is that the increasing computerization of cars and the growing communications to and from vehicles like GPS navigation and General Motors' OnStar system could lead to unintended uses of recorder data. 'Basically your car is a computer now, so it can record all kinds of information,' said Gloria Bergquist, vice president of the Alliance of Automotive Manufacturers. 'It's a lot of the same issues you have about your computer or your smartphone and whether Google or someone else has access to the data.' The alliance opposes the government requiring recorders in all vehicles."
Feds Set To Mandate 'Black Box' Data Recorders In Every Car And Truck
Associated Press, 11 February 2013

"A multinational security firm has secretly developed software capable of tracking people's movements and predicting future behaviour by mining data from social networking websites. A video obtained by the Guardian reveals how an 'extreme-scale analytics' system created by Raytheon, the world's fifth largest defence contractor, can gather vast amounts of information about people from websites including Facebook, Twitter and Foursquare. Raytheon says it has not sold the software – named Riot, or Rapid Information Overlay Technology – to any clients.But the Massachusetts-based company has acknowledged the technology was shared with US government and industry as part of a joint research and development effort, in 2010, to help build a national security system capable of analysing 'trillions of entities' from cyberspace. The power of Riot to harness popular websites for surveillance offers a rare insight into controversial techniques that have attracted interest from intelligence and national security agencies, at the same time prompting civil liberties and online privacy concerns. The sophisticated technology demonstrates how the same social networks that helped propel the Arab Spring revolutions can be transformed into a 'Google for spies' and tapped as a means of monitoring and control. Using Riot it is possible to gain an entire snapshot of a person's life – their friends, the places they visit charted on a map – in little more than a few clicks of a button. In the video obtained by the Guardian, it is explained by Raytheon's 'principal investigator' Brian Urch that photographs users post on social networks sometimes contain latitude and longitude details – automatically embedded by smartphones within so-called 'exif header data.' Riot pulls out this information, showing not only the photographs posted onto social networks by individuals, but also the location at which the photographs were taken. 'We're going to track one of our own employees,' Urch says in the video, before bringing up pictures of 'Nick,' a Raytheon staff member used as an example target. With information gathered from social networks, Riot quickly reveals Nick frequently visits Washington Nationals Park, where on one occasion he snapped a photograph of himself posing with a blonde haired woman. 'We know where Nick's going, we know what Nick looks like,' Urch explains, 'now we want to try to predict where he may be in the future.' Riot can display on a spider diagram the associations and relationships between individuals online by looking at who they have communicated with over Twitter. It can also mine data from Facebook and sift GPS location information from Foursquare, a mobile phone app used by more than 25 million people to alert friends of their whereabouts. The Foursquare data can be used to display, in graph form, the top 10 places visited by tracked individuals and the times at which they visited them. The video shows that Nick, who posts his location regularly on Foursquare, visits a gym frequently at 6am early each week. Urch quips: 'So if you ever did want to try to get hold of Nick, or maybe get hold of his laptop, you might want to visit the gym at 6am on a Monday.'"
Software that tracks people on social media created by defence firm
Guardian, 10 February 2013

"A European super-spying agency is to be granted draconian powers to access a vast range of our personal information, including medical data, criminal records, emails and website visits. The controversial move, demanded by Brussels in an EU directive, will sweep aside British privacy laws that protect UK citizens from intrusion into their personal lives. Last night MPs, academics and privacy-rights groups warned that the new powers represented a great threat to individual security. Under current UK law, requests for electronic data have to be made through the Regulation of Investigatory Powers Act 2000 on a case-by-case basis by a recognised authority. But the Brussels plan to create a new 'Interpol' to fight cyber crime will give agencies across Europe 'all necessary powers' to order the disclosure of almost any online information. Last night former shadow Home Secretary David Davis warned: 'This is yet another unwelcome and surreptitious intrusion into the privacy of innocent citizens.' Nick Pickles, director of privacy and civil liberties campaign group Big Brother Watch, said: 'This represents a dangerous escalation in the way that cyber security is being justified as a reason to monitor us all.' A spokesman for Britain's Information Commissioner said: 'Any measures to improve cyber security should not be at the unnecessary expense of people's privacy.'.... The controversial move comes as Britain's own 'snooper's charter' for surveillance of UK citizens, the Communications Data Bill, has ground to a halt in the face of fierce opposition. But the new Brussels proposal could force internet companies and public bodies to disclose even more personal data. At the heart of the plan is the little-known European Network and Information Security Agency (ENISA). It will co-ordinate a network of specially created security agencies in each EU member state who will have unprecedented powers to demand data from public bodies and internet companies. In the UK these will include NHS trusts, police forces, councils, Google and Facebook. This information could then be shared with other European agencies but without the safeguards that protect British citizens. The plans, published on Thursday and backed by Labour's Baroness Cathie Ashton, the EU Representative for Foreign Affairs and Security Policy, make clear that the powers are being demanded in the name of cyber security. Under the proposals, agents working for the new cyber-crime agencies will be able to force disclosure of personal data where they suspect a company or public authority has been the victim of or is unable to prevent online hacking or any other cyber crime. Privacy groups say that such a broad definition will cover almost every company or public authority in the UK."
EU super spies to get right to snoop on your emails, website visits, medical data and police records
Mail, 10 February 2013

"UK spy agencies want to install 'black box' surveillance devices across the country's communications networks to monitor internet use, it emerged today. A report by an influential committee of MPs tells how spooks are keen to implement a nationwide surveillance regime aimed at logging nearly everything Britons do and say online. The spy network will rely on a technology known as Deep Packet Inspection to log data from communications ranging from online services like Facebook and Twitter, Skype calls with family members and visits to pornographic websites. But civil liberties and privacy campaigners have reacted with outrage, saying that the technology will give the government a greater surveillance capability than has ever been seen. The report by Parliament's Intelligence and Security Committee, published on Tuesday, gives UK intelligence agencies' perspective on the government's draft Communications Data Bill, which is intended to update surveillance powers. The government argues that swift access to communications data is critical to the fight against terrorism and other high-level crime, but it has been delayed after the Liberal."
UK government plans to track ALL web use: MI5 to install 'black box' spy devices to monitor British internet traffic
Mail, 6 February 2013

"Facebook Inc. (FB) is developing a smartphone application that will track the location of users, two people with knowledge of the matter said, bolstering efforts to benefit from growing use of social media on mobile computers. The app, scheduled for release by mid-March, is designed to help users find nearby friends and would run even when the program isn’t open on a handset, said one of the people, who asked not to be identified because the plans aren’t public. Facebook is adding features to help it profit from the surging portion of its more than 1 billion users who access the service via handheld devices. The tracking app could help Facebook sell ads based on users’ whereabouts and daily habits. It may also raise the hackles of consumers and privacy advocates concerned about the company’s handling of personal information. ... Facebook already records the GPS coordinates of users when they post status updates or photos from their phones, or check in to a venue. With the new app, the company would go a step further by tracking user whereabouts in the 'background' of Apple’s mobile operating system, even when other programs are running or the phone isn’t in use, one person said. While Facebook would probably need to ask permission from users to track their location to be in accordance with Apple’s guidelines for developers, Facebook may have already gotten consent from its users to run such a feature. Facebook’s data-use policy tells users that the company may use information on location 'to tell you and your friends about people or events nearby, or offer deals to you that you might be interested in.' The company said it may also put together data 'to serve you ads that might be more relevant.''
Facebook Is Said to Create Mobile Location-Tracking App
Bloomberg, 5 February 2013

"The Government should consider stopping sharing intelligence services with the US and end the use of Cloud computing due to concerns that sensitive personal information about British citizens can be spied upon by US authorities, MPs said today. The warning comes during a Whitehall drive for government departments to store their electronic information externally with private companies, meaning taxpayers’ private data could be left vulnerable to large-scale surveillance. US law allows American agencies to access all private information stored by foreign nationals with firms falling within Washington’s jurisdiction, if the information concerns US interests, without a warrant. Four suppliers of the UK Government’s G-Cloud system are located in the US, leading to questions over the security of information is being stored overseas. Tory MP David Davis told The Independent: 'The Americans have got to remember who their allies are and who their enemies are.' Referring to an RAF base in Yorkshire which aids US intelligence services in intercepting communications, he added: 'There are people like us who they rely on to provide them with listening stations, like Menwith Hill for example. Do they really want Parliament to start asking Government to limit what Menwith Hill can do? There are all sorts of possibilities if they carry on with this.' He warned that there is 'a whole cascade of constitutional and privacy concerns for ordinary British people'. Liberal Democrat MP Julian Huppert said the revelations were 'very alarming'.... Nick Pickles, director of privacy and civil liberties campaign group Big Brother Watch, said: 'It's clear that what this legislation permits surveillance that would be ruled unconstitutional if the US government tried to use these powers on its own citizens. The reality is that every time a British person uses a cloud service, whether email, social media or online shopping, they are at risk of having their entire communications stored and analysed in a way that few people would argue is necessary or something that sets an example to the world that blanket surveillance should never be not the norm. At a time of greater use of services like Google Docs by public authorities in the UK and the increasing volume of data that is stored on overseas servers, these powers are potentially giving the US agencies the ability to reach into personal information never available before without a court warrant.''
MPs call for Government to consider ending use of Cloud amid concerns that US authorities can access information
Independent, 30 January 2013

"As the US government depicts the Defense Department as shrinking due to budgetary constraints, the Washington Post this morning announces 'a major expansion of [the Pentagon's] cybersecurity force over the next several years, increasing its size more than fivefold.' Specifically, says the New York Times this morning, 'the expansion would increase the Defense Department's Cyber Command by more than 4,000 people, up from the current 900.' The Post describes this expansion as 'part of an effort to turn an organization that has focused largely on defensive measures into the equivalent of an Internet-era fighting force.' This Cyber Command Unit operates under the command of Gen. Keith Alexander, who also happens to be the head of the National Security Agency, the highly secretive government network that spies on the communications of foreign nationals - and American citizens. The Pentagon's rhetorical justification for this expansion is deeply misleading. Beyond that, these activities pose a wide array of serious threats to internet freedom, privacy, and international law that, as usual, will be conducted with full-scale secrecy and with little to no oversight and accountability. And, as always, there is a small army of private-sector corporations who will benefit most from this expansion.... The US isn't the vulnerable victim of cyber-attacks. It's the leading perpetrator of those attacks. As Columbia Professor and cyber expert Misha Glenny wrote in the NYT last June: Obama's cyber-attack on Iran 'marked a significant and dangerous turning point in the gradual militarization of the Internet.'.... there have been countless reports of the exploitation by the US national security state to destroy privacy and undermine internet freedom. In November, the LA Times described programs that 'teach students how to spy in cyberspace, the latest frontier in espionage.' They 'also are taught to write computer viruses, hack digital networks, crack passwords, plant listening devices and mine data from broken cellphones and flash drives.' The program, needless to say, 'has funneled most of its graduates to the CIA and the Pentagon's National Security Agency, which conducts America's digital spying. Other graduates have taken positions with the FBI, NASA and the Department of Homeland Security.'"
Pentagon's new massive expansion of 'cyber-security' unit is about everything except defense
Guardian (Comment Is Free), 28 January 2013

"Europeans, take note: The U.S. government has granted itself authority to secretly snoop on you. That’s according to a new report produced for the European Parliament, which has warned that a U.S. spy law renewed late last year authorizes 'purely political surveillance on foreigners' data' if it is stored using U.S. cloud services like those provided by Google, Microsoft and Facebook. Europeans were previously alarmed by the fact that the PATRIOT Act could be used to obtain data on citizens outside the United States. But this time the focus is a different law—the Foreign Intelligence and Surveillance Amendments Act—which poses a 'much graver risk to EU data sovereignty than other laws hitherto considered by EU policy-makers,' according to the recently published report, Fighting Cyber Crime and Protecting Privacy in the Cloud, produced by the Centre for the Study of Conflicts, Liberty and Security. The FISA Amendments Act was introduced in 2008, retroactively legalizing a controversial 'warrantless wiretapping' program initiated following 9/11 by the Bush administration. Late last month, it was renewed through 2017. During that process, there was heated debate over how it may violate Americans’ privacy. But citizens in foreign jurisdictions have even greater cause for concern, says the report’s co-author, Caspar Bowden, who was formerly chief privacy adviser to Microsoft Europe. According to Bowden, the 2008 FISA amendment created a power of 'mass surveillance' specifically targeted at the data of non-U.S. persons located outside America, which applies to cloud computing. This means that U.S. companies with a presence in the EU can be compelled under a secret surveillance order, issued by a secret court, to hand over data on Europeans. Because non-American citizens outside the United States have been deemed by the court not to fall under the search and seizure protections of the Fourth Amendment, it opens the door to an unprecedented kind of snooping. 'It's like putting a mind control drug in the water supply, which only affects non-Americans,' says Bowden... Most countries’ spy agencies routinely monitor real-time communications like emails and phone calls of groups under suspicion on national security grounds. However, what makes FISA different is that it explicitly authorizes the targeting of real-time communications and dormant cloud data linked to 'foreign-based political organizations'—not just suspected terrorists or foreign government agents. Bowden says FISA is effectively 'a carte blanche for anything that furthers U.S. foreign policy interests' and legalizes the monitoring of European journalists, activists, and politicians who are engaged in any issue in which the United States has a stake. FISA, according to Bowden, expressly makes it lawful for the United States to do 'continuous mass-surveillance of ordinary lawful democratic political activities,' and could even go as far as to force U.S. cloud providers like Google to provide a live 'wiretap' of European users’ data."
FISA renewal: Report suggests spy law allows mass surveillance of European citizens
Slate (Blog), 8 January 2013

	SURVEILLANCE SOCIETY NEWS ARCHIVE 2013
Resources	To Go Direct To Current Surveillance News Reports - Click Here To Go Direct To 2013 Surveillance News Reports - Click Here	Home
Surveillance Society News Reports Current 2015 2014 2013 2012 2011 2010 2009 2008	Selected News Extracts 2013 "James Goodale has a message for journalists: Wake up. In his new book, Fighting for the Press (CUNY Journalism Press, 2013), Goodale, chief counsel to The New York Times when its editors published the Pentagon Papers in 1971, argues that President Obama is worse for press freedom than former President Richard Nixon was. The Obama administration has prosecuted more alleged leakers of national security information under the 1917 Espionage Act than all previous administrations combined, a course critics say is overly aggressive. Former New York Times executive editor Bill Keller wrote in a March op-ed that the administration 'has a particular, chilling intolerance' for those who leak. If the Obama administration indicts WikiLeaks founder Julian Assange for conspiracy to violate the Espionage Act, Goodale argues, the president will have succeeded where Nixon failed by using the act to 'end-run' the First Amendment.'" James Goodale: It’s a bad time for press freedoms Columbia Journalism Review, 19 March 2013 “There are a lot more stories to come, a lot more documents that will be covered. It’s important that we understand what it is we’re publishing, so what we say about them is accurate.... It is literally true, without hyperbole, that the goal of the NSA and its partners in the English-speaking world is to eliminate privacy globally. They want to make sure there is no communication that evades their net.” Glen Grenwald, the journalist who broke the Snowden NSA revelations ‘A Lot’ More NSA Documents to Come Wired, 27 December 2013 "Edward Snowden is to deliver this year’s Channel 4 Alternative Christmas Message, the broadcaster has confirmed. The whistleblower, who revealed the mass surveillance programmes organised by the US and other governments, will broadcast his message at 4.15pm on Christmas Day. In his first TV interview since [fleeing] to Russia in May, Snowden lays out his vision for why privacy matters and why he believes mass indiscriminate surveillance by governments of their people is wrong.... During his address, Snowden says: 'Great Britain’s George Orwell warned us of the danger of this kind of information. The types of collection in the book – microphones and video cameras, TVs that watch us are nothing compared to what we have available today. We have sensors in our pockets that track us everywhere we go. Think about what this means for the privacy of the average person. A child born today will grow up with no conception of privacy at all. They’ll never know what it means to have a private moment to themselves an unrecorded, unanalysed thought. And that’s a problem because privacy matters, privacy is what allows us to determine who we are and who we want to be.'...The Alternative Christmas Message will broadcast on Channel 4 at 4.15pm on Christmas Day. It will be available to view on 4oD later today." Edward Snowden will deliver Channel 4’s Alternative Christmas Message Independent, 24 December 2013 "Europeans, take note: The U.S. government has granted itself authority to secretly snoop on you. That’s according to a new report produced for the European Parliament, which has warned that a U.S. spy law renewed late last year authorizes 'purely political surveillance on foreigners' data' if it is stored using U.S. cloud services like those provided by Google, Microsoft and Facebook.... According to [Caspar] Bowden, the 2008 FISA amendment created a power of 'mass surveillance' specifically targeted at the data of non-U.S. persons located outside America, which applies to cloud computing. This means that U.S. companies with a presence in the EU can be compelled under a secret surveillance order, issued by a secret court, to hand over data on Europeans. Because non-American citizens outside the United States have been deemed by the court not to fall under the search and seizure protections of the Fourth Amendment, it opens the door to an unprecedented kind of snooping. 'It's like putting a mind control drug in the water supply, which only affects non-Americans,' says Bowden... Most countries’ spy agencies routinely monitor real-time communications like emails and phone calls of groups under suspicion on national security grounds. However, *what makes FISA different is that it explicitly authorizes the targeting of real-time communications and* dormant cloud data linked to 'foreign-based political organizations'—not just suspected terrorists or foreign government agents. Bowden says FISA is effectively 'a carte blanche for anything that furthers U.S. foreign policy interests' and legalizes the monitoring of European journalists, activists, and politicians who are engaged in any issue in which the United States has a stake. FISA, according to Bowden, expressly makes it lawful for the United States to do 'continuous mass-surveillance of ordinary lawful democratic political activities,'** and could even go as far as to force U.S. cloud providers like Google to provide a live 'wiretap' of European users’ data." FISA renewal: Report suggests spy law allows mass surveillance of European citizens Slate (Blog), 8 January 2013
	MORE SURVEILLANCE INFORMATION SURVEILLANCE SOCIETY BULLETINS

Contact	'We Need A New Way Of Thinking' - Consciousness-Based Education