NLPWESSEX, natural law publishing |
nlpwessex.org |
|
|
SURVEILLANCE SOCIETY NEWS ARCHIVE 2014 | ||
To Go Direct To Current Surveillance News Reports - Click Here To Go Direct To 2014 Surveillance News Reports - Click Here | ||
Surveillance Society News Reports |
Selected News Extracts 2014 "Even
if you power off your cell phone, the U.S. government can turn it back on. That's what
ex-spy Edward Snowden revealed in last
week's interview with NBC's Brian Williams. " "When it comes to communication
[former US President Jimmy] Carter is evidently a man of his generation, shunning
electronic devices for snail mail. He told [satirist Stephen] Colbert that he had recently
written a letter to Pope Francis.... and steers clear of e-mail for fear of being
monitored by the National Security Agency. The suggestion caused something of a stir in
America and prompted a swift denial from the intelligence agency's director. Carter is yet
to be convinced, noting that regulations controlling the Government's scope to spy on
private communications had been significantly relaxed since he passed them. 'They are not monitoring me now but they
record every message that you transmit in America - and
probably in Great Britain as well - and later if they want to monitor that message they
can do so,' he says." ".... in reality NSA has been collecting word for word 'content' of the
American citizens. So that is something the NSA is lying about. And they've lied about the abuses in the past. NSA has targeted congress, they've targeted the Supreme Court. They've targeted top level generals and admirals. They've
targeted the press and the media. And a whole bunch of other folks: lawyers and law firms. This was between 2002 and 2005 which I was witness to when I
held that sort of information in my hand. NSA is not talking about that either.... The meat of the issue is the network to do this is still intact. So
the capability exists. Even if you believe this President is the most benevolent in the
world, what about the next President, and the one after that and the one after that, and
the potential for abuse with future Presidents? When
this system, this monster that we've set up, still exists, anyone down the line can use
that monster to basically turn our country into a totalitarian police state. I mean 'all
the way' police state. So in my opinion we have to kill this baby in the cradle right now. That means unplug all these nodes around the country and say we will not
go after domestic communications, except when we have a warrant ... [against an]
individual because we have 'probable cause' they've committed a crime.... Like Ben
Franklin [one of the 'founding fathers' of the United States] said, if you're going to
give up your freedom and liberty for security you deserve neither .... When I made my oath
[of office] it was to make sure I protected the constitution of the United States 'against
enemies both foreign and domestic'.... The agency I
worked for [the NSA] is now an domestic enemy of our constitution. And it's just a
horrific thing that's happened. It has to stop." "A
US official has acknowledged that the NSA likely scoops up data on congressional telephone
communications but stopped short of saying whether
such action extended to calls made by President Barack Obama. The tense exchange occurred
on Tuesday during a hearing on the status of the administration's reforms of the bulk data
collection programme exposed last year by former National Security Agency contractor
Edward Snowden. " "Director of Intelligence James Clapper now says the
National Security Agency (NSA) should
have been more open about the fact that they were spying on all Americans. I'm glad he
said this. But there is no excuse for
lying in the first place. When Senator Ron Wyden (a Democrat from Oregon)
asked Director Clapper during an intelligence hearing in March of last year if the NSA was
collecting the data of millions of Americans, the director
lied under oath and denied the charge." "This
week, the Associated Press exposed
a secret program run by the U.S. Agency for International Development to create 'a Twitter-like Cuban
communications network' run through 'secret shell companies' in order to create
the false appearance of being a
privately owned operation. Unbeknownst to the service’s Cuban users was the fact that
'American contractors were gathering their private data in the hope that it might be
used for political purposes'–specifically, to manipulate those users in order to
foment dissent in Cuba and subvert its government.
According to top-secret documents published today by The Intercept, this sort of operation
is frequently discussed at western intelligence agencies, which have plotted ways to
covertly use social media for 'propaganda,' 'deception,' 'mass messaging,' and
'pushing stories.' " "The NSA could bug 'anyone', from the
president downwards, [Edward Snowden] said. In theory, the spy agency was supposed to
collect only 'signals intelligence' on foreign targets. In practice this was a joke,
Snowden told Greenwald: it was already hoovering up
metadata from millions of Americans. Phone records, email headers, subject lines, seized
without acknowledgment or consent. From this you could construct a complete electronic
narrative of an individual's life: their friends, lovers, joys, sorrows.... What's more,
pretty much all of Silicon Valley was involved with the NSA, Snowden said – Google, Microsoft, Facebook, even Steve Jobs's Apple. The NSA claimed it had 'direct
access' to the tech giants' servers. It had even put secret back doors into online
encryption software – used to make secure bank payments – weakening the system
for everybody. The spy agencies had hijacked the internet. Snowden told Greenwald he
didn't want to live in a world 'where everything that I say, everything that I do,
everyone I talk to, every expression of love or friendship is recorded'.... The young technician explained that the spy agency was capable of
turning a mobile phone into a microphone and tracking device... [Guardian journalist] MacAskill asked Snowden, almost as an
afterthought, whether there was a UK role in this mass data collection. It didn't seem
likely to him. MacAskill knew that GCHQ had a longstanding intelligence-sharing
relationship with the US, but he was taken aback by Snowden's vehement response. 'GCHQ is worse than the NSA,' Snowden said. 'It's even more
intrusive.'.'" "Top secret guidelines setting out how
the security services have been instructed to spy on
communications between lawyers and the clients have
been published for the first time. Extracts of documents from MI5, MI6 and GCHQ were
released as part of a legal action brought by lawyers from the campaigning charity
Reprieve on behalf of two Libyan men. The papers, disclosed in a tribunal case, are
controversial because communications between lawyers and their clients are covered by
'legal professional privilege', or LPP, meaning that law enforcement agencies are supposed
to respect their privacy. But the guidelines indicate
the security services have been targeting such communications – by interception
methods thought to include telephone taps and e-mail surveillance – since at last
October 2002. " "Police
forces in the UK are accessing people’s mobile call records without their knowledge
or consent, The Times has reported. Police are
exploiting loopholes in Britain’s surveillance laws to access people’s texts,
voicemails, and emails. The report claims that British police can access communication
information stored on a mobile device without a
warrant, instead only needing a ‘production
order’." "The UK authorities are operating a
surveillance system where 'anything goes' and their interceptions are more intrusive to
people’s privacy than has been seen in the US, Edward Snowden said. Speaking via
Skype at the Observer Ideas festival, held in central London, the whistleblower and former
National Security Agency specialist, said there were
'really no limits' to the GCHQ’s surveillance capabilities. He said: 'In the UK … is the system of regulation where anything
goes. They collect everything that might be interesting. It’s
up to the government to justify why it needs this. It’s not up to you to justify why
it doesn’t … This is where the danger is, when we think about … evidence
being gathered against us but we don’t have the opportunity to challenge that in
courts. It undermines the entire system of justice.'" "The power to secretly create
government propaganda is among the many hacking tools revealed in the latest batch of
Edward Snowden documents. British spies can
manipulate online polls -- or trick the world into thinking a video or web page is going
viral. A collection of hacking tools -- some
of which are specifically suited to spreading disinformation -- were exposed in a leaked
2012 document provided by Snowden to The Intercept. " "It is tracking your every move –
recording the exact time you left for work, where you bought your coffee and where you
like to shop. But this isn’t a futuristic spy drone or some sinister Big Brother
state – it’s the iPhone sitting in your pocket. Hidden
in Apple phones is a function which logs every journey. The iPhones are then able to
analyse the data to figure out where you live and work, basing decisions on the frequency
and timing of trips. The function – called the Frequent Locations feature – was
quietly introduced to iPhones a year ago. But since access to the programme is buried
beneath five layers of settings menus, few people know it exists. Apple claims the data never leaves your phone without your permission,
and that it was only designed to improve mapping services. But Professor Noel Sharkey, one
of Britain’s leading computing experts, described Apple’s ability to track
people as ‘terrifying’. ‘This is shocking,’ he said. ‘Every place
you go, where you shop, where you have a drink – it is all recorded. This is a
divorce lawyer’s dream. But what horrifies me is that it is so secret. Why did we not
know about this?’ " "Every
new car sold in Britain will have to have a ‘black box’ device fitted to track
drivers’ movements from next year, under plans being imposed by the European
Union. Despite serious concerns about privacy and cost, UK ministers admit they
are powerless to stop the Big Brother technology being forced on motorists and car makers...... Voluntary take-up has been low across the industry so the EU ruled
all new car models must include eCall from October 1, 2015. Motorists will be unable to
switch it off and it will be tested in MoT checks." "Britain's
signals intelligence division is stealing screenshots from hundreds of thousands of
innocent Yahoo users' webcam videos, according to the Guardian newspaper, which also
reported that the years-long operation has swept up a huge haul of intimate photographs.
The newspaper said GCHQ has been scooping up the sensitive images by intercepting video
chats such as the kind offered by Yahoo Messenger, an effort codenamed OPTIC NERVE. It's not clear how many Yahoo
users were spied on in this way. The Guardian said that in one six-month period in 2008,
GCHQ intercepted the video communications of 1.8 million users, but it's possible that the
program, which the Guardian says was still active in 2012, has either grown or shrunk in
scope since then. The Guardian said the documents were provided by former U.S.
intelligence worker Edward Snowden ......The
Guardian said that OPTIC NERVE was intended at least in part to identify targets using automatic facial
recognition software as they stared into their computer's webcams. But the stockpiling of
sexually explicit images of ordinary people had uncomfortable echoes of George Orwell's 'Nineteen Eighty-Four,' where the authorities — operating under the aegis of 'Big Brother'
— fit homes with cameras to monitor the intimate details of people's personal lives.
'At least Big Brother had the decency to install his own cameras,' British media lawyer
David Banksy said in a message posted to Twitter after the revelations broke. 'We've had
to buy them ourselves.' The collection of nude
photographs also raises questions about potential for blackmail. America's National Security Agency has already acknowledged that some
analysts have been caught trawling databases for inappropriate material on partners or
love interests. Other leaked documents have revealed
how U.S. and British intelligence discussed leaking embarrassing material online to
blacken the reputations of their targets. GCHQ
refused to answer a series of questions about OTPIC
NERVE, instead returning the same boilerplate answer
it has given to reporters for months." "I would like to thank the European
Parliament for the invitation to provide testimony for your inquiry into the Electronic
Mass Surveillance of EU Citizens. The
suspicionless surveillance programs of the NSA, GCHQ, and so many others that we
learned about over the last year endanger a number of basic rights which, in aggregate,
constitute the foundation of liberal societies. The first principle any inquiry must take
into account is that despite extraordinary political pressure to do so, no western
government has been able to present evidence showing that such programs are necessary. In
the United States, the heads of our spying services once claimed that 54 terrorist attacks
had been stopped by mass surveillance, but two independent White House reviews with access
to the classified evidence on which this claim was founded concluded it was untrue, as did
a Federal Court.... I
know the good and the bad of these systems, and what they can and cannot do, and I am
telling you that without getting out of my chair, I could have read the private
communications of any member of this committee, as well as any ordinary citizen. I swear
under penalty of perjury that this is true. These
are not the capabilities in which free societies invest. Mass surveillance violates our rights,
risks our safety, and threatens our way of life.... Whether we like it or not, the international norms of tomorrow are
being constructed today, right now, by the work of bodies like this committee. If liberal
states decide that the convenience of spies is more valuable than the rights of their
citizens, the inevitable result will be states that are both less liberal and less safe.... For the record, I also repeat my willingness to provide testimony to
the United States Congress, should they decide to consider the issue of unconstitutional
mass surveillance." |
|
MORE SURVEILLANCE INFORMATION SURVEILLANCE SOCIETY BULLETINS |
||
Contact | 'We Need A New Way Of Thinking' - Consciousness-Based Education |
|
2014 |
"Regin, an advanced spyware program widely believed to have been
developed by US and British intelligence agencies, was found on a USB stick belonging to
an official in German Chancellor Angela Merkel's office, Berlin sources say. Sources said
the incident occurred months ago and said that the hackers involved could not be
identified. Dr Merkel's spokeswoman declined to confirm that a cyber-attack had occurred.
The malware was discovered after a mid-level official in the European policy section of
the chancellery reportedly took home a document on her USB flash drive to read on her
private laptop. When she later inserted the USB drive into her chancellery computer, an
anti-virus alert came up. ...The mass-circulation
newspaper Bild said the document taken home by the woman was the manuscript of a planned
Merkel speech on European Union strategy, not a major secret since the chancellor was
going to give the talk in public. Bild said all of the 200 high-security laptops used in
Dr Merkel's office were inspected after the incident, but Germany's cybersecurity agency,
the BSI, which often advises the German public on how to fight snoopers, could not find
any other affected machine." |
"National Security Agency document published
this week by the German news magazine Der Spiegel from the trove provided by former
NSA contractor Edward Snowden shows that the agency had full access to voice, video, text
messaging, and file sharing from targeted individuals over Microsoft’s Skype
service. The access, mandated by a Foreign Intelligence Surveillance Court warrant, was
part of the NSA’s PRISM program and allowed 'sustained Skype collection' in real time
from specific users identified by their Skype user names. The nature of the Skype data collection was spelled out in an NSA document
dated August 2012 entitled 'User’s Guide for PRISM Skype Collection.' The document
details how to 'task' the capture of voice communications from Skype by NSA’s NUCLEON
system, which allows for text searches against captured voice communications. It also
discusses how to find text chat and other data sent between clients in NSA’s PINWALE
'digital network intelligence' database. The full capture of voice traffic began in
February of 2011 for 'Skype in' and 'Skype out' calls between a Skype user and a land line
or cellphone through a gateway to the public switched telephone network (PSTN), captured
through warranted taps into Microsoft’s gateways. But
in July of 2011, the NSA added the capability of capturing peer-to-peer Skype
communications meaning that the NSA gained the ability to capture peer-to-peer traffic and
decrypt it using keys provided by Microsoft through the PRISM warrant request." |
"Over the weekend, German
news outlet Spiegel published a story about the NSA’s ability to crack
encrypted forms of communication, exposing the agency’s routine interception of
SSL/TLS, which are used by web servers to transmit sensitive information. The
report also exposed the fact that the agency has the ability to decrypt a
virtual private network. But perhaps more significantly, the revelations culled from the
trove of documents leaked by Edward Snowden show the forms of encryption the NSA
struggled to break (at least at the time of the documents in 2012). That list includes PGP, Tor, CSpace, OTR and ZRTP. The combination of
good news and bad news garnered contradictory coverage, with
The Verge highlighting the networks the NSA can’t break, and Slashdot
leading with 'Snowden Documents Show How Well NSA Codebreakers Can Pry.' Overall the
report was reassuring. Many of the forms of added encryption measures those concerned
about security have taken in the 18 months since the Snowden documents became public are
effective. For example, the documents show that communications protected by ZRTP (the
type of encryption RedPhone
uses) block the NSA. 'It’s satisfying to know that the NSA considers encrypted
communication from our apps to be truly opaque,' RedPhone developer Moxie Marlinspike told
Spiegel. Although the scope of the interceptions on SSL and VPN connections are
concerning, many assumed the agency possessed this capability previously. The trove
released by Spiegel shows the specific tools the agency used to go about this. The
Spiegel report has prompted backlash in the information security community, with some
saying it sensationalizes the NSA’s ability to access information on VPN connections.
According to Spiegel, the NSA operates 'a large-scale VPN exploitation project to crack
large numbers of connections, allowing it to intercept data inside the VPN including, for
example, the Greek government’s use of VPNs.' This is a very concerning revelation,
considering the high number of companies and governments that utilize VPNs to allow users
to access their networks anywhere in the world. But No Hats, a security specialists blog,
says if you properly configure your VPN, you’re
not affected. According to the blog’s comprehensive breakdown of the NSA
slides that Spiegel based its reporting on, properly configured IPsec based VPNs are okay.
Another alarming statistic from the article is the number of https connections, the type
of secure connections used by sites like Facebook, that the agency intercepts. One
document showed that by late 2012, the NSA was cracking 10 million such connections a day.
Much of the Spiegel article discusses a conflict of interest that the NSA faces: It is
charged with recommending security standards, yet it is constantly attempting to break the
very security standards it recommends. At first glance these claims seem to point to the
very hypocrisy we are reminded of time and again as more is exposed about the
American surveillance state. Privacy advocates widely agree that communications
vulnerable to law enforcement agencies are also at risk for all kinds of cyber
threats, from criminals attempting to steal identities to hacks of foreign
governments. It seems counterintuitive that the NSA would be responsible for creating
standards it only wants to break, especially when American
law enforcement agencies have a history of wanting communications to be less secure to
make accessing information easier." |
"The National Security Agency today released reports on
intelligence collection that may have violated the law or U.S. policy over more than a
decade, including unauthorized surveillance of Americans’ overseas communications.
The NSA, responding to a Freedom of Information Act lawsuit from the American Civil
Liberties Union, released a series of required quarterly and annual reports to the
President’s Intelligence Oversight Board that cover the period from the fourth
quarter of 2001 to the second quarter of 2013. The heavily-redacted reports include
examples of data on Americans being e-mailed to unauthorized recipients, stored in
unsecured computers and retained after it was supposed to be destroyed, according to the
documents. They were posted on the NSA’s website at around 1:30 p.m. on Christmas
Eve. In a 2012 case, for example, an NSA analyst 'searched her spouse’s personal
telephone directory without his knowledge to obtain names and telephone numbers for
targeting,' according to one report. The analyst
'has been advised to cease her activities,' it said. Other unauthorized cases were a
matter of human error, not intentional misconduct. Last year, an analyst 'mistakenly
requested' surveillance 'of his own personal identifier instead of the selector associated
with a foreign intelligence target,' according to another report. .... The NSA’s
inspector general last year detailed 12 cases of 'intentional misuse' of intelligence
authorities from 2003 to 2013 in a letter to Senator Charles Grassley, of Iowa, the top
Republican on the Senate Judiciary Committee. Those cases included a member of a U.S.
military intelligence unit who violated policy by obtaining the communications of his
wife, who was stationed in another country. After a military proceeding, the violator was
punished by a reduction in rank, 45 days of extra duty and forfeiture of half of his pay
for two months, according to the letter. In a 2003 case, a civilian employee ordered
intelligence collection 'of the telephone number of his foreign-national girlfriend
without an authorized purpose for approximately one month' to determine whether she was
being faithful to him, according to the letter. The employee retired before an
investigation could be completed." |
"A judge has ruled that Tucson, Ariz., doesn’t have to release
records about how it tracks cellphones, which the city argues would aid criminals. Beau Hodai, a freelance reporter, requested records from the Tucson
Police Department in 2013 about the Stingray and Stingray II, cell phone tracking
equipment, according to court documents. The equipment acts like a cell
tower, and can measure signal strength to determine the location of a phone.
Hodai requested all records created using the equipment, any e-mails about it, and any
records about its purchase and maintenance. The department responded to Hodai’s
request with some documents that were partially redacted. Hodai said in the complaint
he learned Tucson redacted portions of the documents at the request of Harris Corporation,
which produces the Stingray and Stingray II.... Daniel Pochoda, senior council at the
ACLU of Arizona, said the group disagrees with the ruling. 'It
was just a very badly reasoned decision,' he said in an interview with the Washington
Post. The equipment picks up not just the cellphone targeted by officers, but all in the
vicinity, Pochoda said, and according to the ruling, Tucson said search warrants for
the equipment’s use did not exist." |
"Hardly
a week goes by without a new report of some massive data theft that has put financial
information, trade secrets or government records into the hands of computer hackers. The
best defense against these attacks is clear: strong data encryption and more secure
technology systems. The leaders of U.S. intelligence agencies hold a different view. Most prominently, James Comey, the FBI director, is lobbying
Congress to require that electronics manufacturers create intentional security holes
so-called back doors that would enable the government to access data on every American's
cellphone and computer, even if it is protected by encryption.... Most Americans accept that there
are times their government needs to rely on clandestine methods of intelligence gathering
to protect national security and ensure public safety. But they also expect government
agencies and officials to operate within the boundaries of the law, and they now know how
egregiously intelligence agencies abused their trust. This breach of trust is also hurting U.S. technology companies' bottom
line, particularly when trying to sell services and devices in foreign markets. The
president's own surveillance review group noted that concern about U.S. surveillance
policies 'can directly reduce the market share of U.S. companies.' One industry estimate
suggests that lost market share will cost just the U.S. cloud computing sector $21 billion
to $35 billion over the next three years. Tech firms are now investing heavily in new
systems, including encryption, to protect consumers from cyber attacks and rebuild the
trust of their customers. As one participant at my roundtable put it, 'I'd be shocked if
anyone in the industry takes the foot off the pedal in terms of building security and
encryption into their products.'" |
"With virtually no warning or debate, the Intelligence
Authorization Act for 2015 (H.R. 4681) was rushed to the House floor and passed,
containing a dangerous section which, for the first time, statutorily authorizes spying on
U.S. citizens without legal process. Representative
Justin Amash (R-MI) made a hastened effort to draw attention to the disturbing bill, only
hours before the vote was scheduled. If not for Amash’s efforts, the bill would have
passed on a 'voice vote' — meaning no record would be kept of which Congressmen
supported it. Rep. Amash explained in a press release on social media: 'When I learned
that the Intelligence Authorization Act for FY 2015 was being rushed to the floor for a
vote—with little debate and only a voice vote expected (i.e., simply declared
'passed' with almost nobody in the room) — I asked my legislative staff to quickly
review the bill for unusual language. What they discovered is one of the most egregious
sections of law I’ve encountered during my time as a representative: It grants the executive branch virtually unlimited access to the
communications of every American.' — Rep.
Justin Amash (R-MI)" |
"A New Zealander appointed as an electronic bodyguard for
journalists working with NSA whistleblower Edward Snowden says governments are an
increasing online threat to activists and media. Six
years ago Morgan Marquis-Boire, also known online as 'Morgan Mayhem', left Auckland for
Zurich and later San Francisco to work for Google. In June he left the internet search
giant to take up the new role as director of security at First Look Media. First Look
employs Glenn Greenwald and Laura Poitras, who have been working on millions of secret NSA
documents leaked by Snowden. Marquis-Boire's new role, including what he terms 'committing
occasional acts of journalism' dissecting notable computer malware, has drawn considerable
attention in the tech industry including a prominent profile in Wired.... While unwilling
to discuss specific threats to First Look, he said his new workplace faced similar issues
to other prominent news organisations. 'Twenty-one
out of the world's twenty-five top news organisations have been targeted by
state-sponsored attacks. As a statistic that definitely shows the viability of the press
as a target for espionage,' he said." |
"Surveillance laws that
allow police officers to access people's phone records are not fit for purpose, the Home
Affairs Select Committee has said. The Regulation of Investigatory Powers Act (Ripa) has
been used to access journalists' records in some cases. The committee said journalists'
sources should be 'fully protected' and access to data under Ripa was 'secretive'. The
Home Office said there were measures in place to ensure police powers were not abused.
Police officers have also failed to routinely record the professions of individuals who
have had their communications data accessed, MPs said. Earlier
this year, it emerged police had used their powers under Ripa to obtain information about
phone calls involving newspaper reporters. The Metropolitan Police used the Act to obtain
telephone records of the Sun's newsdesk to try to identify who had leaked the 'Plebgate'
story involving former Conservative chief whip Andrew Mitchell. Kent constabulary also
used its powers under Ripa to obtain phone records of a journalist investigating the Chris
Huhne speeding points scandal, as well as those of one of his sources - despite a judge
agreeing the source could remain confidential. Committee
chairman Keith Vaz said: 'Ripa is not fit for purpose. We were astonished that law
enforcement agencies failed to routinely record the professions of individuals who have
had their communications data accessed under the legislation. 'Using Ripa to access
telephone records of journalists is wrong and this practice must cease. The inevitable
consequence is that this deters whistleblowers from coming forward.' He told BBC Radio 4's
Today programme that journalists' records should be kept privileged, 'otherwise we get
into a situation where legislation introduced for completely different purposes is being
used in a mission creep to be able to control sections that were never intended to be
controlled'. Half a million pieces of information are
accessed every year under the legislation, Mr Vaz added. He told the programme it had been
used for 'trawling', saying: 'We have felt for some time that public officials are using
this piece of legislation for what was not intended by it.' The committee called on the Home Office to hold a consultation on an
amended Ripa code of practice, which would give special provisions to those dealing with
privileged information." |
"In the wake of
revelations about the extent of US spying, both Apple and Google announced in
September their
newest phones will be encrypted by default. That means no one—not law
enforcement or the companies themselves—would be able to grab data off a locked
device. The FBI didn't
like that idea one bit and said so to Congress. On Thursday, Sen. Ron Wyden
(D-Ore.) introduced a bill that, if passed, would make sure the companies can encrypt
unmolested. The Secure
Data Act would prohibit government agencies from requiring any 'backdoors' be
placed in US software or hardware. 'Strong
encryption and sound computer security is the best way to keep Americans’ data safe
from hackers and foreign threats,' said Wyden in a statement." |
"According to documents contained in the
archive of material provided to The Intercept by whistleblower Edward Snowden, the NSA has
spied on hundreds of companies and organizations internationally, including in countries
closely allied to the United States, in an effort to find security weaknesses in cellphone
technology that it can exploit for surveillance. The documents also reveal how the NSA
plans to secretly introduce new flaws into communication systems so that they can be
tapped intoa controversial tactic that security experts say could be exposing the general
population to criminal hackers. Codenamed AURORAGOLD, the covert operation has monitored
the content of messages sent and received by more than 1,200 email accounts associated
with major cellphone network operators, intercepting confidential company planning papers
that help the NSA hack into phone networks. One
high-profile surveillance target is the GSM Association,
an influential U.K.-headquartered trade group that works closely with large U.S.-based
firms including Microsoft, Facebook, AT&T, and Cisco, and is currently being funded by
the U.S. government to develop privacy-enhancing technologies. Karsten Nohl, a leading
cellphone security expert and cryptographer who was consulted by The Intercept about
details contained in the AURORAGOLD documents, said that the
broad scope of information swept up in the operation appears aimed at ensuring virtually
every cellphone network in the world is NSA accessible. 'Collecting an inventory [like this] on world networks has big
ramifications,' Nohl said, because it allows the NSA to track and circumvent upgrades in
encryption technology used by cellphone companies to shield calls and texts from
eavesdropping. Evidence that the agency has
deliberately plotted to weaken the security of communication infrastructure, he added, was
particularly alarming. 'Even if you love the NSA and you say you have nothing to hide, you
should be against a policy that introduces security vulnerabilities,' Nohl said, 'because
once NSA introduces a weakness, a vulnerability, it’s not only the NSA that can
exploit it.'" |
"German lawmakers probing the surveillance activities of the U.S.
National Security Agency have uncovered a legal loophole that allows the country's foreign
intelligence agency to spy on its own citizens. The agency, known by its German acronym
BND, is normally forbidden from eavesdropping on Germans or German companies. But a former
BND lawyer told Parliament this week that Germans aren't protected while working abroad
for foreign companies. The government confirmed
Saturday to The Associated Press that work-related calls or emails are attributed to the
employer. If the employer is foreign, the BND can intercept them. Opposition lawmakers
have accused Germany's government of feigning outrage over alleged NSA spying while
condoning illegal surveillance itself." |
"The main cable link between Ireland and America has been tapped by
British intelligence, a new raft of papers released by National Security Agency
whistleblower Edward
Snowden reveals. The new documents, published in a German newspaper, reveal that a
number of underwater cables that connect Ireland
to the word are all being tapped into by British intelligence. It means that all internet communications as well as phone calls are
potentially intercepted by British intelligence. The main cable connecting the US and
Ireland is called Hibernia and stretches from Dublin to South Kerry across the Atlantic to
Halifax, Nova Scotia. Another leg of the same cable stretches from Dublin to Holyhead
in Wales. A document released by Snowden details those cables which the British Government
Communication Headquarters, based in Cheltenham in England, has either gained or sought
access to. The Government Communications Headquarters (GCHQ) is a British intelligence and
security organization responsible for providing signals intelligence (SIGINT) and
information assurance to the British government and armed forces under the formal
direction of the Joint Intelligence Committee (JIC) alongside the Security Service (MI5),
the Secret Intelligence Service (MI6) and Defence Intelligence (DI). The document
notes that the British intelligence operatives are dissatisfied with their access to the
Irish cables and wants it improved. The Snowden documents outline a number of underwater
cables – the lines that connect Ireland to the outside world that are being
tapped." |
"Proposed powers for spies to set up video surveillance in New
Zealanders' homes without a warrant have come under fire on the first day of hearings for
urgent counter-terrorism law changes. The Law
Society, the Privacy Commissioner and the Human Rights Commission all expressed deep
reservations to a select committee about some of the counter-terrorism measures, which
they said went well beyond any current powers. Law Society spokesman Sir Geoffrey Palmer
said the bill contained some safeguards which protected against abuse of the new powers.
'But nevertheless, it is the view of the society that some of the provisions in the bill
substantially interfere with and reduce human rights and individual liberty.' Sir Geoffrey
urged the committee to strengthen the test for warrantless surveillance of terrorism
suspects and limit warrantless surveillance to 24 hours instead of 48 hours.Privacy
Commissioner John Edwards said a provision to allow video surveillance of a private
property for up to 12 months with a warrant was 'quite extraordinary and qualitatively
different' to current powers. 'It is far more than going into a house and uplifting a
series of documents or property. It is far more intrusive and comprehensive than dipping
in and out of a telephone communication or checking on someone's internet access. It is
there, it is on all the time, it is recording matters of considerable intimate and private
behaviour.' Mr Edwards recommended that the default period for surveillance should be cut
to three months." |
"On Tuesday a Commons
report disclosed a Facebook conversation in which Michael Adebowale [one of the killers of
Fusilier Lee Rigby] said that he wanted to kill a British soldier 'in the most graphic and
emotive manner.' These messages could have been the best opportunity for the intelligence
service to save Fusilier Rigby's life, if only they had seen them in time. The government
has found its scapegoat.... He would do better to set his own house in order. MI5, Ml6 and
GCHQ missed more than half a dozen chances to apprehend Adeboawle and Michael Adebolajo,
his accomplice. Adebolawe and Michael Adebolajo, his accomplice. Adebolajo was
intermittently watched for two years and MI5 missed evidence that both had been in
electronic contact with al-Qaeda in Yemen. The investigations were hampered by by delays
and miscommunication... Rather than confront the agencies' failings, Mr Cameron has spoken
of a 'moral duty' for social networks to seek out information about suspected terrorists
and hand it to the spooks. This sounds like a veiled threat.... The responsibility would effectively turn Facebook into a adjunct
of the surveillance state. Ministers should think
very carefully before asking a social network to decide what constitutes a terrorist
threat and what is mere bluster. It is hard to see why such a 'moral duty' would not fall
upon Google, Twitter and the telecoms companies. The
potential for corruption, injustice and pointless breaches of privacy is frightening. Facebook did not kill Lee Rigby. Adebowale and Adebolajo did. The
organisation charged with watching them was MI5. Mr Cameron should bear these facts in
mind before embarking on a quixotic crusade against the internet." |
"It takes some mastery of spin to turn the litany of intelligence
failures over last year’s butchery of the off-duty soldier Lee Rigby into a campaign
against Facebook. But that’s exactly how David Cameron’s government and a pliant
media have disposed of the report by Westminster’s committee of intelligence
trusties. You might have expected Whitehall’s
security machine to be in the frame for its spectacular incompetence in spying on the two
killers: from filling out surveillance applications wrongly and losing one suspect’s
house number, to closing down the surveillance of another – just as the pair were
preparing the Woolwich attack. Centre stage might have been the admission that British
intelligence could have been 'complicit'
in Michael Adebolajo’s torture in Kenya, and tried to cover that up. There is
evidence that MI5’s attempts to recruit the Muslim convert on his return to Britain
played a part in triggering the killing – though the trusties thought better
than to inquire too closely into the matter. Instead it was the US internet giant,
Britain’s prime minister insisted, that was really to blame. Facebook had 'blood on
their hands', the Sun declared, as the Daily Mail denounced the Mark Zuckerberg
corporation’s 'twisted libertarian ideology'. It’s nonsense, of course, but it
gets the authorities off the hook. The spooks couldn’t handle the intelligence they
had, and the US tech companies already operate in collusion with western governments. As
Richard Barrett, MI6’s former counter-terrorism director, points out, the scale of material the internet barons would need to dredge would
overwhelm the security services, let alone the companies. No matter. The Rigby report’s timing was ideal for the government, which
is launching the seventh anti-terrorism bill since 2000 – including new measures for
the internal exile of suspects, crackdowns on schools and universities that fail to act
against 'extremists', and requirements on internet service providers to hand over
users’ identities. Theresa
May says Britain is facing the greatest terrorism threat in its history, and that the
security services have foiled 40 plots since 2005. Who would know? Even ministers are in
no position to judge the claims securocrats make about themselves. For the intelligence
agencies the terror threat is good for business – as Cameron made clear this week
when he announced another £130m for their already swollen budgets. That there is a small number of would-be jihadists prepared to carry out
acts of carnage in revenge for British and western bloodletting in the Muslim world is not
in doubt. But, given the ease of carrying out low-tech atrocities – and the scale of
the IRA’s armed campaign of the 70s and 80s – it’s striking how few there
have actually been. But the war on terror has now become a war without end: a permanent
state where a politically constructed 'national security' trumps the actual security of
citizens and feeds a continual ideological campaign to discipline and intimidate the
Muslim community.... the Rigby report blithely conceded, 'the government’s
counter-terrorism programmes are not working'. Its Prevent strategy has stopped many
Muslims from speaking freely, but prevented little else. Around 500 Britons are now
estimated to be fighting in Syria and Iraq. But why would that be a surprise? The British
and US governments first supported the rebels in Syria – as they did in Libya –
and then turned against most of them, as the jihadist campaign mushroomed around Isis,
intensifying cynicism about the west’s role in the Muslim world. Which remains the
heart of the war on terror 13 years on. It’s not
considered seemly to mention it when discussing terrorism and extremism, but western wars
and support for dictatorship are what drive jihadist terror in Britain and elsewhere,
just as they fuelled it in the region itself. Every single perpetrator of such
violence in Britain has spelled out that it is carried out in response to Britain’s invasions and occupations in the Muslim world. Now
British forces are once again carrying out bombing raids alongside US forces in Iraq
– driving other rebel groups into the arms of Isis in the process – they are
creating the conditions for more violence at home.
No amount of surveillance or oppressive legislation will stop those determined to launch
attacks. The war on terror has spawned terror from the start, fomenting community
divisions and curtailing freedoms everywhere. That’s true for those states that
launched it – as well as those on the receiving end." |
"This week the
Intelligence and Security Committee (ISC) refused to lay blame at our intelligence
agencies’ door for failing to prevent the killing of Fusilier Lee Rigby. Instead, in
a perverse move, they pointed the finger at Facebook and its fellow web firms. The
ISC’s press release branded the social network a 'safe haven for terrorists' –
echoing the new GCHQ director Robert Hannigan’s outburst earlier this month. Facebook
was singled out for failing to flag up an exchange between Michael Adebowale and a foreign
jihadist. The Prime Minister went even further – claiming internet companies have a
'social responsibility' to stop networks being used to 'plot murder and mayhem'.
Isn’t it the responsibility of the security services, rather than web firms, to
investigate terrorists? Facebook boasts more than a billion users – even the former
MI6 chief Richard Barrett has highlighted the absurdity of expecting them to play 'spook'
and trawl through every post. We wouldn’t expect BT to listen in on every call on the
Government’s behalf. Why are internet companies any different? The state has all the
powers it needs to demand access to data. But the ISC has spun the facts to mask
intelligence agency failings and heap the blame on web firms. Deep within the report, the
ISC reveals that the social network wasn’t even asked to intercept Adebowale’s
online conversation. If it had been, and it had refused, the security services would have
had the technological capability to get it for themselves. The only reason not any of this
occurred was because the security services didn’t consider monitoring Adebowale to be
a priority. Blaming communications service providers is laughable but it’s also
dangerous. It deflects from the real story behind the report – the catalogue of
errors made by our intelligence agencies. Countless missed surveillance opportunities;
delayed investigations; dumping dangerous citizens abroad; ignoring allegations of MI5
mistreatment. The list goes on. The ISC’s
approach leads us further down a slippery slope towards blanket surveillance of the entire
population. GCHQ already stands accused of mass snooping on Britain and across the world
– exploiting legal loopholes to intercept the emails, messages and web chats of
millions of innocent people. Sensible, properly targeted investigations of terrorist
suspects are one thing – indiscriminate spying on every one of us is another. The detail – as opposed to the bluster – of the ISC report
exposed the UK’s anti-terrorism strategy as counterproductive and failing on almost
every level. It revealed the authorities are neglecting to track suspects with the powers
and intelligence capabilities they already have. But
yesterday, with the publication of yet another counter-terrorism Bill, the Government is
seeking even more powers to transform us all into suspects – leaving the public no
safer and everyone a little less free. When will they learn?" |
"Documents reportedly from the Edward Snowden cache show that
in 2009, GCHQ (and by association, the NSA) had access to the traffic on 63 submarine
cable links around the globe. The cables listed handle the vast majority of international
Internet traffic as well as private network connections between telecommunications
providers and corporate data centers. According to a report in the German
newspaper Süddeutsche Zeitung, the telecommunications company Cable &
Wireless—now a subsidiary of Vodafone—'actively shaped and provided the most
data to GCHQ surveillance programs and received millions of pounds in compensation.' The
relationship was so extensive that a GCHQ employee was assigned to work full time at Cable
& Wireless (referred to by the code name 'Gerontic' in NSA documents) to manage
cable-tap projects in February of 2009. By July of 2009, Cable & Wireless provided
access to 29 out of the 63 cables on the list, accounting for nearly 70 percent of the
data capacity available to surveillance programs. A
Vodafone spokesperson did not deny the details when questioned by Süddeutsche Zeitung but
said that any taps were performed legally under a warrant. The cable access wasn’t just used for surveillance—it was also
used to pipe back data pulled from other networks through 'computer network exploitation'
(CNE) operations to populate Incenser, a GCHQ 'special source collection system' running
in a data center at GCHQ’s signals collection center at Bude
in Cornwall. One of the
networks that was targeted by a CNE hack and accessed over Cable & Wireless capacity,
according to an NSA slide, was the Fiber-Optic Link Around the Globe (FLAG), a global
network operated by the Indian telecommunications company Reliance Communications’
subsidiary, Global Cloud Xchange. Data pulled
the FLAG network’s connections span the globe, with landing points in the US, Europe,
North Africa, the Saudi Peninsula, India, Malaysia, China, Taiwan, South Korea, and Japan.
The extent of the cable taps had been hinted at before in Snowden documents detailing
Turbulence and Xkeyscore, the global distributed mass surveillance platform deployed by
the NSA to search through the contents of Internet traffic. Taps into trans-oceanic cables
were also revealed to be part of the NSA’s MUSCULAR program, which tapped into the
private connections between the data centers of Yahoo and Google. But the latest documents
reveal the actual names of the cables the NSA and GCHQ had access to as of 2009 as well as
their 'egress' speed—the volume of data that the agencies could pull from the cables.
As of July of 2009, relationships with three telecom companies provided access to 592
10-gigabit-per-second pipes on the cables collectively and 69 10-gbps 'egress' pipes
through which data could be pulled back. The July 2009 documents included a shopping list
for additional cable access—GCHQ sought to more than triple its reach, upping access
to 1,693 10-gigabit connections and increasing egress capacity to 390. The documents
revealed a much shorter list of 'cables we do not currently have good access
[to].'" |
"A law forcing firms to hand details to police identifying who was
using a computer or mobile phone at a given time is to be outlined by Theresa May. The
home secretary said the measure would improve national security. As part of the
Counter-Terrorism and Security Bill, providers would have to retain data linking devices
to users. But campaigners warned it could see the revival of the so-called 'snoopers'
charter' - a previous attempt to bring in wide-ranging web monitoring powers. .... The proposals, due to come before MPs on Wednesday, would help
police to identify suspects via a computer or mobile device's individual Internet Protocol
(IP) address. Each device has such an address, but
they can change - such as when a modem is switched off and then on again - and are usually
shared between different users. Internet service providers currently have no business
reason for holding data showing which IP address was allocated to a device at a given
time, meaning it is not always possible for police and security services to match
individuals to internet use, the Home Office said....
Speaking to the BBC's Andrew Marr show, Mrs May said the new bill would help security
services 'deal with the increased threat that we now see'. 'This is a step but it doesn't
go all the way to ensuring that we can identify all the people we will need to,' she said.
To 'fully identify' everybody, she said police would
need the power to access communication data, as previously proposed in the Communication
Data Bill. That bill - labelled a snooper's charter by critics - was scrapped following
Lib Dem opposition. It would have forced companies to keep data about people's online
conversations, social media activity, calls and texts for 12 months. James Massey, chairman of the Internet Service Providers Association,
said the plans could cost the industry 'tens if not hundreds of millions' and would not
catch paedophiles or those planning terror attacks. 'The devil will be in the detail but
it's going to be difficult no matter how they do it,' he said. 'It looks like it could
catch people who post annoying things on Twitter or not very nice things on social media -
but not those who know how to hide their online activities. It's not a sensible thing to
have decided to do without consulting us first."" |
"Freelance video journalist Jason Parkinson returned home from
vacation this year to find a brown paper envelope in his mailbox. He opened it to find
nine years of his life laid out in shocking detail. Twelve pages of police intelligence
logs noted which protests he covered, who he spoke to and what he wore - all the way down
to the color of his boots. It was, he said, proof of something he'd long suspected: The
police were watching him. "Finally," he thought as he leafed through documents
over a strong black coffee, 'we've got them.' Parkinson's documents, obtained through a
public records request, are the basis of a lawsuit being filed by the National Union of
Journalists against London's Metropolitan Police and Britain's Home Office. The lawsuit,
announced late Thursday, along with recent revelations about the seizure of reporters'
phone records, is pulling back the curtain on how British police have spent years tracking
the movements of the country's news media. 'This is another extremely worrying example of
the police monitoring journalists who are undertaking their proper duties,' said Paul
Lashmar, who heads the journalism department at Britain's Brunel University. The
Metropolitan Police and the Home Office both declined to comment. Parkinson, three
photographers, an investigative journalist and a newspaper reporter are filing the lawsuit
after obtaining their surveillance records.
Parkinson, a 44-year-old freelancer who has covered hundreds of protests - some of them
for The Associated Press - said he and his colleagues had long suspected that the police
were monitoring them. 'Police officers we'd never even met before knew our names and
seemed to know a hell of a lot about us,' he said. Several journalists told AP the records
police kept on them were sometimes startling, sometimes funny and occasionally wrong. One
intelligence report showed that police spotted Parkinson cycling near his then-home in
northwest London and carried detailed information about him and his partner at the time.
Jules Mattsson, a 21-year-old journalist with the Times of London, says another record
carried a mention of a family member's medical history, something he says made him so
upset he called the police to demand an explanation. 'No one could possibly defend this,'
he said. Jess Hurd, a 41-year-old freelance photographer and Parkinson's partner, said she
was worried the intelligence logs were being shared internationally. 'I go to a lot of
countries on assignment,' she said. 'Where are these database logs being shared? Who with,
for what purpose?' The revelations add to public disclosures about British police secretly
seizing journalists' telephone records in leak investigations. Several senior officers have recently acknowledged using
anti-terrorism powers to uncover journalists' sources by combing through the records." |
"The U.S. Postal Service almost never denies requests to
track suspects’ mail on behalf of law-enforcement agencies through a
controversial surveillance program known for having compliance problems,
according to a federal auditor. USPS Deputy
Inspector General Tammy Whitcomb said in testimony for a House hearing
Wednesday that the Postal Service rejected only about 0.2 percent of the 6,000
outside requests last year for a practice known as mail covers. The investigative
technique involves recording information on the outside of individuals’
envelopes and parcels before the items are delivered, and then handing the data to
law-enforcement agencies. It does not permit the opening of mail, which requires a search
warrant. The USPS inspector general’s office said in an audit report this year that the Postal Service failed to
follow key guidelines for mail covers, including recording and sending information after
the orders had expired and neglecting to conduct annual reviews. Additionally, about
20 percent of the requests from outside law-enforcement agencies were not
approved by authorized personnel and that 13 percent were either unjustified or
incorrectly documented, according to the report. The Postal Service asked the inspector
general not to release the findings publicly. The agency said disclosure would reveal
'investigative techniques and related information which could compromise ongoing criminal
investigations,' according to a management letter. Politico first reported the findings in June, and the New York Times wrote a piece about them in October. But
Whitcomb’s testimony marked the first time that the inspector general’s office
publicly revealed that the Postal Service almost never denies mail-cover requests....
Timothy Edgar, a former Obama White House privacy expert who now works
with Brown University’s Watson Institute for International Studies, described
the inspector general’s findings as troubling. 'They shake our confidence in
longstanding principles of privacy and civil liberties,' he said in testimony for the
hearing. 'The Postal Service must be a stickler for proper procedure — it cannot
afford to be lax.'" |
"The Senate blocked legislation that would have limited the National
Security Agency’s bulk collection of phone records, more than year after Edward
Snowden exposed the extent of U.S. government surveillance programs. Senate leaders failed
to get the 60 votes needed to advance the bill yesterday. It’s unlikely a new version
can be drafted for another vote before the congressional term expires this year. The bill
was an attempt to force spy agencies to collect only information sought through a court order and exclude the use of broad
searches like by ZIP codes. A coalition of Internet
and technology companies, which include Google Inc. (GOOG) and Twitter Inc. (TWTR), supported the Senate bill
while saying the Republican-backed House version passed in May would still allow bulk
collection of Internet user data." |
"Twitter has become a place where
politics and world events are discussed in real time. The social network helped overthrow
dictators during the Arab Spring, and Twitter hashtags can make big news. But anyone who
wants to go back and review those tweets after the fact have a hard time. Twitter is trying to make the process a lot easier. Twitter has
released a search engine
that indexes every public tweet since 2006, meaning users can easily search through the
hundreds of billions of tweets ever sent.... Deleting tweets doesn't keep them secret
forever. There are places where they can still pop up. The Library of Congress is
archiving every tweet sent for official records, and indexing by search engines can
resurface caches of tweets." |
"What does it look like
when a society loses its sense of privacy? In the almost 18 months since the Snowden files
first received coverage, writers and critics have had to guess at the answer. Does a certain trend, consumer
complaint, or popular
product epitomize some larger shift? Is trust in tech companies eroding—or is a
subset just especially vocal about it? Polling would make those answers clear, but polling
so far has been… confused.
A new study, conducted by the Pew Internet Project
last January and released last week, helps make the average American’s view of his or
her privacy a little clearer. And their confidence in their own privacy is ... low. The
study's findings and the statistics it reports stagger. Vast majorities of Americans are
uncomfortable with how the government uses their data, how private companies use and
distribute their data, and what the government does to regulate those companies. No summary can equal a recounting of the findings. Americans are
displeased with government surveillance en masse: * According to the
study, 70 percent of Americans are 'at least somewhat concerned' with the government
secretly obtaining information they post to social networking sites. * Eighty percent of
respondents agreed that 'Americans should be concerned' with government surveillance of
telephones and the web. They are also uncomfortable with how private corporations use
their data: * Ninety-one percent of Americans believe that 'consumers have lost
control over how personal information is collected and used by companies,' according to
the study. * Eighty percent of Americans who use social networks 'say they are concerned
about third parties like advertisers or businesses accessing the data they share on these
sites.' And even though they’re squeamish about the government’s use of data,
they want it to regulate tech companies and data brokers more strictly: 64 percent wanted
the government to do more to regulate private data collection. Since June 2013, American
politicians and corporate leaders have fretted over how much the leaks would cost U.S.
businesses abroad. 'It’s clear the global community of Internet users doesn’t
like to be caught up in the American surveillance dragnet,' Senator Ron Wyden said
last month.'... According to this poll, the mistrust has already begun
corroding—and is already, in fact, well advanced. We’ve always assumed that the
great hurt to American business will come globally—that citizens of other nations
will stop using tech companies’s services. But the new Pew data shows that Americans
suspect American businesses just as much. And while, unlike citizens of other nations,
they may not have other places to turn, they may stop putting sensitive or delicate
information online." |
"US government-owned airplanes that can cover most of the
continental United States are covertly flying around the country, spying on tens of
thousands of innocent people’s cellphones. It sounds like a movie plot, but in a
remarkable report published on Thursday, the Wall Street Journal exposed that these
spy planes are part of an actual mass surveillance program overseen by the Justice
Department (DOJ). And it’s been kept secret from the public for years. The Journal
explained that the US Marshals Service, a sub-agency under DOJ’s control, has a small
fleet of Cessna airplanes that
are currently armed with high-tech surveillance gear called 'dirtboxes' –
essentially fake cell towers tricking your phone into connecting to them – that can
vacuum the identifying information and location of ten of thousands of phones in a single
flight. The Marshalls allegedly use the mass spying
planes to locate suspects, but of course the vast, vast majority of phones they end up
spying on belong to completely innocent individuals." |
"Research undertaken between 2008 and 2014 suggests that more than
81% of Tor clients can be ‘de-anonymised’ their originating IP addresses
revealed by exploiting the ‘Netflow’ technology that Cisco has built into its
router protocols, and similar traffic analysis software running by default in the hardware
of other manufacturers. Professor Sambuddho
Chakravarty, a former researcher at Columbia University’s Network Security Lab and now
researching Network Anonymity and Privacy at the Indraprastha Institute of Information
Technology in Delhi, has co-published a series of papers over the last six years
outlining the attack vector, and claims a 100% ‘decloaking’ success rate under
laboratory conditions, and 81.4% in the actual wilds of the Tor network. Chakravarty’s technique [PDF] involves introducing disturbances in the
highly-regulated environs of Onion Router protocols using a modified public Tor server
running on Linux - hosted at the time at Columbia University. His work on large-scale
traffic analysis attacks in the Tor environment has convinced him that a well-resourced
organisation could achieve an extremely high capacity to de-anonymise Tor traffic on an ad
hoc basis – but also that one would not necessarily need the resources of a nation
state to do so, stating that a single AS (Autonomous System) could monitor more than
39% of randomly-generated Tor circuits." |
"Media reports this morning have revealed that the federal
government is building
an expansive Social Media Monitoring system to collect, store, and analyze what
Canadians say on social media platforms such as Facebook and Twitter. The report in
Motherboard suggests this system will feature 'real-time monitoring and analysis of social
media content including Twitter, Facebook, blogs, chatrooms, message boards, social
networks and video and image sharing websites'.
Responding to the news, OpenMedia.ca communications manager David Christopher said: 'When
people post on Facebook they believe they’re sharing with their family and friends.
They certainly don’t want everything they say to be tracked, stored, and analyzed by
faceless government bureaucrats in Ottawa.'" |
"Recently, Verizon was
caught tampering with
its customer's web requests to inject a tracking
super-cookie. Another network-tampering threat to user safety has come to light from
other providers: email encryption downgrade attacks. In recent months, researchers have
reported ISPs in
the US and Thailand
intercepting their customers' data to strip a security flag—called STARTTLS—from
email traffic. The STARTTLS
flag is an essential security and privacy protection used by an email server to
request encryption when talking to another server or client. By
stripping out this flag, these ISPs prevent the email servers from successfully encrypting
their conversation, and by default the servers will proceed to send email unencrypted." |
"Germany and Brazil have made alterations to a United Nations draft
resolution on the issue of state surveillance, with the two countries calling for
protection against government spying on communications and personal data. It represents a new version of the anti-surveillance resolution which was
adopted by the UN last year following in the wake of Edward Snowden's revelations
about the extent to which states are collecting metadata for the purposes of spying on
citizens. Metadata includes detailed information about who people are communicating
with, where they made the communication and what websites they visit, in essence allowing
the government to paint a highly accurate picture about who that person is and how they
live their daily lives. The re-write of the UN draft resolution by its German and
Brazilian authors has described this act of collecting metadata for state surveillance as
a 'highly intrusive act'. The draft resolution, which has been submitted to all 193 UN
members, says the practices 'violate the right to privacy and can interfere with the
freedom of expression and may contradict the tenets of a democratic society, especially
when undertaken on a mass scale'. Both Brazil and Germany have had their networks breached
by US surveillance systems, so it's no wonder the two countries have taken it upon
themselves to move against spying. The US's National Security Agency tapped
into the networks of Brazilian oil firm Petroleo Brasileiro SA, while earlier this
year it was revealed that the NSA monitored
phone calls of current German Chancellor Angela Merkel and former
German leader Gerhard Schroeder. The co-authored Brazilian and German draft also
suggests the United Nations should appoint a special envoy to identify and clarify
standards protecting privacy rights. They also call on other states to be required to
provide a remedy should an individual's right to privacy be violated by state-operated
surveillance. A vote on the draft will take place in the UN General Assembly's Third
Committee - the body within the organisation that deals with human rights - later this
month. If successful, it will be put a United Nations resolution in December. 'As the
universal guardian of human rights, the United Nations must play a key role in defending
the right to privacy, as well as freedom of opinion and expression in our digital world,'
said Germany's UN Ambassador, Harald Braun. He added that the draft resolution will 'help
pave the way towards better protection standards'. Since Snowden first revealed the extent
to which governments use web surveillance, the revelations have continued apace. Indeed,
just last month it was publicly admitted by the government that
GCHQ monitors bulk information collected by foreign surveillance agencies, including the
NSA, and does so despite not having any sort of warrant." |
"Car dealers and automotive lenders are targeting those with poor
credit by installing GPS-based kill switches, or
starter-interrupt devices, on the cars that they sell. The New York Times recently reported that about 2 million cars are now
outfitted with such kill switches in the U.S., which is about one-quarter of subprime car
loans, and creditors are not shy when it comes to remotely disabling cars whose owners are
behind on their payments... So far, it seems that while starter-interrupt systems are not
very consumer friendly, they are friendly to those who hold their debt. And the idea might
be catching on elsewhere. Marc Rotenberg, president of the Electronic Privacy Information Center, sees their
success inspiring similar devices for the real estate industry. He recently told NPR that
the same payment assurance technology is now being used by landlords, who can remotely keep renters out of their
apartments if they fall behind on their rent." |
"Robert Hannigan, the
new head of GCHQ, announced his arrival this week with a call for 'greater co-operation'
with security forces by tech companies. Hannigan’s
article in the Financial Times illustrated vividly the destructive ideology that has
driven the infiltration by the British and American intelligence agencies into every
aspects of the digital realm an unquestioning faith in the righteous purpose of
intelligence agencies, a complete mischaracterisation of the nature of the internet and
its value, and a frightening belief that companies stand only on the side of the State,
rather than in the interests of the privacy and security of their users. Hannigan’s
decision to enter the debate in this way is extraordinary. In a parliamentary democracy
based on the Rule of Law, it is not appropriate for civil servants to speak for government
or set policy. His rhetoric is all the more disappointing for being the first public
response by GCHQ to the serious challenges to the lawfulness of its activities since the
first of the Snowden revelations in summer 2013. Such activities include, of course, mass
surveillance of all communications in and out of the British Isles, warrantless access to
the NSA’s databases, the hacking of user devices and even the infiltration of Yahoo webcam chats.
Over the past year, in courts and inquiries and the media, GCHQ has refused to confirm or
deny any of its wrongdoings, and the Government has refused to engage in any constructive
conversation on how to prevent the overreach of intelligence agencies in the digital age. Rather than acknowledge the very real misgivings that the British people
have in the accountability of the services charged with protecting their security,
Hannigan has used his public platform as an exercise in ex-post justification, and to
launch the case for expanded powers. The audacity of such an attack, even as GCHQ is under
the review of the Intelligence Services Committee, the Independent Reviewer of Terrorism
Legislation and the Investigatory Powers Tribunal, is astounding. In any event,
Hannigan’s argument begins from the fundamentally flawed premise that the internet is
a tool of terror, rather than an instrument for public good – the greatest tool for
education, expression, connection and innovation humankind has ever seen. The emancipatory power of the internet lies in its free and
democratic nature. Just as the trade off for a truly democratic society is that dissent,
insecurity and even hatred cannot be stamped out before they materialise, so too a truly
open, democratised internet cannot be sanitised against terror without undermining the
very qualities that make it so important to our lives. This is exactly what mass
surveillance of the internet is aimed at, and as a result it debases the rights to privacy
and free expression that we need for flourishing democracies." |
"Top secret guidelines setting out how the security services have been
instructed to spy on communications between lawyers and the clients have been published
for the first time. Extracts of documents from MI5, MI6 and GCHQ were released as part of
a legal action brought by lawyers from the campaigning charity Reprieve on behalf of two
Libyan men. The papers, disclosed in a tribunal case, are controversial because
communications between lawyers and their clients are covered by 'legal professional
privilege', or LPP, meaning that law enforcement agencies are supposed to respect their
privacy. But the guidelines indicate the security services have been targeting such
communications – by interception methods thought to include telephone taps and e-mail
surveillance – since at last October 2002. One of the extracts, from GCHQ internal
documents, says: 'You may in principle target the communications of lawyers.
'However, you must give careful consideration to necessity and proportionality, because
lawyer-client communications are subject to special protection in UK law on grounds of
confidentiality known as legal professional privilege. 'If you intend to or have
inadvertently targeted lawyers' communications, and it seems likely that advice to a
client will or has been intercepted, you must consult Legal at GCHQ who will seek [legal
adviser] advice.' The Security Service, also known as MI5,
tells its intelligence officers that 'in principle, and subject to the normal requirements
of necessity and proportionality, LPP material may be used just like any other item of
intelligence'. Another
extract from an MI5 document highlights the difficulties posed by spying on lawyers who
are preparing a defendant’s case against criminal charges. 'If an individual who is
investigated by the service is the subject of criminal proceedings, and in the course of
investigation the service intercepts a forensic report prepared for the purpose of those
proceedings then it might be justifiable to put information from that report into the
Service’s database for future use in intelligence investigations. 'However, this
information would not be passed onto the police, in case they use it to gather further
evidence or direct their own forensic experts in such a way as to refute the defence
expert. 'In other words the service mustn’t use LPP material in a way that gives the
appearance of enabling the State to gain an unfair advantage in current or future court
proceedings.' Campaigners and lawyers involved with the Investigatory Powers Tribunal case
said the disclosures raised "troubling implications for the whole British justice
system". Cori Crider, a director at Reprieve, said: 'It’s now clear the
intelligence agencies have been eavesdropping on lawyer-client conversations for years.
'The documents clearly show that MI5’s and GCHQ’s policies on snooping on
lawyers have major loopholes. 'And MI6’s ‘policies’ are so hopeless they
appear to have been jotted down on the back of a beer mat. 'This raises troubling
implications for the whole British justice system. In how many cases has the Government
eavesdropped to give itself an unfair advantage in court?' Richard
Stein, a partner at Leigh Day solicitors, said: 'After many months’ resistance, the
security services have now been forced to disclose the policies which they claim are in
place to protect the confidential communications between lawyers and their clients. 'We
can see why they were so reluctant to disclose them. 'They highlight how the security
services instruct their staff to flout these important principles in a cavalier way. 'We
hope the tribunal will tell the government in no uncertain terms that this conduct is
completely unacceptable.' Disclosure of the material
was resisted on national security grounds by the Government until a tribubal hearing last
week. The papers were released following a claim brought on behalf of Abdel
Hakim Belhaj and Sami al-Saadi who, along with members of their families, were
kidnapped and sent to face punishment in Libya in 2004. The families brought the case
after disclosures on mass surveillance by Edward
Snowden, the former CIA contractor." |
"A technology industry group which represents Silicon Valley giants
including Apple, Microsoft and Google has insisted there will be no 'new deal' with the
Government to tackle web extremism. Robert
Hannigan the new director of GCHQ, the government listening post – had earlier
called for a pact between 'democratic governments and technology companies in the area of
protecting our citizens'. But the head of a leading industry group tech UK representing
860 companies employing more than half a million people in Britain rejected the idea and
said any new moves should instead be based on a 'clear and transparent legal framework'. Julian David, chief executive officer of techUK, also said Mr Hannigan
was 'wrong' to claim IT companies were in denial about misuse of social media and other
technology by Isil terrorists and other extremists. 'To ensure public confidence, both in
the digital economy and our democracy as a whole, any obligations placed upon technology
companies must be based upon a clear and transparent legal framework and effective
oversight rather than, as suggested, a deal between the industry and government,' Mr David
said. ... A rebellion against Mr Hannigan’s comments appeared to be swelling inside
the tech industry, as another industry group dismissed the GCHQ chief’s comments as
'wrong and ill-judged'. The Internet Services Providers’ Association (ISPA) said
disclosures by Edward
Snowden, a former CIA contractor, about the ability of the US and British
government’s surveillance capabilities had exposed the need for 'reform'. 'For this
debate to proceed properly, the security services, law enforcement and Government have to
be more open and transparent about existing capabilities,' an ISPA spokesman said. 'The
mischaracterisation of the Internet as a ‘command and control centre’ for
terrorists is wrong and ill-judged. 'The Snowden revelations changed the landscape:
existing oversight mechanisms were found to be not fit for purpose and there was a lack of
accountability. 'This has to be the starting point for reform.' 'If greater or clearer powers are needed, the case needs to be
made via thorough consultation and legislative proposals should be placed in Parliament
for further scrutiny.' " |
"Computers housing the
world’s most sensitive data are usually 'air-gapped' or isolated from the internet.
They’re also not connected to other systems that are internet-connected, and their
Bluetooth feature is disabled, too. Sometimes, workers are not even allowed to bring
mobile phones within range of the computers. All of this is done to keep important data
out of the hands of remote hackers. But these security measures may be futile in the face
of a new technique researchers in Israel have developed for stealthily extracting
sensitive data from isolated machines using radio frequency signals and a mobile phone. The attack recalls a method the NSA has been secretly using for at least
six years to siphon data in a similar manner. An NSA catalogue of spy tools leaked online
last year describes systems that use radio frequency signals to remotely siphon data from
air-gapped machines using transceivers—a combination receiver and
transmitter—attached to or embedded in the computer instead of a mobile phone. The
spy agency has reportedly used the method in China, Russia and even Iran. But the exact
technique for doing this has never been revealed. The researchers in Israel make no claims
that theirs is the method used by the NSA, but Dudu Mimran, chief technology officer at
the Israeli lab behind the research, acknowledges that if student researchers have
discovered a method for using radio signals to extract data from hard-to-reach systems,
professionals with more experience and resources likely have discovered it, too. 'We are
doing research way behind people [like that],' he told WIRED. 'The people who are doing
that are getting a lot of money and are doing that [full time].' Dubbed 'AirHopper' by the
researchers at Cyber Security Labs at Ben Gurion University, the
proof-of-concept technique allows hackers and spies to surreptitiously siphon passwords
and other data from an infected computer using radio signals generated and transmitted by
the computer and received by a mobile phone. The research was conducted by Mordechai Guri,
Gabi Kedma, Assaf Kachlon, and overseen by their advisor Yuval Elovici. The attack borrows
in part from previous research showing how radio signals (.pdf) can be
generated by a computer’s video card
(.pdf). The researchers in Israel have developed malware that exploits this vulnerability
by generating radio signals that can transmit modulated data that is then received and
decoded by the FM radio receiver built into mobile phones. FM receivers come installed in
many mobile phones as an emergency backup, in part, for receiving radio transmissions when
the internet and cell networks are down. Using this function, however, attackers can turn
a ubiquitous and seemingly innocuous device into an ingenious spy tool. Though a company
or agency may think it has protected its air-gapped network by detaching it from the
outside world, the mobile phones on employee desktops and in their pockets still provide
attackers with a vector to reach classified and other sensitive data. The researchers
tested two methods for transmitting digital data over audio signals but Audio
Frequency-Shift Keying (A-FSK) turned out to be the most effective. '[E]ach letter or
character was keyed with different audio frequency,' they note in a
paper released last week (.pdf) that describes their technique. 'Using less than 40
distinct audio frequencies, we were able to encode simple textual data—both
alphabetical and numerical. This method is very effective for transmitting short textual
massages such as identifiers, key-stroking, keep-alive messages and notifications.' The
data can be picked up by a mobile phone up to 23 feet away and then transmitted over Wi-Fi
or a cellular network to an attacker’s command-and-control server. The victim’s
own mobile phone can be used to receive and transmit the stolen data, or an attacker
lurking outside an office or lab can use his own phone to pick up the transmission. 'With
appropriate software, compatible radio signals can be produced by a compromised computer,
utilizing the electromagnetic radiation associated with the video display adapter,' the
researchers write. 'This combination, of a transmitter with a widely used mobile receiver,
creates a potential covert channel that is not being monitored by ordinary security
instrumentation.' The researchers note that the chain of attack 'is rather complicated,'
but it’s not beyond the skills and abilities already seen in advanced attacks
conducted by hackers in China and elsewhere. Or by the NSA. Generally the most common
method for infecting air-gapped machines is a USB flash drive or other removable media.
Once one air-gapped machine is infected, the malware can spread to other machines on an
air-gapped network. Data can be extracted the same way, though this is more of a
challenge. The malware stores stolen data on the machine until a flash drive is inserted,
at which point data is copied to the drive. When the flash drive is then inserted into
another computer that’s connected to the internet, the data gets transmitted back to
the attackers’ command-and-control center. This method takes time, however, since it
requires the attacker to wait until someone inserts a flash drive into the air-gapped
machine and carries it to an internet-connected machine. AirHopper, however, doesn’t
require repeated action like this once the malware is installed. An attacker only needs to
get their malicious transmitter code onto the targeted machine and then either install the
malicious receiver component on the victim’s mobile phone or use the attacker’s
own mobile phone in the vicinity of the computer to receive the data and transmit it to
the attacker’s command-and-control server. The malware can be programmed to store
siphoned data on the infected machine for later transmission at specified hours or
intervals. The researchers also devised methods for hiding the data transmission on the
targeted machine to avoid detection, including transmitting data only when the monitor is
turned off or in sleep mode and altering the FM receiver on the phone so that there is no
audible tone when data is transmitted to it. Although the distance for transmitting data
from an infected computer to a mobile phone is limited—due to the limitations of the
receiver in phones—attackers could use a stronger portable receiver, set up in a
parking lot for example or installed on a drone flying overhead, to pick up data from
greater distances. There are other limitations, however. The proof-of-concept test allows
for data to be transmitted at only 60 bytes a second—about a line of text per
second—which limits the speed and volume at which attackers could siphon data. But
Mimran notes that over time, a lot of sensitive data can still be extracted this way. 'We
can take out whatever we want,' he told WIRED. 'That only depends on the malicious
software that resides on the computer. If it is a keylogger, then you can take out
whatever the user types.' A 100-byte password file takes 8-10 seconds to transmit using
their method, and a day’s worth of keystrokes takes up to 14 minutes to transmit this
way. But a document just .5 megabytes in size can take up to 15 hours to transmit.
Extracting documents 'would be very slow and it will take a long time,' Mimran
acknowledges, 'but this [demonstration] is just a proof-of-concept. I guess the bad people
can make it more sophisticated.' Indeed, the NSA
catalogue of surveillance tools leaked last year, known as the ANT catalogue,
describes something called the Cottonmouth-I,
a hardware implant that resembles an ordinary USB plug except it has a tiny transceiver,
called the HowlerMonkey, embedded in it for extracting data via RF signals. According to
the New York Times, which published additional
information about the Cottonmouth-I, the transceiver transmits the stolen data to a
briefcase-sized NSA field station or relay station, called the Nightstand, which can be
positioned up to eight miles away. Once the data is received by the relay station,
it’s further transmitted to the NSA’s Remote Operations Center. Available since
2009, the Cottonmouth-1 is sold in packs of 50 for about $1 million. This method of data
extraction may have been used in Iran to siphon intelligence about the nuclear program
there, the Times reports—perhaps in preparation for the Stuxnet attack, which
sabotaged computers controlling centrifuges used to enrich uranium gas in Iran. A USB plug, however, requires physical access to a targeted computer in
the field or it requires the victim to unwittingly insert the USB plug into the computer
before the transmission can occur. An alternative method to this, the leaked document
notes, is embedding tiny circuit boards in the targeted computer to do the transmission.
One way to compromise the machine would be to intercept new
equipment enroute to a customer so that it arrives to the victim already equipped to
transmit stolen data. According to the document published by
the Times, the RF transceiver can also be used to implant malware on a targeted system,
not just extract data from it. Radio frequency hacks are difficult to mitigate, short of
physically insulating computers and cables to prevent emissions from being picked up by
receivers. This may be practical for military and other classified facilities to do, but
not for commercial companies that are trying to protect sensitive data from such attacks.
Prohibiting mobile phones from work areas will not help, since outside receivers can be
used in place of mobile phones to extract data." |
"Police snoopers are capturing phone data from tens of thousands of
innocent people, allowing officers to listen to calls, block phone signal, and even send
fake text messages, it has been claimed. Controversial ISMI catchers are being used by the
Metropolitan Police, the country's largest force, to spy on suspects' mobile phones,
according to reports. But the devices also 'hoover
up' data from every other mobile within their range, meaning thousands of innocent people
are being unintentionally targeted. The devices are regularly used by the Met in large
scale investigations, and are thought to be used by the National Crime Agency, according
to The Times." |
"Just like with other electronic devices that used to be 'dumb,'
TVs have become increasingly smart lately, but that doesn’t mean that’s
necessarily a good thing, especially when it comes to user privacy. At least that’s
what Brennan Center’s Michael Price seems to think after he replaced his older TV
that could offer access just to TV programs with a smart TV model that also delivers
'streaming multimedia content, games, apps, social media and Internet browsing.' 'The only
problem is that I’m now afraid to use it. You would be too — if you read through
the 46-page privacy policy,' Price wrote. 'The
amount of data this thing collects is staggering. It logs where, when, how, and for how
long you use the TV. It sets tracking cookies and beacons designed to detect ‘when
you have viewed particular content or a particular email message.’ It records
‘the apps you use, the websites you visit, and how you interact with content.’
It ignores ‘do-not-track’ requests as a considered matter of policy.' On the
other hand, this isn’t the first time a smart TV has been
found capable of tracking your activities for advertising purposes, so buyers should
always try to go through the privacy policies they agree to when using such a device, and
try to limit tracking if and when possible. Furthermore, the device has a built-in camera
with facial recognition and a microphone with voice recognition features, both tools that
hackers or spy agencies could use to spy on unsuspecting buyers, Price says. In addition
to being used for ad purposes, these smart devices might also be hacked only as long as
they’re connected to the Internet. Owners could
decide to remove Internet access from their smart TVs to protect themselves against
tracking and spying, but they’d lose most of their smart features in the process." |
"After security researcher Jeffrey Paul upgraded the operating
system on his MacBook Pro last week, he discovered that several of his personal files had
found a new home on the cloud. The computer had saved the files, which Paul thought
resided only on his own encrypted hard drive, to a remote server Apple controlled. 'This is unacceptable,' thundered Paul, an American based in Berlin, on
his personal blog a
few days later. 'Apple has taken local files on my computer not stored in iCloud and
silently and without my permission uploaded them to their servers - across all
applications, Apple and otherwise.' He was not alone in either his frustration or
surprise. Johns Hopkins University cryptographer Matthew D. Green tweeted his dismay
after realizing that some private notes had found their way to iCloud. Bruce Schneier,
another prominent cryptography expert, wrote a blog
post calling the automatic saving function 'both dangerous and poorly documented' by
Apple." The criticism was all the more notable because its target, Apple, had just
enjoyed weeks of applause within the computer security community for releasing a bold new
form of smartphone encryption capable of thwarting government searches – even when
police got warrants. Yet here was an awkward flip side: Police still can gain access to
files stored on cloud services, and Apple seemed determined to migrate more and more
data to them. The once-clear line between devices – such as Macs or iPhones
– and proprietary cloud services is all but vanishing, security experts warn. And it
isn’t just Apple doing it. Microsoft, Google and others increasingly are relying on
cheap, easily accessible storage capacity to roll out new features for customers.
Apple’s automatic saving function allows users to switch seamlessly between devices,
without fear of losing documents or edits. That’s great news if your Mac gets stolen
and you need to buy a new one. But security experts such as Paul are asking, at what price
in privacy? 'For me,' said Green in an interview, 'this is really shocking. I’ve been
taking a lot of confidential notes in business meetings in TextEdit' – one of the
programs that automatically saves some files to iCloud." |
"I just bought a new TV. The old one had a good run, but after the
volume got stuck on 63, I decided it was time to replace it. I am now the owner of a new
'smart' TV, which promises to deliver streaming multimedia content, games, apps, social
media and Internet browsing. Oh, and TV too. The only problem is that I’m now afraid
to use it. You would be too — if you read through the 46-page privacy policy. The
amount of data this thing collects is staggering. It logs where, when, how and for how
long you use the TV. It sets tracking cookies and beacons designed to detect 'when you
have viewed particular content or a particular email message.' It records 'the apps you
use, the websites you visit, and how you interact with content.' It ignores 'do-not-track'
requests as a considered matter of policy. It also
has a built-in camera — with facial recognition. The purpose is to provide 'gesture
control' for the TV and enable you to log in to a personalized account using your face. On
the upside, the images are saved on the TV instead of uploaded to a corporate server. On
the downside, the Internet connection makes the whole TV vulnerable to hackers who have
demonstrated the ability to take complete control of the machine. More troubling is the
microphone. The TV boasts a 'voice recognition' feature that allows viewers to control the
screen with voice commands. But the service comes with a rather ominous warning: 'Please
be aware that if your spoken words include personal or other sensitive information, that
information will be among the data captured and transmitted to a third party.' Got that?
Don’t say personal or sensitive stuff in front of the TV. You may not be watching,
but the telescreen is listening. I do not doubt that this data is important to providing
customized content and convenience, but it is also incredibly personal, constitutionally
protected information that should not be for sale to advertisers and should require a
warrant for law enforcement to access. Unfortunately, current law affords little privacy
protection to so-called 'third party records,' including email, telephone records, and
data stored in 'the cloud.' Much of the data captured and transmitted by my new TV would
likely fall into this category. Although one federal court of appeals has found this rule
unconstitutional with respect to email, the principle remains a bedrock of modern
electronic surveillance. According to retired Gen.
David Petraeus, former head of the CIA, Internet-enabled 'smart' devices can be exploited
to reveal a wealth of personal data. 'Items of interest will be located, identified,
monitored, and remotely controlled through technologies such as radio-frequency
identification, sensor networks, tiny embedded servers, and energy harvester,' he
reportedly told a venture capital firm in 2012. 'We’ll spy on you through your
dishwasher,' read one headline. Indeed, as the 'Internet of Things' matures, household
appliances and physical objects will become more networked. Your ceiling lights,
thermostat and washing machine — even your socks — may be wired to interact
online. The FBI will not have to bug your living room; you will do it yourself." |
"Brazil
is planning a $185 million project to lay fiber-optic cable across the Atlantic Ocean,
which could entail buying gear from multiple vendors. What it won’t need: U.S.-made
technology. The cable is being overseen by state-owned telecommunications company Telecomunicacoes Brasileiras SA (TELB4), known as
Telebras. Even though Telebras’s suppliers include U.S. companies such as Cisco Systems Inc. (CSCO), Telebras President
Francisco Ziober Filho said in an interview that the cable project can be built without
any U.S. companies. The potential to exclude U.S. vendors illustrates the fallout that is
starting to unfold from revelations last year that the U.S. National Security Agency spied
on international leaders like Brazil’s Dilma Rousseff and Germany’s Angela Merkel to
gather intelligence on terror suspects worldwide.
...The Telebras-planned cable, which will run 3,500 miles from the Brazilian city of
Fortaleza to Portugal,
shows how losses to U.S. technology companies from the NSA disclosures are now
crystallizing. While much of the handwringing over damage to U.S. firms has focused on
existing technology contracts, the pain may come more from projects that are just getting
off the ground. In many cases, it’s too costly and complex to remove existing
computing infrastructure, no matter the rhetoric coming from government leaders. The
Telebras-planned cable, which will run 3,500 miles from the Brazilian city of Fortaleza to
Portugal, shows how
losses to U.S. technology companies from the NSA disclosures are now crystallizing. While
much of the handwringing over damage to U.S. firms has focused on existing technology
contracts, the pain may come more from projects that are just getting off the ground. In
many cases, it’s too costly and complex to remove existing computing infrastructure,
no matter the rhetoric coming from government leaders." |
"The FBI is attempting to persuade an obscure regulatory body in
Washington to change its rules of engagement in order to seize significant new powers to
hack into and carry out surveillance of computers throughout the US and around the world.
Civil liberties groups warn that the proposed rule change amounts to a power grab by the
agency that would ride roughshod over strict limits to searches and seizures laid out
under the fourth amendment of the US constitution, as well as violate first amendment
privacy rights. They have protested that the FBI is
seeking to transform its cyber capabilities with minimal public debate and with no
congressional oversight. The
regulatory body to which the Department of Justice has applied to make the rule
change, the advisory committee on criminal rules, will meet for the first time on November
5 to discuss the issue. The panel will be addressed by a slew of technology experts and
privacy advocates concerned about the possible ramifications were the proposals allowed to
go into effect next year." |
"British authorities are capable of tapping into bulk
communications data collected by other countries' intelligence services including the
National Security Agency without a warrant, according to secret government documents
released Tuesday. The agreement between the NSA and Britain's spy agency, known as
Government Communications Headquarters or GCHQ, potentially puts the Internet and phone
data of Americans in the hands of another country without legal oversight when obtaining a
warrant is 'not technically feasible.' The data, once obtained, can be kept for up to two
years, according to internal policies disclosed by the British government. GCHQ was forced
to reveal that it can request and receive vast quantities of raw, unanalyzed data
collected from foreign governments it partners with during legal proceedings in a closed
court hearing in a case brought by various international human-rights organizations,
including Privacy International, Liberty U.K., and Amnesty International. The suit challenges certain aspects of GCHQ's surveillance practices. It
is well known that the NSA and GCHQ closely share intelligence data with one another, as
part of a long-standing surveillance partnership. Some details of the agencies' spy pact
were exposed by former NSA contractor Edward Snowden last year, including the existence of
GCHQ's Tempora
program, which taps into fiber-optic cables to scoop up online and telephone traffic
across the Web for up to 30 days. But this is the
first time the British government has disclosed that it does not require a warrant to
access data collected and maintained by its American counterparts. The revelation appears
to counter statements made by an oversight committee of the British Parliament in July of
last year that 'in each case where GCHQ sought information from the U.S., a warrant for
interception, signed by a minister, was already in place.' It is unclear whether any restrictions on Britain's access to NSA
surveillance data is imposed by the U.S. However, documents provided by Snowden to The
Guardian last year reveal that the NSA shares
raw intelligence data with Israel without removing information about U.S.
citizens." |
"The White House says it is making progress in its effort to kill
the online password. Security alternatives to the password funded by the administration
will start rolling out in six to 12 months, White House Cybersecurity Coordinator Michael
Daniel said Tuesday at the Chamber of Commerce. 'We
simply have to kill off the password,' he said. 'It's a terrible form of security.' The
White House has been trying to push people away from passwords since early 2011, when it
launched the National Strategy for Trusted Identities in Cyberspace (NSTIC). The
initiative funded public-private pilot programs working on secure password replacements.
'There are plenty of technical solutions,' Daniel said. But what hasn’t been
'cracked' are the 'non-technical humps' to adoption, such as liability and networking
issues, he said. The projects on the cusp should address these hindrances, Daniel said.
'I'm excited to report very soon we will have many of these pilots starting to come to
fruition. Daniel did not give specifics on exactly which of the pilot programs —
ranging from using a mobile device for identification to using a wearable ring or bracelet
— will be rolled out. But they will be 'widely available" once they are ready,
he said." |
"In a rare public accounting of
its mass surveillance program, the United States Postal
Service reported that it approved nearly 50,000 requests last year from law
enforcement agencies and its own internal inspection unit to secretly monitor the mail of
Americans for use in criminal and national security investigations. The number of requests, contained in a 2014
audit of the surveillance program by the Postal Service’s inspector general,
shows that the surveillance program is more extensive than previously disclosed and that
oversight protecting Americans from potential abuses is lax. The audit, along with
interviews and documents obtained by The New York Times under the Freedom of Information
Act, offers one of the first detailed looks at the scope of the program, which has played
an important role in the nation’s vast surveillance effort since the terrorist
attacks of Sept. 11, 2001. The audit, which was reported on earlier by Politico,
found that in many cases the Postal Service approved requests to monitor an
individual’s mail without adequately describing the reason or having proper written
authorization. In addition to raising privacy concerns, the audit questioned the
efficiency and accuracy of the Postal Service in handling the requests. Many requests were
not processed in time, the audit said, and computer errors caused the same tracking number
to be assigned to different surveillance requests. 'Insufficient controls could hinder the
Postal Inspection Service’s ability to conduct effective investigations, lead to
public concerns over privacy of mail and harm the Postal Service’s brand,' the audit
concluded. The audit was posted in May without public announcement on the website of the
Postal Service inspector general and got almost no attention. The
surveillance program, officially called mail covers,
is more than a century old, but is still considered a powerful investigative tool. At the
request of state or federal law enforcement agencies or the Postal Inspection Service,
postal workers record names, return addresses and any other information from the outside
of letters and packages before they are delivered to a person’s home. Law enforcement
officials say this deceptively old-fashioned method of collecting data provides a wealth
of information about the businesses and associates of their targets, and can lead to bank
and property records and even accomplices. (Opening
the mail requires a warrant.) Interviews and court records also show that the surveillance
program was used by a county attorney and sheriff to investigate a political opponent in
Arizona — the county attorney was later disbarred in part because of the
investigation — and to monitor privileged communications between lawyers and their
clients, a practice not allowed under postal regulations. Theodore Simon, president of the
National Association of Criminal Defense Lawyers, said he was troubled by the audit and
the potential for the Postal Service to snoop uncontrolled into the private lives of
Americans.'It appears that there has been widespread disregard of the few protections that
were supposed to be in place,' Mr. Simon said. In information provided to The Times
earlier this year under the Freedom of Information Act, the Postal Service said that from
2001 through 2012, local, state and federal law enforcement agencies made more than
100,000 requests to monitor the mail of Americans. That would amount to an average of some
8,000 requests a year — far fewer than the nearly 50,000 requests in 2013 that the
Postal Service reported in the audit. The difference is that the Postal Service apparently
did not provide to The Times the number of surveillance requests made for national
security investigations or those requested by its own investigation and law enforcement
arm, the Postal Inspection Service....The Postal Service also uses a program called Mail
Imaging, in which its computers photograph the exterior of every piece of paper mail sent
in the United States. The program’s primary purpose is to process the mail, but in
some cases it is also used as a surveillance system that allows law enforcement agencies
to request stored images of mail sent to and received by people they are investigating....
Despite the sweep of the programs, postal officials say they are both less intrusive than
that of the National Security Agency’s vast collection of phone and Internet records
and have safeguards to protect the privacy and civil liberties of Americans. 'You
can’t just get a mail cover to go on a fishing expedition,' said Paul J. Krenn, a
spokesman for the Postal Inspection Service. 'There has to be a legitimate law enforcement
reason, and the mail cover can’t be the sole tool.' The mail cover surveillance
requests cut across all levels of government — from global intelligence
investigations by the United States Army Criminal Investigations Command, which requested
500 mail covers from 2001 through 2012, to state-level criminal inquiries by the Georgia
Bureau of Investigation, which requested 69 mail covers in the same period. The Department
of Veterans Affairs requested 305, and the State Department’s Bureau of Diplomatic
Security asked for 256. The information was provided to The Times under the Freedom of
Information request.... Defense lawyers say the
secrecy concerning the surveillance makes it hard to track abuses in the program because
most people are not aware they are being monitored. But there have been a few cases in
which the program appears to have been abused by law enforcement officials. In Arizona in 2011, Mary Rose Wilcox, a Maricopa County supervisor,
discovered that her mail was being monitored by the county’s sheriff, Joe Arpaio. Ms.
Wilcox had been a frequent critic of Mr. Arpaio, objecting to what she considered the
targeting of Hispanics in his immigration sweeps. The Postal Service had granted an
earlier request from Mr. Arpaio and Andrew Thomas, who was then the county attorney, to
track Ms. Wilcox’s personal and business mail. Using information gleaned from letters
and packages sent to Ms. Wilcox and her husband, Mr. Arpaio and Mr. Thomas obtained
warrants for banking and other information about two restaurants the couple owned. The
sheriff’s office also raided a company that hired Ms. Wilcox to provide concessions
at the local airport. 'We lost the contract we had for the concession at the airport, and
the investigation into our business scared people away from our restaurants,' Ms. Wilcox
said in an interview. 'I don’t blame the Postal Service, but you shouldn’t be
able to just use these mail covers to go on a fishing expedition. There needs to be more
control.' She sued the county, was awarded nearly $1 million in a settlement in 2011 and
received the money this June when the Ninth Circuit Court of Appeals upheld
the ruling. Mr. Thomas, the former county attorney, was
disbarred for his role in investigations into the business dealings of Ms. Wilcox and
other officials and for other unprofessional conduct. The Maricopa County Sheriff’s
Office declined to comment on Mr. Arpaio’s use of mail covers in the investigation of
Ms. Wilcox. In another instance, Cynthia Orr, a defense lawyer in San Antonio, recalled
that while working on a pornography case in the early 2000s, federal prosecutors used mail
covers to track communications between her team of lawyers and a client who was facing
obscenity and tax evasion charges. Ms. Orr complained to prosecutors but never learned if
the tracking stopped. Her team lost the case. 'The troubling part is that they don’t
have to report the use of this tool to anyone,' Ms. Orr said in an interview. The Postal
Service declined to comment on the case." |
"Israel and not America was behind the hacking of millions of French
phones, it was claimed today. In the latest extraordinary twist in the global
eavesdropping scandal, Israeli agents are said to have intercepted more than 70 million
calls and text messages a month. Up until now the French have been blaming the U.S., even
summoning the country’s Paris ambassador to provide an explanation. But today’s
Le Monde newspaper provides evidence that it was in fact Israeli agents who were listening
in. France first suspected the U.S. of hacking into former president Nicolas
Sarkozy’s communications network when he was unsuccessfully trying for re-election in 2012. Intelligence
officials Bernard Barbier and Patrick Pailloux travelled from Paris to Washington to
demand an explanation, but the Americans hinted that the Israelis were to blame. The Americans insisted they have never been behind any hacking in France,
and were always keen to get on with the French, whom they viewed as some of their closest
allies. They were so determined to be friends with the French, that U.S. briefing notes
included details of how to pronounce the names of the Gallic officials. A note published
in Le Monde shows that the Americans refused to rule out Mossad, Israel’s notoriously
uncompromising intelligence agency, or the ISNU, Israel’s cyber-intelligence unit.
Tailored Access Operations (TAO), the branch of the US National Security Agency (NSA)
which deals with cyber-attacks, is referred to throughout the note. It reads: ‘TAO
intentionally did not ask either Mossad or ISNU whether they were involved as France is
not an approved target for joint discussions.’ Le Monde’s article, co-authored
by U.S. journalist Glenn Greenwald, whose main contact is NSA whistleblower Edward
Snowden, however, hints that the Israelis were doing the spying. Both US and French
intelligence work closely with Mossad, but there is known to be a great deal of suspicion
between all the agencies. A 2008 NSA note says that the Israelis are ‘excellent
partners in terms of sharing information’, but it also says that Mossad is ‘the
third most aggressive intelligence service in the world against the United
States’." |
"Millions of people are being spied on by free apps they have
installed on their mobile phones, security experts have warned. Many flashlight apps which
allow a device to be used as a torch also secretly record the most sensitive personal
information. This may include the location of the phone, details of its owner and
their contacts, and even the content of text messages. The data is then transmitted to
market research companies and advertising agencies to track user’s shopping habits,
experts claim. But it is also suspected that
criminal gangs, hackers and identity thieves have developed torch apps of their own to
obtain personal data about consumers which could give them access to their bank accounts.
The most popular flashlight apps for Android smartphones have been downloaded tens of
millions of times. They include the Super-Bright LED Flashlight, the Brightest
Flashlight Free and the Tiny Flashlight+LED. But few customers realise that many programs
have capabilities far beyond switching on the phone’s light, according to American
cyber-security firm SnoopWall, whose founder Gary Miliefsky has advised the US
government.... The threat does not apply to the in-built flashlight on Apple’s
iPhones. Technology experts say the warning should serve as a reminder that if an app is
free, its business model may involve selling the customer’s data." |
"Speaking at the
Playful conference in London on Friday, [Annie] Machon paid tribute to Edward Snowden, who
revealed details of surveillance by the US’s National Security Agency (NSA), for
revealing the extent of modern surveillance and the invasion of privacy. Of the UK’s
spy agency, she said: 'GCHQ has prostituted itself the the NSA to the tune of million of
dollars with no accountability or oversight - they tell the NSA ‘we can do stuff you
can’t do’. We live in an endemic
surveillance state now. Politicians say ‘we know the intelligence agencies are
working within the law and protecting, not eroding, our freedoms’. But politicians
don’t have a bastard clue what spies can get away with and Britain is the least
accountable of all the western intelligence agencies.' Machon signed the Official Secrets Act when she joined MI5 in 1990 after
an intensive 10-month recruitment process. She had wanted to work as a diplomat but was
sent a mysterious letter which suggested other career possibilities. 'I had no idea what
I’d be doing the first day I walked through the door of MI5. All I knew was my
paygrade and salary, but I had signed up to a secret world.' Machon described working as a
general officer, arranging phone and physical surveillance of subjects. 'When I first started reading transcripts of phone conversations it felt
highly intrusive - information about their private lives and who
they were having an affair with that even their families
didn’t know. It becomes god-like … a massive sense of dislocation from the real
world.'... She spoke of the personal cost of living
a secret life when working in intelligence, and the dislocation of living a life fractured
between a hidden and public life. 'I cannot shake off the paranoia that I am being watched
or followed,' she explained. 'When we were under investigation our phone calls and
emails were under surveillance but also our friends, who were under pressure to report
back. That invasive lack of privacy can be very damaging to the human soul, and thanks to
Snowden we know we are all living under that sense of a lack of privacy and
surveillance.'...Machon made a plea for whistleblowers to be supported by the press and
public by focusing not on the 'diversionary tactic' of their personal lives but on what
they are trying to expose. 'Snowden will not be the last but might be the bravest
whistleblower in intelligence agency history.'" |
"While you're shopping, police are watching. According to documents obtained via a public records request, Bloomington
police operate twelve license plate readers at Mall of America. In the past 90 days,
more than 2,275,000 cars have been scanned. Of those, more than 12,000 were
"hits," meaning the license plate is tied to someone suspected of committing a
crime. "I do believe this technology is very
helpful in our job, in trying to keep our community safe," said Bloomington Police
Chief Jeff Potts. "We've recovered five stolen cars going to the Mall of America.
That's a good thing." The readers have helped solve some high-profile crimes. For
example, evidence from license plate readers helped convict a man of throwing rocks, glass
bottles and even a metal vice at drivers in Bloomington in late 2011 and early 2012.
Regardless, some lawmakers still take issue with the technology. "If you're innocent
and there's no cause to be under surveillance, then you ought not be under surveillance,
and this is a form of surveillance," said State Senator Branden Peterson. Petersen is
a member of the Legislative Commission on Data Practices. He thinks there is a practical
use for the readers, but says the amount of time police keep the data -- 90 days in
Bloomington -- is concerning. "The burden really is on the state to have a compelling
reason to collect information on innocent people," he explained. "It's not the
other way around. So I'd turn the question around and say, 'well why is that really
necessary?'" In a statement, Mall of America officials said they don't "have
access to data relating to the registration or ownership of these vehicles." They
also said they're committed to ensuring the safety of their guests, tenants and employees.
Right now there aren't any laws governing the use of license plate readers in Minnesota.
That may change in the next legislative session, when this issue is expected to come up.
The technology is in use across the state, not just in Bloomington, and in some cases,
it’s been around for years." |
"Police forces in the UK are accessing people’s mobile call
records without their knowledge or consent, The Times has reported. Police are
exploiting loopholes in Britain’s surveillance laws to access people’s texts,
voicemails, and emails. The report claims that British police can access communication
information stored on a mobile device without a warrant, instead only needing a
‘production order’. The Regulation of
Investigatory Powers Act (RIPA) requires that the police obtain a search warrant issued by
the Home Secretary to access live phone calls. The interception of communications
commissioner controls this process. However, a warrant is not required to access call
records; a production order is more than enough. These orders are issued by a circuit
judge who has to be convinced that a mobile user has committed a criminal offense and that
the police should have access to their call records to protect the public interest. The
Times discovered that over a period of three years, Northumbria Police secured 72
production orders whereas Merseyside secured 25. West Midlands police had obtained the
highest number of such orders at 329. This has led many legal analysts to suspect that the
process is being abused because a single police force is very unlikely to have so many
cases that require the inspection of call records. Most mobile customers whose
communications are being hacked are unaware of the act. The police simply discard the
messages that they don’t find interesting. RIPA was originally passed to help fight
terrorism, but now the law enforcement agency has been accused of exploiting this Act to
gain easy access to the telephone records of journalists." |
"In a rare decision, the Florida Supreme Court ruled last
Friday that law enforcement must get a warrant in order to track a suspect’s location
via his or her mobile phone. Many legal experts
applauded the decision as a step in the right direction for privacy. "[The] opinion
is a resounding defense of our right to privacy in the digital age," Nate Freed Wessler, staff
attorney with the American Civil Liberties Union, said in a
statement. "Following people’s movements by secretly turning their cell
phones into tracking devices can reveal extremely sensitive details of our lives, like
where we go to the doctor or psychiatrist, where we spend the night, and who our friends
are. Police are now on notice that they need to get a warrant from a judge before tracking
cell phones, whether using information from the service provider or their own
‘stingray’ cell phone tracking equipment." To be clear, the ruling does not
specifically mention stingrays—the devices designed to sweep up, pinpoint, and
intercept cellular data in real-time. Providers can achieve the same location-tracking
ends on their own. However, the legal reasoning is the same regardless of the means.
"The decision as I read it quickly stands for the proposition that probable cause is
required for real-time cell site location information," Brian Owsley, a former federal
judge in Texas who is now a law professor at Indiana Tech, told Ars. "This is a
significant decision, but not by any means the first time that a court has concluded this.
Regarding stingrays, it has significance implicitly in that it can limit the use of
stingrays by requiring probable cause to be demonstrated before they can be
deployed." |
"Apple has begun automatically collecting the locations of users
and the queries they type when searching for files with the newest Mac operating system, a
function that has provoked backlash for a company that portrays itself as a leader on
privacy. The function is part of Spotlight search, which was updated with last week’s
launch of new Mac computers and Apple’s latest operating system, Yosemite OS X, which
also is available for download to owners of older machines. Once Yosemite is installed,
users searching for files – even on their own hard drives -- have their locations,
unique identifying codes and search terms automatically sent to the company, keystroke by
keystroke. The same is true for devices using
Apple’s latest mobile operating system, iOS 8. A pop-up window discloses the change,
saying collecting the data helps provide results 'more relevant to you' as
Spotlight also looks beyond individual computers to gather information across the
Internet, much like popular search engines such as Google already do. But privacy
advocates worry that users won’t understand what information is collected and how to
stop the transmission of data to Apple, which happens by default.The change is the latest
by a major technology company hoping to more closely integrate individual devices with
remote cloud services. Yet the privacy consequences could be significant because while
devices – such as computers, smartphones and music players – are increasingly
well protected with encryption and other defenses, remote cloud services have proven more
vulnerable to outside attack, as happened when hackers extracted the intimate photos of
Hollywood celebrities this summer from accounts on Apple’s iCloud service. 'We are
absolutely committed to protecting our users' privacy and have built privacy right into
our products,' Apple said in a statement Monday night. It said the company had worked to
'minimize the amount of information sent to Apple' and had implemented several protections
to keep user information private. The reaction to the changes on Spotlight was harsh on
Twitter, with some critics saying the change had undermined Apple’s increasingly
vocal position on user privacy as it released new forms of encryption for its popular
mobile devices, such as the iPhone, that made it difficult even for police to access when
they have search warrants." |
"The U.S. National
Security Agency has launched an internal review of a senior official’s part-time work
for a private venture started by former NSA director Keith Alexander that raises questions
over the blurring of lines between government and business. Under the arrangement, which
was confirmed by Alexander and current intelligence officials, NSA's Chief Technical
Officer, Patrick Dowd, is allowed to work up to 20 hours a week at IronNet Cybersecurity
Inc, the private firm led by Alexander, a retired Army general and his former boss. The
arrangement was approved by top NSA managers, current and former officials said. It does
not appear to break any laws and it could not be determined whether Dowd has actually
begun working for Alexander, who retired from the NSA in March..... Current and former U.S. intelligence officials, some of whom
requested anonymity to discuss personnel matters, said they could not recall a previous
instance in which a high-ranking U.S. intelligence official was allowed to concurrently
work for a private-sector firm. They said it risked
a conflict of interest between sensitive government work and private business, and could be seen as giving favoritism
to Alexander's venture. IronNet Cybersecurity is developing a new approach to protect
computer networks from hackers and is marketing it to financial institutions and other private-sector
firms. Alexander, who was the eavesdropping and code-breaking agency's longest-serving
director, confirmed the arrangement with Dowd in an interview with Reuters. He said he
understood it had been approved by all the necessary government authorities, and that
IronNet Cybersecurity, not the government, would pay for Dowd's time spent with the firm.
Dowd, he said, wanted to join IronNet, and the deal was devised as a way to keep Dowd's
technological expertise at least partly within the U.S. government, rather than losing him
permanently to the private sector." |
"Companies like Apple Inc. and Google
Inc. should be required to build surveillance capabilities into their products to help
law enforcement with their probes, according to the Federal Bureau of Investigation.
Providers of new communication services should create a 'front door' method to intercept
data as certain technology isn’t covered by legislation that requires telecom
companies to have monitoring capabilities, FBI Director James Comey said yesterday at a Brookings Institution event in
Washington. 'We are struggling to keep up with
changing technology and maintain our ability to actually collect communications we are
authorized to collect,' Comey said. His comments add to tensions between law enforcement
and technology companies trying to stand up for the privacy rights of their users. Google
and Apple recently ratcheted up encryption on their mobile devices to improve security, a
move the FBI, the U.S. Attorney General and police officials have said makes it harder to
investigate crimes ranging from child abuse to drug trafficking." |
"The Home Secretary has defended the harvesting of bulk
communications data by Britain’s intelligence agencies, insisting they need to
acquire a 'haystack' in order to find a 'needle'.
Appearing in front of the parliamentary security watchdog, Theresa May denied that the
collection of vast amounts of data, such as email and telephone records, amounted to 'mass
surveillance'. Most of the data collected by agencies such as GCHQ, the Government
listening post, 'will not be touched' because only specific information is accessed, in a
'targeted process', she said. In an appearance before
the Intelligence and Security Committee (ISC), Mrs May refused to commit to releasing
statistics showing when the use of mass data has successfully protected the public.
However she pledged to consider whether more could be done to improve confidence in the
actions of Britain’s spies." |
"The United Nations’ top official for counter-terrorism and
human rights (known as the 'Special Rapporteur') issued a
formal report to the U.N. General Assembly today that condemns mass electronic
surveillance as a clear violation of core privacy rights guaranteed by
multiple treaties and conventions. 'The hard truth is that the use of mass
surveillance technology effectively does away with the right to privacy of communications
on the Internet altogether,' the report concluded. Central to the Rapporteur’s
findings is the distinction between 'targeted surveillance' which 'depend[s] upon the
existence of prior suspicion of the targeted individual or organization' — and 'mass
surveillance,' whereby 'states with high levels of Internet penetration can gain
access to the telephone and e-mail content of an effectively unlimited number of users and
maintain an overview of Internet activity associated with particular websites.' In a
system of 'mass surveillance,' the report explained, 'all of this is possible without any
prior suspicion related to a specific individual or organization. The communications of
literally every Internet user are potentially open for inspection by intelligence and law
enforcement agencies in the States concerned.' Mass surveillance thus 'amounts to a
systematic interference with the right to respect for the privacy of communications,' it
declared. As a result, 'it is incompatible with
existing concepts of privacy for States to collect all communications or metadata all the
time indiscriminately.' In concluding that mass surveillance impinges core privacy
rights, the report was primarily focused on the International
Covenant on Civil and Political Rights, a treaty enacted by the General Assembly in
1966, to which all of the members of the 'Five Eyes' alliance are signatories. The U.S. ratified the treaty in 1992,
albeit with various reservations that allowed for the continuation of the death
penalty and which rendered its domestic law supreme. With the exception of the U.S.’s
Persian Gulf allies (Saudi Arabia, UAE and Qatar), virtually every major country has signed
the treaty. Article 17 of the Covenant guarantees the right of privacy, the
defining protection of which, the report explained, is 'that individuals
have the right to share information and ideas with one another without interference by the
State, secure in the knowledge that their communication will reach and be read by the
intended recipients alone.' The report’s key conclusion is that this core right is
impinged by mass surveillance programs: 'Bulk access technology is indiscriminately
corrosive of online privacy and impinges on the very essence of the right guaranteed by
article 17. In the absence of a formal derogation from States’ obligations under the
Covenant, these programs pose a direct and ongoing challenge to an established norm of
international law.'... the report explained that 'states deploying this
technology retain a monopoly of information about its impact,' which is 'a form of
conceptual censorship … that precludes informed debate.' A June report
from the High Commissioner for Human Rights similarly noted 'the
disturbing lack of governmental transparency associated with surveillance policies, laws
and practices, which hinders any effort to assess their coherence with international
human rights law and to ensure accountability.' The rejection of the 'terrorism'
justification for mass surveillance as devoid of evidence echoes virtually every other
formal investigation into these programs. A federal judge last December found
that the U.S. Government was unable to 'cite a single case in which analysis of the
NSA’s bulk metadata collection actually stopped an imminent terrorist attack.' Later
that month, President Obama’s own Review Group on Intelligence and Communications
Technologies concluded
that mass surveillance 'was not essential to preventing attacks' and information used to
detect plots 'could readily have been obtained in a timely manner using conventional
[court] orders.'...Three Democratic Senators on the Senate Intelligence Committee wrote
in The New York Times that 'the usefulness of the bulk collection program has been
greatly exaggerated' and 'we have yet to see any proof that it provides real, unique value
in protecting national security.' A study by the centrist New America Foundation found
that mass metadata collection 'has had no discernible impact on preventing acts of
terrorism' and, where plots were disrupted, 'traditional law enforcement and investigative
methods provided the tip or evidence to initiate the case.' It labeled the NSA’s
claims to the contrary as 'overblown and even misleading.' While worthless in
counter-terrorism policies, the UN report warned that allowing mass surveillance to
persist with no transparency creates 'an ever present danger of ‘purpose creep,’
by which measures justified on counter-terrorism grounds are made available for use by
public authorities for much less weighty public interest purposes.' Citing the UK as one
example, the report warned that, already, 'a wide range of public bodies have access to
communications data, for a wide variety of purposes, often without judicial authorization
or meaningful independent oversight.'" |
"Over the telephone, in jail and online, a new digital bounty is being
harvested: the human voice. Businesses and governments around the world increasingly are
turning to voice biometrics, or voiceprints, to pay pensions, collect taxes, track
criminals and replace passwords. 'We sometimes call it the invisible biometric,' said Mike
Goldgof, an executive at Madrid-based AGNITiO, one of about 10 leading companies in the
field. Those companies have helped enter more than 65 million
voiceprints into corporate and government databases,
according to Associated Press interviews with dozens of industry representatives and
records requests in the United States, Europe and elsewhere. 'There's a misconception that the technology we have
today is only in the domain of the intelligence services, or the domain of 'Star Trek,' '
said Paul Burmester, of London-based ValidSoft, a voice biometric vendor. 'The technology
is here today, well-proven and commonly available.... In the U.S., law enforcement
officials use the technology to monitor inmates and track offenders who have been paroled.
In New Zealand, the Internal Revenue Department celebrated its 1 millionth voiceprint,
leading the revenue minister to boast that his country had 'the highest level of voice biometric
enrollments per capita in the world.' In South Africa, roughly 7 million voiceprints have
been collected by the country's Social Security Agency, in part to verify that those
claiming pensions are still alive. Activists worry that the popularity of voiceprinting
has a downside. 'It's more mass surveillance,' said Sadhbh McCarthy, an Irish privacy
researcher. "The next thing you know, that will be given to border guards, and you'll
need to speak into a microphone when you get back from vacation."" |
"The UK authorities are operating a surveillance system where 'anything
goes' and their interceptions are more intrusive to people’s privacy than has been
seen in the US, Edward Snowden said. Speaking via Skype at
the Observer Ideas festival, held in central London, the whistleblower and former National
Security Agency specialist, said there were 'really no
limits' to the GCHQ’s surveillance capabilities. He
said: 'In the UK … is the system of regulation where anything goes. They collect
everything that might be interesting. It’s up to the government to justify why it
needs this. It’s not up to you to justify why it doesn’t … This is where
the danger is, when we think about … evidence being gathered against us but we
don’t have the opportunity to challenge that in courts. It undermines the entire
system of justice.' He also said he thought that the
lack of coverage by the UK papers of the story, or the hostile coverage of it, other than
by the Guardian, 'did a disservice to the public'...he said: 'What kind of world do we
want to live in? Do you want to live in a world in which governments make decisions behind
closed doors? And when you ask me, I say no.' He also issued his strongest warning yet
about how Silicon Valley firms were compromising the privacy of the public. Google and
Facebook, he said, were 'dangerous services'. His strongest condemnation was against
Dropbox and urged erasure of it from computers. It encrypted your data, he told the
audience, but kept the key and would give that to any government which asked.... The irony
of the fact that he was appearing via Google Hangout and Skype was not lost on the
audience. Later, he said: 'No kidding, right? I’m about to disconnect this machine
and toss it into a fire, though.' His more serious point was that he said he believed the
battle against the intrusions of big corporations into privacy was a much harder battle to
win than the governments’. He said later: 'The unexplored elephant is the
corporations – so privileged, so powerful in access, so unregulated – [and] are
then tapped by the government.[…] I don’t think it’s unreasonable to think
that major corporations have a hand in setting government policy today. Certainly in the
US, given our campaign finance issues.'" |
"At the headquarters of every police force in Britain is a small
office called the ‘Telecoms Intelligence Unit’ (TIU). There, police
officers can log in directly to the mainframe computers of three of four big mobile phone
companies – Vodafone, Three and EE – as well as BT and internet service
providers. EE comprises the former networks Orange and T-Mobile, whose police
interface was called Plod – an acronym for Police Liaison On-screen Database. Armed
with the required usernames and passwords, in a few keystrokes the officers can retrieve
confidential data from anyone’s telephone or computer use within minutes. Such swift access can save lives by finding an armed criminal on the run,
or help track a terrorist before he strikes – but critics believe the ease with which
police can access such information has led them to do so far more often than they should.
All it takes is a couple of senior officers within the force to sign off the request and
any officer can have those details on his screen. In theory, a safeguard system should
stop spurious or illegal requests, but with more than 2,000 applications for data access
under RIPA being processed each week across the UK, some wonder how effective that
oversight can be." |
"According to Edward Snowden, people who care about their privacy
should stay away from popular consumer internet services like Dropbox, Facebook, and
Google, reports online tech news TechCrunch. Snowden
conducted a remote interview as part of the New Yorker Festival, where he was asked a
couple of variants on the question of what we can do to protect our privacy. His first
answer called for a reform of government policies. Some people take the position that they
'don’t have anything to hide,' but he argued that when you say that, 'You’re
inverting the model of responsibility for how rights work': When you say, ‘I have
nothing to hide,’ you’re saying, ‘I don’t care about this right.’
You’re saying, ‘I don’t have this right, because I’ve got to the point
where I have to justify it.’ The way rights work is, the government has to justify
its intrusion into your rights. He added that on an individual level, people should seek
out encrypted tools and stop using services that are 'hostile to privacy.' For one thing,
he said you should 'get rid of Dropbox,' because it doesn’t support encryption, and
you should consider alternatives like SpiderOak. ... He
also suggested that while Facebook and Google have improved their security, they remain
'dangerous services' that people should avoid. ..
His final piece of advice on this front: Don’t send unencrypted text messages, but
instead use services like RedPhone and Silent Circle. Earlier in the interview, Snowden
dismissed claims that increased encryption on iOS will hurt crime-fighting efforts. Even
with that encryption, he said law enforcement officials can still ask for warrants that
will give them complete access to a suspect’s phone, which will include the key to
the encrypted data. Plus, companies like Apple, AT&T, and Verizon can be subpoenaed
for their data.... As for why Snowden hasn’t
come back to the United States to stand trial, he said that when he looked at how the US
government treated whistleblowers like Thomas Drake and Chelsea Manning, he became
convinced that wouldn’t be able to present his case to a jury in an open trial.
'I’ve told the government again and again in negotiations, you know, that if
they’re prepared to offer an open trial, a fair trial in the same way that Dan
Ellsberg got, and I’m allowed to make my case to the jury, I would love to do so,' he
said. 'But to this point they’ve declined.'" |
"The National Security Agency has had agents in China, Germany, and
South Korea working on programs that use 'physical subversion' to infiltrate and
compromise networks and devices, according to documents obtained by The Intercept. The
documents, leaked by NSA whistleblower Edward Snowden, also indicate that the agency has
used 'under cover' operatives to gain access to sensitive data and systems in the global
communications industry, and that these secret agents may have even dealt with American
firms. The documents describe a range of clandestine field activities that are among the
agency’s 'core secrets' when it comes to computer network attacks, details of which
are apparently shared with only a small number of officials outside the NSA. 'It’s something that many people have been wondering about for a
long time,' said Chris Soghoian, principal technologist for the American Civil Liberties
Union, after reviewing the documents. 'I’ve had conversations with executives at tech
companies about this precise thing. How do you know the NSA is not sending people into
your data centers?' Previous disclosures about the NSA’s corporate partnerships have
focused largely on U.S. companies providing the agency with vast amounts of customer data,
including phone records and email traffic. But documents published today by The Intercept
suggest that even as the agency uses secret operatives to penetrate them, companies have
also cooperated more broadly to undermine the physical infrastructure of the internet than
has been previously confirmed. In addition to so-called 'close access' operations, the NSA’s 'core secrets' include the fact that the agency
works with U.S. and foreign companies to weaken their encryption systems; the fact that
the NSA spends 'hundreds of millions of dollars' on technology to defeat commercial
encryption; and the fact that the agency works with U.S. and foreign companies to
penetrate computer networks, possibly without the knowledge of the host countries. Many of the NSA’s core secrets concern its relationships to domestic
and foreign corporations. Some of the documents in this article appear in a new
documentary, CITIZENFOUR, which tells the story of the Snowden disclosures and is directed
by Intercept co-founder Laura Poitras. The documents
describe a panoply of programs classified with the rare designation of 'Exceptionally
Compartmented Information,' or ECI, which are only disclosed to a 'very select' number of
government officials." |
"The investigative journalist Glenn Greenwald has found a second
leaker inside the US intelligence agencies, according to a new
documentary about Edward Snowden that premiered in New York on Friday night. Towards
the end of filmmaker Laura Poitras’s portrait of Snowden – titled Citizenfour,
the label he used when he first contacted her – Greenwald is seen telling Snowden
about a second source. Snowden, at a meeting with
Greenwald in Moscow, expresses surprise at the level of information apparently coming from
this new source. Greenwald, fearing he will be overheard, writes the details on scraps of
paper. The specific information relates to the number
of the people on the US government’s watchlist of people under surveillance as a
potential threat or as a suspect. The figure is an astonishing 1.2 million. The scene comes after speculation in August by government officials,
reported by CNN, that there was a second leaker. The assessment was made on the basis that
Snowden was not identified as usual as the source and because at least one piece of
information only became available after he ceased to be an NSA contractor and went on the
run." |
"CITIZENFOUR, the new film by Intercept co-founding editor Laura
Poitras, premiered this evening at the New York Film Festival, and will be in theaters
around the country beginning October 24. Using all first-hand, real-time footage, it
chronicles the extraordinary odyssey of Edward Snowden in Hong Kong while he worked with
journalists, as well the aftermath of the disclosures for the NSA whistleblower himself
and for countries and governments around the world.The
film provides the first-ever character study of Snowden and his courageous whistleblowing,
contains significant new revelations about all of these events, and will undoubtedly be
discussed for years to come. But one seemingly banal — yet actually quite significant
— revelation from the film is worth separately highlighting: In July of this year,
Snowden’s long-time girlfriend, Lindsay Mills, moved to Moscow to live with him.
Vital to the U.S. government and its assorted loyalists in the commentariat is to depict
whistleblowers as destined to live miserable lives. That’s the key to their attempt
to deter unwanted disclosure: the message that doing so will result in the full-scale
destruction of one’s life. That’s what explains the grotesquely severe
mistreatment and 35-year prison term for Chelsea Manning, as well as the repeated, gleeful
predictions that Snowden will 'end up like Kim Philby,' the British defector to the Soviet
Union who, it is claimed, died a premature death from alcoholism, solitude and all-around
deprivation. The reality is that none of that has ever applied to Edward Snowden.
Particularly when compared to what he expected his life to be upon deciding to embark on
the whistleblowing path — decades of imprisonment in the harsh American penal state,
if not worse — his post-Hong Kong life has been fulfilling and rewarding. He speaks,
and writes, and is interviewed, and has become an important voice in the global debate he
triggered." |
"The impact of US government surveillance on tech firms and the
economy is going to get worse before it gets better, leaders at some of the biggest tech
firms warned US Sen. Ron Wyden on Wednesday during a roundtable on the impact of US
government surveillance on the digital economy. The
senior Democratic senator from Oregon took the floor at the Palo Alto High School
gymnasium -- where he played high school basketball well enough to earn a college
scholarship for his court-side abilities more than 50 years ago -- to discuss the economic
impact and future risks of US government surveillance on technology firms. Google
Executive Chairman Eric Schmidt, who has been outspoken on the topic, pulled no punches
with his assessment of how the spying scandal has and will continue to impact Google and
other tech companies. The impact is "severe and is getting worse," Schmidt said.
"We're going to wind up breaking the Internet." Also
on the panel with Schmidt was Microsoft General Counsel Brad Smith, another critic who
became more outspoken of government surveillance after Edward Snowden leaked National
Security Agency documents in 2013 that showed a much wider federal spying apparatus than
previously believed. "Just as people won't put their money in a bank they won't
trust, people won't use an Internet they won't trust," Smith said. Panelist Ramsey
Homsany, general counsel for online storage company Dropbox, said the trust between
customers and businesses that is at the core of the Internet's economic engine has begun
to "rot it from the inside out." "The trust element is extremely
insidious," Homsany said. "It's about personal emails, it's about photos, it's
about plans, it's about medical records." The documents leaked by Snowden indicate
that the US government has been collecting a record of most calls made within the US,
including the initiating and receiving phone numbers, and the length of the call; emails,
Facebook posts and instant messages of an unspecified number of people; and the vast
majority of unencrypted Internet traffic including searches and social media posts.
Documents from Snowden show that the British equivalent of the NSA, the Government
Communications Headquarters (GCHQ), has a similar program....Smith noted that 96 percent of the world does not live in the US, and
that the American tech economy depends on convincing them that American tech services are
trustworthy. "Foreign data centers would compromise American [economic] growth"
and leadership, he said. Abroad, efforts are already underway to force international tech
companies to be more respectful of their own national interests -- efforts that could
erode consumer trust further, said Wyden. German Chancellor Angela Merkel has said
publicly that Germany is looking at European email service providers so that their
messages "don't have to go across the Atlantic." The
government of Brazil's President Dilma Rousseff is considering forcing US tech firms to
build data centers in Brazil, if they want to do business with Brazil. The biggest
indication of the decline of America's ability to guide the Internet, according to Wyden,
is that Chinese officials told the senator earlier this summer that they considered the
Chinese theft of US tech trade secrets no different than US government surveillance of
foreign governments and firms." |
"The US government may hack into servers outside the country
without a warrant, the Justice Department said in a new legal filling in the ongoing
prosecution of Ross Ulbricht. The government
believes that Ulbricht is the operator of the Silk Road illicit drug website.
Monday's filing in New York federal court centers on the legal brouhaha of how the
government found the Silk Road servers in Iceland. Ulbricht said last week that the
government's position—that a leaky CAPTCHA on the site's login led them to the IP
address—was 'implausible'
and that the government (perhaps the National Security Agency) may have unlawfully hacked
into the site to discover its whereabouts." |
"Long before Americans
were introduced to the new 9/11 era super-villains called ISIS and Khorasan, senior Obama
officials were
openly and explicitly stating that America’s 'war on terror,' already 12
years old, would last at least another decade. At first, they injected these
decrees only anonymously; in late 2012, The Washington Post - disclosing the
administration’s secret creation of a 'disposition matrix' to decide who should be
killed, imprisoned without charges, or otherwise 'disposed' of - reported
these remarkable facts: 'Among senior Obama administration officials, there is a broad
consensus that such operations are likely to be extended at least another decade.
Given the way al-Qaida continues to metastasize, some officials said no clear end is
in sight. . . . That timeline suggests that the United States has reached only the
midpoint of what was once known as the global war on terrorism.' ' In May, 2013, the
Senate Armed Services Committee held a hearing on whether it should revise the 2001
Authorization to Use Military Force (AUMF). A committee member asked a senior Pentagon
official, Assistant Secretary Michael Sheehan, how long the war on terror would last; his reply: 'At least 10 to 20
years.' At least. A Pentagon spokesperson confirmed afterward 'that Sheehan
meant the conflict is likely to last 10 to 20 more years from today — atop
the 12 years that the conflict has already lasted.' As Spencer Ackerman put it: 'Welcome
to America’s Thirty Years War,' one which – by the Obama
administration’s own reasoning – has 'no geographic limit.' Listening to all
this, Maine’s independent Sen. Angus King said: 'This is the most astounding and most
astoundingly disturbing hearing that I’ve been to since I’ve been here. You guys have essentially rewritten the Constitution today.'
Former Bush DOJ lawyer Jack Goldsmith himself an ardent advocate of broad presidential
powers was at the hearing and
noted that nobody even knows against whom this endless war is being waged:
'Amazingly, there is a very large question even in the Armed Services Committee about who
the United States is at war against and where, and how those determinations are made.' All of that received remarkably little attention given its obvious
significance. But any doubts about whether Endless
War literally is official American doctrine should be permanently erased by this
week’s comments from two leading Democrats, both former top national security
officials in the Obama administration, one of whom is likely to be the next American
president. Leon Panetta, the long-time Democratic Party operative who served as
Obama’s Defense Secretary and CIA Director, said
this week of Obama’s new bombing campaign: 'I think
we’re looking at kind of a 30-year war.' Only in America
are new 30-year wars spoken of so casually, the way other countries speak of weather
changes. He added that the war 'will have to extend
beyond Islamic State to include emerging threats in Nigeria, Somalia, Yemen, Libya and
elsewhere.' And elsewhere: not just a new decades-long war with no temporal limits,
but no geographic ones either. He criticized Obama – who has bombed
7 predominantly Muslim countries plus the
Muslim minority in the Phillipines (almost
double the number of countries Bush bombed) – for being insufficiently
militaristic, despite the fact that Obama officials themselves have already
instructed the public to think of The New War' in terms of years.' Then we have
Hillary Clinton (whom Panetta gushed would make a 'great' president). At an event in Ottawa yesterday, she
proclaimed that the fight against these 'militants' will' be a long-term
struggle' that should entail an 'information war' as'well as an air war.' The new war, she
said, is 'essential' and the U.S. shies away from fighting it 'at our peril.' Like Panetta
(and most
establishment Republicans), Clinton made
clear in her book that virtually all of her disagreements with Obama’s foreign
policy were the by-product of her view of Obama as insufficiently hawkish, militaristic
and confrontational. At this point, it is literally
inconceivable to imagine the U.S. not at war. It would be shocking if that happened in our
lifetime. U.S. officials are now all but openly saying this. 'Endless War' is not dramatic
rhetorical license but a precise description of America’s foreign policy. It’s
not hard to see why. A state of endless war justifies
ever-increasing state power and secrecy and a further erosion of rights. It also entails a massive
transfer of public wealth to the 'homeland security' and weapons industry (which the
US media deceptively calls the'defense sector')." |
"Britons must accept a greater loss of digital freedoms in return
for greater safety from serious criminals and terrorists in the internet age, according to
the country’s top law enforcement officer. Keith Bristow, director general of the
National Crime Agency, said in an interview with the Guardian that it would be necessary
to win public consent for new powers to monitor data about emails and phone calls. Warning that the biggest threats to public safety are migrating to the
internet and that crime fighters are scrambling to keep up, the NCA boss said he accepted
he had not done a good enough job explaining to the public why the greater powers were
necessary.'What we have needs to be modernised … we are losing capability and
coverage of serious criminals.' But the boss of the organisation known informally as
Britain’s FBI warned that support must be gained from the public for any new powers
that would give the state greater access to communications data, dubbed the'snoopers’
charter' by critics. He said:'If we seek to operate outside of what the public consent to,
that, for me, by definition, is not policing by consent … the consent is expressed
through legislation.' He added that it was necessary to win'the public consent to losing
some freedoms in return for greater safety and security'. Last week the home secretary,
Theresa May, backed the introduction of greater mass surveillance powers, and committed
the Conservatives to implementing the communications data bill that had been blocked by
the Liberal Democrats amid protests over civil liberties." |
"The security services are getting desperate. Over the
last 4 years they, and their political figurehead May, have tried time and time again to
push mass surveillance through Parliament. Whenever a security scare arises or a
trial of alleged terrorists or belated arrests over a drugs scandal, the cry is
always foisted on the public that what we need is a comprehensive snoopers’ charter
which will record all the communications of all the citizens in the UK. No
mention of the fact that they have already been doing this for over a decade through
GCHQ’s Tempora and Bullrun programmes as Snowden revealed, and what they desperately
want now is to legitimize their illegal activities. No mention that they already infiltrating our smartphones via the
Dreamy Smurf programme which can turn them on even when we’ve switched them
off. No mention that Nosey Smurf can turn on the microphone in a mobile
remotely to listen in to our conversations, nor of Tracker Smurf which can track our
location in real time. A taste of how urgently GCHQ and MI5 are demanding parliamentary
cover was shown a few months ago when May rammed emergency data retention legislation
through the Commons in a single day, thus preventing proper debate and scrutiny –
even though there was in fact no emergency! Now
we see there is yet another concerted push to get this past the parliamentary
barrier. May devoted most of her speech to it at the Tory party conference last
week, and today the director general of the National Crime Agency throws in his
penn’orth by assuring us that the security and police services cannot do their job
without these new powers (or rather, old powers made legitimate). We all agree that what
is needed is a system that protects the public whilst having minimal impact on
citizens’ privacy. What we’ve got however is the opposite: a system
that doesn’t protect us, but is highly intrusive. We collect far more
information than we can possibly sensibly use, and often fail, both in the US and in the
UK, to use even the information we do obtain. Before
9/11 the US NSA monitored traffic through the al-Qaeda communications hub in the Yemen,
but failed to pass it on to the FBI. The CIA also knew that two of the
hijackers were in the US prior to 9/11, but failed to warn the FBI. In the UK the 7/7 bombers were known to the intelligence agencies,
but the security and police forces failed to act on the information effectively. When the
whistleblower Snowden revealed the hitherto unknown huge extent of routine surveillance,
it is extraordinary that the response was not a chastened apology to the public for
systematically deceiving them for years, but rather an absurd: ‘We may collect the
data but we don’t look at it, or if we look at it we don’t remember it, or if we
do remember it, we don’t use it’! The
truth is, the security services are more interested in protecting the system than the
public." |
"David Cameron’s surveillance watchdog has ordered police forces
across the country to disclose full details about their controversial use of anti-terror
laws to spy on journalists. Sir Paul Kennedy, the Interception of Communication
Commissioner who reports directly to the Prime Minister, said he would conduct a'full
inquiry' into how police obtained telephone records to trace
reporters’ confidential sources. The move follows an outcry over law enforcement’s use of the
Regulation of Investigatory Powers Act (Ripa) – originally introduced to combat
serious crime and terrorism – to target whistleblowers who contact the media with
uncomfortable truths about the state. Sir Paul’s announcement came 24 hours after it
emerged that Kent Police used Ripa to trawl through thousands of numbers called by
journalists from the newsdesk at the Mail on Sunday, in a bid to identify the anonymous
source who helped to reveal that the former cabinet minister Chris Huhne had illegally
conspired to have his speeding points attributed to his wife. In this case, the use of
Ripa – an intrusive power introduced in 2000 to safeguard national security which
requires only the approval of a senior police officer – avoided the normal legal
process protecting reporters’ sources, which requires the approval of a judge. Sir
Paul also urged ministers to accelerate plans to protect journalists, lawyers and others
who handle privileged information, including confidential helplines, from intrusive police
surveillance. He pledged that the results of his investigation would be made public.
Official statistics reveal police and security services obtained communications records
under Ripa more than 514,000 times last year – more than 1,400 times a day.
Professionals who handle sensitive information, including lawyers and journalists, are
supposed to enjoy protections from snooping by the police under the Police and Criminal
Evidence Act. But Ripa allows the police to sidestep these safeguards. The Mail on Sunday revealed at the weekend that Kent Police
trawled through thousands of numbers called by journalists from a landline at its newsdesk
over 12 months. They did so to trace the person behind the story about Mr Huhne –
even though a judge had ruled in separate proceedings that the source should remain
confidential." |
"Thousands
of innocent people have been wrongly spied on by the police and other public bodies
because of sloppy administrative errors, The Times can reveal. Authorities routinely use sweeping legal powers to collect phone
and internet records secretly, but there are growing fears that the powers are being
abused. In some cases the wrong people are being pursued because of basic mistakes. Almost
3,000 people in three years had their records seized and examined in error. In at least 11 cases blunders have led to innocent people being wrongly
arrested, accused of crimes or having their houses searched." |
"The
bald truth is that most companies are pretty bad at recruitment. Nearly half of new
recruits turn out to be duds within 18 months, according to one study, while two-thirds of hiring
managers admit they've often chosen the wrong people. And the main reason for failure is
not because applicants didn't have the requisite skills, but because their personalities
clashed with the company's culture. So these days
employers are resorting to big data analytics and other new methods to help make the
fraught process of hiring and firing more scientific and effective. For job hunters, this
means success is now as much to do with your online data trail as your finely crafted
CV....In addition to all the historic data analysts have at their disposal, social media
is offering recruiters a rich new vein of real-time data. Our blogs, websites, Twitter
rants and LinkedIn profiles reveal as much - if not more - about us than a
semi-fictionalised CV. 'The days of keeping your
personal and professional profiles separate are over,' warns Experis's Geoff Smith.
'Social media is a great platform for individuals to demonstrate their expertise,
experience and enthusiasm for their field of specialism. However, candidates need to be
conscious of the online reputation they are building and the data trail they are leaving
behind.' A growing number of tech companies are offering tools that can sift through
masses of social media data and spot patterns of behaviour and sentiment.... 'Online tools, such as Sprout Social and Hootsuite enable our
recruiters to keep an ear to the ground on what's going on with their clients, candidates
and in the sectors we're working in,' says Mr Smith. Konetic's Paul Finch agrees that
applicants need to be aware what image their online profiles project. 'It's all about
reputation. If people can't manage their own reputations, how are they going to protect
the reputations of their future employers?' he asks." |
"Nearly 30 years ago, I sat in a two-hour seminar with a former
head of the American National Security Agency - a fluent Russian scholar who had been at
the centre of the still-unfinished Cold War, and who had known most of the western
alliance's deepest secrets since the end of World War II. He did not think that US
government secrecy over any of the things said or done in the interests of the US, or any
of its capabilities much still secret, had ever advanced its interests. He could think of many times when it had worked against its interests.
Secrecy had meant that some of those who might have poured cold water over intrinsically
silly ideas (he instanced the 1961 Bay of Pigs invasion) had not been in the know and
therefore could not do so. Secrecy had often prevented people who ought to have known from
stopping very morally dubious operations, including CIA assassination programs. Secrecy had often been used to disguise hypocrisy of a very high order -
when governments and military or intelligence bodies were saying one thing and doing the
opposite, to their ultimate embarrassment and confusion. The
objection to that was not necessarily that astute operators were covering both bases, or
taking out 'insurance policies' against possible events, but that those involved almost
inevitably tended to lose sight of their objectives, without any accountability for their
actions. Inevitably, compulsive secrecy became as much
focused on cover-up - sometimes of criminal behaviour - and the avoidance of political,
bureaucratic or organisational accountability, as often as
not for stupidity, failure to take some obvious factor into account or placing too much
emphasis on some silly pet theory. He thought highly
of the brilliance of many inside the American national security umbrella, but he also
thought their thinking and analysis invariably benefited from being open to debate from
those outside the umbrella. He reminded us also that the New York Times had learnt of
plans for the Bay of Pigs invasion, and had reluctantly acceded to desperate pleas, some
from President John Kennedy himself, to keep mum, at least until the operation was over.
The Times gave in, because its editors were afraid of being blamed if the operation were a
disaster, as it proved to be. Later Kennedy told editors that he blamed them for listening
to him; they should have disclosed, compromised the operation, and saved him and the US
from the embarrassment, the humiliation and the lying that followed. This man's 1980s
briefing was in the wake of the Church committee investigations into misadventures and
misbehaviour by intelligence agencies, Watergate, the Pentagon papers case (where the
Times ignored American government national security pleas) and the comprehensive defeat of
American (and Australian) arms and intelligence during the Vietnam War. There have been
sundry American military and victories and defeats since, but I have heard or seen nothing
which would make me prefer the judgment of George Brandis (or Mark Dreyfus), Tony Abbott
(or Bill Shorten) or Angus Campbell (or Duncan Lewis) over his." |
"Parents should be aware that their children can be tracked online, the
former head of MI6 has warned. Sir John Scarlett said children and teenagers were more
relaxed about the information they gave online than those even a little older. He also
said the public should be more worried about threats from
terrorists and international criminal networks than the government snooping on them. Sir John was head of the British Secret Intelligence Service for five
years. Speaking before he addressed the Headmasters'
and Headmistresses' Conference (HMC) annual conference in Newport, south Wales, Sir John
said the technological environment had changed rapidly. "You've got to know what your
children are doing. It's very difficult to know exactly what they're doing in particular
when they're on a tablet or something they've got and you've got to have some kind of
idea. "They are extremely vulnerable, everybody is, to a whole range of things.
Clearly when they're young children they're particularly vulnerable to predators."
Sir John went on: "Personally what worries me, in a way, most, is tracking devices.
"The way in which locational apps, for example, are now quite freely available, of
course you can start off by consciously giving out that information, but once you've done
that, you've lost control of it." There was a need for everyone to be aware that,
once information was shared online, for example through using a search engine, it could be
used by different firms, Sir John said. Youngsters could also be tracked through getting
into conversations online, or by using apps that used an individual's location. .... There
are individuals who are able to track someone "right down to more or less precisely
where you are".... He also argued that the public should be less worried about
widespread government snooping. "I think we're worrying in a way about the wrong
thing. "Potentially that capability for mass and uncontrolled snooping is clearly
there. Technically it can be done." The former spy chief warned that in general,
there was "no absolute protection" against a determined online attack. The
public could protect themselves by using passwords and other measures against 80% of
intrusions, he said, but "everybody has to understand that you can't be absolutely
certain that somebody somewhere won't get it". Sir John, who was chief of the British
Secret Intelligence Service until 2009, said: "There are authoritarian states out
there, there are terrorists out there, there's a massively growing organised criminal
international network out there."" |
"The powers granted to the National Security Agency to spy on
millions of Americans and people abroad were vested by a little-known executive order
that—until now—has received scant scrutiny or oversight, newly uncovered
government documents revealed on Monday. Executive
Order 12333, passed in 1981 by President Ronald Reagan, is the 'main game in town for
NSA surveillance,' according to Alex Abdo, staff attorney for the American Civil Liberties
Union, which obtained internal documents on the order through a Freedom of Information
request. One of the documents, an internal
surveillance manual published by the NSA, describes
EO 12333 as the 'primary source' of their intelligence-gathering authority. And a 'Legal
Fact Sheet,' distributed by the NSA two weeks after Edward Snowden disclosed their
widespread surveillance, says that the agency conducts the majority of their intelligence
gathering through signal interruption (or SIGNIT) 'pursuant to the authority by EO 1233.' Unlike Section 215 of the Patriot Act or the FISA Amendments
Act—which thus far have been the focus of public debate—the executive branch is
alone in implementing EO 12333, meaning that there is essentially no oversight from
Congress nor the court system. 'We've already seen
that the NSA has taken a 'collect it all' mentality even with the authorities that are
overseen by Congress and the courts,' Abdo continues. 'If that history is any lesson, we
should expect—and, indeed, we have seen glimpses of—even more out-of-control
spying under EO 12333.' According to Abdo's analysis
of the documents, which were published by the NSA as well as the Defense Intelligence
Agency among others, EO 12333 allows the government
to monitor any international communication that contains any alleged 'foreign intelligence
information.' 'That phrase is defined so nebulously
that it could be read to encompass virtually every communication with one end outside the
United States,' Abdo writes." |
"The inventor of the world wide web has warned that the freedom of
the internet is under threat by governments and corporations interested in controlling the
web.Tim Berners-Lee, the British computer scientist who invented the web 25 years ago,
called on Saturday for a bill of rights that would guarantee the independence of the
internet and ensure users’ privacy. 'If a company can control your access to the
internet, if they can control which websites they go to, then they have tremendous control
over your life,' Berners-Lee said at the Web We Want festival on the future of the
internet in London. 'If a government can block you going to, for example, the
opposition’s political pages, then they can give you a blinkered view of reality to
keep themselves in power.' 'Suddenly the power to abuse the open internet has become so
tempting both for government and big companies.' Berners-Lee,
59, is director of the World Wide Web Consortium, a body which develops guidelines for the
development of the internet. He called for an
internet version of the Magna Carta, the 13th century English charter credited with
guaranteeing basic rights and freedoms. Concerns
over privacy and freedom on the internet have increased in the wake of the revelation of
mass government monitoring of online activity following leaks by former US intelligence
contractor Edward Snowden." |
"Private information stored online by British computer users could
be scrutinised by American law enforcement agencies under a wide-ranging new
right-to-snoop being pursued by the US government. Federal authorities in the US are using
the courts to try to force American-owned technology companies to disclose emails and
other data held in the 'Cloud' - the vast network of servers where data is stored for
customers. The claim would require companies such as Microsoft, Apple and Google to open
up all their electronic records to agencies - such as the CIA, the NSA and the FBI –
even if it is stored in Europe rather than on US soil. A New York court this month ordered Microsoft to hand over to US
prosecutors the emails of a European customer stored on its servers in Ireland, as part of
a drugs trafficking investigation. Loretta Preska, the judge, ruled that the technology
giant must comply with the US warrant because the company is American, even though it
could be breaking Irish and EU law if it did so. Microsoft is fighting the order, with the
latest stage in its appeal due to begin in December. The company, which is supported by
other tech giants, has indicated it will take its battle to the Supreme Court if it loses.
If the US government wins the case, data stored by British customers in the 'Cloud' would
be open to inspection by American investigators. It would also affect details held about
people in this country even if they never use the internet, as companies and even
government departments use the services of American-owned companies to hold information in
the 'Cloud'. The insecure nature of 'Cloud' storage has already been highlighted by the
disclosure of intimate pictures of more than 100 Hollywood actors, such as Jennifer
Lawrence, and other celebrities after they were stolen by hackers from Apple's iCloud
service. John Hemming, the MP for Birmingham Yardley
and an information technology expert, has now raised fears about the implications for the
security of parliamentary data. The electronic mailboxes of MPs and peers, which had
previously been held on an in-house parliamentary system, were switched in July to Microsoft servers based in Ireland and the
Netherlands. Mr Hemming told the Telegraph that
warrants could be granted at the US Foreign Intelligence Surveillance (FISA) court, which
sits in private, and MPs would not even know that their emails were being monitored." |
"It is tracking your every move recording the exact time you left
for work, where you bought your coffee and where you like to shop. But this isn’t a
futuristic spy drone or some sinister Big Brother state – it’s the iPhone
sitting in your pocket. Hidden in Apple phones is a function which logs every journey. The
iPhones are then able to analyse the data to figure out where you live and work, basing
decisions on the frequency and timing of trips. The function – called the Frequent
Locations feature – was quietly introduced to iPhones a year ago. But since access to
the programme is buried beneath five layers of settings menus, few people know it exists. Apple claims the data never leaves your phone without your permission,
and that it was only designed to improve mapping services. But
Professor Noel Sharkey, one of Britain’s leading computing experts, described
Apple’s ability to track people as ‘terrifying’. ‘This is
shocking,’ he said. ‘Every place you go, where you shop, where you have a drink
– it is all recorded. This is a divorce lawyer’s dream. But what horrifies me is
that it is so secret. Why did we not know about this?’ Smartphones have had the ability to track their owners’ movements
since they were first installed with GPS chips and mapping functions. But this feature,
which is automatically installed on any iPhone with the iOS 7 or an iOS 8 operating
system, is the first to display the movements clearly on a map. The phone records the date
of every one of your journeys, your time of arrival and departure and how many times you
have been to each address. Apple insists the data
only leaves the phone if users gives their consent by selecting the Improve Maps option in
the phone’s privacy menu. But campaigners say the data could be seen by a snooping
boss, a jealous wife, or even seized by police or an authoritarian government. The revelation comes at the end of a week in which Apple saw £12billion
wiped off its value after a glitch left iPhone 6 owners unable to get a signal – and
some owners of the new slimline iPhone 6 Plus bent their frames. In an open letter this
month, Apple chief executive Tim Cook said: ‘Our business model is very
straightforward. We don’t 'monetize' the information on your iPhone or in
iCloud.’ But Professor Sharkey said: ‘Apple might promise not to use our
location information for advertising. And many of our authorities might be quite
benevolent at the moment. But if you put that information in someone else’s hands,
then it becomes powerful, and in some cases, dangerous.’" |
"A
CCTV operator who was convicted of spying on a woman in north Belfast with a police camera
has been jailed for a total of eight months. Ciaran
McCleave, 51, of Collinward Gardens, Newtownabbey, was convicted of voyeurism and
misconduct in a public office at Antrim Road police station. The court heard, he had
directed a camera at a woman's apartment for 79 minutes over a 26-day period. A
judge said he had spied on the woman for his own 'sexual gratification'. On one occasion,
the woman was viewed in her underwear after coming out of the shower. The camera he used
was supposed to monitor a north Belfast interface." |
"US spy planes are flying above
Britain monitoring telephone and computer signals in
a bid to track down British terrorist Jihadi John and those who are communicating with
him. The aircraft, manned by British pilots and
carrying FBI agents, are equipped with technology so advanced they can detect heat coming
off a keyboard when a button is pressed....The
signals and data collected by the spy planes is being sent back to the US to be analysed,
the Sunday
Express reported.... An intelligence services
source said the delicate detection equipment on board the planes had previously been used
successfully to work out a suspected terrorist's computer password because of the heat
signature left on the keys." |
"Sir John [Sawers, head of MI6] told the Financial Times that the lesson of Afghanistan and Iraq was that
a government can be toppled in months but it then takes years to rebuild the country....
Sir John repeated his warning that the intelligence leaks by former CIA contractor Edward
Snowden, published by the Guardian, had damaged the ability to tracked terrorists. But he said that while the Snowden leaks had caused some people to
question whether the spy agencies were on their side, he insisted there was still
'overwhelming support for us'." |
"Renegade former American intelligence analyst Edward Snowden
claims the US National Security Agency, for which he used to work, has a facility in
Auckland and another in the north. 'You are being
watched.' Snowden, who is sheltering in Moscow from US attempts to extradite him on
espionage charges, appeared by video link before a capacity crowd at the Kim
Dotcom-organised Moment of Truth event in Auckland Town Hall last night." |
"WikiLeaks has released more information on controversial commercial
surveillance tools, criticising the German government for not blocking a 'weaponised
malware' developer from shipping its code to countries with regimes with poor human rights
records. WikiLeaks’ latest Spy
Files publication included some previously unreleased versions of the malware in
question, produced by FinFisher,
a German firm that used to be part of UK-based Gamma International. FinFisher can infect
Apple OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and
Windows Phone devices. The files, originally obtained by a hacker going by the name Phineas Fisher in August, should be used to
improve detection systems to protect people’s PCs and mobiles, WikiLeaks said. The organisation also believes the files will help researchers uncover
further human rights abuses related to FinFisher, which can be used to siphon off data
from machines and spy on communications, from email to Skype. According
to the leaks, FinFisher customers include law enforcement and government agencies in
Australia, Bahrain, Bangladesh, Belgium, Bosnia & Herzegovina, Estonia, Hungary,
Italy, Mongolia, Netherlands, Nigeria, Pakistan, Singapore, Slovakia, South Africa and
Vietnam. This backs up data from Citizen Lab, a
Toronto-based non-profit that focuses on protecting activists online, which last year
released details
on apparent use of FinFisher in 25 countries. The FinFisher suite of spy software was
originally brought to light when documents were found in the offices of Egypt’s
secret police after former president Hosni Mubarak was deposed. Since then, activists from
Ethiopia and Bahrain, amongst other nations, claimed to have been targeted by governments
using FinFisher. WikiLeaks said Germany should take action to stop the malware spreading.
'FinFisher continues to operate brazenly from Germany selling weaponised surveillance
malware to some of the most abusive regimes in the world. The Merkel government pretends
to be concerned about privacy, but its actions speak otherwise,' said Julian Assange,
WikiLeaks’ editor in chief." Wikileaks releases FinFisher files to highlight government malware abuse Guardian, 16 September 2014 |
"In
Moscow this summer, while reporting a
story for Wired magazine, I had the rare opportunity to hang out for three days with
Edward J. Snowden. It gave me a chance to get a deeper understanding of who he is and why,
as a National Security Agency contractor, he took the momentous step of leaking hundreds
of thousands of classified documents. Among his most
shocking discoveries, he told me, was the fact that the N.S.A. was routinely passing along
the private communications of Americans to a large and very secretive Israeli military
organization known as Unit 8200. This transfer of intercepts, he said, included the
contents of the communications as well as metadata such as who was calling whom.
Typically, when such sensitive information is transferred to another country, it would
first be 'minimized,' meaning that names and other personally identifiable information
would be removed. But when sharing with Israel, the N.S.A. evidently did not ensure that
the data was modified in this way. Mr. Snowden
stressed that the transfer of intercepts to Israel contained the communications —
email as well as phone calls — of countless Arab- and Palestinian-Americans whose
relatives in Israel and the Palestinian territories could become targets based on the
communications. 'I think that’s amazing,' he told me. 'It’s one of the biggest
abuses we’ve seen.' It appears that Mr.
Snowden’s fears were warranted. Last week, 43 veterans of Unit 8200 — many still
serving in the reserves — accused
the organization of startling abuses. In a letter to their commanders, to Prime
Minister Benjamin Netanyahu and to the head of the Israeli army, they charged that Israel
used information collected against innocent Palestinians for 'political persecution.' In
testimonies and interviews given
to the media, they specified that data were gathered on Palestinians’
sexual orientations, infidelities, money problems, family medical conditions and other
private matters that could be used to coerce Palestinians into becoming collaborators or
create divisions in their society. The veterans of Unit 8200 declared that they had a 'moral duty' to no
longer 'take part in the state’s actions against Palestinians.' An Israeli military
spokesman disputed the letter’s overall drift but said the charges would be examined.
It should trouble the American public that some or
much of the information in question — intended not for national security purposes but
simply to pursue political agendas — may have come directly from the N.S.A.’s
domestic dragnet. According to documents leaked by
Mr. Snowden and reported
by the British newspaper The Guardian, the N.S.A. has been sending intelligence to
Israel since at least March 2009. The memorandum of agreement between the N.S.A. and its
Israeli counterpart covers virtually all forms of communication, including but not limited
to 'unevaluated and unminimized transcripts, gists, facsimiles, telex, voice and Digital
Network Intelligence metadata and content.' The memo
also indicates that the N.S.A. does not filter out American communications before delivery
to Israel; indeed, the agency 'routinely sends'
unminimized data.Although the memo emphasizes that Israel should make use of the
intercepts in accordance with United States law, it also notes that the agreement is
legally unenforceable. 'This agreement,' it reads, 'is not intended to create any legally
enforceable rights and shall not be construed to be either an international agreement or a
legally binding instrument according to international law.' It should also trouble
Americans that the N.S.A. could head down a similar path in this country. Indeed, there is
some indication, from a top-secret 2012 document from Mr. Snowden’s leaked files that
I saw last year, that it already is. The document,
from Gen. Keith B. Alexander, then the director of the N.S.A., notes that the agency had
been compiling records of visits to pornographic websites and proposes using that
information to damage the reputations of people whom the agency considers 'radicalizers' — not necessarily
terrorists, but those attempting, through the use of incendiary speech, to radicalize
others. (The Huffington Post has published
a redacted version of the document.). In Moscow,
Mr. Snowden told me that the document reminded him of the F.B.I.’s overreach during
the days of J. Edgar Hoover, when the bureau abused its powers to monitor and harass
political activists. 'It’s much like how the F.B.I. tried to use Martin Luther
King’s infidelity to talk him into killing himself,' he said. 'We said those kinds of
things were inappropriate back in the ’60s. Why are we doing that now? Why are we
getting involved in this again?'" |
"In a
post published on The Intercept website on Monday afternoon, Mr
Snowden - a former analyst at the US National Security Agency (NSA) - says he came across
the communications of New Zealanders in his work. 'If you live in New Zealand, you are
being watched,' he wrote. Prime Minister John Key's claim that there never has been any
mass surveillance by the Government Communications Security Bureau was false, Mr Snowden
said. 'At the NSA I routinely came across the
communications of New Zealanders in my work with a mass surveillance tool we share with
GCSB, called XKEYSCORE. It allows total, granular access to the database of communications
collected in the course of mass surveillance. It is not limited to or even used largely
for the purposes of cybersecurity, as has been claimed, but is instead used primarily for reading individuals' private email, text
messages, and internet traffic,' Mr Snowden said. 'I
know this because it was my full-time job in Hawaii, where I worked every day in an NSA
facility with a top secret clearance.'" |
"The New South Wales police have used sophisticated hacking software to
monitor the phones and computers of Australians, according to documents published by
WikiLeaks. In a new cache published on Monday NSW police are listed as a client of
Gamma International, a German company that develops powerful spyware to remotely monitor
computer use. The documents show that NSW police have used several of the company’s
spy programs for a number of investigations at a cost of more than $2m. The software
– known as FinSpy –
allows widespread access to computer records, including extracting files from hard drives,
grabbing images of computer screens, full Skype monitoring, logging keystrokes and
monitoring email and chat communications. 'When FinSpy is installed on a computer system it can be remotely
controlled and accessed as soon as it is connected to the internet/network, no matter
where in the world the target system is based,' earlier
documentation published by WikiLeaks said. In NSW the police can apply for a special
type of covert search warrant that would allow police to monitor computers remotely. The
warrants are obtained from an 'eligible judge' of the supreme court who is able to grant
warrants. The computer access possible under the program is extensive. In one
communication with the software developers, a NSW police officer writes that there are
risks that sensitive information – such as privileged communication with a lawyer
– could be caught by the program." |
"The Bureau of Investigative Journalism’s application to the Strasbourg Court challenges the government’s
use of covert surveillance powers to access and analyse journalistic information. We say
it is clearly contrary to fundamental human rights law. The background to BIJ’s
challenge is well known. Edward Snowden finally told us the facts. The government uses the
Regulation of Investigatory Powers Act 2000 (RIPA) to harvest huge quantities of our data.
This includes the content of our digital material and communications. It also includes our
communication data (or metadata) – the surrounding information about who we
communicate with, how, when, from where and so on. There is no targeting of subjects for
these investigations by GCHQ (such as particular individuals or premises). Instead there is blanket collection of data in
pursuit of broadly identified aims – such as the protection of national security and
prevention of crime. Authorisations under RIPA are
signed off routinely and on a rolling basis. This data is then analysed using hugely
sophisticated and intrusive programs to find out whatever it is the security state
considers it needs to know. RIPA was drafted before we all began to use digital
communications and information storage in any meaningful way. It is not designed to
protect our rights to privacy and freedom of expression – under Articles 8 and 10 of
the European Convention on Human Rights respectively – in the digital age. Everyone
knows now that RIPA is therefore no longer 'fit for purpose'. The practical and legal
consequences for journalists of this data harvesting are, however, less well known.
BIJ’s case is concerned with these. In the midst of the vast quantities of data being
indiscriminately collected and analysed are large quantities of journalistic information.
After all, journalism is a huge digital information industry in the UK. The days when
journalists met their confidential sources in the snug bar and jotted down handwritten
notes, or pocketed photocopied documents, are long gone. The tools of the trade are now
computers and mobile devices. The leaks can come in gargantuan numbers of bytes. No one
knows anything about what GCHQ does with the journalistic information it pulls in. This is
because, startlingly, neither the legislation nor government guidance about its use says
anything at all about this. But it is inevitable that some of GCHQ’s minute analysis
of the data will be giving it selective access to confidential journalistic material and
identifying sources. There is already much evidence that law enforcement agencies
increasingly seek to access such information for their own purposes. It is an easy way of
advancing their investigations. It can help to identify and deal with embarrassing
whistleblowers and can forewarn of awkward stories in the offing. The same is true for the
security and intelligence agencies. Article 10 of the
Convention, as interpreted by the Strasbourg Court, gives strong legal protections to
those engaging in public interest journalism. It is these rights that BIJ argues are being
flouted by this process. In particular, such journalists are entitled to protect
information which may identify a confidential source. Such sources are recognised as the
lifeblood of investigative journalism. State enforced disclosure of this type of
information deters future whistleblowers from approaching journalists. Journalistic
activity is 'chilled'. The journalists are less able to pass on important information and
ideas to the public. In this process our Article 10 rights to receive the product of this
journalism are interfered with by the state as well." |
"The U.S. National Security Agency and its British counterpart GCHQ gained
secret access to the networks of German Web providers including Deutsche Telekom AG as it
sought to peer into computers all over the world, according to a e-mails from the German
magazine Der Spiegel, citing documents provided by fugitive NSA employee Edward Snowden.
The agencies conducted an operation called 'Treasure Map,' which sought close to real-time
access to individual routers as well as computers,
smartphones and tablets connected to the Internet, Spiegel
reported Saturday in an e-mailed preview of an article to be published on Sept. 15. The
New York Times reported the existence of Treasure Map last year. Deutsche Telekom said it is investigating the allegations and hasn't
found evidence of manipulation or external access to its networks. The company, in an
e-mailed statement, said it has informed German authorities and is reviewing its networks
with external information-technology experts. Access by foreign security agencies would be
'completely unacceptable,' the Bonn-based company said in its statement." |
"Yahoo reports that
it is on the verge of releasing 1,500 pages of documents related to a long court
battle over its participation in the PRISM program, a National Security Agency
program revealed last summer as part of the Snowden leaks. A leaked
top-secret slide about PRISM shows that Yahoo was one of the first participants,
having begun contributing to the database in March of 2008. It did so under severe
duress. Company executives believed the government's demand for data was
'unconstitutional and overbroad' and fought it in court. 'Our challenge, and a later
appeal in the case, did not succeed,' explained Yahoo General Counsel Ron Bell in a blog
post published today. 'The Foreign Intelligence
Surveillance Court (FISC)... ordered us to give the U.S. Government the user data it
sought in the matter.' After it lost, Yahoo was threatened with $250,000 per day
fines if it didn't comply with the program. Not only that, but the government got
permission to share the ruling with other companies in order to put pressure on them as
well, according to a just-published story by The
Washington Post. Ultimately, Microsoft, Google, Facebook, YouTube, Skype, AOL, and Apple
would all participate in PRISM. Before it was discontinued in 2011, the program
gathered up vast amounts of what the government called 'metadata' about e-mail, including
who users e-mailed and when. The original order
to Yahoo in 2007 required the company to provide information on targets that were
outside the US, even if the person was a US citizen." |
"The War on Terror is
turning into a perpetual war. Thirteen years after the al-Qaeda attack on the twin towers
and the Pentagon, President Obama is preparing to enter a Middle Eastern country to
eradicate a new army of jihadists - and no one knows when or how he will ever be able to
to get out..... The problem is that, in a decade or more of being hunted around the globe,
the terrorists have developed an extraordinary resilience. When smashed, they splinter.
When bugged, they fall silent... Al-Qaeda is not a formal organisation like the mafia
clans. This [notion] was a useful tool for a while,
allowing the US, in particular, to expand electronic surveillance.... It is an idea, and a network. Islamic State, in particular, is
largely self-recruiting." |
"According to newly
published documents, the National Security Agency has built a “Google-like”
search interface for its vast database of metadata, and the agency shares it with dozens
of other American intelligence agencies. The new documents are part of the
Snowden leaks and were first published on Monday by The
Intercept. The new search tool, called ICREACH, is described
in an internal NSA presentation as a “large scale expansion of communications
metadata shared with [intelligence community] partners.” That same presentation shows
that ICREACH has been operational since the pilot launched in May 2007. Not only is data
being shared to more agencies, but there are more types of such data being
shared—ICREACH searches over 850 billion records. New data types being shared
include IMEI numbers (a unique identifier on each mobile handset), IMSI (another unique
identifier for SIM cards), GPS coordinates, e-mail address, and chat handles, among
others. Previously, such metadata was only limited to date, time, duration, called number,
and calling number. One
2005 document describes the predecessor to ICREACH, known as CRISSCROSS, as having
notable success in rendition, the controversial practice of secretly spiriting away
terrorism suspects from capture point to prison." |
"For the past five years, British spying nerve-center GCHQ has been
port scanning internet-connected computers in 27 countries – in a exhaustive hunt for systems to potentially exploit. That
bombshell comes amid fresh leaks detailing the dragnet surveillance programs operated by
the Five Eyes nations: America, UK, Canada, Australia and New Zealand. German publisher Heise reports
that the HACIENDA program scans open ports on all public-facing servers to seek out
vulnerable systems – a basic reconnaissance strategy adopted by countless hackers and
other curious folk. As well as simple port scans, GCHQ also stashes the banner text sent
by some server software to connecting clients, and other data. Assuming the server is telling the
truth, these banners can be useful because they typically declare the version number and
name of the software – this is information that can be used to look up exploits for
known vulnerabilities in the code. And we all know
GCHQ et al love
vulnerabilities.The Heise report – co-written by Snowden confidantes Jacob Appelbaum
and Laura Poitras – states HACIENDA sits besides GCHQ's previously exposed program of
tapping trans-Atlantic fibre-optic cables: 'The process of scanning entire countries and
looking for vulnerable network infrastructure to exploit is consistent with the meta-goal
of 'Mastering
the Internet', which is also the name of a GCHQ cable-tapping program: these spy
agencies try to attack every possible system they can, presumably as it might provide
access to further systems. Systems may be attacked
simply because they might eventually create a path towards a valuable espionage target,
even without actionable information indicating this will ever be the case. Using this
logic, every device is a target for colonisation, as each successfully exploited target is
theoretically useful as a means to infiltrating another possible target.'" |
"Nearly half of the people on the U.S. government’s widely
shared database of terrorist suspects are not connected to any known terrorist group,
according to classified
government documents obtained by The Intercept. Of the 680,000 people caught up in the
government’s Terrorist Screening Database—a watchlist of 'known or suspected
terrorists' that is shared with local law enforcement agencies, private contractors, and
foreign governments—more than 40 percent are described by the government as having
'no recognized terrorist group affiliation.' That
category—280,000 people—dwarfs the number of watchlisted people suspected of
ties to al Qaeda, Hamas, and Hezbollah combined. The documents, obtained from a source in
the intelligence community, also reveal that the Obama Administration has presided
over an unprecedented expansion of the terrorist screening system. Since taking office,
Obama has boosted the number of people on the no fly list more than ten-fold, to an
all-time high of 47,000—surpassing the number of people barred from flying under
George W. Bush. 'If everything is terrorism, then nothing is terrorism,' says David Gomez,
a former senior FBI special agent. The watchlisting system, he adds, is 'revving out of
control.'" |
"Remember that scene in
Minority Report, where Tom Cruise is on the run from the law, but is unable to avoid
detection because everywhere he goes there are constant retina scans feeding his location
back to a central database? That’s tomorrow. Today,
Google is tracking wherever your smartphone goes, and putting a neat red dot on a map to
mark the occasion. You can find that map here. All you need to do is log in
with the same account you use on your phone, and the record of everywhere you’ve been
for the last day to month will erupt across your screen like chicken pox. We all know that no matter what ‘privacy’ settings you may try
and implement, our information is all being collected and stored somewhere. That knowledge
sits in the back of our minds, and is easy to drown out by shoving in some headphones and
watching Adventure Time on repeat until everything stops being 1984. But it’s a
sharp jolt back to reality when you see a two dimensional image marking your daily commute
with occasional detours to the cinema or a friend’s house." |
"I confess to feeling
some kinship with Snowden. Like him, I was assigned to a National Security Agency unit in
Hawaii—in my case, as part of three years of active duty in the Navy during the
Vietnam War. Then, as a reservist in law school, I blew the whistle on the NSA when I
stumbled across a program that involved illegally eavesdropping on US citizens. I
testified about the program in a closed hearing before the Church Committee, the
congressional investigation that led to sweeping reforms of US intelligence abuses in the
1970s.... The same day I share pizza with Snowden in a Moscow hotel room, the US House of
Representatives moves to put the brakes on the NSA. By
a lopsided 293-to-123 tally, members vote to halt the agency’s practice of conducting
warrantless searches of a vast database that contains millions of Americans’ emails
and phone calls. “There’s no question Americans have become increasingly alarmed
with the breadth of unwarranted government surveillance programs used to store and search
their private data,” the Democratic and Republican sponsors announce in a joint
statement. “By adopting this amendment, Congress can take a sure step toward shutting
the back door on mass surveillance.” It’s one of
many proposed reforms that never would have happened had it not been for Snowden. ... It was in Geneva that Snowden
would see firsthand some of the moral compromises CIA agents made in the field. Because
spies were promoted based on the number of human sources they recruited, they tripped over
each other trying to sign up anyone they could, regardless of their value. Operatives
would get targets drunk enough to land in jail and then bail them out—putting the
target in their debt. “They do really risky things to recruit them that have really
negative, profound impacts on the person and would have profound impacts on our national
reputation if we got caught,” he says. “But we do it simply because we
can.” While
in Geneva, Snowden says, he met many spies who were deeply opposed to the war in Iraq and
US policies in the Middle East. “The CIA case officers were all going, what the hell
are we doing?” ... He began to consider
becoming a whistle-blower, but with Obama about to be elected, he held off. “I think
even Obama’s critics were impressed and optimistic about the values that he
represented,” he says. “He said that we’re not going to sacrifice our
rights. We’re not going to change who we are just to catch some small percentage more
terrorists.” But Snowden grew disappointed as, in his view, Obama didn’t follow
through on his lofty rhetoric. “Not only did they not fulfill those promises, but
they entirely repudiated them,” he says. “They went in the other direction. What
does that mean for a society, for a democracy, when the people that you elect on the basis
of promises can basically suborn the will of the electorate?” It took a couple of
years for this new level of disillusionment to set in. By that time—2010—Snowden
had shifted from the CIA to the NSA, accepting a job as a technical expert in Japan with
Dell, a major contractor for the agency. .... But Snowden’s disenchantment would only
grow. It was bad enough when spies were getting
bankers drunk to recruit them; now he was learning about targeted killings and mass
surveillance, all piped into monitors at the NSA facilities around the world. Snowden
would watch as military and CIA drones silently turned people into body parts. And he
would also begin to appreciate the enormous scope of the NSA’s surveillance
capabilities, an ability to map the movement of everyone in a city by monitoring their MAC address, a unique identifier emitted by every cell
phone, computer, and other electronic device. Even as his faith in the mission of US intelligence services continued to
crumble, his upward climb as a trusted technical expert proceeded. In 2011 he returned to
Maryland, where he spent about a year as Dell’s lead technologist working with the
CIA’s account. “I would sit down with the CIO of the CIA, the CTO of the CIA,
the chiefs of all the technical branches,” he says. “They would tell me their
hardest technology problems, and it was my job to come up with a way to fix them.”...
But in March 2012, Snowden moved again for Dell, this time to a massive bunker in Hawaii
where he became the lead technologist for the information-sharing office, focusing on
technical issues. Inside the “tunnel,” a dank, chilly, 250,000-square-foot pit
that was once a torpedo storage facility, Snowden’s concerns over the NSA’s
capabilities and lack of oversight grew with each passing day. Among the discoveries that most shocked him was learning that the
agency was regularly passing raw private communications—content as well as
metadata—to Israeli intelligence. Usually information like this would be
“minimized,” a process where names and personally identifiable data are removed.
But in this case, the NSA did virtually nothing to protect even the communications of
people in the US. This included the emails and phone calls of millions of Arab and
Palestinian Americans whose relatives in Israel-occupied Palestine could become targets
based on the communications. “I think that’s amazing,” Snowden says.
“It’s one of the biggest abuses we’ve seen.” (The operation was reported last year by The Guardian, which cited the
Snowden documents as its source.) Another troubling
discovery was a document from NSA director Keith Alexander that showed the NSA was spying
on the pornography-viewing habits of political radicals. The memo suggested that the
agency could use these “personal vulnerabilities” to destroy the reputations of
government critics who were not in fact accused of plotting terrorism. The document then
went on to list six people as future potential targets. (Greenwald published a redacted
version of the document last year on the Huffington Post.) Snowden was astonished by the
memo. “It’s much like how the FBI tried to use Martin Luther King’s
infidelity to talk him into killing himself,” he says. “We said those kinds of
things were inappropriate back in the ’60s. Why are we doing that now? Why are we
getting involved in this again?” In the mid-1970s, Senator Frank Church, similarly
shocked by decades of illegal spying by the US intelligence services, first exposed the
agencies’ operations to the public. That opened the door to long-overdue reforms,
such as the Foreign Intelligence Surveillance Act. Snowden sees parallels between then and
now. “Frank Church analogized it as being on the brink of the abyss,” he says.
“He was concerned that once we went in we would never come out. And the concern we
have today is that we’re on the brink of that abyss again.” He realized, just
like Church had before him, that the only way to cure the abuses of the government was to
expose them. But Snowden didn’t have a Senate
committee at his disposal or the power of congressional subpoena. He’d have to carry
out his mission covertly, just as he’d been trained. ... “If the government will
not represent our interests,” he says, his face serious, his words slow, “then
the public will champion its own interests. And whistle-blowing provides a traditional
means to do so.”... The massive surveillance effort was bad enough, but Snowden was even more disturbed to discover a new, Strangelovian
cyberwarfare program in the works, codenamed MonsterMind. The program, disclosed here for
the first time, would automate the process of hunting for the beginnings of a foreign
cyberattack. Software would constantly be on the lookout for traffic patterns indicating
known or suspected attacks. When it detected an attack, MonsterMind would automatically
block it from entering the country—a “kill” in cyber terminology. Programs
like this had existed for decades, but MonsterMind software would add a unique new
capability: Instead of simply detecting and killing the malware at the point of entry,
MonsterMind would automatically fire back, with no human involvement. That’s a
problem, Snowden says, because the initial attacks are often routed through computers in
innocent third countries. “These attacks can be spoofed,” he says. “You
could have someone sitting in China, for example, making it appear that one of these
attacks is originating in Russia. And then we end up shooting back at a Russian hospital.
What happens next?” In addition to the possibility of accidentally starting a war,
Snowden views MonsterMind as the ultimate threat to privacy because, in order for the
system to work, the NSA first would have to secretly get access to virtually all private
communications coming in from overseas to people in the US..... Given the NSA’s new data storage mausoleum in Bluffdale, its
potential to start an accidental war, and the charge to conduct surveillance on all
incoming communications, Snowden believed he had no choice but to take his thumb drives
and tell the world what he knew. The only question was when. On
March 13, 2013, sitting at his desk in the “tunnel” surrounded by computer
screens, Snowden read a news story that convinced him that the time had come to act. It
was an account of director of national intelligence James Clapper telling a Senate
committee that the NSA does “not wittingly” collect information on millions of
Americans. “I think I was reading it in the paper the next day, talking to coworkers,
saying, can you believe this shit?” Snowden and his colleagues had discussed the
routine deception around the breadth of the NSA’s spying many times, so it
wasn’t surprising to him when they had little reaction to Clapper’s testimony.
“It was more of just acceptance,” he says, calling it “the banality of
evil”—a reference to Hannah Arendt’s study of bureaucrats in Nazi Germany.
“It’s like the boiling frog,” Snowden tells me. “You get exposed to a
little bit of evil, a little bit of rule-breaking, a little bit of dishonesty, a little
bit of deceptiveness, a little bit of disservice to the public interest, and you can brush
it off, you can come to justify it. But if you do that, it creates a slippery slope that
just increases over time, and by the time you’ve been in 15 years, 20 years, 25
years, you’ve seen it all and it doesn’t shock you. And so you see it as normal.
And that’s the problem, that’s what the Clapper event was all about. He saw
deceiving the American people as what he does, as his job, as something completely
ordinary. And he was right that he wouldn’t be punished for it, because he was
revealed as having lied under oath and he didn’t even get a slap on the wrist for it.
It says a lot about the system and a lot about our leaders.” Snowden decided it was time to hop out of the water before he too was
boiled alive. At the same time, he knew there would be dire consequences. “It’s
really hard to take that step—not only do I believe in something, I believe in it
enough that I’m willing to set my own life on fire and burn it to the
ground.”" |
"Some of the revelations attributed to Snowden may not in fact have come
from him but from another leaker spilling secrets under Snowden’s name. Snowden
himself adamantly refuses to address this possibility on the record. But independent of my
visit to Snowden, I was given unrestricted access to his cache of documents in various
locations. And going through this archive using a sophisticated digital search tool, I
could not find some of the documents that have made their way into public view, leading me
to conclude that there must be a second leaker somewhere. I’m not alone in reaching
that conclusion. Both Greenwald and security expert Bruce
Schneier—who have had extensive access to the cache—have publicly stated that
they believe another whistle-blower is releasing secret documents to the media. In fact, on the first day of my Moscow interview with Snowden, the German
newsmagazine Der Spiegel comes out with a long story about the NSA’s operations in
Germany and its cooperation with the German intelligence agency, BND. Among the documents
the magazine releases is a top-secret “Memorandum of Agreement” between the NSA
and the BND from 2002. “It is not from Snowden’s material,” the magazine
notes. Some have even raised doubts about whether the infamous revelation that the NSA was
tapping German chancellor Angela Merkel’s cell phone, long attributed to Snowden,
came from his trough. At the time of that revelation, Der Spiegel simply attributed the
information to Snowden and other unnamed sources. If
other leakers exist within the NSA, it would be more than another nightmare for the
agency—it would underscore its inability to control its own information and might
indicate that Snowden’s rogue protest of government overreach has inspired others
within the intelligence community." |
"The U.S. government need not turn over a secret surveillance
court's orders or the names of phone companies helping it collect call records, because it
might reveal methods needed to protect national security, a federal judge decided on
Monday. U.S. District Judge Yvonne Gonzalez Rogers in Oakland, California, rejected the
Electronic Frontier Foundation's argument that the U.S. Department of Justice should turn
over the materials, in the wake of unauthorized disclosures last year by a former National
Security Agency contractor, Edward Snowden. The EFF
noted that the government had already declassified hundreds of pages of other documents
discussing data collection under the U.S. Patriot Act, including some that the data
privacy advocacy group had requested. These declassifications came after Snowden's leaks
had been revealed. Rogers, though, said disclosing orders of the Foreign Intelligence
Surveillance Court, which handles federal requests for surveillance warrants, could
"provide a roadmap" for targets of national security investigations to evade
surveillance." |
"Israel was singled out in 2007 as a top espionage threat against
the U.S. government, including its intelligence services, in a newly published National
Security Agency (NSA) document obtained by fugitive leaker Edward Snowden, according to a
news report Monday. The document also identified Israel, along with North Korea, Cuba and
India, as a “leading threat” to the infrastructure of U.S. financial and banking
institutions. The threats were listed in the
NSA’s 2007 Strategic Mission List, according to the document obtained by
journalist/activist Glenn Greenwald, a founding editor of The Intercept, an online magazine that has a close
relationship with Snowden, a former NSA and CIA contractor who fled the U.S. with
thousands of top-secret documents last year. In this new document, Israel was identified
by the NSA as a security threat in several areas, including “the threat of
development of weapons of mass destruction” and “delivery methods (particularly
ballistic and nuclear-capable cruise missiles).” The
NSA also flagged Israel’s “WMD and missile proliferation activities” and
“cruise missiles” as threats. In a section of the document headed “Foreign
Intelligence, Counterintelligence; Denial & Deception Activities: Countering Foreign
Intelligence Threats,” Israel was listed as a leading perpetrator of
“espionage/intelligence collection operations and manipulation/influence
operations…against U.S. government, military, science & technology and
Intelligence Community” organs. The term
“manipulation/influence operations” refers to covert attempts by Israel to sway
U.S. public opinion in its favor. In this, Israel has dubious company, according to the NSA: Other leading
threats were listed as China, Russia, Cuba, Iran, Pakistan, North Korea, France, Venezuela
and South Korea. Israel has similar company in threats against U.S. infrastructure,
according to the NSA document. Under a section headed “Mastering Cyberspace and
Preventing an Attack on U.S. Critical Information Systems,” Israel, India, North
Korea and Cuba are identified as “FIS [financial/banking system] threats.”
Israel also appears on the list of countries believed by the NSA to be
“enabling” electronic warfare “producers/proliferators.” The new
document again underscores the schizoid relationship between the U.S. and Israel, which
cooperate closely in military and intelligence operations but also aggressively spy on
each other. A previously released Snowden document said that “one of NSA’s
biggest threats is actually from friendly intelligence services, like Israel.” Another revealed that a U.S. National Intelligence Estimate ranked
Israel as “the third most aggressive intelligence service against the U.S.,”
behind only China and Russia. In a series of
articles last May, Newsweek reported that “Israel
has been caught carrying out aggressive espionage operations against American targets for
decades,” an allegation vociferously denied by
Israeli officials, who insisted that Jerusalem stopped spying on the U.S. after the late
1980s arrest and conviction of its secret agent Jonathan Pollard, a U.S. Naval
Intelligence analyst. Over the weekend, the German magazine Der Spiegel reported that
Israel eavesdropped on Secretary of State John Kerry’s cellphone conversations during
Middle East peace talks in 2013. (According to a July 20, 2014, piece in The New Republic,
“The Kerry team spoke more carefully over cell phones, believing the Israelis might
be listening.”) The State Department had no comment on the Der Spiegel
allegations." |
"Edward Snowden, the National Security
Agency whistleblower, has been given permission to stay in Russia
for three more years and will be allowed to travel abroad for three-month stints. His Russian lawyer told reporters that Snowden, whose temporary asylum
ran out on 1 August, has received a three-year residence permit." |
"More than a year after
Seattle police promised to not turn on a network of surveillance cameras and communication
nodes installed as part of a federal port-security grant, the department still hasn’t
released a draft policy on how it will use the equipment and protect citizen privacy. The
installation of the 30 cameras and a wireless mesh broadband network came shortly after
the Police Department’s purchase of two aerial drones, also with a Homeland Security
grant, and also without public notice. And next year, Seattle City Light plans to start
installing smart meters capable of collecting detailed information about residents’
electricity use. Now, privacy and civil-liberties advocates say the city needs to enact a
strong review process to guide how information is collected, stored, shared and protected,
rather than leaving the guidelines to various departments. “We
know that whenever these systems are put in place, they can be abused,” said Lee
Colleton, a Seattle computer-systems administrator and member of the Seattle Privacy
Coalition. “The city needs strong oversight of any surveillance systems.” Colleton has particular reason to be skeptical. He was protesting a
proposed youth jail in July when his cellphone picked up a Wi-Fi signal from one of the
communication nodes mounted on a city utility pole at Third and Yesler. Much like other Wi-Fi hot spots, the nodes can collect and retain
the identification of individual cellphone users and potentially track them as they move
around the city. The police quickly apologized and
said the “rogue node” had been inadvertently activated when a contractor
restored power to the pole. Department officials assured the public that it had quickly
been turned off again. But Colleton said the incident
highlighted the fears of some residents that the new surveillance equipment could be used
to monitor and photograph lawful gatherings." |
"The British government is in the preliminary stages of designing a
controversial system which will share citizens' sensitive personal information across
government departments without their consent. Leaked documents
show civil servants are planning to mimic the data-sharing systems used by firms like
Amazon or Tesco. This could mean information about a person's driving licence, criminal
record and even how much energy they use at home will be shared by apparatchiks in all
government departments. The measures are intended to
side-step the old-fashioned guidance contained in the Data Protection Act, which makes it
very difficult for information to be shared across government departments. These
recommendations are contained in a Cabinet Office “discussion document”.
“People tend to assume that Government can share data between departments to complete
simple tasks, and are surprised to learn that it cannot," civil servants wrote.
“Removing barriers to sharing or linking datasets can help Government to design and
implement evidence-based policy – for example to tackle social mobility, assist
economic growth and prevent crime”. The proposals have been drafted by Cabinet Office
secretary Francis Maude and will be contained in a White Paper due to be published in the
autumn, with a possible goal of rolling out the new systems after the general election in
2015. The most important state services involved could include police, schools, local
council and government departments. Examples of possible uses for the new data sharing
system could include checking if bus pass claimants are still alive, tackling illegal
immigration or sharing information about teenagers involved in gangs. It is not yet
certain that the measures will be enshrined in law." |
"Israel could be using US
intelligence and equipment in its offensive in the Gaza Strip, according to leaked
document. A top secret report by the American National Security Agency (NSA)
provided by Edward Snowden was published on Monday by The Intercept. The document, dated
13 April 2013, describes the NSA’s “far-reaching technical and analytic
relationship with the Israeli SIGINT National Unit (ISNU) sharing information on access,
intercept, targeting, language, analysis and reporting”. It says the co-operation has expanded to include other Israeli and US
intelligence organisations including the CIA, American Special Operations Division and
Israeli intelligence agency Mossad. Targets for both America and Israel are listed as
“the countries of North Africa, the Middle East, the Persian Gulf, South Asia, and
the Islamic republics of the former Soviet Union”. Among Israel’s particular
priorities, the document mentions Iran and Syria’s nuclear programmes,
Hezbollah’s activities in Lebanon and “Palestinian terrorism”. It adds:
“The Israeli side enjoys the benefits of expanded geographic access to world-class
NSA cryptanalytic and SIGINT engineering expertise, and also gains controlled access to
advanced US technology and equipment via accommodation buys and foreign military
sales.” An accompanying report by Glenn Greenwald, a former Guardian
journalist who hit headlines last year when his partner was detained at Heathrow Airport,
claims Britain’s electronic surveillance agency GCHQ and its Canadian equivalent also
co-operate with Israel. The US also supplies arms to Israel, including radar systems,
missiles and V-22 planes for the Air Force listed in a Times of Israel report. Last year, the US Secretary of
Defence, Chuck Hagel, said the weapons would ensure country’s “military
superiority over any enemy state, non-state or coalition”. Britain’s role in arming the Israeli Defence Forces (IDF) was
revealed by The Independent last week. Documents showed that arms export licences
worth £42m have been granted to 130 British defence manufacturers since 2010 to sell
Israel military equipment ranging from weapons control and targeting systems to
ammunition, drones and armoured vehicles." |
"SPIEGEL has learned from reliable sources that Israeli
intelligence eavesdropped on US Secretary of State John Kerry during Middle East peace
negotiations. In addition to the Israelis, at least one other intelligence service also
listened in as Kerry mediated last year between Israel, the Palestinians and the Arab
states, several intelligence service sources told SPIEGEL. Revelations of the eavesdropping could further damage already tense
relations between the US government and Israel. During the peak stage of peace talks last
year, Kerry spoke regularly with high-ranking negotiating partners in the Middle East. At
the time, some of these calls were not made on encrypted equipment, but instead on normal
telephones, with the conversations transmitted by satellite. Intelligence agencies
intercepted some of those calls. The government in Jerusalem then used the information
obtained in international negotiations aiming to reach a diplomatic solution in the Middle
East. In the current Gaza conflict, the Israelis have massively criticized Kerry, with a
few ministers indirectly calling on him to withdraw from peace talks. Both the US State
Department and the Israeli authorities declined to comment." |
"A US judge has ordered Microsoft to hand over foreign data it stores back
to the US, despite allegedly strong privacy protections in Europe to mitigate such
processes. The logic of the court is that because the US-headquartered software giant controls the data it stores overseas, its foreign
subsidiary companies are just as applicable to US law. US District Judge Loretta Preska in New York said the ruling will be
stayed to allow Microsoft to appeal the decision to an appeals court. "It is a
question of control, not a question of the location of that information," Preska said
in the ruling. The ruling means that users in Europe and further afield of
Microsoft's services — and others, including Apple, Google, Yahoo, Facebook, and
Twitter, with a headquarters in the US — are not immune from having their data
handed over
to the US government for law enforcement or intelligence purposes. Microsoft initially
challenged
the order, saying that local laws must apply in respect of each jurisdiction." |
"Edward Snowden's lawyer has labelled as "draconian" and
"chilling" Abbott government legislation before parliament that would threaten
ASIO leakers with 10 years' imprisonment and make it an offence for journalists to report
on information they receive from whistleblowers. Lawyer
Jesselyn Radack, who is travelling in Australia, told the Wheeler Centre
in Melbourne on Tuesday night that the laws being
proposed by Attorney-General George Brandis went too far. "That law is so
draconian and would be so chilling in terms of freedom of the press," Ms Radack said.
"It would criminalise a reporter talking to a source. 'It's the most draconian thing
I've seen and it is completely antithetical to a free and open democratic society … I
find it very disturbing that Australia's entertaining this kind of legislation and that
there hasn't been a greater outcry, especially from the press.' The legislation makes it an offence if a person "discloses
information ... [that] relates to a special intelligence operation" and does not
state any exemptions, meaning it could apply to anyone including journalists, bloggers,
lawyers and other members of the public. Those who disclosed such information would face
tough new penalties of up to 10 years' jail. Ms Radack said the new laws would essentially
give ASIO immunity. "This particular proposed
legislation is drafted so broadly that almost anything could be labelled a special
intelligence operation … the definitions are so broad and vague as to make anyone
subject to this." NSA whistleblower Thomas Drake, who also spoke at the Wheeler
Centre, said the laws reminded him of his own trial and said that they would result in
self-censorship. "If this passes in its current form without huge changes, it is
going to send a very chilling message," Mr Drake said. "It will create a climate
in which people will self-censor. They will opt not to reveal anything. They will opt not
to associate with certain individuals. They will opt not to share certain information just
on the risk that it might be designated secret or it might be designated something that
might reveal an intelligence operation. Well in that kind of an environment guess what? It
has its intended effect."" |
"The National Security Agency last year significantly expanded its
cooperative relationship with the Saudi Ministry of Interior, one of the world’s most
repressive and abusive government agencies. An April
2013 top secret memo provided by NSA whistleblower Edward Snowden details the
agency’s plans “to provide direct analytic and technical support” to the
Saudis on “internal security” matters. The Saudi Ministry of
Interior—referred to in the document as MOI— has been condemned for years as one
of the most brutal human rights violators in the world. In 2013, the U.S. State
Department reported that “Ministry of Interior officials sometimes subjected
prisoners and detainees to torture and other physical abuse,” specifically mentioning
a 2011 episode in which MOI agents allegedly “poured an antiseptic cleaning liquid
down [the] throat” of one human rights activist. The report also notes the MOI’s
use of invasive surveillance targeted at political and religious dissidents. But as the
State Department publicly catalogued those very abuses, the NSA worked to provide
increased surveillance assistance to the ministry that perpetrated them. The move is part of the Obama Administration’s increasingly close
ties with the Saudi regime; beyond the new cooperation with the MOI, the memo describes
“a period of rejuvenation” for the NSA’s relationship with the Saudi
Ministry of Defense. In general, U.S. support for the Saudi regime is long-standing. One secret 2007 NSA memo lists Saudi Arabia as one of four
countries where the U.S. “has [an] interest in regime continuity.” But from the end of the 1991 Gulf War until recently, the memo says, the
NSA had a “very limited” relationship with the Saudi kingdom. In December 2012,
the U.S. director of national intelligence, James Clapper, authorized the agency to expand
its “third party” relationship with Saudi Arabia to include the sharing of
signals intelligence, or “SIGINT,” capability with the MOD’s Technical
Affairs Directorate (TAD). “With the approval of the Third Party SIGINT
relationship,” the memo reports, the NSA “intends to provide direct analytic and
technical support to TAD.” The goal is “to
facilitate the Saudi government’s ability to utilize SIGINT to locate and track
individuals of mutual interest within Saudi Arabia....Over the past year, the Saudi
government has escalated its crackdown on activists, dissidents, and critics of the
government. Earlier this month, Saudi human rights lawyer and activist Waleed Abu al-Khair
was sentenced
to 15 years in prison by a so-called “terrorist court” on charges of
undermining the state and insulting the judiciary. In May, a liberal blogger, Raif Badawi,
was sentenced to 10 years in
prison and 1,000 lashes; in June, human rights activist Mukhlif Shammari was sentenced
to five years in prison for writing about the mistreatment of Saudi women.” |
"UK anti-terrorism laws are so
broadly drawn they are in danger of catching journalists, bloggers, and those it was
"never intended to cover" the counter-terrorism watchdog has said. David
Anderson QC has called on the Government to revisit its definition of terrorism in his
annual report published today as the UK’s independent reviewer of terrorism
legislation.... Mr Anderson references the case of David Miranda in his report, in which
the Brazilian partner of Guardian journalist Glenn Greenwald was detained and questioned
for nine hours under terrorism laws because he was believed to be carrying stolen secrets
linked to Mr Greenwald’s articles uncovering NSA surveillance activity. Mr
Miranda’s detention was later deemed lawful by the High Court, but Mr Anderson said
the case of this detention, in which Mr Miranda was believed to be carrying a large number
of stolen secret documents, was "more difficult to defend" the use of
anti-terrorism laws for the purpose of stopping someone, detaining them and seeing
"what’s going on". "One might be thinking of official secrets, of
espionage, of theft, but it’s a bit of a stretch to see somebody like that as a
potential terrorist," he said. Mr Anderson
warned the public would only continue to accept the legislation if they were sure it was
genuinely needed. He has called on Parliament to revisit its definition and the use of the
word "influence" in its laws, as currently the definition is so broad it could
catch a campaigner who voices a religious objection to vaccination on the grounds of it
being a serious risk to public health. "I think the problem there is the way
the bar is set. It is enough that you are trying to influence the Government for political
reasons. In most other countries you need to have to intimidate the government or coerce
the government before you can be a terrorist," he said." |
"German typewriter manufacturers are enjoying a boom in sales
following the NSA spying scandal. A
German defence manufacturer switched to typewriters last year, while last week a leading
politician called for the government to use the old technology. The head of the
parliamentary inquiry into spying by the US National Security Service (NSA) in Germany made headlines
last week when he said his committee was considering using typewriters. But he is not alone. With a turnover of €5 million, the German
typewriter market is growing. Manufactures Olympia and Bandermann are seeing a revival in
what was until recently a dying technology. "We sell about 10,000 (typewriters) every
year," Bandermann manager Rolf Bonnen told The Local. Sales grew around a third last
year on 2012." |
"iOS forensic examiner Jonathan Zdziarski may know more about iPhones than any other non-Apple employee.
Yet even he can't find a reason for some of the mystery features buried within the iOS
operating system, which look an awful lot like security backdoors that bypass
user-designated data protections. The features could be there to let Apple — or
even the National Security Agency or the FBI — get access to most of your iOS
device's data without you knowing it. In a
presentation Friday (July 18) at the HOPE X hacker conference here, Zdziarksi detailed his
discoveries about the data-collection tools hidden on iOS devices. Some tools are listed
by name, yet not explained, in the Apple developer manual and do far more than advertised.
Others are undocumented and buried deep within the iOS code. The hidden features may
partly explain allegations, based on documents leaked in the Snowden archive, in the
German newsmagazine Der
Spiegel that the NSA has had the ability to access data on BlackBerrys and Android and
iOS devices. Der Spiegel did not detail how the NSA would do so. The undocumented features can be accessed by any PC or Mac to
which a targeted iOS device has been connected via USB, Zdziarski says. Some hidden
features can also be accessed via Wi-Fi while the phone is at rest, or even while the
owner is using it. Zdziarksi is certain that these mechanisms, whatever their purpose, are
no accident. He has seen them become more complex, and they seem to get as much
maintenance and attention as iOS's advertised features. Even as Apple adds new security features, the company may be adding ways
to circumvent them. "I am not suggesting some grand conspiracy," Zdziarski
clarified in a blog post
after his HOPE X talk. "There are, however, some services running in iOS that
shouldn't be there, that were intentionally added by Apple as part of the firmware and
that bypass backup encryption while copying more of your personal data than ever should
come off the phone for the average consumer." "My hope is that Apple will
correct the problem," he added in the blog posting. "Nothing less, nothing more.
I want these services off my phone. They don't belong there." Apple has not yet
responded to a request for comment." |
"Edward Snowden made an impassioned
call on Saturday for hackers and technologists to help would-be whistleblowers spill more
government secrets. Speaking via remote Google Hangouts video feed from Russia, Snowden
addressed his comments to an audience at this weekend's Hackers on Planet Earth (HOPE) conference at the Pennsylvania Hotel in
New York. Arguing that "technology empowers dissent" as well as
"democracy," Snowden said that the only way
to enable whistleblowers is to give them better tools to pass secrets to journalists,
protecting their communications, their identities and preventing them from going to jail
for it. To do that, Snowden said, he needed the help of the hackers, coders and developers
gathered in the crowded rooms of the conference, as well as the ones watching via live
stream online."We the people, you the people, you in this room right now have both
the means and capabilities to help build a better future by encoding our rights into the
programs and protocols upon which we rely everyday," he said during a conversation with Daniel Ellsberg, who himself became a
whistleblower when he leaked the Pentagon Papers to the press in 1971." |
"In May 2014, I reported
on my efforts to learn what the feds know about me whenever I enter and exit the country.
In particular, I wanted my Passenger
Name Records (PNR), data created by airlines, hotels, and cruise ships whenever travel
is booked. But instead of providing what I had requested, the United States Customs and
Border Protection (CBP) turned over only basic information about my travel going back to
1994. So I appealed—and without explanation,
the government recently turned over the actual PNRs I had requested the first time. The 76 new pages of data, covering 2005 through 2013, show that
CBP retains massive amounts of data on us when we travel internationally. My own PNRs
include not just every mailing address, e-mail, and phone number I've ever used; some of
them also contain: * The IP address that I used to buy the ticket * My credit card number
(in full) * The language I used * Notes on my phone calls to airlines, even for something
as minor as a seat change * The breadth of long-term data retention illustrates yet
another way that the federal government enforces its post-September 11 "collect it
all" mentality....As I looked through the logs, I also saw notes, presumably made by
call center staff, recording each time I had tried to make a change by phone. Hasbrouck
said that this is typical and that it's one of the downsides of global
outsourcing—the people I’m talking to probably have no idea that everything they
write down will be kept in American government records for years." |
"The Data Retention and
Investigatory Powers (Drip) bill that yesterday cleared
the House of Lords will make companies holding UK citizens’ communications data
far more attractive to criminal hackers, a security expert has warned. This will likely be
a long-term consequence of the law as it will spread the UK’s data across the world,
said Dr Adrian Davis, cybercrime expert and European director of (ISC)2, an association of
information security professionals. Davis raised
concerns about clause 4 of the bill, which extends the territorial reach of UK
surveillance powers by making it clear foreign firms holding
UK citizen data can be served with a warrant to hand over information. The government chose to add the clause as the current law only has an
“implicit extraterritorial effect” and “some of the largest communications
providers” based outside of the UK have questioned whether the legislation applies to
them. But this will lead to storage of data in more locations around the world, thereby
increasing the chance hackers will be able to access it, Davis said, adding that companies
storing the information may not have the same quality of security as those within the UK. “Because of the extraterritorial reach in the Drip bill, it requires
foreign internet service providers, who may be providing webmail services to British
citizens (think of the expats living in Spain or Florida and using national ISPs for
example), to store data about those British citizens in data or storage centres outside
the jurisdiction of the UK Data Protection and other relevant Acts,” Davis told the Guardian. “As a
result, we don’t know how that data is stored, processed, accessed or protected
… Hackers may view foreign ISPs storing British citizens’ data as a ‘soft
target’ – the levels of protection may be different and the penalties for
stealing or compromising data could be lower.”" |
"The intelligence services are constructing "vast
databases" out of accumulated interceptions of emails, a tribunal investigating mass surveillance of the internet has been told. The
claim emerged during a ground-breaking case against the monitoring agency GCHQ,
MI5,
MI6
and the government at the investigatory powers tribunal (IPT). Matthew Ryder QC, for Liberty and other human rights groups, told a hearing the
government had not disputed "that databases gathering material that may be useful for
the future is something that may be permissible under Ripa [the Regulation
of Investigatory Powers Act 2000]". If they are deemed under the legislation to
be "necessary", he said, that may mean their use "can stretch far into the
future". Ryder added: "The government is
now conceding it can gather such databases." The court heard that the intelligence
services might be accumulating databases in that way about persistent security threats.
Lawyers for the government would not confirm nor deny this but conceded it would be
permissible under Ripa. Developing such a capability, human rights groups argue, was
explicitly rejected by parliament when the communications data bill, nicknamed the snooper's charter, was defeated last
year.... Ben Jaffey, for Privacy International, said Ripa
had ceased providing the significant safeguards it once guaranteed against interception of
communications without an individual warrant. "A statute which in 2000 afforded quite
strong protection no longer affords such protection," Jaffey said. The law has stayed
the same, he added, but had lost its force because more and more internet traffic involved
being routed through foreign websites and online servers. The
government's senior security advisor, Charles Farr, has submitted a lengthy defence of interception surveillance policy, explaining that
emails, online searches and communications that touch foreign servers are deemed to be
external, not internal, and so do not require an individual warrant to be intercepted. Jaffey said: "[That fact] was kept confidential until Mr Farr's
witness statement was produced." The case has been brought by Privacy
International, Liberty, Amnesty International,
the American Civil Liberties Union and other
overseas human rights groups following revelations by the US whistleblower Edward Snowden. It is the first of
dozens of GCHQ-related claims to be examined by the IPT, which hears complaints against
British intelligence agencies and government bodies that carry out surveillance under
Ripa. The civil liberties organisations are concerned
that their private communications have been monitored under GCHQ's electronic surveillance
programme Tempora, whose existence was revealed by Snowden. They also complain that
information obtained through the NSA's Prism
and upstream programmes may have been shared with the British intelligence services,
side-stepping protections provided by the UK legal system." |
"The UN High
Commissioner for Human Rights has released an excellent report today on the right to privacy
in the digital age, blasting the digital mass surveillance that has been taking place,
unchecked, by the U.S., the U.K, and other world governments. The report is issued in
response to a resolution passed with unanimous
approval by the United Nations General Assembly in November 2013. That resolution was
introduced by Brazil and Germany and sponsored by 57 member states. This report turns the
tide in the privacy debate at the United Nations and opens the door for more substantive
scrutiny of states’ surveillance practices and their compliance with international
human rights law. The report elaborates on issues EFF has long championed, and which are
deeply integrated into our 13
Principles and its legal
background paper, which have been signed by more than 400 organizations and 350,000
individuals. The report has also supported the five
recommendations EFF, Access, Privacy International along with APC, Article 19, Human
Rights Watch, WebWeWant submitted to the Office of the High Commissioner for Human Rights.
We’ve pulled out some highlights from today’s publication that merit further
analysis, but the main point is this: With respect to
privacy in the digital age, an interference with an individual’s right to privacy is
only permissible under international human rights law if its necessary and proportionate." |
"The original goal of onion routing wasn’t to protect privacy
— or at least not in the way most people think of 'privacy.' The goal was to allow
intelligence and military personnel to work online undercover without fear of being
unmasked by someone monitoring their Internet activity.... In the 90s, as public Internet
use and infrastructure grew and multiplied, spooks needed to figure out a way to hide
their identity in plain sight online. An undercover spook sitting in a hotel room in a
hostile country somewhere couldn’t simply dial up CIA.gov on his browser and log in — anyone sniffing his
connection would know who he was. Nor could
a military intel agent infiltrate a potential terrorist group masquerading as an
online animal rights forum if he had to create an account and log in from an army base IP
address. That’s where onion routing came in. As Michael Reed, one of the inventors of
onion routing, explained:
providing cover for military and intelligence operations online was their primary
objective; everything else was secondary... Onion router research progressed slowly, with
several versions developed and discarded. But in 2002, seven years after it began, the
project moved into a different and more active phase. Paul Syverson from the Naval Research Laboratory stayed
on the project, but two
new guys fresh outta MIT grad school came on board: Roger Dingledine and Nick Mathewson. They were
not formally employed by Naval Labs, but were on contract from DARPA and the U.S.
Naval Research Laboratory’s Center for High Assurance Computer Systems. For the
next several years, the three of them worked on a newer version of onion routing that
would later become known as Tor. Very early on, researchers understood that just designing
a system that only technically anonymizes traffic is not enough — not if the system
is used exclusively by military and intelligence. In order to cloak spooks better,
Tor needed to be used by a diverse group of people: Activists, students, corporate
researchers, soccer moms, journalists, drug dealers, hackers, child pornographers, foreign
agents, terrorists — the more diverse the group that spooks could hide in the crowd
in plain sight..... As Syverson told
Bloomberg in January 2014: 'If you have a system that’s only a Navy system,
anything popping out of it is obviously from the Navy. You need to have a network that
carries traffic for other people as well.' [Roger] Dingledine said the
same thing a decade earlier at the 2004 Wizards of OS conference in Germany: 'The
United States government can’t simply run an anonymity system for everybody and then
use it themselves only. Because then every time a connection came from it people would
say, ‘Oh, it’s another CIA agent.’ If those are the only people using the
network.' The consumer version of Tor would be marketed to everyone and —
equally important — would eventually allow anyone to run a Tor node/relay, even from
their desktop computer. The idea was to create a massive crowdsourced torrent-style
network made up from thousands of volunteers all across the world. At the very end of
2004, with Tor technology finally ready for deployment, the US Navy cut
most of its Tor funding, released it under an open source license and, oddly, the
project was handed
over to the Electronic Frontier Foundation. 'We funded Roger Dingledine and Nick
Mathewson to work on Tor for a single year from November 2004 through October 2005 for
$180,000. We then served as a fiscal sponsor for the project until they got their
501(c)(3) status over the next year or two. During that time, we took in less than
$50,000 for the project,' EFF’s Dave Maass told me by email. In a December 2004
press release announcing its support for Tor, EFF curiously failed
to mention that this anonymity tool was developed primarily for military and
intelligence use. Instead, it focused purely on Tor’s ability to protect free speech
from oppressive regimes in the Internet age....In 2013, the Washington Post revealed
that the NSA had figured out various ways of unmasking and penetrating the anonymity of
the Tor Network....Snowden’s leaks revealed another interesting detail: In 2007,
Dingledine gave at a talk at the NSA’s HQ explaining Tor, and how it
worked....Interestingly, the Washington Post article described Dingledine’s trip to
the NSA as 'a wary encounter, akin to mutual intelligence gathering, between a spy agency
and a man who built tools to ward off electronic surveillance.' Dingledine told the paper
that he came away from that meeting with the feeling that the NSA was trying to hack
the Tor network... Aside from being on the DoD payroll, Dingledine has spends a
considerable amount of his time meeting and consulting with military, intelligence and law
enforcement agencies to explain why Tor’s so great, and instructing them on how to
use it. What kind of agencies does he meet with? The FBI, CIA and DOJ are just a few…
And if you listen to Dingledine explain these encounters in some of his public
appearances, one does not detect so much as a whiff of antagonism towards
intelligence and law enforcement agencies. In 2013, during a talk at UC San Diego,
Dingledine cheerfully recalled how an exuberant FBI agent rushed up to thank him
during his recent trip to the FBI: 'So I’ve been doing a lot of talks lately for law
enforcement. And pretty much every talk I do these days, sone FBI person comes up to me
afterwards and says, ‘I use Tor everyday for my job. Thank you.’ Another example
is anonymous tips — I was talking to the folks who run the CIA anonymous tip line.
It’s called the Iraqi Rewards Program…'" |
"The power to secretly create government propaganda is among the
many hacking tools revealed in the latest batch of Edward Snowden documents. British spies
can manipulate online polls -- or trick the world into thinking a video or web page is
going viral. A collection of hacking tools -- some of which are specifically suited
to spreading disinformation -- were exposed in a leaked 2012 document provided by Snowden
to The Intercept. That's the online publication led by Glenn Greenwald,
the journalist who worked with Snowden on a series of stories for The Guardian. The toolkit belongs to the U.S. National Security Agency's British
counterpart, the Government Communications Headquarters (GCHQ for short). It includes some of what you would expect from a spy agency intent on
protecting the United Kingdom from terrorists: the ability to disable target computers,
slip into enemy devices to lock their files, send spoof emails that impersonate a sender's
address, and cripple websites with denial of service attacks. But then there's the
propaganda machine. * Underpass: a tool that lets the government "change
outcome of online polls" * Bomb Bay: can "increase website hits/rankings" *
Gestator: provides "amplification of a given message, normally video, on popular
multimedia websites" * Gateway: will "artificially increase traffic to a
website" * Slipstream: can "inflate page views on websites" - The
government may also deliver en masse text messages, emails, faxes and tailored instant
messages. It's important to note, however, that it's not clear whether these are currently
in use." |
"Analysts working for the National Security Agency routinely pass
around private, intimate photos found in the stream of communications data intercepted,
according to Edward Snowden. In a new, extensive video interview,
the fugitive leaker said the fraternizing practice is seen as a "fringe benefit"
of working for the intelligence agency. "You got young enlisted guys, 18-22 years
old, they've suddenly been thrust into a situation with extraordinary responsibility where
they now have access to all of your private records," Snowden told The Guardian.
"Now in the course of their daily work, they stumble across something that is
completely unrelated to their work in any sort of necessary sense, for example, an
intimate nude photo of someone in a sexually compromising situation, but they're extremely
attractive." Snowden, speaking on-camera from Russia, where he is living under
temporary asylum, continued: 'So what do they do, they turn around in their chair and show
their coworker. And their coworker says, Oh, hey that's great.' Send that to Bill down the
way. And the Bill sends it to George, George sends it to Tom. Sooner or later this
person's whole life has been seen by all of these other people. It's never reported, nobody ever knows about it because the auditing of
these systems is very weak. The fact that your private images, records of your private
lives, records of your intimate moments have been taken from your private communications
stream, from the intended recipient, and given to the government without any specific
authorization, without any specific need, is it itself a violation of your rights? Why is
that in a government database?' When pushed back on the scenario, Snowden said such
behavior is "routine enough depending on the company you keep."" |
"The NSA whistleblower, Edward Snowden, has urged lawyers,
journalists, doctors, accountants, priests and others
with a duty to protect confidentiality to upgrade security in the wake of the spy surveillance revelations. Snowden said
professionals were failing in their obligations to their clients, sources, patients and
parishioners in what he described as a new and challenging world. "What last year's
revelations showed us was irrefutable evidence that unencrypted communications on the internet are no longer safe. Any
communications should be encrypted by default," he said. The response of professional
bodies has so far been patchy. A minister at the
Home Office in London, James Brokenshire, said during a Commons debate about a new
surveillance bill on Tuesday that a code of practice to protect legal professional
privilege and others requiring professional secrecy was under review. Snowden's plea for
the professions to tighten security came during an extensive and revealing interview with
the Guardian in Moscow. The former National Security Agency and CIA computer specialist,
wanted by the US under the Espionage Act after leaking tens of
thousands of top secret documents, has given only a handful of interviews since seeking
temporary asylum in Russia a year ago..... Ross Anderson, professor of security
engineering at Cambridge University, said he shared Snowden's concerns about the
vulnerability of the professions to surveillance by spy and law enforcement agencies.
"If you think your HIV status is secret from GCHQ, forget it," he said.
"The tools are available to protect data and communications but only if you are
important enough for your doctor or lawyer to care." Timothy Hill, technology policy
adviser at the Law Society, which represents UK lawyers, said the profession was
concerned. "Legal professional privilege – the right to consult a legal adviser
in confidence – is a long established common law right. Its fundamental role in our
legal system needs to be reasserted." The society is pressing to have existing
legislation rewritten to include explicit protection for legal professional privilege from
government surveillance. "There needs to be a debate about the implications of the
Snowden revelations for professional privilege in the digital age," Hill said.
"It is not happening. This is not being debated in parliament." He said the
society was seeking to strengthen law firms' cybersecurity awareness but that a stronger
statutory framework was essential." |
"A suspect caught on camera
could be identified in seconds due to new technology being tested by Leicestershire
Police. The NeoFace system compares measurements taken from an image of a face and
compares it to the 92,000 on the force's database. Officers said early results had seen a
"high success rate of identification". Concerns
over privacy were rejected by senior officers who said a match did not constitute
evidence. Images could come from anywhere but CCTV or police body cameras had been the
most common source so far.... Emma Carr, acting director of Big Brother Watch, said the
technology should be used only with a "high level of accountability and
oversight". "Facial recognition cameras take the intrusiveness of CCTV to the
next level, so it is absolutely essential that people are able to access meaningful
redress when they feel their privacy is infringed," she said. Leicestershire's
database is made up of people who have either been arrested by police or have given their
permission for their images to be stored, such as identity parade volunteers. The trial is
set to continue for six months after which results will be evaluated. If successful it
could be expanded across the East Midlands with each force's image database available for
searches." |
"The UK intelligence agency GCHQ
has developed sophisticated tools to manipulate online polls, spam targets with SMS
messages, track people by impersonating spammers and monitor social media postings,
according to newly-published documents leaked by NSA
whistleblower Edward Snowden. The documents – which were published on First Look Media with accompanying analysis from Glenn
Greenwald – disclose a range of GCHQ "effects" programs aimed at tracking
targets, spreading information, and manipulating online debates and statistics. The
disclosure comes the day before the UK parliament is due to begin up to three days' debate
on emergency legislation governing British surveillance capabilities. With
cross-party support the bill is expected to be voted through this week.... The document
also details a range of programs designed to collect and store public postings from
Facebook, Twitter, LinkedIn and Google+, and to make automated postings on several of the
social networks. Capabilities to boost views of
YouTube videos, or to boost the circulation of particular messages are also detailed. GCHQ
has also, the document suggests, developed capabilities to scan and geolocate the IPs of
entire cities at a time." |
"The secretive British spy agency GCHQ has developed covert tools
to seed the internet with false information, including the ability to manipulate the
results of online polls, artificially inflate pageview counts on web sites,
“amplif[y]” sanctioned messages on YouTube, and censor video content judged to
be “extremist.” The capabilities, detailed in documents provided by NSA
whistleblower Edward Snowden, even include an old standby for pre-adolescent prank callers
everywhere: A way to connect two unsuspecting phone users together in a call. The tools
were created by GCHQ’s Joint Threat Research Intelligence Group (JTRIG), and
constitute some of the most startling methods of propaganda and internet deception
contained within the Snowden archive. Previously disclosed documents have detailed JTRIG’s use of “fake victim blog posts,” “false flag operations,”
“honey traps” and psychological manipulation to target online
activists, monitor visitors
to WikiLeaks, and spy
on YouTube and Facebook users. But as the U.K.
Parliament today debates a fast-tracked
bill to provide the government with greater surveillance powers, one which Prime
Minister David Cameron has justified as an
“emergency” to “help keep us safe,” a newly released
top-secret GCHQ document called “JTRIG Tools and Techniques” provides a
comprehensive, birds-eye view of just how underhanded and invasive this unit’s
operations are. The document—available
in full here—is designed to notify other GCHQ units of JTRIG’s
“weaponised capability” when it comes to the dark internet arts, and serves as a
sort of hacker’s buffet for wreaking online havoc. The “tools” have been
assigned boastful code names. They include invasive methods for online surveillance, as
well as some of the very techniques that the U.S. and U.K. have harshly prosecuted young
online activists for employing, including “distributed denial of service”
attacks and “call bombing.” But they also
describe previously unknown tactics for manipulating and distorting online political
discourse and disseminating state propaganda, as well as the apparent ability to actively
monitor Skype users in real-time—raising further questions about the
extent of Microsoft’s cooperation with spy agencies or potential vulnerabilities
in its Skype’s encryption.... The document
appears in a massive Wikipedia-style archive used by GCHQ to internally discuss its
surveillance and online deception activities. The page indicates that it was last modified in July 2012, and had been
accessed almost 20,000 times. GCHQ refused to provide any comment on the record beyond its
standard boilerplate, in which it claims that it acts “in accordance with a strict
legal and policy framework” and is subject to “rigorous oversight.” But
both claims are questionable....As for oversight,
serious questions have been raised about whether top national security officials even know
what GCHQ is doing. Chris Huhne, a former cabinet minister and member of the national
security council until 2012, insisted
that ministers were in “utter ignorance” about even the largest GCHQ spying
program, known as Tempora—not to mention “their extraordinary capability to
hoover up and store personal emails, voice contact, social networking activity and even
internet searches.” In an
October Guardian op-ed, Huhne wrote that “when it comes to the secret world of
GCHQ and the [NSA], the depth of my ‘privileged information’ has been dwarfed by
the information provided by Edward Snowden to The Guardian.”" |
"The NSA whistleblower Edward Snowden has condemned the new surveillance bill being pushed through
the UK's parliament this week, expressing concern about the speed at which it is being
done, lack of public debate, fear-mongering and what he described as increased powers of
intrusion. In an exclusive interview with the Guardian in Moscow, Snowden said it was very
unusual for a public body to pass an emergency law such as this in circumstances other
than a time of total war. "I mean we don't have bombs falling. We don't have U-boats
in the harbour." Suddenly it is a priority, he
said, after the government had ignored it for an entire year. "It defies
belief." He found the urgency with which the British government was moving
extraordinary and said it mirrored a similar move in the US in 2007 when the Bush
administration was forced to introduce legislation, the Protect America Act, citing the
same concerns about terrorist threats and the NSA losing cooperation from telecom and
internet companies." |
"The last time the main parties got together in a closed room, did
a deal and told the country there was a need to act urgently, we were on the edge of
abandoning 300 years of press freedom. This time our privacy is under threat. In the name
of security, the Government is fast-tracking legislation through Parliament that will
allow it to collect huge quantities of our personal data. We would do well to remember the
advice of Ben Franklin: ‘Those who would give up essential liberty, to purchase a
little temporary safety, deserve neither liberty nor safety.’ The Government has
engineered a ‘theatrical emergency’ – in this case terrorism and hidden
p**dophile rings – to ram the Data Retention and Investigatory Powers Bill through
Parliament without proper debate. It is an insult to
the supremacy of Parliament, to democracy and to the trust of the public.It was April 8
when the European Court of Justice struck down the Data Retention Directive for being
incompatible with human rights. The Home Office has had time to put an alternative in
place, so the excuses for why the legislation is being fast-tracked are laughable.
It is a sad state of affairs when European courts are a greater defender of our ancient
rights than Parliament and Her Majesty’s Government. Even the German Supreme Court
overturned its far less invasive data collection laws for violating the privacy rights of
German citizens. How far we have slipped, this birthplace of democracy, that our own
judicial safeguards stand by while our hard-fought rights are stripped from us by a
Government that has lost its sense of proportion in its fear of making a mistake.
Don’t be persuaded by Deputy Prime Minister Nick Clegg’s reassurances that
‘this is about maintaining what we already do rather than extending it’. This is
the man who insisted on including in the Coalition agreement the promise that ‘we
will end the storage of internet and email records without good reason’. So what
happened to that promise? Frankly, the Government is
uncritically swallowing what it is fed by our security agencies. It was asked for these powers to combat ‘criminals, terrorists and
p**dophiles’, and it is handing these powers over. The arguments marshalled are near-
identical to those rejected by the committee of the Lords and Commons that reviewed the
Government’s proposed ‘snoopers’ charter’, and which led to that being
thrown out. David Cameron proclaimed we have no cause
for concern as the legislation only impacted on ‘communications data’ – or
‘metadata’ – not the content of our phone calls. But it is clear that
metadata has become even more informative than the content. After all, the content of a
call only tells you what was said; metadata tells you where you have been, who you have
talked to and when. And because it is digital, it can be manipulated to tell a complete
story of your life – as a director of America’s National Security Agency once
said: ‘We kill with metadata.’ This is why the Government’s claim that the content of
communications is rarely examined is so meaningless. This data, which it wants every
service provider to store for every one of us, will give access to every aspect of our
lives. It should be remembered that the Data
Retention Directive was enacted by the EU in 2006, when the quantity of electronic
communications and the capabilities of the intelligence agencies were poorer. If we were
to create this law now it would take a very different form. We need to reconsider whether
the Government needs to collect this data from us all. We
should not leave the signing of warrants to the Secretary of State; a judge should approve
each application after a full hearing.... The
Privacy and Civil Liberties Oversight Board will either be toothless or, like the current
Intelligence and Security Committee, a Government rubber-stamp. And given the
Home Office’s creativity when it comes to statistics, it is unlikely any information
included in the proposed transparency report will result in greater transparency. Even the
statistics already released are cause for concern. The
2013 report of the Interception of Communications Commissioner revealed that 514,608
requests were made for data. By comparison, the most requests issued by the FBI in a year
is 56,507. How can it be our intelligence agencies made nine times the number of requests
for communications data than their US counterparts? Yet with all this information, the Government scrambled around to
find a handful of examples where communication intercepts resulted in the prevention of
criminal behaviour – but even these don’t face any serious scrutiny. With none
of the raw data, we do not know if they are inflated claims. After the ‘dodgy
dossier’ on weapons of mass destruction, the deceit on rendition and torture, and the
debacle over the snooper’s charter, it is hard to be confident. Our Government has claimed that intercepted communications data was the
critical evidence in 95 per cent of all serious crime cases. This would seem to go against
the experience of the Metropolitan Police, which in evidence to a joint committee stated
that ‘communications data is used sparingly, because it is costly and resource
intensive, and because of the need to… consider the impact of collateral intrusion on
innocent people’. The fact it is used in criminal cases gives no indication of
its importance in obtaining a conviction." |
"President Vladimir Putin's secret service the FSO have invited for
tenders for hundreds of ink and correction typewriter ribbons for the classic Triumph
Adler Twen 180 and Olympia Comfort models. Olympia, which is based in Hattingen, North
Rhine-Westphalia, has also confirmed that Russian firms recently ordered 20 new, electric
typewriters for at least €200 each, along with supplies of ink ribbons. The Russian
newspaper Iswestija which has seen the invitation for tender, says that particularly
sensitive documents are now only being put on paper and no longer archived electronically
- because it is more secure that way. And this is
not only the case for secret services, but also in defence and domestic security
ministries, former head of the domestic secret service FSB, Nikolai Kowaljow told the
newspaper. He also said that writing things by hand
was becoming more popular." |
"Berlin's expulsion of
the CIA station chief in Germany is tantamount to diplomatic earthquake, a sign of how far
the mismanaged US-German relationship is now damaging the Nato alliance... US spies appear
to have bought some 218 documents from a low-level employee of the German intelligence
service. Investigators are looking into a second possible recruitment of a Defence
Ministry official. Some of the documents bought by the CIA were briefing notes for the
parliamentary committee looking into Edward Snowden's revelations about American spying on
Germans. The United States in short has been spying
on a probe into its spying.... When it comes to
light, the form of espionage shakes the political establisment.... Chancellor Merkel may
well have popular opinion on her side. Some Germans even believe that Mr Snowden should be
given asylum in their country." |
"William Binney is one
of the highest-level whistleblowers to ever emerge from the NSA. He was a leading
code-breaker against the Soviet Union during the Cold War but resigned soon after
September 11, disgusted by Washington’s move towards mass surveillance. On 5 July he spoke at a conference in London organised
by the Centre for Investigative Journalism and revealed the extent of the surveillance
programs unleashed by the Bush and Obama administrations. “At least 80% of
fibre-optic cables globally go via the US”, Binney said. “This is no accident
and allows the US to view all communication coming in. At least 80% of all audio calls,
not just metadata, are recorded and stored in the US. The NSA
lies about what it stores.” The NSA will soon be able to collect 966 exabytes a year, the
total of internet traffic annually. Former Google
head Eric Schmidt once argued
that the entire amount of knowledge from the beginning of humankind until 2003 amount to
only five exabytes. Binney, who featured in a 2012 short film by Oscar-nominated US
film-maker Laura Poitras, described a future where surveillance is ubiquitous and
government intrusion unlimited. “The ultimate goal of the NSA is total population
control”, Binney said, “but I’m a little optimistic with some recent
Supreme Court decisions, such as law enforcement mostly now needing a warrant before
searching a smartphone.”... Unlike Snowden, Binney didn’t take any documents
with him when he left the NSA. He now says that hard evidence of illegal spying would have
been invaluable. The latest Snowden leaks, featured in the Washington Post, detail private
conversations of average Americans with no connection to extremism. It shows that the
NSA is not just pursuing terrorism, as it claims, but ordinary citizens going about their
daily communications. “The NSA is
mass-collecting on everyone”, Binney said, “and it’s said to be about
terrorism but inside the US it has stopped zero attacks.” The lack of official oversight is one of Binney’s key concerns,
particularly of the secret
Foreign Intelligence Surveillance Court (Fisa), which is held out by NSA defenders as a
sign of the surveillance scheme's constitutionality.... “The Fisa court has only the
government’s point of view”, he argued. “There are no other views for the
judges to consider. There have been at least 15-20 trillion constitutional violations for
US domestic audiences and you can double that globally.” A
Fisa court in 2010 allowed the NSA to spy on 193 countries around the world, plus the
World Bank, though there’s evidence
that even the nations the US isn’t supposed to monitor – Five Eyes allies
Britain, Canada, Australia and New Zealand – aren’t immune from being spied on. It’s why encryption is today so essential to transmit information
safely. Binney recently told the German
NSA inquiry committee that his former employer had a “totalitarian
mentality” that was the "greatest threat" to US society since that
country’s US Civil War in the 19th century." |
"The security and control of personal data is a big
concern for many these days and literally it’s becoming a global epidemic. Today,
China just announced they don’t trust our beloved iPhone. Further underscoring today’s
untrusting new world order in the “post-Snowden” era, the Russian Industry and
Trade Ministry recently announced that their government would be doing away with “untrusted Intel and AMD processors” over
time, while launching an effort to build their own ARM-based “Baikal” processor
and move to Linux for government systems....It’s
truly a sign of the times as what many have termed “the Snowden Effect”
continues to reverberate throughout the global economy. The Chinese state media noted that
Apple's AAPL +0.19%
iPhone is a “threat to national security” because the device tracks user
location and offers time-based information on their whereabouts at any given time.
Broadcasters noted the sensitivity of the data Apple’s iPhone gathers and that it
could reveal a country’s economic make-up and even “state secrets.”" |
"Germany today asked the CIA's station chief in Berlin to leave the
country in a dramatic rebuke to Washington after its security services uncovered two cases
of alleged American spying in a week. The American intelligence official was told he was
no longer welcome in a public signal of Angela Merkel's fury over US spying on Germany. It
is highly unusual for a European ally to oust a CIA station chief and the move is the most
dramatic response from Germany since it was disclosed last year that the NSA was
monitoring Mrs Merkel's phone. "The
representative of the US intelligence services at the United States embassy has been asked
to leave Germany," a German government spokesman said. "The request occurred
against the backdrop of the ongoing investigation by federal prosecutors as well as the
questions that were posed months ago about the activities of US intelligence agencies in
Germany." The German embassy in Washington said the US spy had been asked to leave
but stronger measures could be taken if he refused to go. The White House declined to
comment publicly on the case, saying: "It is essential that cooperation continue in
all areas and we will continue to be in touch with the German government in appropriate
channels." The move comes one day after Berlin
police searched the home and office of a German military intelligence official alleged to
have been spying for the United States. The man, said to be a foreign country specialist
in the German defence ministry's political department, has not been charged. German
military intelligence was said to have alerted prosecutors after noticing that the suspect
had “met suspiciously often with US contacts”, according to Spiegelonline. A
week before that a German intelligence operative was arrested after allegedly handing over
German secrets to the US in exchange for cash payments. The 31-year-old employee of the
BND, Germany's equivalent of MI6, is accused of selling 218 top secret German intelligence
documents he downloaded on to a USB stick to his US spymasters in exchange for £25,000.
He is also alleged to have gathered intelligence on a German parliamentary probe into the
US surveillance of German leaders that was disclosed by Edward Snowden. The two alleged cases of American espionage in Germany have added a new
chill to the already-strained relationship between Washington and Berlin on intelligence
matters. Last year documents leaked by Edward Snowden, the former NSA contractor, revealed
that the NSA had been monitoring Mrs Merkel's mobile phone." |
"Emergency laws will be brought in next week to force phone and
internet companies to hold records of customers’ calls, texts and visits to websites.
The fast-track measures are necessary to defend national security against the terrorist
threat from Iraq and Syria, David Cameron said. The
consequences of not acting are “grave”, the Prime Minister said. The measures
are a response to a ruling by the European Court of Justice which struck down regulations
that enabled communications companies from retaining data for police use for a year.
Internet and phone companies will soon start deleting it – a move that will have
“serious consequences” for police and counter-terror investigations, Downing
Street said. The emergency laws will also create a “clearer legal framework”, at
the demand of companies, for when police and intelligence agencies want to intercept
terrorist and criminal communications. The need for new laws is “urgent”,
Downing Street said. There is cross-party agreement. .... The European Court ruling struck
down the underpinning requiring companies to hold onto their data for twelve months,
meaning they may stop providing it and may start deleting data which the government
regards as essential for national security.... Nick Clegg, the Deputy Prime Minister who
has consistently argued against greater state surveillance, insisted the emergency laws
“will not be used as an excuse for more powers, or for a ‘snooper’s
charter’.” He took credit for a series of measures presented as protecting civil
liberties in the Bill. “Liberty and security must go hand in hand. We can’t
enjoy our freedom if we’re unable to keep ourselves safe.” .... Tom Watson, the senior Labour MP, said the move was a "stitch
up" that would deny MPs the chance to properly scrutinise the legislation. He said he
will vote against the timetable set for it. "This is a secret deal between party
leaders. There hasn't been a bill published, we find out this morning when Parliament is
on a one-line whip and MPs are in their constituencies that next week they will railroad
through emergency legislation," he told BBC Radio 4's Today. "If you are an MP,
you probably shouldn't bother turning up for work next week because what you think doesn't
really matter. They are ramping up the rhetoric on it but no one in civic society has a
chance to form a view on this or lobby their MP or talk to them about it. "I
understand that Labour's shadow cabinet is seeing it this morning. They've not had a
chance to think about it yet." The Open Rights
Group, which campaigns for liberties online, said the Government should abide by the
European Court of Justice ruling. The government knows that since the CJEU ruling, there
is no legal basis for making internet service providers retain our data so it is using the
threat of terrorism as an excuse for getting this law passed," said director Jim
Killock. 'Not only will the proposed legislation infringe our right to privacy, it will
also set a dangerous precedent where the government simply re-legislates every time it
disagrees with a decision by the European Court of Justice.'" |
"The National Security Agency and FBI have covertly monitored the
emails of prominent Muslim-Americans—including a political candidate and several
civil rights activists, academics, and lawyers—under secretive procedures intended to
target terrorists and foreign spies. According to
documents provided by NSA whistleblower Edward Snowden, the list of Americans monitored by
their own government includes: • Faisal Gill, a longtime Republican Party operative
and one-time candidate for public office who held a top-secret security clearance and
served in the Department of Homeland Security under President George W. Bush; • Asim
Ghafoor, a prominent attorney who has represented clients in terrorism-related cases;
• Hooshang Amirahmadi, an Iranian-American professor of international relations
at Rutgers University; • Agha Saeed, a former political science professor at
California State University who champions Muslim civil liberties and Palestinian rights;
• Nihad Awad, the executive director of the Council on American-Islamic Relations
(CAIR), the largest Muslim civil rights organization in the country. - The individuals
appear on an NSA spreadsheet in the Snowden archives called “FISA
recap”—short for the Foreign Intelligence Surveillance Act. Under that law, the
Justice Department must convince a judge with the top-secret Foreign Intelligence
Surveillance Court that there is probable cause to believe that American targets are not
only agents of an international terrorist organization or other foreign power, but also
“are or may be” engaged in or abetting espionage, sabotage, or terrorism. The
authorizations must be renewed by the court, usually every 90 days for U.S. citizens. The
spreadsheet shows 7,485 email addresses listed as monitored between 2002 and 2008. Many of
the email addresses on the list appear to belong to foreigners whom the government
believes are linked to Al Qaeda, Hamas, and Hezbollah. Among the Americans on the list are
individuals long accused of terrorist activity, including Anwar al-Awlaki and Samir Khan,
who were killed in a 2011 drone strike in Yemen. But a three-month investigation by
The Intercept—including interviews with more than a dozen current and former federal
law enforcement officials involved in the FISA process—reveals that in practice, the
system for authorizing NSA surveillance affords the government wide latitude in spying on
U.S. citizens. The five Americans whose email accounts were monitored by the NSA and FBI
have all led highly public, outwardly exemplary lives. All five vehemently deny any
involvement in terrorism or espionage, and none advocates violent jihad or is known to
have been implicated in any crime, despite years of intense scrutiny by the government and
the press. Some have even climbed the ranks of the U.S. national security and foreign
policy establishments. “I just don’t know why,” says Gill, whose AOL and
Yahoo! email accounts were monitored while he was a Republican candidate for the Virginia
House of Delegates. “I’ve done everything in my life to be patriotic. I served
in the Navy, served in the government, was active in my community—I’ve done
everything that a good citizen, in my opinion, should do.”... The vast majority of
individuals on the “FISA recap” spreadsheet are not named. Instead, only their
email addresses are listed, making it impossible in most cases to ascertain their
identities. Under the heading “Nationality,” the list designates 202 email
addresses as belonging to “U.S. persons,” 1,782 as belonging to “non-U.S.
persons,” and 5,501 as “unknown” or simply blank. The Intercept
identified the five Americans placed under surveillance from their email addresses. It is
unclear whether the government obtained any legal permission to monitor the Americans on
the list. The FBI and the Justice Department declined to comment for this story. During
the course of multiple conversations with The Intercept, the NSA and the Office of the
Director of National Intelligence urged against publication of any surveillance targets.
“Except in exceptional circumstances,” they argued, surveillance directly
targeting Americans is conducted only with court-approved warrants. Last week, anonymous
officials told another news outlet that the government did not have a FISA warrant against
at least one of the individuals named here during the timeframe covered by the
spreadsheet. The FISA process was enacted in 1978 in response to disclosures that J. Edgar
Hoover and a long line of presidents from both parties had used U.S. intelligence agencies
to spy on dissidents and political enemies. Intended to allow authorities to covertly
investigate suspected spies or terrorists on U.S. soil, the surveillance is often used
simply to gather intelligence, not to build a criminal case. The law was revised in
2008—in part to place limits on the controversial program of warrantless wiretaps
initiated by George W. Bush after 9/11, and in part to legalize the program’s
warrantless eavesdropping on Americans when they speak with foreign surveillance
targets....Thanks to Snowden’s disclosures, those seeking to obtain such a ruling now
have specific cases of surveillance against American citizens to examine. So do those
charged with reforming the FISA process. Richard Clarke, a former counterterrorism
official in the Clinton and Bush administrations, served on the recent White House
intelligence review panel convened to address concerns raised by the Snowden revelations.
If he had seen the NSA spreadsheet, Clarke says, he would have asked more questions about
the process, and reviewed individual FISA warrants. “Knowing that, I would
specifically ask the Justice Department: How many American citizens are there active FISAs
on now?” he says. “And without naming names, tell me what categories they fall
into—how many are counterterrorism, counterintelligence, espionage cases? We’d
want to go through [some applications], and frankly, we didn’t. It’s not
something that five part-time guys can do—rummage through thousands of FISA
warrants.” The “FISA recap” spreadsheet offers a revealing if incomplete
glimpse into the murky world of government surveillance. Each email address is accompanied
by a date that appears to denote the beginning of surveillance, and another that indicates
when it was set to expire. A column called “Collection Status” indicates whether
the surveillance was “terminated,” “sustained,” or “pending”
as of a particular date. In some cases, the spreadsheet also names the federal agency that
requested the surveillance, and a terrorist group, target, or foreign power affiliated
with the email address. In addition, each address has a corresponding “Case
Notation” code beginning with the prefix “XX.SQF”—a designation that, according to
other documents in the Snowden archive, is assigned to all “FISA accounts”
as a unique identifier..... The five Americans whose
email accounts were placed on the list come from different backgrounds, and hold different
religious and political views. None was designated on the list as connected to a foreign
power. Some have come under sharp public scrutiny for their activities on behalf of
Muslim-Americans, and several have been investigated by the government. But despite being
subjected to what appears to be long periods of government surveillance, none has been
charged with a crime, let alone convincingly linked to terrorism or espionage on behalf of
a foreign power. Taken together, their personal stories raise disturbing questions about
who the government chooses to monitor, and why." |
"Researchers have found a way to reveal Wi-Fi passwords by hacking
mobile phone controlled LED “smart” lights. White-hat hackers with the UK-based
security firm Context released
their findings this week after successfully obtaining Wi-Fi credentials from 30 meters
away. “Armed with knowledge of the encryption algorithm, key, initialization vector
and an understanding of the mesh network protocol we could then inject packets into the
mesh network, capture the WiFi details and decrypt the credentials, all without any prior
authentication or alerting of our presence,” Context said. The discovery highlights
the inherent danger in having countless home appliances connected to the Internet as
experts predict as many as 50 such devices in the average home by 2022 . Other lights such as the Phillips Hue were successfully hacked last year as well....The
discovery highlights the inherent danger in having countless home appliances connected to
the Internet – as experts predict as many as 50 such devices in the average home by
2022 . Other lights such as the Phillips
Hue were successfully hacked last year as well. “Weaknesses in a popular brand of
light system controlled by computers and smartphones can be exploited by attackers to
cause blackouts that are remedied only by removing the wireless device that receives the
commands…” noted Ars Technica. While LIFX has reportedly fixed their vulnerability, Phillips
disagreed that theirs was an issue.... Former CIA
chief David Petraeus praised the flood of Internet-connected devices in 2012 at a summit
for the CIA’s venture capital firm In-Q-Tel, noting the increased ability to spy on
Americans. “Items of interest will be located, identified, monitored, and remotely
controlled through technologies such as radio-frequency identification, sensor networks,
tiny embedded servers, and energy harvesters all connected to the next-generation internet
using abundant, low-cost, and high-power computing,” Petraeus said." |
"Chancellor Angela Merkel’s government is planning
surveillance of British and American intelligence gathering in Germany for the first
time since 1945 in response to an embarrassing US-German “double agent” scandal
which has damaged relations between Berlin and Washington. The unprecedented change
to Berlin’s counter-espionage policy was announced by Mrs Merkel’s Interior
Minister, Thomas de Maiziere. He told the mass-circulation Bild newspaper that Berlin
wanted “360 degree surveillance” of all intelligence gathering operations in
Germany. His announcement came as several MPs in Mrs Merkel’s government demanded the
expulsion of the American agents in Germany who last week were found to have used the
services of a German “double agent” to obtain secret German intelligence
information in return for cash payments. ... The
intelligence services of the United States, Britain and France had hitherto been regarded
as “friendly” to Germany. Their diplomatic and information gathering activities
were exempted from surveillance by Berlin’s equivalent of MI5 – the
Bundesnachrichtendienst or BND.... But Mr de Maiziere told Bild that he was now not ruling
out permanent German counter espionage surveillance of US, British and French intelligence
operations His remarks were echoed by Stephan Mayer, a domestic security spokesman for Mrs
Merkel’s ruling Christian Democrats: “We must focus more strongly on our
so-called allies,” he said. The plans for “friendly” power surveillance
follow last week’s unmasking and arrest of a 31- year-old BND agent who sold top
secret German intelligence documents to US officials in return for payments of £25,000.
The double agent is reported to have simply emailed Berlin’s American embassy and
asked whether officials were interested in “cooperation”. He subsequently
downloaded at least 300 secret documents on to USB sticks which he handed to his American
spymasters at secret location in Austria. Chancellor
Merkel interrupted a current trade visit to China on Monday to describe the scandal as a
“very serious development”. She added: “It is a clear contradiction of the
notion of trustworthy cooperation”. German politicians have been shocked that the
Americans not only failed to report the “double agent” but effectively recruited
him." |
"The Central Intelligence Agency was involved in a spying operation
against Germany that led to the alleged recruitment of a German intelligence official and
has prompted renewed outrage in Berlin, two U.S. officials familiar with the matter said
on Monday. CIA Director John Brennan has asked to brief key members of the U.S. Congress
on the matter, which threatens a new rupture between Washington and a close European ally,
one of the officials said. It was unclear if and when Brennan's briefing to U.S. lawmakers
would take place. The CIA declined any comment on
the matter. The office of Germany's Federal Prosecutor, based in the western city of
Karlsruhe, late last week issued a statement saying that a 31-year old man had been
arrested on suspicion of being a foreign spy, and that investigations were continuing. The
statement offered no further details. German politicians have said that the suspect, an
employee of the country's foreign intelligence service, admitted passing to an American
contact details concerning a German parliamentary committee's investigation of alleged
U.S. eavesdropping disclosed by Edward Snowden, a former contractor for the U.S. National
Security Agency. The U.S. officials who confirmed the CIA's role spoke on condition of
anonymity, and offered no further details." |
"Glenn Greenwald, one of the journalists who has worked closely
with exiled whistleblower Edward Snowden to reveal the National Security Agency’s
mass surveillance programs, says there may be a second leaker providing the NSA’s
secrets to the press. Two German media reports co-authored by former WikiLeaks volunteer
and current Tor Project employee Jacob Appelbaum are the cause of his suspicion. The first
report was published in December by Der Spiegel and describes a
50-page catalog of NSA surveillance tools. The second came last week from the German
broadcasters Norddeutscher Rundfunk (NDR) and Westdeutscher
Rundfunk (WDR), detailing NSA
surveillance of people who use Tor and other online privacy services. Both articles
“notably fail to mention anything about the sourcing for the documents,”
Greenwald tells U.S. News. “That's particularly
notable given that virtually every other article using Snowden documents – including
Der Spiegel – specifically identified him as the source.”... Greenwald, who says
he maintains regular contact with Snowden, is hopeful his suspicion of a second leaker is
correct. "I've long thought one of the most significant and enduring consequences of
Snowden's successful whistleblowing will be that he will inspire other leakers to come
forward," he says." |
"Ordinary Internet users, American and non-American alike, far
outnumber legally targeted foreigners in the communications intercepted by the National
Security Agency from U.S. digital networks, according to a four-month investigation by
The Washington Post. Nine of 10 account holders found in a large cache of intercepted
conversations, which former NSA contractor Edward Snowden provided in full to The Post, were not
the intended surveillance targets but were caught in a net the agency had cast for
somebody else. Many of them were Americans. Nearly half of the surveillance files, a
strikingly high proportion, contained names, e-mail addresses or other details that the
NSA marked as belonging to U.S. citizens or residents. NSA analysts masked, or
“minimized,” more than 65,000 such references to protect Americans’
privacy, but The Post found nearly 900 additional e-mail addresses, unmasked in the files,
that could be strongly linked to U.S. citizens or U.S.residents. The surveillance files highlight a policy dilemma that has been aired
only abstractly in public. There are discoveries of considerable intelligence value in the
intercepted messages — and collateral harm to privacy on a scale that the Obama
administration has not been willing to address. Among the most valuable contents —
which The Post will not describe in detail, to avoid interfering with ongoing operations
— are fresh revelations about a secret overseas nuclear project, double-dealing by an
ostensible ally, a military calamity that befell an unfriendly power, and the identities
of aggressive intruders into U.S. computer networks. Months of tracking communications
across more than 50 alias accounts, the files show, led directly to the 2011 capture in
Abbottabad of Muhammad Tahir Shahzad, a Pakistan-based bomb builder, and Umar Patek, a
suspect in a 2002 terrorist bombing on the Indonesian island of Bali.... Many other files, described as useless by the analysts but
nonetheless retained, have a startlingly intimate, even voyeuristic quality. They tell
stories of love and heartbreak, illicit s**ual liaisons, mental-health crises, political
and religious conversions, financial anxieties and disappointed hopes. The daily lives of
more than 10,000 account holders who were not targeted are catalogued and recorded
nevertheless.... The cache Snowden provided came
from domestic NSA operations under the broad authority granted by Congress in 2008 with
amendments to the Foreign Intelligence Surveillance Act. FISA content is generally stored
in closely controlled data repositories, and for more than a year, senior government
officials have depicted it as beyond Snowden’s reach. The Post reviewed roughly
160,000 intercepted e-mail and instant-message conversations, some of them hundreds of
pages long, and 7,900 documents taken from more than 11,000 online accounts. .... Taken
together, the files offer an unprecedented vantage point on the changes wrought by Section 702 of the FISA amendments, which enabled the
NSA to make freer use of methods that for 30 years had required probable cause and a
warrant from a judge. One program, code-named PRISM, extracts content stored in user accounts at
Yahoo, Microsoft, Facebook, Google and five other leading Internet companies. Another,
known inside the NSA as Upstream, intercepts data on the move as it crosses the U.S.
junctions of global voice and data networks. No government oversight body, including the
Justice Department, the Foreign Intelligence Surveillance Court, intelligence committees
in Congress or the president’s Privacy and Civil Liberties Oversight Board, has
delved into a comparably large sample of what the NSA actually collects — not only
from its targets but also from people who may cross a target’s path. Among the latter
are medical records sent from one family member to another, résumés from job hunters and
academic transcripts of schoolchildren. In one photo, a young girl in religious dress
beams at a camera outside a mosque. Scores of
pictures show infants and toddlers in bathtubs, on swings, sprawled on their backs and
kissed by their mothers. In some photos, men show off their physiques. In others, women
model lingerie, leaning suggestively into a webcam or striking risque poses in shorts and
bikini tops. ... By
law, the NSA may “target” only foreign nationals located overseas unless it
obtains a warrant based on probable cause from a special surveillance court. For
collection under PRISM and Upstream rules, analysts must state a reasonable belief that
the target has information of value about a foreign government, a terrorist organization
or the spread of nonconventional weapons. Most of
the people caught up in those programs are not the targets and would not lawfully qualify
as such. “Incidental collection” of third-party communications is inevitable in
many forms of surveillance, but in other contexts the U.S. government works harder to
limit and discard irrelevant data. In criminal wiretaps, for example, the FBI is supposed
to stop listening to a call if a suspect’s wife or child is using the phone.... If
Snowden’s sample is representative, the population under scrutiny in the PRISM and
Upstream programs is far larger than the government has suggested. In a June 26
“transparency report,” the Office of the Director of National Intelligence
disclosed that 89,138 people were targets of last year’s
collection under FISA Section 702. At the 9-to-1 ratio of incidental collection in
Snowden’s sample, the office’s figure would correspond to nearly 900,000
accounts, targeted or not, under surveillance.... In
Snowden’s view, the PRISM and Upstream programs have “crossed the line of
proportionality.” “Even if one could conceivably justify the initial,
inadvertent interception of baby pictures and love letters of innocent bystanders,”
he added, “their continued storage in government databases is both troubling and
dangerous. Who knows how that information will be used in the
future?” For close
to a year, NSA and other government officials have appeared to deny, in congressional
testimony and public statements, that Snowden had any access to the material." |
"German authorities are
pursuing an espionage probe against a man identified by media as a German intelligence
officer who may have passed secrets to the U.S. Federal prosecutors said yesterday that a 31-year-old
German was arrested on July 2 on suspicion of spying for an unidentified foreign power.
Chancellor Angela
Merkel’s spokesman, Steffen Seibert, called the case “a serious
matter,” declining to elaborate. The Sueddeutsche Zeitung newspaper,
citing government officials it didn’t identify, reported today that the man in
custody is suspected of informing U.S. agents about an inquiry by German lawmakers into
the National Security Agency. The emergence of a
double agent on top of two German probes into NSA surveillance and espionage threatens to
compound a U.S.-German rift after allegations that the NSA spied on citizens and hacked
Merkel’s mobile phone. U.S. Ambassador John
Emerson was called in to the Foreign Ministry in Berlin today to help with “an
investigation” by federal prosecutors....The man, a support technician for Germany’s BND foreign
intelligence agency, met U.S. agents at least three times in Austria between 2012 and
2014 and gave them hundreds of secret documents for which he was paid 25,000 euros
($34,000), Bild newspaper reported, citing
security officials it didn’t identify. The documents were seized on a thumb drive
containing 218 stolen files and a laptop at the suspect’s home, Bild said." |
"In the latest turn in the yearlong tensions with Germany over
American spying, a German man was arrested this week on suspicion of passing secret
documents to a foreign power, believed to be the United States. The American ambassador,
John B. Emerson, was summoned to the Foreign Office here and urged to help with what
German officials called a swift clarification of the case. The arrest came as Washington
and Berlin were trying to put to rest a year of strains over the National Security
Agency’s monitoring of Germans’ electronic data, including Chancellor Angela
Merkel’s cellphone, and just months after the collapse of an
effort by Germany to strike a “no spy” accord with the White House. While
the White House and American intelligence officials refused to comment on the arrest, one
senior American official said that reports in the German news media that the 31-year-old
man under arrest had been working for the United States for at least two years
“threaten to undo all the repair work” the two sides have been trying to
achieve. The details of the latest case were murky.
The news media reports suggested that the man, a midlevel employee of the Federal
Intelligence Service, was originally arrested on suspicion of spying for Russia. The
Kremlin has markedly stepped up recruitment of German informants since the uprisings in
Ukraine and the resulting sanctions aimed at Russia’s economy. But according to the
news reports and the account of the American official, the man told his interrogators he
had been working for the United States for some time. German
news reports said that his work included reporting on the investigations into the
N.S.A.’s activities in Germany, which are the subject of a parliamentary inquiry, but
the American official said he had no knowledge of whether that was the case. He spoke on the condition of anonymity to avoid complicating a
diplomatically fragile intelligence issue. The Central Intelligence Agency and National
Security Agency both declined to comment on the allegations.... If the man had been spying for the United States for two years, as
the German news reports say, his recruitment would have predated the disclosures by Edward
J. Snowden, the N.S.A. contractor, of the long-running tapping of Ms. Merkel’s
cellphone.... The German Parliament is conducting an
inquiry into the N.S.A.’s activities in the country, and it heard its first testimony
on Thursday from two Americans who formerly worked for the agency. That testimony came
hours after a 27-year-old student in Bavaria was identified by name as one of the spy
agency’s surveillance targets, the first German other than Ms. Merkel to be named in
that way. The testimony on Thursday lasted late into the evening, delayed in part by an
extraordinary meeting between the inquiry panel and the control commission that oversees
Germany’s intelligence services. The lawmakers were said to have been informed of the
arrest of the accused spy at that meeting; attendees at such sessions are sworn to
secrecy. Part of the Thursday hearing was conducted
in closed session after one of the American witnesses, William E. Binney, a former N.S.A.
employee, said he would be discussing important secret information." |
"The
investigation discloses the following: * Two servers in Germany - in Berlin and Nuremberg
- are under surveillance by the NSA. * Merely
searching the web for the privacy-enhancing software tools outlined in the XKeyscore rules
causes the NSA to mark and track the IP address of the person doing the search. Not only
are German privacy software users tracked, but the source code shows that privacy software
users worldwide are tracked by the NSA. * Among the
NSA's targets is the Tor network funded primarily by the US government to aid democracy advocates in
authoritarian states. * The XKeyscore rules
reveal that the NSA tracks all connections to a server that hosts part of an anonymous email service at the MIT
Computer Science and Artificial Intelligence Laboratory (CSAIL) in Cambridge,
Massachusetts. It also records details about visits to a popular internet journal for
Linux operating system users called "the Linux Journal - the Original Magazine of the
Linux Community", and calls it an "extremist forum"....Months of investigation by the German public television broadcasters
NDR and WDR, drawing on exclusive access to top secret NSA source code, interviews with
former NSA employees, and the review of secret documents of the German government reveal
that not only is the server in Nuremberg under
observation by the NSA, but so is virtually anyone who has taken an interest in several
well-known privacy software systems.... Normally a
user's online traffic - such as emails, instant messages, searches, or visits to websites
- can be attributed to the IP address assigned to them by their internet service provider.
When a user goes online over the Tor Network, their connections are relayed through a
number of Tor nodes using another layer of encryption between each server such that the
first server cannot see where the last server is located and vice-versa. Tor is used by private individuals who want to conceal their
online activity, human rights activists in oppressive regimes such as China and Iran,
journalists who want to protect their sources, and even by the U.S. Drug Enforcement
Agency in their efforts to infiltrate criminal groups without revealing their
identity. The Tor Project is a non-profit charity based in Massachusetts and is
primarily funded by government agencies. Thus it is ironic that the Tor Network has become
such a high-priority target in the NSA's worldwide surveillance system....The former NSA director General
Keith Alexander stated that all those communicating with encryption will be regarded as
terror suspects and will be monitored and stored as
a method of prevention, as quoted by the Frankfurter Allgemeine Zeitung in August last
year. The top secret source code published here
indicates that the NSA is making a concerted effort to combat any and all anonymous spaces
that remain on the internet. Merely visiting privacy-related
websites is enough for a user's IP address to be logged into an NSA database....The German attorney Thomas Stadler, who specializes in IT law,
commented: "The fact that a German citizen is specifically traced by the NSA, in my
opinion, justifies the reasonable suspicion of the NSA carrying out secret
service activities in Germany. For this reason, the German Federal Public Prosecutor
should look into this matter and initiate preliminary proceedings....There are also rules that target users of numerous other
privacy-focused internet services, including HotSpotShield, FreeNet, Centurian,
FreeProxies.org, MegaProxy, privacy.li and an anonymous email service called MixMinion as
well as its predecessor MixMaster....Sebastian Hahn,
the Tor volunteer who runs Gabelmoo, was stunned to learn that his hobby could interest
the NSA: "This shows that Tor is working well enough that Tor has become a target for
the intelligence services. For me this means that I will definitely go ahead with the
project.” When asked for a reaction to the findings, the Tor Project's Roger
Dingledine stated the following: "We've been thinking of state surveillance for years
because of our work in places where journalists are threatened. Tor's anonymity is based
on distributed trust, so observing traffic at one place in the Tor network, even a
directory authority, isn't enough to break it. Tor has gone mainstream in the past few
years, and its wide diversity of users - from civic-minded
individuals and ordinary consumers to activists, law
enforcement, and companies - is part of its security. Just learning that somebody visited
the Tor or Tails website doesn't tell you whether that person is a journalist source,
someone concerned that her Internet Service Provider will learn about her health
conditions, or just someone irked that cat videos are blocked in her location. Trying to
make a list of Tor's millions of daily users certainly counts as wide scale collection.
Their attack on the bridge address distribution service shows their "collect all the
things" mentality - it's worth emphasizing that we designed bridges for users in
countries like China and Iran, and here we are finding out about attacks by our own
country. Does reading the contents of those mails violate the wiretap act? Now I
understand how the Google engineers felt when they learned about the attacks on their
infrastructure.” NDR and WDR wanted to know from the NSA how it justified attacking a
service funded by the U.S. government, under what legal authority Tor Network users are
monitored, and whether the German government has any knowledge of the targeting of servers
in Germany. Instead of adressing the questions repeatedly posed to them, the NSA provided
the following statement: "In carrying out its mission, NSA collects only what it is
authorized by law to collect for valid foreign intelligence purposes - regardless of the
technical means used by foreign intelligence targets. The communications of people who are
not foreign intelligence targets are of no use to the agency. In January, President Obama
issued U.S. Presidential Policy Directive 28, which affirms that all persons - regardless
of nationality - have legitimate privacy interests in the handling of their personal
information, and that privacy and civil liberties shall be integral considerations in the
planning of U.S. signals intelligence activities. The president's directive also
makes clear that the United States does not collect
signals intelligence for the purpose of suppressing or
burdening criticism or dissent, or for
disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or
religion. XKeyscore is an analytic tool that is used as a part of NSA's lawful foreign
signals intelligence collection system. Such tools have stringent oversight and compliance
mechanisms built in at several levels. The use of XKeyscore allows the agency to help
defend the nation and protect U.S. and allied troops abroad. All of NSA's operations are
conducted in strict accordance with the rule of law, including the President's new
directive." However, the research contradicts the United States' promise to Germany
that German citizens are not surveiled without suspicion. Using Tor in Germany does
not justify targeting someone, the German attorney Thomas Stadler states: "Tor users
do not breach any laws, it is absolutely legitimate to act anonymously on the internet.
There are many good reasons to remain anonymous.' ... Other "Five Eyes" partners
also operate XKeyscore installations. The United Kingdom's Tempora program runs the
largest instance of XKeyscore. Both the software itself and limited access to NSA
databases have been shared with so-called "3rd party" partners including
Germany. The German foreign intelligence agency BND and the domestic intelligence agency
BfV are testing the Software. " |
"Internet service providers from around the
world are lodging formal complaints against the UK government's monitoring service, GCHQ,
alleging it uses malicious software to break into their networks. The claims from seven
organisations based in six countries – Germany,
the Netherlands, South Korea, the UK, the US and Zimbabwe – will add to international
pressure on the government after Edward Snowden's revelations about
mass surveillance of the internet by UK and
US intelligence agencies. The claims are being filed with the investigatory powers
tribunal (IPT), the court in London that assesses complaints about the agencies'
activities and misuse of surveillance by government organisations. Most of its hearings
are held at least partly in secret. The IPT is already considering a number of related
submissions. Later this month it will investigate complaints by human rights groups about
the way social media sites have been targeted by GCHQ. The government has defended the
security services, pointing out that online searches are
often routed overseas and those deemed "external communications" can be
monitored without the need for an individual warrant. Critics say that such a legal
interpretation sidesteps the need for traditional safeguards.
The latest claim is against both GCHQ, located near Cheltenham, and the Foreign Office. It
is based on articles published this year in the German magazine Der Spiegel, which alleged
that GCHQ had carried out an attack codenamed Operation Socialist on the Belgian telecoms
group Belgacom, targeting individual employees with malware (malicious software). One technique
was a "man in the middle" attack, which, according to the documents filed at the IPT, bypasses
encryption software and "operates by interposing the
attacker [GCHQ] between two computers that believe that they are securely communicating
with each other. "In fact, each is communicating with GCHQ, who collect the
communications, as well as relaying them in the hope that the interference will be
undetected." The complaint alleges that the
attacks were a breach of the Computer Misuse Act 1990 and an interference with the privacy
rights of the employees under the European convention on human rights. The organisations
targeted, the submission states, were all "responsible and professional internet
service providers". The claimants are: the Chaos
Computer Club in Germany; Greenhost in the Netherlands; Jinbonet in South Korea; GreenNet in the UK; Riseup Networks and May First/People Link in the US; and Mango
Email Service in Zimbabwe. Their complaint follows
articles about mass surveillance in the Guardian based on material released by Snowden. Among the programs said to have been operating were Turbine, which
automates the injection of data and can infect millions of machines, and Warrior Pride, which enables microphones on iPhones and Android devices to be remotely
activated. The action
has been supported by Privacy International, a UK charity that defends and promotes the
right to privacy across the world. It points out that: "While the claimants were not
directly named in the Snowden documents, the type of surveillance being carried out allows
them to challenge the practices in the IPT because they and their users are at threat of
being targeted." |
"Britain's most secretive court is to hold a rare public hearing to decide
whether there is any legal force behind the long-standing political doctrine that the
country's intelligence agencies cannot bug the phones or spy on the emails of members of
parliament. The Investigatory Powers Tribunal
agreed to the hearing after two Green party parliamentarians – Caroline Lucas, MP for Brighton
Pavilion, and Lady Jones of Moulsecoomb – complained that disclosures by the
whistleblower Edward Snowden made it clear that GCHQ
was capturing their communications in breach of the so-called Wilson Doctrine.
Kate Grange, counsel for GCHQ, MI5 and MI6,
told the IPT on Tuesday that her clients wanted to reserve the right to make submissions
on the issue in "closed" – or secret – session, with the public and
the media excluded. "It may well be that we would want to say something in closed
about the past policy or practice in relation to the Wilson
Doctrine," she said. The convention is named after former prime minister Harold Wilson, who pledged in 1966
that MPs' and peers' phones would not be tapped. In December 1997, then prime minister Tony Blair said the doctrine extended to
electronic communication, including emails. Prime ministers have the power to reverse the
policy. While they must inform MPs of the change, they can choose when to announce it.
Lucas and Jones argue that the Wilson Doctrine must have legal force, and complain that
GCHQ's bulk interception of electronic communications must be unlawful. The president of
the tribunal, Mr Justice Burton, said he wished first to give a judgment on whether or not
the doctrine had legal force. At that point, he said, if it did have legal force "we
will make our usual inquiries" of the agencies to establish whether the
parliamentarians' communications had been intercepted. Burton raised objections to the
agencies' suggestion that the issue may need to be considered partly in closed session, on
the grounds that it would fuel criticisms that the IPT operated in a Kafkaesque fashion,
which he said it did not. But he declined to provide lawyers for Lucas and Jones with a
copy of an order that the tribunal had issued to the agencies after the parliamentarians'
complaint had been lodged. The government's lawyers
say they will neither confirm nor deny the existence of the interception programmes that
were disclosed by Snowden. The hearing was adjourned until October." |
"If it wasn’t for
last minute US government intervention, occurring last night just before the clock hit
midnight, we would know the names American’s being spied on by the National Security
Agency. Last night at midnight journalist Glenn Greenwald was scheduled to release his
biggest story yet, which is a significant claim in its own right as he has published some
benchmark work in revealing the domestic spying capabilities of the US government. Greenwald’s release of the names of US citizens –
including controversial political activists – who the NSA was targeting was halted
for reasons still not fully explained. The announcement came on Greenwald’s Twitter
feed hours before the scheduled release when he said “After 3 months working on our
story, USG (US Government) today suddenly began making new last-minute claims which we
intend to investigate before publishing.” Critics have charged that the NSA has built a mass
surveillance state to rival the Nazis, Soviets or Stasis. The publication of the names of US citizens who might be targeted in the
US for political rather than national security reasons would market a new low benchmark
for the spy agency whose leaders are documented to have lied to the US public and Congress
without any accountability. The halting of Greenwald’s release of information comes
one day after the Washington Post revealed that the NSA was given
approval to spy on US corporations sending e-mail overseas and the government spy agency
was permitted to collect information about governments in 193 countries and foreign
institutions including the World Bank, the International Monetary Fund and the European
Union." |
"A US attempt to force Microsoft
to hand over emails held on servers in Ireland has drawn a strong rebuke from Brussels in
one of the first tests of cross-border privacy raised by cloud computing. The US demand
could contravene international law and should have been handled through the official
channels normally used for law enforcement between regions, according to Viviane
Reding, vice-president of the European Commission. The case comes as US technology is
already caught up in a transatlantic privacy dispute over revelations about widespread US
internet surveillance.... Microsoft’s claim that the US enforcement order amounted to
an illegal attempt to enforce a warrant beyond US borders has won support in Europe, with
Ms Reding weighing in on Microsoft’s side.
“The commission’s concern is that the extraterritorial application of foreign
laws [and orders to companies based thereon] may be in breach of international law,”
she wrote last week in a letter to Sophie in’t Veld, a Dutch member of the European
Parliament. She added that the US “may impede the attainment of the protection of
individuals guaranteed” in the EU. Rather than trying to force Microsoft to surrender
information, she said the US should have relied on the mutual legal assistance treaties
that create a framework for co-operation between law enforcement agencies. Ms
Reding’s rebuke came in the same week that the US supreme court put new limits on the
power of law enforcement agencies to search suspects’ mobile devices. The judges
ruled unanimously that searches could not be carried out without a warrant." |
"Virtually
no foreign government is off-limits for the National Security Agency, which has been
authorized to intercept information “concerning” all but four countries,
according to top-secret documents. The United States has long had broad no-spying
arrangements with those four countries — Britain, Canada, Australia and New Zealand
— in a group known collectively with the United States as
the Five Eyes. But a classified 2010 legal certification and other
documents indicate the NSA has been given a far more elastic authority than previously
known, one that allows it to intercept through U.S. companies not just the communications
of its overseas targets but any communications about its targets as well. The
certification — approved by the Foreign
Intelligence Surveillance Court and included among a set of documents leaked by former
NSA contractor Edward Snowden
— lists 193 countries that would be of valid
interest for U.S. intelligence. The certification also permitted the agency to gather
intelligence about entities including the World Bank, the International Monetary Fund, the
European Union and the International Atomic Energy Agency. The NSA is not necessarily
targeting all the countries or organizations identified in the certification, the affidavits and an
accompanying exhibit; it has only been given authority to do so. Still, the privacy implications are far-reaching, civil liberties
advocates say, because of the wide spectrum of people who might be engaged in
communication about foreign governments and entities and whose communications might be of
interest to the United States." |
"The number of phone numbers searched under the National Security
Agency's phone-data surveillance program increased by 50 percent last year, according to a
report that otherwise provides scant new information on the numbers of Americans and
foreigners subject to U.S. surveillance. The report,
by the Director of National Intelligence, focused on the mechanics of a network of
surveillance programs that sweep up millions of American phone records and gain indirect
access to 75 percent of the nation's telecom infrastructure to facilitate those searches.
The report, the first such effort under new Obama administration guidelines pledging
greater transparency, was as notable for what it left out as what it provided. For
example, the report provides no acknowledgment of the millions of American phone records
collected by the NSA to build its database for searches, nor did it provide the number of
Americans whose communications get swept up in the process of investigating foreign
intelligence targets. The 50 percent increase in phone numbers searched, for example,
represents a relatively small number: 423, up from 288 in 2012. Until Friday, the only
recent statistic officials had provided on the program was the 2012 figure. However, those figures represent the number of terror suspects whose phone
numbers are searched daily against continual, new data dumps of American phone records,
and any connection can be searched two degrees out from the original phone number to create vastly larger groups of
individuals whose records are examined. The
government also for the first time reports the number of known or presumed U.S. persons
who were the subjects of data queries in 2013 was 248. "U.S. person" is a term
of art for American citizens and people who are in the country legally." |
"Activists flew a blimp emblazoned with the words "Illegal
Spying Below" over the National Security Agency's data centre in Utah on Friday in
protest against the US government's mass surveillance programmes. The one-hour flight was
carried out by the environmental group Greenpeace, digital rights activists the Electronic
Frontier Foundation and a conservative political organisation, the Tenth Amendment Centre.
The 41 metre (135ft) blimp, owned by Greenpeace, was
adorned with a sign that read "NSA Illegal Spying Below". In an email to Reuters
the agency declined to comment. But a spokesman did note there was no restricted airspace
over the data centre, housed on the grounds of the Utah National Guard's Camp Williams in
Bluffdale, 23 miles (37km) south of Salt Lake City. The NSA says the facility provides the
government with intelligence and warnings about cyber security threats. It is thought to
be the agency's largest data storage centre. The blimp protest coincided with the launch
of an online campaign that rates members of Congress on actions the activists say either
further or stop data collection efforts by the NSA. Greenpeace said the report cards on
the site standagainstspying.org were created
by analysing NSA reform bills in Congress and weighting proposals on the degree to which
they would end mass data collection. "Our right to privacy is not a partisan issue.
It's a human rights issue," said Michael Boldin, founder of Tenth Amendment Centre,
which advocates for decentralised government. "This coalition gives great hope for
the future because it shows that people across the political spectrum can set aside
differences to work together." |
"Ford and Intel unveiled
a joint research project on Wednesday called Mobile Interior Imaging, or "Project
Mobii," to utilize interior cameras, facial recognition software, and data analytics
to create a more personalized interaction between driver and vehicle. "Mobii is a great example of culture of experimentation. I don't know
what the user interface of the future is going to be. I know that increasingly, I've got
sensors, cameras, technology," said Don Butler, who has been the executive
director of connected vehicles and services for Ford since January. "So [we said]
let's try to mash some stuff together and see what happens," Butler told
ZDNet/TechRepublic. Project Mobii is still in its experimental phase, but researchers are
looking to use it to make the car's user interface experience more seamless and intuitive.
One use for the system: driver authentication. Once a driver enters the vehicle, a
front-facing camera snaps a photo. If the driver is recognized, their personalized data --
such as contacts and music -- syncs to the vehicle. If they are not recognized, a photo is
sent to the primary owner of the vehicle, and the owner can set restrictions or
permissions from a smartphone. Also, if a child gets into a parent's vehicle, it could
allow the parent to adjust music volume, speed limits, and phone access from afar.... In a
separate
announcement the same day, Ford also revealed plans for SYNC 911 Assist, which will be
featured on the 2015 Mustang. The system will offer more direct route to emergency
assistance by connecting a mobile phone and improve the overall safety and connectivity of
the vehicle. Upon entering the vehicle, the driver must give consent that their location
and data can be sent to those services." |
"The chief of Britain's MI6 foreign intelligence service will step
down in November after five years in the job, a government source said on Thursday. John
Sawers, a peer, is believed to have wanted to relinquish his sensitive role as Chief of
the Secret Intelligence Service before a national election next year. He will step down around the same time as the head of Britain's GCHQ
eavesdropping agency leaves his post. Sawers, 58, made headlines in 2013 when he appeared
before a parliamentary committee to complain that documents leaked by former U.S.
intelligence operative Edward Snowden had put secret operations at risk and were being
"lapped up" by al Qaeda. MI6 collects intelligence and mounts covert operations
overseas to defend national security and support British interests. A quirky tradition
means that its chief writes in green ink and is known internally as "C". Sawers served as Britain's permanent representative to the United
Nations until his appointment as MI6 chief in 2009. He had previously worked as a foreign
policy adviser to former prime minister Tony Blair and in a variety of diplomatic posts.
His successor will be approved by Foreign Secretary William Hague and Prime Minister David
Cameron." |
"The security services came under fire tonight for the
“shockingly high” number of times that individuals’ privacy was breached
because of bureaucratic blunders by officers. The failings were exposed by Sir Mark
Waller, the intelligence services commissioner, who listed a series of mistakes by MI5,
MI6, GCHQ and Government departments. Sir Mark examined 318 warrants authorising covert
surveillance and undercover operations last year, around one in six of those issued in
2013. He uncovered errors in 33, all of which he attributed to human error which had led
to “unacceptable” invasions of privacy. In
a report to David Cameron, he said he was satisfied the mistakes were not deliberate and
the security services were complying with the Regulation of Investigatory Powers Act. But
Rachel Robinson, the policy officer for Liberty, said: “The spooks’ shockingly
high error rate makes a mockery of people’s privacy. “That they have supposedly
complied with the rusting provisions of RIPA, but may well have fallen foul of human
rights protections, is further proof of the need for a total overhaul of our outdated
surveillance laws.” The Liberal Democrat MP Julian Huppert described the findings as
“very alarming”. He said: “It is clear safeguards are not working as they
are supposed to, and on several occasions this allowed the agencies to monitor people
without authorisation.” He added: “Intercepting people’s private
conversations is a very intrusive power, and while it is necessary in some cases, it
should never be happening without authorisation.” Sir Mark examined 19 mistakes made
by MI5, of which 11 occurred because officers did not obtain the correct paperwork, while
six were classified as “procedural errors”. One occurred when wrong information
was inputted into computer systems and one because authorisation for an operation was
cancelled before listening equipment was removed. Sir Mark said: “In most instances I
was satisfied with the answers but still discussed the errors during my inspection and
made clear that any error, but especially those which led to intrusion into privacy, were
not acceptable.” There were 10 mistakes by MI6, all of which resulted in
“intrusions into privacy to some degree”, but none were deliberate.... Six were
described as “procedural errors”, three because the correct paperwork was not
obtained and one where the wrong information was added to a computer system. Three
mistakes were made by the GCHQ listening post in Cheltenham, of which two were
“procedural errors” and one was an inputting mistake. The Home Office made an
error in processing an MI5 warrant by getting the date wrong, while the Ministry of
Defence made two mistakes. Sir Mark urged the agencies to apply a “test of
proportionality” before approving any operation were privacy could be invaded –
and to make clear the justification for the move in the wording of warrants." |
"The US supreme court delivered a landmark endorsement of electronic
privacy on Wednesday, ruling that police must obtain a
warrant to search the contents of cellphones seized from people they have arrested. All nine justices joined the ruling on a case hailed by civil liberties
campaigners as a crucial test of the rights of individuals to be protected against
intrusion into their ever-expanding digital lives. The opinion of the court, delivered by
chief justice John Roberts, recognised that many owners of modern cellphones “keep on
their person a digital record of nearly every aspect of their lives”, which may
disclose a uniquely large volume of personal information if searched. "Modern cell
phones are not just another technological convenience," Roberts wrote. “With all
they contain and all they may reveal, they hold for many Americans the privacies of life.
Reading his ruling from the bench, Roberts went on: “The fact that technology now
allows an individual to carry such information in his hand does not make the information
any less worthy of the protection for which the founders fought. Our answer to the
question of what police must do before searching a cell phone seized incident to an arrest
is accordingly simple – get a warrant.” The
justices considered together two separate cases relating to men whose cellphones were
searched after their arrests in California and Massachusetts. Both men were convicted of
crimes after information recovered from their phones led police to other evidence. The
court sided with arguments put forward in April by lawyers backed by the American Civil
Liberties Union and the Electronic Privacy
Information Center, who said that these warrantless cellphone searches were not permitted
under the fourth amendment of the constitution, which protects Americans from unreasonable
searches." |
"'There is no programme
of mass surveillance and there is no surveillance state," Home Secretary Theresa May
has said. Speaking at the Lord Mayor's Defence and Security Lecture at Mansion House, in
the City of London, Mrs May dismissed recent criticism of the activities of the security
services. Privacy campaigners have accused surveillance agency GCHQ of using
"unlawful hacking" to spy on citizens. But Mrs May said this was
"nonsense". The government has defended its use of surveillance powers since
documents leaked by former Central Intelligence Agency technical worker Edward Snowden
were first published by the Guardian and Washington Post newspapers in 2013. ... Charles Farr, the director
general of the Office for Security and Counter-Terrorism, said last week that GCHQ can legally snoop on British use of Google,
Facebook and web-based email without specific warrants because the firms are based abroad. But Mrs May said: "Some people have alleged that GCHQ is exploiting
a technical loophole in legislation that allows them to intercept external communications
- that is, communications either sent or received outside the UK - at will and without
authorisation. This is... nonsense." She also denied that the security services were
able to ask "their counterparts overseas to undertake activity that would be unlawful
if they conducted it themselves". Surveillance powers were only ever used "when
they are necessary and proportionate", she said. But Mrs
May warned that it would be "cavalier and reckless" to let the public know
details of which terrorist plots had been thwarted by the security services.... Eric King, deputy director of Privacy International, said the
surveillance was the modern equivalent of the government entering someone's house and
reading their diary, correspondence and journals. The freedom GCHQ and the NSA had to
carry out surveillance was equivalent to "covert, complete, real-time physical and
electronic surveillance", he said. "Arbitrary powers such as these are the
purview of dictatorships, not democracies," he said. "Unrestrained, unregulated
government spying of this kind is the antithesis of the rule of law and government must be
held accountable for their actions."" |
"The British government has been accused of breaking the law by
forcing telecoms and internet providers to retain records of phone calls, texts and
internet usage, months after Europe's highest court said that such data retention breaches
citizens' fundamental right to privacy. Now it could face a high court challenge that
would force it to strike down the law, enacted in 2009 by the previous Labour
administration. The Data Retention (EC Direction) Act of 2009 was implemented by the last
Labour government in response to the 2006 EU data retention directive, which required
member states to store citizens' telecoms data for a minimum of six months and a maximum
of 24 months. Britain's implementation requires providers to keep data for 18 months. In
April, the European court of justice declared the directive invalid. In an opinion delivered in January, the court's advocate general, Pedro
Cruz Villalón, said that it constituted a "serious interference with … the
right to privacy and the right to protection of personal data". But despite the fact
that the directive which mandated the creation of the UK act was struck down, the UK
government has not yet moved to invalidate the Act. Answering
a parliamentary question from Liberal Democrat MP Julian Huppert the Home Office
minister James Brokenshire revealed last week that the government had explicitly notified
telecoms providers that "they should continue to observe their obligations as
outlined in any notice", despite the ruling. A Home Office spokesman said the
department was "looking at the issue as a matter of urgency, and deciding what steps
need to be taken to ensure public authorities can continue to access communications data.
"However, we have advised communications service providers that the UK Data Retention
(EC Directive) Regulations 2009 remain in force." The Home Office added that
"the retention of communications data is absolutely fundamental to ensure law
enforcement have the powers they need to investigate crime, protect the public and ensure
national security”." |
"Newly uncovered components of a digital surveillance tool used by more
than 60 governments worldwide provide a rare glimpse at the extensive ways law enforcement
and intelligence agencies use the tool to surreptitiously record and steal data from
mobile phones. The modules, made by the Italian company Hacking Team, were uncovered by
researchers working independently of each other at Kaspersky Lab in Russia and the Citizen
Lab at the University of Toronto’s Munk School of Global Affairs in Canada, who say
the findings provide great insight into the trade craft behind Hacking Team’s tools. The new components target Android, iOS, Windows Mobile, and BlackBerry
users and are part of Hacking Team’s larger suite of tools used for targeting desktop
computers and laptops. But the iOS and Android modules provide cops and spooks with a
robust menu of features to give them complete dominion over targeted phones. They allow,
for example, for covert collection of emails, text messages, call history and address
books, and they can be used to log keystrokes and obtain search history data. They can
take screenshots, record audio from the phones to monitor calls or ambient conversations,
hijack the phone’s camera to snap pictures or piggyback on the phone’s GPS
system to monitor the user’s location. The Android version can also enable the
phone’s Wi-Fi function to siphon data from the phone wirelessly instead of using the
cell network to transmit it. The latter would incur data
charges and raise the phone owner’s suspicion. “Secretly
activating the microphone and taking regular camera shots provides constant surveillance
of the target—which is much more powerful than traditional cloak and dagger
operations,” notes Kaspersky researcher Sergey Golovanov
in a blog
post about the findings. It’s long been known that law enforcement and
intelligence agencies worldwide use Hacking Team’s tools to spy on computer and
mobile phone users—including, in some countries, to spy on political dissidents,
journalists and human rights advocates. This is the
first time, however, that the modules used to spy on mobile phone users have been
uncovered in the wild and reverse-engineered. Kaspersky and Citizen Lab discovered them
after developing new methods to search for code fragments and digital certificates used by
Hacking Team’s tools. The modules work in conjunction with Hacking Team’s core
surveillance tool, known as the Remote Control System, which the company markets under the
names Da Vinci and Galileo. In a sleek marketing video
for Galileo, Hacking Team touts the tool as the perfect solution for obtaining
hard-to-reach data—such as data taken by a suspect across borders or data and
communications that never leave the target’s computer and therefore can’t be
siphoned in transit. “You want to look through your targets’s eyes,” says
the video. “While your target is browsing the web, exchanging documents, receiving
SMS….” Hacking Team’s tools are controlled remotely through
command-and-control servers set up by Hacking Team’s law enforcement and intelligence
agency customers to monitor multiple targets.Kaspersky has tracked more than 350
command-and-control servers created for this purpose in more than 40 countries. While
Kaspersky found only one or two servers in most of these countries, the researchers found
64 in the United States—by far the most. Kazakhstan followed with 49, Ecuador with 35
and the United Kingdom with 32. It’s not known for certain whether law enforcement
agencies in the U.S. use Hacking Team’s tool or if these servers are used by other
governments. But as Kaspersky notes, it makes little sense for governments to maintain
their command servers in foreign countries where they run the risk of losing control over
the servers." |
"European officials have often
acted as though excessive government surveillance was solely an American problem. The
recent release of a legal
statement from a senior British counterterrorism official, Charles Farr, shows that the United States
government is certainly not alone in justifying such practices. The statement
lays out the authority British intelligence agencies claim to have in intercepting
communications carried by Internet sites like Google, Facebook and Twitter, even if those
messages are between people located within the country. It
says the government can legally sift through and read emails, Internet searches and other
activity on those services because they are “external communications” —
provided by foreign companies — for the purposes of British law. (“Internal
communications,” like domestic phone calls and text messages, however, cannot be
intercepted unless the officials first obtain a warrant based on suspicion of illegal
activity.) Mr. Farr’s statement was filed as part of the British government’s
response to a legal
case brought by Privacy International, Amnesty International and other public interest
groups against the government. The groups are trying to stop the bulk collection of
communications data by intelligence agencies. The government neither admits nor denies
that it is conducting mass surveillance on Britons, according to the statement. But it is
hard to believe that officials would concoct this “external communications”
rationale for bulk data collection if they did not intend to amass and sift through the
information. Next month, the Investigatory Powers
Tribunal, a British court, will hold hearings in which Mr. Farr and others are
expected to testify. The court has usually ruled
in favor of the government, and it usually operates
in secret. This time, however, the hearings will be open to the public, providing an
important forum for this issue. Privacy groups are asking the court to shut down mass
surveillance. If the court rules in favor of the government, the groups are prepared to go
to the European Court of Justice, the highest court of the European Union. In April, that
court struck
down a European Union directive that required communications companies to retain data
about their customers for up to two years so governments could have access to the
information. European governments have been more
serious about protecting consumer privacy against Internet companies and advertisers
than the United States has been. But many countries, like Britain, Germany and France,
have given law enforcement and intelligence agencies a free hand to monitor private
communications, according to a recent
report from the Center for Democracy & Technology. Given what has been learned
about government surveillance in the last year, courts in Europe should make sure
government officials meet a high burden of proof before they get access to private
communications." |
"This week German news magazine Der Spiegel published the largest single set of files leaked by whistleblower and
former US National Security Agency contractor Edward Snowden. The roughly 50 documents
show the depth of the German intelligence agencies' collusion with the NSA. They suggest
that the German Intelligence Agency (BND), the country's foreign spy agency, and the
Office for the Protection of the Constitution (BfV), the German domestic spy agency,
worked more closely with the NSA than they have admitted - and more than many observers
thought. The documents as published by Der Spiegel
offer glimpses, but not a comprehensive view of what is essentially a transatlantic spy
alliance. An NSA document from January 2013 shows the spirit of cooperation that existed
between the NSA and first the BND and then the BfV, as well as the German Federal Office
for Information Security (BSI). The documents also show that the BND has been
"eager" for closer ties with the NSA on an analytical and operational level
since 1962. Among its "success stories,"
the documents praise how the German government was able to weaken the public's protection
from surveillance. "The German government has changed its interpretation of the G10
law, which protects German citizens' communications, to allow the BND to be more flexible
with the sharing of protected information with foreign partners." Germany's G10 law
regulates in what circumstances its intelligence agencies are allowed to break Article 10 of the German constitution,
which guarantees the privacy of letters and telecommunications. Malte Spitz, member of the German Green party and spokesman for the
Federal Association of Media and Internet policy, is always concerned when the NSA
celebrates such "successes" in Europe. "The important question is whether
the chancellery helped the agencies to get the permissions that made far-reaching
surveillance possible by offering an alternative interpretation of the G10 law," he
said." |
"Since he obtained and
published Edward Snowden’s leaked National Security Agency documents a little more
than a year ago, journalist Glenn Greenwald said people have told him over and over that
government surveillance does not concern them. “Those people don’t believe what
they’re saying,” he told a sold-out audience last week at the Nourse Theater in
San Francisco. To illustrate this, every time someone would come up to Greenwald and say
they didn’t mind people knowing what they were doing because they had nothing to
hide, he would proceed with the same two steps: first, by giving them his email address
and then by asking them to send him all their email and social media passwords — just
so he could have a look. “I’ve not had one single person send me them,” he
said, as the room swelled with laughter. “And I check my email box constantly!”
The humorous anecdote, Greenwald said, exemplifies how people instinctively understand how
privacy is vital to who we are. Just as much as we need to be social, we need a place
where we can go to learn and think without others passing judgment on us. “Privacy is embedded in what it means to be human and always
has been across time periods and across cultures,” Greenwald said. Greenwald recalled
prominent figures who have tried to distance themselves from this fundamental need. Eric
Schmidt, CEO of Google, said
in an interview in 2009, “If you have something that you don’t want anyone to
know, maybe you shouldn’t be doing it in the first place.” But four years
before, Schmidt blacklisted
CNET after it published
an article on privacy concerns that listed where he lives, his salary, his political
contributions, and his hobbies — all obtained from a 30-minute Google search." |
"The UK government's legal justification for mass surveillance of the internet risks undermining public
confidence in the intelligence services, a former Conservative security minister has
warned. Speaking at a debate in University College London, Lady Neville-Jones, who has
chaired Whitehall's joint intelligence committee, backed calls for the law governing
surveillance, the Regulation of Investigatory Powers Act (Ripa) to be tightened up.
Neville-Jones, who served as security and counter-terrorism minister between 2010 and
2011, is normally a staunch defender of the way the security services operate. Earlier
this week an explanation of the legal basis on which GCHQ, the monitoring agency,
intercepts emails as well as searches on Google, Twitter, Facebook and YouTube, was
published. The government's most senior security official, Charles
Farr, said emails sent overseas
or received from abroad, as well as most online searches,
which use foreign servers, are deemed to be "external communications" and can therefore be monitored
without the need for a specific intercept warrant. Critics accused him of exploiting a
loophole in the law. Addressing a debate on
surveillance organised by the law firm Bindmans, Neville-Jones expressed strong
reservations about Farr's argument. "If it's the case that officials are exploiting
loopholes in the law to get externally generated information that they would not otherwise
be able to get [without a warrant] then that's something I would not endorse," she
said. "That kind of suggestion would undermine confidence in the system if that is
what is happening and we need to tighten it up. "The problem is that Ripa is not an
old act [but] … there's more detail that needs to be put into it and more regulation
of procedure. It probably needs to cover areas that were previously not thought to be
important." A failure to explain sufficiently to the public what is being done in
their name has bred a climate of mistrust, she implied. "I don't think everything is
hunky-dory. It's about time ministers explained the system and didn't leave it to judges
and officials. I think we can improve on the law. Ripa does need at the very least
tightening up, others would say reformulating." Any
distinction between domestic and external affairs is breaking down in a more globalised
world, she added, and should not be the legal basis for how surveillance is conducted. The former security minister denied the UK was a "surveillance
state" but said it was entirely reasonable that citizens should want assurances about
the way it was carried out." |
"Microsoft's top lawyer
says the fallout of the NSA spying scandal is "getting worse," and carries grim
implications for US tech companies. In a speech at
the GigaOm Structure
conference in San Francisco on Thursday, Microsoft general counsel Brad Smith warned
attendees that unless the US political establishment figures out how to rein in its spy
agencies, there could be heavy repercussions for tech companies. "What we've seen
since last June is a double-digit decline in people's trust in American tech companies in
key places like Brussels and Berlin and Brasilia. This has put trust at risk," Smith
said. "The longer we wait or the less we do the
worse the problem becomes," he explained. "We are seeing other governments
consider new procurement rules – procurement rules that could effectively freeze out
US-based companies." |
"So now we know. The government has set out the legal basis for its mass surveillance of communications data.
The director general of the Office for Security and Counter-Terrorism, Charles Farr, has explained – in a
confusing departure from a previous argument – that when communication involves a
foreign-based platform it can be treated not as "internal", needing a warrant to
intercept, but as "external". This comprehensive ruling means that each tweet,
each update on a Facebook page, and most webmail becomes a legitimate target with no need for a warrant, even where it is
between two British citizens. But since every communication
– down to the merest text message – has to be examined to see which category it
falls into, literally nothing is truly private. The
legal basis for all this is the Regulation of
Investigatory Powers Act (Ripa), hurried through parliament in 2000 with only cursory
examination. Like the credit agencies nodding through the poisoned debt packages sold by
traders before the 2008 crash, no one fully grasped its implications at the time, and
since its passage, the technology landscape has been almost entirely redrawn. In 2000
there was no Facebook, no Twitter and
Google had only just moved out of a garage in Menlo Park,
California. This is the act that the law professor Conor Gearty has described as an
"accomplice to secrecy and official impunity". Mr Farr argues that the contents
of the dragnet created by the Tempora and Prism programs are only examined when evidence
gathered from other sources justifies it. But his submission acknowledges that, just as
trawling for tuna risks sometimes catching dolphins, sometimes properly private
communications will be included. And while in theory the law allows those who fear they
have been wrongly put under surveillance to apply for compensation, the Investigatory
Powers Tribunal exists only to ensure the law has been followed by all the public
bodies that operate under its authority. It will never either admit surveillance has been
carried out, which the security services say could drive the subject underground, or deny
it, since that risks allowing the subject to operate with impunity. According to the Commons home affairs committee, the Investigatory Powers Tribunal has upheld 0.68% of complaints it has heard.
None was against the security services. British citizens are not indifferent to privacy.
There was outrage when a council was found to be using its Ripa powers to monitor
residence qualifications for a local school, and widespread disquiet at the information commissioner Richard
Thomas's finding back in 2006 that a surveillance society now existed. Yet the implications of the Edward Snowden revelations, of
Britain and the US sweeping up the minutiae of our online lives, are still
under-appreciated. That needs to change. The government always insists that the security
services are rigorously supervised, their actions scrutinised by judges – who
therefore should also be under greater scrutiny – and then by parliament. Yet the intelligence and security committee was completely unaware
of the extent of cyberspace surveillance. Parliament must find some backbone in the face
of the advance of the security state. Here is a simple prescription. Rather than try to
wrestle with the details of the technology, focus on the one vital principle: the right to
privacy. Internet communications between UK citizens should be as sacrosanct as a letter." |
"Huge volumes of private emails, phone calls, and internet chats are being
intercepted by the National Security Agency with the secret cooperation of more foreign
governments than previously known, according to newly disclosed documents from
whistleblower Edward Snowden. The classified files, revealed today by the Danish newspaper
Dagbladet Information in a reporting
collaboration with The Intercept, shed light on how the NSA’s surveillance of global
communications has expanded under a clandestine program, known as RAMPART-A, that depends on the participation
of a growing network of intelligence agencies. It has already been widely reported that
the NSA works closely with eavesdropping agencies in the United Kingdom, Canada, New
Zealand, and Australia as part of the so-called Five Eyes surveillance alliance. But the
latest Snowden documents show that a number of other countries, described by the NSA as
“third-party partners,” are playing an increasingly important role – by
secretly allowing the NSA to install surveillance equipment on their fiber-optic cables.
The NSA documents state that under RAMPART-A, foreign partners “provide access to
cables and host U.S. equipment.” This allows the agency to covertly tap into
“congestion points around the world” where it says it can intercept the content
of phone calls, faxes, e-mails, internet chats, data from virtual private networks, and
calls made using Voice over IP software like Skype. The
program, which the secret files show cost U.S. taxpayers about $170 million between 2011
and 2013, sweeps up a vast amount of communications at lightning speed. According to the
intelligence community’s classified “Black
Budget” for 2013, RAMPART-A enables the NSA to tap into three terabits of data
every second as the data flows across the compromised cables – the equivalent of
being able to download about 5,400 uncompressed high-definition movies every minute....
the documents point towards some of the countries involved – Denmark and Germany among
them. An NSA memo
prepared for a 2012 meeting between the then-NSA director, Gen. Keith Alexander, and his
Danish counterpart noted that the NSA had a longstanding partnership with the
country’s intelligence service on a special “cable access” program. Another
document, dated from 2013 and
first published by Der Spiegel on Wednesday, describes a German cable access point under a
program that was operated by the NSA, the German intelligence service BND, and an unnamed
third partner. The Danish and German operations
appear to be associated with RAMPART-A because it is the only NSA cable-access initiative
that depends on the cooperation of third-party partners. Other
NSA operations tap cables without the consent or knowledge of the countries that host the
cables, or are operated from within the United States with
the assistance of American telecommunications companies that have international links. One
secret NSA document
notes that most of the RAMPART-A projects are operated by the partners “under the
cover of an overt comsat effort,” suggesting that the
tapping of the fiber-optic cables takes place at Cold War-era eavesdropping stations in the host countries, usually identifiable by their large white
satellite dishes and radomes. A shortlist of other
countries potentially involved in the RAMPART-A operation is contained in the Snowden
archive. A classified presentation dated 2013,
published recently in Intercept editor Glenn Greenwald’s book No Place To Hide, revealed that
the NSA had top-secret spying agreements with 33 third-party countries, including Denmark,
Germany, and 15 other European Union member states...
For any foreign government, allowing the NSA to
secretly tap private communications is politically explosive, hence the extreme secrecy
shrouding the names of those involved. But governments that participate in RAMPART-A get
something in return: access to the NSA’s sophisticated surveillance equipment, so
they too can spy on the mass of data that flows in and out of their territory. The
partnership deals operate on the condition that the host country will not use the
NSA’s spy technology to collect any data on U.S. citizens. The NSA also agrees that
it will not use the access it has been granted to collect data on the host countries’
citizens. One NSA document notes
that “there ARE exceptions” to this rule – though does not state what those exceptions may be. According to Snowden, the agreements that the NSA has in place with its
partners are lax and easily circumvented. In a
statement to the European parliament in March, he used Denmark and Germany as examples
to describe how the NSA had effectively established what he called a “European
bazaar” for surveillance. “An EU member state like Denmark may give the NSA
access to a tapping center on the (unenforceable) condition that NSA doesn’t search
it for Danes, and Germany may give the NSA access to another on the condition that it
doesn’t search for Germans,” Snowden said. “Yet
the two tapping sites may be two points on the same cable, so the NSA simply captures the
communications of the German citizens as they transit Denmark, and the Danish citizens as
they transit Germany, all the while considering it entirely in accordance with their
agreements.” |
"Any social media – Twitter, Facebook posts or YouTube postings –
are legal targets for mass online surveillance, Charles Farr, director general of the Office
for Security and Counter Terrorism at the Home Office, argues. This is hardly surprising.
What Farr's analysis of the legal status of online surveillance also reveals is the
government's belief that documents and direct messages on Twitter and Facebook are also
legal targets, which can be monitored without a warrant, if they are hosted outside the
UK. Thus virtually anything involving Google's
servers, none of which is in the UK, is "external communication". Farr's 48
page, 162 paragraph statement was made in response to the case brought by Privacy
International with Amnesty International against
the UK government before the Regulation of Investigatory Powers Tribunal (which is meant
to oversee how well the government follows Ripa, its own Regulation of Investigatory
Powers Act). It is a detailed document which invokes a lot of dancing around the subject.
For instance, he will neither confirm nor deny the authenticity of the Edward Snowden documents which formed
the basis of the Guardian's story on Tempora, the cable tapping operation that has led to this
case. This creates the conflicting situation of one
part of the government insisting that the documents' carriage poses a serious security
threat, while Farr is insisting that it has "not accepted the provenance" of the
same documents. The document explains how, in the eyes of the government, even our
searches of Google and YouTube are fair game for monitoring. As Farr explains, a Google
search "is a communication between the searcher's computer and Google's web
server" and, as he points out, "its largest centres are in the US, and its
largest European centres are outside the British Islands". Hence, he says, searching
on Google or its video subsidiary YouTube falls under "external communications",
and so doesn't trouble Ripa. Similarly with Facebook private messages, and though it isn't
explicitly mentioned Twitter direct messages, both of which you would normally expect to
be private. If either side isn't in the UK, then it can be tapped via Tempora. The reaction of Google and Facebook to Farr's statement has been brisk. A
Google spokesperson said: "We disclose user data to governments in accordance with
the law, and we review all such requests carefully. Google has not joined any program that
would create a 'back door' for government to access private user data." The
spokesperson also reiterated Google's point that "government does not have access to
Google's servers". Facebook declined to comment, though sources close to the company
suggested that enhanced encryption now being deployed should make it increasingly
difficult for governments, whether in the US, UK or elsewhere, to tap into private
discussions. Farr, however, is unrepentant: "The only practical way in which the
government can ensure that it is able to obtain at least a fraction of the type of
communication in which it is interested is to provide for the interception of a large
volume of communications," he writes. And as he sets out, many of those might be
messages you thought were private." |
"Over the past 12-18 months, there’s been an increased level
of scrutiny applied to the various ways local, state, and federal law enforcement
officials track and monitor the lives of ordinary citizens. One tool that’s come
under increasing fire is the so-called stingray — a fake cell phone tower that law
enforcement officials deploy to track a suspect, often without a warrant or any other
formal approval. A stingray is a false cell phone tower that can force phones in a
geographical area to connect to it. Once these devices connect, the stingray can be used
to either hone in on the target’s location or, with some models, actually eavesdrop
on conversations, text messages, and web browser activity. It’s not clear how much the police cooperate with the cell phone
carriers on this — in at least some cases, the police have gone to carriers with
requests for information, while in others they seem to have taken a brute-force approach,
dumping the data of every single user on a given tower and then sorting it to find the
parties they’re interested in tracking. Stingrays can be used to force the phone to
give up its user details, making it fairly easy for the police to match devices and
account holders." |
"The Eleventh Circuit Court of Appeals said no this week to tracking your
movements using data from your cell phone without a warrant when it declared that this information is
constitutionally protected. The case, United States
v. Davis , is important not only because it provides substantive and procedural
protections against abuse of an increasingly common and highly invasive surveillance
method. It also provides support for something Christopher
Sprigman and I have said before
— that the government’s other “metadata” collection programs are
unconstitutional. The Davis decision, in effect,
suggests that the U.S. government’s collection of all kinds of business records and
transactional data — commonly called “metadata” — for law enforcement
and national security purposes may also be unconstitutional. Your phone sends signals to
the nearest cell towers so that the communications network system knows where to route a
call should one come in. Many providers collect and store the location of towers a
customer connects to at the beginning and end of the call for billing purposes. FBI agents
in Davis obtained these records without a search warrant and used them to place the
defendant, Quartavious Davis, near the scene of a number of robberies." |
"The Electronic Frontier Foundation (EFF) has urged a federal court to
block a U.S. search warrant ordering Microsoft to turn over a customer's emails held in an
overseas server, arguing that the case has dangerous privacy implications for Internet
users everywhere. The case started in December of last year, when a magistrate judge in
New York signed a search warrant seeking records and emails from a Microsoft account in
connection with a criminal investigation. However, Microsoft determined that the emails
the government sought were on a Microsoft server in Dublin,
Ireland. Because a U.S. judge has no authority to issue
warrants to search and seize property or data abroad, Microsoft refused to turn over the
emails and asked the magistrate to quash the warrant. But the magistrate denied
Microsoft's request, ruling there was no foreign search because the data would be reviewed
by law enforcement agents in the U.S. Microsoft appealed the decision. In an amicus brief
in support of Microsoft, EFF argues the magistrate's rationale ignores the fact that
copying the emails is a "seizure" that takes place in Ireland. "The Fourth Amendment protects from unreasonable search and seizure.
You can't ignore the 'seizure' part just because the property is digital and not
physical," said EFF Staff Attorney Hanni Fakhoury. "Ignoring this basic point
has dangerous implications – it could open the door to unfounded law enforcement
access to and collection of data stored around the world." The government has argued
that allowing a U.S. judge to order the collection of data stored abroad is necessary,
because international storage would make it easy for U.S. Internet companies to avoid
complying with search warrants. But Microsoft asserts that the government's legal theory
could hurt U.S. technology companies that are trying to do business internationally.
Additionally, EFF argues in its amicus brief that the government's approach hurts Internet
users globally, as it would allow the U.S. to obtain electronic records stored abroad
without complying with mutual assistance treaty obligations or other nations' own
laws." |
"For the first time, a federal appeals court has ruled that law enforcement must obtain a warrant to get
people’s phone location histories from their cell service companies. “The
court’s opinion is a resounding defense of the Fourth Amendment’s continuing
vitality in the digital age,” said American Civil Liberties Union Staff Attorney
Nathan Freed Wessler, who argued the case before the 11th Circuit Appeals Court as a
friend-of-the-court in April. “This opinion
puts police on notice that when they want to enlist people’s cell phones as tracking
devices, they must get a warrant from a judge based on probable cause. The court soundly
repudiates the government’s argument that by merely using a cell phone, people
somehow surrender their privacy rights.” In the case, the government obtained four
people's cell phone location records from their wireless carrier over a 67-day period for
a robbery investigation. To get the information, the U.S. Attorney’s Office in Miami
got what is known as a “D-order” from a federal magistrate judge, named for the
applicable section of the federal Stored Communications Act. However, the standard for
getting a D-order is that it be “relevant and material” to an investigation,
which is lower than the probable cause standard required by the Fourth Amendment. Although
getting D-orders for location information has been a common law enforcement practice, the
appeals court rejected it. “There is a reasonable privacy interest in being near the
home of a lover, or a dispensary of medication, or a place of worship, or a house of ill
repute,” the three-judge panel wrote in a unanimous opinion. “In short, we hold
that cell site location information is within the subscriber’s reasonable expectation
of privacy. The obtaining of that data without a warrant is a Fourth Amendment
violation.”" |
"The National Security
Agency recently used a novel argument for not holding onto information it collects about
users online activity: it's too complex. The agency is facing a slew of lawsuits over its
surveillance programs, many launched after former NSA contractor Edward Snowden leaked
information on the agency's efforts last year. One suit that pre-dates the Snowden
leaks, Jewel v. NSA, challenges the constitutionality of programs that the suit
allege collect information about American's telephone and Internet activities. In a
hearing Friday, U.S. District for the Northern District of California Judge
Jeffrey S. White reversed an emergency order he
had issued earlier the same week barring the government from destroying data that the
Electronic Frontier Foundation had asked be preserved for that case. The data is collected
under Section 702 of the Amendments Act to the Foreign Intelligence Surveillance Act.
But the NSA argued that holding onto the data would be too burdensome. "A requirement
to preserve all data acquired under section 702 presents significant operational problems,
only one of which is that the NSA may have to shut down all systems and databases that
contain Section 702 information," wrote NSA Deputy Director Richard Ledgett in a
court filing submitted to the court. The complexity of the NSA systems meant
preservation efforts might not work, he argued, but would have "an immediate,
specific, and harmful impact on the national security of the United States." Part of
this complexity, Ledgett said, stems from privacy restrictions placed on the programs by
the Foreign Intelligence Surveillance Court. "Communications acquired pursuant to
Section 702 reside within multiple databases contained on multiple systems and the precise
manner in which NSA stays consistent with its legal obligations under the [FISA Amendments
Act] has resulted from years of detailed interaction" with the Foreign Intelligence
Surveillance Court and the Department of Justice, Ledgett wrote. NSA regularly purges
data "via a combination of technical and human-based processes," he said. The government's explanation raises more concerns, said Cindy
Cohn, EFF's legal director. "To me, it demonstrates that once the government has
custody of this information even they can't keep track of it anymore even for purposes of
what they don't want to destroy," she said in an interview. "With the huge
amounts of data that they're gathering it's not surprising to me that it's difficult to
keep track-- that's why I think it's so dangerous for them to be collecting all this data
en masse," Cohn added." |
"Stephen Fry has denounced the
government's failure to act over the mass surveillance programme revealed by the
whistleblower Edward Snowden, labelling its
behaviour as "squalid and rancid". Opening a day of debate to galvanise action
against spying by the British and US intelligence agencies, Fry said that exploiting the
fear of terrorism is a "duplicitous and deeply wrong means of excusing something as
base as spying on the citizens of your own country". The performer was speaking via a
prerecorded interview at a London summit on Saturday marking the anniversary of the start
of Snowden's revelations,
which were first published in the Guardian and the Washington Post. The day of
action is billed as the biggest privacy event of 2014, with more than 500
people attending the event at Shoreditch Town Hall in east London. In his video message,
Fry, 56, said: "The idea of having your letters read by somebody, your telegrams,
your faxes, your postcards intercepted, was always considered one of the meanest, most
beastly things a human being could do, and for a government to do, without good cause.
Using the fear of terrorism that we all have, the fear of the unknown that we all share,
the fear of enemies that hate us, is a duplicitous and deeply wrong means of excusing
something as base as spying on the citizens of your own country." The broadcaster said GCHQ and NSA
had cooperated to "read and intercept everything we send". "It's enough
that corporations know so much about us and our spending habits, our eating habits, our
sexual preferences, everything else," he said. "But that a government, something
that we elect, something that should be looking out for our best interests, should presume
without asking to take information that we swap, we hope privately, between ourselves is
frankly disgraceful." More than 500 people
attended the event at east London's Shoreditch Town Hall, organised by the Don't Spy on Us Campaign, a coalition
of privacy, free expression and digital rights organisations which is urging the UK
government to end the mass surveillance of the web and mobile phone networks by the
British eavesdropping centre, GCHQ.
Among the speakers was Wikipedia founder Jimmy Wales, who said: "The tide is
beginning to turn as the public comes to understand just how broken the surveillance state
is." Other high-profile speakers included Alan Rusbridger, the Guardian
editor-in-chief, who led the team that masterminded a series of remarkable disclosures
from the files leaked by the National Security Agency whistleblower. Before a packed
audience, Rusbridger recounted the "frenetic" period last summer when the
British government attempted to strong-arm the Guardian into not publishing further
revelations, at one point forcing senior editors to destroy hard-drives holding some of
the encrypted files leaked by Snowden. However, he said that the British government's
heavy-handed reaction backfired. "By forcing the reporting out of the UK to the USA,
the British government lost any handle on this story at all. So, I hope that the British
government will think about that in the future." Rusbridger also lamented the UK's
lack of an enshrined right to free speech, referring to the US constitution's first
amendment and the "quasi-constitutional role" of that nation's press. "We
need to embody some of those rights here, we don't have rights in Britain. We tend to wait
until things go wrong, so there is no really established right to privacy because there is
no constitutional protection of free speech," he told the audience.... Blogger and activist Cory Doctorow said:
"Freedom from surveillance is essential to freedom itself. The freedom to think, to
speak and to have discourse without fear of reprisal or even judgment is at the core of
democracy itself." Emma Carr, acting director of Big Brother Watch, called on the
government to publicly acknowledge that the UK's surveillance laws need to be reviewed.
"Without affirmative action, the government will certainly find that the general public's faith in politicians to properly monitor how the
security agencies are using surveillance powers will
diminish," she said. Gos Hosein, executive
director of Privacy International, added: "Secret
surveillance is anathema to a democratic society, as no real debate can take place without
an informed public."" |
"Government agencies are able to listen to phone conversations live and
even track the location of citizens without warrants using secret cables connected
directly to network equipment, admits Vodafone today. The company said that secret wires
have been connected to its network and those belonging to competitors, giving government
agencies the ability to tap in to phone and broadband traffic. In many countries this is
mandatory for all telecoms companies, it said. Vodafone is today publishing its first Law
Enforcement Disclosure Report which will describe exactly how the governments it deals
with are eavesdropping on citizens. It is calling for an end to the use of 'direct access'
eavesdropping and transparency on the number of warrants issued giving access to private
data. The company said that the 29 countries it operates in have different laws that demand that they restrict or
block certain access to customers, or allow governments to directly access information
about them. Refusal to comply with those laws was 'not an option', it said, as those
countries could then stop them from operating within its borders. .... In the UK it is thought that a "direct access" pipe would
be illegal, as warrants must be issued prior to collecting any data. But various
legislation can grant warrants to intercept data in the interests of national security, to
prevent or detect crime or disorder, in the interests of the "economic
wellbeing" of the UK, to protect public safety or to protect public health. The
Regulation of Investigatory Powers Act 2000, often called a "snoopers' charter",
gives various bodies a mandate to request this data, including the Charity Commission,
local councils, the Postal Services Commission and the Welsh Ambulance Services NHS Trust.
Vodafone's report reveals that the UK government was
granted 2,760 warrants to tap communications content - listeing to actuall call content -
and 514,608 warrants to intercept communications metadata. Some of the countries in which Vodafone operates, such as Egypt, India,
Qatar, Romania, South Africa and Turkey make it illegal to disclose any information about
how interception is carried out, or how often." |
"Even if you power off your cell phone, the U.S. government can
turn it back on.That's what ex-spy Edward Snowden revealed in last
week's interview with NBC's Brian Williams. It sounds like sorcery. Can someone truly
bring your phone back to life without touching it? No. But government spies can get your
phone to play dead. It's a crafty hack. You press the button. The device buzzes. You see
the usual power-off animation. The screen goes black. But it'll secretly stay on --
microphone listening and camera recording. How did
they get into your phone in the first place? Here's an explanation by former members of
the CIA, Navy SEALs and consultants to the U.S. military's cyber warfare team. They've
seen it firsthand. Government spies can set up their own miniature cell network tower.
Your phone automatically connects to it. Now, that tower's radio waves send a command to
your phone's antennae: the baseband chip. That tells
your phone to fake any shutdown and stay on. A smart
hack won't keep your phone running at 100%, though. Spies could keep your phone on standby
and just use the microphone -- or send pings announcing your location. John Pirc, who did
cybersecurity research at the CIA, said these methods -- and others, like physically
bugging devices -- let the U.S. hijack and reawaken terrorists' phones. 'The only way you can tell is if your phone feels warm when it's
turned off. That means the baseband processor is still running,' said Pirc, now chief technology officer of the NSS Labs security research firm. This
isn't easy to accomplish. It's a highly targeted attack. But if you are really concerned
about the government's ability to reawaken your phone, here are some things you could
do....." |
"Edward Snowden joined Google, Reddit, Mozilla and a host of other
tech firms and privacy groups Thursday to call for a strengthening of privacy rights
online. The Reset the Net campaign was launched
June 5, a year after Snowden’s revelations about the scale of the US
government’s surveillance programs were first published in the Guardian and the
Washington Post. 'One year ago, we learned that the internet is under surveillance, and
our activities are being monitored to create permanent records of our private lives –
no matter how innocent or ordinary those lives might be,' Snowden said in
a statement released by his attorney. 'Today, we can begin the work of effectively
shutting down the collection of our online communications, even if the US Congress fails
to do the same." Snowden said adopting encryption was 'the first effective step that
everyone can take to end mass surveillance … don’t ask for your privacy. Take it
back.'... The announcement was one of a series timed
to coincide with Reset the Net. Google announced its support for the campaign earlier this
week and also published the source code for an 'end-to-end'
encryption service for its Chrome browser. The company has asked developers to help it
work on the project, which it hopes will offer a simple way for people to encrypt their
communications and other data online. On Thursday Mozilla, maker of the Firefox browser,
also threw its support behind the campaign. Dave Steer, director of advocacy at the
Mozilla Foundation, said in a blogpost
that despite all the publicity surrounding the Snowden revelations 'the public policy
landscape itself has changed very little and the threats to privacy and security are just
as strong.' The company announced it was setting up a research project, Cyber Security
Delphi, with industry, academic and policy experts to better assess ways of improving
security and privacy online. Tumblr, the blogging site owned by Yahoo, announced it would
be adding secure sockets layer (SSL) encryption by default for the readers of its 189m
blogs. The Guardian chose Reset the Net day to launch
SecureDrop, a platform that allows people to anonymously submit documents and
data." |
"Germany’s senior prosecutor has opened a formal investigation
into the hacking of Angela Merkel’s telephone by America’s National Security
Agency (NSA). The news soured the mood at meetings beginning last night between the German
chancellor and President Obama, who are attending a summit of the G7 industrial nations in
Brussels. The claims of NSA snooping have weighed on
German-US relations for months, with Mrs Merkel’s public seemingly more upset by the
snooping than the chancellor is." |
"Just because you turned off your phone doesn’t mean the NSA
isn’t using it to spy on you. Edward Snowden’s latest revelation about the
NSA’s snooping inspired an extra dose of shock and disbelief when he said the
agency’s hackers can use a mobile phone as a bug even after it’s been turned
off. The whistleblower made that eye-opening claim when Brian Williams of NBC Nightly
News, holding his iPhone aloft during last Wednesday’s interview,
asked, “What can the NSA do with this device if they want to get into my life? Can
anyone turn it on remotely if it’s off? Can they turn on apps? “They can
absolutely turn them on with the power turned off to the device,” Snowden replied. Snowden didn’t offer any details on this seemingly magical feat. But
a group of particularly cunning iPhone hackers say it’s possible."... After
Snowden told Williams his powered-down phone could be used as an eavesdropping tool,
security consultant Robert David Graham immediately responded with a
blog post arguing the trick is impossible. He soon amended the post to concede the NSA
could, in fact, alter a phone ahead of time to enable that ultra-sneaky bugging. Its
methods could range from a web exploit, like the 2011 Jailbreakme
hack that disassembled the iPhone’s security restrictions when users visited a
carefully crafted webpage, to actually intercepting shipped phones before they reach
users. That latter possibility might have sounded apocryphal until journalist Glenn
Greenwald published photos last month showing the NSA
opening boxes of Cisco routers to insert backdoors into the gear. “With physical
access, they could change the chips, the memory, the ROMs, the power system, anything they
want,” Graham says. But paranoid users seeking
temporary privacy from NSA uber-hackers needn’t resort to Snowden’s famous
precaution of putting phones in the fridge. Instead, McDonald suggests users turn off
their iPhones by putting them into device firmware upgrade (DFU) mode, a kind of
“panic” state designed to let the phone reinstall its firmware or recover from
repeated operating system crashes. In DFU mode, says McDonald, all elements of the phone
are entirely shut down except its USB port, which is designed to wait for a signal from
iTunes to install new firmware. “It’s like an innocent little kid in
kindergarten,” says McDonald. “It doesn’t know how to turn on the lights or
the sound, it only knows how to turn on the USB port.” Don’t worry: It’s
easy to get your phone out of that state with no ill effects." |
"US cyber-spies have collected
millions of photos of people's faces from the net for use in facial-recognition
programmes, according to reports. The
New York Times says leaked National Security Agency documents show in 2011 it
intercepted about 55,000 "facial-recognition-quality images" every day. The
leaks suggested the photos had been harvested from emails, text messages, social media and
video chats, it says. The NYT added the images were then cross-referenced with other
databases. These are said to include photographs of airline passengers, and pictures taken
from other countries' national identity-card schemes. The NSA has said that it does not
have access to photos taken for US passports or US driving licences, but declined to
comment about photos submitted by foreigners applying for visas to the country. "We would not be doing our job if we didn't seek ways to
continuously improve the precision of signals intelligence activities - aiming to
counteract the efforts of valid foreign intelligence targets to disguise themselves or
conceal plans to harm the United States and its allies," Vanee Vines, an NSA
spokeswoman said. The allegations are the latest to result from documents released by
Edward Snowden, who gathered the material while working at the NSA's regional centre in
Hawaii. The papers themselves highlight the limitations of relying on face-matching
technology." |
"Nearly a year after Edward Snowden first leaked classified
documents revealing the extent of National Security Agency surveillance programs, more
than half of employed Americans believe he was in the right, according to a survey
commissioned by cloud storage service Tresorit. The survey found that 55 percent of respondents think
Snowden did the right thing in exposing PRISM, the mass data-mining program, while another
29 percent believe he was in the wrong, and 16 percent endorse neither statement. Of Snowden’s supporters, 80 percent said he exposed constitutional
violations. Eighty-two percent of respondents said they still believe corporate
information is being monitored by the U.S. government, and 51 percent said their employer
has taken steps to make sure corporate files are secure. Research firm YouGov carried out
the study by surveying more than a thousand 'employed American adults.'" |
"The National
Security Agency is harvesting huge numbers of images of people from communications
that it intercepts through its global surveillance operations for use in sophisticated
facial recognition programs, according to top-secret documents. The spy agency’s
reliance on facial recognition technology has grown significantly over the last four years
as the agency has turned to new software to exploit the flood of images included in
emails, text messages, social media, videoconferences and other communications, the N.S.A.
documents reveal. Agency officials believe that technological advances could revolutionize
the way that the N.S.A. finds intelligence targets around the world, the documents show.
The agency’s ambitions for this highly sensitive ability and the scale of its effort
have not previously been disclosed. The agency intercepts
'millions of images per day' — including about 55,000 'facial recognition quality
images' — which translate into 'tremendous untapped
potential,' according to 2011 documents obtained from the former agency contractor Edward
J. Snowden. While once focused on written and oral
communications, the N.S.A. now considers facial images, fingerprints and other identifiers
just as important to its mission of tracking suspected terrorists and other intelligence
targets, the documents show..... Because the agency considers images a form of
communications content, the N.S.A. would be required to get court approval for imagery of
Americans collected through its surveillance programs, just as it must to read their
emails or eavesdrop on their phone conversations, according to an N.S.A. spokeswoman.
Cross-border communications in which an American might be emailing or texting an image to
someone targeted by the agency overseas could be excepted. Civil-liberties advocates and
other critics are concerned that the power of the improving technology, used by government
and industry, could erode privacy. 'Facial recognition can be very invasive,' said
Alessandro Acquisti, a researcher on facial recognition technology at Carnegie Mellon
University. 'There are still technical limitations on it, but the computational power
keeps growing, and the databases keep growing, and the algorithms keep improving.' State
and local law enforcement agencies are relying on a wide range of databases of facial
imagery, including driver’s licenses and Facebook, to identify suspects. The F.B.I.
is developing what it calls its 'next generation identification' project to combine its
automated fingerprint identification system with facial imagery and other biometric data. The State Department has what several outside experts say could be
the largest facial imagery database in the federal government, storing hundreds of
millions of photographs of American passport holders and foreign visa applicants. And the
Department of Homeland Security is funding pilot projects at police departments around the
country to match suspects against faces in a crowd.
The N.S.A., though, is unique in its ability to match images with huge troves of private
communications..... Congress has largely ignored the issue. 'Unfortunately, our privacy
laws provide no express protections for facial recognition data,' said Senator Al Franken,
Democrat of Minnesota, in a letter in December to the head of the National
Telecommunications and Information Administration, which is now studying possible
standards for commercial, but not governmental, use.... One
2011 PowerPoint showed how the software matched a bald young man, shown posing with
another man in front of a water park, with another photo where he has a full head of hair,
wears different clothes and is at a different location. It is not clear how many images
the agency has acquired. The N.S.A. does not collect facial imagery through its bulk
metadata collection programs, including that involving Americans’ domestic phone
records, authorized under Section 215 of the Patriot Act,
according to Ms. Vines.... The agency’s use of facial recognition technology goes far
beyond one program previously reported by The Guardian, which disclosed that the N.S.A.
and its British counterpart, General Communications Headquarters, have jointly intercepted
webcam images, including sexually explicit material, from Yahoo users. The N.S.A. achieved a technical breakthrough in 2010 when analysts first
matched images collected separately in two databases — one in a huge N.S.A. database
code-named Pinwale, and another in the government’s main terrorist watch list
database, known as Tide — according to N.S.A. documents. That ability to
cross-reference images has led to an explosion of analytical uses inside the agency. The
agency has created teams of 'identity intelligence' analysts who work to combine the
facial images with other records about individuals to develop comprehensive portraits of
intelligence targets. The agency has developed sophisticated ways to integrate facial
recognition programs with a wide range of other databases. It
intercepts video teleconferences to obtain facial imagery, gathers airline passenger data
and collects photographs from national identity card databases created by foreign
countries, the documents show." |
"The German foreign intelligence agency (BND) reportedly plans to
expand its digital espionage operations, according to several German media outlets. The
German daily Süddeutsche Zeitung, as well as broadcasters NDR and WDR said on Friday that
confidential files from the spy agency indicated plans to access social media sites, such
as Facebook and Twitter, in real time. "This year, the BND intends to improve its
technological methods in order to be able to systematically analyze blogs, online forums
and portals, such as Flickr, Facebook and Twitter…[where] messages, pictures and
further data are exchanged among members," the German daily Süddeutsche Zeitung
wrote on Friday. Filtering data live would allow the
BND to form a "more exact picture of the situation abroad," the Süddeutsche
Zeitung report added. The aim of the digital project was to "better understand
political and social developments abroad by gathering online communication [from those
areas]," according to German broadcaster WDR. The BND refused to comment on the
reports. "We do not comment on questions regarding our operations except to the
Federal Government and the responsible secret parliamentary committees," the foreign
intelligence agency told news agency DPA. The
modernization of operations would require the German parliament to approve a 300 million
euro budget ($409 million) in the coming weeks for the social media espionage project,
dubbed "Real time analysis of streaming data." The operation, which is part of
the Strategic Technology Initiative (SIT) - is to run until at least 2020 and will model
its methods in part on those used by the US National Security Agency (NSA) and the UK's
Government Communications Headquarters (GCHQ). The BND's upcoming plans would also
include the analysis of metadata, a practice made internationally known by the
controversial surveillance activities of the NSA. The case caused public
uproar in Germany. The spy agency has reportedly
warned German lawmakers that a failure to modernize operations will allow it to fall
behind its counterparts, including those in Italy and Spain." |
"The NSA’s new discovery of written contact between me and its
lawyers - after more than a year of denying any such contact existed - raises serious
concerns. It reveals as false the NSA’s claim to Barton Gellman of the Washington
Post in December of last year, that 'after extensive investigation, including interviews
with his former NSA supervisors and co-workers, we have not found any evidence to support
Mr. Snowden’s contention that he brought these matters to anyone’s attention.'
Today’s release is incomplete, and does not include my correspondence with the
Signals Intelligence Directorate’s Office of Compliance, which believed that a
classified executive order could take precedence over an act of Congress, contradicting
what was just published. It also did not include concerns about how indefensible
collection activities - such as breaking into the back-haul communications of major US
internet companies - are sometimes concealed under E.O. 12333 to avoid Congressional
reporting requirements and regulations.... the fact
is that I did raise such concerns both verbally and in writing, and on multiple,
continuing occasions - as I have always said, and as NSA has always denied. Just as when the NSA claimed it followed German laws in Germany
just weeks before it was revealed that they did not, or when NSA said they did not engage
in economic espionage a few short months before it was revealed they actually did so on a
regular and recurring basis, or even when they claimed they had 'no domestic spying
program' before we learned they collected the phone records of every American they could,
so too are today’s claims that 'this is only evidence we have of him reporting
concerns' false." |
"Edward Snowden, the US National Security Agency contractor who
became a fugitive after leaking US intelligence, has said he was right to disclose the
American government's use of surveillance programs to spy on its own people, saying he was
comfortable with what he had done. In an interview with NBC News, he described himself as
a patriot for trying to stop violations of the Constitution. And while he admitted that he was homesick after claiming asylum in
Russia, he said he was confident he had done the right thing. "I may have lost my
ability to travel," Mr Snowden said. "But I've gained the ability to go to sleep
at night and to put my head on the pillow and feel comfortable that I've done the right
thing even when it was the hard thing. And I'm comfortable with that." Speaking from
Moscow, where he is living in exile while facing US felony charges, Mr Snowdon said he was
trained as a spy after enlisting for US Army special operations during the Iraq war, but
became disillusioned. He claimed that his actions were patriotic because he believed he
was defending the constitution from the government. Asked if he considered himself a
patriot, Mr Snowdon said: "I do. Patriot is a word that's thrown around so much that
it can devalued nowadays. But being a patriot doesn't mean prioritising service to
government above all else. "Being a patriot means knowing when to protect your
country, knowing when to protect your Constitution, knowing when to protect your
countrymen from the violations of and encroachments of adversaries. "And those
adversaries don't have to be foreign countries. They can be bad policies. They can be
officials who need a little bit more accountability. "They can be mistakes of
government and simple overreach, and things that should never have been tried, or that
went wrong." .... Mr Snowden made clear he would not return to the United States and
hope for the best. He said he would not simply "walk into a jail cell," and that
if his one-year asylum in Russia, which expires on Aug. 1, "looks like it's going to
run out, then of course I would apply for an extension." In one odd moment in the NBC
interview, Snowden expressed sympathy for working-level NSA employees who have been
castigated as a result of his leaks. "People
have demonised the NSA to a point that's too extreme," he said, adding that the
problem is with senior-level officials who expand their surveillance powers without public
debate." |
"Canadians are 'stupid' and post far too much information online, a former head of the national electronic spying agency says, leaving the
country with a 'long ways to go' in protecting personal information in an Internet era.
John Adams made the comment in a Senate meeting Wednesday as he and other witnesses
discussed a bill that would create an all-party parliamentary committee to oversee the
top-secret efforts of Canada’s intelligence and security agencies – a notion
backed by Mr. Adams, who led Communications Security Establishment Canada (CSEC) from
2005-11.... Interim privacy commissioner Chantal Bernier instead said Canadians are
trusting – adding Mr. Adams’s choice of words were not hers. 'I believe
Canadians are very smart and Canadians appreciate the fact they live in a democracy, a
real democracy where we are lucky to have robust government structures' protecting
privacy, Ms. Bernier said. 'Where there is confusion is in relation, I believe, to the
power of the Internet … we’re at a crossroads at this point where we use the
Internet without having fully understood its powers and its risks.'" |
"...one of the big stories that’s left to be told, which is the
one we’re working on most now, is reporting on who it is specifically that the NSA
has targeted with the most evasive type of surveillance on US soil, and who these people are, and what are the reasons for it, and that is
the story of targeting of dissidents, and activists, and advocates as retaliation for
their political views." |
"China has accused the US of using internet surveillance to spy on
its leaders and key institutions. A report released by a government agency said that China
had been a main target for US spies, who had focused on government officials, businesses
and mobile phone users. It called the behaviour "brazen" and a "gross
violation of human rights". Last week the US
charged five Chinese army officers with cyber-espionage. The report by the China Internet
Media Research Centre looked at claims made by US whistleblower and former National
Security Agency contractor Edward Snowden and said that several government agencies had
confirmed the existence of spying."As a superpower, the United States takes advantage
of its political, economic, military and technological hegemony to unscrupulously monitor
other countries, including its allies," said an extract
of the report published in the Guardian." |
"Glenn
Greenwald, one of the reporters who chronicled the document dump by National Security
Agency leaker Edward
Snowden via the U.K. press, now said he’s set to publish his most dramatic piece
yet: The names of those in the United States targeted by the NSA. 'One of the big questions when is comes to domestic spying is, ‘Who
have been the NSA’s
specific targets?’ Are they political critics and dissidents and activists? Are they
genuinely people we’d regard as terrorists? What are the metrics and calculations
that go into choosing those targets and what is done with the surveillance that is
conducted? Those are the kinds of questions that I want to still answer,' Mr. Greenwald told The
Sunday Times of London." |
"The head of the FBI says he understands why people worry about the
scope of the government's powers, and in fact, he agrees with them. 'I believe people
should be suspicious of government power. I am,' Director James Comey told the Senate
Judiciary Committee on Wednesday morning. 'I think this country was founded by people who
were worried about government power so they divided it among three branches,' he added. ...Comey assumed his top post shortly after the Snowden revelations came
to light last summer. While much of the public's outrage has focused on activities at the
National Security Agency, the FBI has also come under fire for its use of national
security letters and operations to track foreign terrorists operating in the United
States....Legislation is advancing in the House and Senate that would rein in those and
other government data collection programs. The House is scheduled to vote on the bill,
called the USA Freedom Act, on Thursday, but some privacy advocates have worried that it
has been overly watered
down in recent weeks." |
"The US National Security Agency has been recording nearly
every phone call made in Afghanistan, according
to WikiLeaks. The recordings are being made
as part of the same program that was reported earlier this week to be capturing nearly
every call in the Bahamas, as well as phone records from Mexico, Kenya, and the
Philippines. That report, made by The Intercept, declined to disclose the name of a
second country where — like the Bahamas — recordings of nearly all domestic and
international phone calls were being captured as of 2013, saying that it had chosen to
withhold it 'in response to specific, credible concerns that doing so could lead to
increased violence.' WikiLeaks now says that it's learned the second country
is Afghanistan, and it is essentially choosing to disclose it because it
believes the government's claim that disclosure may lead to a rise in violence is a bluff.
WikiLeaks says the government has given similar reasoning in the past, and that it has
seen no such ill effects in the aftermath of a disclosure." |
"The Erie County
sheriff says he's done making public comments about a cellphone surveillance device used
by his police agency to gather information on persons of interest. Sheriff Tim Howard told
WGRZ Thursday that he won't publicly discuss the matter any longer because doing so could
adversely impact investigations. A stingray is a
device that mimics a cell tower and thereby tricks all wireless devices on the same
network into communicating with it. Howard told Erie County legislators last week that the
stingray surveillance device his office has owned since 2008 is used only for tracking a
person's movements, not for gathering content of cellphone communications. The
surveillance equipment can capture data from targeted
cellphones even when they're not in use." |
"A landmark
surveillance bill, likely to pass the US House of Representatives on Thursday, is
hemorrhaging support from the civil libertarians and privacy advocates who were its
champions from the start. Major revisions to the USA
Freedom Act have stripped away privacy protections and transparency requirements while
expanding the potential pool of data the National Security Agency can collect, all in a
bill cast as banning bulk collection of domestic phone records. As the bill nears a vote on the House floor, expected Thursday, there has
been a wave of denunciations. 'It does not deserve the name ‘USA Freedom Act’
any more than the ‘Patriot Act’ merits its moniker,' wrote four former NSA
whistleblowers and their old ally on the House intelligence committee staff.The former NSA
officials – Thomas Drake, William Binney, Edward Loomis and J Kirk Wiebe – and
former congressional staffer Diane Roark denounced 11th-hour changes to the Freedom Act as
resulting in 'a very weak' bill." |
"The head of the FBI says he understands why people worry about the
scope of the government's powers, and in fact, he agrees with them. 'I believe people
should be suspicious of government power. I am,' Director James Comey told the Senate
Judiciary Committee on Wednesday morning. 'I think this country was founded by people who
were worried about government power so they divided it among three branches,' he added. ...Comey assumed his top post shortly after the Snowden revelations came
to light last summer. While much of the public's outrage has focused on activities at the
National Security Agency, the FBI has also come under fire for its use of national
security letters and operations to track foreign terrorists operating in the United
States....Legislation is advancing in the House and Senate that would rein in those and
other government data collection programs. The House is scheduled to vote on the bill,
called the USA Freedom Act, on Thursday, but some privacy advocates have worried that it
has been overly watered
down in recent weeks." |
"A
labor lawyer told me this story. A shopper who had slipped and fallen in a puddle of water
in the frozen food section of a large grocery store became the plaintiff in a lawsuit.
Both parties agreed that the water puddle was traceable to faulty condensation. The
shopper, a middle-aged man, had badly injured his tailbone in the fall and was suing for
damages. During the trial store management tried to blame the shopper, suggesting he was
either under the influence of alcohol, badly hung-over, or, in fact, a degenerate and
untrustworthy alcoholic who had slipped in the puddle 'on purpose,' looking to make a
quick buck. They supported their claim by introducing
a record of previous purchases, showing he had bought a significant amount of liquor. The
plaintiff and his lawyer had no idea they kept a record. This occurred in the mid-1990s,
almost twenty years ago, back when computer snooping was nowhere near as sophisticated as
it is today. When we consider the 'progress' that has been made in the ability to delve
into the private lives of consumers, it’s terrifying. They know where we shop, where
we vacation, what we buy, what we read, what we watch on television, and what we visit on
the Internet. How this applies to 'labor' is
especially disturbing. Before hiring a job applicant, a company now has the ability to
know more about you than was ever dreamed possible. It’s no exaggeration to say that
prospective bosses can know more about you than members of your immediate family know. All
they need do is purchase the information from one of the hundreds of databases available.
Concerned with rising health care costs and unwilling to take a gamble on 'unhealthy'
workers, future employers can learn how much snack food you buy, how much sausage you eat,
how much booze you drink, whether you belong to a gym, and whether or not you’re
lying about being a 'non-smoker.' Concerned with your 'moral character' or sexual
proclivities, they can retrace your steps on the Internet. Concerned with your political
beliefs, they can find out if you subscribe to any left-wing magazines or belong to any
lefty organizations ('Are you now or have you ever been….?'). Access to this
information is for sale. Years ago I began using different initials when joining
organizations or subscribing to magazines, in order to track who was selling their lists
and who wasn’t. It turned out that pretty much everyone was selling access to
everyone else. One of the sterling exceptions was MAD magazine, which had an avowed policy
of never, under any circumstances, selling its subscription list. For instance, using the
middle initial of 'Z' I was disappointed to learn that the ACLU, of all people, had shared
my name and address with other 'progressive' organizations. I guess they figured that,
because I was an ACLU member, I wouldn’t object to hearing from the folks at 'The
Nation' and 'Mother Jones' magazine. As alarming as the NSA’s vast database is
(Greenwald claims they monitor 120 billion e-mails per month!), there are laws that
regulate such surveillance. Granted, even though they get circumvented or ignored, there
are, nonetheless, laws on the books that prohibit overreach, which is why Congress
investigates them, and why stories of NSA excesses make the front page of the newspaper.
But not for the private sector. Not only is 'spying' on consumers and potential employees
entirely legal, it doesn’t bother most people, because they fear the 'government' way
more than they fear private business. As far as I can tell, the feds don’t know how
much sausage I eat or what brand of toilet paper I use. But there’s a grocery store
chain out there that does know." |
"CAMPAIGNERS demanded yesterday that the Met Police face a full
regulatory investigation for its repeated refusal to hand over personal data on activists.
The Network for Police Monitoring (Netpol) complained to Information Commissioner
Christopher Graham that the force was using delaying tactics to delay its legal obligation
to tell people if they’re on its 'secret surveillance database.' The group said the Met failed to respond within the legally required 40
days to 70 per cent of subject access requests it received. Netpol co-ordinator Kevin
Blowe said: 'As well as a breach of data protection legislation, the Met’s systemic
failure to provide vital personal data when asked to do so raises wider public interest
issues, about police accountability and the potential misuse of covert surveillance.' The
group has pushed for legal action against Met commissioner Bernard Hogan-Howe and Home
Secretary Theresa May over the legality of its 'domestic extremism' database, expecting a
judicial review to reach the High Court later this year. Green Party London AM Jenny Jones
is one of the many activists who has been under surveillance by the Met-managed National
Domestic Extremism and Disorder Intelligence Unit. 'I asked for my Met file, paid my £10,
waited several weeks, then got a ‘file’ that consisted of a mishmash of events
I’d spoken at and things I’d tweeted,' she told the Star. Ms Jones — who is
herself taking legal action against the government over alleged tapings of her
communications — said she was incredulous of the little intel the Met had kept on
her. 'They hadn’t even included the time I’d driven a vanload of activists to
help close down a power station,' she said. 'Either they are incompetent, or they
didn’t give me all the information they hold. 'It’s time the Met learnt that in
many areas, secrecy can be the worst policy.'" |
"The California Senate on Monday passed legislation that would
require a judge to issue a warrant before the NSA can collect information from anyone in
the state. Senate Bill 828 was created in response
to repeated federal admissions of widespread warrantless spying on innocent American
citizens, said the bill's author, Ted Lieu, D-Torrance. 'The National Security
Agency’s massive and indiscriminate collecting of phone data on all Americans,
including more than 38 million Californians, is a threat to our liberty and freedom,' he
said after the bill cleared the Senate 29-1. Recent media articles also state the
NSA’s surveillance program on Americans extends to not just phone records, but also
all types of electronic data, including emails, text messages and information stored on
Americans' smart phones, Lieu said." |
"The federal government would need a warrant from a judge if it
wants the cooperation of California officials in searching residents' cellphone and
computer records, under a bill making its way through the state legislature. The bill, which passed the state Senate with just one opposing vote on
Monday, was introduced in the wake of information leaked by former National Security
Agency contractor Edward Snowden showing massive internal surveillance of U.S. citizens by
the NSA.'The Fourth Amendment to the U.S. Constitution is very clear. It says the
government shall not engage in unreasonable search and seizure,' said the bill's author,
Democratic State Senator Ted Lieu, of Torrance. 'The National Security Agency's massive
and indiscriminate collecting of phone data on all Americans, including more than 38 million
Californians, is a threat to our liberty and freedom.' The
California bill is the farthest along of several such measures that have been introduced
in eight states, according to Lieu's spokesman Jeff Gozzo, including Alaska, Arizona and
Oklahoma. It comes as Congress wrestles with a similar bill at the national level. A
federal judge ruled last year that the National Security Agency's practice of gathering
so-called meta-data on U.S. residents was likely unconstitutional, but the ruling is being
appealed by the Obama administration." |
"The National Security Agency is secretly intercepting, recording,
and archiving the audio of virtually every cell phone conversation on the island nation of
the Bahamas. According to documents provided by NSA
whistleblower Edward Snowden, the surveillance is part of a top-secret system
– code-named SOMALGET – that was implemented without the knowledge or
consent of the Bahamian government. Instead, the agency appears to have used access
legally obtained in cooperation with the U.S. Drug Enforcement Administration to open a
backdoor to the country’s cellular telephone network, enabling it to covertly record
and store the 'full-take audio' of every mobile call made to, from and within the Bahamas
– and to replay those calls for up to a month. SOMALGET is part of a broader NSA
program called MYSTIC, which The Intercept has learned is being used to secretly monitor
the telecommunications systems of the Bahamas and several other countries, including
Mexico, the Philippines, and Kenya. But while MYSTIC scrapes mobile networks for so-called
'metadata' – information that reveals the time, source, and destination of calls
– SOMALGET is a cutting-edge tool that enables the NSA to vacuum up and store
the actual content of every conversation in an entire country. All told, the NSA is using
MYSTIC to gather personal data on mobile calls placed in countries with a combined
population of more than 250 million people. And according to classified documents, the
agency is seeking funding to export the sweeping surveillance capability
elsewhere....Informed about the NSA’s spying, neither the Bahamian prime
minister’s office nor the country’s national security minister had any comment.
The embassies of Mexico, Kenya, and the Philippines did not respond to phone messages and
emails." |
"Drivers will within 10 years face inflated insurance premiums
– or even be forced off the road – unless they allow their driving to be
monitored at all times by tracking technology. A
number of major insurers are launching hi-tech products this year that will monitor
driving data such as the number of journeys, time of day the car is used and behaviour
such as speed and braking. Despite concerns about privacy and data protection, speakers at
an insurance industry conference last week said such technology, known as 'telematics',
would become 'opt-out, rather than opt-in' for motorists. .... The technology will soon be fitted in new cars as standard. Under
EU regulations, all new cars will need black box-style technology, known as eCall, from
October 2015, to help emergency services find crashed vehicles. Ofir Eyal of Boston Consulting Group, a management consultancy, said that
by 2020 around 50pc of cars would be equipped with some form of telematics technology that
transmitted information. Sales of insurance based on drivers' behaviour are already
soaring, with a 60pc rise since 2012, according to Biba. Insurers expect telematics usage
to rise from less than 1pc of policies now to 10pc within three years, and to 15pc within
five, according to research by Boston Consulting. Last week, the Institute for Public
Policy Research issued a report calling for motor taxation to be calculated using
telematics, acknowledging that privacy concerns would have to be addressed. .... The prospect has prompted serious concerns about drivers' rights
to privacy. Emma Carr of Big Brother Watch said: 'Forcing drivers to have a telematics
device installed in their car, which is capable of recording and transmitting exactly
where and when they are driving, is totally unacceptable. 'There is a clear risk that once the telematics device is installed drivers
will lose total control over who has access to their data and how they will use it.'
Proponents of the technology argue that it will make insurance cheaper for safer
drivers." |
"[Snowden's actions
have been] discrediting the entire Anglo-American
security and intelligence apparatus...." |
"The NSA has nothing on the ed tech startup known as Knewton. The
data analytics firm has peered into the brains of more than 4 million students across the
country. By monitoring every mouse click, every keystroke, every split-second hesitation
as children work through digital textbooks, Knewton is able to find out not just what
individual kids know, but how they think. It can tell who has trouble focusing on science
before lunch — and who will struggle with fractions next Thursday.... A POLITICO
examination of hundreds of pages of privacy policies, terms of service and district
contracts — as well as interviews with dozens of industry and legal experts —
finds gaping holes in the protection of children’s privacy. The amount of data being
collected is staggering. Ed tech companies of all sizes, from basement startups to global
conglomerates, have jumped into the game. The most adept are scooping up as many as 10
million unique data points on each child, each day. That’s orders of magnitude more
data than Netflix or Facebook or even Google collect on their users. Students are tracked
as they play online games, watch videos, read books, take quizzes and run laps in physical
education. The monitoring continues as they work on assignments from home, with companies
logging children’s locations, homework schedules, Web browsing habits and, of course,
their academic progress....There’s no
conclusive proof any company has exploited either metadata or official student records.
But privacy experts say it’s almost impossible to tell. The marketplace in personal
data is shadowy and its impact on any one individual can be subtle: Who can say for sure
if they’re being bombarded with a certain ad or rebuffed by a particular employer
because their personal profile has been mined and sold? Ed tech insiders will not name bad
actors in their industry. But they will say this: It’s quite possible to exploit
student data — and there can be a great deal of pressure to do so, especially for
startups that are giving away their product for free in hopes of gaining a toe-hold in
classrooms.... For all the concerns about privacy, education reformers are adamant that
the digital revolution must be allowed to flourish. Already, publishers are producing
digital textbooks that can effectively read students’ minds, figuring out when
they’re on the verge of forgetting key concepts and sending them text, video or
quizzes to fix the facts firmly in their memory. Even
more intimate tracking may be possible in the future: The Bill & Melinda Gates
Foundation funded a $1.4 million research project in 2012 to outfit middle-school students
with biometric sensors designed to detect how they responded on an a subconscious level to
each minute of each lesson. The results suggested
the sensors could be useful for teachers, foundation spokeswoman Deborah Robinson said.
'We’re really just at the beginning of truly leveraging the power of data to
transform the process of teaching and learning,' said Aimee Rogstad Guidera, executive
director of the Data Quality
Campaign, which urges states to develop responsible policies for data-driven
education. 'When we take the time to explain to parents why this is good and how it’s
going to help, they’re fine with it,' Guidera said. Not all parents, however, are
convinced." |
"The bipartisan bill that aims to put serious curbs on the National
Security Agency’s mass collection of Americans’ communications is being hailed
by Republicans and Democrats as a big breakthrough. It’s not. 'The bottom line: This
is largely faux reform and a surveillance salve,' said Thomas Drake, a former NSA senior
official turned whistle-blower who’s critical of the agency’s collection
programs. 'To date, neither the House nor Senate
attempts go far enough.' That’s not easy to discern, thanks to an outpouring of raves
for the legislation. Democrats, Republicans and traditionally skeptical watchdog groups
have put their muscle behind the USA Freedom Act.'... there’s serious concern that
Congress has much more to do. Not only are loopholes easy to find but also the government
has other ways of collecting the data. The House bill would bar the NSA from relying on
one part _ Section 215 _ of the Foreign Intelligence Surveillance Act to conduct bulk data
collection. Under the bill, the NSA would no longer be allowed to collect records of data
such as phone numbers or the duration of all Americans’ calls. Phone companies would
retain that data, but only for the same length of time they usually keep the material. The
Justice Department, though, could get such material in an emergency _ an important
political concession, since many lawmakers were concerned that the government
wouldn’t be able to react quickly if needed. The legislation also would do nothing to
restrict NSA analysts’ access to a pool of telephone data called the 'corporate
store,' which advocates say is the repository of millions of Americans’ calling
records. Further, collection under the so-called '215 program' represents only one part of
intelligence agencies’ mission. An unknown but significant portion of the collection
of communications data occurs under Executive Order 12333, which gives intelligence
agencies sweeping surveillance authority outside the United States, experts said. Under
the order, the NSA or other intelligence agency cannot target an American _ even overseas
_ unless the FISA court clears it. 'But when the government just scoops up vast amounts of
data under Executive Order 12333, it can say it’s not targeting Americans, even
though it collects a huge amount of information that may pertain to Americans as well as
foreigners,' said Patrick Toomey, a staff attorney with the American Civil Liberties
Union. 'FISA only addresses one piece of the collection that NSA is actually engaged in,'
Toomey said. 'The bill doesn’t even make an effort to try to undertake the kind of
comprehensive harmonization of surveillance authorities that one would hope at this
point.'" |
"Minnesota enacted the
nation's first law Wednesday requiring smartphones
and tablets sold in the state to have remote shut-off feature as a way to deter theft.The 'kill switch' bill was signed by Gov. Mark Dayton after lawmakers
passed it last week. The measure takes full effect in July 2015, but advocates are hoping
the wireless industry will make technology updates sooner.Democratic Rep. Joe Atkins
describes the law as 'a vaccine' for the epidemic of smartphone theft and robberies tied
to mobile devices. People who report a kill switch-equipped phone lost or stolen can
disable it and wipe the data slate clean by contacting their carrier." |
"A document included in
the trove of National Security Agency files released with Glenn Greenwald’s book No
Place to Hide details how the agency’s Tailored
Access Operations (TAO) unit and other NSA employees intercept servers, routers, and other
network gear being shipped to organizations targeted for surveillance and install covert
implant firmware onto them before they’re delivered. These Trojan horse systems were
described by an NSA manager as being 'some of the most productive operations in TAO
because they pre-position access points into hard target networks around the world.' |
"GCHQ, the government's monitoring agency, acted
illegally by developing spy programs that remotely hijack computers' cameras and
microphones without the user's consent, according to privacy
campaigners. A legal challenge lodged on Tuesday at the investigatory powers tribunal
(IPT) calls for the hacking techniques – alleged to be far
more intrusive than interception of communications – to be outlawed. Mobile phones
were also targeted, leaked documents reveal. The claim has been submitted by Privacy
International following revelations by the whistleblower Edward Snowden about the mass
surveillance operations conducted by GCHQ and its US counterpart, the National Security
Agency (NSA). The 21-page submission details a host of 'malware' – software devised to take
over or damage another person's computer – with such esoteric names as Warrior Pride,
Gumfish, Dreamy Smurf, Foggybottom and Captivatedaudience. Details of the programs have been published by the Guardian and the online magazine The Intercept run by the journalist Glenn Greenwald. They are
said to allow GCHQ to gain access to 'the profile information supplied by a user in
registering a device [such as] … his location, age, gender, marital status, income,
ethnicity, sexual orientation, education, and family'.
More intrusively, Privacy International alleges, the programs enable surveillance of any
stored content, logging of keystrokes and 'the covert
and unauthorised photography or recording of the user and those around him'. It is, the claim maintains, the equivalent of 'entering someone's house,
searching through his filing cabinets, diaries and correspondence, and planting devices to
permit constant surveillance in future, and, if mobile devices are involved, obtaining
historical information including every location he had visited in the past year'. Such
break-ins also leave devices vulnerable to attack by others 'such as credit card
fraudsters, thereby risking the user's personal data more broadly', Privacy International
argues. 'It is the modern equivalent of breaking in to a residence, and leaving the locks
broken or damaged afterwards.'" |
"We kill people based on
metadata." |
"Since the very first Snowden leak a year ago, one of the more common
refrains from defenders of the program is 'but it's just metadata, not actual content, so
what's the big deal?' Beyond the fact that other programs do collect content, we've
pointed out time and time again that the 'just metadata, don't worry' argument only makes
sense if you don't
know what metadata reveals. Anyone with any knowledge of the subject knows that
metadata reveals
a ton of private info. Furthermore, we've even pointed out that the NSA regularly uses
'just metadata' to pick
targets for drone assassinations. As one person called it: 'death by unreliable metadata.' So we know that
the US kills people based on metadata, but given how hard the NSA and its defenders have
sought to play down the collection of metadata, it's somewhat amazing to find out that the
always on-message former director of both the NSA and CIA, Michael Hayden, flat out admitted that 'we kill people based on metadata.' According to David Cole: 'Of course knowing the content of a call can be
crucial to establishing a particular threat. But metadata alone can provide an extremely
detailed picture of a person's most intimate associations and interests, and it's actually
much easier as a technological matter to search huge amounts of metadata than to listen to
millions of phone calls. As NSA General Counsel Stewart Baker has said,
'metadata absolutely tells you everything about somebody's life. If you have enough
metadata, you don't really need content.' When I quoted Baker at a recent debate at Johns Hopkins
University, my opponent, General Michael Hayden, former director of the NSA and the CIA,
called Baker's comment 'absolutely correct,' and raised him one, asserting, 'We kill
people based on metadata.' You can see Hayden make that statement at the 18 minute
mark of this video
-- though he immediately tries to qualify the statement by saying we don't kill people
based on this metadata. Of course, what he leaves out is that the DOJ believes that the
federal government has
the legal authority to kill Americans based on this metadata." |
"A top-secret
Pentagon report to assess the damage to national security from the leak of classified
National Security Agency documents by Edward Snowden concluded that 'the scope of the
compromised knowledge related to US intelligence capabilities is staggering'. The Guardian
has obtained a copy of the Defense Intelligence Agency's classified damage assessment in
response to a Freedom of Information Act (Foia) lawsuit filed against the Defense
Department earlier this year. The heavily redacted
39-page report was prepared in December and is titled 'DoD Information Review Task
Force-2: Initial Assessment, Impacts Resulting from the Compromise of Classified Material
by a Former NSA Contractor.' But while the DIA report describes the damage to US
intelligence capabilities as 'grave', the government still refuses to release any specific
details to support this conclusion. The entire
impact assessment was redacted from the material released to the Guardian under a
presidential order that protects classified information and several other Foia
exemptions." |
"We kill people based on
metadata." |
"Since the very first Snowden leak a year ago, one of the more
common refrains from defenders of the program is 'but it's just metadata, not actual
content, so what's the big deal?' Beyond the fact that other programs do collect content,
we've pointed out time and time again that the 'just metadata, don't worry' argument only
makes sense if you don't
know what metadata reveals. Anyone with any knowledge of the subject knows that
metadata reveals
a ton of private info. Furthermore, we've even pointed out that the NSA regularly uses
'just metadata' to pick
targets for drone assassinations. As one person called it: 'death by unreliable
metadata.' So we know that the US kills people based on metadata, but given how hard the
NSA and its defenders have sought to play down the collection of metadata, it's somewhat
amazing to find out that the always on-message former director of both the NSA and CIA,
Michael Hayden, flat out admitted that 'we kill people based on metadata.' According to David Cole: 'Of course knowing the content of a call can be
crucial to establishing a particular threat. But metadata alone can provide an extremely
detailed picture of a person's most intimate associations and interests, and it's actually
much easier as a technological matter to search huge amounts of metadata than to listen to
millions of phone calls. As NSA General Counsel Stewart Baker has said,
'metadata absolutely tells you everything about somebody's life. If you have enough
metadata, you don't really need content.' When I quoted Baker at a recent debate at Johns Hopkins
University, my opponent, General Michael Hayden, former director of the NSA and the CIA,
called Baker's comment 'absolutely correct,' and raised him one, asserting, 'We kill
people based on metadata.' You can see Hayden make that statement at the 18 minute
mark of this video
-- though he immediately tries to qualify the statement by saying we don't kill people
based on this metadata. Of course, what he leaves out is that the DOJ believes that the
federal government has
the legal authority to kill Americans based on this metadata." |
"For years, the US government loudly warned the world that Chinese
routers and other internet devices pose a 'threat' because
they are built with backdoor surveillance functionality that gives the Chinese government
the ability to spy on anyone using them. Yet what the NSA's
documents show is that Americans have been engaged in precisely the activity that the
US accused the Chinese of doing. The drumbeat of
American accusations against Chinese internet device manufacturers was unrelenting. In
2012, for example, a report from the House Intelligence Committee, headed by Mike Rogers, claimed
that Huawei and ZTE, the top two Chinese telecommunications equipment companies, 'may be
violating United States laws' and have 'not
followed United States legal obligations or international standards of business
behaviour'. The committee recommended that 'the United States should view with suspicion
the continued penetration of the US telecommunications market by Chinese
telecommunications companies'....The constant accusations became such a burden that Ren
Zhengfei, the 69-year-old founder and CEO of Huawei, announced in November 2013 that the
company was abandoning the US market. As Foreign Policy reported, Zhengfei told a French newspaper: ''If Huawei
gets in the middle of US-China relations,' and causes
problems, 'it's not worth it'.' But while American companies were being warned away
from supposedly untrustworthy Chinese routers, foreign organisations would have been well
advised to beware of American-made ones. A June 2010
report from the head of the NSA's Access and Target Development department is shockingly
explicit. The NSA routinely receives – or intercepts – routers, servers and
other computer network devices being exported from the US before they are delivered to the
international customers. The agency then implants backdoor surveillance tools, repackages
the devices with a factory seal and sends them on. The NSA thus gains access to entire
networks and all their users. The document gleefully observes that some ' SIGINT
tradecraft … is very hands-on (literally!)'.
Eventually, the implanted device connects back to the NSA. The report continues: 'In one
recent case, after several months a beacon implanted through supply-chain interdiction
called back to the NSA covert infrastructure. This call back provided us access to further
exploit the device and survey the network.' It is quite possible that Chinese firms are
implanting surveillance mechanisms in their network devices. But the US is certainly doing
the same." |
"Britain should create a new
body to oversee its intelligence agencies to reassure the public after revelations from
ex-U.S. intelligence contractor Edward Snowden, the former head of the British foreign
intelligence service said on Monday. Documents leaked by Snowden exposed the vast scale of
surveillance carried out by Britain's intelligence agencies and their close collaboration
with America's National Security Agency, sparking a public debate about how they operate.
Richard Dearlove, head of Britain's MI6 spy agency between 1999 and 2004, said that meant
the public now needed greater assurances that espionage powers were not being abused.... Dearlove, who headed the Secret Intelligence Service (MI6) during the
September. 11, 2001 attacks in New York, said that while he was confident intelligence
operations had not been illegal, he still felt an independent overseer should be set up to
provide greater scrutiny and public reassurance. Britain's current spy chiefs have
resisted calls for greater scrutiny and transparency, arguing the Snowden leaks put
British operations at risk. A senior security official said last month that terrorists had
changed their methods of communication because of the leaks. In Britain, oversight of the
intelligence services rests with a parliamentary committee and three other judicial and
expert offices. The chairman of the parliamentary committee, Malcolm Rifkind, recently
defended his role and praised the work of Britain's spy agencies, saying they had no
desire to be 'all-seeing' or 'all-hearing'. However, last week lawmakers criticised
the current structure as outdated and lacking credibility. Dearlove said an independent
body 'representative of a multiplicity of views from across society' would improve the
system. 'Credibility is a key issue if it's appointed, but I think if you have a broad
enough cross section of people drawn from different sectors of society it could add
reassurance.'" |
"The Justice Department
is seeking a change in criminal rules that would make it easier for the FBI to obtain
warrants to
hack into suspects’ computers for evidence when the computer’s physical
location is unknown — a problem that officials say is increasing as more and more
crime is conducted online with tools to conceal identity. But the
proposal, which was posted for public comment on a U.S. court Web site Friday, is
raising concerns among privacy advocates who see it as expanding the power of federal
agents to insert malware on computers, which they say could weaken overall Internet
security. ... civil liberties advocates fear that the
proposal, if adopted, would gradually lead to more invasive searches of property. 'The
underlying current behind all of this is they’re basically talking about allowing
police to break into people’s computers,' said Hanni Fakhoury, staff attorney for the
Electronic Frontier Foundation. 'That gives me pause.' At issue is a question more
fundamental than whether a judge has jurisdiction to issue a warrant, said Nathan Freed
Wessler, a staff attorney for the American Civil Liberties Union. 'The overarching concern
is that it’s unclear whether it is ever allowable under the Fourth Amendment to
conduct these kinds of searches, sending out zero-day vulnerabilities over the Internet
and weakening Internet security for everybody,' he said, referring to a type of computer software flaw that can be exploited to
gain access to someone’s computer." |
"Every new car sold in Britain will have to have a ‘black box’
device fitted to track drivers’ movements from next year, under plans being imposed
by the European Union. Despite serious concerns about privacy and cost, UK
ministers admit they are powerless to stop the Big Brother technology being forced on
motorists and car makers. The Government believes the gadget, designed to help
emergency services find crashed vehicles, will add at least £100 to the cost of vehicles
without providing significant safety improvements. Officials also fear the scheme, known
as eCall, could be used by police or insurance companies to monitor motorists’ every
move. The European Commission has ruled that by October next year, all new cars
and vans sold across Europe must be fitted with the technology, which contains a mobile
phone-like SIM card designed to transmit the vehicle’s location to emergency services
in the event of a crash. But The Mail on Sunday has seen official correspondence from the
Department of Transport showing the UK’s opposition to the policy, which could lead to the ‘constant tracking’ of vehicles. In a letter to MPs, Transport Minister Robert Goodwill writes:
‘The basis for our opposition is that costs to the UK outweigh the benefits.
Unfortunately, there is very little support for the UK position and no possibility of
blocking this legislation. We are working with other member states to minimise the
potential burdens on manufacturers and the potential cost to consumers. With regard
to the rules on privacy and data protection, other member states have expressed
similar concerns to us, about the potential for constant
tracking of vehicles via the eCall system.’
Emma Carr, of civil liberties group Big Brother Watch, said last night: ‘Motorists will not be comfortable forcibly having a black
box installed which is capable of recording and transmitting their exact location when
they are driving.’ Some car manufacturers,
including BMW and Volvo, already include eCall devices in their latest models. An SOS
button near the dashboard, linked to a SIM card, allows drivers to call 999 quickly. And
if airbags are deployed it automatically sends a text message to emergency services with
the car’s location – as well as its unique vehicle ID number. Voluntary take-up has been low across the industry so the EU ruled
all new car models must include eCall from October 1, 2015. Motorists will be unable to
switch it off and it will be tested in MoT checks." |
"Edward Snowden's disclosures of the scale of mass surveillance are
'an embarrassing indictment' of the weak nature of the oversight and legal accountability
of Britain's security and intelligence agencies, MPs have concluded. A highly critical report by the Commons home affairs
select committee published on Friday calls for a radical reform of the current system
of oversight of MI5, MI6 and GCHQ, arguing that the current system is so ineffective it is
undermining the credibility of the intelligence agencies and parliament itself. The MPs say the current system was designed in a pre-internet age when a
person's word was accepted without question. 'It is designed to scrutinise the work of
George Smiley, not the 21st-century reality of the security and intelligence services,'
said committee chairman, Keith Vaz. 'The agencies are at the cutting edge of
sophistication and are owed an equally refined system of democratic scrutiny. It is an embarrassing indictment of our system that some in the
media felt compelled to publish leaked information to ensure that matters were heard in
parliament.' The
cross-party report is the first British parliamentary acknowledgement that Snowden's
disclosures of the mass harvesting of personal phone and internet data need to lead to
serious improvements in the oversight and accountability of the security services. The MPs call for radical reform of the system of oversight including the
election of the membership of the intelligence and security committee, including its
chairman, and an end to their exclusive oversight role. Its
chairman should also be a member of the largest opposition party, the MPs say, in direct
criticism of its current head, Sir Malcolm Rifkind, who is a former Conservative foreign
secretary.... Their report says Alan Rusbridger,
editor of the Guardian, responded to criticism of newspapers that decided to publish
Snowden's disclosures, including the head of MI6's claim that it was 'a gift to
terrorists', by saying that the alternative would be that the next Snowden would just
'dump the stuff on the internet'. The MPs say: 'One of the reasons that Edward Snowden has
cited for releasing the documents is that he believes the oversight of security and
intelligence agencies is not effective. It is
important to note that when we asked British civil servants – the national security
adviser and the head of MI5 – to give evidence to us they refused. In contrast, Mr
Rusbridger came before us and provided open and transparent evidence." |
"The US intelligence whistleblower Edward Snowden has warned that
entire populations, rather than just individuals, now live under constant surveillance.
'It's no longer based on the traditional practice of targeted taps based on some
individual suspicion of wrongdoing,' he said. 'It covers phone calls, emails, texts,
search history, what you buy, who your friends are, where you go, who you love.' Snowden
made his comments in a short video that was played before a debate on the proposition that
surveillance today is a euphemism for mass surveillance, in Toronto, Canada. The former US National Security Agency contractor is living in Russia,
having been granted temporary asylum there in June 2013. The video was shown as two of the
debaters – the former US National Security Administration director, General Michael
Hayden, and the well-known civil liberties lawyer and Harvard law professor, Alan
Dershowitz – argued in favour of the debate statement: 'Be it resolved state
surveillance is a legitimate defence of our freedoms.' Opposing the motion were Glenn
Greenwald, the journalist whose work based on Snowden’s leaks won a Pulitzer
Prize for the Guardian last month, and Alexis Ohanian, co-founder of the social media
website Reddit..... Greenwald opened the debate by condemning the NSA’s
own slogan, which he said appears repeatedly throughout its own documents: 'Collect it
all.' 'What is state surveillance?' Greenwald asked. 'If it were about targeting in
a discriminate way against those causing harm, there would be no debate. The actual system
of state surveillance has almost nothing to do with that. What state surveillance actually
is, is defended by the NSA's actual words, that phrase they use over and over again:
'Collect it all.’ ' Dershowitz and Hayden spent the rest of the 90 minutes of the
debate denying that the pervasive surveillance systems described by Snowden and Greenwald
even exist and that surveillance programs are necessary to prevent terrorism. 'Collect it
all doesn't mean collect it all!' Hayden said, drawing laughter. .... Before the debates began, 33% of the audience voted in favour of
the debate statement and 46% voted against. It closed with 59% of the audience siding with
Greenwald and Ohanian." |
"The German government has blocked Edward Snowden from giving personal
evidence in front of a parliamentary inquiry into NSA surveillance, it has emerged hours
before Angela Merkel travels to Washington for a meeting with Barack Obama. In a letter to members of a parliamentary committee obtained by
Süddeutsche Zeitung, government officials say a personal invitation for the US
whistleblower would 'run counter to the political interests of the Federal Republic', and
'put a grave and permanent strain' on US-German relations. Opposition party members in the
committee from the Left and Green party had for weeks insisted that the former NSA
employee was a key witness and therefore would need to appear in person, not least because
of concerns that Russia otherwise could influence his testimony. However, the ruling
Christian Democratic and Social Democratic parties, said that a written questionnaire
would suffice. The disagreement led to the resignation of the CDU head of the committee this month. Last June the German
foreign ministry rejected Snowden's application for asylum because it was not submitted in person on German soil. If
Snowden had been invited as a witness, he could have met these requirements. Given that
only the government could supply Snowden with permits for entering and staying in the
country, as well as legal protection from an extradition query, it now looks highly
unlikely that the whistleblower will be able to travel to Germany
before his asylum in Russia expires at the end of June. Snowden's lawyer Jesselyn Radack
said on Wednesday that she expected his Russian visa to be renewed. Opposition politicians
said they would seek ways to challenge the government's veto. The Green party leader,
Simone Peter, accused the chancellor of cowardice." |
"It turns out opting to not allow apps to know your location
doesn't completely protect you from
the threat of being tracked, according to a new study. For now, there isn't an app
capable of tracking you without your permission. But a new study out of the Department
of Computer and Electrical Engineering from the University of Illinois shows that your
phone can be traced to a precise location even with location services turned off.
According to the research, the culprit is something in your phone known as an
accelerometer. What's an accelerometer? It's a
tiny chip inside your phone that measures whether you're holding your phone
horizontally or vertically, so the phone can alter its screen accordingly. But in
the same way your fingerprints are yours alone, so is your phone's signal, according to
Professor Romit Roy Choudhury and his students of the University of Illinois, who wrote
the study, and Professors Wenyuan Xu and Srihari
Nelakuditi from the University of South Carolina, who contributed. This digital
'fingerprint' then leaves you theoretically vulnerable to being traced by unwanted apps.
It may even leave you vulnerable to a targeted cyber attack. Jonathan
Damery, who covered the study for the University of Illinois website, compared the
accelerometer's fingerprint to cookies cut out with a cookie cutter. 'In some ways,
it’s like cutting out sugar cookies. Even using the same dinosaur-shaped cutter, each
cookie will come out slightly different: a blemish here, a pock there,' he wrote in a post
on
the research findings. 'For smartphone sensors, these imperfections simply occur at
the micro- or nanoscale.' Those imperfections mean your phone's unique signal can be
pinpointed its exact location whenever your phone is in use. Not concerned yet? The
research suggests that it might not just be the accelerometer that's capable of
transmitting these unique signals. Your phone's camera, gyroscope and microphones, among
other parts, could all be vulnerable as well." |
"Britain’s electronic surveillance agency, Government
Communications Headquarters, has long presented its collaboration with the National
Security Agency’s massive electronic spying efforts as proportionate, carefully
monitored, and well within the bounds of privacy laws. But according to a top-secret
document in the archive of material provided to The Intercept by NSA whistleblower Edward
Snowden, GCHQ secretly coveted the NSA’s vast troves of private communications and
sought 'unsupervised access' to its data as recently as last year – essentially
begging to feast at the NSA’s table while insisting that it only nibbles on the
occasional crumb. The
document, dated April 2013, reveals that GCHQ requested broad new authority to tap
into data collected under a law that authorizes a variety of controversial NSA
surveillance initiatives, including the PRISM program. PRISM is a system used by the NSA
and the FBI to obtain the content of personal emails, chats, photos, videos, and other
data processed by nine of the world’s largest internet companies, including Google,
Yahoo!, Microsoft, Apple, Facebook, and Skype. The
arrangement GCHQ proposed would also have provided the British agency with greater access
to millions of international phone calls and emails that the NSA siphons directly from
phone networks and the internet. The Snowden files do not indicate whether NSA granted
GCHQ’s request, but they do show that the NSA was 'supportive' of the idea, and that
GCHQ was permitted extensive access to PRISM during the London Olympics in 2012. The
request for the broad access was communicated at 'leadership' level, according to the
documents. Neither agency would comment on the proposed arrangement or whether it was
approved. Last June, in the wake of the
Guardian‘s PRISM disclosures, British Foreign Secretary William Hague issued a lengthy
statement declaring that 'the arrangements for oversight and the general framework for
exchanging information with the United States are the same as under previous governments.'
Warrants to intercept the communications of any
individual in the United Kingdom, the statement read, must be personally signed by a
cabinet secretary. Likewise, the British
Intelligence and Security Committee reported
in July that, after reviewing 'GCHQ’s access to the content of communications,
the legal framework which governs that access, and the arrangements GCHQ has with its
overseas counterparts for sharing such information,' the spy agency’s collaboration
with the NSA was within the bounds of British law. But the broader access secretly sought
by GCHQ only months earlier appears to have been unprecedented – and would have
placed fewer restrictions on how the NSA’s surveillance data is obtained and handled
by British spies. In response to the revelation,
British member of Parliament Julian Huppert has accused government officials of issuing
statements intended to 'deliberately mislead' about GCHQ’s surveillance programs and
called for an overhaul of the current system of oversight. Eric King, head of research at London-based human rights group Privacy
International, said that the latest disclosure raised 'serious concerns' about whether
GCHQ has pushed for the ability to sift through data collected by the NSA in a bid to
circumvent British laws restricting the scope of its surveillance. 'GCHQ’s continued insistence that it is following the law
becomes less credible with every revelation,' King told The Intercept, adding that he
believed the agency was 'stretching its legal authorities with help from international
partners." |
"A judge in the US has ordered Microsoft to hand over a customer's emails,
even though the data is held on a server in Ireland. Microsoft has previously taken steps to reassure customers that data
held on servers abroad should not be subject to search warrants by US authorities. It
follows concerns about data privacy after allegations of US spying by whistleblower Edward
Snowden. The judge said warrants for online data were different to other warrants. The
search warrant, which was issued to Microsoft by US authorities, sought information
associated with a customer's email account including the customer's name, credit card
details and contents of all messages. Microsoft said
that the account was hosted on a server in Dublin and therefore the search warrant was not valid as the data was outside of
the US." |
"Two politicians have allowed for their personal data to be mapped
down to the last detail. This is unprecedented. The Speaker of the Danish parliament calls
it »overdue«. For the first time ever, Danes are to be given a closer look at the
considerable amounts of data being recorded on individual citizens, and a better
understanding of what information can be mined from the personal data of private
individuals. While the government itself has been reluctant to discuss the issue of
surveillance, two members of parliament from the ruling Social Democrat and Social Liberal
parties have brought themselves into play to start a debate about the registration and
logging of data. One of these politicians is even a cabinet member. Sofie Carsten Nielsen,
the Social Liberal minister for education and research, and Jens Joel, a Social Democrat
member of parliament, have allowed Berlingske to access their private data. The newspaper's investigative unit has spent several months accessing,
analysing and mapping the politicians' emails, phone calls, mobile texts, card payments,
plane trips, tax information and private photos. Their patterns and habits, both political
and intimate, are now presented on b.dk. This is despite government efforts, for more than
the past six months, to silence the debate on surveillance following the publication of
documents leaked by the whistleblower Edward Snowden which revealed the extent of phone
tapping and data collection carried out by the U.S. The government has consistently
repeated the same statement: that it is not aware of any illegal surveillance in Denmark.
Now, however, the Speaker of Parliament, Mogens Lykketoft, who is also a Social Democrat,
has stepped forward, calling it »an interesting experiment« that Sofie Carsten Nielsen
and Jens Joel have allowed their data to be mined.... Berlingske's
investigation is based on the analysis of some 18,047 emails, 31,303 pieces of
telecommunications data and 2,407 banking records. Added to these are approximately 36,000
texts and data messages, and a string of other sets of data, including 2,828 invitations
in Jens Joel's electronic diary and 33,740 location points from the running app on Sofie
Carsten Nielsen's mobile phone. .... In 2009 the
German politician Malte Spitz asked the telecom operator Deutsche Telekom to hand over six
months of telecommunication data which the Zeit Online newspaper then used to map his
physical activities in minute detail. Malte Spitz believes that Berlingske's project will
make the debate on data more realistic by showing »concrete examples«. »This will serve
as an eye opener showing people what is already possible. We need to start the debate
about the future right now,« says Malte Spitz." |
"On Tuesday The Guardian and US newspaper The Washington Post were
jointly awarded the Pulitzer Prize – the biggest prize in US journalism – for
their reporting on NSA surveillance. Edward Snowden, the former CIA contractor who
famously leaked a trove of documents to newspapers detailing US and even UK government
surveillance activities, immediately called the
award a 'vindication'
even as a US congressman called the decision a 'disgrace'. In the UK, former defence
secretary Liam Fox called Snowden a 'self-publicising
narcissist' who committed treason. In a new YouGov poll, public opinion tends to be in
favour of the newspapers’ decision to publish the revelations, with British people
calling the decision good, rather than bad, for society, by 46% to 22%. Many, however,
(31%) are still unsure how they feel." |
"In
some areas of the world, payment systems that require palm scanning or face scanning are
already being tested. We have entered an era where biometric security is being
hailed as the 'solution' to the antiquated security methods of the past. We are
being promised that the constant problems that hackers are causing with our credit cards, bank accounts, ATM machines and Internet passwords will
all go away once we switch over to biometric identification. And without a doubt, we
have some massive security problems that need to be addressed. But do you really
want a machine to read your face or your hand before you are able to buy anything, sell
anything or log on to the Internet? Do you really want 'the system' to be able to
know where you are, what you are buying and what you are doing at virtually all times? Biometric security systems are being promoted as 'cool' and
'cutting edge', but there is also potentially a very dark side to them that should not be
ignored. In this day and age, identity theft has become a giant problem. Being able
to confirm that you are who you say that you are is a very big deal. To many,
biometric security presents a very attractive solution to this problem.... Almost everyone
would like to make their identities more secure. Nobody actually wants their bank accounts compromised or their Internet passwords
stolen. But there is a price to be paid for adopting biometric identification.
Your face or your hand will be used to continually monitor and track everything that you
do and everywhere that you go. For now, biometric security is not being forced on
people. If you want to avoid it, you can. But eventually, once it has been adopted
on a widespread basis, banks and government agencies will start requiring it. And it is
easy to imagine a day when none of us will any longer be able to buy or sell anything
without submitting to biometric identification. In fact, an 'alternative payment method' involving hand scanning is already being
tested in southern Sweden…
But before biometric identification is widely used for payment systems, we will probably
see it implemented in a whole bunch of other ways first. For instance, biometric
scanners are already being used in dining halls on college campuses all across America... Young people tend to be less
alarmed by this technology, and so that is where it is being pushed. ... This
technology is going to keep spreading, and it is going to become harder and harder to
avoid it. And it is easy to imagine what a tyrannical government could do with this kind
of technology. If it wanted to, it could use it to literally track the movements and
behavior of everyone. We are already starting to see the establishment of massive
biometric databases. One of these is the FBI’s facial recognition database that
is a part of their 'Next Generation Identification' program. It is being projected
that the FBI will have compiled 52 million of our 'face images' by the year 2015. Given enough time, eventually I am sure that
they would have all of our faces in their computers. And one
day, this kind of technology will likely be so pervasive that you won’t be able to
open a bank account, get a credit card or even buy anything
without having either your hand or your face scanned first. When that day arrives, what
will you do?" |
"Google has clarified its email scanning practices in a terms of
service update, informing users that incoming and outgoing emails are analysed by
automated software. The revisions explicitly state that Google’s system scans the
content of emails stored on Google’s servers as well as those being sent and received
by any Google email account, a practice that has seen the search company face criticism
from privacy
action groups and lawsuits
from the education sector. 'We want our
policies to be simple and easy for users to understand. These changes will give people
even greater clarity and are based on feedback we've received over the last few months,'
said a Google spokeswoman. The automated systems scan the content of emails for spam and
malware detection, as many other email providers automatically do, but also as part of
Google’s 'priority inbox' service and tailored advertising. 'This is not the worst
thing Google does,' said Jim Killock, executive director of the Open Rights Group. 'But
like anything like this, if people are concerned about it they should be able to
completely switch it off if they want to.' Google’s ads use information gleaned from
a user’s email combined with data from their Google profile as a whole, including
search results, map requests and YouTube views, to display what it considers are relevant
ads in the hope that the user is more likely to click on them and generate more
advertising revenue for Google..... While email scanning has taken the headlines recently,
leading from the revelations that Google considers that users have no 'reasonable
expectation' of privacy, the Open Rights Group considers other aspects of Google’s
practices most troubling. 'The really dangerous things that Google is doing are things
like the information held in Analytics, cookies in advertising and the profiling that it
is able to do on individual accounts,' said Killock. 'It is the amount of information they
hold on individuals that should be concerning us, both because that is attractive to
government but also sometimes that information leaks out in various ways like the
NSA’s use of cookies in general as a means to target users,' Killock explained." |
"Facebook, Instagram, and Twitter have all become places where
people post intimate details about their lives: vacation photos, work successes, buying a
new house, car, or other cool stuff. However, this information is also up for grabs by the
Internal Revenue Service. The taxman is reportedly using data from social media on people
who file fishy-seeming taxes or don't file at all, according to Marketplace. The IRS loses roughly $300
billion per year to tax evasion; and in times of budget cuts, with a smaller staff, the
agency has allegedly turned to both data mining and data crunching. In its quest to find
and audit tax dodgers, the IRS is said to use online activity trackers to sift through the
mass amounts of data available on the Internet, according to Marketplace. This data is
then added to the information the agency already has on people, such as Social Security
numbers, health records, banking statements, and property. 'It seems they may be using
predictive analytics,' University of Pennsylvania's Annenberg School of Communication
Professor Joseph Turow told Marketplace. 'That takes
a huge amount of data and puts it together in a big pot to see if they can predict which
individuals don't pay their taxes.' The IRS is reportedly only looking at information
that's public, so as long as people keep a tight privacy lock on their accounts, they
should be okay...maybe. Last year, it was revealed that the IRS was claiming
the right to read taxpayers' email and private information on social media accounts
without first getting a search warrant. After a brouhaha from civil liberties groups,
citizens, and lawmakers,
the IRS announced the no-warrant-required policy would be ditched for email, but it did
not make the same commitment for other private electronic communications." |
"New documents released by the FBI show that the Bureau is well on
its way toward its goal of a fully operational face recognition database by this summer. The EFF received these records in response to our Freedom of Information
Act lawsuit
for information on Next
Generation Identification (NGI)—the FBI’s massive biometric database that
may hold records on as much as one-third of the US population. The facial
recognition component of this database poses real threats to privacy for all
Americans.... One of our biggest
concerns about NGI has been the fact that it will include non-criminal as well as
criminal face images. We now know that FBI projects that by 2015, the database will
include 4.3 million images taken for non-criminal purposes. Currently, if you apply for
any type of job that requires fingerprinting or a background check, your prints are sent
to and stored by the FBI in its civil print database. However, the FBI has never before
collected a photograph along with those prints. This is changing with NGI. Now an employer
could require you to provide a 'mug shot' photo along with your fingerprints. If
that’s the case, then the FBI will store both your face print and your fingerprints
along with your biographic data. In the past, the FBI has never linked the criminal and
non-criminal fingerprint databases. This has meant that any search of the criminal print
database (such as to identify a suspect or a latent print at a crime scene) would not
touch the non-criminal database. This will also change with NGI. Now, every
record—whether criminal or non—will have a 'Universal
Control Number' (UCN), and every search will be run against all records in the
database. This means that even if you have never been
arrested for a crime, if your employer requires you to submit a photo as part of your
background check, your face image could be searched—and you could be implicated as a
criminal suspect—just by virtue of having that image in the non-criminal file." |
"Stepping into a heated debate within the nation’s
intelligence agencies, President Obama has decided that when the National Security Agency
discovers major flaws in Internet security, it should — in most circumstances —
reveal them to assure that they will be fixed, rather than keep mum so that the flaws can
be used in espionage or cyberattacks, senior administration officials said Saturday. But
Mr. Obama carved a broad exception for 'a clear national security or law enforcement
need,' the officials said, a loophole that is likely to allow the N.S.A. to continue to
exploit security flaws both to crack encryption on the Internet and to design
cyberweapons. The White House has never publicly detailed Mr. Obama’s decision, which
he made in January as he began a three-month review of recommendations by a presidential
advisory committee on what to do in response to recent disclosures about the National
Security Agency. But elements of the decision became evident on Friday, when the White
House denied that it had any prior knowledge of the Heartbleed bug, a newly known hole in
Internet security that sent Americans scrambling last week to change their online
passwords. The White House statement said that when such flaws are discovered, there is
now a 'bias' in the government to share that knowledge with computer and software
manufacturers so a remedy can be created and distributed to industry and consumers.... One recommendation urged the N.S.A. to get out of the business of
weakening commercial encryption systems or trying to build in 'back doors' that would make
it far easier for the agency to crack the communications of America’s adversaries.
Tempting as it was to create easy ways to break codes — the reason the N.S.A. was
established by Harry S. Truman 62 years ago — the committee concluded that the
practice would undercut trust in American software and hardware products. In recent
months, Silicon Valley companies have urged the United States to abandon such practices,
while Germany and Brazil, among other nations, have said they were considering shunning
American-made equipment and software. Their motives were hardly pure: Foreign companies
see the N.S.A. disclosures as a way to bar American competitors. Another recommendation
urged the government to make only the most limited, temporary use of what hackers call
'zero days,' the coding flaws in software like Microsoft Windows that can give an attacker
access to a computer — and to any business, government agency or network connected to
it. The flaws get their name from the fact that, when identified, the computer user has
'zero days' to fix them before hackers can exploit the accidental vulnerability. The
N.S.A. made use of four 'zero day' vulnerabilities in its attack on Iran’s nuclear
enrichment sites. That operation, code-named 'Olympic Games,' managed to damage roughly
1,000 Iranian centrifuges, and by some accounts helped drive the country to the
negotiating table.... documents released by Edward J. Snowden, the former N.S.A.
contractor, make it clear that two years before Heartbleed became known, the N.S.A. was
looking at ways to accomplish exactly what the flaw did by accident. A program code-named
Bullrun, apparently named for the site of two Civil War battles just outside Washington,
was part of a decade-long effort to crack or circumvent encryption on the web. The
documents do not make clear how well it succeeded, but it may well have been more
effective than exploiting Heartbleed would be at enabling access to secret data. The
government has become one of the biggest developers and purchasers of information
identifying 'zero days,' officials acknowledge. Those flaws are big business —
Microsoft pays up to $150,000 to those who find them and bring them to the company to fix
— and other countries are gathering them so avidly that something of a modern-day
arms race has broken out. Chief among the nations seeking them are China and Russia,
though Iran and North Korea are in the market as well." |
"The U.S. National Security Agency knew for at least two years
about a flaw in the way that many websites send sensitive information, now dubbed the
Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar
with the matter said. The agency’s reported decision to keep the bug secret in
pursuit of national security interests threatens to renew the rancorous debate over the
role of the government’s top computer experts.
The NSA, after declining to comment on the report, subsequently denied that it was aware
of Heartbleed until the vulnerability was made public by a private security report earlier
this month. 'Reports that NSA or any other part of the government were aware of the
so-called Heartbleed vulnerability before 2014 are wrong,' according to an e-mailed
statement from the Office of the Director of National Intelligence." |
"The journalists who first revealed the extent of the National
Security Agency’s surveillance activities dedicated a prestigious award on Friday to
their source, Edward Snowden.
Glenn Greenwald and Laura Poitras had earlier
cleared immigration at John F Kennedy airport in New York without a hitch as they arrived
to share a George
Polk Award for national security reporting with Ewen MacAskill of the Guardian
and Barton Gellman of the Washington Post. The
Polk awards are administered by Long Island University. 'This award is really for Edward Snowden," said Poitras, who first
met the former NSA analyst in Hong Kong with Greenwald and MacAskill last year, as she
accepted the award in the ballroom of the Roosevelt Hotel in Manhattan. 'Each one of these
awards provides perfect vindication, that what he [Snowden] did, coming forward, was
absolutely the right thing to do and merits gratitude and not indictments and decades of
imprisonment,' Greenwald said in his acceptance speech. MacAskill thanked Snowden for his
courage and expressed a hope that he would be able to travel freely to the US. Greenwald
and Poitras arrived in the US on Friday for the first time since reporting the NSA story.
They travelled from Berlin, where Poitras lives, on Friday morning; Greenwald’s
partner, David Miranda, who was last year detained
for nine hours as he passed through Heathrow airport in London, arrived on Thursday
morning." |
"It was the Blairite
press officer Jo Moore who in 20o1 on the day of 9/11 coined the infamous phrase: 'This is
a good day to bury bad news'. Cameron seems to have learnt the lesson when
yesterday he used the furore over Maria Miller’s avarice and arrogance to quietly
give a welcome to a report from the surveillance commissioner giving the all-clear
to Britain’s spy agencies following the Snowden revelations. In vintage
Cameron style, just as he tried to smother the row swirling around Miller with cavalier
bravado: 'She’s apologised, done the right thing, and we should now move on',
so here he paraphrases the watchdog’s report as: 'agencies undertake their role
conscientiously and effectively, and public agencies do not engage in indiscriminate mass
intrusion'. So that’s all right then, nothing to worry about. This
slippery eel of a Prime Minister purports not to see that in the 78 pages of the report,
Sir Anthony May, the so-called watchdog, ignores the most crucial and devastating finding
of the last year in this area of surveillance (a word that Cameron can’t bring
himself to use), namely the existence of the Tempora programme run by the UK spooks (GCHQ
and MI5) which hoovers up mountains of internet data without its operations ever having
been admitted (before Snowden) or consented to. In a word it reveals the spy
agencies acting completely out of control and outside any system of accountability, which
for some reason May (no relation of the home secretary) and Cameron never
noticed. Nor does May or Cameron even address the huge controversies raised
about the links between the spy agencies and the private internet and telephone companies.
One important new detail that emerges from the May
report is the number of requests for information being loaded on the RIPA (Regulation of
Investigatory Powers Act) system. It turns out to be enormous – 514,608 in the last year. May (a
former judge) is supposed to oversee the warrants requested by the police and intelligence
services, but that weight in numbers would mean his overseeing on average 1,410 a day. So what proportion does he in practice oversee – even 1%, just
14 a day every day, would be quite a handful for a retired judge. But that
still allows Cameron with his Panglossian insouciance to conclude: 'I believe his report
provides an authoritative, expert and reassuring assessment of the lawfulness, necessity
and proportionality of the intelligence agencies’ work' (words presumably dictated to
him by GCHQ). So at least we can all rest assured that our privacy is safe in
Cameron’s hands." |
"Court resumed this
morning to hear cross-examination of former News of the World managing editor Stuart
Kuttner, who is charged with conspiracy to illegally intercept voicemails while he worked
at the now defunct tabloid. David Spens QC, acting for former News of the World Royal
editor Clive Goodman, was first to rise to question the defendant.'You've said a lot of
complimentary things about Mr Coulson but you have not had a good word to say about Mr
Goodman have you,' the barrister said. 'That's not true,' Kuttner replied, pointing out he
said he had 'trusted all of the staff at the News of the World'.... Spens suggested that
the real reason he visited Goodman was not to 'put an arm around him but instead was to
obtain information on the police investigation and what he had told the police' He said:
'What you wanted to know was if the police had named any other individuals in relation to
phone hacking.' 'I disagree with that sir,' Kuttner replied. 'We were just trying to get
to grips with things.' The note states that Goodman
had told Kuttner he 'would get leftovers from SIS bugging' which Judge Saunders suggested related to the secret intelligence
service MI6. 'I was querying that,' Kuttner said. The note goes on 'Told Andy from the
start' which the barrister suggested related to then editor Andy Coulson, 'I think that is
the reference,' Kuttner agreed, adding that he was only noting down what he was being
told." |
"US spy bosses have ignored a request from Chancellor Angela Merkel to look at her secret
service file, according to reports on Wednesday. It came as the chairman of the committee
investigating NSA spying in Germany
resigned. Germany's interior ministry reportedly approached the United States’
National Security Agency (NSA) last
October to ask for the file’s content, amid revelations the NSA had been tapping the
chancellor’s mobile phone. But in a written response to parliamentary questions from
the Green Party, the German government said: 'The United States has not revealed the
relevant information to the German government.'
Green Party foreign policy spokesman Omid Nouripour wanted to know whether the chancellor
had requested access to the documents produced by the NSA while they were spying on her
phone, whether the US government has revealed details about the transcripts and whether Merkel was considering pushing for
the files to be destroyed. The German government did not respond to the question of
whether it had asked for the files to be destroyed, but it had received no answer for its
request to see the file, the Sächsische Zeitung reported on Wednesday. And in an
interview with Spiegel magazine this week interior minister Thomas de Maizière said the
information provided by the United States 'is to this day insufficient'. Former NSA
contractor Edward Snowden
revealed in October that the NSA had been tapping Merkel's mobile phone. 'If two-thirds of
that which Edward Snowden claims or that which is attributed to him as a source were to be
true, then I would come to the conclusion that the United States is operating without
limits,' de Maizière said in the interview." |
"The US' surveillance
measures are largely a result of its security needs, but they are being implemented in an
excessive, boundless fashion. ... If even two-thirds
of what Edward Snowden has presented or what has been presented with his name cited as the
source is true, then I would conclude that the USA is operating without any kind of
boundaries. .... If all of our suspicions are
correct, everything that we are discussing right now isn't even taking place on German
soil. That also makes it difficult to assess. .... Approval ratings for Americans in
German polls are lower right now than they have been in a long time. The last time this
was the case was during a certain phase of the policies of George W. Bush. It saddens me.
Even if Obama's initial popularity may have been exaggerated, the US cannot be apathetic
to the fact that approval ratings have shifted to such a degree within just one year.
America should have an interest in improving them. Words alone will not suffice. .... I find a country's unrestrained collection of information, even
for the sake of exaggerated security need, to be less objectionable than the capture of
all movement profiles, thoughts and emotions by people for the sake of business interests. .... We want to discuss questions, together with experts, about the
reform of the digital agenda: What happens when so-called back-doors are built into
operating systems -- gateways through which the agencies can get onto a computer? How can
we create a secure cloud? How does artificial intelligence compare to human intelligence?
What about the recognition of emotion? Are there, as in the stem-cell debate, limits that
should not be crossed?" |
"During a recent House
Judiciary Committee hearing concerning oversight, Rep. Zoe Lofgren decided to quiz
Attorney General Eric Holder about the federal government's surveillance efforts, starting
off with a rather simple question. She notes that the bulk phone record collection program
is considered to be legal by its supporters, based on Section 215 of the Patriot Act,
which allows for the collection of 'business records.' So, she wonders, is
there any legal distinction between phone records and, say, internet searches or emails?
In other words, does the DOJ believe that it would be
perfectly legal for the US government to scoop up all your search records and emails
without a warrant? Holder clearly does not want to answer the question, and first tries to
answer a different question, concerning the bulk phone records program, and how the
administration is supposedly committed to ending it. But eventually he's forced to admit
that there's no legal distinction..." |
"When it comes to
communication Carter is evidently a man of his generation, shunning electronic devices for
snail mail. He told [satirist Stephen] Colbert that he had recently written a letter to
Pope Francis.... and steers clear of e-mail for fear of being monitored by the National
Security Agency. The suggestion caused something of a stir in America and prompted a swift
denial from the intelligence agency's director. Carter is yet to be convinced, noting that
regulations controlling the Government's scope to spy on private communications had been
significantly relaxed since he passed them. 'They are
not monitoring me now but they record every message that you transmit in America - and
probably in Great Britain as well - and later if they want to monitor that message they
can do so,' he says." |
"Mass spying claims
made by Edward Snowden were rejected last night by a surveillance watchdog. Documents
stolen by the rogue US agent led to reports in the Guardian as well as US newspapers that
the secret services were snooping on millions of ordinary citizens. But in a report yesterday, Sir Anthony May ruled that MI5, MI6 and
GCHQ, were not engaged in ‘mass intrusion’. However the Interception of
Communications Commissioner did raise fears that the police were engaged in the
‘institutional overuse’ of surveillance powers. Constabularies carried out more
than half a million electronic spying missions last year, the equivalent of more than
1,400 a day, his review said. Sir Anthony said he was concerned that police and the
National Crime Agency were failing to consider privacy issues. The public should be reassured that
unless they ‘associate with potential terrorists or serious criminals ... none of the
interception agencies has the slightest interest in examining their emails, their phone or
postal communications or their use of the internet’, he said. Sir Anthony also
rejected allegations that spying agencies were ‘getting around the law’ by
receiving intercepted communications about British citizens indirectly from US spy
agencies. Even when large amounts of material were
collected by agencies, GCHQ was not permitted to trawl through it
indiscriminately, he found. Senior intelligence figures have criticised the
publication of Snowden’s stolen files. The head of MI5, Andrew Parker, said the
publication of the top secret material had caused huge ‘harm’ to the capability
of Britain’s intelligence services and amounted to a ‘gift’ to terrorists.
Whitehall officials say it is considered to have caused the greatest damage to the Western
security apparatus in history. Snowden, a former contractor with the US National Security
Agency, stole tens of thousands of restricted files and leaked them to the Guardian and
the Washington Post.... Foreign Secretary William Hague, who has responsibility for GCHQ,
said: ‘A senior and fully independent judge has looked in detail at whether the
interception agencies misuse their powers to engage in random mass intrusion. He has
concluded that the answer is emphatically no.’" |
"Gogo, the inflight Wi-Fi provider, is used by millions of airline
passengers each year to stay connected while flying the friendly skies. But if you think
the long arm of government surveillance doesn’t have a vertical reach, think again.
Gogo and others that provide Wi-Fi aboard aircraft must follow the same wiretap provisions
that require telecoms and terrestrial ISPs to assist U.S. law enforcement and the NSA in
tracking users when so ordered. But they may be doing more than the law requires.
According to a letter Gogo submitted to the Federal Communications Commission, the company
voluntarily exceeded the requirements of the Communications Assistance for Law Enforcement
Act, or CALEA, by adding capabilities to its service at the request of law enforcement. The revelation alarms civil liberties groups, which say companies should
not be cutting deals with the government that may enhance the ability to monitor or track
users. 'CALEA itself is a massive infringement on user’s rights,' says Peter
Eckersley of the Electronic Frontier Foundation. 'Having ISP’s [now] that say that
CALEA isn’t enough, we’re going to be even more intrusive in what we collect on
people is, honestly, scandalous.' Gogo provides inflight Wi-Fi and digital entertainment
to Delta, American Airlines, Alaska Airlines, Virgin America, US Airways and others using
a dedicated air-to-ground network that GoGo says it designed in consultation with law
enforcement." |
"Like a bunny girl in a
nunnery, Google Glass is struggling for acceptance. What once seemed like a new
technological light at the end of the tunnel, now merely engenders fears that the light is
trying to film you. The latest evidence for this is a study by market research firm Toluna. This study tried to discover Americans'
deeper feelings about Google's fine gadget. Americans
do have deeper feelings and, as
Adweek reports, this research threw up that 72 percent of people won't buy Google
Glass because of privacy concerns. They're afraid of hacking, surreptitious photography
and filming, and looking like extras from a D-level sci-fi movie. (Well, they didn't
actually say that last one.) Though Google Glass was launched with a wave of fascination,
its public presence has caused a flood of consternation. There was the Glass-wearer in a
Seattle restaurant who refused to take off his Glass and was therefore asked to take off. Indeed, the restaurant suggested he was a
man-child 'stinkin' up the joint.' Then there was the man in an Ohio movie theater who
suddenly found his Glass being ripped from his face, not by a disgruntled patron, but by the
forces of the law. San Francisco is, of course, yet to recover from a bar altercation
that seems to have been incited by the presence of Glass on a patron's face. Google itself
seems aware that the nation isn't warming as much as the company had hoped. First, it
released a guide to help
Glass explorers not be Glassholes. Yes, they needed to be told. This didn't seem to be
enough. For then Google issued a curious
defensive blog post explaining all the things that Glass wasn't. Like a surveillance
device, a threat to privacy, or a fashion statement. Though every piece of research should
be taken with a tincture of saline, this piece suggested that privacy was by far the
biggest concern." |
"The US has spied on the staff of prominent human rights organisations, Edward Snowden has told the Council of Europe in Strasbourg,
Europe's top human rights body. Giving
evidence via a videolink from Moscow, Snowden said the National Security Agency –
for which he worked as a contractor – had deliberately snooped on bodies like Amnesty
International and Human Rights Watch. He told council members: 'The NSA
has specifically targeted either leaders or staff members in a number of civil and
non-governmental organisations … including domestically within the borders of the United States.' Snowden did not reveal
which groups the NSA had bugged. The assembly asked Snowden if the US spied on the 'highly
sensitive and confidential communications' of major rights bodies such as Amnesty and
Human Rights Watch, as well as on similar smaller regional and national groups. He
replied: 'The answer is, without question, yes. Absolutely.'
Snowden, meanwhile, dismissed NSA claims that he had swiped as many as 1.7m documents from
the agency's servers in an interview with Vanity Fair. He described the number released by
investigators as 'simply a scare number based on an intentionally crude metric: everything
that I ever digitally interacted with in my career.' He added: 'Look at the language
officials use in sworn testimony about these records: 'could have,' 'may have,'
'potentially.' They're prevaricating. Every single one of those officials knows I don't
have 1.7m files, but what are they going to say? What senior official is going to go in
front of Congress and say, 'We have no idea what he has, because the NSA's auditing of
systems holding hundreds of millions of Americans' data is so negligent that any
high-school dropout can walk out the door with it'?' In live testimony to the Council of Europe, Snowden
also gave a forensic account of how the NSA's powerful surveillance programs violate the EU's
privacy laws. He said programs such as XKeyscore, revealed by the Guardian last July, use sophisticated data mining techniques to
screen 'trillions' of private communications. 'This technology represents the most
significant new threat to civil liberties in modern times,' he declared. XKeyscore allows
analysts to search with no prior authorisation through vast databases containing emails,
online chats, and the browsing histories of millions of individuals. Snowden said on
Tuesday that he and other analysts were able to use the tool to select an individual's
metadata and content 'without judicial approval or prior review'. In practical terms, this
meant the agency tracked citizens not involved in any nefarious activities, he stressed.
The NSA operated a 'de facto policy of guilt by association', he added. Snowden said the
agency, for example, monitored the travel patterns of innocent EU and other citizens not
involved in terrorism or any wrongdoing. The 30-year-old whistleblower – who began
his intelligence career working for the CIA in Geneva – said the NSA also routinely
monitored the communications of Swiss nationals 'across specific routes'. Others who fell
under its purview included people who accidentally followed a wrong link, downloaded the
wrong file, or 'simply visited an internet s*x forum'. French citizens who logged on to a
suspected network were also targeted, he said. The
XKeyscore program amounted to an egregious form of mass surveillance, Snowden suggested,
because it hoovered up data from 'entire populations'. Anyone
using non-encrypted communications might be targeted on the basis of their 'religious
beliefs, s*xual or political affiliations,
transactions with certain businesses' and even 'gun ownership', he claimed. Snowden said he did not believe the NSA was engaged in 'nightmare
scenarios', such as the active compilation of a list of homos*xuals 'to round them up and
send them into camps'. But he said that the infrastructure allowing this to happen had
been built. The NSA, its allies, authoritarian governments and even private organisations
could all abuse this technology, he said, adding that mass surveillance was a 'global
problem'. It led to 'less liberal and safe
societies', he told the council.... Snowden also
criticised the British spy agency GCHQ. He cited the agency's Optic Nerve program revealed by the Guardian in February. It was, he said, one of many 'abusive'
examples of state snooping. Under the program GCHQ bulk collects images from Yahoo webcam
chats. Many of these images were 'intensely private' Snowden said, depicting some form of
nudity, and often taken from the 'bedrooms and private homes' of people not suspected of
individualised wrongdoing. [Optic Nerve] continued
even after GCHQ became aware that the vast majority had no intelligence value at all,'
Snowden said. Snowden made clear he did believe in legitimate intelligence operations. 'I
would like to clarify I have no intention to harm the US government or strain [its]
bilateral ties,' he asserted, adding that he wanted to improve government, not bring it
down. The exiled American spy, however, said the NSA should abandon its electronic
surveillance of entire civilian populations. Instead, he said, it should go back to the
traditional model of eavesdropping against specific targets, such as 'North Korea,
terrorists, cyber-actors, or anyone else.' Snowden also urged members of the Council of
Europe to encrypt their personal communications. He said that encryption, used properly,
could still withstand 'brute force attacks' from powerful spy agencies and others.
'Properly implemented algorithms backed up by truly random keys of significant length
… all require more energy to decrypt than exists in the universe,' he said.... The
NSA says Snowden should have brought his complaints to its own internal oversight and
compliance bodies. Snowden, however, insisted he did raise concerns formally, including
through emails sent to the NSA's lawyers. 'I directly challenge the NSA to deny that I
contacted NSA oversight and compliance bodies directly via email,' he stated." |
"Europe’s top court on Tuesday struck down an EU law forcing
telecoms operators to store private phone and email data for up to two years, judging it
too invasive, despite its usefulness in combating terrorism. By allowing EU governments to
access the data, 'the directive interferes in a particularly serious manner with the
fundamental rights to respect for private life and to the protection of personal data,'
the European Court of Justice (ECJ) said. Advocate General Pedro Cruiz Villalon declared
the legislation illegal and told the European Union’s 28 member states to take the
necessary steps to withdraw it. The decision to scupper the 2006 Data Retention Directive
comes as Europe weighs concerns over electronic snooping in the wake of revelations about
systematic US surveillance of email and telephone communications. The revelation that US agencies collected data on millions of European
citizens — and even tapped the phone of German Chancellor Angela Merkel —
sparked a wave of controversy and prompted lawmakers on both sides of the Atlantic to
rethink their data surveillance laws. Last month President Barack Obama put forward a
long-awaited plan to end Washington’s bulk collection of telephone records, although
critics said the measures should be extended beyond just phone records." |
"Edward
Snowden and the reporter Glenn Greenwald, who brought to light the whistleblower's
leaks about mass US government surveillance last year, appeared together via video link
from opposite ends of the earth on Saturday, for what was believed to be the first time
since Snowden sought
asylum in Russia. In Germany, meanwhile, a leading ally of Chancellor Angela Merkel
criticised the US for failing to provide sufficient assurances on its spying tactics and
said bilateral talks were unlikely to make much progress before the German leader visits
Washington next month. The interior minister, Thomas de Maiziere, one of Merkel's closest
cabinet allies, told the German weekly magazine Der Spiegel: 'US intelligence methods may
be justified to a large extent by security needs, but the tactics are excessive and
over-the-top.' Last October, reports based on disclosures by Snowden said Washington had monitored
Merkel's mobile phone. In Chicago, a sympathetic crowd of nearly 1,000 packed a
downtown hotel ballroom at Amnesty International USA's annual human rights meeting and
gave Greenwald, who dialled in from Brazil, a raucous welcome before Snowden was patched
in 15 minutes later – to a standing ovation. The
pair cautioned that government monitoring of 'metadata'
is more intrusive than directly listening to phone calls or reading emails and stressed
the importance of a free press willing to scrutinise government activity. Metadata
includes which telephone number calls which other numbers, when the calls were made and
how long they lasted. Metadata does not include the
content of the calls. Amnesty International is campaigning to end mass surveillance by the
US government and calling for congressional action to further rein in the collection of
information about telephone calls and other communications.' ... President Barack Obama
said last month he plans to ask Congress to end
the bulk collection and storage of phone records by the NSA but allow the government to access metadata when needed.
Snowden and Greenwald said that such data is in fact more revealing than outright
government spying on phone conversations and emails. 'Metadata
is what allows an actual enumerated understanding, a precise record of all the private
activities in all of our lives. It shows our associations, our political affiliations and
our actual activities,' said Snowden, dressed in a jacket with no tie in front of a black
background. A Reuters/Ipsos poll this week showed
the majority of Americans were concerned that internet companies were encroaching on too
much of their lives. Greenwald, who met with Snowden 10 months ago and wrote about the
leaked documents in the Guardian and other media outlets, promised further revelations of
government abuses of power at his new media venture the Intercept. 'My hope and my belief
is that as we do more of that reporting and as people see the scope of the abuse as
opposed to just the scope of the surveillance they will start to care more,' he said.
'Mark my words. Put stars by it and in two months or so come back and tell me if I didn't
make good on my word.'" |
"GCHQ is to start giving its
official stamp of approval to Master’s courses, effectively creating the first
certified degrees for spies. The surveillance agency has sent out a briefing note to
universities that offer MSc courses in cybersecurity, asking them to apply for
certification by 20 June. Graduates of the selected
courses will be able to say they have 'successfully completed a GCHQ-certified degree', it
states.The 39-page document says that the number of cybersecurity-related courses now on
offer at institutions across the UK had made it increasingly difficult for students and
employers to 'assess the quality of the degrees on offer'. It is hoped that the new
certification, which is valid for five years before having to be renewed, will remedy
this." |
"This week, the Associated Press exposed
a secret program run by the U.S. Agency for International Development to create 'a Twitter-like Cuban
communications network' run through 'secret shell companies' in order to create
the false appearance of being a privately owned operation. Unbeknownst to the
service’s Cuban users was the fact that 'American contractors were gathering their
private data in the hope that it might be used for political
purposes'–specifically, to manipulate those users in order to foment dissent in Cuba
and subvert its government. According to top-secret
documents published today by The Intercept, this sort of operation is frequently discussed
at western intelligence agencies, which have plotted ways to covertly use social media
for 'propaganda,' 'deception,' 'mass messaging,' and 'pushing stories.' These ideas–discussions of how to exploit the internet,
specifically social media, to surreptitiously disseminate viewpoints friendly to western
interests and spread false or damaging information about targets–appear repeatedly
throughout the archive of materials provided by NSA whistleblower Edward Snowden. Documents prepared by NSA and its British counterpart GCHQ–and previously
published by The Intercept as well as some
by NBC News–detailed several of those programs, including a unit devoted in part
to 'discrediting' the agency’s enemies with false information spread online. The documents in the archive show that the British are
particularly aggressive and eager in this regard, and formally shared their methods with
their U.S. counterparts. One previously undisclosed top-secret document–prepared by GCHQ for
the 2010 annual 'SIGDEV' gathering of the 'Five Eyes' surveillance alliance comprising the
UK, Canada, New Zealand, Australia, and the U.S.–explicitly discusses ways to exploit
Twitter, Facebook, YouTube, and other social media as secret platforms for propaganda. The
document was presented by GCHQ’s Joint Threat Research Intelligence Group (JTRIG).
The unit’s self-described purpose is 'using online
techniques to make something happen in the real or cyber world,' including
'information ops (influence or disruption).' The British agency describes its JTRIG and
Computer Network Exploitation operations as a 'major part of business' at GCHQ, conducting
'5% of Operations.' The annual SIGDEV conference,
according to one NSA document published today by The Intercept, 'enables unprecedented
visibility of SIGINT Development activities from across the Extended Enterprise,
Second Party and US Intelligence communities.' The 2009 Conference, held at Fort Meade,
included 'eighty-six representatives from the wider US Intelligence Community,
covering agencies as diverse as CIA (a record 50 participants), the Air Force
Research Laboratory and the National Air and Space Intelligence Center.' Defenders of
surveillance agencies have often insinuated that such proposals are nothing more than pipe
dreams and wishful thinking on the part of intelligence agents. But these documents are
not merely proposals or hypothetical scenarios. As described by the NSA document
published today, the purpose of SIGDEV presentations is 'to synchronize discovery
efforts, share breakthroughs, and swap knowledge on the art of analysis.' For instance: One of the programs described by the newly released
GCHQ document is dubbed 'Royal Concierge,' under which the British agency intercepts email
confirmations of hotel reservations to enable it to subject hotel guests to electronic
monitoring. It also contemplates how to 'influence the hotel choice' of travelers and to
determine whether they stay at 'SIGINT friendly' hotels. The document asks: 'Can we
influence the hotel choice? Can we cancel their visit?' Previously, der
Spiegel and NBC
News both independently confirmed that the 'Royal Concierge' program has been
implemented and extensively used. The German magazine reported that 'for more than three
years, GCHQ has had a system to automatically monitor hotel bookings of at least 350
upscale hotels around the world in order to target, search, and analyze reservations to
detect diplomats and government officials.' NBC reported that 'the intelligence
agency uses the information to spy on human targets through ‘close access technical
operations,’ which can include listening in on telephone calls and tapping hotel
computers as well as sending intelligence officers to observe the targets in person at the
hotels.' The GCHQ document we are publishing today expressly contemplates exploiting
social media venues such as Twitter, as well as other communications venues including
email, to seed state propaganda–GHCQ’s word, not mine–across the internet.... Whether governments should be in
the business of publicly disseminating political propaganda at all is itself a
controversial question. Such activities are restricted by law in many countries, including
the U.S. In 2008, The New York Times’ David Barstow won a Pulitzer Prize for exposing a domestic
effort coordinated by the Pentagon whereby retired U.S. generals posed as 'independent
analysts' employed by American television networks and cable news outlets as they secretly
coordinated their messaging with the Pentagon. Because American law bars the government
from employing political propaganda domestically, that program was likely illegal, though no legal accountability
was ever brought to bear (despite all
sorts of calls for formal
investigations). Barack Obama, a presidential
candidate at the time, pronounced himself in a campaign press release 'deeply disturbed'
by the Pentagon program, which he said 'sought to manipulate the public’s trust.' Propagandizing foreign populations has generally been more legally
acceptable. But it is difficult to see how government propaganda can be segregated from
domestic consumption in the digital age. If American intelligence agencies are adopting
the GCHQ’s tactics of 'crafting messaging campaigns to go ‘viral’,' the
legal issue is clear: A 'viral' online propaganda campaign, by definition, is almost
certain to influence its own citizens as well as those of other countries....these documents, along with the
AP’s exposure of the sham 'Cuban Twitter' program, underscore how aggressively
western governments are seeking to exploit the internet as a means to manipulate political
activity and shape political discourse. Those programs, carried out in secrecy and with
little accountability (it seems nobody in Congress knew of the 'Cuban Twitter' program in
any detail) threaten the integrity of the internet itself, as state-disseminated
propaganda masquerades as free online speech and organizing. There is thus little or no
ability for an internet user to know when they are being covertly propagandized by their
government, which is precisely what makes it so appealing to intelligence agencies, so
powerful, and so dangerous." |
"The US created a text-message
social network designed to foment unrest in Cuba, according to an investigation by the
Associated Press news agency. ZunZuneo, dubbed a 'Cuban Twitter', had 40,000 subscribers
at its height in a country with limited web access. The project reportedly lasted from
2009-12 when the grant money ran out. The US is said to have concealed its links to the
network through a series of shell companies and by funnelling messages through other
countries. The BBC's Sarah Rainsford in the Cuban
capital of Havana says there is a thirst for information on the island, which has no
independent media.... The scheme was reportedly operated by the US Agency for
International Development (USAID), a federal international development organisation run
under the aegis of the Department of State....On Thursday, White House spokesman Jay
Carney confirmed the US government's involvement in the programme, saying it had been
debated by Congress and passed oversight controls. He said: 'These are the kinds of
environments where a programme like this and its association with the US government can
create problems for practitioners and members of the public. "So appropriate
discretion is engaged in for that reason but not because its covert, not because it's an
intelligence programme, because it is neither covert nor an intelligence programme.'" |
"In an apparent throwback to the Cold War campaigns of disruption,
disinformation and espionage, the US government spent $1.6m building a social media
network with the aim of undermining the communist government in Cuba, it has emerged.
Documents obtained during an investigation by the Associated
Press show that the project, which lasted more than two years and drew thousands of
subscribers, was built with secret shell companies and was financed through foreign
banks. The United States Agency for International Development (USAID) was reportedly behind the project
which saw the creation of a 'Cuban Twitter' dubbed 'ZunZuneo' - slang for a Cuban
hummingbird's tweet. USAID were primarily responsible for the campaign and there was no
involvement of intelligence services, but the details uncovered by the Associated Press
would appear to bring into doubt USAID's longstanding claims that it does not conduct covert actions. Users of 'ZunZuneo' were entirely unaware of the involvement of the United
States government agency and that American contractors were gathering personal data about
them, in the hope that the information might be used someday for political purposes. The
project, which was started in 2009 after Washington-based Creative Associates
International obtained a half-million Cuban cellphone numbers, has questionable legality
under US law and has prompted concerns over clandestine government funded activity. Documents and interviews show the US Agency went to extensive
lengths to conceal its involvement. They set up front companies overseas and routed money
through a Cayman Islands bank to hide the money trail. 'On the face of it there are
several aspects about this that are troubling,' said Sen. Patrick Leahy, D-Vt. and
chairman of the Appropriations Committee's State Department and foreign operations
subcommittee. 'There is the risk to young, unsuspecting Cuban cellphone users who had no
idea this was a US government-funded activity. There is the clandestine nature of the
program that was not disclosed to the appropriations subcommittee with oversight
responsibility. And there is the disturbing fact
that it apparently activated shortly after Alan Gross, a USAID subcontractor who was sent
to Cuba to help provide citizens access to the Internet, was arrested.' The service was
established in 2009 when the Cuban government tightly controlled internet access and
mobile phone communications were monitored. Users were able to send updates to the site
via SMS with said text messages being free of charge. USAID contractors carefully designed
the site to look like a real business using 'mock ad banners' to 'give it the appearance
of a commercial enterprise'. In multiple documents, USAID staff pointed out that text
messaging had mobilized smart mobs and political uprisings in Moldova and the Philippines,
among others. In Iran, the USAID noted social
media’s role following the disputed election of then President Mahmoud Ahmadinejad in
June 2009 — and saw it as an important foreign policy tool. At its height the service had at least 40,000 subscribers. USAID told the
Associated Press that ZunZuneo stopped in September 2012 when a government grant ended.
The actions of USAID have parallels in the US government's project 'Lantern' –
software that helps Chinese citizens get around the great firewall." |
"In July 2010, Joe McSpedon, a US government official, flew to Barcelona to
put the final touches on a secret plan to build a social media project aimed at
undermining Cuba's communist government. McSpedon and his team of high-tech contractors
had come in from Costa Rica and Nicaragua, Washington and Denver. Their mission: to launch
a messaging network that could reach hundreds of thousands of Cubans. To hide the network
from the Cuban government, they would set up a byzantine system of front companies using a
Cayman Islands bank account, and recruit unsuspecting executives who would not be told of
the company's ties to the US government. McSpedon didn't work for the CIA. This was a
program paid for and run by the US Agency for International Development, best known for
overseeing billions of dollars in US humanitarian aid. According to documents obtained by
the Associated Press and multiple interviews with people involved in the project, the plan
was to develop a bare-bones 'Cuban Twitter,' using cellphone text messaging to evade
Cuba's strict control of information and its stranglehold restrictions over the internet.
In a play on Twitter, it was called ZunZuneo — slang for a Cuban hummingbird's tweet.
Documents show the US government planned to build a subscriber base through
'non-controversial content': news messages on soccer, music, and hurricane updates. Later
when the network reached a critical mass of subscribers, perhaps hundreds of thousands, operators would introduce political content aimed at inspiring Cubans to
organize 'smart mobs' — mass gatherings called at a moment's notice that might
trigger a Cuban spring, or, as one USAid document put it, 'renegotiate the balance of
power between the state and society.' At its peak, the
project drew in more than 40,000 Cubans to share news and exchange opinions. But its
subscribers were never aware it was created by the US government, or that American
contractors were gathering their private data in the hope that it might be used for
political purposes. 'There will be absolutely no mention of United States government
involvement,' according to a 2010 memo from Mobile Accord, one of the project's
contractors. 'This is absolutely crucial for the long-term success of the service and to
ensure the success of the Mission.' The program's legality is unclear: US law requires
that any covert action by a federal agency must have a presidential authorization.
Officials at USAid would not say who had approved the program or whether the White House
was aware of it. McSpedon, the most senior official named in the documents obtained by the
AP, is a mid-level manager who declined to comment....
'On the face of it there are several aspects about
this that are troubling,' said Senator Patrick Leahy, Democrat of Vermont, and chairman of
the appropriations committee's State Department and foreign operations subcommittee.
'There is the risk to young, unsuspecting Cuban cellphone users who had no idea this was a
US government-funded activity. There is the clandestine nature of the program that was not
disclosed to the appropriations subcommittee with oversight responsibility. And there is
the disturbing fact that it apparently activated shortly after Alan Gross, a USAid
subcontractor who was sent to Cuba to help provide citizens access to the Internet, was
arrested.' The Associated Press obtained more than
1,000 pages of documents about the project's development. The AP independently verified
the project's scope and details in the documents — such as federal contract numbers
and names of job candidates — through publicly available databases, government
sources and interviews with those directly involved in ZunZuneo. Taken together, they tell
the story of how agents of the US government, working in deep secrecy, became tech
entrepreneurs — in Cuba. And it all began with a half a million cellphone numbers
obtained from a communist government.... It is unclear whether the plan got its start with
USAid or Creative Associates International, a Washington for-profit company that has
earned hundreds of millions of dollars in US contracts. But a 'key contact' at Cubacel,
the state-owned cellphone provider, slipped the phone numbers to a Cuban engineer living
in Spain. The engineer provided the numbers to USAid and Creative Associates 'free of
charge,' documents show.... Tensions with Congress spiked just as the ZunZuneo project was
gearing up in December 2009, when another USAid program ended in the arrest of the US
contractor, Alan Gross. Gross had traveled repeatedly to Cuba on a secret mission to
expand Internet access using sensitive technology typically available only to governments,
a mission first revealed in February 2012 by AP. At some point, Armstrong says, the
foreign relations committee became aware of OTI's secret operations in Costa Rica. US
government officials acknowledged them privately to Armstrong, but USAid refused to
provide operational details. At an event in Washington, Armstrong says he confronted
McSpedon, asking him if he was aware that by operating secret programs from a third
country, it might appear like he worked for an intelligence agency. McSpedon, through
USAid, said the story is not true. He declined to comment otherwise.... To cover their tracks, they decided to have a company based in the
United Kingdom set up a corporation in Spain to run ZunZuneo. A separate company called
MovilChat was created in the Cayman Islands, a well-known offshore tax haven, with an
account at the island's Bank of NT Butterfield & Son Ltd. to pay the bills. A memo of
the meeting in Barcelona says that the front companies would distance ZunZuneo from any US
ownership so that the 'money trail will not trace back to America.' But it wasn't just the
money they were worried about. They had to hide the origins of the texts, according to
documents and interviews with team members. Brad Blanken, the former chief operating
officer of Mobile Accord, left the project early on, but noted that there were two main
criteria for success. 'The biggest challenge with creating something like this is getting
the phone numbers,' Blanken said. 'And then the ability to spoof the network.'" |
"We’ve seen the
story by the AP this morning. The program referred to by the Associated Press was a
development program run by the United States Agency for International Development.
And that program was completed in 2012. As you know, USAID is a development agency, not an
intelligence agency. Suggestions that this was a covert program are wrong.
Congress funds democracy programming for Cuba to help empower Cubans to access more
information and to strengthen civil society. These
appropriations are public, unlike covert action. The money invested has been debated in
Congress. In addition, GAO reviewed this
program in detail in 2013 and found that it was conducted in accordance with U.S. law and
under appropriate oversight controls. In implementing programs in non-permissive
environments, of course the government has taken steps to be discreet. That’s
how you protect the practitioners and the public. This
is not unique to Cuba. So more details about the
program are available at USAID. And I think
that veterans of this briefing room know that when I say a program like this is not covert
and then I talk about it, that’s how you know it’s not covert — because
I’m talking about it. So on the question of the
White House, our involvement would be the same that it would have been in similar
development programs of this type. The President and his administration support
efforts to help Cuban citizens communicate more easily with one another and with the
outside world. So I’m not aware of individuals here who knew about it; this was
part of a development assistance program..... It was not a covert program. It was debated in Congress; it was reviewed by the GAO.
Those kinds of things don’t happen to covert programs. It was a development
assistance program about increasing the level of information that the Cuban people have
and were able to discuss among themselves. And that’s part of an effort that we
undertake not just in Cuba but elsewhere." |
"A new poll found that nearly half of American adults who responded have changed some form of
online behavior because of the NSA stories, and they think a lot more carefully about
where they go, what they say and what they do online. We've pointed out (since the
Snowden revelations began) that this was going to have a negative impact on the tech
industry, but much of the concerns was from overseas users. However, it's clear that it's
impacting how Americans view their online habits as well: 'When it comes to specific
Internet activities, such as email or online banking, this change in behavior translates
into a worrying trend for the online economy: over one quarter of respondents (26%) said
that, based on what they have learned about secret government surveillance, they are now
doing less banking online and less online shopping. This
shift in behavior is not good news for companies that rely on sustained or increased use
of the Internet for their business model.' Importantly, the study also found that,
contrary to the claims of many, the Snowden revelations aren't just being followed by
security-obsessed techies. While the general public may not be keeping tabs on all the
details, they are getting the basics. 'And in case anyone is tempted to think that this is
a narrow issue of concern only to news junkies and security geeks, let me be clear:
according to this latest survey, 85% of adult Americans are now at least somewhat familiar
with the news about secret government surveillance of private citizens’ phone calls,
emails, online activity, and so on.' Once again, it appears that the federal government,
and the NSA in particular, have created a huge cost for innovation and economic growth,
while having almost no real benefit to show for it." |
"The Guardian was named newspaper of the
year at the press awards for its reporting on government surveillance. The prize was one of a host given to the Guardian and its journalists,
with theguardian.com handed the digital award and the writers Rob Evans, Paul Lewis and
Patrick Kingsley all honoured at the ceremony in London. The judges said the Guardian
'broke a story of global significance that went to the heart of the debate on press
freedom. The fact that the coverage polarised opinion even within the press showed how
important it was. The job of a newspaper is to speak truth to power and the past year has
seen the Guardian do this with will and verve.'" |
"U.S. intelligence agencies searched the content of e-mails and
other electronic communications of Americans without warrants, the nation’s top
intelligence official told members of Congress. The queries were part of efforts to obtain
information about suspected foreign terrorists under a law that Congress passed in 2008,
Director of National Intelligence James Clapper wrote in a March 28 letter to Senator Ron Wyden, an
Oregon Democrat and one of the most vocal critics of government surveillance. The spying
is 'unacceptable' and proves the existence of a loophole in surveillance law that allows
the National Security Agency to illegally search the Internet communications and listen to
the phone calls of Americans who may have no connection to terrorism, Wyden and Senator
Mark Udall, a Colorado Democrat, said in an e-mailed statement yesterday. 'It raises serious constitutional questions and poses a real threat to the
privacy rights of law-abiding Americans,' the lawmakers said. 'Senior officials have
sometimes suggested that government agencies do not deliberately read Americans’
e-mails, monitor their online activity or listen to their phone calls without a warrant.
However, the facts show that those suggestions were misleading.' The disclosure is
significant because it potentially opens up a new line of public and congressional
scrutiny into NSA spying. Until now, most of the focus of public debate has been on
restraining the NSA’s ability to collect and store bulk phone records, which include
numbers dialed and call durations without the contents of conversations.'... 'It is now clear to the public that the list of ongoing intrusive
surveillance practices by the NSA includes not only bulk collection of Americans’
phone records, but also warrantless searches of the content of Americans’ personal
communications,' Wyden and Udall said
yesterday." |
"US intelligence chiefs have confirmed that the National Security
Agency has used a 'back door' in surveillance law to perform warrantless searches on
Americans’ communications. The NSA's collection programs are ostensibly targeted at
foreigners, but in August
the Guardian revealed a secret rule change allowing NSA analysts to search for
Americans' details within the databases. Now, in a letter to Senator Ron Wyden, an Oregon
Democrat on the intelligence committee, the director of national intelligence, James
Clapper, has confirmed the use of this legal authority to search for data related to 'US
persons'. 'There have been queries, using US person identifiers, of communications
lawfully acquired to obtain foreign intelligence targeting non-US persons reasonably
believed to be located outside the United States,' Clapper wrote in the letter, which has
been obtained by the Guardian. 'These queries were
performed pursuant to minimization procedures approved by the Fisa court and consistent
with the statute and the fourth amendment.' The legal authority to perform the searches, revealed in top-secret NSA documents
provided to the Guardian by Edward Snowden, was denounced by Wyden as a 'backdoor
search loophole.' Many of the NSA's most controversial programs collect information under
the law affected by the so-called loophole. These include Prism, which allows the agency
to collect data from Google, Apple, Facebook, Yahoo and other tech companies, and the
agency's Upstream program – a huge network of internet cable taps. Clapper did not
say how many warrantless searches had been performed by the NSA. It was not the first time
the searches had been confirmed: after the Snowden leaks, the office of the director of
national intelligence declassified documents that discussed the rule change. But Clapper's
letter drew greater attention to the issue. Confirmation that the NSA has searched for
Americans’ communications in its phone call and email databases complicates President
Barack Obama’s initial defenses of the broad surveillance in June. 'When it comes to
telephone calls, nobody is listening to your telephone calls. That’s not what this
program’s about,' Obama said.
'As was indicated, what the intelligence community is doing is looking at phone numbers
and durations of calls. They are not looking at people’s names, and they’re not
looking at content.' Obama was referring specifically to the bulk collection of US phone
records, but his answer misleadingly suggested that the NSA could not examine
Americans’ phone calls and emails." |
"The vast scale of online surveillance revealed by Edward Snowden is changing how
businesses store commercially sensitive data, with potentially dramatic consequences for
the future of the internet, according to a new study. A survey of 1,000 business leaders from around the world
has found that many are questioning their reliance on 'cloud computing' in favour of more
secure forms of data storage as the whistleblower's revelations continue to reverberate.
The moves by businesses mirror efforts by individual countries, such as Brazil and Germany, which are
encouraging regional online traffic to be routed locally rather than through the US, in a
move that could have a big impact on US technology companies such as Facebook and Google.
Daniel Castro, a senior analyst at the Information
Technology and Innovation Foundation, said the study confirmed 'anecdotal evidence
that suggests US tech firms are going to be hit hard in the coming years by a global
backlash against technology 'made in America'. 'The
Snowden revelations have led to a paradigm shift in how IT decision-makers buy
technology,' he said. 'Now companies are not just competing on price and quality, they are
also competing on geography. This might be the final nail in the coffin for the vision of
a global, borderless internet.' Ian
Brown, from the Oxford Internet Institute, said the survey revealed a significant
level of concern among business leaders: 'We'll have to see over the next year how much
impact this type of reaction has on the bottom line of US tech companies, but it will give
them even more incentive to put pressure on the Obama administration and US Congress for
significant surveillance reform.' The survey of 1,000
information and communications technology decision-makers from France, Germany, Hong Kong,
the UK and the US was carried out by NTT Communications. It found that, following the
Snowden revelations, almost 90% had changed the way they use the cloud – a storage
service that allows data to be accessed from anywhere in the world but which is more
susceptible to online surveillance....But Castro
warned that it was not just the global firms that are being affected in the US. 'This
isn't something that just the big players have to worry about, it's the start-ups and
mid-size companies too – across the board this backlash is going to hurt their bottom
line.' And Brown said that pressure is now likely to be felt by the other governments as
more businesses attempt to protect their data." |
"Documents show that Britain's GCHQ intelligence service
infiltrated German Internet firms and America's NSA obtained a court order to spy on
Germany and collected information about the chancellor in a special database. Is it time
for the country to open a formal espionage investigation?.... Stellar operates a satellite ground station in Hürth, a so-called
'teleport.' Its services are used by companies and institutions; Stellar's customers
include Internet providers, telecommunications companies and even a few governments. 'The
world is our market,' is the high-tech company's slogan. Using their ground stations and
leased capacities from satellites, firms like Stellar -- or competitors like Cetel in the
nearby village of Ruppichteroth or IABG, which is headquartered in Ottobrunn near Munich
-- can provide Internet and telephone services in even the most remote areas. They provide
communications links to places like oil drilling platforms, diamond mines, refugee camps
and foreign outposts of multinational corporations and international organizations. Super
high-speed Internet connections are required at the ground stations in Germany in order to
ensure the highest levels of service possible. Most are connected to major European
Internet backbones that offer particularly high bandwidth. The service they offer isn't just attractive to customers who want to
improve their connectivity. It is also of interest to Britain's GCHQ intelligence service, which has targeted
the German companies. Top secret documents from the archive of NSA whistleblower Edward
Snowden viewed by SPIEGEL show that the British spies surveilled employees of several
German companies, and have also infiltrated their networks. One top-secret GCHQ paper
claims the agency sought 'development of in-depth knowledge of key satellite IP service
providers in Germany.' The document, which is undated, states that the goal of the effort
was developing wider knowledge of Internet traffic flowing through Germany. The 26-page
document explicitly names three of the German companies targeted for surveillance:
Stellar, Cetel and IABG. The operation, carried out at listening stations operated jointly
by GCHQ with the NSA in Bude, in Britain's Cornwall region, is largely
directed at Internet exchange points used by the ground station to feed the communications
of their large customers into the broadband Internet. In addition to spying on the
Internet traffic passing through these nodes, the GCHQ workers state they are also seeking to identify important customers of
the German teleport providers, their technology suppliers as well as future technical
trends in their business sector. The document also states that company employees are
targets -- particularly engineers -- saying that they should be detected and 'tasked,'
intelligence jargon for monitoring. In the case of Stellar, the top secret GCHQ paper
includes the names and email addresses of 16 employees, including CEO Christian Steffen. In addition, it also provides a list of the most-important customers and
partners. Contacted by SPIEGEL, Stellar CEO Steffen said he had not been aware of any
attempts by intelligence services to infiltrate or hack his company. 'I am shocked,' he
said. Intelligence workers in Bude also appear to
have succeeded in infiltrating competitor Cetel. The document states that workers came
across four 'servers of interest' and were able to create a comprehensive list of
customers. According to Cetel CEO Guido Neumann, the company primarily serves customers in
Africa and the Middle East and its clients include non-governmental organizations as well
as a northern European country that uses Cetel to connect its diplomatic outposts to the
Internet. Neumann also says he was surprised when he learned his firm had been a target.
The firm IABG in Ottobrunn appears to have been of particular interest to the intelligence
service -- at least going by a short notation that only appears next to the Bavarian
company's name. It notes, 'this may have already been looked at by NSA NAC,' a reference
to the NSA's network analysis center.... Monitoring companies and their employees along with the theft of
customer lists are classic acts of economic espionage. Indeed, such revelations ought be a
case for the German federal public prosecutors' office, which in the past has initiated
investigations into comparable cases involving Russia or China. So far, however, German
Federal Public Prosecutor Harald Range has been struggling with the NSA issue. Some
experienced investigators have had a problem applying the same criteria used to assess
intelligence services like Russia's to those of the United States and Britain. Federal
prosecutors in Karlsruhe have provided a preliminary assessment, but so far no decision
has been made about whether the agency will move forward with legal proceedings.
Under review at the moment are allegations that the NSA monitored the chancellor's mobile phone and also conducted mass
surveillance on the communications of millions of Germans. Range recently
told the Berlin-based daily Die Tageszeitung the affair was 'an extremely complicated
issue.'.... The launch of legal proceedings against
GCHQ agents or NSA employees would quickly become a major political issue that would
further burden already tense trans-Atlantic relations. An additional problem is the fact
that Range is in possession of very few original documents, particularly those pertaining
to the NSA's monitoring of Chancellor Merkel. A
secret NSA document dealing with high-ranking targets has provided further indications
that Merkel was a target. The document is a presentation from the NSA's Center for Content
Extraction, whose multiple tasks include the automated analysis of all types of text data.
The lists appear to contain 122 country leaders. Twelve names are listed as an example,
including Merkel's. The list begins with 'A,' as in Abdullah
Badawi, the former Malaysian prime minister, and continues with the presidents of Peru,
Somalia, Guatemala and Colombia right up to Belarusian President Alexander Lukashenko. The
final name on the list, No. 122, is Yulia Tymoshenko, who was Ukrainian prime minister at
the time. The NSA listed the international leaders
alphabetically by their first name, with Tymoshenko listed under 'Y'. Merkel is listed
under 'A' as the ninth leader, right behind Malawian President Amadou Toumani Touré, but
before Syrian dictator Bashar Assad. The document indicates that Angela Merkel has been
placed in the so-called 'Target Knowledge Database' (TKB), the central database of
individual targets. An internal NSA description states that employees can use it to
analyze 'complete profiles' of target persons. The responsible NSA unit praises the
automated machine-driven administration of collected information about high-value targets.
In addition to surveillance of the chancellor, the Federal Prosecutor's Office is also
exploring the question of whether the NSA conducted mass espionage against the German
people. The internal NSA material also includes a
weekly report dating from March 2013 from the Special Sources Operations (SSO) division,
the unit responsible for securing NSA access to major Internet backbone structures, like
fiber optic cables. In the document, the team that handles contact with US
telecommunications providers like AT&T or Verizon reports on the legal foundations
with which it monitors the data of certain countries. According to the SSO report, FISA,
the special court responsible for intelligence agency requests, provided the NSA with
authorization to monitor 'Germany' on March 7, 2013. The case number provided in the
ruling is 13-319." |
"The Obama administration on Thursday formally proposed ending the
National Security Agency's bulk collection of all US phone data. Nearly 10 months after
the Guardian exposed the controversial program, based on leaks from Edward
Snowden, President Obama announced that he would seek legislation that would require
the NSA to seek an individual order from the secret Fisa court before phone companies turn
over data on their customers. 'I have decided that
the best path forward is that the government should not collect or hold this data in
bulk,' Obama said in a statement. 'Instead, the data should remain at the telephone
companies for the length of time it currently does today.' The
move goes further than Obama’s position on bulk surveillance in January, when the
president left
the door open to the possibility of the data being held by a private-sector third
party. That position was vigorously opposed by the phone companies and criticised by
proponents and critics of the NSA alike. Bulk phone data would no longer be collected by
NSA under the latest proposals. Instead phone companies would, in response to a court
order, turn over a suspicious phone number as well as all the numbers it called and
received, and all numbers those numbers called and received, on an 'ongoing and
prospective basis', according to an administration official. The administration has yet to
decide on a specific time limitation for querying the data, but 'there would be some
limited time period,' the official told reporters on Thursday. 'That’s something
we’re going to have to talk with Congress about.'... A senior administration official
indicated that the legal standard by which the court could order phone companies to turn
over customer data would be a 'reasonable articulable suspicion' of a phone number’s
connection to terrorism or espionage. That is a lower threshold than relevance to an
ongoing terror investigation, the language of Section 215 of the Patriot Act, the current
authorisation the administration claims for bulk domestic phone data collection. Verizon’s top lawyer, Randall Milch, sounded a tone of wariness over
the specifics of the proposal while praising it overall. 'If Verizon receives a valid
request for business records, we will respond in a timely way, but companies should not be
required to create, analyse or retain records for reasons other than business purposes,'
Milch wrote
Thursday on Verizon’s blog. Since January, the NSA has been permitted to query its
phone data troves only after the Fisa court first certifies it possesses reasonable,
articulable suspicion of a record’s connection to terrorism.... The Obama
administration left several aspects of its desired surveillance policy unaddressed on
Thursday. Although officials explaining the policy on a conference call with reporters
said they wanted the government to no longer 'hold' the data, they did not unveil any
changes to the NSA’s so-called 'corporate store' of analysed phone records. That
store, according to the government’s official privacy and civil liberties watchdog,
contains tens
of millions of phone numbers, and analysts do not face any restrictions on searching
through it. Caitlin Hayden, a spokeswoman for the National Security Council, clarified
that the Fisa Court will approve a new set of minimisation procedures to provide privacy
protections around the use, retention and dissemination of phone data. 'The details of
where the data would be stored and accessed once it is received would be governed by those
minimization procedures, just as minimisation procedures currently govern how we handle
the data,' Hayden said. Nor did the administration outline any changes to its
consideration of privacy rights for non-Americans abroad, something Obama said in his
January speech the NSA needed to consider. NSA’s
ability to search for Americans’ identifying information in its troves of phone and
internet communications content appears to be unimpeded, a function the USA Freedom Act
would prevent. Nor would NSA be prevented from surreptitiously undermining online
encryption standards.... Privacy groups also expressed wariness that Obama’s proposals on
Thursday only covered phone data.
'This raises the possibility that the government could collect other types of information in bulk, including
internet metadata, location information and financial transactions,' said Harley Geiger of
the Center for Democracy and Technology. 'Unless legislation addresses all types of data,
not just phone records, then businesses remain at risk of receiving an order to turn over
records on all of their customers and to keep quiet about it.' Obama’s position on
the proper scope of the NSA has changed substantially, by degree, in the 10 months since
the Guardian and other news outlets began publishing stories based on documents Snowden
provided. In June, Obama, a former constitutional law professor, greeted the revelations
of bulk domestic call records collection by saying he thought he had 'struck
the right balance.' Over the course of 2013 and early 2014, two high-level review panels,
one of which Obama personally
empowered, disagreed and proposed changes, while a federal
judge in December found the collection to be on the precipice of constitutional
violation. Opposition in Congress was substantial, if short of a majority to end the
practice. But in recent weeks, members of the House of Representatives publicly threatened
to allow the provisions of the Patriot Act the administration relied upon for bulk
collection to
expire next year if Obama did not act first. The
fear of losing the basis for a program that officials consider critical – although
they have backed
away from earlier claims it has prevented terrorist attacks – alongside
resistance from the telecos appears to have contributed to Obama’s most recent shifts
in position. Left unspoken on Thursday was the fate of Snowden, the former NSA contractor
whose disclosures prompted the administration to restrict its surveillance dragnets." |
"The Guardian deputy
editor Paul
Johnson has clarified his statement at a radio conference in Dublin that the British
Government would close down the newspaper over the Edward
Snowden spying affair. Mr Johnson was asked on Tuesday at the Radiodays conference
what specific threats were made by the British Government if they were to publish Mr
Snowden’s revelations of mass surveillance by US and UK security agencies. Mr Johnson
responded: 'Yes, we were being threatened with being closed down.' When pressed as to if
that meant the closure of the newspaper, he added: 'Well there are specific threats made
and there have been specific threats made legally. We didn’t know if they were under
the terror laws or the more ordinary laws about the seizure of journalistic material.' He
then played a video to show how the newspaper dealt with the threat. He has since contacted The Irish Times to state that he meant to
convey that the British Government would close down its coverage of the Snowden leaks,
rather than the newspaper itself." |
"It's already too late to stop the ubiquitous tracking and
monitoring of the public through biometrics, says Peter Waggett, Programme Leader at IBM's
Emerging Technology Group. We need to stop worrying about prevention, and start working
out how to make the most of data garnered from that kind of surveillance. 'We're fighting
the wrong battle when we ask should we stop people being observed. That is not going to be
feasible. We need to understand how to use that data better,' urged Waggett, who was
speaking as part of a Nesta panel debate on what
biometrics mean for the future of privacy. 'I've
been working in biometrics for 20 years, and it's reaching a tipping point where it's
going to be impossible not to understand where people are and what they are doing.
Everything will be monitored. It's part of the reason why when we put together the
definition of biometrics it included biological and behavioural characteristics -- it can
be anything.' To back up his point, Waggett identified a few of the futures once portrayed
in science fiction movies, now a reality. Minority Report is generally the go to film for
these kinds of comparisons. But it's the commercial aspects of the film Waggett flagged
up, rather than the gesture technology. In the film, the protagonist walks into a shop
where an advert immediately pops up and draws on his past preferences to offer up some
suggestions. 'The one thing they got wrong is you won't recognise you're being scanned --
the flashing red light in the film is for effect, but all that's now feasible. It is a
perfect example of how we need to be aware, now more than ever, of what data we are giving
up, and, for companies, how best that data can be used without infringing on customer
privacy and potentially threatening that relationship.'" |
"The Obama administration is to set out how it proposes to end the mass
collection of Americans' phone call data this week, as legislators in the House of
Representatives prepare to unveil a bill that would significantly curtail the practice but
lower the legal standards for the collection of such information.Under plans to be put
forward by the Obama administration in the next few days, the National Security Agency
would end the bulk collection of telephone records, and instead would need to seek a court
order to search records held by the telephone companies. A separate proposal, to be
published on Tuesday by the leaders of the House intelligence committee, would not
necessarily require a judge's prior approval to access phone or email data. Neither the
White House nor the House intelligence committee proposal would require telecommunications
firms to keep such records any longer than the current 18-month
maximum, a significant shift away from the five years during
which they are currently held by NSA. The
moves represent a significant overhaul of the secret mass collection practices of the past
13 years, exposed by whistleblower Edward Snowden. The House bill is the result of a shift
in position by two of the most stalwart congressional defenders of bulk collection, the
committee's Republican chairman Michael Rogers of Michigan and Democrat Dutch
Ruppersberger of Maryland. The bill, titled the End
Bulk Collection Act of 2014 and currently circulating on Capitol Hill, would prevent the
government from acquiring 'records of any electronic communication without the use of
specific identifiers or selection terms,' some 10 months after the Guardian first exposed
the bulk collection based on leaks by the whistleblower Edward Snowden. But the bill would
allow the government to collect electronic communications records based on 'reasonable
articulable suspicion', rather than probable cause or relevance to a terrorism
investigation, from someone deemed to be an agent of a foreign power, associated with an
agent of a foreign power, or 'in contact with, or known to, a suspected agent of a foreign
power.' A draft of the bill acquired by the Guardian proposes the
acquisition of such phone or email data for up to a year and would not necessarily require
prior approval by a judge. Authorisation of the collection would come jointly from the US attorney
general and director of national intelligence. The NSA or the FBI would not be able to
collect the content of those communications without probable cause. Nor does the House
intelligence committee's draft bill require phone companies or any other private entity to
store bulk phone records on behalf of the NSA – a proposal that has met with stiff
opposition from the telecommunications companies. In
essence, the draft bill gets rid of bulk collection, but makes it easier for government
authorities to collect metadata on individuals inside the US suspected of involvement with
a foreign power. The House intelligence committee proposal represents competition to a
different bill introduced last fall by privacy advocates in the Senate and House judiciary
committees known as the USA Freedom Act. That bill, which has 163 co-sponsors in both
chambers, does not lower the legal standard for data collection on US persons, and would
prohibit the NSA from searching for Americans' identifying information in its
foreign-oriented communications content databases, something the House intelligence bill
would not. A spokesperson for the House intelligence
committee did not immediately respond to a request for comment on Monday. Rogers and
Ruppersberger have scheduled a press conference on Tuesday morning to discuss what they
described in a release as 'Fisa improvement legislation' – a reference to the seminal
Foreign Intelligence Surveillance Act of 1978, which their bill would amend. While a judge
would not necessarily review the collection of a US individual's phone or email records
ahead of time, the House intelligence committee bill would require judicial review of the
collection procedures and associated privacy protections to 'reasonably limit the receipt,
retention, use and disclosure of communications records associated with a specific person
when such records are not necessary to understand foreign intelligence information or
assess the importance of such information'. A telecom
or internet service provider could challenge the collection order before the secret Fisa
court under the House intelligence committee proposal. The court would also have latitude to reject challenges 'that are not
warranted by existing law or consists of a frivolous argument for extending, modifying or
reversing existing law or for establishing a new law', and to impose contempt of court
penalties for noncompliant companies. The attorney general and the director of national
intelligence would have to 'assess compliance with the selection and the civil liberties
and privacy protection procedures' associated with the collection every six months, and
submit those assessments to the Fisa court and the intelligence and judiciary committees
of the House and Senate. Additionally, and in keeping
with an October proposal from Senate intelligence committee chairwoman Dianne Feinstein of
California, the House intelligence committee proposal would permit the NSA to continue
surveillance for 72 hours on a suspected foreigner's communications content if that person
enters the US. The House intelligence committee
proposal contains provisions embraced by critics of widespread NSA surveillance. It would
create a privacy advocate before the Fisa çourt; mandate additional declassification of
Fisa court rulings; require the Senate to confirm the NSA director and inspector general.
It also requires annual disclosure of the number of times 'in which the contents of a
communication of a United States person was acquired
under this Act when the acquisition authorized by this Act that resulted in the collection
of such contents could not reasonably have been anticipated to capture such contents.' But
in a sign of the continuing contentiousness on Capitol Hill over changes to NSA
surveillance, James Sensenbrenner, a Wisconsin Republican and co-author of the USA Freedom
Act, preemptively rejected the House intelligence committee proposal, calling it 'a
convoluted bill that accepts the administration's deliberate misinterpretations of the
law. It limits, but does not end, bulk collection. Provisions included in the draft
fall well short of the safeguards in the USA Freedom Act and do not strike the proper
balance between privacy and security,' Sensenbrenner said in a statement late on
Monday.... On Friday, the Obama administration and the intelligence agencies will face the
expiration of a Fisa court order for bulk domestic phone records collection. That
expiration represents a deadline imposed by Obama in January for his administration to
come to reach consensus on the specific contours of post-NSA phone metadata collection.
According to a
New York Times report late on Monday, Obama will
propose ending bulk phone data collection and replacing it with individualised orders for
telecom firms to provide phone records up to two 'hops' – or degrees of separation
– from a phone number suspected of wrongdoing.
The effort goes further towards the position favoured by privacy advocates than Obama proposed
in January. Obama will request the Fisa court approve the current bulk collection
program for a final 90-day renewal as he attempts to implement the new plan." |
"The show is over. The fat lady has finally sung. The fat lady, in this
case, is a former White House lawyer, Rajesh De, now the senior legal counsel for the US
National Security Agency (NSA). Last week, De told a statutory body of the US government,
the Privacy and Civil Liberties Oversight Board (PCLOB), that the so-called Foreign
Intelligence Surveillance Act (Fisa) corporations – a collection of US companies that
were made subject to secret court orders to spy on their customers outside the US – had indeed done just that. He specified a
particular NSA
programme called Prism, which required the companies to obtain and pass on to the NSA
all the data they had on their customers to the American spooks. This is something the
companies have strenuously denied, with some, such as Apple, claiming that they had never
heard of Prism. De said differently. He said they had acted on the orders of the Fisa
courts, which are secret, and had done so knowingly. This is how De put it to James X
Dempsey, a PCLOB board member: 'Prism is just an internal government term that, as a
result of the leaks, became a public term. But collection under this programme is done
pursuant to compulsory legal process that any recipient company would have received.'
James Dempsey: 'So they know that their data is being obtained because…' De: 'They
would have received legal process to assist the government, yes.' The Prism programme, first revealed by Edward Snowden – the NSA
fugitive living in Russia – and the Guardian, orders specific US high-tech
corporations to provide email data, chat, videos, photos, stored data, VoIP, file
transfers, video-conferencing, notification of target activity, and online social
networking details of their customers to the National Security Agency. What De is saying
is that the companies were ordered to do this by the US government, using a secret court
created under the governing legislation, the Foreign Intelligence Surveillance Act 1978.
He is also saying that the named corporations knew what they were doing because they were
acting under written court orders. What De is not
saying, and which no one on the board picked up, is that these orders might be lawful in
the US, but they are certainly illegal and possibly criminal everywhere else in the world,
particularly the UK. The chairman of the PCLOB, David Modine, a lawyer, put it like this:
'This law (Fisa) permits the government to target non-US persons – someone who is not
a citizen or a permanent resident alien – located outside the US for foreign
intelligence purposes without obtaining a specific warrant for such targets.' But he did
not address the issue of forcing US corporations and their staff to do that targeting in
other countries, such as the UK. US law does not run outside US territory. A law made
in the US that says 'thou shalt thieve and steal abroad' has no validity in the UK, or
anywhere else. The thefts ordered by the Fisa Courts are, for the most part, illegal in
the UK, under the Data Protection Act, the Human Rights Act section 8 and the Official
Secrets Act. Pleading Fisa is no defence in a UK
court. The PCLOB session minutes amount to the public record of a criminal conspiracy to
spy on other nations by forcing commercial companies to do the dirty work. There was no
input from the nine corporations listed as being part of the Prism programme, although
each was approached for comment by email for Computer Weekly. And it is quite possible
that the entire Foreign Intelligence Surveillance Act is unconstitutional in the US. While all the discussion in America has been about Fisa spying on
Americans in the US, none of the discussion has addressed the issue of how the orders
given to the companies could be legally executed in countries outside the US. Or how US
corporations and citizens could be legally ordered to commit crimes in other countries,
for which they would be liable if caught." |
"You know, I have felt
that my own communications are probably monitored. And when I want to communicate with a
foreign leader privately, I type or write a letter myself, put it in the post office and
mail it. I believe if I send an email, it will be
monitored." |
"The U.S. National Security Agency has infiltrated servers in the
headquarters of Chinese telecommunications and internet giant Huawei Technologies Co,
obtaining sensitive information and monitoring the communications of top executives, the
New York Times reported on Saturday. The newspaper said its report on the operation,
code-named 'Shotgiant,' was based on NSA documents provided by Edward Snowden, the former
agency contractor who since last year has leaked data revealing sweeping U.S. surveillance
activities. The German magazine Der Spiegel also reported on the documents. One of the
goals of the operation was to find any connections between Huawei and the Chinese
People’s Liberation Army, according to a 2010 document cited by the Times. But the
newspaper said the operation also sought to exploit Huawei’s technology. It reported
that the NSA aimed to conduct surveillance through computer and telephone networks Huawei sold to other nations. If ordered by the U.S. president, the NSA also planned to unleash
offensive cyber operations, it said. The newspaper said the NSA secured access to the
servers in Huawei’s sealed headquarters in the city of Shenzhen and got information
about the workings of the giant routers and complex
digital switches the company says connect a third of the world’s people. The NSA also tracked communications of Huawei’s top executives, the
Times reported. Der Spiegel reported that the NSA breached Huawei’s computer network
and copied a list of more than 1,400 clients and internal training documents for
engineers. 'We have access to so much data that we don’t know what to do with it,'
the magazine cited an NSA document as saying. The
magazine said the NSA also is pursuing a digital offensive against the Chinese political
leadership. It named the government targets as former Chinese prime minister Hu Jintao and
the Chinese trade and foreign ministries. 'Many of our targets communicate over
Huawei-produced products. We want to make sure that we know how to exploit these
products,' the Times quoted an NSA document as saying, to 'gain access to networks of
interest' around the world. 'If we can determine the company’s plans and intentions,'
an analyst wrote in the 2010 document, 'we hope that this will lead us back to the plans
and intentions' of the Chinese government. The Times
also reported that as Huawei invested in new technology and laid undersea cables to
connect its $40 billion-a-year networking operation, the NSA was interested in getting
information on into key Chinese customers including 'high priority targets – Iran,
Afghanistan, Pakistan, Kenya, Cuba.' The Times quoted William Plummer, a senior Huawei
executive in the United States, as saying that the company did not know it was a target of
the NSA. 'The irony is that exactly what they are doing to us is what they have always
charged that the Chinese are doing through us,' the Times quoted Plummer as saying.' U.S.
officials have denied the United States and NSA have spied on foreign companies to help
American companies gain a competitive edge. A U.S. intelligence official said the NSA and
other agencies do not provide secretly collected intelligence information that could be
commercially sensitive or give a competitive advantage to U.S. firms. U.S. officials
acknowledge that in the course of assessing the economic prospects or stability of foreign
countries American agencies might collect data on individual companies. They also said the
United States might collect data on foreign companies in preparation for imposing economic
sanctions or taking other foreign policy-related actions against a country and its
leadership, but not to aid American companies. The Times and Der Spiegel articles were
published just days before Chinese President Xi Jinping visits Europe and will hold talks
with German Chancellor Angela Merkel, herself a target of electronic surveillance by the
NSA." |
"... what people have to understand is the federal government and NSA
has been doing this very thing against the American people for at least the last year and
a half. And with the onset or with the opening of the Bluffdale facility, by the way--and
that happened in December 2012--NSA now has the capability to store all content from
all communications, both phone and computer, at that facility out there. And our own domestic communications are part of that complete package....
[the telephone content capture programme] MYSTIC has been happening in the U.S." |
"Microsoft is caught up in a privacy storm after it admitted it
read the Hotmail inbox of a blogger while pursuing a software leak investigation. On
Thursday, the firm acknowledged it read the anonymous blogger's emails in order to
identify an employee it suspected of leaking information. Microsoft owns Hotmail, a free email service now called Outlook.com. John
Frank, deputy general counsel for Microsoft, said it took 'extraordinary actions in this
case'. While the search was technically legal, he
added Microsoft would consult outside counsel in the future. Microsoft's actions came
to light this week as part of a legal case by US prosecutors against an ex-Microsoft
employee, Alex Kibalko, who was a Russian native based in the company's Lebanon office. In
2012, Microsoft had been alerted to the fact that the blogger, whose identity was kept
anonymous in the court papers, had been given some stolen lines of code from the
not-yet-released Windows 8 operating system." |
"Yahoo! was reportedly called into the Home Office on Thursday where Teresa
May expressed UK government security concerns about its plans to move its main base in
Europe to Ireland. The internet
giant has harboured privacy concerns for some time, according to The
Guardian. These concerns can only have been exacerbated by recent revelations
from the Edward Snowden files that GCHQ was tapping the images of millions of people using
Yahoo! webcams, regardless of whether they were suspects in any criminal activity. Much of
the footage was s*xually explicit. Yahoo! denounced this as a 'whole new level of
violation of our users' privacy'..... Brian Honan, an infosec consultant who founded and heads up the Republic
of Ireland's Computer Security Incident Response Team, explained that moving to Ireland
will 'put Yahoo’s data out of direct reach of the UK
government' without changing anything much about how US
authorities might be able to access Yahoo! users' data. 'Ireland does not have a version of
RIPA, but it is subject to the EU Data Retention Directive which requires all telcos and
internet service providers to retain metadata on users phone calls, location (for mobile
phones), and emails,' Honan explained. 'Law enforcement and Defence Forces officials can request access
to that data. So moving to Ireland will put Yahoo!’s data out of direct reach of the
UK government as they would then have to request that data via courts etc in both
jurisdictions.' 'However, as Yahoo is a US company it will still be subject to US laws
such as the Patriot Act and FISA [Foreign Intelligence Surveillance Act] which they will
have to comply with.' Yahoo! is following the same
patch as many other internet giants in basing their main European internet operations in
the Emerald Isle. The reasons have as much to do with access to a skilled pool of
English-speaking technologists as with tax breaks, according to Honan. 'Ireland also
provides Yahoo with a lot of other advantages such as a young English speaking and well
educated workforce. We are also part of the Euro Zone, which makes trading with companies
in other parts of the Euro zone much easier for companies as there are no concerns
regarding currency fluctuations. Ireland has invested a lot in the past in the ICT
infrastructure and there are many high quality data centres and offices available with
excellent international ICT capabilities.'" |
"Across the world, people who work as system administrators keep computer
networks in order – and this has turned them into unwitting targets of the National
Security Agency for simply doing their jobs. According to a secret
document provided by NSA whistleblower Edward Snowden, the agency tracks down the
private email and Facebook accounts of system administrators (or sys admins, as they are
often called), before hacking their computers to gain access to the networks they control.
The document consists of several posts – one of them is titled 'I hunt sys admins'
– that were published in 2012 on an internal discussion board hosted on the
agency’s classified servers. They were written by an NSA official involved in the
agency’s effort to break into foreign network routers, the devices that connect
computer networks and transport data across the Internet. By infiltrating the computers of
system administrators who work for foreign phone and Internet companies, the NSA can gain
access to the calls and emails that flow over their networks. The classified posts reveal how the NSA official aspired to create a
database that would function as an international hit list of sys admins to potentially
target. Yet the document makes clear that the admins
are not suspected of any criminal activity – they are targeted only because they
control access to networks the agency wants to infiltrate. 'Who better to target than the
person that already has the ‘keys to the kingdom’?' one of the posts says....The author of the posts, whose name is being withheld by The
Intercept, is a network specialist in the agency’s Signals Intelligence Directorate,
according to other NSA documents. The same author wrote secret presentations related to
the NSA’s
controversial program to identify users of the Tor browser – a privacy-enhancing
tool that allows people to browse the Internet anonymously. The network specialist, who
served as a private contractor prior to joining the NSA, shows little respect for hackers
who do not work for the government. One post expresses disdain for the quality of
presentations at Blackhat and Defcon, the computer world’s premier security and
hacker conferences.... As The Intercept revealed
last week, clandestine hacking has become central to the NSA’s mission in the
past decade. The agency is working to aggressively scale its ability to break into
computers to perform what it calls 'computer network exploitation,' or CNE: the collection
of intelligence from covertly infiltrated computer systems. Hacking into the computers of
sys admins is particularly controversial because unlike conventional targets – people
who are regarded as threats – sys admins are not suspected of any wrongdoing..... The first step, according to
the posts, is to collect IP addresses that are believed to be linked to a network’s
sys admin. An IP address is a series of numbers allocated to every computer that connects
to the Internet. Using this identifier, the NSA can then run an IP address through the
vast amount of signals intelligence data, or SIGINT, that it collects every day, trying to
match the IP address to personal accounts. 'What we’d really like is a personal webmail or Facebook
account to target,' one of the posts explains, presumably because, whereas IP addresses
can be shared by multiple people, 'alternative selectors' like a webmail or Facebook
account can be linked to a particular target. You can 'dumpster-dive for alternate
selectors in the big SIGINT trash can' the author suggests.... Once the agency believes it has
identified a sys admin’s personal accounts, according to the posts, it can target
them with its so-called QUANTUM
hacking techniques. The Snowden files reveal that the QUANTUM methods have
been used to secretly inject surveillance malware into a Facebook page by sending
malicious NSA data packets that appear to originate from a genuine Facebook server. This
method tricks a target’s computer into accepting the malicious packets, allowing the
NSA to infect the targeted computer with a malware 'implant' and gain unfettered access to
the data stored on its hard drive. 'Just pull those
selectors, queue them up for QUANTUM, and proceed with the pwnage,' the author of the
posts writes. ('Pwnage,' short for 'pure ownage,' is gamer-speak for defeating opponents.)
The author adds, triumphantly, 'Yay! /throws confetti in the air.' In one case, these tactics were used by the NSA’s British
counterpart, Government Communications Headquarters, or GCHQ, to infiltrate the Belgian
telecommunications company Belgacom. As Der Speigel revealed
last year, Belgacom’s network engineers were targeted by GCHQ in a QUANTUM
mission named 'Operation Socialist' – with the British agency hacking into the
company’s systems in an effort to monitor smartphones. While
targeting innocent sys admins may be surprising on its own, the 'hunt sys admins' document
reveals how the NSA network specialist secretly discussed building a 'master list' of sys
admins across the world, which would enable an attack to be initiated on one of them the
moment their network was thought to be used by a person of interest.... 'Our ability to
pull bits out of random places of the Internet, bring them back to the mother-base to
evaluate and build intelligence off of is just plain awesome!' the author writes. 'One of
the coolest things about it is how much data we have at our fingertips.'" |
"Google is upping the security of Gmail with new measures to
protect your email from prying eyes. The Web giant on Thursday announced that from now on,
Gmail will always use an encrypted HTTPS connection when you check and send email. Gmail has always supported HTTPS, and in 2010 Google turned it on for everyone by
default, but users still had the option to turn this protection off. From now on,
Gmail is HTTPS-only, meaning the mail service no longer allows the more insecure HTTP
connections. 'Today's change means that no one can listen in on your messages as they go
back and forth between you and Gmail's servers — no matter if you're using public
Wi-Fi or logging in from your computer, phone or tablet,' Gmail Security Engineering Lead
Nicolas Lidzborski wrote in a blog post. One reason to avoid HTTPS is that it could be a tad slower
than HTTP. But Google said it has been working for some time to address performance issues
and now feels it has reached a point where it no longer makes sense to allow HTTP
connections, a spokeswoman for the company told PCMag. Most Gmail users already use HTTPS,
so this is just the final step in the transition." |
"The next threat to your privacy could be hovering over head while you walk
down the street. Hackers have developed a drone that can steal the contents of your smartphone -- from your location data
to your Amazon (AMZN, Fortune
500) password -- and they've been testing it out in the skies of London. The research
will be presented next week at the Black Hat Asia cybersecurity conference in Singapore.
The technology equipped on the drone, known as Snoopy, looks for mobile devices with Wi-Fi
settings turned on. Snoopy takes advantage of a feature built into all smartphones and
tablets: When mobile devices try to connect to the Internet, they look for networks
they've accessed in the past. 'Their phone will very
noisily be shouting out the name of every network its ever connected to,' Sensepost
security researcher Glenn Wilkinson said. 'They'll be shouting out, 'Starbucks, are you
there?...McDonald's Free Wi-Fi, are you there?' That's
when Snoopy can swoop into action (and be its most devious, even more than the cartoon
dog): the drone can send back a signal pretending to be networks you've connected to in
the past. Devices two feet apart could both make connections with the quadcopter, each
thinking it is a different, trusted Wi-Fi network. When the phones connect to the drone,
Snoopy will intercept everything they send and receive. That includes the sites you visit,
credit card information entered or saved on different sites, location data, usernames and
passwords. Each phone has a unique identification number, or MAC address, which the drone
uses to tie the traffic to the device. The names of
the networks the phones visit can also be telling. 'I've seen somebody looking for 'Bank
X' corporate Wi-Fi,' Wilkinson said. 'Now we know that that person works at that bank.' CNNMoney took Snoopy out for a spin in London on a Saturday
afternoon in March and Wilkinson was able to show us what he believed to be the homes of
several people who had walked underneath the drone. In less than an hour of flying, he
obtained network names and GPS coordinates for about 150 mobile devices. He was also able to obtain usernames and passwords for Amazon, PayPal
and Yahoo (YAHOF) accounts created for the purposes of our reporting so that we
could verify the claims without stealing from passersby. 'Your phone connects to me and
then I can see all of your traffic,' Wilkinson said. Collecting metadata, or the device
IDs and network names, is probably not illegal, according to the Electronic Frontier
Foundation. Intercepting usernames, passwords and credit card information with the intent
of using them would likely violate wiretapping and identity theft laws. Wilkinson, who
developed the technology with Daniel Cuthbert at Sensepost Research Labs, says he is an
ethical hacker. The purpose of this research is to raise awareness of the vulnerabilities
of smart devices. Installing the technology on drones creates a powerful threat because
drones are mobile and often out of sight for pedestrians, enabling them to follow people
undetected." |
"Theresa May summoned the internet giant Yahoo
for an urgent meeting on Thursday to raise security concerns after the company announced
plans to move to Dublin where it is beyond the reach of Britain's surveillance laws. By making the
Irish capital rather than London the centre of its European, Middle East and Africa
operations, Yahoo cannot be forced to hand over information demanded by Scotland Yard and
the intelligence agencies through 'warrants' issued under Britain's controversial
anti-terror laws. Yahoo has had longstanding
concerns about securing the privacy of its hundreds of millions of
users – anxieties that have been heightened in recent months by revelations from the
whistleblower Edward Snowden. In February, the Guardian revealed that Britain's
eavesdropping centre GCHQ intercepted
and stored the images of millions of people using Yahoo webcams, regardless of whether
they were suspects. The data included a large quantity of sexually explicit pictures. The
home secretary called the meeting with Yahoo to express the fears of Britain's
counter-terrorism investigators. They can force
companies based in the UK to provide information on their servers by seeking warrants
under the Regulation
of Investigatory Powers Act, 2000 (Ripa). The law, now under review by a parliamentary
committee, has been widely criticised for giving police and the intelligence agencies too
much access to material such as current emails and internet searches, as well as anything
held on company records. However, the Guardian has been told that Charles Farr, the head of
the office for security and counter-terrorism (OSCT) within the Home Office, has been
pressing May to talk to Yahoo because of anxiety in Scotland Yard's counter-terrorism
command about the effect the move to Dublin could have on their inquiries. Farr, a former senior intelligence officer, coordinates the work of
Scotland Yard and the security service MI5, to prevent terrorist attacks in the UK. 'There
are concerns in the Home Office about how Ripa will apply to Yahoo once it has moved its
headquarters to Dublin,' said a Whitehall source. 'The home secretary asked to see
officials from Yahoo because in Dublin they don't have equivalent laws to Ripa. This could
particularly affect investigations led by Scotland Yard and the national crime agency.
They regard this as a very serious issue.' The move to make Dublin the centre of its
headquarters for Europe, the Middle East and Africa
(EMEA) was announced last month and will take effect from Friday. In a statement at the
time, Yahoo said Dublin was a natural home for the company and that it would be
incorporated into Irish laws. The firm insisted the move was driven by 'business needs
… we believe it is in the best interest of our users. Dublin is already the European
home to many of the world's leading global technology brands.' However, the firm has been
horrified by some of the surveillance programmes revealed by Snowden and is understood to
be relieved that it will be beyond the immediate reach of UK surveillance laws. Following
the Guardian's disclosures about snooping on Yahoo webcams, the company said it was
'committed to preserving our users trust and security and continue our efforts to expand
encryption across all of our services.' It said GCHQ's activity was 'completely
unacceptable..we strongly call on the world's governments to reform surveillance law.'
Explaining the move to Dublin, the company said: 'The principal change is that Yahoo EMEA,
as the new provider of services to our European users, will replace Yahoo UK Ltd as the
data controller responsible for handling your personal information. Yahoo EMEA will be
responsible for complying with Irish privacy and data protection laws, which are based on
the European data protection directive.' Emma Carr, deputy director of Big Brother Watch,
said: 'It should not come as a surprise if companies concerned about maintaining their
users' trust to hold their information start to move to countries with more rigorous
oversight processes, particularly where courts oversee requests for information.'
Surveillance laws have a direct impact on our economy and Yahoo's decision should be ring
an alarm in Parliament that ignoring the serious questions about surveillance that are
being debated around the world will only harm Britain's digital economy.' Under Ripa, a
warrant can be issued for an investigation that has implications for national security, or
might lead to the prevention or detection of serious crimes. Warrants to seek the
retention of communications data can be issued by specified officers within police forces
and the intelligence agencies. More intrusive surveillance techniques can require the
signature of a cabinet minister. From Friday, investigators may have to seek information
by using a more drawn out process of approaching Yahoo through a Mutual Legal Assistance
Treaty between Ireland and the UK. A Home Office
spokesperson said: 'We do not confirm the details of private meetings.'" |
"The senior lawyer for the National Security Agency stated on
Wednesday that US technology companies were fully aware of the surveillance agency’s
widespread collection of data. Rajesh De, the NSA general counsel, said all communications
content and associated metadata harvested by the NSA under a 2008 surveillance law
occurred with the knowledge of the companies – both for the internet collection
program known as Prism and for the so-called 'upstream' collection of communications
moving across the internet. Asked during a Wednesday
hearing of the US government’s institutional privacy watchdog if collection under the
law, known as Section 702 or the Fisa Amendments Act, occurred with the 'full knowledge
and assistance of any company from which information is obtained,' De replied: 'Yes.' When
the Guardian
and the Washington
Post broke the Prism story in June, thanks to documents leaked by whistleblower Edward
Snowden, nearly all the companies listed as participating in the program – Yahoo,
Apple, Google, Microsoft, Facebook and AOL – claimed
they did not know about a surveillance practice described as giving NSA vast access to
their customers’ data. Some,
like Apple, said they had 'never heard' the term Prism. De explained: 'Prism was an
internal government term that as the result of leaks became the public term,' De said.
'Collection under this program was a compulsory legal process, that any recipient company
would receive.' After the hearing, De added that service providers also know and receive
legal compulsions surrounding NSA’s harvesting of communications data not from
companies but directly in transit across the internet under 702 authority." |
"The National Security Agency has built a surveillance system
capable of recording '100 percent' of a foreign country’s telephone calls,
enabling the agency to rewind and review conversations as long as a month after they take
place, according to people with direct knowledge of the effort and documents supplied by
former contractor Edward
Snowden. A senior manager for the program compares it to a time machine — one
that can replay the voices from any call without requiring that a person be identified in
advance for surveillance. The voice interception program, called MYSTIC, began in 2009.
Its RETRO tool, short for 'retrospective retrieval,' and related projects reached full
capacity against the first target nation in 2011. Planning documents two years later
anticipated similar operations elsewhere. In the initial deployment, collection systems
are recording 'every single' conversation nationwide, storing billions of them in a 30-day
rolling buffer that clears the oldest calls as new ones arrive, according to a classified
summary. The call buffer opens a door 'into the
past,' the summary says, enabling users to 'retrieve audio of interest that was not tasked
at the time of the original call.' Analysts listen to only a fraction of 1 percent of
the calls, but the absolute numbers are high. Each
month, they send millions of voice clippings, or 'cuts,' for processing and long-term
storage. At the request of U.S. officials, The
Washington Post is withholding details that could be used to identify the country where
the system is being employed or other countries where its use was envisioned. No other NSA program disclosed to date has
swallowed a nation’s telephone network whole.
Outside experts have sometimes described that prospect as disquieting but remote, with
notable implications for a growing debate over the NSA’s practice of 'bulk
collection' abroad. Bulk methods capture massive data flows 'without the use of
discriminants,' as President
Obama put it in January. By design, they vacuum up all the data they touch —
meaning that most of the conversations collected by RETRO would be irrelevant to U.S.
national security interests. In the view of U.S. officials, however, the capability
is highly valuable....Some of the documents provided
by Snowden suggest that high-volume eavesdropping may soon be extended to other countries,
if it has not been already. The RETRO tool was built three years ago as a 'unique one-off
capability,' but last
year’s secret intelligence budget named five more countries for which the MYSTIC
program provides 'comprehensive metadata access and content,' with a sixth expected to be
in place by last October. The budget did not say whether the NSA now records calls in
quantity in those countries or expects to do so. A separate document placed a high
priority on planning 'for MYSTIC accesses against projected new mission requirements,'
including 'voice.' Ubiquitous voice surveillance, even overseas, pulls in a great deal of
content from Americans who telephone, visit and work in the target country. It may also be
seen as inconsistent with Obama’s Jan. 17 pledge 'that the United States is not
spying on ordinary people who don’t threaten our national security,' regardless of
nationality, 'and that we take their privacy concerns into account.' In a presidential
policy directive, Obama instructed the NSA and
other agencies that bulk acquisition may be used only to gather intelligence related to
one of six specified threats, including nuclear proliferation and terrorism. The directive, however, also noted that limits on bulk collection 'do not
apply to signals intelligence data that is temporarily acquired to facilitate targeted
collection.' The emblem of the MYSTIC program depicts
a cartoon wizard with a telephone-headed staff. Among the agency’s bulk
collection programs disclosed over the past year, its focus on the spoken word is unique.
Most of the programs have involved the bulk collection of metadata
— which does not include call content — or text, such as e-mail
address books. Telephone calls are often thought to be more ephemeral and less suited
than text for processing, storage and search. And there are indications that the
call-recording program has been hindered by the NSA’s limited capacity to store and
transmit bulky voice files. In the first year of its deployment, a program officer wrote
that the project 'has long since reached the point where it was collecting and sending
home far more than the bandwidth could handle.' Because of similar capacity limits across
a range of collection programs, the NSA is leaping forward with cloud-based collection
systems and a gargantuan new 'mission data repository' in Utah. According to its overview briefing, the Utah facility is designed 'to cope
with the vast increases in digital data that have accompanied the rise of the global
network.' Christopher Soghoian, the principal technologist for the American Civil
Liberties Union, said history suggests that 'over the next couple of years they will
expand to more countries, retain data longer and expand the secondary uses.' Spokesmen for
the NSA and the office of Director of National Intelligence James R. Clapper Jr. declined
to confirm or deny expansion plans or discuss the criteria for any change. Based on
RETRO’s internal reviews, the NSA has a strong motive to deploy it elsewhere. In the documents and in interviews, U.S. officials said RETRO is
uniquely valuable when an analyst uncovers a new name or telephone number of interest.
With up to 30 days of recorded conversations in hand, the NSA can pull an instant history
of the subject’s movements, associates and plans. Some other U.S. intelligence
agencies also have access to RETRO. Highly classified briefings cite examples in which the
tool offered high-stakes intelligence that would not have existed under traditional
surveillance programs in which subjects are identified for targeting in advance. In
contrast with most of the government’s public claims about the value of controversial
programs, the briefings supply names, dates, locations and fragments of intercepted calls
in convincing detail. Present and former U.S. officials, speaking on the condition of
anonymity to provide context for a classified program, acknowledged that large numbers of
conversations involving Americans would be gathered from the country where RETRO operates.
The NSA does not attempt to filter out their calls,
defining them as communications 'acquired incidentally as a result of collection directed
against appropriate foreign intelligence targets.' ... RETRO and MYSTIC are carried out
under Executive
Order 12333, the traditional grant of presidential authority to intelligence agencies
for operations outside the United States. Since August, Sen. Dianne Feinstein (D-Calif.),
the chairman of the Senate Intelligence Committee, and others on that panel have been
working on plans to assert
a greater oversight role for intelligence-gathering abroad. Some legislators are
considering whether Congress should also draft new laws to govern those operations. Experts say there is not much legislation that governs overseas
intelligence work. 'Much of the U.S.
government’s intelligence collection is not regulated by any statute passed by
Congress,' said Timothy H. Edgar, the former director of privacy and civil liberties on
Obama’s national security staff. 'There’s a lot of focus on the Foreign
Intelligence Surveillance Act, which is understandable, but that’s only a slice of
what the intelligence community does.' All surveillance must be properly authorized for a
legitimate intelligence purpose, he said, but that 'still leaves a gap for activities that
otherwise basically aren’t regulated by law, because they’re not covered by
FISA.' Beginning in 2007, Congress loosened 40-year-old restrictions on domestic
surveillance because so much foreign data crossed U.S. territory. There were no comparable
changes to protect the privacy of U.S. citizens and residents whose calls and e-mails now
routinely cross international borders." |
"Edward Snowden on Tuesday said the biggest revelations have yet to
come out of the estimated 1.7 million documents he acquired from the National Security
Agency. In a surprise appearance via satellite robot at the 2014 TED conference in
Vancouver, Snowden said there is still a lot of reporting to be done, including diving
deeper into the accusation that the NSA tricks companies into building backdoors into
their systems that make data vulnerable to hackers across the world. 'Is it really terrorism that we're stopping? I say no,' Snowden said. 'The
bottom line is that terrorism [...] has always been a cover for actions. Terrorism evokes
an emotional response.' Snowden, who is still in hiding somewhere in Russia, maintained
that his act wasn't reckless and that he did it all for the American people. He also said
he would love to return to the United States — if granted immunity. 'I don't want to
harm my government' he said. 'The fact that they're willing to ignore due process and
declare guilt without a trial [...] these are things we need to work against as a
society.' Snowden remains a controversial figure throughout the world, but he was
speaking to the right crowd at TED. When Anderson asked the audience who disagreed with
Snowden's actions, only a few hands shot into the air. When
he asked if the room felt Snowden was right in handing over the NSA's secret, the audience
erupted with applause. Tim Berners-Lee, a man widely
credited with inventing the World Wide Web, then stepped on stage to talk with Snowden. He
called him a 'hero.' After Snowden exposed NSA programs like PRISM, many Americans wanted to know why they should
care about this surveillance if they're not guilty of doing anything wrong. Snowden said
it comes down to protecting rights. 'Rights matter
because you never know when you’re going to need them,' Snowden said, adding that
people should be able to pick up the phone and call their family, send a text to their
loved ones and travel by train without worrying about how these events will look to a
government years in the future. ...." |
"The U.S. government has acknowledged that it swept up huge volumes
of data from emails in the U.S. for several years without any court approval, based solely
on the orders of former President George W. Bush. In a court filings on Monday, government
lawyers said that the Internet program ran in parallel with a program gathering so-called
metadata about telephone calls. The counterterrorism efforts operated under presidential
authority before a judge approved them in July 2004, said a 2007 court filing made public
Monday by the Justice Department (and posted here.) 'After the 9/11 attacks and pursuant to an authorization of the President,
[redacted] the NSA [redacted] the bulk collection of non-content information about
telephone calls and Internet communications (hereafter 'metadata') activities that enable
the NSA to uncover the contacts [redacted] of members or agents of al Qaeda or affiliated
terrorist organizations,' a senior NSA official wrote in an October 2007 declaration
originally filed under seal as part of an effort to defeat litigation about the snooping
Bush ordered. 'Specifically, the President authorized the the NSA to collect metadata
related to Internet communications for the purpose of conducting targeted analysis to
track Al Qaeda-related networks. Internet metadata is
header/router/addressing information, such as the 'to,' 'from,' 'cc,' and 'bcc' lines, as opposed to the body or 're' lines, of a standard e-mail. Since July
2004, the collection of Internet metadata has been conducted pursuant to an Order of the
Foreign Intelligence Surveillance Court,' the still-unidentified official from NSA's
Signals Intelligence Directorate continued." |
"In response to Senator Dianne Feinstein's speech last week calling out the
CIA for spying on her staffers, Rep. Nancy Pelosi was asked to comment and gave what might be the most revealing comments to date as to why Congress
is so scared of the CIA: 'I salute Sen. Feinstein,' Pelosi said
at her weekly news conference of the chairwoman of the Senate Intelligence Committee.
'I’ll tell you, you take on the intelligence community, you’re a person of courage, and she does not do that lightly. Not without evidence, and when I say evidence, documentation of what it
is that she is putting forth.' Pelosi added that she has always fought for checks and
balances on CIA activity and its interactions with Congress: 'You
don’t fight it without a price because they come after you and they don’t always
tell the truth.' A few months back, the ACLU had
posted something questioning whether or not the intelligence community might be blackmailing Congress. And, quite frequently when we write
about the intelligence community, we see suggestions in the comments that certain
politicians probably cover for the NSA and CIA because they know what those agencies 'have
on them.' I've always dismissed those kinds of claims as being a bit far-fetched, even if
they have plenty of historical precedent. So far, there's certainly been no direct
evidence of that happening. And yet... Pelosi's comments certainly seem to hint at even
more nefarious activity by the intelligence community against politicians who dare to
actually do the job of oversight. The point of that
ACLU post linked above is that, even if it's not happening, the fact that we can't
definitively rule it out is a serious problem for democracy. And just the fact that some
of the most powerful members of Congress, who are theoretically in charge of oversight,
are now publicly admitting that they're scared of how the CIA fights back when they take
them on, suggests that the intelligence community really is rotten to the core. And Congressional oversight, as it stands today, is clearly not able to
deal with the issue by itself." |
"Intelligence agency ASIO is using the Snowden leaks to bolster its
case for laws forcing Australian telecommunications companies to store certain types of
customers' internet and telephone data for a period of what some law enforcement agencies
would like to be two years. The federal spying
agency is supported by the Northern Territory Police, Victoria Police, Australian Federal
Police, Australian Crime Commission and Australian Commission for Law Enforcement
Integrity, who all say they are in support of a data-retention regime. What type of data
should be stored by internet and phone providers is another question. Although storing
'content' data has been ruled out under a retention scheme, at least two agencies –
the Northern Territory Police and Victoria Police – want web-browsing histories
stored. In its submission to a parliamentary inquiry into potential changes to
telecommunications laws, ASIO argues that more people are encrypting their web
communications after revelations made by US intelligence contractor Edward Snowden about
widespread data collection programs by governments. This has hastened the need for changes
that would force providers to keep all customers' 'metadata' for a prescribed period, it
says. Metadata stored about a phone call could include the parties to the call, location,
duration and time of the call, but not what was said. Metadata
stored about an internet activity could include your assigned IP address and the IP
addresses of web servers you visit, or uniform resource locators (URLs) you visit and the
time at which they were visited, while email metadata might include addresses, times, and
the subject." |
"One of the things that baffles me is why more people are not
alarmed by what Edward Snowden has been telling us
about the scale and intrusiveness of internet surveillance. My hunch is that
this is partly because – strangely – people can't relate the revelations to
things they personally understand. In the past two weeks, two perceptive commentators have
been trying to break through this barrier. One is Cory Doctorow, the science-fiction
novelist, who had a terrific essay in the Guardian arguing that instead of increasing our security,
government agencies such as the NSA, GCHQ
and others are actually undermining it. The essay is
worth reading in full, but one part of it stood out for me. It's about the thriving,
underworld online market in malicious software. Nowadays, if some hacker discovers a
previously unknown vulnerability in widely used software, that discovery can be very
valuable – and people will pay large sums for such 'zero-day' exploits. But here's
the creepy bit: sometimes, the purchasers are government agencies that buy these pieces of
malware to use as weapons against their enemies. To most people, this will seem pretty
abstruse. But with the imaginative skill of a good writer, Doctorow nails it: 'If you
discovered,' he writes, 'that your government was more interested in weaponising typhus
than they were in curing it, you would demand that your government treat your water supply
with the gravitas and seriousness that it is due.' In a networked world, in other words,
cyberwarfare and cybercrime are analogous to public health issues and our intelligence
agencies ought to be treating them as such, rather than polluting the water supply." |
"Apple co-founder Steve Wozniak made a startling revelation voicing
his support for National Security
Agency (NSA) contractor-turned-whistleblower Edward Snowden at an interactive session
held at Europe's largest technology conference - Cebit 2014 - in Hannover in Germany. 'He
is a hero to me, but he may be a traitor to other people and I understand the reasons for
them to think that way. I believe that Snowden believed, like I do, that the US has a
right to freedom. He had the guts to and courage to sacrifice his life for a principle,'
said Wozniak, at an interactive session moderated by Brent Goff, main news anchor for
Deutsche Welle here on Thursday. Snowden is hiding
in Russia as a fugitive from US law and charged with espionage for leaking documents
related to the US surveillance." |
"Free speech and freedom of the press are under attack in the UK. I
cannot return to England, my country, because of my journalistic work with NSA
whistleblower Edward
Snowden and at WikiLeaks. There are things I
feel I cannot even write. For instance, if I were to say that I hoped my work at WikiLeaks would change
government behaviour, this journalistic work could be considered a crime under the UK Terrorism Act of 2000.
The act gives a definition of terrorism as an act or
threat 'designed to influence the government', that 'is made for the purpose of advancing
a political, religious, racial or ideological cause' and that would pose a 'serious risk'
to the health or safety of a section of the public. UK government officials have
continually asserted that this risk is present with the disclosure of any 'classified'
document.Elsewhere the act says 'the government' means the government of any country
– including the US. Britain has used this act to open a terrorism investigation
relating to Snowden and the journalists who worked with him, and as a pretext to enter the
Guardian's offices and demand the destruction of their Snowden-related hard drives.
Britain is turning into a country that can't tell its terrorists from its journalists.... If Britain is going to
investigate journalists as terrorists take and destroy our documents, force us to give up
passwords and answer questions – how can we be sure we can protect our sources? But
this precedent is now set; no journalist can be certain that if they leave, enter or
transit through the UK this will not happen to them. My lawyers advise me not to return
home. Snowden's US legal adviser, Jesselyn Radack, was questioned about Julian Assange and
her client when she entered the UK recently. I am strongly connected to both men: I work
for one, and rescued and watched over the other for four months. In addition, if schedule 7 is used to stop me upon entering the country I
could not answer such questions or relinquish anything, as this would be a risk to
WikiLeaks's journalistic work, our people and our sources. As
I would have no right to silence under this act, I would be committing a crime in the
government's eyes. A conviction for 'terrorism'
would have severe consequences for free movement across international borders. Schedule 7
is not really about catching terrorists, even in its own terms....This erosion of basic human civil rights is a slippery slope. If
the government can get away with spying on us – not just in collusion with, but at
the behest of, the US – then what checks and balances are left for us to fall back
on? Few of our representatives are doing anything to act against this abusive restriction
on our press freedoms. Green MP
Caroline Lucas tabled an early day motion on 29 January but only 18 MPs have signed it
so far. From my refuge in Berlin, this reeks of adopting Germany's past, rather than its
future. I have thought about the extent to which
British history would have been the poorer had the governments of the day had such an
abusive instrument at their disposal. What would have happened to all the public campaigns
carried out in an attempt to 'influence the government'? I can see the suffragettes
fighting for their right to vote being threatened into inaction, Jarrow marchers being
labelled terrorists, and Dickens being locked up in Newgate prison." |
"MEPS called for the suspension of EUs bank data agreement with the
US and the ‘Safe Harbour agreement’ on data privacy. The European Union's
consent for the trade pact with the US 'could be suspended if NSA's mass surveillance on
EU citizens continues, MEPs warned. In a resolution,
concluding a six-month investigation into US mass surveillance schemes, MEPs have also
called for the suspension of EUs bank data agreement with the US and the 'Safe Harbour
agreement' on data privacy. The resolution, supported by 544 votes to 78 with 60
abstentions, also sets out findings and proposals to boost EU citizens' privacy. Civil
Liberties inquiry rapporteur Claude Moraes said that the Snowden revelations gave a chance
to react. 'I hope we will turn those reactions into something positive and lasting into
the next mandate of this Parliament, a data protection bill of rights that we can all be
proud of', Moraes said. 'This is the only international inquiry into mass surveillance.
(...) Even Congress in the United States has not had an inquiry.' Claiming the Safe
Harbour privacy principles do not provide required shield for EU citizens, MEPs urged the
US to suggest new personal data transfer rules that comply with requirements of EU data
protection." |
"The NSA is still working hard to make the world's computer usage less safe. The latest leak published by The Intercept shows the agency plans to infect
'millions' of computers worldwide with malware, making it easier for the NSA to
harvest data and communications from these compromised machines. 'The classified files
– provided previously by NSA whistleblower Edward Snowden – contain new details
about groundbreaking surveillance technology the agency has developed to infect
potentially millions of computers worldwide with malware 'implants.' The clandestine
initiative enables the NSA to break into targeted computers and to siphon out data from
foreign Internet and phone networks.' The methods detailed include the agency masquerading as a Facebook server
and sending out laced spam emails in order to subvert users' computers and give the NSA access to local files as well as control of webcams and
microphones. Not only does the agency actively work to delay
bug fixes in order to exploit systems, but its ongoing malware mission ensures that using
a computer and/or accessing the web will always be more dangerous than it should be. 'Mikko Hypponen, an expert in malware who serves as chief research
officer at the Finnish security firm F-Secure, calls the revelations 'disturbing.' The NSA’s surveillance techniques, he warns, could
inadvertently be undermining the security of the Internet. 'When they deploy malware on systems,' Hypponen says, 'they potentially
create new vulnerabilities in these systems, making them more vulnerable for attacks by
third parties.' The NSA has argued previously that its malware targets are strictly
national security threats. But the evidence provided here undermines this defense of NSA
malware deployment.'.... The Intercept's report notes
that the GCHQ has deployed similar tactics, hacking into computers owned by Belgacom
system engineers. The malware attacks go far beyond end user computers, targeting routers and setting the agency up
for man-in-the-middle attacks (something that has become far more necessary as fewer and
fewer people actually open, much less click links in spam email). The NSA may view this all as fair game -- a means to an end -- but the
ugly truth is that the agency's malware/hacking attempts are not limited to threats, but
rather any person/service it believes can offer access to even more communications and data. At this point, the only
thing slowing the agency down is the audacious size of its undertaking..... The program --
utilizing the previously discussed TURBINE (part of the agency's TAO - Tailored Access Operations), as well as several
other NSA tools like SECONDDATE and WILLOWVIXEN -- is aimed at 'Owning the Internet' according to the leaked
documents." |
"Quoting information published by various news agencies, an office
memorandum of the internal security division of the [Indian] Union Home Ministry last
December alleged that leading telecom firms, including Vodafone and Verizon, were learnt
to have shared subscriber details with Britain’s spy agency, Government Communication
Headquarters (GCHQ). While the Cabinet has cleared
Vodafone’s FDI proposal to increase its stake in its Indian venture to 100 per cent
in February, the Home Ministry’s note has been forwarded by the Finance Ministry to
the Department of Telecom for appropriate action. In a statement to the media, Vodafone
said the Indian government raised no such concern with it and the government of
India’s approval of its FDI application stated that it was cleared by the Foreign
Investment Promotion Board (FIPB) and the Cabinet Committee on Economic Affairs (CCEA)
after all due diligence. The company also denied having disclosed any customer data in any
jurisdiction, unless it was legally required to do so, and said it complied with the law
in all countries of its operations, including the EU Privacy Directive and EU Data
Retention Directive in its European businesses. The issue was raised by the Home Ministry
in respect of security clearance for Vodafone India Limited. Based on news reports, the memorandum said that leading telecom companies
were learnt to be passing on details of their customers’ phone calls, email messages
and other communication and were known as ‘intercept partners’; that Vodafone
and others had given the GCHQ secret, unlimited access to their network of undersea
cables, which carried much of the world’s phone calls and internet traffic; that the GCHQ’s mass tapping operation had been built up over the past five
years by attaching intercept probes to the transatlantic
cables; and that the ‘intercept partners’ were paid for logistics and technical
assistance." |
"NSA leaker Edward
Snowden addressed a packed auditorium at South by Southwest today, speaking
via livestream from Russia. In response to questions from ACLU program director Ben
Wizner, Snowden called on internet service developers
to thwart the NSA by making strong encryption ubiquitous. 'They're setting fire to the
future of the internet,' Snowden told the audience. 'The people who are in this room now,
you're all the firefighters. And we need you to help us fix this.'... After absconding with leaked NSA documents, Snowden is living in Russia
under a temporary asylum agreement, and his future is precarious; US officials have called
for him to return and face charges for the leaks. Nonetheless, he said in today's talk
that he doesn't regret his decisions. 'Would I do it
again? Absolutely yes,' he said. 'I took an oath to defend the Constitution, and I felt
the Constitution was being violated on a massive scale.'" |
"I would like to thank
the European Parliament for the invitation to provide testimony for your inquiry into the
Electronic Mass Surveillance of EU Citizens. The
suspicionless surveillance programs of the NSA, GCHQ, and so many others that we
learned about over the last year endanger a number of basic rights which, in aggregate,
constitute the foundation of liberal societies. The first principle any inquiry must take
into account is that despite extraordinary political pressure to do so, no western
government has been able to present evidence showing that such programs are necessary. In
the United States, the heads of our spying services once claimed that 54 terrorist attacks
had been stopped by mass surveillance, but two independent White House reviews with access
to the classified evidence on which this claim was founded concluded it was untrue, as did
a Federal Court.... I believe that suspicionless surveillance not only fails to make us
safe, but it actually makes us less safe. By squandering precious, limited resources on
'collecting it all,' we end up with more analysts trying to make sense of harmless political dissent
and fewer investigators running down real leads. I believe investing in mass surveillance at the expense of
traditional, proven methods can cost lives, and history has shown my concerns are
justified. Despite the extraordinary intrusions of the NSA and EU national governments into private
communications world-wide, Umar Farouk Abdulmutallab, the 'Underwear Bomber,' was allowed
to board an airplane traveling from Europe
to the United States in 2009. The 290 persons on board were not saved by mass surveillance, but by his own
incompetence, when he failed to detonate the device. While even Mutallab’s own father
warned the US government he was dangerous in November 2009, our resources were tied up
monitoring online games and tapping German ministers. That extraordinary tip-off
didn’t get Mutallab a dedicated US investigator. All we gave him was a US visa. Nor
did the US government’s comprehensive monitoring of Americans at home stop the Boston
Bombers. Despite the Russians specifically warning us about Tamerlan Tsarnaev, the FBI couldn’t do more than a cursory
investigation — although they did plenty of worthless computer-based searching –
and failed to discover the plot. 264 people were injured, and 3 died. The resources that
could have paid for a real investigation had been spent on monitoring the call records of
everyone in America..... The NSA granted me the authority to monitor
communications world-wide using its mass surveillance systems, including within
the United States. I have personally targeted individuals using these systems under both
the President of the United States’ Executive Order 12333 and the US Congress’
FAA 702. I know the good and the bad of these
systems, and what they can and cannot do, and I am telling you that without getting out of
my chair, I could have read the private communications of any member of this committee, as
well as any ordinary citizen. I swear under penalty of perjury that this is true. These are not the capabilities in which free societies invest.
Mass surveillance violates our
rights, risks our safety, and threatens our way of life.... I consider the United States Government to be generally responsible,
and I hope you will agree with me. Accordingly, this begs the question many legislative
bodies implicated in mass surveillance
have sought to avoid: if even the US is willing to knowingly violate the rights of
billions of innocents — and I say billions without exaggeration — for nothing
more substantial than a 'potential' intelligence advantage that has never materialized,
what are other governments going to do? Whether we
like it or not, the international norms of tomorrow are being constructed today, right
now, by the work of bodies like this committee. If liberal states decide that the
convenience of spies is more valuable than the rights of their citizens, the inevitable
result will be states that are both less liberal and less safe.... For the record, I also repeat my willingness to provide testimony to
the United States Congress, should they decide to consider the issue of unconstitutional
mass surveillance." |
"Dictators are taking a new approach in their responses to use of
the internet in popular uprisings, according to Google’s executive chairman Eric
Schmidt. 'What’s happened in the last year is the governments have figured out you
don’t turn off the internet: you infiltrate it,' said Schmidt, speaking at the SXSW
conference in Austin, Texas. 'The new model for a
dictator is to infiltrate and try to manipulate it. You’re seeing this in China, and
in many other countries.' Schmidt was interviewed on-stage alongside Jared Cohen, director
of the company’s Google Ideas think tank. The session, moderated by Wired journalist
and author Steven Levy, took the pair’s The New Digital Age book as its starting
point. Levy wondered whether their enthusiasm for technology’s potential role in
popular uprisings has been dampened in the last year by events in Egypt, the Ukraine and
elsewhere. 'We’re very enthusiastic about the empowerment of mobile phones and
connectivity, especially for people who don’t have it,' said Schmidt. 'In the book,
we actually say that revolutions are going to be easier to start, but harder to finish. He suggested that governments have realised that simply trying to
block internet access for citizens is unlikely to end well – partly because it shows
that they’re 'scared' – which may encourage more people onto the streets, not
less. Hence the infiltration approach." |
"The 'suspicionless' mass surveillance of people by programs in the U.S.
and other parts of the world must be stopped or nations run the risk of having their policy dictated by spies, former
U.S. National Security Agency contractor Edward Snowden told European Union lawmakers. 'I know the good and the bad of
these systems, and what they can and cannot do, and I am telling you that without getting
out of my chair, I could have read the private communications of any member of this
committee, as well as any ordinary citizen,' Snowden said in a 12-page testimony to the European Parliament’s justice committee
today. EU officials, including Justice Commissioner
Viviane Reding, have urged the U.S. to boost its privacy rules or risk harming relations
with the bloc in the wake of reports the NSA eavesdropped on world leaders including
German Chancellor Angela Merkel. EU lawmakers are expected to adopt next week a report on
an inquiry into the effects of mass spying. 'The parliamentarians now have to take into
account' Snowden’s answers next Monday before the report is voted on by the EU
lawmakers’ plenary on Wednesday, Jan Philipp Albrecht, a German Green party
politician in the EU Parliament, said in an e-mailed statement. He called on European
nations to grant protection to Snowden, who is seeking EU asylum. 'The indiscriminate,
bulk collection of private data by governments is a violation of our rights and must end,'
said Snowden in his testimony, which doesn’t disclose new information. 'I have risked my life, my family, and my freedom to tell you the
truth.' " |
"The U.S. National Security Agency (NSA) has turned the European
Union into a tapping 'bazaar' in order to spy on as many EU citizens as possible, NSA
leaker Edward Snowden said. The NSA has been working with national security agencies in EU
member states to get access to as much data of EU citizens as possible, Snowden said in a
testimony sent to Members of the European Parliament (MEPs) published
Friday. The European Parliament had invited Snowden to provide testimony for an
inquiry into the electronic mass surveillance of EU citizens. That surveillance, often
instigated by the NSA but carried out with help of EU member states, is quite extensive,
he wrote.The NSA has been pressuring EU member states to change their laws to enable mass
surveillance, according to Snowden. This is done through NSA’s Foreign Affairs
Division (FAD), he said, adding that lawyers from the NSA and GCHQ work very hard 'to
search for loopholes in laws and constitutional protections that they can use to justify
indiscriminate, dragnet surveillance operations that were at best unwittingly authorized
by lawmakers,' he said." |
"US intelligence agencies have successfully pressured EU governments to
weaken laws protecting their communications systems, allowing American spies to tap into
vast troves of data on EU citizens
with impunity, US whistleblower Edward Snowden has told the European parliament. The
National Security Agency unit responsible for liaising with allied governments, called the
foreign affairs division, launched such 'legal guidance operations' to weaken privacy
legislation and find loopholes in constitutional protections in Sweden, Germany and the
Netherlands, Mr Snowden said. 'Each of these countries
received instruction from the NSA, sometimes under the guise of the US department of
defence and other bodies, on how to degrade the legal protections of their countries’
communications,' Mr Snowden said in written testimony provided to the European parliament
and seen by the Financial Times. Mr Snowden’s
written testimony was sent to Brussels ahead of a parliamentary debate next week in
Strasbourg where MEPs are due to vote on a report recommending suspension of US-EU
agreements allowing for financial and data transfers. Mr Snowden was asked to testify
before the European parliament last year, but has declined to appear in person or by
teleconference, according to parliamentary officials. Instead, Mr Snowden submitted 12 pages of testimony, which includes an
introductory statement and answers to six MEPs working on data privacy issues. The
revelations made by Mr Snowden, which included disclosures that the NSA had tapped the mobile
phone of German chancellor Angela Merkel, have unleashed a transatlantic diplomatic
crisis that has shown few signs of abating. They are
expected to complicate President Barack Obama’s first visit to the EU’s capital
this month. The former contractor for the NSA and Central Intelligence
Agency, who has been granted asylum in Russia, said the NSA created a 'European
bazaar' where government spy services from the bloc 'are independently hawking domestic
access to the NSA' without realising the true scale of the spy agency’s Europe-wide
surveillance capacities. Although the NSA has agreed
with individual countries not to spy on their citizens, Mr Snowden testified the agency is
able to tap these same citizens using similar agreements in neighbouring countries that
share telecom cables, citing Denmark and Germany as examples. This has allowed the NSA to
build a comprehensive patchwork of surveillance in Europe, Mr Snowden wrote." |
"In an ironic turn, the congressional authorities who have
staunchly defended the National Security Agency's widespread spying operations are now
crying foul after having been spied on by another branch of U.S. intelligence. News
reporting on Tuesday revealed that the Inspector General's office, the agency tasked with
CIA oversight, has asked the Department of Justice to investigate claims that the spy
agency monitored computers used by Senate aides preparing what is believed to be a 'searing
indictment' on the CIA's secret detention and interrogation program. In what McClatchy news characterized as
an 'unprecedented breakdown in relations between the CIA and its congressional overseers,'
members of the Senate Intelligence Committee are saying the alleged CIA spying violates
provisions of the Federal Computer Fraud and Abuse Act. McClatchy continues:
'The committee determined earlier this year that the CIA monitored computers – in
possible violation of an agreement against doing so – that the agency had provided to
intelligence committee staff in a secure room at CIA headquarters that the agency insisted
they use to review millions of pages of top-secret reports, cables and other documents,
according to people with knowledge.'" |
"A controversial court that claims to be completely independent of
the British government is secretly operating from a base within the Home Office, the
Guardian has learned. The Investigatory
Powers Tribunal, which investigates complaints about the country's intelligence
agencies, is also funded by the Home Office, and its staff includes at least one person
believed to be a Home Office official previously engaged in intelligence-related work. The
discovery that the IPT is lodged within a Whitehall department comes at a time when the Nick Clegg, the deputy prime minister, is
commissioning a review into the intrusive capabilities of UK intelligence
agencies and the legal framework in which they operate. In a speech to the the intelligence and military thinktank the Royal United Services
Institute this week, he argued that greater transparency was needed at the IPT. Labour's leader, Ed Miliband, has also argued that the system for oversight of the UK's intelligence agencies
is in need of reform, and the shadow home secretary, Yvette Cooper, said a debate about oversight was long overdue. The disclosure that the IPT
operates inside the Home Office is likely to fuel criticisms of the court that have been
levelled by rights groups, lawyers and complainants. The tribunal was created in October
2000 by the Regulation
of Investigatory Powers Act and given the power to investigate any complaints against GCHQ,
MI5
or MI6,
as well as complaints about surveillance operations mounted by the police or any other
public bodies. Since then it has investigated about 1,500 complaints, and upheld 10 –
although five
of these concerned members of one family who had all lodged complaints about
surveillance by their local council.... Nick Pickles, director of Big Brother Watch, describes the IPT as
'addicted to secrecy' and says it has long passed the point of being a credible avenue of
redress. 'Justice is not being done, let alone being seen to be done,' he said. 'The IPT
is symbolic of the entire system of oversight that has failed to properly inform
parliament or the public about how surveillance has been massively expanded because the
law has failed to keep pace with technology.' Kat
Craig, of the legal charity Reprieve, said: 'It has long been clear that proceedings in
this quasi-court are tilted in favour of the government to an absurd extent – not
only are the vast majority of hearings held in secret, but often the person bringing the
complaint will not even be told that they are taking place. 'Now we learn that the IPT is
based in the Home Office – the very same building as Theresa May, who has
responsibility for MI5. This will only strengthen concerns that the IPT is too close to
the very agencies which it is meant to be overseeing." |
"Consumers are unwittingly putting themselves at risk of being
spied on by their mobile devices and internet-connected TVs, the outgoing head of the
communications regulator has warned. Dame Collette Bowe, the chairwoman of Ofcom,
said that the threat to individual privacy caused by new technology was the most pressing
issue faced by policymakers in the communications sector and that tougher legal
protections were required. 'They’re
carrying a computer in their pocket which knows an awful lot about them,' Dame Collette
told the House of
Lords Communications Committee. 'Their smart TV may have a camera and microphone
embedded in them. ....'" |
"A leading US senator has said that President Obama knew of an
'unprecedented action' taken by the CIA against the Senate intelligence committee, which
has apparently prompted an inspector general’s inquiry at Langley. The subtle
reference in a Tuesday letter from Senator Mark Udall to Obama, seeking to enlist the
president’s help in declassifying a 6,300-page inquiry by the committee into torture
carried out by CIA interrogators after 9/11, threatens to plunge the White House into a
battle between the agency and its Senate overseers. McClatchy
and the New
York Times reported Wednesday that the CIA had secretly monitored computers used by
committee staffers preparing the inquiry report, which is said to be scathing not only
about the brutality and ineffectiveness of the agency’s interrogation techniques but
deception by the CIA to Congress and policymakers about it. The CIA sharply disputes the
committee’s findings." |
"The CIA Inspector General’s Office has asked the Justice
Department to investigate allegations of malfeasance at the spy agency in connection with
a yet-to-be released Senate Intelligence Committee report into the CIA’s secret
detention and interrogation program, McClatchy has learned. The criminal referral may be
related to what several knowledgeable people said was CIA monitoring of computers used by
Senate aides to prepare the study. The monitoring may have violated an agreement between
the committee and the agency. The development marks an unprecedented breakdown in
relations between the CIA and its congressional overseers amid an extraordinary
closed-door battle over the 6,300-page report on the agency’s use of waterboarding
and harsh interrogation techniques on suspected terrorists held in secret overseas
prisons. The report is said to be a searing
indictment of the program. The CIA has disputed some of the reports findings. White House
officials have closely tracked the bitter struggle, a McClatchy investigation has found.
But they haven’t directly intervened, perhaps because they are embroiled in their own
feud with the committee, resisting surrendering top-secret documents that the CIA asserted
were covered by executive privilege and sent to the White House. McClatchy’s findings
are based on information found in official documents and provided by people with knowledge
of the dispute being fought in the seventh-floor executive offices of the CIA’s
headquarters in Langley, Va., and the committee’s high-security work spaces on
Capitol Hill. The people who spoke to McClatchy asked not to be identified because the
feud involves highly classified matters and carries enormous consequences for
congressional oversight over the executive branch. The CIA and the committee declined to
comment. Caitlin Hayden, a spokeswoman for the National Security Council, declined to
discuss the matter and referred questions to the CIA and the Justice Department. In
question now is whether any part of the committee’s report, which took some four
years to compose and cost $40 million, will ever see the light of day. The report details
how the CIA misled the Bush administration and Congress about the use of interrogation
techniques that many experts consider torture, according to public statements by committee
members. It also shows, members have said, how the techniques didn’t provide the
intelligence that led the CIA to the hideout in Pakistan where Osama bin Laden was killed
in a 2011 raid by Navy SEALs. The committee determined earlier this year that the CIA
monitored computers – in possible violation of an agreement against doing so –
that the agency had provided to intelligence committee staff in a secure room at CIA
headquarters that the agency insisted they use to review millions of pages of top-secret
reports, cables and other documents, according to people with knowledge. Sen. Ron Wyden,
D-Oregon, a panel member, apparently was referring to the monitoring when he asked CIA
Director John Brennan at a Jan. 29 hearing if provisions of the Federal Computer Fraud and
Abuse Act 'apply to the CIA? Seems to me that’s a yes or no answer.' Brennan replied
that he’d have to get back to Wyden after looking into 'what the act actually calls
for and it’s applicability to CIA’s authorities.' The law makes it a criminal
act for someone to intentionally access a computer without authorization or to go beyond
what they’re allowed to access." |
"Three US senators are planning to investigate any role the National
Security Agency played in its British partner’s mass collection of Yahoo webcam
images. Reacting to the Guardian’s revelation
on Thursday that UK surveillance agency GCHQ swept up millions of Yahoo users’ webcam
chats, senators Ron Wyden, Mark Udall and Martin Heinrich said in a joint statement that
'any involvement of US agencies in the alleged activities reported today will need to be
closely scrutinized'. The senators described the interception as a 'breathtaking lack of
respect for privacy and civil liberties'. On Friday, the Internet Association – a
trade body representing internet giants including Google, Amazon, eBay, Netflix, AOL and
Twitter – joined the chorus of condemnation, issuing a statement expressing alarm at
the latest GCHQ revelations, and calling for reform. According to documents provided to
the Guardian by NSA whistleblower Edward Snowden, the GCHQ program codenamed Optic Nerve fed screengrabs of webcam chats
and associated metadata into NSA tools such as Xkeyscore. NSA research, the documents indicate, also contributed to the creation
of Optic Nerve, which attempted
to use facial recognition technology to identify intelligence targets, particularly those using multiple
anonymous internet IDs. Neither NSA nor GCHQ
addressed the Guardian’s questions about US access to the images themselves. Outgoing
NSA director Keith Alexander walked
away from a reporter on Thursday who asked the army four-star general about the
NSA’s role in Optic Nerve." |
"Politicians and human rights groups have reacted angrily to revelations
that Britain's spy agency intercepted and stored webcam images of millions of people not suspected of any
wrongdoing with the aid of its US counterpart. GCHQ
files dating between 2008 and 2010 reveal that a surveillance program codenamed Optic Nerve collected images of Yahoo
webcam chats in bulk and saved them to agency databases, regardless of whether individual
users were an intelligence target or not. In one six-month period in 2008 alone, the
agency collected webcam images, including substantial quantities of sexually explicit
material, from more than 1.8 million Yahoo user accounts globally. The Tory MP David Davis
said: 'We now know that millions of Yahoo account holders were filmed without their
knowledge through their webcams, the images of which were subsequently stored by GCHQ and
the NSA.
This is, frankly, creepy.' Davis, said it was
perfectly proper for the intelligence agencies to use any and all means to target those
suspected of terrorism, kidnapping and other serious crimes, but that the indiscriminate
nature of the programme was alarming. 'It is entirely improper to extend such intrusive
surveillance on a blanket scale to ordinary citizens,' he said. The Liberal Democrat MP
Julian Huppert said he was 'absolutely shocked' at the revelation. 'This seems like a very
clear invasion of privacy, and I simply can not see what the
justification is,' he said. The Optic Nerve documents were provided by the NSA whistleblower Edward Snowden. They
show that the programme began as a prototype in 2008 and was still active in 2012. They
chronicle GCHQ's sustained efforts to keep the large store of sexually explicit material Optic Nerve collected away
from the eyes of its staff, though there is little discussion about the privacy
implications of storing it in the first place. The
system, eerily reminiscent of the telescreens evoked in George
Orwell's 1984, was used for experiments in automated facial
recognition to monitor GCHQ's existing targets, and to identity new ones. Nick Pickles, the director of the civil liberties campaign group Big
Brother Watch, said intercepting and taking photographs from millions of people's webcam
chats was 'as creepy as it gets'. 'We have CCTV on
our streets and now we have GCHQ in our homes. It is
right that the security services can target people and tap their communications, but they
should not be doing it to millions of people. This is an indiscriminate and intimate
intrusion on people's privacy.'" |
"Britain's signals intelligence division is stealing screenshots from
hundreds of thousands of innocent Yahoo users' webcam videos, according to the Guardian
newspaper, which also reported that the years-long operation has swept up a huge haul of
intimate photographs. The newspaper said GCHQ has been scooping up the sensitive images by
intercepting video chats such as the kind offered by Yahoo Messenger, an effort codenamed OPTIC NERVE. It's not clear how many Yahoo
users were spied on in this way. The Guardian said that in one six-month period in 2008,
GCHQ intercepted the video communications of 1.8 million users, but it's possible that the
program, which the Guardian says was still active in 2012, has either grown or shrunk in
scope since then. The Guardian said the documents were provided by former U.S.
intelligence worker Edward Snowden, who remains in Russia after having sought temporary
asylum there. If confirmed, the newspaper's report
would represent 'a whole new level of violation of our users' privacy,' Yahoo Inc. said in
a written statement. The Sunnyvale, California-based company said it was unaware of such
snooping and would never condone it, calling on governments across the world to reform
their surveillance practices. Like the NSA's
collection of millions of innocent people's phone, email, and credit card data, the webcam
surveillance program was carried out in bulk, creating a massive database where the
communications of hundreds of thousands of people could later be scanned by analysts for
clues or patterns. However, unlike the phone database, OPTIC
NERVE also automatically downloaded the content of video
communications — taking a screenshot from the video feed every five minutes, the
Guardian said. One snippet of a leaked document published to the Guardian's website
appears to show that GCHQ hoped to eventually 'collect images at a faster rate,' or
perhaps even download all the webcam videos in their entirety. Even at one screenshot
every five minutes, material published to the Guardian's website appeared to show U.K.
analysts being deluged with X-rated footage. 'It would appear that a surprising number of
people use webcam conversations to show intimate parts of their body to the other person,'
another snippet of an intelligence document published said. It went on to say that an
informal study had found that between 3 and 11 percent of all the images carried
'undesirable nudity.' The Guardian said that OPTIC NERVE was intended at
least in part to identify targets using automatic facial recognition software as they
stared into their computer's webcams. But the stockpiling of sexually explicit images of
ordinary people had uncomfortable echoes of George
Orwell's 'Nineteen Eighty-Four,' where the
authorities — operating under the aegis of 'Big Brother' — fit homes with
cameras to monitor the intimate details of people's personal lives. 'At least Big Brother
had the decency to install his own cameras,' British media lawyer David Banksy said in a
message posted to Twitter after the revelations broke. 'We've had to buy them ourselves.' The collection of nude photographs also raises questions about
potential for blackmail. America's National Security
Agency has already acknowledged that some analysts have been caught trawling databases for
inappropriate material on partners or love interests. Other
leaked documents have revealed how U.S. and British intelligence discussed leaking
embarrassing material online to blacken the reputations of their targets. GCHQ refused to answer a series of questions about OTPIC NERVE, instead
returning the same boilerplate answer it has given to reporters for months." |
"GCHQ, Britain’s electronic spying agency, intercepted and stored
images of 1.8m Yahoo users taken from their personal webcams even though most of them were
not suspected of wrongdoing, documents leaked by the whistleblower Edward Snowden show. A
secret programme called 'Optic Nerve', run in conjunction with the US National Security Agency, recorded
millions of webcam images from ordinary internet users – as many as one in 10 of them
sexually explicit – 'in bulk', the UK’s Guardian
newspaper reported on Thursday. 'Optic Nerve' tapped into Yahoo users’ accounts and took still images from their
computer webcams every five minutes. Yahoo reacted
angrily to the revelations, denying all knowledge. A spokesperson for the company said the
covert surveillance programme represented 'a whole new level of violation of our
users’ privacy'. Security analysts say GCHQ may have collected the webcam images to
help link potential terror suspects or criminals with different accounts and
communications platforms they used on other computers. The 'Optic Nerve' disclosure is the
latest from the huge cache of secret documents that Mr Snowden – a former private
security contractor – stole from the NSA last year. Mr Snowden is now a fugitive in
Russia. 'It is a longstanding policy that we do not comment on intelligence matters,' a
spokesperson for GCHQ said.... Separately on Thursday, parliament’s home affairs
select committee issued a summons compelling the man in charge of judicial oversight of
the UK’s intelligence agencies to appear before it and give evidence. Sir Mark Waller, the intelligence services
commissioner, has been ordered to appear on 18 March. Sir Mark had earlier refused an
invitation to attend the committee and give evidence on his oversight of the intelligence
agencies. GCHQ’s head, Sir Iain Lobban, has previously defended the agency’s
data-collection methods as being akin to looking for needles in 'an enormous hay field'.
The agency only aims to 'collect hay' from 'those parts of the field which might be
lucrative in terms of containing needles or fragments of needles' in a 'tiny proportion'
of the whole field, Sir Iain told parliament’s Intelligence and Security Committee
last year. Yahoo has been a vocal member of the
coalition lobbying world governments to limit their authority over user information and
increase transparency over what the security agencies do access." |
"Giving evidence to MPs
before Christmas, Sir Iain Lobban, the director of GCHQ, used the analogy favoured by the security
agencies to explain what they do. He likened the gathering of intelligence to building a
haystack and said he was 'very well aware that within that haystack there is going to be
plenty of innocent communications from innocent people'. The
latest revelations from the Edward Snowden files show this haystack also includes webcam
images of millions of internet users, some of whom are involved
in deeply adult forms of in flagrante 'communication'. Surveillance of this kind puts a
new spin on William Hague's defence of GCHQ's snooping programmes: 'If you have
nothing to hide, you have nothing to fear.'.... Nick
Pickles, the director of Big Brother Watch, takes a different view. 'Secretly intercepting and taking photographs from millions of
people's webcam chats is as creepy as it gets. Orwell's 1984 was supposed to be a warning,
not an instruction manual.' GCHQ insists the
activity is legal. And doubtless it is, if you believe that the Regulation of
Investigatory Powers Act, which was passed in 2000, was drafted with this kind of
surveillance in mind. But even the parliamentary intelligence and security committee – not a body known for
challenging the agencies with any robustness – is now questioning whether ministers
and the agencies can really use Ripa for cover. The collection of webcam material was
probably secured by getting an
'external warrant' under paragraph four of section 8 of Ripa. In most Ripa cases, a
minister has to be told the name of an individual or firm being targeted before a warrant
is granted. But section 8 permits GCHQ to perform
more sweeping and indiscriminate trawls of external data if a minister issues a
'certificate' along with the warrant. It allows ministers to sanction the collection,
storage and analysis of vast amounts of material, using technologies that barely existed
when Ripa was introduced." |
"The U.S. government has asked a secret surveillance court to allow
it to hold telephone metadata for a period beyond the current five-year limit, for use as
potential evidence in civil lawsuits regarding the collection of the data. In June last
year, former National Security Agency contractor, Edward Snowden, revealed that the agency
was
collecting bulk phone records of Verizon customers in the U.S. The government
subsequently confirmed that it had a program for the bulk collection of phone metadata,
which triggered a number of privacy law suits in various courts challenging the legality
of the NSA program under section 215 of the Patriot Act. When litigation is pending against a party, or is reasonably
anticipated, the party has a duty to preserve relevant information that may be evidence in
the case, the Department of Justice stated in a filing
Tuesday before the Foreign Intelligence Surveillance Court that was made public
Wednesday." |
"Citing the need to preserve evidence related to pending lawsuits,
the Obama administration is asking for permission to keep data on billions of U.S. phone
calls indefinitely instead of destroying it after five years. In a motion filed Tuesday
with the Foreign Intelligence Surveillance Court, the Justice Department says the series
of lawsuits over the program — including one filed by Sen. Rand Paul (R-Ky.) —
create a duty for the government to hang on to the so-called metadata currently in the
National Security Agency’s computer systems.
'Based upon the issues raised by Plaintiffs in the … lawsuits and the
Government’s potential defenses to those claims, the United States must ensure that
all potentially relevant evidence is retained which includes the [business record]
metadata obtained in bulk from certain telecommunications service providers pursuant to
this Court’s production orders,' Justice Department lawyers write in a motion (posted
here)." |
"Julian Assange's prolonged stay in the Ecuadorian Embassy has cost
the Metropolitan Police £5.3million, in the 18 months since he entered the building in
Knightsbridge. Police are stationed day and night
outside the embassy, where the WikiLeaks founder was granted asylum, ready to arrest
Assange, who was set to be extradited to face questioning in Sweden on sexual assault
allegations. Assange claimed that Sweden would extradite him to the US over leaking secret
documents. In Sweden, he faces potential rape charges from one woman and sexual assault
charges from another, stemming from a visit to Stockholm in 2010." |
"One of the many pressing stories that remains to be told from the Snowden
archive is how western intelligence agencies are attempting to manipulate and control
online discourse with extreme tactics of deception and reputation-destruction. It’s
time to tell a chunk of that story, complete with the relevant documents. Over the last
several weeks, I worked with NBC News to publish a series
of articles
about 'dirty
trick' tactics used by GCHQ’s
previously secret unit, JTRIG
(Joint Threat Research Intelligence Group). These were based on four classified GCHQ documents presented
to the NSA and the other three partners in the English-speaking 'Five
Eyes' alliance. Today, we at the Intercept are publishing another
new JTRIG document, in full, entitled 'The Art of
Deception: Training for Online Covert Operations.'
By publishing these stories one by one, our NBC reporting highlighted some of the key,
discrete revelations: the monitoring of YouTube and
Blogger, the targeting of Anonymous with the very same DDoS attacks they accuse
'hacktivists' of using, the use of 'honey traps' (luring people into compromising
situations using sex) and destructive viruses. But, here, I want to focus and elaborate on
the overarching point revealed by all of these documents: namely, that these agencies are
attempting to control, infiltrate, manipulate, and warp online discourse, and in doing so,
are compromising the integrity of the internet itself. Among the core self-identified
purposes of JTRIG are two tactics: (1) to inject all sorts of false material onto the
internet in order to destroy the reputation of its targets; and (2) to use social sciences
and other techniques to manipulate online discourse and activism to generate outcomes it
considers desirable. To see how extremist these programs are, just consider the tactics
they boast of using to achieve those ends: 'false flag operations' (posting material to
the internet and falsely attributing it to someone else), fake victim blog posts
(pretending to be a victim of the individual whose reputation they want to destroy), and
posting 'negative information' on various forums. Here is one illustrative list of
tactics from the latest GCHQ document we’re publishing today.... Other tactics aimed at
individuals are listed here, under the revealing title 'discredit
a target'.... Then
there are the tactics used to destroy companies the agency targets... GCHQ describes the purpose of JTRIG in starkly clear terms: 'using online
techniques to make something happen in the real or cyber world,' including 'information
ops (influence or disruption).'... Critically, the 'targets' for this deceit and
reputation-destruction extend far beyond the customary roster of normal spycraft: hostile
nations and their leaders, military agencies, and intelligence services. In fact, the
discussion of many of these techniques occurs in the context of using them in lieu of
'traditional law enforcement' against people suspected (but not charged or convicted) of
ordinary crimes or, more broadly still, 'hacktivism', meaning those who use online protest activity for political ends. The title page of one of these documents reflects the agency’s own
awareness that it is 'pushing the boundaries' by using
'cyber offensive' techniques against people who have nothing to do with terrorism or
national security threats, and indeed, centrally
involves law enforcement agents who investigate ordinary crimes... No matter your views on Anonymous, 'hacktivists' or garden-variety
criminals, it is not difficult to see how dangerous it is to have secret government
agencies being able to target any individuals they want – who have never been charged
with, let alone convicted of, any crimes – with these sorts of online,
deception-based tactics of reputation destruction and disruption. .... The broader point is that, far
beyond hacktivists, these surveillance agencies have vested themselves with the power to
deliberately ruin people’s reputations and disrupt their online political activity
even though they’ve been charged with no crimes, and even though their actions have
no conceivable connection to terrorism or even national security threats. As Anonymous
expert Gabriella Coleman of McGill University told me, 'targeting Anonymous and
hacktivists amounts to targeting citizens for expressing their political beliefs,
resulting in the stifling of legitimate dissent.'
..... Government plans to monitor and influence internet communications, and covertly
infiltrate online communities in order to sow dissension and disseminate false
information, have long been the source of speculation. Harvard Law Professor Cass
Sunstein, a close Obama adviser and the White House’s former head of the Office of
Information and Regulatory Affairs, wrote
a controversial paper in 2008 proposing that the US government employ teams of
covert agents and pseudo-'independent' advocates to 'cognitively infiltrate' online
groups and websites, as well as other activist groups..... Sunstein also proposed sending
covert agents into 'chat rooms, online social networks, or even real-space groups' which
spread what he views as false and damaging 'conspiracy theories' about the government.
Ironically, the very same Sunstein was recently named by Obama to serve as a member of the
NSA review panel created by the White House, one that – while disputing key NSA
claims – proceeded to propose many
cosmetic reforms to the agency’s powers (most of which were ignored by the
President who appointed them). But these GCHQ
documents are the first to prove that a major western government is using some of the most
controversial techniques to disseminate deception online and harm the reputations of
targets. Under the tactics they use, the state is deliberately spreading lies on the
internet about whichever individuals it targets, including the use of what GCHQ itself
calls 'false flag operations' and emails to people’s families and friends. Who would
possibly trust a government to exercise these powers at all, let alone do so in secret,
with virtually no oversight, and outside of any cognizable legal framework? Then there is the use of psychology and other social sciences to not only
understand, but shape and control, how online activism and discourse unfolds. Today’s newly published document touts the work of GCHQ’s 'Human Science Operations Cell,' devoted to
'online human intelligence' and 'strategic influence and disruption'... Under the title 'Online Covert Action', the document details
a variety of means to engage in 'influence and info ops' as well as 'disruption and
computer net attack,' while dissecting how human beings can be manipulated using
'leaders,' 'trust,' 'obedience' and 'compliance'....
The documents lay out theories of how humans interact with one another, particularly
online, and then attempt to identify ways to influence the outcomes – or 'game'
it..." |
"Investigative reporter Julia Angwin was curious what Google knew
about her, so she asked the company for her search data. 'It turns out I had been doing
about 26,000 Google searches a month ... and I was amazed at how revealing they were,' she
tells Fresh Air's Dave Davies. From NSA sweeps to commercial services scraping our Web
browsing habits, to all kinds of people tracking us through our smartphones, Angwin says
we've become a society where indiscriminate data-gathering has become the norm. Angwin has covered online privacy issues for years, and in her new book
she describes what she did to try to escape the clutches of data scrapers, even to the
point of creating a fake identity...You can ask Google what do they have on you and they
do actually provide a pretty comprehensive answer. I
was able to see all of the Google searches I have conducted since 2006, which was a lot of
Google searches. It turns out that I had been doing about 26,000 Google searches a month.
So I could see them by day, I could sort them by type of search — shopping, maps
— and I was amazed at how revealing they were.
I could reconstruct all the crazy leaps that my mind makes on any given day where one
minute I'm working on an article and the next minute I'm suddenly shopping for shoes for
my daughter and a minute later I jump onto another topic. It was a little disturbing to
see what my mind does.... Data brokers began by compiling very simple information from the
Yellow Pages, the White Pages and government directories. The property records in your
state are publicly on file somewhere; the data brokers will go buy it and put it in their
dossier. At the same time, your address is usually on file [in] many places with magazines
or newspapers you subscribe to. ... Also the post office sells access to its
change-of-address list. What's happening now in the digital era is that they're adding to
their files with all sorts of digital information, so they can find out about you, what
you're doing online, what you're buying online. ... So now these records that they have
are getting much more precise. They're no longer just being used to send you junk mail
that you can throw away. Now they're being used online as well to help places figure out
who you are as soon as you arrive at their website. They can make an instant assessment by
matching your online stuff to some of the online data.... I found out there are a lot of
data brokers out there. It took me almost a month to compile a list, because there's no
real list of who they all are, and I was able to identify about 200 or so of them. Of those, very few were willing to let me see my data. It was
about a dozen that would let me see my data: some of the bigger brokers, LexisNexis,
Axium, and some very small outfits. ... What was shocking about it was that it ranged from
incredibly precise — every single address I'd ever lived at including the number on
my dorm room in college, which I couldn't even remember ... to very imprecise, inaccurate things ... that were not at all true
— that I was a single mother ... with no college education living in a place I didn't
live." |
"The National Security Agency (NSA) has stepped up its surveillance
of senior German government officials since being ordered by Barack
Obama to halt its spying on Chancellor Angela Merkel, Bild am Sonntag paper reported
on Sunday. Revelations last year about mass U.S. surveillance in Germany,
in particular of Merkel’s mobile phone, shocked Germans and sparked the most serious
dispute between the transatlantic allies in a decade. Bild am Sonntag said its information
stemmed from a high-ranking NSA employee in Germany
and that those being spied on included Interior Minister Thomas de Maiziere, a close
confidant of Merkel. 'We have had the order not to
miss out on any information now that we are no longer able to monitor the
chancellor’s communication directly,' it quoted the NSA employee as saying. A
spokesman for the German Interior Ministry said it would not comment on the 'allegations
of unnamed individuals'. To calm the uproar over U.S. surveillance abroad, President
Obama in January banned U.S. eavesdropping on the leaders of close friends and allies
of Washington. Germans are especially sensitive about snooping due to their experiences in
the Nazi era and in Communist East Germany, when the Stasi secret police built up a
massive surveillance network. Berlin has been pushing, so far in vain, for a 'no-spy' deal
with Washington. German Foreign Minister Frank-Walter Steinmeier is due to visit the
United States on Thursday but he has said he doubts such a deal would have much effect.
Bild am Sonntag quoted a security adviser to Obama, Caitlin Hayden, as saying: 'The United
States has made clear it gathers intelligence in exactly the same way as any other
states.' The mass-circulation paper said the NSA was
monitoring 320 people in Germany – mostly politicians but also business
leaders. Hayden said Washington did not spy on
corporations in order to help U.S. firms gain competitive advantage." |
"Britain’s intelligence and law enforcement agencies are
facing an inquiry from Whitehall’s snooping watchdog into whether they are collecting
too many private telephone and internet records, The Telegraph can disclose. The
investigation by Sir Anthony May, the Interception of Communications Commissioner, will
start this year and comes after he told MPs he was worried that the security services were
making too many requests for access to people’s private data. In evidence to the Home
Affairs select committee, Sir Anthony suggested that the number of requests last year
– around 500,000 – was 'too large'. Whitehall
sources said that his staff were now starting work on a review to determine whether
Britain’s intelligence agencies and police were making a 'proportionate' number of
applications for access to phone and internet records. He has a team of eight full-time
inspectors with powers to interrogate systems in MI5 and MI6, and interview intelligence
officers, as well as the police, as part of a regular inspection programme. The findings
of the review will be published in Sir Anthony’s annual report to the Prime Minister
on Whitehall’s use of intercept powers next year. The probe comes as the Government
reacts to growing concern about the gathering of large amounts of data by GCHQ, the
Government’s listening post in Cheltenham, and America’s National Security
Agency. In 2012, there were 570,000 requests to acquire communication data. The vast
majority of these came from law enforcement and intelligence agencies. Just 5,000 were
from groups like local authorities, the Environment Agency and the Financial Conduct
Authority which are allowed to snoop on people using powers under the Regulation of
Investigatory Powers Act (Ripa). Under the Act, they can ask for confidential
communications data, including telephone numbers dialled and email addresses to which
messages have been sent, but not their contents. Sir Anthony’s role is to review how
public authorities – including councils, police and the intelligence agencies –
request this confidential information. In evidence to the Home Affairs select committee
last week, Sir Anthony disclosed that the number of requests in 2013 had fallen slightly
to around 500,000. No breakdown of how many requests came from MI5 or MI6 or the police is
currently available, although Sir Anthony is understood to be considering publishing those
details next year. The requests are limited to basic details such who is the registered
owner of a landline or mobile number, who they have been phoning and where they were when
the calls were made....Whitehall sources said the
number of actual pieces of information gathered by the agencies could be a lot higher
because each request could cover several numbers. David
Davis, the former shadow home secretary who quit the Tory frontbench to fight campaigns on
civil liberties issues, welcomed news of the review. He said: 'It is a very good sign that
the Commissioner is taking a more clinical view of the sheer size of the surveillance than
his predecessor.'" |
"Director of
Intelligence James Clapper now says the
National Security Agency (NSA) should
have been more open about the fact that they were spying on all Americans. I'm glad he
said this. But there is no excuse for
lying in the first place. When Senator Ron Wyden (a Democrat from Oregon)
asked Director Clapper during an intelligence hearing in March of last year if the NSA was
collecting the data of millions of Americans, the director
lied under oath and denied the charge. When new revelations disproved this last June,
Clapper then said the NSA had to keep the metadata collection program a
secret for national security purposes.... The United States needs intelligence
gathering, the ability to obtain and keep secrets, spying on foreign powers and genuine
threats and all the other tools nations use to protect their security. No one is disputing
this. But Clapper is being somewhat disingenuous here. Part
of the reason our government does some things behind Americans' backs is not for security,
but because certain activities, if known, would outrage the public. Spying on every
American certainly falls into this category. I also
believe it is blatantly unconstitutional, and bringing these activities to light would immediately spark debates
the NSA would rather not hear. The notion that if the NSA had informed us they were
monitoring every American would somehow make it OK, does not make it OK. Explaining why
you are violating the Fourth Amendment does not invalidate the Fourth Amendment. Americans
are as upset at the act itself, not the mere knowledge of it. A cheating spouse can be
upfront about his affairs from the beginning, but nobody thinks such behavior is right.
The purpose of being forthright about wrongdoing is usually repentance. I do not get the
sense from Clapper that he thinks his agency did anything wrong. Americans have a right to
know when their rights are being violated, but that's where my agreement with Director
Clapper, or at least agreement with his latest statement, ends. The Fourth Amendment states that warrants issued must be specific
to a person, place or task and this provision of the Bill of Rights exists explicitly to
guard against the notion of a general warrant, where government can plunder through
anyone's privacy at will. The NSA's metadata collection program is a general warrant for
the modern age, reflecting the same kind of tyranny our nation's founders fought a
revolution to make sure would never happen again." |
"The Intercept recently published
an article and supporting documents indicating that the NSA and its British counterpart
GCHQ surveilled and even sought to have other countries prosecute the investigative
journalism website WikiLeaks. GCHQ also surveilled the
millions of people who merely read the WikiLeaks website. The article clarifies the lengths that these two spy organizations go to
track their targets and confirms, once again, that they do not confine themselves to
spying on those accused of terrorism. One document contains a summary of an internal
discussion in which officials from two NSA offices discuss whether to categorize WikiLeaks
as a 'malicious foreign actor' for surveillance targeting purposes. This would be an
important categorization because agents have significantly more authority to engage in
surveillance of malicious foreign actors.... Surveillance
and legal tactics by the NSA and GCHQ add to the growing list of examples of the
government responding to investigative journalism that exposes corruption by attacking the
media rather than the corruption. As Freedom of the
Press Foundation executive director Trevor Timm wrote,
'Anyone who supports the principles behind the First Amendment should be worried.'" |
"The Department of Homeland Security wants a private company to
provide a national license-plate tracking system that would give the agency access to vast
amounts of information from commercial and law enforcement tag readers, according to a
government proposal that does not specify what privacy safeguards would be put in place.
The national license-plate recognition database, which would draw data from readers that scan the tags of every vehicle crossing their paths, would help catch fugitive illegal immigrants, according to a DHS solicitation. But the database could easily
contain more than 1 billion records and could be shared with other law enforcement
agencies, raising concerns that the movements of ordinary citizens who are under no
criminal suspicion could be scrutinized....civil liberties groups are not assuaged. 'Ultimately, you’re creating a national database of location
information,' said Jennifer Lynch, a staff attorney with the Electronic Frontier
Foundation. 'When all that data is compiled and aggregated, you can track somebody as
they’re going through their life.'" |
"Julian Assange has called on the White House to appoint a special
prosecutor to investigate NSA spying on WikiLeaks. Secret documents have revealed how the
NSA spied on WikiLeaks and its followers, seeking to classify it as 'a malicious foreign
actor.' In its latest release of US government
documents, WikiLeaks has accused the National Security Agency of tracking its members and
followers. WikiLeaks founder Julian Assange has called the NSA’s espionage program
'reckless and illegal' and has demanded Washington open an investigation into the
claims.... The NSA went to great lengths in an attempt to justify its surveillance.
According to 2011 documents leaked by Edward Snowden to The Intercept, the agency was considering classifying WikiLeaks as a
'malicious foreign actor' which would have given the NSA more extensive surveillance
powers. Moreover, Julian Assange was put on a so-called 'manhunting' target list along
with suspected Al-Qaeda terrorists. The government entry into the 'Manhunting Timeline' in
2010 describes the program as part of 'an international effort to focus the legal element
of national power upon non-state actor Assange, and the human network that supports
WikiLeaks.'...The NSA was not alone in its sweeping
espionage on the whistleblowing organization. It also enlisted its allies in the Five Eyes
spying network (UK, New Zealand, Australia and Canada) as well as other nations. In documents dating back from August 2010, the US urged 10 other
countries with forces in Afghanistan to consider pressing criminal charges against Julian
Assange - 'founder of the rogue WikiLeaks internet website and responsible for the
unauthorized publication of over 70,000 classified documents covering the war in
Afghanistan.' The documents show the UK’s spy agency, the GCHQ played a significant
role in monitoring the visitors to the WikiLeaks site. A
leaked PowerPoint presentation details a program - created by Britain’s GCHQ and
distributed amongst the Five Eyes in 2012 - that was especially designed to keep an eye on
the site’s visitors. As part of the
program - dubbed 'Anti-crisis girl' in the documents – the GCHQ hauled in massive
amounts of data from phone networks, internet cables and satellites. The new revelations
prompted immediate reaction from Julian Assange who decried both the NSA and the GCHQ for
acting with total impunity. 'The NSA and its UK accomplices show no respect for the rule
of law,' he said in a statement on WikiLeaks’ site. 'But there is a cost to
conducting illicit actions against a media organization.' WikiLeaks’ lawyer Judge Baltasar Garzon is now
preparing an appropriate response to the new information and the organization has pledged
that those responsible will be brought to justice. Garzon said the new documents are a
testament to the fact the repression facing WikiLeaks is still very much alive." |
"Top-secret documents
from the National Security Agency and its British counterpart reveal for the first time
how the governments of the United States and the United Kingdom targeted WikiLeaks and
other activist groups with tactics ranging from covert surveillance to prosecution. The
efforts – detailed in documents provided previously by NSA whistleblower Edward
Snowden – included a broad campaign of international pressure aimed not only at
WikiLeaks founder Julian Assange, but at what the U.S. government calls 'the human network
that supports WikiLeaks.' The documents also contain internal discussions about targeting
the file-sharing site Pirate Bay and hacktivist collectives such as Anonymous. One classified
document from Government Communications Headquarters, Britain’s top spy agency,
shows that GCHQ used its
surveillance system to secretly monitor visitors to a WikiLeaks site. By exploiting its
ability to tap into the fiber-optic cables that make up the backbone of the Internet, the
agency confided to allies in 2012, it was able to collect the IP addresses of visitors in
real time, as well as the search terms that visitors used to reach the site from search
engines like Google." |
"Intercepting the telephone calls of Angela Merkel would have been
'politically unwise' and 'certainly illegal under German law', according to a former
senior British secret intelligence officer. However, he says that under international law, tapping into the German
chancellor's telephone conversations 'would appear to be fair game'. Nigel Inkster, former deputy chief of MI6,
was responding to the disclosure by Edward Snowden that the US National Security Agency
targeted Merkel's mobile telephone. Though the White House has not officially admitted it,
it has said the US will not monitor the chancellor's conversations in future. Writing in
the latest edition of Survival, the journal of the International Institute for Strategic
Studies, where he is director of transnational threats and political risk, Inkster says:
'Listening to chancellor Angela Merkel's mobile telephone calls, as the US has been
accused of doing, might be judged to be politically unwise and was certainly illegal under
German law. But, under international law, her telephone conversations would appear to be fair game.' In her latest weekly podcast, Merkel suggested that a European
communications network should be set up to offer protection from surveillance by the NSA
and its British eavesdropping partner, GCHQ. She
plans to discuss the idea with the French president, François Hollande, when she meets
him in Paris on Wednesday. 'Above all we'll talk
about European providers that offer security to our citizens, so that one shouldn't have
to send emails and other information across the Atlantic,' she said in the podcast. 'Rather, one could build up a communications
network inside Europe.' Inkster says that while
NSA surveillance programmes violated the domestic laws of countries subjected to
espionage, it was less obvious that they violated international
law. 'International lawyers hold a wide spectrum of
opinions on the legality of espionage, and there was nothing in existing international law that
expressly proscribed espionage,' he writes." |
"The start of a new NHS
data-sharing scheme in England involving medical records is being delayed by six months.
Work to start compiling the largely anonymised records on to the Care.data database was
meant to start from April. But NHS England has now decided that will not now happen until
the autumn. The organisation has accepted the communications campaign, which gives people
the chance to opt out, needs to be improved. There has been widespread criticism that the
public have been 'left in the dark' over the plans amid reports not everyone received the
leaflets explaining the project. The Royal College of GPs, the British Medical Association
and patient watchdog Healthwatch England have all voiced concerns in recent weeks. The
central database will involve taking records from GP practices and linking them with
hospital records. Experts say it will enable them to assess diseases, examine new drugs on
the market and identify infection outbreaks as well as monitor the performance of the NHS.
To date information has been available about what happens in hospitals, but not what goes
on in GP surgeries. The information made available on the database will be stripped of
identifiable data - although it will include the gender, age band and area a patient lives
in. However, concerns have been raised about the
prospect of keeping all the information in one place, with campaigners saying that it
could lead to privacy problems and data breaches....Nick Pickles, director of Big Brother
Watch, said: 'NHS England has failed to properly communicate to patients or GPs what this
new database involves, how it affects our medical records and what the risks are. The
scheme's benefits are no justification for not properly informing people what will happen
and a delay is the right thing to do. Our medical records contain some of our most private
information and any changes to how they are used should not be rushed into.'" |
"Intelligence whistleblower Edward Snowden has been elected to the
post of student rector at Glasgow University. The
former US National Security Agency contractor fled from his homeland last May after
revealing extensive details of internet and phone surveillance. He is currently staying in
Russia where he has temporary asylum. The rector is the students' elected representative.
Mr Snowden succeeds the Liberal Democrat's former leader Charles Kennedy. Mr Snowden beat
three other candidates to the post - cyclist Graeme Obree, author Alan Bissett and
Scottish Episcopal clergyman Kelvin Holdsworth. Previous rectors at the university include
Winnie Mandela and Mordechai Vanunu." |
"The three journalists who broke the National Security Agency
revelations from Edward Snowden in the Guardian are among the recipients of the
prestigious 2013 George Polk Awards in Journalism.
Glenn Greenwald, Ewen MacAskill and Laura Poitras will receive the award for national
security reporting, along with Barton Gellman of the Washington Post. Janine Gibson,
Guardian US editor-in-chief, said: 'We’re honoured by the recognition from the Polk
awards and delighted for Ewen, Glenn, Laura, Barton and their colleagues that their work
has been recognised.'" |
"A draft report by the European Parliamentary Committee on Civil
Liberties, Justice and Home Affairs, authored by Labour MEP Claude Moraes, reveals
disturbing plans to suspend a key counter-terrorism agreement, and give the EU greater
power over national intelligence services, including that of the United Kingdom.... published in January this year makes various recommendations,
singling out the United Kingdom’s security services and their roles in recent mass
surveillance activities orchestrated in part with the U.S. government. But instead of
simply attempting to curtail such schemes, Labour MEPs and their partners in the
Progressive Alliance of Socialists and Democrats are recommending that Britain’s
entire legal framework is overhauled in order to suit the EU. The document makes dozens of references to the current
‘undemocratic’ nature of having Britain’s security services accountable to
the UK government, claiming that 'international treaties and EU and US legislation, as
well as national oversight mechanisms, have failed to provide for the necessary checks and
balances and for democratic accountability'....Labour MEP Claude Moraes proposes that the
EU calls on 'certain EU Member States, including the UK, Germany, France, Sweden and the
Netherlands, to revise where necessary their national legislation and practices governing
the activities of intelligence services so as to ensure that they are in line with the
standards of the European Convention on Human Rights'." |
"Der Spiegel magazine reported on Sunday the German government was
considering deploying its own agents to keep tabs on Western secret services and embassies
on German soil including those of the United States and also Britain. It said the domestic
intelligence service aimed to glean precise information about foreign spies using
diplomatic cover and technical equipment at diplomatic missions used to snoop on German
officials and the country's citizens. 'This
step would be an about-face from the decades-long practice of systematically monitoring
the activities of countries such as China, Russia and North Korea but rarely the
activities of Western partners,' Spiegel said. It said the plans would require the final
approval of Merkel's office as well as the foreign and interior ministries. The reported
initiatives follow leaks by former National Security Agency (NSA) contractor Edward
Snowden that US intelligence agencies had eavesdropped on Chancellor Angela Merkel's
mobile phone and collected vast amounts of online data and telephone records from average
citizens. Media reports last year said that equipment installed on the roofs of the US and
British embassies in central Berlin was used for snooping. Spiegel also reports in its
upcoming issue on a suspected attack by Chinese spies on the German government ahead of
the G20 summit in Saint Petersburg, Russia last September." |
"The list of those caught up in the global surveillance net cast by the
National Security Agency and its overseas partners, from social media users to foreign
heads of state, now includes another entry: American lawyers. A top-secret document, obtained by the former N.S.A. contractor Edward
J. Snowden, shows that an American law firm was monitored while representing a foreign
government in trade disputes with the United States. The
disclosure offers a rare glimpse of a specific instance in which Americans were ensnared
by the eavesdroppers, and is of particular interest because lawyers in the United States
with clients overseas have expressed growing concern that their confidential
communications could be compromised by such surveillance. The government of Indonesia had
retained the law firm for help in trade talks, according to the February 2013 document. It
reports that the N.S.A.’s Australian counterpart, the Australian Signals Directorate, notified the agency that
it was conducting surveillance of the talks, including communications between Indonesian
officials and the American law firm, and offered to share the information. The Australians
told officials at an N.S.A. liaison office in Canberra, Australia, that “information
covered by attorney-client privilege may be included” in the intelligence gathering,
according to the document, a monthly bulletin from the Canberra office. The law firm was
not identified, but Mayer Brown, a Chicago-based firm with a global practice, was then
advising the Indonesian government on trade issues. On behalf of the Australians,
the liaison officials asked the N.S.A. general counsel’s office for guidance about
the spying. The bulletin notes only that the counsel’s office “provided clear
guidance” and that the Australian agency “has been able to continue to cover the
talks, providing highly useful intelligence for interested US customers.” The
N.S.A. declined to answer questions about the reported surveillance, including whether
information involving the American law firm was shared with United States trade officials
or negotiators. Most attorney-client conversations do not get special protections under
American law from N.S.A. eavesdropping. Amid growing concerns about surveillance and
hacking, the American Bar Association in 2012 revised its ethics rules to explicitly
require
lawyers to “make reasonable efforts” to protect confidential information
from unauthorized disclosure to outsiders." |
"The state of free press in the U.S. is bad, according to the 2014 World Press Freedom
Index compiled by Reporters Without Borders (Reporters sans frontières). The U.S. was
ranked 46th among the 180 nations surveyed, falling 13 places since last year. Finland,
the Netherlands and Norway are among the most free nations for journalists. Iran, China
and North Korea are among the most restrictive for reporters. America's
bad ranking was based on the conviction of WikiLeaks' informant Bradley (Chelsea) Manning
and the treatment of NSA whistleblower Edward Snowden, along
with the Obama
administration's 'increased efforts to track down whistleblowers and the sources of
leaks,' the watchdog group said. In 2013, it came to light that the Justice Department had
secretly obtained phone logs of Associated Press reporters, monitored the personal email
account for FOX News reporter James Rosen in order to discover officials speaking to the
press, and subpoenaed James Risen of The New York Times to testify against a former CIA
employee accused of leaking classified information. Obama
said in May 2013 that he was 'troubled' at the possible overreach by the Justice
Department and ordered the agency to review its guidelines on dealing with press
investigations. Additionally, the Obama White House has been accused of shielding the
President from the press by not allowing the White House Press Corps sufficient access to
photograph and question Obama during his official duties. 'I
would say it is the most secretive White House that I have ever been involved in
covering,' New York Times Executive Editor Jill Abramson told Al Jazeera America in late January. 'The Obama administration has had seven criminal leak
investigations. That is more than twice the number of any previous administration in our
history. It's on a scale never seen before,' she
added." |
"James Clapper, President Obama’s top national security
official, is probably best known for having
been caught lying outright to Congress about NSA activities, behavior which (as some
baseball players found
out) happens to be a felony
under federal law. But – like torturers and Wall Street tycoons before him –
Clapper has been not only shielded from prosecution, and not only allowed to keep his job;
he has has now been anointed the arbiter of others’ criminality, as he parades around
the country calling
American journalists 'accomplices'. Yesterday, as Wired’s
Dave Kravets reports, the 'clearly frustrated' Clapper went before a Senate committee
(different than the one he got caught lying to) to announce that the Snowden disclosures
are helping the terrorists... As Kravets notes, 'Clapper is not the most credible source
on Snowden and the NSA leaks.' Moreover, it’s hardly surprising that Clapper is
furious at these disclosures given that 'Snowden’s very first leak last June' –
revelation of the domestic
surveillance program – 'had the side-effect of revealing that Clapper had misled
the public and Congress about NSA spying.' And, needless to say, Clapper offered no
evidence at all to support his assertions yesterday; he knows that, unlike Kravets, most
establishment media outlets will uncritically
trumpet his claims without demanding evidence or even noting that he has none.'... Fear-mongering comes naturally to those who wield political power.
Particularly in post-9/11 America, shouting
'terrorists!' has been the favorite tactic of the leadership of both parties to spread
fear and thus induce submission.... In a recent New
York Times op-ed detailing how exploitation of terrorism fears is the key to
sustaining the modern surveillance state, Northwestern University Philosophy Professor
Peter Ludlow wrote that 'since 9/11 leaders of both
political parties in the United States have sought to consolidate power by leaning …
on the danger of a terrorist attack'. He recounted
that 'Machiavelli notoriously argued that a good leader should induce fear in the populace
in order to control the rabble' and that 'Hobbes in ‘The Leviathan’ argued that
fear effectively motivates the creation of a social contract in which citizens cede their
freedoms to the sovereign.' It would be surprising if people like Clapper didn’t do
this.'" |
"The European parliament is to ditch demands on Wednesday that EU
governments give guarantees of asylum and security to Edward Snowden, the National
Security Agency whistleblower. The parliament's
civil liberties committee is to vote on more than 500 amendments to the first ever
parliamentary inquiry into the NSA and GCHQ
scandal, a 60-page report that is damning about the scale and the impact of mass
surveillance. But there is no consensus on an amendment proposed by the Greens calling on
EU governments to assure Snowden of his safety in the event that he emerges from hiding in
Russia and comes to Europe. Amid what key MEPs have
described as intense pressure from national governments on parliament – from the
Conservatives and their allies, from the mainstream centre-right and from social democrats
– the asylum call has no chance of passing. 'The amendment asking for asylum won't go
through,' said Claude Moraes, the British Labour MEP who is the principal author of the
report. 'That was a red line for the right. There was never going to be a realistic
majority for that.'" |
"The National Security Agency, already under siege in Washington,
faces a fresh attempt to curtail its activities from a Utah legislator who wants to cut
off the surveillance agency’s water supply.
Marc Roberts, a first-term Republican lawmaker in the Beehive State, plans this week to
begin a quixotic quest to check government surveillance starting at a local level. He will
introduce a bill that would prevent anyone from supplying water to the $1bn-plus data
center the NSA is constructing in his state at Bluffdale. The bill is about telling the
federal government 'if you want to spy on the whole world and American citizens, great,
but we’re not going to help you,' Roberts told the Guardian. Supporters of the bill
freely admit they’re at a disadvantage. Roberts is still talking with colleagues to
find co-sponsors. His activist allies expect a steep, uphill struggle against the
NSA’s supporters in conservative Utah, as well as business groups whom Roberts
expects will argue that the data center will create jobs and bolster the local
economy." |
"Most of the worry
about the National Security Agency's bulk interception of telephone calls, e-mail and the
like has centered around threats to privacy. And, in fact, the evidence suggests that if
you've got a particularly steamy phone- or Skype-s*x session going on, it just might wind
up being shared by
voyeuristic NSA analysts. But most Americans figure, probably rightly, that the NSA
isn't likely to be interested in their stuff. (Anyone who hacks my e-mail is automatically
punished, by having to read it.) There is, however, a
class of people who can't take that disinterest for granted: members of Congress and the judiciary. What they have to
say is likely to be pretty interesting to anyone with a political ax to grind. And the
ability of the executive branch to snoop on the phone calls of people in the other
branches isn't just a threat to privacy, but a threat to the
separation of powers and the Constitution." |
"[Irish] Justice Minister Alan Shatter
has demanded a full explanation of allegations that the Garda Ombudsman has been the
victim of a sophisticated spying operation using 'government-level' technology. A report carried out for the watchdog by security consultants found a
phone had been bugged using eavesdropping equipment to monitor conferences on sensitive
investigations, according to weekend accounts. The report allegedly concluded that the
ombudsman was being targeted using restricted technology, which is not commercially
available or sold to non-government agencies. Mr Shatter is extremely concerned that he
was not told of the findings by the Garda Siochana
Ombudsman Commission (GSOC), the watchdog which deals with complaints against gardai. Mr
Shatter has summoned representatives from the agency to a meeting today for a
comprehensive explanation. Underlining how seriously the Government is taking the matter,
the Taoiseach has also ordered a report from Mr Shatter for tomorrow's weekly Cabinet
meeting. 'I haven't read the detail of it yet, but obviously I will ask the minister to
give a report to us at Cabinet on Tuesday,' Enda Kenny told the Irish
Independent. Mr Shatter was kept in the dark about the allegations, with his office
confirming that he only became aware of the matter through media reports yesterday. Senior
gardai appear to have been unaware of the investigation even though the Garda watchdog
hired a UK company to 'integrity test' its systems after becoming suspicious that its
offices were under surveillance. The surveillance is believed to have started some time
after December 2011 when Simon O'Brien, Kieran Fitzgerald and Carmel Foley were appointed
by Mr Shatter to lead the body. It is not clear if any individuals were targeted directly.
GSOC is an independent statutory body with responsibility for investigating complaints
against members of An Garda Siochana. GSOC refused to make any comment on the allegations
and would not say why it did not alert either the gardai or Government about its
probe." |
"The journalistic
venture started by eBay founder Pierre Omidyar and former Guardian reporter Glenn
Greenwald launched its first news site Monday, promising more stories based on
intelligence documents leaked by Edward Snowden. The Intercept -- at TheIntercept.org
-- is the first of several sites that will be published by First
Look Media. While announcing the formation of First Look in October, Omidyar said he
is contributing $250 million to pursue independent journalism, and tapped Greenwald to
lead editorial operations..... Citing Snowden's NSA
documents and a former drone operator, the Intercept's first
story detailed the NSA's reliance of electronic surveillance for finding targets for
lethal drone strikes. The site also published Monday aerial photos
of the NSA, the National Reconnaissance Office and the National Geospatial-Intelligence
Agency. 'My intention is to expand the visual vocabulary we use to 'see' the U.S.
intelligence community,' wrote guest reporter and photographer Trevor Paglen on the site.
'Although the organizing logic of our nation's surveillance apparatus is invisibility and
secrecy, its operations occupy the physical world.'" |
"Intelligence officials investigating how Edward J. Snowden gained
access to a huge trove of the country’s most highly classified documents say they
have determined that he used inexpensive and widely available software to 'scrape' the National
Security Agency’s networks, and kept at it even after he was briefly challenged
by agency officials. Using 'web crawler' software designed to search, index and back up a
website, Mr. Snowden 'scraped data out of our systems' while he went about his day job,
according to a senior intelligence official. 'We do
not believe this was an individual sitting at a machine and downloading this much material
in sequence,' the official said. The process, he added, was 'quite automated.' The
findings are striking because the N.S.A.’s mission includes protecting the
nation’s most sensitive military and intelligence computer systems from cyberattacks,
especially the sophisticated attacks that emanate from Russia and China. Mr.
Snowden’s 'insider attack,' by contrast, was hardly sophisticated and should have
been easily detected, investigators found. Moreover, Mr. Snowden succeeded nearly three
years after the WikiLeaks
disclosures, in which military and State Department files, of far less sensitivity, were
taken using similar techniques. Mr. Snowden had broad access to the N.S.A.’s complete
files because he was working as a technology contractor for the agency in Hawaii, helping
to manage the agency’s computer systems in an outpost that focuses on China and North
Korea. A web crawler, also called a spider, automatically moves from website to website,
following links embedded in each document, and can be programmed to copy everything in its
path. Mr. Snowden appears to have set the parameters for the searches, including which
subjects to look for and how deeply to follow links to documents and other data on the
N.S.A.’s internal networks. Intelligence officials told a House hearing last week
that he accessed roughly 1.7 million files. Among the materials prominent in the Snowden
files are the agency’s shared 'wikis,' databases to which intelligence analysts,
operatives and others contributed their knowledge. Some of that material indicates that
Mr. Snowden 'accessed' the documents. But experts say they may well have been downloaded
not by him but by the program acting on his behalf. Agency officials insist that if Mr.
Snowden had been working from N.S.A. headquarters at Fort Meade, Md., which was equipped
with monitors designed to detect when a huge volume of data was being accessed and
downloaded, he almost certainly would have been caught. But because he worked at an agency
outpost that had not yet been upgraded with modern security measures, his copying of what
the agency’s newly appointed No. 2 officer, Rick Ledgett, recently called 'the keys
to the kingdom' raised few alarms. .... from his
first days working as a contractor inside the N.S.A.’s aging underground Oahu
facility for Dell, the computer maker, and then at a modern office building on the island
for Booz Allen Hamilton, the technology consulting firm that sells and operates computer
security services used by the government, Mr. Snowden learned something critical about the
N.S.A.’s culture: While the organization built enormously high electronic barriers to
keep out foreign invaders, it had rudimentary protections against insiders.... Investigators have yet to answer the question of whether Mr. Snowden
happened into an ill-defended outpost of the N.S.A. or sought a job there because he knew
it had yet to install the security upgrades that might have stopped him. 'He was either
very lucky or very strategic,' one intelligence official said. A new book, 'The Snowden Files,' by Luke Harding, a correspondent for The
Guardian in London, reports that Mr. Snowden sought his job at Booz Allen because 'to get
access to a final tranche of documents' he needed 'greater security privileges than he
enjoyed in his position at Dell.' Through his lawyer at the American Civil Liberties
Union, Mr. Snowden did not specifically address the government’s theory of how he
obtained the files, saying in a statement: 'It’s ironic
that officials are giving classified information to journalists in an effort to discredit
me for giving classified information to journalists. The difference is that I did so to
inform the public about the government’s actions, and they’re doing so to
misinform the public about mine.'... Officials say web crawlers are almost never used on the N.S.A.’s
internal systems, making it all the more inexplicable that the one used by Mr. Snowden did
not set off alarms as it copied intelligence and military documents stored in the
N.S.A.’s systems and linked through the agency’s internal equivalent of
Wikipedia. The answer, officials and outside experts say, is that no one was looking
inside the system in Hawaii for hard-to-explain activity. ... Investigators have found no
evidence that Mr. Snowden’s searches were directed by a foreign power, despite
suggestions to that effect by the chairman of the House Intelligence Committee,
Representative Mike Rogers, Republican of Michigan, in recent television appearances and
at a hearing last week. But that leaves open the question of how Mr. Snowden chose the
search terms to obtain his trove of documents, and why, according to James R. Clapper Jr.,
the director of national intelligence, they yielded a disproportionately large number of
documents detailing American military movements, preparations and abilities around the
world. In his statement, Mr. Snowden denied any deliberate effort to gain access to
any military information. 'They rely on a baseless premise, which is that I was after
military information,' Mr. Snowden said." |
"British spies have
developed'dirty tricks' for use against nations, hackers, terror groups, suspected
criminals and arms dealers that include releasing computer viruses, spying on journalists and diplomats, jamming phones and computers, and using
sex to lure targets into 'honey traps.' Documents
taken from the National Security Agency by Edward Snowden and exclusively obtained by NBC
News describe techniques developed by a secret British spy unit called the Joint Threat Research and Intelligence Group (JTRIG) as part of a growing mission to go on offense and attack adversaries
ranging from Iran to the hacktivists of Anonymous. According to the documents, which come
from presentations prepped in 2010 and 2012 for NSA cyber spy conferences, the agency’s goal was to'destroy, deny, degrade [and]
disrupt' enemies by 'discrediting' them, planting misinformation and shutting down their communications. Both PowerPoint presentations describe 'Effects' campaigns that are
broadly divided into two categories: cyber attacks and propaganda operations. The
propaganda campaigns use deception, mass messaging and 'pushing stories' via Twitter,
Flickr, Facebook and YouTube. JTRIG also uses 'false flag' operations, in which British agents carry out online actions that are
designed to look like they were performed by one of Britain’s adversaries. In connection with this report, NBC is publishing documents that Edward
Snowden took from the NSA before fleeing the U.S., which can be viewed by clicking here
and here.
The documents are being published with minimal redactions. The spy unit’s cyber
attack methods include the same'denial of service' or DDOS tactic used by computer hackers
to shut down government and corporate websites..... Civil
libertarians said that in using a DDOS attack against hackers the British government also
infringed free speech by individuals not involved in any illegal hacking, and may have
blocked other websites with no connection to Anonymous. While GCHQ defends the legality of its actions, critics question whether
the agency is too aggressive and its mission too broad. Eric
King, a lawyer who teaches IT law at the London School of Economics and is head of
research at Privacy International, a British civil liberties advocacy group, said it was
'remarkable' that the British government thought it had the right to hack computers, since
none of the U.K.’s intelligence agencies has a 'clear lawful authority' to launch
their own attacks.' GCHQ has no clear authority to
send a virus or conduct cyber attacks,' said King.'Hacking is one of the most invasive
methods of surveillance.' King said British cyber spies had gone on offense with 'no legal
safeguards' and without any public debate, even though the British government has
criticized other nations, like Russia, for allegedly engaging in cyber warfare.... One intelligence official also said that the newest set of Snowden
documents published by NBC News that describe 'Effects' campaigns show that British cyber
spies were 'slightly ahead' of U.S. spies in going on offense against adversaries, whether
those adversaries are hackers or nation states. The documents also show that a one-time
signals surveillance agency, GCHQ, is now conducting the kinds of active espionage
operations that were once exclusively the realm of the better-known British spy agencies
MI5 and MI6. According to notes on the 2012
documents, a computer virus called Ambassadors Reception was 'used in a variety of
different areas' and was 'very effective.' When sent to adversaries, says the
presentation, the virus will 'encrypt itself, delete all emails, encrypt all files, make
[the] screen shake' and block the computer user from logging on. But the British cyber
spies’ operations do not always remain entirely online. Spies
have long used sexual 'honey traps' to snare, blackmail and influence targets. Most often,
a male target is led to believe he has an opportunity for a romantic relationship or a
sexual liaison with a woman, only to find that the woman is actually an intelligence
operative. The Israeli government, for example, used
a 'honey trap' to lure nuclear technician Mordechai Vanunu from London to Rome. He
expected an assignation with a woman, but instead was kidnapped by Israel agents and taken
back to Israel to stand trial for leaking nuclear secrets to the media. The version of a 'honey trap' described by British cyber spies in the 2012
PowerPoint presentation sounds like a version of Internet dating, but includes physical
encounters. The target is lured 'to go somewhere on the Internet, or a physical location'
to be met by 'a friendly face.' The goal, according to the presentation, is to discredit the target. A 'honey trap,' says the presentation, is' very successful when it
works.' But the documents do not give a specific
example of when the British government might have employed a honey trap. The existence of
the Royal Concierge program was first reported by the German magazine Der Spiegel in 2013,
which said that Snowden documents showed that British spies had monitored bookings of at
least 350 upscale hotels around the world for more than three years 'to target, search and
analyze reservations to detect diplomats and government officials.' According to the documents obtained by NBC News, the intelligence agency
uses the information to spy on human targets through 'close access technical operations,'
which can include listening in on telephone calls and tapping hotel computers as well as
sending intelligence officers to observe the targets in person at the hotels. The
documents ask, 'Can we influence hotel choice? Can we cancel their visits?' The 2010 presentation also describes another potential operation
that would utilize a technique called 'credential harvesting' to select journalists who
could be used to spread information. According to intelligence sources, spies considered
using electronic snooping to identify non-British journalists who would then be
manipulated to feed information to the target of a covert campaign. Apparently, the
journalist’s job would provide access to the targeted individual, perhaps for an
interview. The documents do not specify whether the journalists would be aware or unaware
that they were being used to funnel information. The executive director of the Committee
to Protect Journalists, Joel Simon, said that the revelation about'credential harvesting'
should serve as a 'wake up call' to journalists that intelligence agencies can monitor
their communications. Simon also said that governments put all journalists at risk when
they use even one for an intelligence operation. 'All journalists generally are then
vulnerable to the charge that they work at the behest of an intelligence agency,' said
Simon. The
journalist operation was never put into action, according to sources, but other techniques
described in the documents, like the Ambassadors Reception computer virus and the jamming
of phones and computers, have definitely been used to attack adversaries.... The British government’s intelligence apparatus, which also
includes MI5 and MI6, had a role in the 2010 Stuxnet computer virus attack on Iran’s
nuclear facilities, according to sources at two intelligence agencies. GCHQ would not comment on the newly published documents or on
JTRIG’s 'Effects' operations. It would neither
confirm nor deny any element of this report, which is the agency’s standard policy.
In a statement, a GCHQ spokesperson emphasized that the agency operated within the
law." |
"On Friday, The Washington
Post reported that the N.S.A. is currently taking in data on less than 30 percent of phone calls. The article
also said the agency had been collecting nearly all records about Americans’ phone
calls in 2006, and that the N.S.A. was now trying to restore
comprehensive coverage. Officials
partly confirmed The Post’s report, although they said it was difficult to put a
precise number on the percentage. But they disputed that the agency had ever had
near-universal access to phone data, saying cellphone records have always presented
problems. The Wall Street Journal reported
in June that T-Mobile and Verizon Wireless were not part of the N.S.A.’s data
collection, and a report
on surveillance policy last month by a review group appointed by Mr. Obama said that
while the program'acquires a very large amount' of phone data each day, that was still
'only a small percentage of the total' calls. One official said intelligence agencies have
quietly chafed at assumptions that the N.S.A. was collecting all phone records. But they
have been reluctant to correct the record because they did not want to draw attention to
the gap and because it is, in fact, the agency’s goal to overcome technical hurdles
that stop them from ingesting them all. The greater attention to the gap puts new light on
claims about the effectiveness of the program. Critics say the gap may undermine the
argument that the program, as it currently exists, can provide peace of mind about links
to potential terrorists: a negative result might instead mean only that the data was
missing. Supporters, however, say the gap might undermine the argument that the program is
ineffective because it has thwarted no attacks and uncovered only a minor case in which
some men sent several thousand dollars to a Somali terrorist group.'We should have a
debate about how effective would it be if it were fully implemented,' one official
said." |
"A US official has acknowledged that the NSA
likely scoops up data on congressional telephone communications but stopped short of saying whether such action extended to calls made by
President Barack Obama. The tense exchange occurred on Tuesday during a hearing on the
status of the administration's reforms of the bulk data collection programme exposed last
year by former National Security Agency contractor Edward Snowden. Deputy Attorney General
James Cole, testifying before the House Judiciary Committee, hesitated when asked whether
the controversial NSA programme that gathers the numbers, call times and lengths of
virtually every US phone call extended to communications by members of Congress and
executive branch officials. Congressman Darrell Issa, a House Republican known for his
criticism of the Obama White House, asked specifically whether the programme was scooping
up information from '202-225-and four digits', the phone exchange for House of
Representatives offices. 'Without going specifically, probably we do, congressman,' Cole
said. Issa then asked whether the president's phone calls were targeted by the programme.
'I believe every phone number that is with the providers that get those orders comes in
under the scope of that order,' Cole said, without clarifying whether the president's
phones fell within such an order. Cole agreed to get
back to Issa with clarification, to which Issa responded: 'Especially if he [Obama] calls
Chancellor Merkel.' The remark was an apparent swipe at charges that the NSA had been
listening in on the telephones of several world leaders including Germany's Angela Merkel,
who told Obama in October that such action would be a 'breach of trust' between two
allies. The hearing came amid growing congressional and public concern over the scope of
domestic intelligence gathering." |
"The Swiss government has ordered tighter security for its own
computer and telephone systems that could block foreign companies from key technology and
communications contracts. The governing Federal Council's decision Wednesday cited
concerns about foreign spies targeting Switzerland. National Security Agency leaker Edward
Snowden, who worked for the CIA at the U.S. mission to the U.N. in Geneva from 2007 to
2009, has released documents indicating that large American and British IT companies
cooperated with those countries' intelligence services. According to a Swiss government statement, contracts for critical IT
infrastructure will 'where possible, only be given to companies that act exclusively
according to Swiss law, where a majority of the ownership is in Switzerland and which
provides all of its services from within Switzerland's borders." |
"As Americans have grown increasingly comfortable with traditional
surveillance cameras, a new, far more powerful generation is being quietly deployed that
can track every vehicle and person across an area the size of a small city, for several
hours at a time. Although these cameras can’t read license plates or see faces, they
provide such a wealth of data that police, businesses and even private individuals can use
them to help identify people and track their movements. Already, the cameras have been
flown above major public events such as the Ohio political rally where Sen. John McCain
(R-Ariz.) named Sarah Palin as his running mate in 2008, McNutt said. They’ve been flown above Baltimore; Philadelphia; Compton, Calif.;
and Dayton in demonstrations for police. They’ve also been used for traffic impact
studies, for security at NASCAR races and at the request of a Mexican politician, who
commissioned the flights over Ciudad Juárez.... In addition to normal cameras, the planes
can carry infrared sensors that permit analysts to track people, vehicles or wildlife at
night — even through foliage and into some structures, such as tents. Courts have put
stricter limits on technology that can see things not visible to the naked eye, ruling
that they can amount to unconstitutional searches when conducted without a warrant. But
the lines remain fuzzy as courts struggle to apply old precedents — from a single
overflight carrying an officer equipped with nothing stronger than a telephoto lens, for
example — to the rapidly advancing technology. 'If
you turn your country into a totalitarian surveillance state, there’s always some
wrongdoing you can prevent,' said Jay Stanley, a privacy expert with the American Civil
Liberties Union. 'The balance struck in our Constitution tilts toward liberty, and I think
we should keep that value.' Police and private
businesses have invested heavily in video surveillance since the Sept. 11, 2001, attacks.
Although academics debate whether these cameras create significantly lower crime rates, an
overwhelming majority of Americans support them. A Washington Post poll in November found that only 14 percent of those
surveyed wanted fewer cameras in public spaces. But the latest camera systems raise new
issues because of their ability to watch vast areas for long periods of time —
something even military-grade aerial cameras have struggled to do well." |
"US intelligence spied on former German chancellor Gerhard
Schroeder from 2002, a German report has claimed, adding fuel to the flames of a row over
spying on incumbent Angela Merkel. According to NDR, Mr Schroeder, the Social Democrat
chancellor who served from 1998 to 2005, appears on a list of names of people and
institutions put under surveillance by the US National Security Agency (NSA) from 2002, at
the start of his second mandate as German head of state. At the time Germany was opposing
intervention in Iraq. The NSA has been at the heart
of a spying scandal which erupted last year. US-German ties soured amid revelations leaked
by former CIA contractor Edward Snowden that US intelligence agencies had eavesdropped on
Merkel and collected vast amounts of online data and telephone records from average
citizens. The dispute has threatened to derail negotiations on a sweeping transatlantic
free trade agreement known as TTIP. Mr Schroeder said he was unsurprised by the latest
spying report. 'At the time the idea would never have occurred to me, but now it doesn't
surprise me,' he told NDR and the Sueddeutsche Zeitung daily." |
"The U.S. Congress needs to help restore global trust in the
nation’s technology vendors by reining in surveillance programs at the National
Security Agency, an industry representative told lawmakers Tuesday. Recent revelations
about NSA surveillance programs have created a 'misimpression' about the U.S. technology
industry and are eroding trust in those companies, said Dean Garfield, president and CEO
of the Information Technology Industry Council (ITI). The
furor over the NSA surveillance programs could lead
to lost income in the tens of billions of dollars for U.S. cloud providers, and many
U.S. tech vendors are already hearing complaints, he said. The U.S. needs a 'public policy
course correction' on NSA surveillance, Garfield told the U.S. House of Representatives
Judiciary Committee. 'Made in the U.S.A. is no longer a badge of honor, but a basis for
questioning the integrity and the independence of U.S.-made technology,' Garfield
said.'Many countries are using the NSA’s disclosures as a basis for accelerating
their policies around forced localization and protectionism.' To stop a'protectionist downward spiral,' Congress
needs to ensure greater transparency over NSA surveillance and provide stronger
oversight, including a civil liberties advocate at the U.S. Foreign Intelligence
Surveillance Court. Congress also needs to find ways to restore trust in the encryption
standards process at the U.S. National Institute of Standards and Technology (NIST), he
said, after revelations by former NSA contractor Edward Snowden that the NSA worked to
compromise the process." |
"The U.S. Congress
needs to help restore global trust in the nation’s technology vendors by reining in
surveillance programs at the National Security Agency, an industry representative told
lawmakers Tuesday.... Several lawmakers, both
Republicans and Democrats, questioned the legality of the phone records program.
Representative Ted Poe, a Texas Republican, questioned how many criminal cases federal
investigators have filed using information from the phone records program. There'may be
one,' said James Cole, deputy attorney general in the U.S. Department of Justice.'One criminal case?' Poe said.'[The program]
is an invasion of personal privacy, and it’s justified on the idea that we’re
going to capture these terrorists. The evidence that you’ve told is all this
collection has resulted in one bad guy having criminal charges filed on him.'" |
"Professor Jean-Jacques Quisquater, a Belgian cryptographer whose work is
said to have informed card payment systems worldwide, has reportedly become the victim of
a spear-phishing attack by the NSA and/or GCHQ. Belgium's De Standaaard reports that
Professor Quisquater clicked on a fake LinkedIn invitation that infected his computer with
something even nastier than the endless claims of industry leadership spouted by those
most active on that network. The malware is said to have allowed tracking of the
Professor's work, including consultancy for various firms. Professor Quisquater's oeuvre, listed here at
Google Scholar, bristles with cryptographic research. He also shared 2013's RSA Conference
Award for Excellence in the Field of Mathematics for his work on'efficient zero-knowledge
authentication schemes'. RSA's (PDF) notes for the award describe his efforts as'a seminal
translation of cryptographic theory into practice' and as having'had a major impact on the
early development of the smartcard industry.' The professor is therefore a juicy target,
as understanding either his research or the advice he offers could conceivably yield
insights into real-world operations of cryptosystems or qualities of future schemes.
There's also the possibility of monitoring the professor's e-mail, which again could yield
interesting information. De Standaard says the hack
on Quisquater's kit was discovered as part of the investigation into an
attack on Belgacom described by one E. Snowden, late of Moscow. The Belgian paper
doesn't say why it is willing to put the NSA and GCHQ in the frame for the hack, saying only that its understanding of what
went on indicates their involvement. As the story points out, the attack could be the
first known instance of a spookhaus action against a private individual not under
investigation for something nefarious. Quisquater's
clearly not a 'civilian' , but nor does he appear to be a legitimate target whose
activities could reveal the nature of a threat against either the USA or UK. If he has indeed been targeted to gather intelligence about
cryptology in general, the Snowden snowball looks set to gather yet more size and speed." |
"Speed cameras to catch motorists driving in excess of 70mph are to
be installed along hundreds of miles of motorway for the first time. New so-called
‘stealth cameras’ - which may be grey rather than bright yellow - will be placed
on stretches of some of the most important motorways including the M1, M6 and M25. Previously, motorway speed cameras have mainly been situated on stretches
undergoing roadworks, in order to enforce variable speed limits for safety reasons. Some
‘safety camera partnerships’ have also placed them in vans which are parked on
bridges above the motorway. The Highways Agency is looking at the widespread introduction
of cameras to target drivers exceeding the maximum allowed speed of 70mph. According to
officials, this will prevent jams and allow better traffic flow by controlling speed
limits and opening hard shoulders to traffic during busy periods. But motoring groups
claim the introduction of cameras is not about road safety but about generating income
through fines....A recent poll in Autocar found that 94.6 per cent of motorists admitted
driving in excess of 70mph while on the motorway. Critics have pointed out that less
visible cameras will have no impact on actually slowing drivers down." |
"If you're a person who hates it when your supervisor looks over
your shoulder at work, you may want to stop reading this column right now. Because what
follows is only going to depress you. Hitachi, the big electronics company based in Japan,
is manufacturing and selling to corporations a device intended to increase efficiency in
the workplace. It has a rather bland and generic-sounding name: the Hitachi Business Microscope. But what it is capable of doing ... well,
just imagine being followed around the office or the factory all day by the snoopiest boss
in the world. Even into the restroom. And, the thing is, once you hear about it, you just
know that, from a management point of view, it is an innovation of absolute genius. Here's
how it works: The device looks like an employee ID badge that most companies issue.
Workers are instructed to wear it in the office. Embedded inside each badge, according to
Hitachi, are 'infrared sensors, an accelerometer, a microphone sensor and a wireless
communication device.' Hitachi says that the
badges record and transmit to management 'who talks to whom, how often, where and how
energetically.' It tracks everything. If you get up to walk around the office a lot, the
badge sends information to management about how often you do it, and where you go. If you
stop to talk with people throughout the day, the badge transmits who you're talking to (by
reading your co-workers' badges), and for how long. Do you contribute at meetings, or just
sit there? Either way, the badge tells your bosses. The stated intention of this is to
increase productivity and get the most out of employees. But a case can be made that,
however much we worry that the National Security Agency may be peeking into our lives, we
should be just as concerned -- or more -- about the potential for corporations to become
their own, private NSAs. And there's not much, in
the future, that employees will be able to do about it. With
government surveillance, the public can complain that the state has no right to be
scrutinizing the lives of its citizens so intrusively. But corporations can make the
argument that supervisors have always been encouraged to keep an eye on how workers are
spending their time when they're on the clock -- and that electronic tools such as the
Business Microscope are simply a 21st-century way to do that. The employers are paying for
their workers' time, the argument will go -- and if the employees don't like being
accountable for how they spend that time, they can always choose to work elsewhere. Hitachi says that by analyzing the 'enormous amount of data collected
with the Business Microscope, it will be possible to propose methods to improve
organizational communication and quantitatively evaluate efficacy.' Among the activities
the badges record and transmit, according to Hitachi, are 'the distance between people
talking face-to face' and 'an individual's activity level (active or nonactive), which is
determined on the basis of subtle movements detected (such as talking, nodding and
silence). And the sensor badges never sleep. They never take breaks. They don't go to
lunch. As H. James Wilson, a senior researcher at
Babson Executive Education, wrote in the Wall Street Journal, the badges not only transmit who
employees are talking to and how long the conversations go on, but can 'also measure how
well they're talking to them.' If you're in a
conference room with colleagues and they are animated participants in a discussion about,
say, sales strategy, while you just remain quiet in your seat, the badge knows it.
Businesses have long dreamed of maximum efficiency, and Hitachi says that, since the
Business Microscope was first developed in its labs in 2007, 'over one million days of
human behavior and big data' have been collected.... The
long-term question will be whether companies, in the name of workplace output, will want
to risk the morale problems that will inevitably arise among employees who are instructed
to wear such devices, manufactured either by Hitachi or by other firms that will engineer
their own digital tracking machinery. Technology always wins, but victory can come with a
price. And if employees bristle and become resentful about being kept on such a short
electronic leash, that could bring about productivity problems of a different sort.
Unhappy workers are not motivated to put in extra effort. Of course, the employees could
get up from their desks, congregate in an out-of-the-way corner of the office, and
bitterly complain about it all. But the badges would know. And tell." |
"Hey, big spenders. Facial recognition
technology, already employed by some retail stores to spot
and thwart shoplifters, may soon be used to identify and track the freest spenders in the
aisles. The NEC Corporation, for instance, is working on 'V.I.P.
identification' software, based on face recognition, for hotels and other businesses
'where there is a need to identify the presence of important visitors.' And companies like
FaceFirst, in
Camarillo, Calif., hope to soon complement their shoplifter-identification services with
parallel programs to help retailers recognize customers eligible for special treatment. 'Just load existing photos of your known shoplifters, members of
organized retail crime syndicates, persons of interest and your best customers into
FaceFirst,' a marketing pitch on the company’s site explains. 'Instantly, when a person in your FaceFirst database steps into
one of your stores, you are sent an email, text or SMS alert that includes their picture
and all biographical information of the known individual so you can take immediate and
appropriate action.' Joseph Rosenkrantz, the chief
executive of FaceFirst, envisages stores using the software to recognize shoppers and
immediately send personalized offers to their phones. But he expects retailers to seek
permission from their customers first. 'That would require opt-in consent,' he told me
recently. The ability to surreptitiously offer some customers better treatment — and
to link their faces and names with biographical profiles — is among the issues that
technology industry experts and consumer advocates are likely to confront on Thursday,
when they meet in Washington to discuss facial recognition. The event is the
first of a series on the topic organized by the National Telecommunications and Information Administration.
Agency officials expect that participants will eventually hammer out a voluntary industry
code of conduct for the technology’s use. 'Commercial facial recognition technology
has the potential to provide important benefits and to support a new wave of technological
innovation,' says John Verdi, the agency’s director of privacy initiatives, 'but it
also poses consumer privacy challenges.' The meetings are part of an initiative,
introduced in 2012 by the White House, to draft and enact baseline federal consumer
privacy legislation. Last year, the telecommunications agency held similar
forums about data collection by mobile apps. Participants eventually agreed to endorse
notices that apps could display before they were downloaded, alerting users if an app
collected material, like photos or contact lists, from their phones. But facial
recognition seems more fraught because, like DNA sequencing, it measures and records
biological patterns unique to individuals. Like
concerns over the proliferation of genetic data, the debate over facial recognition
ultimately revolves around whether a person has a right to control who has access to his
or her biometric data and how it can be used. Because facial recognition can be used
covertly to identify and track people by name at a distance, some civil liberties experts
call it unequivocally intrusive. In view of intelligence
documents made public by Edward J. Snowden, they also warn that once companies get
access to such data, the government could, too. 'This is you
as an individual being monitored over time and your movements and habits being recorded,'
says Christopher Calabrese,
legislative counsel for privacy issues at the American Civil Liberties Union. 'That is a
very scary technological reality.' For the technology to work, a company or government agency must create a
database containing photos or video stills of individuals. Next, a typical system extracts
complex measurements — often topological — of each face. Then it converts each
person’s facial data into a mathematical code, or 'faceprint.' If security cameras
record someone at, say, a store or a casino, the system can compare the faceprint of that
live image to those in the database, taking only a few seconds to run through millions of
faceprints and find a match. Some international
airports use the technology to identify employees as well as frequent fliers who have
been cleared by government security services. Facebook offers face-matching
software, called 'Tag Suggestions,' to automatically suggest to members the names of
people in photos they’ve uploaded. Google said last year that it would not approve 'at this time' apps
for Google Glass that use facial recognition. Now retailers and marketers are weighing the
possible ramifications of facial recognition and the practices they may need to employ it
securely and ethically. Mr. Rosenkrantz of FaceFirst argues that its current
shoplifter-recognition service is less intrusive than typical in-store video security
systems. Video cameras capture everyone who walks into a store and the images are usually
kept for 30 days, he says, whereas FaceFirst destroys faceprints of all consumers except
those whom retailers have previously caught shoplifting. 'We purposely do not store
information on people not being looked for,' he says." |
"The 2003 US-led invasion of Iraq prompted Snowden to think
seriously about a career in the military. 'I wanted
to fight in the Iraq war because I felt like I had an obligation as a human being to help
free people from oppression,' he has said.... In May 2004, Snowden took the plunge and
enlisted, reporting to Fort Benning in Georgia. It was a disaster. He was in good physical
shape but an improbable soldier, shortsighted and with unusually narrow feet. During
infantry training, he broke both his legs. After more than a month's uncertainty, the army
finally discharged him. Back in Maryland, he got a job as a 'security specialist' at the
University for Maryland's Centre for Advanced Study of Language. It was 2005. (He appears
to have begun as a security guard, but then moved back into IT.) Snowden was working at a
covert NSA facility on the university's campus.
Thanks perhaps to his brief military history, he had broken into the world of US
intelligence, albeit on a low rung. The centre worked closely with the US intelligence
community, providing advanced language training.In mid-2006, Snowden landed a job in IT at
the CIA.
.... In 2007, the CIA sent Snowden to Geneva on his
first foreign tour. Switzerland was an awakening and an adventure. He was 24. His job was
to maintain security for the CIA's computer network and look after computer security for
US diplomats. He was a telecommunications information systems officer. ... he would trace
the beginning of his own disillusionment with government spying to this time. 'Much of what I saw in Geneva really disillusioned me about how my
government functions and what its impact is in the world. I realised that I was part of
something that was doing far more harm than good,' he later
said..... Between 2009 and 2012, he says he found
out just how all-consuming the NSA's surveillance activities are: 'They are intent on
making every conversation and every form of behaviour in the world known to them.' He also
realised that the mechanisms built into the US system and designed to keep the NSA in
check had failed. 'You can't wait around for someone else to act. I had been looking for
leaders, but I realised that leadership is about being the first to act.' He left Japan
for Hawaii in 2012, a whistleblower-in-waiting." |
"The first rendezvous
[with journalists] was in Kowloon's Mira hotel, a chic, modern edifice in the heart of the
tourist district [of Hong Kong].... Over the course of the day, however, [Edward] Snowden
told his story. He had access to tens of thousands of documents taken from NSA and GCHQ's
internal servers. Most were stamped Top Secret. Some were marked Top Secret Strap 1 –
the British higher tier of super-classification for intercept material – or even
Strap 2, which was almost as secret as you could get. No one – apart from a
restricted circle of security officials – had ever seen documents of this kind
before. What he was carrying, Snowden indicated, was the biggest intelligence leak in
history.... As he gave his answers, they began to feel certain Snowden was no fake. And
his reasons for becoming a whistleblower were cogent, too. The NSA could bug 'anyone', from the president downwards, he said. In
theory, the spy agency was supposed to collect only 'signals intelligence' on foreign
targets. In practice this was a joke, Snowden told Greenwald: it was already hoovering up
metadata from millions of Americans. Phone records, email headers, subject lines, seized
without acknowledgment or consent. From this you could construct a complete electronic
narrative of an individual's life: their friends, lovers, joys, sorrows.... What's more,
pretty much all of Silicon Valley was involved with the NSA, Snowden said – Google,
Microsoft, Facebook, even Steve Jobs's Apple. The NSA claimed it had 'direct access' to
the tech giants' servers. It had even put secret back doors into online encryption
software – used to make secure bank payments – weakening the system for
everybody. The spy agencies had hijacked the internet. Snowden told Greenwald he didn't
want to live in a world 'where everything that I say, everything that I do, everyone I
talk to, every expression of love or friendship is recorded'.... The young
technician explained that the spy agency was capable of turning a mobile phone into a
microphone and tracking device... [Guardian journalist] MacAskill asked Snowden, almost as
an afterthought, whether there was a UK role in this mass data collection. It didn't seem
likely to him. MacAskill knew that GCHQ had a longstanding intelligence-sharing
relationship with the US, but he was taken aback by Snowden's vehement response. 'GCHQ is worse than the NSA,' Snowden said. 'It's even more intrusive.'.... Snowden now declared his intention to go public. Poitras recorded
Greenwald interviewing him. She made a 12-minute film and got the video through to [the
Guardian office in] New York..... Five people, including [Guardian editor Alan] Rusbridger
[who had flown in from London], were in the office. The video went up about 3pm local time
on Sunday 9 June. 'It was like a bomb going off,' Rusbridger says. 'There is a silent few
seconds after a bomb explodes when nothing happens.' The TV monitors were put on different
channels; for almost an hour they carried prerecorded Sunday news. Then at 4pm the story
erupted. Each network carried Snowden's image. It was 3am in Hong Kong when the video was
posted online. It was the most-viewed story in the Guardian's history. Snowden had just
become the most hunted man on the planet.'" |
"The Deregulation Bill is coming before the UK House of Commons on Monday, |