|
||
NLPWESSEX, natural law publishing |
nlpwessex.org |
|
|
||
|
||
NLPWESSEX, natural law publishing |
nlpwessex.org |
|
|
||
| SURVEILLANCE SOCIETY NEWS ARCHIVE 2015 | ||
| To Go Direct To Current Surveillance News Reports - Click Here To Go Direct To 2015 Surveillance News Reports - Click Here | ||
Surveillance Society News Reports |
Selected News Extracts 2015 "A
police database that contains details of 22billion vehicle journeys is illegal, Britain's
surveillance tsar has warned. A network of around 8,300 'Big Brother' spy cameras takes
photos of about 30million number plates each day,
with senior officers claiming it is invaluable in preventing and solving serious crimes
and terrorist attacks. The Automatic Number Plate Recognition (ANPR) technology is also
fitted to police vehicles, and is used to find stolen cars and tackle uninsured drivers.
But Tony Porter, the independent surveillance camera commissioner, has questioned the
database's legality. ... Mr Porter's warning is
troubling because police want to extend retention of details to seven years ......Daniel Nesbitt, research director of pressure group Big Brother
Watch, said: 'If there is to be any confidence in this system the questions about its
legality need to be resolved as a matter of urgency. 'It's
now virtually impossible for motorists to travel without having their details stored,
regardless of whether or not they are doing anything wrong.'As this report shows, a proper debate about how this technology is used
and to what extent it invades the privacy of ordinary motorists is long overdue.' Bella
Sankey, director of policy at Liberty, the civil liberties pressure group, added: 'The
slow creep of ANPR use, without public or parliamentary consent, undermines the bedrock
principle of policing by consent – how can we consent when we haven't been
consulted?'" "The
"Big Brother" comprehensive national database system feared by many MPs has been
built behind their backs over the last decade, and even has a name for its most intrusive
component: a central London national phone and internet tapping centre called PRESTON. PRESTON,
which collects about four million intercepted phone calls a year, has also recently been
used to plant malware on iPhones, according to disclosures
by former NSA contractor Edward Snowden. The phones
were then targetted for MI5 "implants" (malware), authorised by a ministerial
warrant. The location and role of the PRESTON tapping centre has never previously been
publicly identified, although published Crown Prosecution Service guidance to senior
prosecutors refers to secret "Preston briefings" which they can be given if
tapping evidence in a case they are prosecuting reveals that a defendant may be
innocent." "Proposed
new surveillance laws are so broad they could allow spies to monitor people's banking and
shopping habits, MPs and peers have been told. The draft Investigatory Powers Bill
includes plans to store the online activity of everyone in the UK. But a lesser-known
clause would let the security services download personal details from "bulk"
databases. Internet privacy campaigner Jim Killock
claimed it could even include things like the Tesco Clubcard scheme. It was revealed
earlier this year that GCHQ is downloading large amounts of personal data, known as
"bulk personal datasets", under old pieces of legislation." "For
the first time, UK intelligence agency GCHQ has admitted that it does hack into computers
and devices to install malware to spy on people both in the UK and abroad. The admission was made before the UK's independent Investigatory Powers
Tribunal, which is hearing complaints by human rights advocacy group Privacy International
and seven internet service providers (ISPs) that GCHQ and the Foreign Office broke privacy
laws to illegally hack into phones, computers and networks around the world." "The
majority of the UK cabinet were never told the security services had been secretly
harvesting data from the phone calls, texts and emails of a huge number of British
citizens since 2005, Nick
Clegg has disclosed. Clegg says he was informed of the practice by a senior Whitehall
official soon after becoming David Cameron’s deputy in 2010, but that“only a
tiny handful” of cabinet ministers were also told – likely to include the home
secretary, the foreign secretary and chancellor. He said he was astonished to learn of the
capability and asked for its necessity to be reviewed. The
former deputy prime minister’s revelation in the Guardian again raises concerns
about the extent to which the security services felt they were entitled to use broadly
drawn legislative powers to carry out intrusive surveillance and keep this information
from democratically elected politicians. The government finally admitted on Wednesday that
the mass surveillance of British citizens began in 2001 after 9/11 and was stepped up in
2005, using powers under national security directions largely hidden in the 1984
Telecommunications Act. It is not known if
government law officers sanctioned the use of the act in this way, but it appears the
intelligence and security committee responsible for parliamentary oversight was not
informed, adding to the impression of a so-called deep state operating outside the
scrutiny of parliament." "Smartphone
users can do "very little" to stop security services getting "total
control" over their devices, US whistleblower Edward Snowden has said. The former
intelligence contractor told the BBC's Panorama that UK intelligence agency GCHQ had the
power to hack into phones without their owners' knowledge. Mr Snowden said GCHQ could gain
access to a handset by sending it an encrypted text message and use it for such things as
taking pictures and listening in. The UK government declined to comment. He did not
suggest that either GCHQ or the NSA were interested in mass-monitoring of citizens'
private communications but said both agencies had invested heavily in technology allowing
them to hack smartphones. "They want to own your phone instead of you," he
said. Mr Snowden talked about GCHQ's "Smurf Suite", a collection of secret
intercept capabilities individually named after the little blue imps of Belgian cartoon
fame. "Dreamy Smurf is the power management tool which means turning your phone on
and off with you knowing," he said. "Nosey Smurf is the 'hot mic' tool. For
example if it's in your pocket, [GCHQ] can turn the microphone on and listen to everything
that's going on around you - even if your phone is switched off because they've got the
other tools for turning it on. "Tracker Smurf is a geo-location tool which allows
[GCHQ] to follow you with a greater precision than you would get from the typical
triangulation of cellphone towers.... Mr Snowden
also referred to a tool known as Paronoid Smurf. "It's a self-protection tool that's
used to armour [GCHQ's] manipulation of your phone. For example, if you wanted to take the
phone in to get it serviced because you saw something strange going on or you suspected
something was wrong, it makes it much more difficult for any technician to realise that
anything's gone amiss.' " "There
was a simple aim at the heart of the top-secret program: Record the website browsing
habits of “every visible user on the Internet.” Before long, billions of digital
records about ordinary people’s online activities were being stored every day. Among
them were details cataloging visits to porn, social media and news websites, search
engines, chat forums, and blogs. The mass surveillance
operation — code-named KARMA POLICE — was launched by British spies
about seven years ago without any public debate or scrutiny. It was just one part of a
giant global Internet spying apparatus built by the United Kingdom’s electronic
eavesdropping agency, Government Communications Headquarters, or GCHQ. The revelations
about the scope of the British agency’s surveillance are contained in documents
obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps
into Internet cables to monitor communications on a vast scale, but many details about
what happens to the data after it has been vacuumed up have remained unclear. Amid a renewed push from the U.K. government for more
surveillance powers, more than two dozen documents being disclosed today by The Intercept reveal for
the first time several major strands of GCHQ’s existing electronic eavesdropping
capabilities. One system builds profiles showing people’s web browsing histories.
Another analyzes instant messenger communications, emails, Skype calls, text messages,
cell phone locations, and social media interactions. Separate programs were built to keep
tabs on “suspicious” Google searches and usage of Google Maps. The surveillance is underpinned by an opaque legal regime that has
authorized GCHQ to sift through huge archives of metadata about the private phone calls,
emails and Internet browsing logs of Brits, Americans, and any other citizens —
all without a court order or judicial warrant. Metadata
reveals information about a communication — such as the sender and recipient of
an email, or the phone numbers someone called and at what time — but not the
written content of the message or the audio of the call. As
of 2012, GCHQ was storing about 50 billion metadata records about online communications
and Web browsing activity every day, with plans in place to boost capacity to 100 billion
daily by the end of that year. The agency, under cover of secrecy, was working to
create what it said would soon be the biggest government surveillance system anywhere in
the world." "A
"Snowden Treaty" designed to counter mass surveillance and protect
whistleblowers around the world has been proposed by Edward Snowden, and three of the
people most closely associated with his leaks: the
documentary film-maker Laura Poitras; David Miranda, who was detained at Heathrow airport,
and is the Brazilian coordinator of the campaign to give asylum to Snowden in Brazil; and
his partner, the journalist Glenn Greenwald." "Microsoft
can track every word you type, or say out loud, while using its latest operating system, Windows
10. Windows 10, which unites the Microsoft ecosystem across
a host of devices including smartphones, tablet and desktops PC, first
rolled out back in July. The Microsoft OS
saw huge adoption within the first few hours of its release – but the free
upgrade process has not been without issues.
Users have reported agonisingly
slow boot-up speeds, wifi
issues and problems
with child safety features following the jump to Windows 10. " "The
NSA is gathering and eavesdropping on practically all communications emerging from
South America, WikiLeaks founder Julian Assange told
Chilean publication El Mostrador Tuesday. 'Ninety-eight percent of Latin American
communications are intercepted by the NSA while passing through the United States to the
world,' Assange said in an interview with the publication. A large focus of Assange was related to the large swaths of
information being collected by American tech companies, specifically Google and Facebook,
and their relationship with the U.S. intelligence communities." "Documents
released by WikiLeaks appear to show the US spied on close aides of German Chancellor
Angela Merkel and other officials for years. The leaks show Merkel's private and
professional opinions on a range of issues. The WikiLeaks report, released on Wednesday,
suggests NSA spying on German officials went on far longer and more widely than previously
thought. The website published a new list of German phone numbers it claims showed the NSA
targeted the officials for surveillance. The list of 56 partially redacted phone numbers
includes those belonging to staff of the former German Chancellor Gerhard Schröder as
well as his predecessor, Helmut Kohl. Also on the list were numbers attributed to former
diplomat Geza Andreas von Geyr, who now works for the Ministry of Defense, and Ronald
Pofalla, who was the former head of Angela Merkel's chancellery between 2009 and 2013.
WikiLeaks also gave a cell phone number it claimed was used by the German leader up until
2013. The website published what it said were three
intercepts by the US National Security Agency (NSA) of conversations involving
Merkel." "Campaign
group Amnesty International has called for an independent inquiry after it was confirmed
it was spied on by British surveillance agency GCHQ. It said it was "outrageous"
that human rights bodies were being monitored. It came after the Investigatory Powers
Tribunal (IPT) informed Amnesty that GCHQ had breached rules by keeping data intercepted
from it for too long - although it had been collected legally. The IPT was revising an earlier ruling that had failed to
name Amnesty. " "The
United States National Security Agency spied on French presidents Jacques Chirac, Nicolas
Sarkozy and Francois Hollande, WikiLeaks said in a press statement published on Tuesday,
citing top secret intelligence reports and technical documents. The revelations were first
reported in French daily Liberation and on news website Mediapart, which said the NSA
spied on the presidents during a period of at least 2006 until May 2012, the month
Hollande took over from Sarkozy. WikiLeaks said the documents derived from directly
targeted NSA surveillance of the communications of Hollande (2012–present), Sarkozy
(2007–2012) and Chirac (1995–2007), as well as French cabinet ministers and the
French ambassador to the U.S. According to the documents, Sarkozy is said to have
considered restarting Israeli-Palestinian peace talks without U.S. involvement and
Hollande feared a Greek euro zone exit back in 2012. These latest revelations regarding
spying among allied Western countries come after it emerged that the NSA had spied on
Germany and Germany's own BND intelligence agency had cooperated with the NSA to spy on
officials and companies elsewhere in Europe.... The
documents include summaries of conversations between French government officials on the
global financial crisis, the future of the European Union, the relationship between
Hollande's administration and Merkel's government, French efforts to determine the make-up
of the executive staff of the United Nations, and a dispute between the French and U.S.
governments over U.S. spying on France. " "The
British government quietly changed anti-hacking laws to exempt GCHQ and other law
enforcement agencies from criminal prosecution, it has been claimed. Details of the change
were revealed at the Investigatory Powers Tribunal which is hearing a challenge to the
legality of computer hacking by UK law enforcement and intelligence agencies. The Government amended the Computer Misuse Act (CMA) two months ago." "Germany's intelligence
service, the Bundesnachrichtendienst (BND), has been helping the NSA
spy on European politicians and companies for years, according to the German news
magazine Der Spiegel. The NSA has been sending lists of 'selectors'—identifying
telephone numbers, e-mail and IP addresses—to the BND, which then provides
related information that it holds in its surveillance databases. According to the German newspaper Die Zeit, the NSA sent selector lists
several times a day, and altogether
800,000 selectors have been requested. .... According
to Der Spiegel, investigators found that the BND had provided information on around 2,000
selectors that were clearly against European and German interests. Not only were European
businesses such as the giant aerospace and
defense company EADS, best-known as the manufacturer of the Airbus planes, targeted,
so were European politicians—including German ones. However, the BND did not inform
the German Chancellor's office, which only found out about the misuse of the selector
request system in March 2015. Instead, the BND simply asked the NSA to make requests that
were fully covered by the anti-terrorism agreement between the two countries. According to Die Zeit, this was because the BND was worried that the NSA
might curtail the flow of its own intelligence data to the German secret services if the
selector scheme became embroiled in controversy. The information about this activity has
finally come out thanks to a long-running committee
of inquiry, set up by the German Bundestag (federal parliament), which has been trying
to get to the bottom of the NSA activities in Germany, and of the BND's involvement in
them. " "While
you’ve likely never heard of companies like Yesware, Bananatag, and Streak, they
almost certainly know a good deal about you. Specifically, they know when you’ve
opened an email sent by one of their clients, where you are, what sort of device
you’re on, and whether you’ve clicked a link, all without your awareness or
consent. That sort of email tracking is more common than you might think. A Chrome
extension called Ugly
Mail shows you who’s guilty of doing it to your inbox. Sonny Tulyaganov, Ugly
Mail’s creator, says he was inspired to write the'tiny script'when a friend told him
about Streak, an email-tracking
service whose Chrome extension has upwards of 300,000 users. Tulyaganov was appalled.'[Streak] allowed users track emails, see when,
where and what device were used to view email,'he recalled to WIRED.'I tried it out and
found it very disturbing, so decided to see who is actually tracking emails in my
inbox.'Once the idea for Ugly Mail was born, it only took a few hours to make it a
reality. The reason it was so easy to create is that the kind of tracking it monitors is
itself a simple procedure." "The
government has admitted that its intelligence services have the broad power to hack
into personal phones, computers, and communications networks, and claims they
are legally justified to hack anyone, anywhere in the world, even if the target is
not a threat to national security nor suspected of any crime. That is the claim of
pressure group Privacy International, following admissions by the government in a court
document published today by the organisation. It follows two court cases initiated last
year against GCHQ that challenge what Privacy International claims is invasive
state-sponsored hacking that was revealed by Edward Snowden. In
the document, the government outlines the broad authority it has given UK intelligence
services to infiltrate personal devices, the internet, and social media websites. In addition, government lawyers claim that while the intelligence
services require authorisation before they are allowed to hack into the computer and
mobile phones of 'intelligence targets', GCHQ is equally permitted to break into computers
anywhere in the world, even if they are not connected to a crime or a threat to national
security. 'Such powers are a massive invasion of
privacy. Hacking is the modern equivalent of entering someone's house, searching
through filing cabinets, diaries and correspondence, and planting devices to permit
constant surveillance in future,' commented the organisation. 'If
mobile devices are involved, the government can obtain historical information,
including every location visited in the past year and the ongoing surveillance will
capture the affected individual wherever they go.' The
court document relies heavily on a draft code on 'equipment interference', according to
the pressure group, which was quietly released to the public on the same day that the
Investigatory Powers Tribunal found that GCHQ had engaged in unlawful information sharing
with the US National Security Agency (NSA). For the
past decade, GCHQ has been involved in state-sponsored hacking without this code being
available to the public, claims Privacy International, which means that they have almost
certainly been acting against the law. Indeed, the
draft code has not even been approved by Parliament yet, and remains open for public
comment until 20 March. Privacy International has been involved in two separate complaints
to the Investigatory Powers Tribunal, one filed on its own that challenges the UK security
services' presumed rights to attack any computer devices in the perceived pursuit of its
work; the other is with seven internet service providers and communications companies,
which calls for GCHQ to be stopped from attacks against communications networks. 'The government has been deep in the hacking business for nearly a
decade, yet they have never once been held accountable for their actions. They have
granted themselves incredible powers to break into the devices we hold near and dear, the
phones and computers that are so integral to our lives,' said Eric King, deputy director
of Privacy International. He continued: 'What's
worse is that without any legitimate legal justification, they think they have the
authority to target anyone they wish, no matter if they are suspected of a crime. This
suspicionless hacking must come to an end and the activities of our intelligence agencies
must be brought under the rule of law.'" "Every
time you email someone overseas, the NSA copies and searches your message. It makes no
difference if you or the person you're communicating with has done anything wrong. If
the NSA believes your message could contain information relating to the foreign affairs of
the United States – because of whom you're talking to, or whom you're talking about
– it may hold on to it for as long as three years and sometimes much longer. A new
ACLU lawsuit filed today challenges this dragnet spying, called 'upstream'
surveillance, on behalf of Wikimedia and a broad coalition of educational, human rights,
legal, and media organizations whose work depends on the privacy of their communications.
The plaintiffs include Amnesty International USA, the National Association of Criminal
Defense Lawyers, and The Nation magazine, and many other organizations whose work is
critical to the functioning of our democracy. .... The
NSA's targets may include journalists, academics, government officials, tech workers,
scientists, and other innocent people who are not connected even remotely with terrorism
or suspected of any wrongdoing. The agency sweeps up Americans' communications with all of
those targets. ..... As former NSA Director Michael Hayden recently put
it, '[L]et me be really clear. NSA doesn't just
listen to bad people. NSA listens to interesting people. People who are communicating
information.'" "GCHQ unlawfully spied on British citizens, a secretive UK court
has ruled. The decision could mean GCHQ will be forced to delete the information it
acquired from people that were spied on. The Investigatory Powers Tribunal (IPT), the
secretive court that was created to keep Britain’s intelligence agencies in check,
said that GCHQ’s access to information intercepted by the NSA breached human rights
laws. The court found that the collection contravened Article 8 of the European Convention
on Human Rights, which protects the right to a private and family life. It also breaches Article 6, which protects the right to a fair trial. The
breaches open up the possibility of anyone who 'reasonably believes' they were spied on to
ask for the information that GCHQ holds on them to be deleted. Citizens can send complaints
to the IPT to find out whether they were spied on and ask for a deletion. Some of the
privacy groups that brought the complaint are beginning proceedings to do so. The IPT has never ruled against any intelligence agency since it
was set up in 2000. It
found in December that GCHQ’s access to the data was lawful from that point
onward, and it re-affirmed that decision today. That ruling is now being appealed. GCHQ
pointed to that decision in its response to today's ruling, which it said it welcomed. A
GCHQ spokesperson said: 'We are pleased that the Court has once again ruled that the
UK’s bulk interception regime is fully lawful. It follows the Court’s clear
rejection of accusations of ‘mass surveillance’ in their December judgment.' But the court said today that historical collection was unlawful
because the rules governing how the UK could access information received from the NSA were
kept secret." "Edward Snowden, the infamous former contractor for the National
Security Agency who leaked thousands of pages of previously classified NSA intelligence
documents, reportedly thinks that Apple's iPhone has 'special software' that authorities
can activate remotely to be able to gather information about the user. 'Edward never uses an iPhone; he's got a simple phone,' said the lawyer of
Snowden, Anatoly Kucherena, in an interview with the Russian media company RIA
Novosti." "GCHQ’s bulk surveillance of electronic communications has scooped up
emails to and from journalists working for some of the US and UK’s largest media
organisations, analysis of documents released by whistleblower Edward Snowden reveals.
Emails from the BBC, Reuters, the Guardian, the New York Times, Le Monde, the Sun, NBC and
the Washington Post were saved by GCHQ and shared on the agency’s intranet as part of
a test exercise by the signals intelligence agency. The disclosure comes as the British
government faces intense pressure to protect the confidential communications of reporters, MPs and lawyers from snooping. The
journalists’ communications were among 70,000 emails harvested in the space of less
than 10 minutes on one day in November 2008 by one of GCHQ’s numerous taps on the
fibre-optic cables that make up the backbone of the internet. The communications, which
were sometimes simple mass-PR emails sent to dozens of journalists but also included
correspondence between reporters and editors discussing stories, were retained by GCHQ and
were available to all cleared staff on the agency intranet. There is nothing to indicate
whether or not the journalists were intentionally targeted. The mails appeared to have been captured and stored as the output of a
then-new tool being used to strip irrelevant data out of the agency’s tapping
process. New evidence from other UK intelligence
documents revealed by Snowden also shows that a GCHQ information security assessment
listed 'investigative journalists' as a threat in a hierarchy alongside terrorists or
hackers. Senior editors and lawyers in the UK have called for the urgent introduction of a
freedom of expression law amid growing concern over safeguards proposed by ministers to
meet concerns over the police use of surveillance powers linked to the Regulation of
Investigatory Powers Act 2000 (Ripa). More than 100 editors, including those from all the
national newspapers, have signed a letter, coordinated by the Society of Editors and Press
Gazette, to the UK prime minister, David Cameron, protesting at snooping on
journalists’ communications. In the wake of
terror attacks on the Charlie Hebdo offices and a Jewish grocer in Paris, Cameron has
renewed calls for further bulk-surveillance powers, such as those which netted these
journalistic communications. .....The GCHQ document
goes on to warn that the fact that billing records 'kept under Ripa are not limited to
warranted targets' must be kept as one of the agency’s most tightly guarded secrets,
at a classification known as 'Top secret strap 2'. That is two levels higher than a normal
top secret classification as it refers to 'HMG [Her Majesty’s government]
relationships with industry that have areas of extreme sensitivity'. Internal security advice shared among the intelligence agencies was often
as preoccupied with the activities of journalists as with more conventional threats such as foreign intelligence, hackers
or criminals. One restricted document intended for those in army intelligence warned that
'journalists
and reporters representing all types of news media represent a potential threat to
security'. It continued: 'Of specific concern are ‘investigative journalists’ who
specialise in defence-related exposés either for profit or what they deem to be of the
public interest. 'All classes of journalists and reporters may try either a formal approach or an informal approach,
possibly with off-duty personnel, in their attempts to gain official information to which
they are not entitled.' It goes on to caution 'such approaches pose a real threat', and
tells staff they must be 'immediately reported' to the chain-of-command. GCHQ information security assessments, meanwhile, routinely list
journalists between 'terrorism' and 'hackers' as 'influencing threat sources', with one
matrix scoring journalists as having a 'capability' score of two out of five, and a
'priority' of three out of five, scoring an overall 'low' information security risk.
Terrorists, listed immediately above investigative journalists on the document, were given
a much higher 'capability' score of four out of five, but a lower 'priority' of two. The matrix concluded terrorists were therefore a 'moderate' information
security risk." "British spooks intercepted emails from US and UK media
organisations and rated ‘investigative journalists’ alongside terrorists and
hackers as potential security threats, secret documents reveal. Internal advice circulated
by intelligence chiefs at the Government spy centre GCHQ claims ‘journalists and
reporters representing all types of news media represent a potential threat to
security’. Intelligence documents leaked by the
fugitive US whistleblower Edward Snowden also show that British security officers scooped
up 70,000 emails in just 10 minutes during one interception exercise in 2008. " "... the [NSA] isn't just trying to achieve mass surveillance of
Internet communication, either. The digital spies of the Five Eyes alliance -- comprised
of the United States, Britain, Canada, Australia and New Zealand -- want more. According
to top secret documents from the archive of NSA whistleblower Edward Snowden seen
exclusively by SPIEGEL, they are planning for wars of the future in which the Internet
will play a critical role, with the aim of being able to use the net to paralyze computer
networks and, by doing so, potentially all the infrastructure they control, including
power and water supplies, factories, airports or the flow of money. During the 20th
century, scientists developed so-called ABC weapons -- atomic, biological and chemical. It
took decades before their deployment could be regulated and, at least partly, outlawed.
New digital weapons have now been developed for the war on the Internet. But there are
almost no international conventions or supervisory authorities for these D weapons, and
the only law that applies is the survival of the fittest. Canadian media theorist Marshall
McLuhan foresaw these developments decades ago. In 1970, he wrote, 'World War III is a
guerrilla information war with no division between military and civilian participation.'
That's precisely the reality that spies are preparing for today.... From a military perspective, surveillance of the Internet is merely
'Phase 0' in the US digital war strategy. ..... In recent years, malware has emerged that
experts have attributed to the NSA and its Five Eyes alliance based on a number of
indicators. They include programs like Stuxnet, used to attack the Iranian nuclear
program. Or Regin, a powerful spyware trojan that created a furor in Germany after it
infected the USB stick of a high-ranking staffer to Chancellor Angela Merkel. Agents also
used Regin in attacks against the European Commission, the EU's executive, and Belgian
telecoms company Belgacom in 2011. Given that spies
can routinely break through just about any security software, virtually all Internet users
are at risk of a data attack.... Intelligence agencies have adopted 'plausible deniability' as
their guiding principle for Internet operations. To ensure their ability to do so, they
seek to make it impossible to trace the author of the attack. It's a stunning approach
with which the digital spies deliberately undermine the very foundations of the rule of
law around the globe. This approach threatens to transform the Internet into a lawless
zone in which superpowers and their secret services operate according to their own whims
with very few ways to hold them accountable for their actions." |
|
| MORE SURVEILLANCE INFORMATION SURVEILLANCE SOCIETY BULLETINS |
||
| Contact | 'We Need A New Way Of Thinking' - Consciousness-Based Education |
|
| 2015 |
"Microsoft Corp said on Wednesday it will begin warning users of
its consumer services including Outlook.com email when the company suspects that a
government has been trying to hack into their accounts. The policy change comes nine days after Reuters asked the company why it
had decided not tell victims of a hacking campaign, discovered in 2011, that had targeted
international leaders of China's Tibetan and Uighur minorities in particular. According to
two former employees of Microsoft, the company's own experts had concluded several years
ago that Chinese authorities had been behind the campaign but the company did not pass on
that information to users of its Hotmail service, which is now called Outlook.com. In its
statement, Microsoft said neither it nor the U.S. government could pinpoint the sources of
the hacking attacks and that they didn't come from a single country. The policy shift at
the world's largest software company follows similar moves since October by Internet
giants Facebook Inc, Twitter Inc and most recently Yahoo Inc. Google Inc pioneered the
practice in 2012 and said it now alerts tens of thousands of users every few months. For
two years, Microsoft has offered alerts about potential security breaches without
specifying the likely suspect." |
"A police database that contains details of 22billion vehicle
journeys is illegal, Britain's surveillance tsar has warned. A network of around 8,300
'Big Brother' spy cameras takes photos of about 30million number plates each day, with senior officers claiming it is invaluable in preventing and solving
serious crimes and terrorist attacks. The Automatic Number Plate Recognition (ANPR)
technology is also fitted to police vehicles, and is used to find stolen cars and tackle
uninsured drivers. But Tony Porter, the independent surveillance camera commissioner, has
questioned the database's legality. In his report, Mr Porter said: 'There is no
statutory authority for the creation of the national ANPR database, its creation was never
agreed by Parliament, and no report on its operation has even been laid before Parliament.
'I have referred these concerns over the legality of ANPR to the Home Office. The
Government may wish to consider the statutory framework on which ANPR is based.' Each time
a vehicle passes an ANPR camera it takes a picture of the number plate and the front of
the car, including the driver's face. Police say this allows them to track criminals
and terrorists in real time as they drive around. But privacy campaigners have long argued
that the system, which allows officers to access the mountains of data for up to two
years, is intrusive. Mr Porter's warning is troubling
because police want to extend retention of details to seven years and DVLA officials could be permitted access to track down road tax
cheats – increasing the risk of data being abused. While there is almost no chance of
the system being shut down, it raises the prospect of motorists – including criminals
– taking legal action against the authorities for breaches of privacy. A source close
to the surveillance camera commissioner said: 'Previous home secretaries have been told
about this but nothing has been done. Civil liberties groups have told us they might take
a test case.' Daniel Nesbitt, research director of pressure group Big Brother Watch, said:
'If there is to be any confidence in this system the questions about its legality need to
be resolved as a matter of urgency. 'It's now
virtually impossible for motorists to travel without having their details stored,
regardless of whether or not they are doing anything wrong.'As this report shows, a proper debate about how this technology is used
and to what extent it invades the privacy of ordinary motorists is long overdue.' Bella
Sankey, director of policy at Liberty, the civil liberties pressure group, added: 'The
slow creep of ANPR use, without public or parliamentary consent, undermines the bedrock
principle of policing by consent – how can we consent when we haven't been
consulted?'" |
"US intelligence
agencies discovered the Israeli government leaked details of the US-Iran nuclear
negotiations and coordinated efforts with Jewish-American groups to undermine the talks,
it is claimed. The NSA - which has faced intense criticism for tapping the phone
conversations of its allies in recent years - reportedly eavesdropped on the
conversations of Israeli Prime Minister Benjamin Netanyahu and his advisers as the talks
progressed. According to the Wall Street Journal, Mr Netanyahu was caught on tape
negotiating with undecided congressman and senators about what it would take to get them
to vote against the nuclear deal agreed in July this year. A US intelligence official
who has reportedly heard the intercepts said Israeli officials were heard asking the
undecided American lawmakers questions such as 'How can we get your vote? What’s it
going to take'.... The NSA and its Israeli
counterpart, Unit 8200, have had close links in the past. The American organisation helped Israeli expand its electronic spying
systems to monitor its regional enemies and the information was then shared with the
US. The two are believed to be still working together at the start of the Obama
administration but revelations by Edward Snowden about American surveillance have raised
tensions in recent years." |
"Bosses at Twitter and other
social media giants face prison if they tip off their customers about spying operations by
police and the security services, under a sweeping new law. Ministers have lost patience
with the tech giants after it emerged that some companies were warning users of requests
for communications data by MI5, MI6 and GCHQ. Bosses
of any technology firm which ignores the Home Office edict to keep operations secret will
face up to two years in prison. It will become an explicit criminal offence to notify the
subject of a surveillance operation that requests for their data have been made, unless
they have permission to do so. This could include tweets, text messages or emails. The
move, included in the controversial draft Investigatory Powers Bill, will further stoke
tensions between the authorities and the communications companies, who officials say have
become less co-operative in the wake of the Edward Snowden leaks. Snowden – an
ex-security official for the US Government, now a fugitive in Russia –revealed
details of mass surveillance operations by British and American agencies. In response,
technology companies said they would take greater steps to protect their customers’
‘privacy’. Antony Walker, deputy chief executive officer at techUK, which
represents communications and internet firms, said: ‘A right of redress by the
citizen depends upon individuals being notified at some appropriate time that requests
have been made to access their data. ‘By preventing companies from notifying
consumers about requests for access to data the Investigatory Powers Bill risks being out
of step with the direction of international law. ‘This will make co-operation between
jurisdictions more difficult and could slow down the sharing of information between
international agencies. So from that perspective preventing companies from being more
transparent about the data requests they receive appears counter-productive.’ Details
of the plan emerged in a note to the Investigatory Powers Bill, which will itself require
communications firms to store details of the public’s use of the internet and apps
for 12 months." |
"The Home Office has refused to make Theresa May’s internet
browsing history public under freedom of information rules, arguing that a request to do
so is “vexatious”. The Independent
requested the Home Secretary’s work browsing history for the last week of October
under the Freedom of Information Act. Under the new Investigatory Powers Bill announced by
Ms May the internet browsing history of everyone in the UK will have to be stored for a
year and police and security services will be able to access the list of visited websites
without any warrant. The Home Secretary described such information, which her department
refused to release in relation to her, as “the modern equivalent of an itemised phone
bill". Itemised phone bills have previously been released under the Freedom of
Information Act. The Freedom of Information Act is in theory supposed to allow for
information held by government bodies to be disclosed, subject to certain conditions. On 4
November the Independent invoked the Act to ask the Home Office to disclose
“‘the web browser history of all web browsers on the Home Secretary Theresa
May's GSI network account for the week beginning Monday 26 October”. The only
reason given by officials against disclosure of Ms May’s browsing history was that
the request for transparency was a “scattergun” approach conducted “without
any idea of what might be revealed”. If the Department had agreed to the request, it
would have shown a list of websites visited on the Home Secretary’s computer account
for a week." |
"Simply using certain encryption services or investigating
alternatives to Microsoft Windows could get you placed under surveillance by the National
Security Agency (NSA) and other intelligence organizations, according to a new report.
Utilizing encryption solutions such as TOR could result in monitoring by the NSA and its
allies, including Britain’s Government Communications Headquarters (GCHQ), according
to the report in the German media outlet Tagesschau. The NSA tracks people with a surveillance tool called XKeyscore.
“Anyone who is determined to be using Tor is also
targeted for long-term surveillance and retention,” Corey Doctorow wrote at the
BoingBoing.net blog. The German outlet said computer experts watched the XKeyscore code
and found that the NSA was constantly monitoring TOR
users on servers at MIT’s Computer Science and Artificial Intelligence Laboratory,
the National Journal reported. TOR is a program that lets a person stay private by routing
communications through computers and servers all over the world. It makes it much harder
for the NSA and other agencies to track. The German report listed a number of seemingly
innocent and harmless behaviors that can trigger NSA surveillance, the National Journal
said. They include: * Going to Linux Journal, a popular forum for the open-sourced
operating system Linux. The NSA apparently regards Linux Journal as an extremist forum.
* Searching for information about Tails, a popular operating system used by human
rights advocates. *Searching for information about any Windows alternative. * Searching
for information about online privacy. - “The better able you are at protecting
your privacy online, the more suspicious you become,” National Journal’s Paul
Tucker wrote."
"There is a huge difference between
legal programs, legitimate spying, legitimate law enforcement - where individuals are
targeted based on a reasonable, individualized suspicion - and these programs of dragnet
mass surveillance that put entire populations under an all-seeing eye and save copies
forever. These programs were never about terrorism: they’re about economic spying,
social control, and diplomatic manipulation. They’re about power." |
"The "Big Brother" comprehensive national database system
feared by many MPs has been built behind their backs over the last decade, and even has a
name for its most intrusive component: a central London national phone and internet
tapping centre called PRESTON. PRESTON,
which collects about four million intercepted phone calls a year, has also recently been
used to plant malware on iPhones, according to disclosures
by former NSA contractor Edward Snowden. The phones
were then targetted for MI5 "implants" (malware), authorised by a ministerial
warrant. The location and role of the PRESTON tapping centre has never previously been
publicly identified, although published Crown Prosecution Service guidance to senior
prosecutors refers to secret "Preston briefings" which they can be given if
tapping evidence in a case they are prosecuting reveals that a defendant may be innocent.
(The guidance also notes that the briefing may be given after exculpatory intercept
evidence has been destroyed.) Located inside the riverside headquarters of the Security
Service, MI5, in Thames House, PRESTON works alongside and links to massive databases
holding telephone call records, internet use records, travel, financial, and other
personal records held by the National Technical Assistance Centre (NTAC), a little known
intelligence support agency set up by Tony Blair's government in a 1999 plan to combat
encryption and provide a national centre for internet surveillance and domestic
codebreaking. Soon after, the Parliamentary Intelligence and Security Committee were told
that the spy agencies would fund NTAC as "a twenty-four hour centre operated on
behalf of all the law enforcement, security and intelligence agencies, providing a central
facility for the complex processing needed to derive intelligence material from lawfully
intercepted computer-to-computer communications and from lawfully seized computer data ...
The NTAC will also support the technical infrastructure for the lawful interception of
communications services including Internet Services." The Home Office then
commissioned and funded a technical plan to establish an interception network for the
domestic internet, and allocated a £25m budget to get NTAC started." |
"Proposed new surveillance laws
are so broad they could allow spies to monitor people's banking and shopping habits, MPs
and peers have been told. The draft Investigatory Powers Bill includes plans to store the
online activity of everyone in the UK. But a lesser-known clause would let the security
services download personal details from "bulk" databases. Internet privacy campaigner Jim Killock claimed it could even include
things like the Tesco Clubcard scheme. It was revealed earlier this year that GCHQ is
downloading large amounts of personal data, known as "bulk personal datasets",
under old pieces of legislation. The Home Office wants to put the practice on a firmer
legal footing and has promised tougher safeguards - including six month warrants issued by
the home secretary - and judicial oversight. But Open Rights Group director Jim Killock,
giving evidence to the Parliamentary committee examining the draft bill, said it appeared
to suggest mass surveillance. "What is a bulk
data set? Which have been accessed and grabbed by GCHQ so far? Who might that apply
to? "Just about every business in the country operates a database with personal
information in it. "This could be Tesco Clubcard information. It could be
Experian's data around people's financial transactions, it could be banking details, it
could certainly be any government database that you care to mention. "It's kind of
hard to see where surveillance ends with bulk data sets."... The draft bill would also give legal cover to the security services to
carry out bulk internet traffic surveillance of the kind uncovered by US whistleblower
Edward Snowden. Shami Chakrabarti, of Liberty, urged the Home Office to come up with a
"new bill" to protect the public that did not have such sweeping powers. She
told the committee: "I think my fundamental objection is too much of this is about
sanctioning mass surveillance of entire populations and departing from traditional
democratic norms of targeted, suspicion-based surveillance for limited purposes, and there
are insufficient safeguards against abuse." |
"Britain’s intelligence agencies could take over
children’s toys and use them to spy on suspects, MPs have been told. Antony
Walker of techUK said that anything connected to the Internet could “in theory”
be hacked into remotely. The draft Investigatory
Powers Bill being considered by MPs would put a legal duty on Internet providers to assist
in hacking devices. With a growing number of toys now including Internet software it would
be possible for Britain’s spooks to hack them, Mr Walker suggested. He urged the Home
Office to define more tightly what "equipment interference” entailed and raised
concerns about “smart toys” during an appearance before the Commons science and
technology committee. "A range of devices that have been in the news recently, in
relation to a hack, are children's toys, that children can interact with," Mr Walker
said. "These are devices that may sit in a child's bedroom but are accessible.
"In theory, the manufacturer of those products could be the subject of a warrant to
enable equipment interference with those devices. "So the potential extent, I think,
is something that needs to be carefully considered." Hello Barbie, My Friend Cayla
and other talking dolls have reportedly been looked at by security experts in recent
months amid concerns. The draft legislation would increase the legal footing
“equipment interference" warrants would be put on and make sure they are
"only used when necessary and proportionate for a legitimate purpose". Mr
Walker, whose organisation represents 850 UK technology firms, added: “When we start
to think, not just about the world today, but the world in five, 10 years' time as the
Internet of Things becomes more real, and more pervasive. "I think it requires
careful thought in terms of where the limits should be." " |
"Director of National Intelligence James Clapper now has a fifth
reason for why he lied to the US Congress over the NSA's spying program: he just plain
forgot it existed. Speaking during a panel discussion last week, Clapper's general counsel
Robert Litt said that Clapper had not had time to prepare an answer to the question posed
to him by Senator Ron Wyden (D-OR) about storing data on Americans. "We were notified
the day before that Sen. Wyden was going to ask this question and the director of national
intelligence did not get a chance to review it," Litt said, according
to The Hill. "He was hit unaware by the
question. After this hearing I went to him and I said, 'Gee, you were wrong on this.' And
it was perfectly clear that he had absolutely forgotten the existence of the 215
program." If that answer sounds incredibly unlikely, it is actually more plausible
than the other four reasons Clapper has given over why he denied the existence of the
NSA's spying programs. Clapper's first response when revelations from Edward Snowden made
it clear he thought Wyden was just talking about the collection of email. That argument
held no water, as a recording of the session clearly showed Wyden asking a very clear
question that made no mention of email. He asked: "Does the NSA collect any type of
data at all on millions or hundreds of millions of Americans?" Clapper's second
response – about a week later – was to impugn Wyden by saying that he had asked
a loaded question. Being interviewed on NBC and asked "Can you explain what you meant
when you said that there was no data collection on millions of Americans?", Clapper
responded: 'In retrospect, I was asked – 'When are you going to stop beating your
wife' kind of question, which is meaning not answerable necessarily by a simple yes or no.
So I responded in what I thought was the most truthful, or least untruthful manner by
saying no.' When that response was widely mocked, a month later Clapper came up with
yet another reason for his entirely incorrect response: it was an honest mistake. "My
response was clearly erroneous – for which I apologize," he said in a letter to
the intelligence committee. "While my staff acknowledged the error to Senator Wyden's
staff soon after the hearing, I can now openly
correct it because the existence of the metadata collection program has been declassified. Mistakes will happen, and when I make one, I correct it." Except of
course, Clapper didn't correct it. After his response to Wyden, the Senator sent a letter
the next day asking him if he wished to change his response: Clapper's office responded
with a clear "No."" |
"For the first time, UK intelligence agency GCHQ has admitted that
it does hack into computers and devices to install malware to spy on people both in the UK
and abroad. The admission was made before the UK's
independent Investigatory Powers Tribunal, which is hearing complaints by human rights
advocacy group Privacy International and seven internet service providers (ISPs) that GCHQ
and the Foreign Office broke privacy laws to illegally hack into phones, computers and
networks around the world. Prior to the case being brought before the tribunal, GCHQ had
refused to confirm or deny whether it had the capability to perform Computer and Network
Exploitation (CNE), in which computers, devices and private networks are accessed without
their owners' knowledge in order to steal information or monitor users' activities by
surreptitiously turning on the device's camera and microphone, or by installing malware.
The GCHQ confirmed that it undertook what it called "persistent operations",
where an implant resided in the targeted computer or device to transmit information for an
extended period of time, or "non-persistent operations" where the spying only
took place during a user's internet session and the implant expired when the internet
session ended. "If CNE were carried out on my mobile you would get all the meetings I
attend by turning on the microphone and access to all my chamber's files, bank details, my
passwords, all my personal material and all my photos," said Ben Jaffey QC, lawyer
for Privacy International and the seven ISPs, according to the Financial Times." [This is] equal
to carrying a bug everywhere I go....In May 2014, Privacy International teamed up with
seven ISPs to sue the government, filing complaints with the IPT that the GCHQ's hacking
activities were not legal under Article 8 of the European Convention on Human Rights.
However, in May 2015, one day before the court case was scheduled to begin, Privacy
International claimed it was told by the UK government that amendments had been made to the Computer Misuse Act in March that
provided a new exception for law enforcement and GCHQ to hack without criminal liability.
Privacy International has argued that there was no public consultation or debate about the
amendments and that all hacking activities performed by GCHQ up until the law change in
March 2015 were still deemed illegal."" |
"The FBI can compel companies and individuals to turn over vast
sums of personal data without a warrant, it has been revealed for the first time. In a
case that's lasted more than a decade, a court filing released
Monday showed how the FBI used secret interpretations to determine the scope of
national security letters (NSLs). Nicholas Merrill,
founder of internet provider Calyx Internet Access, who brought the 11-year-old case to
court after his company was served a national security letter, won the case earlier this
year. National security letters are almost always bundled with a gag order, preventing
Merrill from speaking freely about the letter he received. While it was known that
national security letters can demand customer and user data, it wasn't known exactly
what. In a statement on Monday, Merrill revealed the FBI has used its authority to
force companies and individuals to turn over complete web browsing history; the IP
addresses of everyone a person has corresponded with; online purchase information, and
also cell-site location information, which he said can be used to turn a person's phone
into a "location tracking device." According to a release, the FBI can
also force a company to release postal addresses, email addresses, and "any other
information which [is] considered to be an electronic communication transactional
record." Merrill said in remarks: "The FBI has interpreted its NSL authority to
encompass the websites we read, the web searches we conduct, the people we contact, and
the places we go. This kind of data reveals the most intimate details of our lives,
including our political activities, religious affiliations, private relationships, and
even our private thoughts and beliefs."" |
"OUR Walmart, a
group of employees backed and funded by a union, was asking for more full-time jobs with
higher wages and predictable schedules. Officially they called themselves the Organization United for Respect at Walmart. Walmart publicly
dismissed OUR Walmart as the insignificant creation of the United Food and Commercial
Workers International (UFCW) union. “This is just another union publicity stunt, and
the numbers they are talking about are grossly exaggerated,” David Tovar, a
spokesman, said on CBS Evening News that November. Internally, however, Walmart considered the group enough of a threat that it hired an
intelligence-gathering service from Lockheed Martin, contacted the FBI, staffed up its
labor hotline, ranked stores by labor activity, and kept eyes on employees (and activists)
prominent in the group. During that time, about 100
workers were actively involved in recruiting for OUR Walmart, but employees (or
associates, as they’re called at Walmart) across the company were watched; the
briefest conversations were reported to the “home office,” as Walmart calls its
headquarters in Bentonville, Ark. The details of Walmart’s efforts during the first
year it confronted OUR Walmart are described in more than 1,000 pages of e-mails,
reports, playbooks, charts, and graphs, as well as testimony from its head of labor
relations at the time. The documents were produced in discovery ahead of a National Labor
Relations Board hearing into OUR Walmart’s allegations of retaliation against
employees who joined protests in June 2013. The testimony was given in
January 2015, during the hearing. OUR Walmart, which split from the UFCW in
September, provided the documents to Bloomberg Businessweek after the judge concluded the
case in mid-October. A decision may come in early 2016.... Lockheed Martin is one of the
biggest defense contractors in the world. Although it’s best known for making fighter
jets and missile systems, it also has an information technology division that offers
cybersecurity and data analytics services. Tucked into that is a little-known operation
called LM Wisdom, which has been around since 2011. LM Wisdom is described on
Lockheed’s website as a tool “that monitors and analyzes rapidly changing open
source intelligence data…[that] has the power to incite organized movements, riots
and sway political outcomes.” A brochure depicts yellow tape with “crime
scene” on it, an armored SWAT truck, and a word cloud with “MAFIA” in huge
type. Neither Walmart nor Lockheed would comment on their contract in 2012 and 2013, or
talk specifically about Wisdom. Christian Blandford, a Lockheed analyst, was monitoring
the social media of activists in Bentonville for Walmart’s 2013 shareholder
meeting....Companies have always kept an eye on their
workers. “Everybody from General Motors to the Pacific Railroad had clippings
files,” says Nelson Lichtenstein, a labor historian. “It’s more
sophisticated and efficient now, but it’s the same thing.” Companies can’t
legally put in place rules—or surveillance—that apply only to labor activists. But they can restrict solicitation during work hours or in customer areas
and keep security cameras throughout. And they can set up systems for managers to report
concerns of any kind to headquarters. Employers can send people to open meetings or
rallies or demonstrations. But there’s little labor law regarding companies’
monitoring of their employees’ own social media accounts. “It’s a tricky
issue when you are doing something so openly,” says Wilma Liebman, who was head of
the NLRB from 2009 to 2011. Casey said in her testimony that to her knowledge, Walmart
doesn’t monitor individual workers’ Twitter accounts. While most of the OUR Walmart activists being watched
expected to be, none thought it would be by a company like Lockheed Martin.
“We’re artists, not ISIS,” Rodriguez says....Walmart’s aim isn’t
only to watch 100 or so active members of OUR Walmart, says Kate Bronfenbrenner, a
lecturer at Cornell’s School of Industrial and Labor Relations. “They are
looking for the thousands who are supportive so they can intimidate them.” " |
"Newly revealed documents (not from Snowden this time) show that
the NSA has continued to collect Americans' email traffic en masse using overseas offices
to get around curbs introduced domestically. Shortly after the September 11 attacks,
President Bush authorized the NSA to collect bulk metadata on emails sent by Americans
(although not the content) to help The War Against Terror (TWAT). The surveillance was
authorized by the US Foreign Intelligence Surveillance Court, which mostly rubberstamped
such requests. But the collection was stopped in
2011, the NSA said, although it still monitored emails from Americans to people outside
the nation's borders. However, a Freedom of Information Act lawsuit started by The New
York Times against the NSA's Inspector General has uncovered
documents showing that the NSA carried on collecting domestic data. To get around the
restrictions on operating in the USA, the NSA simply started using its overseas offices to
do the collection. Stations like RAF Menwith Hill in Yorkshire were tasked with collecting
the metadata and feeding it back to the NSA headquarters in Maryland. There's no evidence
that the content of emails was being examined by NSA analysts. Instead the metadata was
used to try and divine linkages between individuals the agency was looking to monitor. But
that metadata is very useful. "We have known for some time that traffic analysis is
more powerful than content analysis," said Dan Geer, chief information security
officer of the CIA's venture capital firm In-Q-Tel. "If I know everything about you,
about who you communicate with, when, where, with what frequency, what length, and at what
location, I know you. The soothing mendacity of proxies from the president that claim that
it is only metadata, is to rely on the profound ignorance of the listener." |
"Edward Snowden has strongly criticised online ads, and advised
Internet users to employ an ad blocker to protect their privacy online. "Everybody should be running adblock software, if only from a safety
perspective. "We’ve seen internet providers inserting their own ads into your
plaintext http connections. As long as service providers are serving ads with active
content that require the use of Javascript to display or that have some kind of active
content like Flash embedded in it, you should be actively trying to block these. Because
if the service provider is not working to protect the sanctity of the relationship between
reader and publisher, you have not just a right but a duty to take every effort to protect
yourself in response," he told online publication The Intercept." |
"A truly
superb New York Times editorial this morning mercilessly shames the
despicable effort by U.S. government officials to shamelessly exploit the Paris attacks to
advance long-standing agendas. Focused on the
public campaign of the CIA to manipulate post-Paris public emotions to demonize transparency and privacy and to
demand still-greater surveillance powers for themselves,
the NYT editors begin: It’s a wretched yet predictable ritual after
each new terrorist attack: Certain politicians and government officials waste no time
exploiting the tragedy for their own ends. The remarks
on Monday by John Brennan, the director of the Central Intelligence Agency, took that
to a new and disgraceful low. The editorial, which you should really read in its entirety,
destroys most of the false, exploitative, blame-shifting claims uttered by U.S.
officials about these issues. Because intelligence agencies knew of the attackers and
received warnings, the NYT editors explain that “the problem in [stopping
the Paris attacks] was not a lack of data, but a failure to act on information
authorities already had.” They point out that the NSA’s mass surveillance powers
to be mildly curbed by post-Snowden reforms are ineffective and, in any event, have
not yet stopped. And most importantly, they document that the leader of this lowly
campaign, CIA chief John Brennan, has been proven to be an inveterate liar: It is hard to
believe anything Mr. Brennan says. Last year, he bluntly denied that
the CIA had illegally hacked into the computers of Senate staff members conducting an
investigation into the agency’s detention and torture programs when, in fact, it
did. In 2011, when he was President Obama’s top counterterrorism adviser, he claimed that
American drone strikes had not killed any civilians, despite clear
evidence that they had. And his boss, James Clapper Jr., the director of national
intelligence, has admitted lying to the Senate on the NSA’s bulk collection of data.
Even putting this lack of credibility aside, it’s not clear what extra powers Mr.
Brennan is seeking. Indeed, what more powers could agencies like the CIA, NSA, MI6 and
GCHQ get? They’ve been given everything they’ve demanded for years, no questions
asked. They have virtually no limits. Of course it’s “not clear what extra
powers Mr. Brennan is seeking.”" |
"Despite the intelligence community’s attempts to blame NSA
whistleblower Edward Snowden for the tragic attacks in Paris on Friday, the NSA’s
mass surveillance programs do not have a track record — before or after Snowden
— of identifying or thwarting actual large-scale terrorist plots. CIA Director John Brennan asserted on Monday
that “many of these terrorist operations are uncovered and thwarted before
they’re able to be carried out,” and lamented the post-Snowden
“handwringing” that has made that job more difficult. But the reason there
haven’t been any large-scale terror attacks by ISIS in the U.S. is not because they
were averted by the intelligence community, but because — with the possible exception
of one that was foiled by local police — none were actually planned. And even before
Snowden, the NSA wasn’t able to provide a single substantiated example of its
surveillance dragnet preventing any domestic attack at all. The recent history of terror
arrests linked to ISIS is documented in an internal unclassified Department of Homeland
Security document
provided to The Intercept via SecureDrop.
It shows that terror arrests between January 2014 and September 2015 linked to ISIS were
largely of people trying to travel abroad, provide material support, or plan attacks that
were essentially imaginary. The document, dated before the Paris attacks, includes a list
and map of 64 U.S. persons arrested on terror-related charges over the course of nine
months who were “assessed to be inspired by the Islamic State of Iraq and the
Levant,” or ISIS. The document assigns six categories to types of arrests made in the
given time period: a foiled attack, “aspirational” planning, “advanced
attack plotting,” failed travel, travel, or material support. The only foiled attack involved
the arrests of Elton Simpson and Nadir Soofi, who traveled from Arizona to Garland, Texas,
bearing assault weapons and body armor, intending to shoot up an art contest involving the
drawing of cartoons of the Prophet Muhammad. Both attackers were shot by local police
officers. There are just five instances of what the report’s authors call
“advanced attack plotting” — two of which involve the FBI providing
assistance in planning or acquiring supplies for an attack before making an arrest.... The
U.S. government initially responded to Snowden’s disclosures in 2013 by suggesting
that he had irreparably damaged valuable, life-saving capabilities. Two weeks after the
media first reported on Snowden’s leaks, President Barack Obama said
that the NSA “averted … at least 50 threats … because of this
information,” gathered through communications collection in the United States and
abroad. Members of Congress and the administration alike subsequently repeated that claim,
upping the total to 54 attacks thwarted. But only 13 of the 54 cases “had some nexus
to the U.S.,” Senator Patrick Leahy, D-Vt., said in a Senate Judiciary Committee
hearing in October 2013. And they were not all terror “plots”; a majority
involved providing “material support,” like money, to foreign terror
organizations. Then-NSA Director Keith Alexander was forced to dial back the rhetoric,
eventually saying only that the intelligence programs “contributed to our
understanding” and “helped enable the disruption of terrorist plots.” The
only incident the NSA has ever disclosed in which its domestic metadata collection program
played a key role involved a San Diego man who was convicted of transferring $8,500
to al Shabaab in Somalia — the terror group responsible for a mass shooting at a mall
in Kenya. And the metadata program is the only one that has been reigned in since the
Snowden disclosures. The three other terrorism cases the NSA cited as warrantless
surveillance success stories were debunked. Either the government could
have gotten a warrant, or it received a tip from British
intelligence, or it was a case of fraud,
not terrorism. A White House panel concluded
in December 2013 that the NSA’s bulk collection of Americans’ telephone
information was “not essential in preventing attacks.” A member of the panel
took it one step further, when he told NBC News that there were no examples of the NSA
stopping “any [terror attacks] that might have been really big” using the
program." |
"Lord Carlile’s call for the investigatory
powers bill to be “fast-tracked”
through parliament in the wake of the tragic events in Paris was as unsurprising as it was
disappointing. It would be far from the first time that laws giving additional powers to
the security services were rushed through on a wave of emotion, without an opportunity for
proper scrutiny and with far-reaching consequences.
Carlile himself has particular form. He was one of those who advised the coalition
government on the ill-fated communications
data bill – dubbed by many the “snooper’s charter” – and
after the killing in Woolwich of Lee
Rigby in 2013 he suggested that the murder
should “haunt” Nick Clegg, while proposing pushing the rejected bill through
parliament once more. He tried the same again after the Charlie
Hebdo shootings in Paris in January 2015, working with three other peers to
add most of the communications data bill as a late-stage amendment to another already
complex bill that had already made most of its way through parliament. Carlile may not be
an entirely disinterested party here: as
revealed in the Guardian two weeks ago, he has earned £400,000 from a consultancy
business that he formed in 2012 with ex-MI6 chief Sir John Scarlett that specialises in
the field. And yet there is very little reason to suggest that the kinds of powers
envisaged in either the old communications data bill or the new investigatory powers bill
would have had any effect on the events concerned. The men convicted of the murder of Lee
Rigby, as well as the Charlie Hebdo shooters, the Boston
bombers, the man behind the Sydney
siege in 2014 – indeed all the major terrorist attacks in the west in recent
years – were already known to the authorities. Though there is very little
information to go on about the latest Paris atrocities, the first man named as being
involved, Omar Ismail Mostefai, had been identified as a “high
priority for radicalisation” by the authorities as long ago as 2010." |
"Britain will increase its intelligence agency staff by 15 percent
and more than double spending on aviation security to defend against Islamist militants
plotting attacks from Syria,
Prime Minister David Cameron said on Monday.....
Speaking in London after attending a meeting of G20 leaders in Turkey where security
issues dominated, Cameron said Britain would demonstrate the same resolve in the fight
against terrorism as it showed against Nazi Germany
in World War Two.... As part of its broader five-year defence and security review, which
is due to be published on Nov. 23, Britain will fund an extra 1,900 officers at its MI5
and MI6 spy agencies and the GCHQ eavesdropping agency, Cameron said. It will also
spend 2 billion pounds by 2020 on boosting the capabilities of British special forces,
including investing in communications equipment, weapons and vehicles." |
"Microsoft is opening new data centers in Germany to allow European
customers to hide their digital information from US government surveillance. The new data centers will open in late 2016 and will be operated by a
subsidiary of Deutsche Telekom. However, The Financial Times notes that customers will
have to pay extra to store their data in this way. "These new data centre regions
will enable customers to use the full power of Microsoft’s cloud in Germany [...] and
ensure that a German company retains control of the data," said Microsoft CEO Satya
Nadella at a press conference in Berlin this morning. The announcement is the latest move
in an ongoing battle between US tech companies and the American government over access to
foreign-held data. Companies like Microsoft and Google want to retain the trust of their
users after the Snowden revelations, but have to contend with American police and spy
agencies who want the same privileged access they've always enjoyed. An ongoing legal
battle between Microsoft and a New York court exemplifies the debate, with the US
authorities demanding access to the emails of an American citizen stored in Ireland and
Microsoft refusing to hand over the data. Although Microsoft could still lose in this
particular case, opening new data centers in Germany will provide a future safeguard
against US demands for data. The company has also announced plans for new data centers in
the UK, but Germany's data-protection laws are some of the most rigorous in Europe. By
placing its data centers under the control of a Germany company as a "data
trustee," Microsoft is forcing any requests for information to be routed through
Germany authorities. It's an approach that's comparable to Apple's use of encryption that
even the iPhone-maker can't break — theoretically taking away the option of
government authorities forcing the company to give up users' data. However, none of these
tactics are ever completely secure. For example, the Snowden revelations showed that
despite Europe's outward desire for data sovereignty, many local spy agencies still
funneled European citizens' data to the NSA. Paul Miller, an analyst for Forrester, notes
that although Microsoft is confident in the security of German servers, this arrangement
has yet to be tested in the courts. "To be sure, we must wait for the first legal
challenge. And the appeal. And the counter-appeal," said Miller." |
"The former spymaster accused of helping Tony Blair to 'sex up' the
case for invading Iraq is now cashing in, it emerged yesterday. Sir John Scarlett is following in his former boss's money-making footsteps
with a series of lucrative posts in the private sector. His ownership of two private
companies – including one co-owned with former terrorism legislation reviewer Lord
Carlile – as well as consultancy roles with six global firms are likely to reap
payments topping £1million a year. Sir John was head of the Joint Intelligence Committee
when the 'dodgy dossier' about weapons of mass destruction made its notorious claim that
we were '45 minutes from doom' in September 2002. Critics say he let Blair's spin-doctor
Alastair Campbell pressure him into 'sexing up' the document to enable the prime minister
to launch the devastating war. Sir John is expected to be heavily criticised when the
much-delayed Chilcot Inquiry finally reports. Last night relatives of soldiers killed in
Iraq expressed their outrage as details emerged of his exploits since leaving public
service. Elsie Manning, 73, who today marks the anniversary of her 34-year-old daughter
Staff Sergeant Sharron Elliott's death in Iraq in 2006, said: 'You get the impression that
all some people can think about is money, money, money. 'It makes me sick to my stomach.
The fact that people like Sir John Scarlett can get away with making so much money just
beggars belief.' After Sir John left the Joint Intelligence Committee in 2004, a year
after the invasion of Iraq, Blair promoted him to 'C' – the head of MI6 – which
many saw as a reward for providing 'evidence' to justify the war. And within weeks of
leaving MI6 in October 2009, Sir John took up his first lucrative post in the private
sector. He had to clear his new roles with the Advisory Committee on Business Appointments
(Acoba) – a watchdog set up to tackle the 'revolving door' between government service
and the private sector. Acoba did not block any of his applications. In January 2010, he
joined the advisory board of accountancy giant PricewaterhouseCoopers. The same month, he
became a paid adviser to Swiss Re, a global reinsurance company. Two months later, he took
a lucrative position as senior adviser to US investment bank Morgan Stanley. In April last
year, he spent three days at the luxury Ritz-Carlton hotel in Hawaii with a hundred of the
bank's top performing brokers.Sir John also joined the board of global intelligence firm
The Chertoff Group, run by former US Homeland Security Secretary Michael Chertoff, in
April 2010. Acoba approved this job on condition that he must not lobby the UK Government
for a year. In December 2010, Acoba approved a position on the board of Times Newspapers,
which publishes the Times and the Sunday Times. And in February 2011, Sir John accepted
consultancy job number six – as an adviser to the multinational oil company Statoil.
This time, Acoba approved the role unconditionally. Speaking to the Independent, which
uncovered the details of Sir John's ventures, a former MI6 official said: 'After 9/11
there was an intelligence free-for-all in the United States. The division between state
and commercial security got shot to hell.' PwC said he was no longer an adviser. None of
the companies would discuss the money they paid him. Sir John also runs a private company,
J&G Consulting Ltd, with his wife Gwenda, which had cash assets of £89,573 in 2012,
according to Companies House records. These had swelled to £683,625 the following year. He has also shared £800,000 from another consultancy, SC
Strategy, which he co-owns with Lord Carlile. The firm has lucrative dealings with the
oil-rich government of Qatar, with whom Mr Blair also enjoys close links. Next month Sir
John will address a conference in Qatar at the Ritz-Carlton hotel." |
"UK ISPs have warned MPs that the costs of implementing the
Investigatory Powers Bill (aka the Snooper's Charter) will be much greater than the £175
million the UK government has allotted for the task, and that broadband bills will need to
rise as a result. Representatives from ISPs and
software companies told the House of Commons Science and Technology Committee that the
legislation greatly underestimates the "sheer quantity" of data generated by
Internet users these days. They
also pointed out that distinguishing content from metadata is a far harder task than
the government seems to assume." |
"Facebook today released its biannual report on government
data requests, indicating that total law enforcement requests are at their highest level
ever at 41,214 for the first half of 2015. That's an
18 percent jump over the back half of last year, according to the social network's publicly available database
that began tracking requests two years ago. The company also said it saw a 112 percent
rise in content it hides due to violations of local laws. Roughly 75 percent of that
restricted content is coming from users in India, where the company's Computer Emergency
Response Team is said to censor
social media posts critical of religion or the state. The US is still far and
away the
global leader in data requests, with 17,577 total requests affecting 26,579
users. In 80 percent of those cases, Facebook handed over some type of data. That rate
fluctuates by roughly 10 percentage points depending on the type of data request. Search
warrants remain the leading request type with 9,737 related requests made by US law
enforcement, followed by subpoenas at 5,375 requests." |
"The UK government's proposed surveillance legislation is
"worse than scary", the United Nations privacy chief has said. Joseph Cannataci,
the UN's special rapporteur on
privacy, attacked the government's draft Investigatory Powers Bill, saying he had never
seen evidence that mass surveillance works. He also
accused MPs of leading an "absolute offensive" and an "orchestrated"
media campaign to distort the debate and take hold of new powers. The comments came during
a live streamed keynote presentation at the Internet Governance Forum in Brazil, where leading experts from around
the world have gathered to discuss the future of the internet and web policy. In a
wide-ranging presentation and discussion panel Cannataci -- who has previously said the UK's
digital surveillance is similar to George Orwell's 1984 -- discussed the state of
surveillance and privacy around the world. Pausing to briefly talk about the Home Office's new bill, but without going
deeply into detail, Cannataci said: "The snoopers' charter in the UK is just a bit
worse than scary, isn't it." He went on to say one of the "misleading comments
that has been made in the UK parliament" is that people shouldn't worry about the
bill, which will see communications service providers be forced to retain everyone's
website data for up to 12 months. Under the bill, as it currently stands, police and surveillance agencies will be able to
access the metadata -- the who, what, when, and where of communications, but not their
content -- of websites suspected criminals have visited, without a warrant. Cannataci
said that the ability to intercept communications now is completely different to when
original surveillance legislation was passed, and that metadata is still
important. "What we're talking about here is the context, and the context is
completely different. When those laws were put into place there was no internet or the
internet was not used in the way it is today," he said. "It is the golden age of
surveillance, they've never had so much data. I am just talking about metadata, I haven't
got down to content." The Home Office has said that authorities will only access
internet connection records on a "case-by-case basis and only where it was
necessary and proportionate" to do so. .... As
part of the documentation with the proposed legislation the government confirmed it had
been using previous laws to collect vast amounts of data about phone calls for the
previous ten years, as reported by the BBC. "I won't
mince my words, but many governments at this moment in time are putting in new laws to
legitimise that which they are already doing or which that they had to do," Cannataci
said, although not directly speaking about the UK at the time. "Mass
surveillance is alive and well but governments are finding ways of making that the law of
the land. "It can be necessary and proportionate to have targeted surveillance and
what I am saying is that there's not yet any evidence which convinces me that it is
necessary and proportionate to have mass surveillance." |
"Apple’s
chief executive has sharply criticised surveillance
powers proposed by the British government, warning that allowing spies a backdoor
route into citizens’ communications could have “very dire consequences”.
Questioning a key element of the draft
investigatory powers bill, which places a new legal obligation on companies to assist
in these operations to bypass encryption, Tim Cook insisted that companies
had to be able to encrypt in order to protect people.
Speaking during a visit to the UK, he said that halting or weakening encryption would hurt
“the good people” rather than those who want to do bad things, who “know
where to go”. “You can just look around and see all the data breaches that are
going on. These things are becoming more frequent,” Cook told the
Daily Telegraph. “They can not only result in privacy breaches but also security
issues. We believe very strongly in end-to-end encryption and no back doors. We don’t
think people want us to read their messages. We don’t feel we have the right to read
their emails. “Any back door is a back door for everyone. Everybody wants to crack
down on terrorists. Everybody wants to be secure. The question is how. Opening a back door
can have very dire consequences.”" |
"A federal judge on Monday
partly blocked the National
Security Agency’s program that systematically collects Americans’ domestic
phone records in bulk just weeks before the agency was scheduled to shut it down and
replace it. The judge said the program was most likely unconstitutional. In a separate case challenging the program, a federal appeals court in
New York on Oct. 30 had declined
to weigh in on the constitutional issues, saying it would be imprudent to interfere
with an orderly transition to a replacement system after Nov. 29. But on Monday, in a 43-page
ruling, Judge Richard J. Leon of United States District Court for the District of
Columbia wrote that the constitutional issues were too important to leave unanswered in
the history of the program, which traces back to after the Sept. 11 terrorist attacks and
came to light in 2013 in leaks by Edward
J. Snowden, the former intelligence contractor. “With the government’s
authority to operate the bulk telephony metadata program quickly coming to an end, this
case is perhaps the last chapter in the judiciary’s evaluation of this particular
program’s compatibility with the Constitution,” he wrote. “It will not,
however, be the last chapter in the ongoing struggle to balance privacy rights and
national security interests under our Constitution in an age of evolving technological
wizardry.” Under the program, the N.S.A. has been collecting Americans’ phone
records in bulk from telephone companies. It uses the data to analyze social links between
people to hunt for hidden associates of terrorism suspects. Judge Leon specifically
ordered the N.S.A. to stop collecting phone records for one customer of Verizon: a lawyer
in California and his law firm. But he did so, he wrote, knowing that the Justice
Department had said that blocking the collection of just one person’s records might
require shutting down the entire program because it would be technically difficult to
screen him out." |
"The former heads of MI6 and GCHQ, Sir John Sawers and Sir Iain Lobban,
are scheduled to appear together at an exclusive dinner at the luxury five-star Gleneagles
estate in Scotland. The pair, who both left public office late last year, will address a
“top-tier” audience of fund managers on the first evening of a high-profile
conference sponsored by hedge funds and investment banks. Sawers is familiar with an audience of this kind, having delivered a
keynote speech at a prestigious hedge fund summit in Paris in April. The former spy chiefs
last
appeared together publicly in November 2013 in the wake of the Edward Snowden
revelations. Sitting side by side before a committee of MPs, they mounted impassioned
defences of the necessity of bulk interception of communications data – controversial
arguments both have continued to make since. Since leaving office, Sawers has taken up two
influential private-sector jobs and followed his predecessors at MI6, Sir John Scarlett and Sir
Richard Dearlove, into a network of small, London-based private intelligence and strategic
consultancy firms that advise top corporate clients, from sovereign wealth funds to
blue-chip companies and foreign governments. Three months after leaving MI6, Sawers became
chairman of Macro Advisory Partners, a small consultancy with ties to former UK government
figures and one of Barack Obama’s top intelligence advisers. He also joined the board
of BP, a move which Lobban has since mirrored by taking on an advisory role to the board
of Shell. Fresh details about Sawers’ activities with Macro Advisory Partners emerged
after the Guardian reported
last week on the former intelligence chiefs’ private-sector appointments.
Scrutiny of his work comes amid a contentious debate in the UK about the powers enjoyed by
the security and intelligence agencies. Sawers became MI6 chief – or “C” as
insiders refer to the top job – in 2009 after receiving a tap on the shoulder from
then foreign secretary, David Miliband. Shortly after departing, the Foreign Office
approved the appointment on the condition Sawers would not draw on “privileged
information” available to him while in office or lobby the government for two years
after retiring from the agency. According to its website, Macro Advisory Partners provides
leading investors, corporations, and governments with “strategic insights”. The
company was co-founded in 2013 by David Claydon, a former adviser to David Miliband and
donor to his unsuccessful leadership campaign in 2010. Miliband, who now lives and works
in New York, sits on the company’s advisory board." |
"The U.S. National Security Agency, seeking to rebut accusations
that it hoards information about vulnerabilities in computer software, thereby leaving
U.S. companies open to cyber attacks, said last week that it tells U.S. technology firms
about the most serious flaws it finds more than 90 percent of the time. The re-assurances
may be misleading, because the NSA often uses the vulnerabilities to make its own
cyber-attacks first, according to current and former U.S. government officials. Only then does NSA disclose them to technology vendors so that they can
fix the problems and ship updated programs to customers, the officials said. At issue is
the U.S. policy on so-called "zero-days," the serious software flaws that are of
great value to both hackers and spies because no one knows about them. The term zero-day
comes from the amount of warning users get to patch their machines protectively; a two-day
flaw is less dangerous because it emerges two days after a patch is available. The
best-known use of zero-days was in Stuxnet, the attack virus developed by the NSA and its
Israeli counterpart to infiltrate the Iranian nuclear program and sabotage centrifuges
that were enriching uranium. Before its discovery in 2010, Stuxnet took advantage of
previously unknown flaws in software from Microsoft Corp and Siemens AG to penetrate the
facilities without triggering security programs. A shadowy but robust market has developed
for the buying and selling of zero-days, and as Reuters reported in May 2013, the NSA is
the world's top buyer of the flaws.[here]
The NSA also discovers flaws through its own cyber programs, using some to break into
computer and telecommunications systems overseas as part of its primary spying
mission." |
"A former head of GCHQ
has become an adviser to Shell and an influential private intelligence company after
retiring from the UK’s electronic eavesdropping agency late last year. Sir Iain
Lobban’s consultancy with Shell and the holding company of Hakluyt & Co, a
boutique corporate intelligence firm established by former MI6 spies, are among a series
of private sector jobs the retired spook has taken up over the past year. Both roles are
expected primarily to involve advising on risk and cybersecurity. Lobban has also accepted advisory positions at companies including C5
Capital, a multimillion-dollar venture capital fund focused on cybersecurity, and
Cambridge Security Initiative, an intelligence consultancy established by Sir Richard
Dearlove, the head of MI6
between 1999 and 2004. According to its website, recent clients of CSi include UK and US
government agencies. The advisory
committee on business appointments (Acoba), which reviews the jobs taken by former
ministers and crown servants after they leave their posts, has approved each of the new
roles on the condition that Lobban does not draw on privileged information available to
him while in office, or advise on business dealings “relating directly to the work of
GCHQ” for 12 months....Details of the latest appointments come after the Guardian
reported this week that Sir John Scarlett, the head of MI6 from 2004 to 2009, and Lord
Carlile, the government’s independent reviewer of national security policy in
Northern Ireland, have each
received £400,000 in dividends from a company they co-own.On Monday, Carlile defended
the security and intelligence agencies and their bulk surveillance powers. His
intervention came ahead of the government’s
publication on Wednesday of controversial draft legislation that permits mass
surveillance activities by intelligence agencies and police." |
"MI5 has secretly been collecting vast amounts of data about UK
phone calls to search for terrorist connections. The programme has been running for 10
years under a law described as "vague" by the government's terror watchdog. It
emerged as Home Secretary Theresa May unveiled a draft bill governing spying on
communications by the authorities. If it becomes
law, the internet activity of everyone in Britain will be held for a year by service
providers. Police and intelligence officers will then be able to see the names of sites
suspected criminals have visited, without a warrant. Mrs May told MPs the proposed powers
were needed to fight crime and terrorism but civil liberties campaigners warned it
represented to a "breathtaking" attack on the internet security of everyone
living in the UK. The draft bill aims to give stronger legal cover to the activities of
MI5, MI6 and the police and introduce judicial oversight of spying operations. It
confirmed that Britain's secret listening post GCHQ has been intercepting internet
messages flowing through Britain in bulk, as revealed by US whistleblower Edward Snowden,
"to acquire the communications of terrorists and serious criminals that would not
otherwise be available". It also revealed that the UK security services have been
allowed to collect large amounts of data on phone calls "to identify subjects of
interest within the UK and overseas", provided they comply with certain safeguards,
set out in a supporting document also published on Wednesday. The
draft bill aims to tighten up these safeguards and put the bulk collection of data on a
firmer legal footing. Taken together with the other measures, the home secretary said the
bill would give the security services a "licence to operate". While GCHQ's
programmes were exposed by Snowden, this one by MI5 remained secret. And in a way that
became increasingly awkward for the security service as the drive towards being more open
about capabilities picked up pace in the wake of the report by David Anderson, the
independent reviewer of terrorism legislation, earlier in the year. There were hints about
the capability in the speech by MI5 boss Andrew Parker the week before the draft
Investigatory Powers Bill was published, when he talked about how "accessing data
quickly, reliably and at scale is as fundamental to our work…..without communications
data for example we could not have detected and disrupted numerous plots over the last
decade. He, like the home secretary, claimed that bulk communications data was used to
"identify, at speed, links between the individuals plotting to bomb the London Stock
Exchange in 2010". Now - along with other capabilities - the bulk data programme is
out in the public and up for debate. In her Commons statement, Mrs May referred to the
1984 Telecommunications Act, under which she said successive governments had allowed
security services to access data from communications companies. The data involved the bulk
records of phone calls - not what was said but the fact that there was contact - with
companies required to hand over domestic phone records. BBC security correspondent Gordon
Corera said the programme, which sources said was used to track terrorists and save lives,
was "so secret that few even in MI5 knew about it, let alone the public. The
government's independent reviewer of terrorism legislation, David Anderson QC, told the
BBC the legislation used to authorise the collection was "so vague that anything
could be done under it". He added: "It wasn't illegal in the sense that it was
outside the law, it was just that the law was so broad and the information was so slight
that nobody knew it was happening". Mr Anderson has called for a
"comprehensive" new law governing surveillance, which the government has
produced with the wide-ranging draft Investigatory Powers Bill." |
"The majority of the UK cabinet were never told the security
services had been secretly harvesting data from the phone calls, texts and emails of a
huge number of British citizens since 2005, Nick Clegg has disclosed. Clegg
says he was informed of the practice by a senior Whitehall official soon after becoming
David Cameron’s deputy in 2010, but that“only a tiny handful” of cabinet
ministers were also told – likely to include the home secretary, the foreign
secretary and chancellor. He said he was astonished to learn of the capability and asked
for its necessity to be reviewed. The
former deputy prime minister’s revelation in the Guardian again raises concerns
about the extent to which the security services felt they were entitled to use broadly
drawn legislative powers to carry out intrusive surveillance and keep this information
from democratically elected politicians. The government finally admitted on Wednesday that
the mass surveillance of British citizens began in 2001 after 9/11 and was stepped up in
2005, using powers under national security directions largely hidden in the 1984
Telecommunications Act. It is not known if
government law officers sanctioned the use of the act in this way, but it appears the
intelligence and security committee responsible for parliamentary oversight was not
informed, adding to the impression of a so-called deep state operating outside the
scrutiny of parliament. Clegg writes: “When I became deputy prime minister in 2010, I
was the leader of a party that had been out of government for 65 years. There were a lot
things that we had to re-learn, and a lot that was surprising and new. “When a senior
official took me aside and told me that the previous government had granted MI5 direct access to records of
millions of phone calls made in the UK – a capability that only a tiny handful of
senior cabinet ministers knew about – I was astonished that such a powerful
capability had not been avowed to the public or to parliament and insisted that its
necessity should be reviewed. “That the existence of this previously top secret
database was finally revealed in parliament by the home secretary on Wednesday, as part of
a comprehensive new investigatory powers bill covering many other previously secret
intelligence capabilities, speaks volumes about how far we’ve come in a few short
years.”" |
"Home Secretary Theresa May on Wednesday (4 November)
revealed that the MI5 and GCHQ have been secretly collecting vast amounts of telephone and
email data of the UK public for the past 15 years. May's revelation came with the
unveiling of the Investigatory Power Bill, which seeks to give police and security
agencies the power to spy on the online communication of suspects. May said she and her
predecessors had secretly approved the bulk collection of communication data in the UK
since 2001. It was earlier thought that most of the data collected were from individuals
based overseas. The data collection has reportedly been going on since the 9/11 attacks in
the US. The programme was "so secret that few even in MI5 knew about it, let alone the public", sources told BBC security
correspondent Gordon Corera. David Anderson QC, who is an independent reviewer of
terrorism legislation, said the programme was "so vague that anything could be done
under it". "It wasn't illegal in the sense that it was outside the law, it was
just that the law was so broad and the information was so slight that nobody knew it was
happening," he added.... Under the bill, internet and communication companies will
need to keep the web browsing history of the public for up to a year, which police and spy
agencies can use when investigating terrorism and criminal cases. The bill will also
require the companies to hack into phones and computers of suspects so as to allow police
and spy agencies to eavesdrop and take remote access of those devices." |
"New surveillance powers will be given to the police and security
services, allowing them to access records tracking every UK citizen’s use of the
internet without any need for any judicial check, under the provisions of the draft
investigatory powers Bill unveiled by home secretary Theresa
May. It includes new powers requiring internet and phone companies to keep
“internet connection records” – tracking every website visited but not
every page – for a maximum of 12 months but will not require a warrant for the police, security services or other bodies to access the data. Local authorities
will be banned from accessing internet records." |
"MI5 and GCHQ have been secretly scooping up the telephone and
email records of the British public for almost 15 years, the Home Secretary has revealed
for the first time. The revelation came as Theresa May unveiled a raft of new snooping
measures in the Investigatory Power Bill, which includes forcing communication companies
in law to help spy agencies snoop on suspects. Other proposals will see the collection of
the public’s web browsing history for up to a year and judges signing off warrants
for intrusive surveillance. The biggest overhaul of
spying laws still face tough opposition but could now make it through parliament and in to
law after Labour appeared to back the measures. In a surprise development, Mrs May
confirmed to MPs that she and her predecessors have quietly approved warrants for bulk
collection of communication data in the UK since 2001. The public avowal of the spy
agencies’ tactic was described by the terrorism laws watchdog as a “significant
and necessary” move. It is the first formal confirmation that there has been mass
collection of phone and email records in the UK, including those of innocent people. The
records are kept for no more than a year and more detailed examination of the content of
calls or messages would only be allowed via a separate warrant. However, it was previously believed that bulk collection of data
only referred to individuals based overseas. The secret authorisations have been happening
since 2001, in the wake of the 9/11 attacks on America and senior Whitehall sources insist
the bulk collection is vital in the fight against terrorism and crime." |
"The total redrafting of UK
surveillance laws was under growing challenge on Wednesday night after an initially broad
political welcome gave way to alarm at the detail of the proposed sweeping powers for
spies. MPs and privacy groups raised concerns about the proposed judicial oversight regime
set out by the home secretary, Theresa
May, who made the dramatic admission that ministers had issued secret directions since
2001 to internet and phone companies to hand over the communications data of British
citizens in bulk.... May said the new system of judicial oversight amounted to a
“double lock” with a minister first issuing an intercept warrant and , within
five days, a judge making a decision on whether to authorise the warrant on the same
basis. David Davis, the prominent Conservative backbencher, said: “This is not the
judge checking the evidence, it is the judge checking the correct procedure has been
followed”, meaning the home secretary “would had to have behaved in an
extraordinary manner for her decision to be blocked by a judge”.... The former Liberal Democrats leader, Nick Clegg, who fought the
Conservatives over surveillance throughout the coalition government, said he feared flaws
lurked under the bonnet of the proposals. They will cost £250m to implement over the next
10 years, including £175m to pay for the internet providers’ storage costs. The
draft bill, regarded as the single most important piece of legislation in this parliament
by the prime minister, is in part a response to revelations by the former NSA contractor Edward Snowden and is designed
to restore public trust in the activities of the intelligence agencies. It will be subject
to more than a year’s parliamentary scrutiny and is likely to be changed
substantially, mainly in the Lords next autumn before it reaches the statute book. The
draft bill proposes that police, security services or other bodies will be given access to
“internet connection records” – the weblog of every website visited –
without the need for a warrant. May told MPs that this power, which is banned in the US
and every European country as too intrusive, was “simply the modern equivalent of an
itemised phone bill” and would not give security services access to the specific
pages of a website viewed. However, Snowden, tweeting
from exile in Russia, countered: “’It’s only communications data’
equals ‘It’s only a comprehensive record of your private activities’.
It’s the activity log of your life.” May’s revelation of secret directions
by successive governments demanding that internet and phone companies hand over
communications data in bulk to the security services caused a surprise." |
"Lord Carlile, the
former independent reviewer of terrorism legislation who this week mounted a spirited
defence of the intelligence services, has received £400,000 from a private consultancy he
co-owns with a former head of MI6.
SC Strategy Ltd, the company that Carlile established
with Sir John Scarlett, who ran MI6 from 2004 to 2009,
is described as offering clients strategic advice on UK policy and regulation and has paid
out dividends to the pair totalling £800,000 over the past three years, according to
accounts filed with Companies House. On Monday, Carlile made a pointed intervention in the
debate over the extent of powers enjoyed by the security and intelligence agencies in
advance of the government’s publication of the draft
investigatory powers bill on Wednesday. Speaking on BBC Radio 4’s Today
programme, Carlile
called for an end to the 'demonisation' of the security services. The peer also
defended politicians’ powers to authorise interception warrants. “I cannot think
of any example – certainly in the period since 2001 when I’ve been intimately
involved in this kind of work – in which I have seen a politician make a decision
that was against the interest of the privacy of the public.' Carlile
and Scarlett’s only known client is Qatar’s sovereign wealth fund." |
"Lord Carlile, the former independent reviewer of terrorism
legislation who this week mounted a spirited defence of the intelligence services, has
received £400,000 from a private consultancy he co-owns with a former head of MI6. SC Strategy Ltd, the company that Carlile established with Sir John Scarlett, who ran MI6
from 2004 to 2009, is described as offering clients strategic advice on UK policy and
regulation and has paid out dividends to the pair totalling £800,000 over the past three
years, according to accounts filed with Companies House. On Monday, Carlile made a pointed
intervention in the debate over the extent of powers enjoyed by the security and
intelligence agencies in advance of the government’s publication of the draft
investigatory powers bill on Wednesday. Speaking on BBC Radio 4’s Today
programme, Carlile
called for an end to the “demonisation” of the security services. The peer
also defended politicians’ powers to authorise interception warrants. “I cannot
think of any example – certainly in the period since 2001 when I’ve been
intimately involved in this kind of work – in which I have seen a politician make a
decision that was against the interest of the privacy of the public.” Carlile and Scarlett’s only known client is Qatar’s
sovereign wealth fund." |
"Police are to get the power to view the web browsing history of
everyone in the country. Home Secretary Theresa May will announce the plans when she
introduces the Government's new surveillance bill in the House of Commons on Wednesday.
The Telegraph understands the new powers for the police will form part of the new bill. It
would make it a legal requirement for communications companies to retain all the web
browsing history of customers for 12 months in case the spy agencies or police need to
access them. Police
would be able to access specific web addresses visited by customers. The new powers would allow the police to seize details of the website and
searches being made by people they wanted to investigate. They will still need to apply
for judicial approval to be able to access the content of the websites." |
"Edward Snowden on Thursday hailed as “extraordinary” and a “game-changer” a vote in the
European parliament calling on member states to prevent his extradition to the US. The parliament voted 285-281 to pass a largely symbolic measure, a
resolution that called on European
Union member states to “drop any criminal charges against Edward Snowden, grant
him protection and consequently prevent extradition or rendition by third parties, in
recognition of his status as whistleblower and international human rights defender”.
Snowden has lived in exile in Russia since revealing secret US government surveillance
programs in June 2013. The European parliament is a directly elected legislature with
members from all 28 EU member states. Its legislative authority is limited. The resolution
amounted to a request that member states reject attempts by the US to arrest and prosecute
Snowden. “This is not a blow against the US government, but an open hand extended by
friends,” Snowden tweeted. “It is a chance to move forward.” The US
government did not, however, seem to see it that way. “Our position has not
changed,” Ned Price, spokesperson for the National Security Council, said in a
statement emailed to the Guardian. “Mr Snowden is accused of leaking classified
information and faces felony charges here in the United States. As such, he should be
returned to the US as soon as possible, where he will be accorded full due
process.”While the US has promised Snowden due process, it has charged him under the
Espionage Act of 1917, which forbids the disclosure of state secrets and which would not
allow Snowden to argue in his defense that his disclosures had a public benefit." |
"The Internal Revenue Service is the latest in a growing list of US
federal agencies known to have possessed the sophisticated cellphone dragnet equipment
known as Stingray, according to documents obtained by the Guardian. Invoices obtained
following a request under the Freedom of Information Act show purchases made in 2009
and 2012 by the federal tax agency with Harris Corporation, one of a number of companies
that manufacture the devices. Privacy advocates said the revelation “shows the wide
proliferation of this very invasive surveillance technology”. The 2009 IRS/Harris Corp invoice is mostly redacted under section B(4) of
the Freedom of Information Act, which is intended to protect trade secrets and privileged
information. However, an invoice from 2012, which is also partially redacted, reports that
the agency spent $65,652 on upgrading a Stingray II to a HailStorm, a more powerful
version of the same device, as well as $6,000 on training from Harris Corporation.
Stingrays are the best-known example of a type of device called an IMSI-catcher, also
known as “cell-site simulators”. About the size of a briefcase, they work by
pretending to be cellphone towers in order to strip metadata and in some cases even
content from phones which connect to them. Despite their extensive capabilities, they
require only a low-level court order called a PEN register, also known as a “trap and
trace”, to grant permission for their use. Immense secrecy has so far surrounded
these devices, but a picture is slowly emerging which shows widespread use. Various
revelations by the American
Civil Liberties Union and news outlets including the Guardian had shown that at least
12 federal agencies are already known to have these devices, including the National
Security Agency and the Federal Bureau of Investigation. The IRS makes 13." |
"Daniel Craig has told Sky News he thinks there is "too much
surveillance and too much information gathering" in the world. The Bond star was talking as he promoted the 24th film in the franchise
Spectre. The film follows the secret agent as he confronts enemies from his past,
including his nemesis Franz Oberhauster, played by double Oscar winner Christoph Waltz.
007 is no stranger to using surveillance methods himself and in Spectre a new high-tech
intelligence agency is being created in London, which will make employees like Bond
superfluous. Director Sam Mendes said he shared concerns about the increasing creep of
surveillance into private lives. "I feel like there’s a great danger that we
lose all privacy," he said. "It’s of course a very good argument the
Government and MI5 make about a need for surveillance in terms of the prevention of
terrorism. However, it doesn’t mean that everybody should be treated equally and
everyone should, be equally guilty or should be treated as if they’re guilty.
"There was a time when it was presumably accepted MI6 were the good guys but now the
public is ambivalent about surveillance and about secret service and about the security
services generally both national and international.'" |
"A federal district court has dismissed a lawsuit brought by the
American Civil Liberties Union against the National Security Agency. Lawyers for the
plaintiffs argued that the surveillance program was innately harmful, despite the
NSA’s silence on it in court. “The NSA’s mass surveillance violates our
clients’ constitutional rights to privacy, freedom of speech, and freedom of
association, and it poses a grave threat to a free internet and a free society,” said
Ashley Gorski, a staff attorney with the ACLU national security project. “The private communications of innocent people don’t belong in
government hands.” The judge in the case, TS Ellis III, said the suit relied on
“the subjective fear of surveillance”, because the NSA did not admit to having
collected any of the information it was alleged to have collected by the ACLU. Ellis
admitted that acquiring enough information to prove illegal spying was difficult whether
or not illegal spying had occurred, but said that difficulty was a feature, not a bug.
“Establishing standing to challenge section 702 in a civil case is plainly
difficult,” he wrote. “But such difficulty comes with the territory.”
“The court has wrongly insulated the NSA’s spying from meaningful judicial
scrutiny,” said ACLU National Security Project staff attorney Patrick Toomey, who
argued the case." |
"Britain’s spies
are about to be given huge new powers that will allow them to look in on people’s
phones and computers, according to reports. A revived and re-named version of the
hugely-controversial “Snoopers’
Charter” is set to give spies a “dizzying” range of surveillance and
hacking powers, The Times has reported. The new legislation will be introduced next month,
the paper reported. The new powers will please MI5, MI6 and GCHQ, which
have said in the past that they lack the powers to be able to protect the country against
threats. But they are likely to anger privacy campaigners, many of whom united to
defeat the Snoopers’ Charter when it was first presented. The new powers could
include giving Britain’s spying agencies the power to take over a phone remotely and
access all of the documents – including text messages and emails – and photos
that are stored on it. They will then be able to install software that will allow them to
look in on the messages and data of people at any time, according to reports. Earlier this
year, a major report recommended that the UK should completely overhaul the law that
regulates the powers that spies have to intercept people’s communications. The new legislation will partly respond to those problems with the
current regulation – but will also introduce huge new powers allowing people to spy
on targets with little restriction, according to the reports. The new powers will also partly work to bring back some of the powers of
the Snoopers’ Charter. That law was defeated by the Liberal Democrats during the last
government, but the
Conservatives indicated almost as soon as they were elected that they would look to revive
it." |
"New laws will allow
spies in Britain to hack people’s smartphones and computers, according to reports.
The investigatory powers bill, due to be outlined next month, will give greater powers to
MI5, MI6 and GCHQ, permitting them to take control over electronic devices and access all
documents and photographs. The news comes days after David Cameron announced a
counter-terrorism strategy including a review into whether Islamist extremists have
infiltrated the NHS, the civil service, local authorities and the country’s education
system. There has been a rise in the number of criminals using complex data between
devices to hide illegal activity. But with the new
law in place, intelligence agents will be able to access anyone’s phone, install
software and track potential criminals. The investigatory powers bill will sharpen and
simplify the current rules surrounding the interception, surveillance and monitoring of
electronic communications, the Times reported. After obtaining a warrant from the home
secretary, agents will be able to interrupt communications as they happen, take
photographs of targets and listen in on phone conversations. Privacy campaigners are
likely to oppose the new bill which is expected in coming weeks." |
"Facebook will explicitly notify users it believes have been
targeted by an attacker suspected of working on behalf of a nation state, the
company has announced. Users whose accounts are
targeted or compromised by state-sponsored hackers will now receive a notification upon
login, warning them that “we believe your Facebook account and your other
online accounts may be the target of attacks from state-sponsored actors”. The user
is then prompted to turn on Facebook’s “login approvals”, a form of
two-factor authorisation which texts a login code to the user when they (or anyone else)
tries to access the app using their phone. The company’s chief security officer, Alex
Stamos, explains that the warning is necessary because government-sponsored attacks
“tend to be more advanced and dangerous than others”, necessitating active
defence on the part of the target. He also emphasised that being the target of such an
attack may indicate that other devices have already been compromised. “Ideally,
people who see this message should take care to rebuild or replace [their computers or
mobile devices] if possible.” Stamos declined to explain how Facebook identifies
attacks from nation states as opposed to conventional malicious actors, citing the need
“to protect the integrity of our methods and processes”. But specialists in
“advanced persistent threats”, such as large criminal enterprises and
nation-states, say there are a number of tell-tale signs that can point towards such an
actor." |
"Facebook already warns you if someone tries to access your account
without your permission but it is now taking this a step further. From today, if it
believes your account has been targeted by someone it thinks works for a 'nation-state',
it will show a warning message. In this message, Facebook describes these attackers
as 'state-sponsored actors', although it has not specified exactly what this means or how
it monitors such activity. The announcement was
made by Facebook's chief security officer Alex Stamos in a blog
post. Mr Stamos explained: 'The security of people's accounts is paramount at
Facebook, which is why we constantly monitor for potentially malicious activity and offer
many options to proactively secure your account. 'Starting today, we will notify you
if we believe your account has been targeted or compromised by an attacker suspected of
working on behalf of a nation-state.'" |
"MPs have no protection from having their communications read by UK
security agencies, a tribunal has said. Green Party politicians Caroline Lucas MP and
Baroness Jenny Jones argued a long-standing doctrine protecting MPs' communications was
being breached. But in a landmark decision the Investigatory Powers Tribunal said the
so-called "Wilson Doctrine" was no bar to the incidental collection of data. Ms Lucas said the decision was a "body blow" for democracy. The
Wilson Doctrine came into being in 1966 when the then Labour prime minister, Harold
Wilson, gave assurances to MPs that their phone calls would not be intercepted without him
knowing - and that he would tell Parliament of any change in that policy. The doctrine has
been repeatedly reaffirmed, including by Prime Minister David Cameron. However, Ms Lucas,
Baroness Jones and former MP George Galloway argued that GCHQ was acting outside the
long-standing doctrine by bulk collecting communications data from the internet, which
would inevitably include correspondence between parliamentarians and their
constituents." |
"Max Schrems, a
28-year-old Austrian law student, became an international sensation last week, when years
of campaigning ended with him forcing Europe’s top court to deal a huge blow to America’s
technology industry. The European Court of
Justice issued a bombshell ruling, declaring invalid a treaty that gave thousands of US
companies the freedom to move Europeans’ data across the Atlantic. “Safe
Harbour”, a pact signed in 2000 between the European Commission, the US and
Switzerland, allowed more than 4,400 American businesses operating in Europe including
Facebook, Google and Apple to effectively bypass rules on moving data abroad. In scrapping Safe Harbour, the European Court of Justice threatened to
spark a diplomatic row. The White House said it was “deeply disappointed” with the
decision. One US senator accused the European court of “nothing less than
protectionism… that will wreak havoc on businesses on both sides of the
Atlantic”. Several tech companies said they would have to make changes to ensure they
could continue to operate." |
"Smartphone users can do "very little" to stop security
services getting "total control" over their devices, US whistleblower Edward
Snowden has said. The former intelligence contractor told the BBC's Panorama that UK
intelligence agency GCHQ had the power to hack into phones without their owners'
knowledge. Mr Snowden said GCHQ could gain access to a handset by sending it an encrypted
text message and use it for such things as taking pictures and listening in. The UK
government declined to comment. He did not suggest that either GCHQ or the NSA were
interested in mass-monitoring of citizens' private communications but said both agencies
had invested heavily in technology allowing them to hack smartphones. "They want to
own your phone instead of you," he said. Mr Snowden talked about GCHQ's
"Smurf Suite", a collection of secret intercept capabilities individually named
after the little blue imps of Belgian cartoon fame. "Dreamy Smurf is the power
management tool which means turning your phone on and off with you knowing," he said.
"Nosey Smurf is the 'hot mic' tool. For example if it's in your pocket, [GCHQ] can
turn the microphone on and listen to everything that's going on around you - even if your
phone is switched off because they've got the other tools for turning it on. "Tracker
Smurf is a geo-location tool which allows [GCHQ] to follow you with a greater precision
than you would get from the typical triangulation of cellphone towers.... Mr Snowden also referred to a tool known as Paronoid Smurf.
"It's a self-protection tool that's used to armour [GCHQ's] manipulation of your
phone. For example, if you wanted to take the phone in to get it serviced because you saw
something strange going on or you suspected something was wrong, it makes it much more
difficult for any technician to realise that anything's gone amiss." Once GCHQ had
gained access to a user's handset, Mr Snowden said the agency would be able to see
"who you call, what you've texted, the things you've browsed, the list of your
contacts, the places you've been, the wireless networks that your phone is associated
with. "And they can do much more. They can photograph you". Mr Snowden also
explained that the SMS message sent by the agency to gain access to the phone would pass
unnoticed by the handset's owner. "It's called an 'exploit'," he said.
"That's a specially crafted message that's texted to your number like any other text
message but when it arrives at your phone it's hidden from you. It doesn't display. You
paid for it [the phone] but whoever controls the software owns the phone." |
"The British government has been running a web surveillance program
far more intrusive than anything attempted by the NSA, according to Snowden documents published
this morning at The Intercept. Dubbed "Karma Police," the GCHQ program pulls
web data from intercontinental data cables landing at Cornwall, giving it ongoing access
to as much as a quarter of global web traffic since 2009. The data collected is officially classified as metadata, but it contains
full records of sites visited, usernames, and even passwords. Unlike equivalent NSA
programs, which require FISA court approval of specific queries to the database, there
appears to be no meaningful judicial oversight of Karma Police, giving the GCHQ a free
hand in picking through the data. In one example, the agency targeted any internet radio
station broadcasting spoken recitations from the Quran, then used the Karma Police
database to track down more information on the station's listeners. By
exploiting tracking cookie networks, the program was able to find other accounts held
by the listeners on Skype, Yahoo, and Facebook, enabling even broader tracking." |
"There was a simple aim at the heart of the top-secret program:
Record the website browsing habits of “every visible user on the Internet.”
Before long, billions of digital records about ordinary people’s online activities
were being stored every day. Among them were details cataloging visits to porn, social
media and news websites, search engines, chat forums, and blogs. The mass surveillance
operation — code-named KARMA POLICE — was launched by British spies
about seven years ago without any public debate or scrutiny. It was just one part of a
giant global Internet spying apparatus built by the United Kingdom’s electronic
eavesdropping agency, Government Communications Headquarters, or GCHQ. The revelations
about the scope of the British agency’s surveillance are contained in documents
obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps
into Internet cables to monitor communications on a vast scale, but many details about
what happens to the data after it has been vacuumed up have remained unclear. Amid a renewed push from the U.K. government for more
surveillance powers, more than two dozen documents being disclosed today by The Intercept reveal for
the first time several major strands of GCHQ’s existing electronic eavesdropping
capabilities. One system builds profiles showing people’s web browsing histories.
Another analyzes instant messenger communications, emails, Skype calls, text messages,
cell phone locations, and social media interactions. Separate programs were built to keep
tabs on “suspicious” Google searches and usage of Google Maps. The surveillance is underpinned by an opaque legal regime that has
authorized GCHQ to sift through huge archives of metadata about the private phone calls,
emails and Internet browsing logs of Brits, Americans, and any other citizens —
all without a court order or judicial warrant. Metadata
reveals information about a communication — such as the sender and recipient of
an email, or the phone numbers someone called and at what time — but not the
written content of the message or the audio of the call. As
of 2012, GCHQ was storing about 50 billion metadata records about online communications
and Web browsing activity every day, with plans in place to boost capacity to 100 billion
daily by the end of that year. The agency, under cover of secrecy, was working to
create what it said would soon be the biggest government surveillance system anywhere in
the world." |
"A "Snowden Treaty" designed to counter mass surveillance
and protect whistleblowers around the world has been proposed by Edward Snowden, and three
of the people most closely associated with his leaks:
the documentary film-maker Laura Poitras; David Miranda, who was detained at Heathrow
airport, and is the Brazilian coordinator of the campaign to give asylum to Snowden in
Brazil; and his partner, the journalist Glenn Greenwald. The "International Treaty on
the Right to Privacy, Protection Against Improper Surveillance and Protection of
Whistleblowers," to give it its full title, was launched yesterday in New York by Miranda, with
Snowden and Greenwald speaking via video. The treaty's proponents say that Snowden's
leaks, and the treatment he received as a whistleblower, have "revealed the need for
greater rights protections for citizens globally." In order to achieve that, they
write: "We are campaigning for governments to sign up to the Snowden Treaty, a
proposed treaty that would curtail mass surveillance and protect the rights of
whistleblowers."" |
"The Government's intelligence-gathering agency created a mass
surveillance project designed to map every single user on the internet, according to newly
leaked documents. Spy chiefs at Government Communications Headquarters (GCHQ) allegedly
set up the tracking mechanism in 2007 - which they named Karma Police in an apparent
reference to the hit Radiohead song. According to The
Intercept website - which has been passed documents by NSA leaker Edward Snowden
- the service was used to spy on internet radio listeners as an example of its
capabilities." |
"The NSA will probably spy on foreign leaders like Iranian
President Hassan
Rouhani during the UN General Assembly in New York this week, applying a "full
court press" that includes intercepting cellphone calls and bugging hotel rooms,
former intelligence analysts told NBC News. A top-secret report on a previous NSA
operation against Iran's U.N. delegation illustrates just how extensive this electronic
surveillance can be. The document, obtained by NBC
News, shows the U.S. bugged the hotel rooms and phones of then-Iranian President Mahmoud Ahmadinejad
and his entire 143-member delegation in 2007, listening to thousands of conversations and
learning the "social networks" of Iran's leadership. The three-page document,
called "Tips for a Successful Quick Reaction Capability," recounted what
happened when the NSA was asked by the Bush administration for blanket surveillance of
Ahmadinejad's September 2007 trip to the UNGA. Ahmadinejad was then in his first term as
president but already notorious in the West for questioning the Holocaust and saying
Israel should be wiped off the map." |
"Almost half of Americans, 49%, say the federal government poses
"an immediate threat to the rights and freedoms of ordinary citizens," similar
to what was found in previous surveys conducted over the last five years. When this question was first asked in 2003, less than a third of
Americans held this attitude." |
"President George W.
Bush sought to retroactively authorize portions of the National Security Agency’s
post-9/11 surveillance and data collection program after a now-famous incident in 2004 in
which his attorney general refused to certify the program as lawful from his hospital bed,
according to newly declassified portions of a government investigation. Mr. Bush’s
effort to salvage the surveillance program without changes did not satisfy top Justice
Department officials, who threatened to resign. But the newly
disclosed passages of a report by inspectors general of six agencies suggest that the
confrontation in the hospital room came after the Justice Department identified several
problems, including a “gap” between what
Mr. Bush had authorized the N.S.A. to collect and what the agency was collecting in
practice. A leak of government documents in 2013
revealed that the fight had been partly about the legality of the N.S.A.’s collection
of data about Americans’ emails in bulk. But the
latest disclosure shows that the Justice Department had additional concerns. For example,
Mr. Bush’s secret directives to the agency, starting in October 2001, said the N.S.A.
could “acquire” phone and email metadata — logs showing who contacted whom,
but not what they said — if at least one end was foreign or if a specific message
were linked to terrorism. But the agency was apparently gathering purely domestic metadata
in bulk, too, the Justice Department found. Mr.
Bush, in response to the discrepancy identified by the Justice Department, declared that
the N.S.A. was authorized to systematically collect the metadata of purely domestic
communications, too, so long as analysts only looked at records linked to terrorism. He
also declared that the agency had been authorized to do that all along. The authorization
“gap” was among the disclosures in newly declassified passages of a 746-page report
by six agencies’ inspectors general about the N.S.A. program, code-named Stellarwind.
The report also shows that after March 2004, the Justice Department persuaded the White
House to limit the program to investigations of Al Qaeda, rather than allowing it to be
used for other types of international counterterrorism investigations, to make the
argument that the program was legally justified as a wartime measure." |
"Former US intelligence
contractor Edward Snowden’s revelations rocked the world. According to his detailed
reports, the US had launched massive spying programs and was scrutinizing the
communications of American citizens in a manner which could only be described as extreme
and intense. The US’s reaction was swift and to the point. “Nobody is listening
to your telephone calls,” President Obama said when asked about the NSA. As quoted in
The Guardian, Obama went on to say that surveillance programs were “fully overseen
not just by Congress but by the Fisa court, a court specially put together to evaluate
classified programs to make sure that the executive branch, or government generally, is
not abusing them”. However, it appears that Snowden may have missed a pivotal part of
the US surveillance program. And in stating that the
“nobody” is not listening to our calls, President Obama may have been fudging
quite a bit. In fact, Great Britain maintains a “listening post” at NSA HQ. The
laws restricting live wiretaps do not apply to foreign countries and thus this listening
post is not subject to US law. In other words, the restrictions upon wiretaps, etc. do not
apply to the British listening post. So when Great Britain hands over the recordings to
the NSA, technically speaking, a law is not being broken and technically speaking, the US
is not eavesdropping on our each and every call. It is Great Britain which is doing the
eavesdropping and turning over these records to US intelligence. According to John Loftus, formerly an attorney with the Department of
Justice and author of a number of books concerning US intelligence activities, back in the
late seventies the USDOJ issued a memorandum proposing an amendment to FISA. Loftus, who
recalls seeing the memo, stated in conversation this week that the DOJ proposed inserting
the words “by the NSA” into the FISA law so the scope of the law would only
restrict surveillance by the NSA, not by the British. Any
subsequent sharing of the data culled through the listening posts was strictly outside the
arena of FISA. Obama was less than forthcoming when he insisted that “What I can say
unequivocally is that if you are a US person, the NSA cannot listen to your telephone
calls, and the NSA cannot target your emails … and have not.” According to Loftus, the NSA is indeed listening as Great Britain
is turning over the surveillance records en masse to that agency. Loftus states that the
arrangement is reciprocal, with the US maintaining a parallel listening post in Great
Britain. In an interview this past week, Loftus told this reporter that he believes that
Snowden simply did not know about the arrangement between Britain and the US. As a
contractor, said Loftus, Snowden would not have had access to this information and thus
his detailed reports on the extent of US spying, including such programs as XKeyscore,
which analyzes internet data based on global demographics, and PRISM, under which the
telecommunications companies, such as Google, Facebook, et al, are mandated to collect our
communications, missed the critical issue of the FISA loophole.... in light of the reciprocal agreement between the US and Great
Britain, the entire hoopla over NSA surveillance, Section 215, FISA courts and the USA
Freedom Act could be seen as a giant smokescreen. If Great Britain is collecting our real
time phone conversations and turning them over to the NSA, outside the realm or reach of
the above stated laws, then all this posturing over the privacy rights of US citizens and
surveillance laws expiring and being resurrected doesn’t amount to a hill of CDs. The
NSA was contacted with a query about the GB listening post, as was British intelligence. A
GCHQ spokesperson stated: “Our response is that we do not comment on intelligence
matters.” The NSA also declined to comment." |
"Much more significant
than the hysteria about 'mass surveillance' that accompanied Snowden was the realisation
that governments had no clear idea of what their spies were up to." |
"The National Security Agency routinely shares raw intelligence
data with Israel without first sifting it to remove information about US citizens, a
top-secret document provided to the Guardian by whistleblower Edward Snowden reveals. Details of the intelligence-sharing agreement are laid out in a memorandum
of understanding between the NSA
and its Israeli counterpart that shows the US government handed over intercepted
communications likely to contain phone calls and emails of American citizens. The
agreement places no legally binding limits on the use of the data by the Israelis....The
NSA declined to answer specific questions about the agreement, including whether
permission had been sought from the Foreign Intelligence Surveillance (Fisa) court for
handing over such material. The memorandum of understanding, which the Guardian is
publishing in full, allows Israel to retain "any files containing the identities of
US persons" for up to a year. The agreement requests only that the Israelis should
consult the NSA's special liaison adviser when such data is found. Notably, a much
stricter rule was set for US government communications found in the raw intelligence. The
Israelis were required to "destroy upon recognition" any communication
"that is either to or from an official of the US government". Such
communications included those of "officials of the executive branch (including the
White House, cabinet departments, and independent agencies), the US House of
Representatives and Senate (member and staff) and the US federal court system (including,
but not limited to, the supreme court)". It is not clear whether any communications
involving members of US Congress or the federal courts have been included in the raw data
provided by the NSA, nor is it clear how or why the NSA would be in possession of such
communications. In 2009, however, the New York Times reported on "the agency's
attempt to wiretap a member of Congress, without court approval, on an overseas
trip"." |
"Microsoft can track every word you type, or say out loud, while
using its latest operating system, Windows
10. Windows 10, which unites the Microsoft ecosystem across
a host of devices including smartphones, tablet and desktops PC, first
rolled out back in July. The Microsoft OS
saw huge adoption within the first few hours of its release – but the free
upgrade process has not been without issues.
Users have reported agonisingly
slow boot-up speeds, wifi
issues and problems
with child safety features following the jump to Windows 10. The news comes days after
it was revealed Microsoft
was working on a major update for its latest operating system, which
featured a visual refresh. Now a keylogger has reportedly been discovered within the
latest Microsoft operating system. The Redmond firm included the software, which tracks
every keystroke made on the Windows 10 device, to try and improve its products and
services. Voice data is also collected and analysed every time
virtual assistant Cortana is used on the desktop operating system. It was thought that
Microsoft would only include the key logger within the Technical Preview versions of the operating system, so that it
could use the vast data supplied by beta testers to tweak the final release. However the slightly creepy software has now been included in the
commercial version of Windows 10, PC World has confirmed." |
"A new phone is supposed to be a clean slate. But alarmingly,
that's not always the case. Security company G Data has identified more than 20 mobile
phones that have malware installed despite being marketed as new, according to a research
report. And it doesn't appear the infection is
occurring during manufacturing. "Somebody is unlocking the phone and putting the
malware on there and relocking the phone," said Andy Hayter, security evangelist for
G Data. Many of the suspect phones are sold in Asia and Europe through third parties
or middleman and aren't coming directly from the manufacturers, Hayter said. Brands of
affected phones include Xiaomi, Huawei, Lenovo, Alps, ConCorde, DJC, Sesonn and Xido. G
Data has contacted some manufacturers, including Lenovo, whose S860 Android smartphone in
one instance was found to have the malware. Ray Gorman, Lenovo's executive director of
external communications, wrote in an email that the device G Data analyzed came from a
third-party marketplace. The malware was installed by middlemen, he wrote." |
"Intelligence agencies
around the world are trawling leaked data from the Ashley Madison adultery website hack to
glean personal information and even use it as a possible blackmail tool, sources have
said. British spy agencies have already checked the leaked records to see if their own
staff could be vulnerable, but are also checking the data for details on potential
intelligence targets. The millions of worldwide accounts whose details have been stolen
and leaked are likely to include members who hold jobs in sensitive areas of government
and industry. The leaked membership details of the site used by people to set up
extramarital affairs could also now be checked when vetting those who need security
clearance for sensitive posts. A senior Government source said the data which has been
published on the dark web was being checked by British agencies and was considered by
spies around the world as a trove of potential information. The source said: 'We have been
looking at it to see if our people are vulnerable. But there are also people looking at it
to see how it can be used. Some countries will be
looking at it for blackmail.' Details of
people’s personal lives and online habits could also be used by spies plotting ways
to approach them. Nigel Inkster, a former assistant chief of MI6, said British
intelligence agencies did not engage in blackmail, but 'other intelligence agencies are
less scrupulous'. He said: 'If you are looking at a person as a potential intelligence
target, then of course knowing as much as possible about what’s missing from their
lives and what they are doing to fill it is of potential interest.' " |
"A challenge to the National Security Agency’s bulk collection
of telephone-call data was dealt a setback when a U.S. appeals court ruled a judge who
called the initiative 'almost Orwellian' was wrong to block the program. U.S. District Judge Richard Leon in 2013 granted legal activist Larry
Klayman’s request that he halt the NSA’s collection of his data. Leon then put
that ruling on hold pending a government appeal. A divided three-judge panel Friday
overturned Leon's order, while saying Klayman's case may still proceed. The judges all
agreed Klayman hadn’t shown he is likely to succeed in his lawsuit, but two of them
said he should have the opportunity. One of those two, U.S. Circuit Judge Janice Rogers
Brown, said it was entirely possible the Obama administration may rightfully refuse to
turn over the information Klayman requests." |
"In July 2013, GCHQ,
Britain’s equivalent of the U.S. National Security Agency, forced
journalists at the London headquarters of The Guardian to completely obliterate the memory
of the computers on which they kept copies of top-secret documents provided to them by
former NSA contractor and whistleblower Edward Snowden.... At a speech
given at the Chaos Communication Camp technology conference a few weeks ago in Germany,
Al-Bassam and Tynan explored the details surrounding GCHQ’s decisions about how to
destroy the devices, and hypothesized about what the government’s intentions might
have been beyond intimidation. 'Normally people just destroy the hard drive,' said
Al-Bassam. But GCHQ took it several steps further. The spy agency instructed Guardian
editors to destroy parts of multiple MacBook Airs’ track pad controllers, power
controllers, keyboards, CPUs, inverting converters, USB drives, and more. According to 'Joint
Services Publication 440,' a 2001 British government document released by WikiLeaks,
the U.K. Ministry of Defense mandates total destruction of top-secret information in order
to protect it from 'FISs [foreign intelligence services], extremist groups, investigative
journalists, and criminals.' However, when Al-Bassam and Tynan sent an email asking the
British government for the 'HMG (Her Majesty’s Government) Information Assurance Note
5,' the government-wide document that contains the U.K.’s 'sanitization'
policies — i.e., the specific steps necessary to destroy top-secret data — the
government denied their request. The sanitization policies of the other members of the
so-called 'Five Eyes' intelligence alliance — the U.S., New Zealand, Canada and
Australia — are public, and appeared to have very similar requirements to the
techniques used to destroy The Guardian’s computers. But in allowing The
Guardian’s editors to destroy the devices themselves, and hold onto the remaining
shards of computer dust, the British government essentially revealed those policies —
by making it possible for people like Al-Bassam and Tynan to analyze just why they might
have destroyed each part in such a specific way. What
Al-Bassam and Tynan theorized was that the government may have targeted parts of the Apple
devices that it 'doesn’t trust': pieces that can retain bits of electronic
information even after the hard drive is obliterated. The track pad controller, they said,
can hold up to 2 megabits of memory. All the different 'chips' in your computer —
from the part that controls the device’s power to the chips in the keyboard —
also have the capacity to store information, like passwords and keys to other data, which
can be uploaded through firmware updates. According to the public documents from
other members of Five Eyes, it is incredibly difficult to completely sanitize a device of
all its content. New
Zealand’s data deletion policies state that USB memory is only destroyed
when the dust is just a few millimeters in length. 'This wasn’t a random thing,' said
Tynan, pointing to a slide displaying a photo of a completely destroyed pile of USB chip
shards. These hidden memory storage locations could theoretically be taken advantage of,
Tynan and Al-Bassam said, by a computer’s owner, hackers, or even the government
itself, either during its design phase or after the computer is purchased. The Russian
cybersecurity firm Kaspersky Lab has presented
evidence that an organization it calls 'Equation Group,' which is reportedly linked
to the NSA, has developed ways to 'create an invisible, persistent area hidden inside [a
computer’s] hard drive' that would be virtually undetectable by the
computer’s owner. This area could be used 'to save exfiltrated information which
can be later retrieved by the attackers.' Other technologists and computer experts agreed
with Al-Bassam and Tynan that significant data could theoretically be stored on a
computer’s various chips. 'It’s actually
possible to store quite a bit of data in a small space — look at Micro SD cards!'
wrote Dan Kaminsky, a computer security specialist, in an e-mail to The Intercept. 'But
generally these other data stores are small. [They] can certainly store cryptographic keys
pretty much anywhere though; those things are minuscule.' Steve Burgess, a computer
forensics and data recovery expert, echoed Kaminsky’s technical points: 'Certainly
data could be stored on any kind of flash memory or SSD (if there was one), or on the
computer’s BIOS, and of course on the hard disk’s rotating media — and its
own on-board flash storage.'" |
"Switzerland's top data cop says Microsoft has 'gone too far' in abusing
people’s privacy. The Federal Commissioner for Data Protection, Jean-Philippe Walter,
told
Le Temps on Sunday that he was prepared to take Microsoft to court if it does not
alter its privacy policy for Windows 10. According
to Walter, the installation procedure does not properly inform users about the scope of
the default settings. In France, the data protection authority CNIL
issued public advice on how to set up privacy controls for Windows 10 earlier this
month, but CNIL's Swiss counterpart is feeling more combative. 'If necessary, we will
issue a recommendation,' he warned – a recommendation which could be for the
authorities to ban the sale of Windows 10 in Switzerland. But it’s not just
Microsoft. Walter sees demons elsewhere: 'We cannot let citizens become completely
enslaved to big companies such as Google and Facebook,' said Walter. 'They eat away at our
freedom every day. If we do not respond, one day it will be too late. Some analysts expect
the end of the private sphere in the next 20 years,' he added." |
"The newly appointed UN special rapporteur on privacy, Joseph
Cannataci, has called the UK's oversight of surveillance "a rather bad joke at its
citizens’ expense," and said that the situation regarding privacy is
"worse" than anything George Orwell imagined in his novel 1984. Speaking to The
Guardian, Cannataci said: "at least Winston [a character in Orwell's 1984] was
able to go out in the countryside and go under a tree and expect there wouldn’t be
any screen, as it was called. Whereas today there are many parts of the English
countryside where there are more cameras than George Orwell could ever have imagined. So
the situation in some cases is far worse already." Cannataci is also concerned about the routine surveillance carried out by
Internet companies as a key part of their business model. "They just went out and
created a model where people’s data has become the new currency," he said.
"And unfortunately, the vast bulk of people sign their rights away without knowing or
thinking too much about it." The mandate of the new post of UN
special rapporteur on privacy is broad. Cannataci, who is a professor of law at the
University of Malta, and uses neither Facebook nor Twitter, is empowered to review
government policies on digital surveillance and the collection of personal data, and to
identify activities that harm privacy protection without any compelling justification. He
can also give his views on how the private sector should be addressing its human rights
responsibilities in this field. There are four main tasks he has set himself: drawing up a
universal law on surveillance; tackling the business models of the big Internet companies;
defining what "privacy" exactly entails; and raising awareness of these issues
among the public. The
Guardian quotes him as saying the world "needs a 'Geneva convention for the
internet" to safeguard data and combat the threat of massive clandestine digital
surveillance." Cannataci recognises that he will be unable to achieve this within his
three-year mandate, or even if it is renewed, but believes that it is important to take a
long-term view. He acknowledges that Edward Snowden will be looked upon as "a traitor
by some and a hero by others," but says that his leaks were "very
important" because they confirmed what many working in the fields of privacy and data
protection had believed to be the case. Snowden's revelations also demonstrated "the
extent to which [government surveillance] has gone out of control," something many
hope Cannataci will try to address in his new role. Cannataci was chosen for the
role after the first-ranked candidate, the Estonian Katrin Nyman-Metcalf, was blocked
on the grounds that "she would not be a strong enough critic of US
surveillance."" |
"Ex-US president George W Bush, former Vice President Dick Cheney,
and senior law enforcement officials have been named in a class-action lawsuit for
authorizing blanket phone, email, and text message surveillance of Utah citizens during
the 2002 Winter Olympics. In 2013 the Wall Street
Journal reported
that the FBI and NSA had done a deal with telco Qwest Communications for blanket
surveillance coverage for Salt Lake City during the Winter Olympics. Then-mayor Ross
"Rocky" Anderson has now taken up the case and has filed the class action suit.
"This is the first time anyone knows of that a surveillance cone has been placed over
a specific geographical area in the United States," he told The Register on Thursday.
"What was so alarming was that they were reading the contents of the text messages
and emails."...There are currently six plaintiffs, including Utah State Senator
Howard Stephenson (R-Draper), former Salt Lake City Council member Deeda Seed, and local
historian Will Bagley. In addition to the presidential duo, the suit names former NSA
Director Michael Hayden and Cheney's attorney David Addington, who authorized the
surveillance. The case is going to prove interesting. If it is allowed to proceed, it
could bring to light just how the mass surveillance introduced days after the September 11
attacks was carried out, and – crucially – if there was proper legal authority
to do so. When in office, Anderson was a vocal opponent of the domestic surveillance
program carried out by the government and was a fierce critic of George Bush. He called
for Bush's impeachment over the Iraq War and has been active in investigating cases of
surveillance overreach." |
"Hackers are able to spy on smartphone users anywhere in the world.
In one of the biggest threat to privacy breaches the world has ever seen, Australians may
have their names, addresses, bank account details and medical data stolen due to a
security vulnerability. Channel
Nine's 60 Minutes has uncovered a security hole in modern telecommunications that
enables cyber criminals to listen in on phone conversations and read text messages.... Criminals, commercial spies and suspected terrorists are allegedly
exploiting the security loophole for their own benefit by accessing the system, which is
being used by major Australian providers." |
"John Brennan was about to say he was sorry. On July 28, 2014, the
CIA director wrote a letter to senators Dianne Feinstein and Saxby Chambliss — the
chairwoman of the Senate Intelligence Committee (SSCI) and the panel's ranking Republican,
respectively. In it, he admitted that the CIA's penetration of the computer network used
by committee staffers reviewing the agency's torture program — a breach for
which Feinstein and Chambliss had long demanded accountability — was improper and
violated agreements the Intelligence Committee had made with the CIA. The letter was
notable in part because Brennan initially denied the January 2014 search of the
Senate's computer network even took place. And later, when it became clear that it had
— and that he had known of it while publicly denying that it happened — he
refused to acknowledge that it was wrong. For
months, Feinstein and other committee members were clamoring for a written apology to make
part of the official record. Brennan's mea culpa was prompted by a memo he'd received 10
days earlier from CIA Inspector General David Buckley. After the Office of the Inspector
General (OIG) was tasked with looking into the intrusion, it found that the CIA employees who broke into the Senate's computer
network in hopes of tracking down CIA documents the Senate wasn't allowed to see
(according to the agency) may have broken federal laws. "I recently received a
briefing on the [OIG's] findings, and want to inform you that the investigation found
support for your concern that CIA staff had improperly accessed the [Intelligence
Committee] shared drive on the RDINet [an acronym for rendition, detention, and
interrogation] when conducting a limited search for CIA privileged documents,"
Brennan wrote. "In particular, the [OIG] judged that Agency officers' access to
the… shared drive was inconsistent with the common understanding reached in 2009
between the Committee and the Agency regarding access to RDINet. Consequently, I apologize
for the actions of CIA officers…. I am committed to correcting the shortcomings that
this report has revealed." But Brennan didn't sign or send the apology letter.
Instead, four days later, he sent Feinstein and Chambliss a different letter
— one without an apology or admission that the search of their computer network
was improper. He did say, however, that he was going to "stand up" an
"independent" accountability review board, whose members would be appointed by
Brennan, to look into the OIG findings and determine whether the CIA employees who
conducted the search should be punished. Last December, that accountability board issued a
report and overturned nearly all of Buckley's findings and conclusions. It also exonerated
Brennan and the CIA personnel who searched the Senate's computer network. Brennan did
verbally apologize to Feinstein and Chambliss during an in-person briefing about the
findings of the OIG report, but Intelligence Committee members told VICE News it was
unacceptable because there was not a written record of it. The lawmakers
also noted that Brennan should have apologized to them — and to the Senate
staffers who the CIA referred to the Justice Department for criminal prosecution....The
draft apology letter Brennan wrote to Feinstein and Chambliss are two of more than 300
pages of documents [pdf at the bottom of this story] VICE News obtained in response to a
joint Freedom of Information Act (FOIA) lawsuit filed against the CIA with Ryan Shapiro, a historian and
doctoral candidate at the Massachusetts Institute of Technology who specializes in
national security research....After VICE News
received the documents, the CIA contacted us and said Brennan's draft letter had been
released by mistake. The agency asked that we refrain from posting it. We declined the
CIA's request." |
"A divided appellate court panel in Richmond, Virginia, ruled
on Wednesday that citizens do not give up their privacy rights just because their
mobile-phone providers know where to reach them. The decision is the strongest assertion
of the Fourth Amendment rights of mobile phone users out of three appellate court
decisions on the matter, setting up a likely Supreme Court hearing. 'The tide I think is
turning,' said Hanni Fakhoury, a senior staff attorney with the Electronic Frontier
Foundation, which joined a friend-of-the-court brief in the case of Aaron Graham, a man
convicted of armed robbery after his cell phone location information over seven
months was obtained by the government from Sprint. The Fourth Circuit Court of Appeals
ruling rejected the 'third party doctrine,' a legal theory that private information held
by a company is not protected by the Fourth Amendment’s prohibitions against
unreasonable search and seizure. The ruling
acknowledged the prevalence and advancement of technology in our lives. 'People cannot be
deemed to have volunteered to forfeit expectations of privacy by simply seeking active
participation in society through use of their cell phones,' the court wrote. 'It’s
great for us going forward,' says Nate Wessler, a staff attorney with the American Civil
Liberties Union’s Speech, Privacy, and Technology Project. 'It’s a robust
recognition of how much private information can be revealed through our cell phone records
— doctor’s office visits, AA meetings … in the aggregate, it paints a
strong picture of our lives.' Wessler said a Supreme Court hearing on the case is now more
likely." |
"When I published the ECHELON
story in August 1988, it got little mainstream attention. It was ignored for a decade,
downplayed by many as European paranoia. In 1999, at
last, ECHELON attracted the concern of Europe’s Parliament,
which commissioned an investigation. My report, 'Interception
Capabilities 2000,' outlined what ECHELON was and was not. With
ECHELON under investigation in Europe, Margaret Newsham decided to reveal her
identity as the whistleblower, and retold her story on CBS’s '60 Minutes.' The European Parliament then
mandated extensive action against mass surveillance. Their recommendations were passed in
full on September 5, 2001. Six days later, the Twin Towers came down. Any plans for limiting mass surveillance were buried with the victims of
9/11, and never formally published. But proof of ECHELON has become available. In December
2014, I asked fellow Scottish journalist and Intercept reporter Ryan Gallagher to check
Snowden’s documents. Was there evidence of ECHELON? There was; the documents included
details of the 'ECHELON agreement' and more — a batch of GCHQ and NSA documents
confirming what whistleblower Margaret Newsham had revealed 27 years ago. ECHELON was
indeed 'a system targeting communications satellites' that began nearly 50 years ago.
'In 1966, NSA established the FROSTING program, an umbrella program for the collection and
processing of all communications emanating from communication satellites,' according to a
January 2011 newsletter published by the NSA’s Yakima Research Station.
'FROSTING’s two sub-programs were TRANSIENT, for all efforts against Soviet satellite
targets, and ECHELON, for the collection and processing of INTELSAT communications.'
Another report, published in NSA’s 'SID Today' newsletter in 2005, stated that 'yes,
there is an ECHELON system,' and noted that the 'extensive story of ECHELON
would be part of the forthcoming history initiative.' A 2010 GCHQ report
noted that 'historically, NSA has been a large source of funding for COMSAT
[interception]. Many current COMSAT assets were purchased by NSA and are supported by GCHQ
under the Echelon Agreement.' The documents also confirmed the role of ECHELON
Dictionaries as 'text
keyword scanning engines.' Other previously published Snowden documents show that
CARBOY, whose expansion plans Newsham gave me, was a 'primary' foreign satellite
collection operation at Bude. The most shocking part of ECHELON, confirmed by the Snowden
documents, is that it was built to target Intelsat satellites, which in the early years
were used primarily by Western countries; the United States was the largest owner and
user. The Soviet Union, China and their allies didn’t have ground stations, nor the
equipment to connect to Intelsat, until years later. The Yakima site, which started
operating in May 1973, was 'established under the ECHELON program to collect and process
INTELSAT communications during the height of the Cold War,' reads a July 2012
newsletter published by the NSA’s Yakima Research Station. One more GCHQ
document linked Edward Snowden’s archive back to where my journey first began,
with John Berry and the ABC case. The GCHQ station in Cyprus where Berry served has the
code name 'SOUNDER.' Here, too, NSA was heavily involved, according to the document:
'Under the ECHELON Agreement, NSA provides 50% of the funding for the SOUNDER Comsat
facility.' The NSA’s 'SID Today'
newsletter concludes by recounting that the agency showed arrogance in
evading public scrutiny. It describes how ECHELON 'caught the ire of Europeans,'
prompting a European Parliament investigation in 2000. The NSA newsletter writer
wrote that when a European delegation came to Washington to visit NSA and other
agencies, they
were snubbed and their appointments were cancelled. 'Our interests, and our
SIGINT partners’ interests, were protected throughout the ordeal,' reads the report.
NSA claimed that the Parliament investigation 'reflected not only that NSA played by the
rules, with congressional oversight, but that those characteristics were lacking when the
[European delegation] applied its investigatory criteria to other European nations.' According to the NSA writer, the Europeans
were 'pigs' wading in filth. 'The 'pig rule' applied when dealing with this tacky
matter: 'Don’t wrestle in the mud with the pigs. They like it, and you both get
dirty.' Attitudes like this have made the secret dirty world of electronic mass
surveillance difficult to expose, and more difficult to get changed. Even today, neither GCHQ nor NSA will comment on ECHELON or other
specific issues raised in the Snowden documents.
('It is long standing policy that we do not comment on intelligence matters,' GCHQ said in
a statement.) Yet change has happened, and at increasing speed." In May 2015,
two years after Edward Snowden’s revelations were first published, I was invited on
behalf of a former 'C' — chief of the U.K.’s Secret Intelligence Service —
to co-introduce a conference
on intelligence, security and privacy. Nearly three decades after almost going to prison
for allegedly exposing GCHQ’s secrets, my partner in starting
the conference was the agency’s newly appointed director, Robert Hannigan. No one
present argued against greater openness. Thanks to Edward Snowden and those who
courageously came before, the need for public accountability and review has become
unassailable." |
"Prime Minister Shinzo Abe, key figures of his former
administration and several of Japan’s most powerful companies have been the targets
of long-term US spying operations, according to documents published on the WikiLeaks website. The
alleged operations to bug phones and intercept communications date back at least a decade
and suggest that the US maintained extensive surveillance of its closest ally in
Asia. That surveillance appears to have allowed the US to gather intelligence from
conversations held at the prime minister’s residence in Tokyo, according to the
WikiLeaks documents. One of the documents, which dates from Mr Abe’s first, year-long
stint as prime minister in 2007, details his preparations for a visit to Washington in
April that year and his expected stance on climate change. The WikiLeaks website, drawing on secrets stolen by US whistleblower
Edward Snowden in 2013, has previously alleged systematic spying by the US on the
governments of Brazil, France and Germany. Revelations that the mobile
phone of German Chancellor Angela Merkel had been tapped created a frost in US-German
ties. One senior adviser to the Japanese cabinet office said that, since the tapping of Ms
Merkel’s phone had come to light, 'Japan’s top leaders assumed they were being
listened to as well'. The US appears to have used its
deep access to the inner workings of Japan’s government and corporations to secretly
observe the country’s preparations for other international summits and forums where
Japan-US relations might be tested. Trade and climate change issues emerge as a keen area
of focus for the US spying agency. The leaked documents, which WikiLeaks claims to have
obtained from the US National Security Agency, include four 'top secret' reports and a
list of 35 Japanese targets for telephone intercepts. The documents range between 2007 and
2009 — a period that saw Japan shuffle through four prime ministers. The phone
intercept targets appear to have been identified from as early as 2003. As well as the
main switchboard for the cabinet office, the target list suggests that the NSA has
attempted to intercept the phone calls of staff belonging to Japan’s chief cabinet
secretary, the minister of economy trade and industry, senior officials within the finance
ministry and the governor of the Bank of Japan. The
list of targets also suggested that the energy divisions of both Mitsui and Mitsubishi were
victims of the NSA’s spying operations. One person close to the Japanese cabinet said
that the documents, published as Mr Abe is facing heavy public opposition to security
legislation, 'could not have come at a worse time'. The controversial changes being pushed
into law by Mr Abe would allow Japan to reinterpret its pacifist constitution, enabling
the military to extend its role and join allies such as the US in overseas operations of
collective self-defence." |
"[Windows 10] will automatically sync with the Microsoft servers
and silently pass along and store information about you including; your browser
history, favourites and the websites you’re currently viewing. Mobile hotspot
passwords and Wi-Fi network names and passwords are also logged. Cortana, the
new personal virtual assistant records and shares everything you do to function
properly....These settings can be turned off, but
that may effect the performance of the operating system – in particular
Cortana." |
"Historic phone records collected in bulk by the National Security
Agency are poised to be purged from the NSA’s
database later this year, the Office of the Director of National Intelligence said this
week. Effective Nov. 29, NSA analysts
will no longer have access to a trove of millions of call records and other so-called
metadata that had been collected by U.S. intelligence officials pursuant to an
interpretation of part of the post-9/11 Patriot Act that was reined in earlier this year.
In light of ongoing litigation, however, the ODNI acknowledged that any of those records
that were collected during the last five years cannot be expunged until those legal
matters are resolved. The telephony metadata
preserved solely because of preservation obligations in pending civil litigation will not
be used or accessed for any other purpose, and, as soon as possible, NSA will
destroy the Section 215 bulk telephony metadata upon expiration of its litigation
preservation obligations,' the ODNI said. Under Section 215 authority, telephony metadata
containing basic information such as the duration of phone calls and the parties involved
had been collected by the NSA and stored
to be queried during late possible investigations. Former intelligence contractor Edward
Snowden leaked details about that program in 2013, which spawned an international debate
concerning the American surveillance apparatus and its capabilities that had previously
been kept hidden from the public and subsequent scrutiny. The program faced challenges in
several federal courts and the House and Senate. In June, Congress approved the USA
Freedom Act, in turn ending the intelligence community’s ability to conduct dragnet
phone surveillance that had been codified shortly after the Sept. 11, 2001, terrorist
attacks. Passage of the USA Freedom Act provided for a six-month transition period in
which private telecommunication companies will prepare to be the sole collectors of user
call records." |
"In what has become an ongoing struggle to maintain Americans’
privacy rights in national security measures, the National Security Agency (NSA) has
agreed to destroy millions of Americans’ phone records collected under its
contentious surveillance program, the Associated Press reports. The Bush administration created the bulk collection program under Section
215 of the USA Patriot Act following the Sept. 11 attacks in 2001. But it garnered
international attention after former NSA contractor Edward Snowden unveiled the
large-scale intelligence gathering effort in 2013. After Congress’s inaction let
Section 215 expire on June 1, 2015, President Obama passed the USA
Freedom Act the next day. Under this legislation, phone companies, rather than the
federal government, will gather and store metadata – numbers dialed and the duration
of phone calls – but not their content. Intelligence officials can still access
records relevant to a national security investigation, but will need a warrant from the
Foreign Intelligence Surveillance Act (FISA) to do so. The law gave the government six
months to make the transition, but didn’t specify whether or not the NSA would still be able to
access records it’s already collected. Though the program has been around for a
decade, most of its records are purged every five years, so half of the collection has
already been discarded, reports the Associated Press. In a statement released Monday, the
director of national intelligence said the NSA will no longer examine those records in terrorism investigations after Nov.
29, 2015. Because the agency is still undergoing lawsuits over the records, it’s
legally obliged to preserve them until then. But once that date passes, they will be
destroyed "as soon as possible," the statement reads. Reforms to Section
215 of the Patriot Act drew bipartisan approval in Congress. Yet hardline privacy
advocates such as Sen. Rand Paul (R) of Kentucky, said they could have done more to restore civil liberties, wrote The Christian
Science Monitor’s Francine Kiefer in June. On the other hand, Sen. Mitch McConnell
(R) of Kentucky, said the USA Freedom Act 'undermines American security by taking one more
tool from our war fighters at exactly the wrong time.' Most Americans agree that
their privacy rights should trump national security concerns. According to a Pew Research
Survey conducted in June 2014, 74 percent of those polled say Americans shouldn’t have to give up
privacy and freedom in order to be safe from terrorism, while just 23 percent argue the
opposite. But opinion is more divided when asked specifically about the NSA’s data
collection program. Fifty-four percent of Americans
disapprove of the government’s collection of telephone and Internet data as part of
anti-terrorism efforts, while 42 percent approve of the program. Yet among privacy
advocates, surveillance is a common enemy that cuts across political ideologies and party lines,
Josh Withrow, legislative affairs manager for FreedomWorks, told the Monitor. According to
the same Pew Research study, nearly 70 percent of surveyors identified as steadfast
conservatives oppose the government’s data collection program, as do 61 percent of
business conservatives and 58 percent of solid liberals." |
"Official guidance about the surveillance of politicians shows that
MEPs can have their telephones tapped and their emails intercepted. Documents disclosed at
a tribunal reveal that while the security services are prevented from intercepting the
communications of MPs and peers, they can put members of the European parliament, the
Northern Ireland assembly, the Welsh assembly and the Scottish parliament under electronic
surveillance. The 'Wilson doctrine', devised by the
former prime minister Harold Wilson, gives politicians protection against snooping unless
the prime minister approves it under exceptional circumstances. Until now this safeguard
was assumed to extend to all parliamentarians. But an internal M15 document from February
2015 details exceptions: 'It follows that the Wilson doctrine would not apply to . . . a
member of the European parliament or a devolved administration.'" |
"POLICE Scotland were
yesterday urged to come clean over whether officers broke new laws making it harder for
them to spy on journalists. Since March, officers have needed a judge’s permission
before using electronic surveillance techniques to identify reporters’ sources.
Previously, they only needed a superintendent’s permission to seize data from their phones . Since the law was changed two forces have been accused of accessing
journalists’ or their sources’ phones without the permission of a judge. David Cameron described
the alleged breaches as a 'serious error' two weeks ago." |
"GCHQ
could be spying on MSPs and other politicians after reportedly changing guidance on
snooping restrictions. Nicola Sturgeon, the Scottish First Minister, has demanded urgent
assurances from David Cameron after claims the spy agency told staff that rules on
monitoring politicians did not apply to devolved governments. It raises the prospect that
the intelligence agency could be monitoring representatives of the Scottish, Welsh and
Irish assemblies as well as MEPs. It came as a Government lawyer told a tribunal that the
rules protecting Westminster MPs could not survive in an age of bulk data collection. GCHQ has recently change guidance surrounding the so-called Wilson
Doctrine, according to the Daily Record. It was introduced in 1966 under former Labour
Prime Minister Harold Wilson to ban the tapping of UK MPs' and peers' phones and was later
extended to cover emails. The doctrine was drawn up before the devolved governments
existed but even as recently as March the agency said it applied the principles to UK
MEPs, and members of the Scottish, Welsh and Northern Irish assemblies." However,
according to papers obtained by the newspaper, the guidance changed last month to say:
"The doctrine does not apply to ... the interception of communications of Members of
the European Parliament or devolved assemblies." ... The papers were obtained as a
legal challenge over the Wilson Doctrine is being heard by the Investigatory Powers
Tribunal, which considers complaints against the spy
agencies. It has been brought by Green party parliamentarians Caroline Lucas and Lady
Jones, and the former Respect MP George Galloway, who argue that their communications
must have been intercepted by the sort of programmes exposed by the CIA whistleblower Edward
Snowden. James Eadie QC, for the Government, told the hearing on Friday that the
doctrine 'simply cannot work sensibly' when bulk interception of data is taking
place." |
"Car brakes and other critical systems can be hacked via car
infotainment systems, security researchers at NCC Group have revealed.The ingenious hack,
demonstrated in an off-road environment, works by sending attack data via digital audio
broadcasting (DAB) radio signals. This is similar to
a hack that allowed security researchers Chris Valasek and Charlie Miller to take control
of a Jeep Cherokee after sending data to its entertainment and navigation systems via a
mobile phone, as previously reported. Car
owners are strongly advised to apply a patch developed by Chrysler to guard against
attacks that facilitate remote control of a car's engine, brakes and more from distance,
simply by knowing the car's public IP address. NCC's work shows that even cars whose
systems are not connected to mobile networks might be vulnerable. The hack was
demonstrated to BBC Radio 4's PM programme. Andy Davis, NCC's research director, explained
that an attack rig could be put together using cheap components connected to a laptop. The
infotainment system of a targeted car, once compromised, could be used as a stepping stone
to attack more critical systems, including steering and braking. Depending on power, a
DAB broadcast could be used to attack multiple cars. 'If you had a vulnerability
within a certain infotainment system in a certain manufacturer's vehicle, by sending one
stream of data you could attack many cars simultaneously," he told the BBC, adding that attack data could be steganographically implanted within an audio
or music stream. "[An
attacker] would probably choose a common radio station to broadcast over the top of to
make sure they reached the maximum number of target vehicles." The approach has only been attempted in the lab. Davis has
previously hacked into a real vehicle's automatic braking system through manipulating its
infotainment system. A similar approach could be replicated through a DAB broadcast, he
suggested." |
"British intelligence agencies have been spying on MPs and peers in
contravention of a decades-old convention prohibiting surveillance of politicians’
communications, a tribunal has heard. Hitherto-secret MI5, MI6 and GCHQ documents revealed
in court that the agencies amended internal policies on surveillance of parliamentarians
eight times in the past 12 months. The updated internal rules fail to comply with a
50-year-old political convention, known as the Wilson doctrine, which states that no
parliamentarian’s telephone can be tapped unless there is a major national emergency
and that changes to the policy will be reported to Parliament by the Prime Minister. Green
Party politicians Caroline Lucas MP and Baroness Jones of Moulsecoomb, together with
former Respect MP George Galloway, brought the legal action following CIA whistleblower
Edward Snowden’s revelations about surveillance and the collection of metadata. The
trio believes it is likely their communications were intercepted. Their case, contested by
the intelligence agencies, is being fought in a rare public hearing before the
Investigatory Powers Tribunal, although some parts of the Government’s defence will
be kept secret. The IPT panel is being asked to confirm that the Wilson doctrine has force
in law. Ben Jaffey, representing the Green party
politicians, said the case was about what safeguards were required before members of the
legislature were subject to intercept or surveillance. He said MPs need to communicate
privately with their constituents and potential whistleblowers. The tribunal heard that officers from the three spy agencies have
operated under eight different policies concerning interception of parliamentarians’
communications in the last 12 months alone. GCHQ introduced a policy in March this year
that did not require approval by the Prime Minister, or any Minister, before deliberately
targeting the communications of a parliamentarian. The policy was then revised in June. Mr
Jaffey said: 'All protection for communications data and devolved legislators has been
removed.' In February 2008 the then-Foreign Secretary David Miliband approved a change in
MI6 policy that 'misstated' the Wilson doctrine in three ways, Mr Jaffey said, including
that MI6 may continue to intercept or carry out surveillance even where the purpose is to
discover further information about a Parliamentarian. The new MI6 policy from February
2015 states the Wilson doctrine 'does not prohibit the interception of
Parliamentarians’ communications'. However, the Home Secretary, Theresa May, told
Parliament last year in a debate on the Data Retention and Investigatory Powers Bill that
the doctrine 'obviously applies to Parliamentarians', barring exceptional circumstances.
Mr Jaffey said: 'The difference in emphasis between the statements made in Parliament and
hitherto-secret internal guidance is notable… The material now disclosed is not
sensitive. It should not have been kept secret. It shows that the Wilson doctrine has been
operated in secret differently from the assurances given to Parliament about interception
of Parliamentarians.'" |
"An ongoing investigation into the security of Chrysler vehicles
bears some pretty startling conclusions. In a couple of weeks, security researchers will
reveal the details of a zero-day exploit that affects some 471,000 cars. Put bluntly:
Hackers can take complete control of the cars from thousands of miles away. Longtime car hackers Charlie Miller and Chris Valasek recently
demonstrated the dangerous possibilities of the Chrysler exploit to Wired’s Andy
Greenberg. The journalist actually took a Jeep Cherokee onto the highway outside St.
Louis, while the hackers took over control of the car. Using the Jeep’s Uconnect system, which plugs into a cellular
network, the security researchers were able to gain control of the car’s
entertainment system and then rewrite the firmware to send commands to critical systems
like the brakes, steering, and transmission." |
"WikiLeaks has published evidence that the NSA systematically spied
on German Foreign Minister Frank-Walter Steinmeier, as well as other officials. The
alleged spying reportedly predates the September 11, 2001 attacks. German Foreign Minister Frank-Walter Steinmeier was reportedly the target
of systematic spying by the US National Security Agency (NSA), according to information
released Monday by transparency organization WikiLeaks. WikiLeaks documented
an intercepted conversation or phone call held by Steinmeier on November 29, 2005 shortly
after he had completed his first official visit to the United States as foreign minister.
It is unclear with whom Steinmeier was speaking at the time, but the subject of the call
was the US Central Intelligence Agency's (CIA) controversial renditions program. It was
alleged that the US had used the airspace and airport facilities of cooperating European
countries to illegally abduct European citizens and residents in order to interrogate them
at secret "black site" prisons. Steinmeier denied knowledge of the alleged
rendition flights in 2005 and according to the intercept, "seemed relieved that he
had not received any definitive response from the US secretary of state regarding press
reports of CIA flights through Germany to secret prisons in Eastern Europe allegedly used
for interrogating terrorism subjects." Human rights groups have accused the United
States of having used the so-called "extraordinary renditions" in order to
interrogate suspected terrorists using methods not allowed in the US itself, including
torture." |
"There are lots of ways that government spies can
attack your computer, but a U.S. drone company is scheming to offer them one more.
Boeing subsidiary Insitu would like to be able to deliver spyware
via drone. The plan is described in
internal emails from the Italian company Hacking Team, which makes off-the-shelf
software that can remotely infect a suspect’s computer or smartphone, accessing
files and recording calls, chats, emails and more. A hacker attacked the Milan-based
firm earlier this month and released hundreds of gigabytes of company information online.
Among the emails is a recap
of a meeting in June of this year, which gives a 'roadmap' of projects that Hacking
Team’s engineers have underway. On the list: Develop a way to infect computers via
drone. ...attaching a small network injector to a
drone would give the ability to attack Wi-Fi networks from above, or at a greater distance. The system operator wouldn’t have to get physically
near the target. Insitu did not respond to The Intercept’s requests for
comment.Hacking Team gained notoriety in recent years as human rights and digital
security advocates found traces of its spyware on the computers of journalists
and political activists from Ethiopia, Morocco and elsewhere." |
"Surveillance legislation the government considered 'vital' and
rushed through parliament last year has been struck down by the High Court. The Data
Retention and Investigatory Powers Act, which compels telecoms providers to retain user
data for 12 months and make it available to public bodies, was inconsistent with European
law, the court ruled. David Cameron had argued that the legislation was 'vital' for law
enforcement and intelligence agencies 'to keep us all safe' from criminals and terrorists.
The government rushed the law act through parliament
last year after the European Court of Justice struck down an EU directive requiring phone
and internet companies to retain communications data on the grounds that it infringed
human rights. But in its judgment on Friday, the High Court said the so-called
Drip Act should be 'disapplied', although it gave the government until next March to come
up with a replacement. The challenge to the contentious legislation was brought by two
MPs: Labour’s Tom Watson and the former Tory shadow home secretary David Davis. Mr
Davis said: 'This is a massively important ruling. The court has told the government to go
away and rewrite the law on the collection of all our phone data, all our email data, who
we called and when we called them.' The High Court’s ruling said the authorisation of
access to communications data should be governed by an independent body. Under the current
system, law enforcement and intelligence agencies themselves are able to authorise access
to this data. Mr Davis said the ruling meant that 'nobody’s privacy will be
unnecessarily invaded'. The government disagreed with the judgment and said it would seek
an appeal. .... Meanwhile, the government announced that a commission would review
freedom-of-information laws, prompting campaigners to give warning that ministers were
planning to curb the public’s ability to force the disclosure of official documents.
The commission will be chaired by Lord Burns, former head civil servant at the Treasury
and former chairman of Santander UK bank. Other members include Jack Straw, the former
home secretary and regular critic of FoI laws; and Lord Howard, the former Conservative
leader who once found himself the target of FoI requests from Labour aimed at uncovering
potentially embarrassing revelations. Campaigners say that the make-up of the commission
is slanted to ensure its members recommend new limits on what the public is allowed to
request from government. Maurice Frankel, of the Campaign for Freedom of Information,
said: 'Ministers want certainty that policy discussions will not only take place in secret
but be kept secret afterwards. They don’t like the fact that the act requires the
case for confidentiality to be weighed against the public interest in disclosure.'" |
"Emergency mass surveillance laws rushed through Parliament last year have been ruled unlawful by the
High Court. The Data
Retention and Investigatory Powers Bill (Dripa), which was pushed through in three days
in July 2014, was designed to give GCHQ and other public intelligence authorities the
power to gather and retain information on phones calls, text messages and online
communications, and force telecommunications companies to retain data for 12 months. It
was deemed necessary by the then-coalition government due to existing powers being
invalidated by a ruling from the European Union's Court of Justice. In order to maintain
effective guards against serious crime and terrorism, the Home Office argued at the time,
new emergency powers were required. A group of British legal experts published an open letter protesting the emergency bill, which gave MPs no time
to deliberate the complex legislation. But with little time to raise a strong opposition,
the bill was passed and later cemented in law. In what will be seen as a big win for
privacy activists everywhere, a challenge brought by MPs David Davis and Tom Watson has now been proven legitimate. The High Court ruled today that sections 1 and 2 of Dripa are unlawful
because they breach Articles 7 and 8 of the EU Charter of Fundamental
Rights. "The court has recognised what was clear to many last year, that the
government's hasty and ill-thought through legislation is fatally flawed," said
triumphant MP for Haltemprice and Howden, Davis. "They will now have to rewrite the
law to require judicial or independent approval before accessing innocent people's data,
reflecting the new consensus amongst experts in the Anderson and RUSI reports. This change
will improve both privacy and security, as whilst the government gave Parliament one day
to consider its law, the court has given almost nine months." The High Court ruled
that the law fails to provide the "clear and precise rules" necessary to ensure
data is only accessed in the most serious cases to prevent crime, or accessed when
conducting criminal prosecutions relating to those serious offences. Dripa also fails to
demand a warrant from a court or independent body. In the ruling the High Court concluded:
"The need for that approval to be by a judge or official wholly independent of the
force or body making the application should not, provided the person responsible is
properly trained or experienced, be particularly cumbersome." Just a few days ago, a
report by the Royal
United Services Institute (RUSI) recommended that intelligence agencies be
required to attain judicial sign off -- rather than ministerial -- for interception
warrants. It is the second
report in the space of two months to come to this conclusion, with the official
government reviewer of terrorism legislation, David
Anderson QC, calling Dripa "undemocratic and unnecessary" in June. Under the
temporary law, around 500,000 requests are granted each year, without judicial oversight,
and this is likely to remain the status quo until the emergency bill expires in March 2016
and the government is forced to reassess the legislation. This ruling is likely to carry
great weight when it comes to that period of deliberation across Parliament.
"Campaigners, MPs across the political spectrum, the government's own reviewer of
terrorism legislation are all calling for judicial oversight and clearer safeguards,' said
James Welch, legal director for Liberty, which helped bring the case. "The High Court
has now added its voice, ruling key provisions of Dripa unlawful. Now is the time for the
Home Secretary to commit publicly to surveillance conducted with proper respect for
privacy, democracy and the rule of law -- not plough on with more of the same." |
"Three former spy chiefs have conceded that Britain's police and
intelligence agencies may have unwittingly broken the 'antiquated laws' that govern their
surveillance activities. A report published today says there is no evidence that police
forces, MI5, MI6 AND GCHQ 'knowingly' acted illegally, but expresses concern at the
condition of the law governing the state's most intrusive powers. A panel assembled by the
Royal United Services Institute (Rusi) is calling for a 'new, comprehensive and clearer
legal framework' to govern surveillance, accompanied by stronger oversight of the spy
agencies.... The Rusi report is the third in a
series of documents analysing the privacy debate after the Edward Snowden leaks, which
will shape new surveillance legislation being published by the government in the autumn.
It is an attempt to address the debate over privacy versus security by assembling a panel
that included former intelligence chiefs - Lord Evans of Weardale, the ex-MI5 head, Sir
John Scarlett, the ex-MI6 boss, and Sir David Omand, the former GCHQ director - with
Professor Heather Brooke, the freedom of information campaigner, and Baroness Lane-Fox of
Soho, the dotcom entrepeneur. There were heated arguments between the panel members before
all were prepared to signg off on the report which...... urges
greater protection form surveillance for journalists and lawyers, saying that 'those who
challenge the state.... need to be confident they are not spied upon, otherwise they
cannot do their jobs effectively'." |
"The filmmaker behind last year’s Oscar-winning documentary
starring government leaker Edward Snowden is suing the Obama
administration for keeping secret documents about her. Laura Poitras claims to have been
needlessly detained by 'Kafkaesque' searches at the U.S. border each and every time she
traveled through the country from 2006 to 2012. But
government agencies have refused to meaningfully respond to requests under the Freedom of
Information Act (FOIA) to release documents about the searches, she claims, which only
ended after they were featured in a news article and became the subject of a petition
protesting her treatment. 'I’m filing this lawsuit because the government uses the
U.S. border to bypass the rule of law,' Poitras said in a statement. 'This simply should
not be tolerated in a democracy. 'We have a right to know how this system works and why we
are targeted.' Poitras now lives in Berlin, as part of a growing community of
technology-focused activists. Earlier this year, she won the
Academy Award for her documentary about Snowden and other government
whistleblowers, called 'Citizenfour.' As part of the reporting team to break news of
the Snowden document, she also received
the Pulitzer Prize last year and has been closely tied to the fate of the former
government leaker." |
"Magshimim serves as a
feeder system for potential recruits to Unit 8200, the Israeli military’s legendary
high-tech spy agency, considered by intelligence analysts to be one of the most formidable
of its kind in the world. Unit 8200, or shmone matayim as
it’s called in Hebrew, is the equivalent of America’s National Security Agency and the largest single military unit in the Israel Defence Forces.....In
some ways, 8200 is Israel at its best and worst: a high-tech incubator that trains some of
Israel’s smartest young people but effectively excludes minority Arabs — 20 per
cent of Israel’s population — because so few do military service, which is
compulsory for Jewish Israelis. Unit 8200 also snoops on Palestinians living under Israeli
occupation in the West Bank or naval and air blockade in the Gaza Strip, according to a
whistle-blowing leak that created a stir last year. In
an open letter in September 2014, published by Israel’s Yedioth Ahronoth newspaper
and broadcast on Channel 10, a group of 43 serving and former 8200
reservists revealed what they said were coercive spying tactics being used on innocent
Palestinians, including the collection of embarrassing sexual, financial or other
information. One of the whistle-blowers, in a
statement released along with the letter, described his “moment of shock” when
watching The Lives of Others, the 2006 film about the Stasi’s pervasive spying in
East Germany.... But what does 8200 actually do? Israel, as Netanyahu never tires of
saying, lives in a “bad neighbourhood” in the Middle East, surrounded by several
countries it classifies as enemy states. This requires world-class hacking and artificial
intelligence tools as warfare moves from conventional battlefields — land, sea and
air — to include cyber terrain. This new theatre of operations needs both offensive
and defensive tools. According to some media reports, which the IDF won’t confirm,
the unit was responsible for the Stuxnet computer worm deployed in 2010 against
Iran’s computers, including ones at its nuclear facilities. .... According to
intelligence analysts, 8200’s remit is similar to that of the NSA or Britain’s
Government Communications Headquarters, covering everything from analysis of information
in the public domain to use of human operators and special signal intelligence. Its
geographical remit is primarily outside Israel but it does include the Palestinian
territories. “Unit 8200 is probably the foremost technical intelligence agency in the
world and stands on a par with the NSA in everything except scale,” Peter Roberts,
senior research fellow at Britain’s Royal United Services Institute, told me.
“They are highly focused on what they look at — certainly more focused than the
NSA — and they conduct their operations with a degree of tenacity and passion that
you don’t experience elsewhere.”... Once intelligence is gathered and organised
into a database, an analyst needs to look for a common denominator. This is what big data
experts call fusion: the ability to make sense of, for example, an object spotted from
different angles by different means — maybe a drone in the air, a camera on the
ground, or a listening device in a phone. .... Over time, though, Gilad became troubled by
the intrusive methods being used against Palestinians in the West Bank and Gaza. The refuseniks say they were asked to gather information not only
on people suspected of plotting to harm Israel but on their family members, neighbours and
others who might supply information about them. This included information about medical
conditions, financial problems and sexual orientation
— a sensitive topic in deeply conservative Palestinian society. One of them said that
during his training for 8200, he had been assigned to memorise different Arabic words for
“gay”. Another said that soldiers would call one another over to listen when one
of their targets was discussing a “funny” medical condition such as
haemorrhoids. From the protest, a picture emerged of bright young Israelis, still in their
teens and twenties, making decisions that would affect the fate of Palestinians years
older. “In a way, this power is intoxicating,” Gilad told me. “You get
inside people’s lives and you laugh about their sexual habits or medical problems.
And it shows how far it goes. It shows you how power can corrupt.”...Privacy
International, a human rights watchdog group, recently reported that two multinational
companies with Israeli roots, Verint and Nice Systems, were supplying surveillance
technology to repressive Central Asian countries, allowing “unchecked access to
citizens’ telephone calls and internet activity on a mass, indiscriminate
scale”. " |
"When you pick up the phone, who you’re calling is none of the
government’s business. The NSA’s domestic surveillance of phone metadata was the
first
program to be disclosed based on documents from whistleblower Edward Snowden, and
Americans have been furious about it ever since. The courts ruled
it illegal, and Congress let the section of the Patriot Act that justified it expire
(though the program lives on in a different form as part of the USA
Freedom Act). Yet XKEYSCORE,
the secret program that converts all the data it can see into searchable events like web
pages loaded, files downloaded, forms submitted, emails and attachments sent, porn videos
watched, TV shows streamed, and advertisements loaded, demonstrates how Internet traffic
can be even more sensitive than phone calls. And unlike the Patriot
Act’s phone metadata program, Congress has failed to
limit the scope of programs like XKEYSCORE, which is presumably still operating at full
speed. Maybe Verizon stopped giving phone
metadata to the NSA, but if a Verizon engineer uploads a spreadsheet full of this metadata
without proper encryption, the NSA may well get it anyway by spying directly on
the cables that the spreadsheet travels over. The outrage over bulk collection of our
phone metadata makes sense: Metadata is private.
Americans call suicide prevention hotlines, HIV testing services, phone sex services,
advocacy groups for gun rights and for abortion rights, and the people they’re having
affairs with. We use the phone to schedule job interviews without letting our current
employer know, and to manage long-distance relationships. Most of us, at one point or
another, have spent long hours on the phone discussing the most intimate details about our
lives. There isn’t an American alive today who didn’t grow up with at least
some access to a telephone, so Americans understand this well. But Americans don’t
understand the Internet yet. Bulk collection of phone metadata is, without a doubt, a
violation of your privacy, but bulk surveillance of Internet traffic is orders of
magnitude more invasive. People also use the Internet in all the ways they use phones
— often inadvertently sharing even more intimate details through online searches. In
fact, the phone network itself is starting
to go over the Internet, without customers even noticing." |
"The NSA is gathering and eavesdropping on practically all
communications emerging from South America, WikiLeaks founder Julian Assange told
Chilean publication El Mostrador Tuesday. 'Ninety-eight percent of Latin American
communications are intercepted by the NSA while passing through the United States to the
world,' Assange said in an interview with the publication. A large focus of Assange was related to the large swaths of
information being collected by American tech companies, specifically Google and Facebook,
and their relationship with the U.S. intelligence communities. 'They are physically in the
United States and therefore under their legal jurisdiction, with punitive laws used
to force them to deliver the information they are collecting,' Assange said.
WikiLeaks seems to be in the midst of a major information push regarding Latin
America. Over the weekend, Wikileaks released a variety of documents related to NSA spying
in Brazil on the Rousseff administration." |
"Documents released by WikiLeaks appear to show the US spied on
close aides of German Chancellor Angela Merkel and other officials for years. The leaks
show Merkel's private and professional opinions on a range of issues. The WikiLeaks
report, released on Wednesday, suggests NSA spying on German officials went on far longer
and more widely than previously thought. The website published a new list of German phone
numbers it claims showed the NSA targeted the officials for surveillance. The list of 56
partially redacted phone numbers includes those belonging to staff of the former German
Chancellor Gerhard Schröder as well as his predecessor, Helmut Kohl. Also on the list
were numbers attributed to former diplomat Geza Andreas von Geyr, who now works for the
Ministry of Defense, and Ronald Pofalla, who was the former head of Angela Merkel's
chancellery between 2009 and 2013. WikiLeaks also gave a cell phone number it claimed was
used by the German leader up until 2013. The website
published what it said were three intercepts by the US National Security Agency (NSA) of
conversations involving Merkel. These included discussions such as "Chancellor
Merkel's plans on how to respond to the international financial crisis and the eurozone
bank bailout." An intercept from 2009 details Merkel's criticism that the US Federal
Reserve was "taking risks" concerning the previous year's global financial
crisis. Also disclosed were Merkel's private opinions on US President Barack Obama's
involvement with Iran, from conversations she had with Crown Prince of Abu Dhabi Sheikh
Mohammed bin Zayed al-Nahyan. These latest disclosures come barely a week after WikiLeaks
posted documents from the 1990s revealing contact details of various officials in
Germany's Finance Ministry, as well as staff in the Ministry of Agriculture, European
policy advisers and an official working in the European Central Bank. The leaks display a
special interest in Merkel's handling of the financial crisis in Greece, and her thoughts
on the heads of key financial institutions. The secret-spilling site says both sets of
reports illustrate that "the NSA explicitly targeted, for long-term surveillance, 125
phone numbers for top German officials, and did so for political and economic
reasons." It claimed the lists were updated for
more than a decade after 2002, and a "close study" of it reveals it evolved from
a previous list in the 1990s. By publishing these communications, WikiLeaks is threatening
the already fragile relationship between Germany and the United States, still struggling
to recover from reports two years ago that Chancellor Merkel's own cell phone was tapped. It also led to allegations the German government turned a blind eye to,
and even helped, the
NSA spy on European businesses and officials. Last week the chancellery called
in the US ambassador to Germany to ask for an explanation on the WikiLeaks
disclosures." |
"The judge who oversees the use of surveillance powers had to
deliver a top secret letter to a senior Whitehall security official by hand because his
'antiquated' encryption equipment was unreliable. In his final report after nine years as chief surveillance commissioner, Sir
Christopher Rose complained about long delays in appointing staff, mountains of paperwork
and 'outmoded and increasingly unreliable' computers.
'In the 21st century, with the wide availability of so much advanced technology, I find it
hugely frustrating that this office continues to operate with 20th century equipment which
is inadequate,' he wrote." |
"In 2013, NSA whistleblower Edward Snowden revealed that the
British government had been snooping on citizens on a mass scale. Every email entering and
leaving this supposedly modern, democratic and accountable country was being secretly
intercepted, all in the interest of "national security" – which is totally justified, of course; people planning terror
plots routinely send each other "just spilt some of the liquid explosive on my foot
lol" memos from their unencrypted Hotmail accounts. Over a seven-day period last
July, things got worse. The Data Retention and Investigatory Powers Act – which
demands that communications companies retain their customers' data for up to 12 months
– was rushed into being. If a government department makes a request, they are now
allowed to access the details of any text, call, email, tweet, Instagram post or Facebook
update they like. What this means, of course, is that your inane Twitter ramblings about
Philip Schofield's weirdly smooth face have likely been viewed by a bigger audience than
your 163 followers. But even worse is the huge amount
of money being poured into this process. "The costs of interception are largely met
by the government, who pay service providers money to put in place the technology and
processes to intercept emails," says David Mulcahy, a spokesperson for civil
liberties campaign group Liberty. "We don't
know the amount spent by government on this, but a report revealed that, in practice, it
pays for 80 percent of the capital cost of new interception capabilities and 100 percent
of the ongoing operational costs." The full figures have not been made public, but
the costs of the programme have been estimated at around £11.1 billion – a little more than
the optimistic £1.8 billion estimate back in 2012. "As far as I am aware, there was
no explanation at the time as to how the figure of £1.8 billion was calculated,"
says Mike Jackson, a business professor at Birmingham City University. "Essentially,
this was viewed as the amount internet companies would need to be compensated over 10
years for the additional effort of storing records." The £1.8 billion figure
supposedly took into account data retention by communications companies, training
investigators, strategic work to cope with new and emerging technologies, and
identification of (but not solutions for) the technical and operational challenges of the
surveillance programme. However, it failed to consider the cost of inflation, VAT and
depreciation, as well as the growing volume of data being transmitted and received in the
UK. The government also didn't consult with communications service providers to calculate
its figures, prompting companies like Vodafone, Twitter, Microsoft and Facebook to
question – and then distance themselves – from the estimate. Lord Marks QC, a
Liberal Democrat peer, made his own calculations based on Labour's nixed plans to introduce
national ID cards, and estimated an overrun of £9.3
billion, taking the total cost of the bill up to £11.1 billion – or £500 per
household – over ten years." |
"It is rare for the
Investigatory Powers Tribunal to find against the Security Services. Despite being set up
in 2000 and hearing hundreds of complaints, it upheld one for the first time in February.
So it was highly significant when it found against GCHQ again two weeks ago. The tribunal was considering the complaints of a number of civil
liberties groups and human rights organisations, including Amnesty International. It found that the communications of two of the claimants, the Egyptian
Initiative for Personal Rights and the Legal Resources Centre in South Africa, had
been intercepted by GCHQ and unlawfully retained beyond the permitted period. This was
spun by the government as a procedural infraction against two minor organisations - an
oversight, rather than anything more malicious - and, as such, there was little coverage
or public interest. But the story does not stop there. Late
last Wednesday night, the tribunal sent a short email to correct is original judgement. It
was not the Egyptian Initiative for Personal Rights that had its communications unlawfully
retained. It was Amnesty International. Without this correction, Amnesty would not even
have known its communications were being intercepted, let alone unlawfully retained. ... The government always responds to inquiries in this area with the
standard line that it does no comment on intelligence matters. I have asked several such
questions of the government, and have always received the same response. Indeed, I have
submitted a number recently, asking which statute is used to authorise surveillance in
instances where the courts have confirmed it occurred. There
is a serious problem with the accountability of the security services to parliament if
they won't even state under which statute they are authorised to act. How can we hold them to account, or even attempt to do so, if even this
basic information is withheld? What possible security justification can be proposed to
warrant such evasion? .... How can people expect a
fair trial when privileged communications with their lawyers are intercepted by the
government? How can journalists hold the government to account when the identities of
their confidential sources are stolen from them? And how can organisations such as Liberty
and Amnesty expect people to come to them for help if they known the security services are
listening..... There are situations where privacy,
especially privacy from the government, is vital for the rule of law and functioning of
modern society. Our intelligence agencies' mass surveillance programmes indiscriminately
trample on this privacy..... If the government insists on extending our agencies'
surveillance powers and resurrecting the snooper's charter then first it has questions to
answer. The first is what could possibly be the
security justification for snooping on respected human rights groups?" |
"This last week
something little-noticed happened which could have very worrying consequences for the
future. All local authorities, NHS trusts, schools, universities, further
education colleges, and prisons had a new statutory duty imposed on themto prevent
extremist radicalisation taking place within their ambit. These new duties
will be vastly intrusive. Local authorities will have to make checks on the
use of its public buildings, its internet filters, and on any unregulated settings such as
school clubs and groups and tuition centres. In case there is any backsliding,
government inspectors will check to make sure all necessary actions are taken.
And most sinister of all, the target for all this isn’t just extremist
behaviour (whatever exactly that means), but ‘non-violent extremism’. This embeds a further level of surveillance of the population than
has ever been attempted in the UK in peacetime.
The adverse effects of this mass spying have already been felt under the government’s
so-called Prevent programme which led to children being reported for supporting
Palestinian rights and opposing the British military presence in Afghanistan. ... The new
powers involve banning orders on non-violent individuals and organisations deemed
politically unacceptable, physical restriction orders on non-violent individuals deemed
‘harmful’. ... All this exposes the deeply authoritarian streak in this
government. It follows Theresa May’s repeated efforts on every occasion
to introduce the mass surveillance snooper’s charter the spook are so keen on ( and
already exercising, which is why they’re so anxious to get legal cover to regularise
it)." |
"An investigation by the German parliament is raising questions on
whether the Obama administration not only spied on journalists in that country, but also
interfered in the exercise of the free press under the guise of U.S. national security. On
Thursday, Germany's intelligence coordinator, Günter Heiss, testified before a
parliamentary investigative committee of the German parliament, the Bundestag, focused on
the activities of the U.S. National Security Agency's spying on Germany and whether the
German intelligence agency BND had any knowledge of it. That the NSA was spying on German
officials is not new, though it continues to upset free press advocates and those with
memories of repressive governments both Communist and Nazi. In 2013, the German magazine Der Spiegel, using information gleaned from files
stolen and leaked by Edward Snowden, first reported that the NSA was intercepting German
Chancellor Angela Merkel's cell phone communications. On Thursday, WikiLeaks released more
information, presumably from that surveillance, from a conversation between Merkel and
her personal assistant in October 2011, saying the Chancellor "professed to be at a
loss" between two courses of action to take in the Greek financial crisis. The
WikiLeaks release also suggested that the NSA was spying on German ministers in addition
to Merkel. The U.S. ambassador to Germany, John Emerson, was summoned to meet with the
Chancellery chief of staff, Peter Altmaier, to discuss the news. Less observed this week was news that the NSA was eavesdropping
not only on Merkel, but also in some capacity on Germany's free press, specifically Der
Spiegel. CNN has learned that in early summer 2011,
the CIA station chief in Berlin (also representing the NSA at the U.S. Embassy) met with
Heiss and his assistant Guido Müller. The CIA station chief urged the two men to take
action against Heiss' deputy, Hans-Josef Vorbeck, who he said was leaking classified
information to journalists." |
"Campaign group Amnesty International has called for an independent
inquiry after it was confirmed it was spied on by British surveillance agency GCHQ. It
said it was "outrageous" that human rights bodies were being monitored. It came
after the Investigatory Powers Tribunal (IPT) informed Amnesty that GCHQ had breached
rules by keeping data intercepted from it for too long - although it had been collected
legally. The IPT was
revising an earlier ruling that had failed to name Amnesty. The tribunal had said in
June that GCHQ failed to delete data intercepted from two other rights groups on time. But
it confirmed on Thursday that it was mistaken, and that one of the groups was Amnesty. In a letter to the claimants in the case, IPT
president Sir Michael Burton said: "The Tribunal wishes to apologise for and correct
an error in its Determination of 22 June 2015." The original action was brought by
non-governmental organisations (NGOs) including Liberty, Privacy International, American
Civil Liberties Union, Amnesty and Bytes For All - who accused the intelligence agencies
of intercepting their communications. In most of the cases there was no determination
given - implying the bodies were not spied on, or if they were no rules were breached. But
the IPT ruled that GCHQ had not followed proper internal
procedures in the cases of the Egyptian Initiative for Personal Rights and South
Africa-based The Legal Resources Centre. The tribunal has now made it clear that it was
Amnesty and not the Egyptian organisation that had been spied on. Amnesty secretary
general Salil Shetty said: "It's outrageous that what has been often presented as
being the domain of despotic rulers has been done on British soil, by the British
government. "How can we be expected to carry out our crucial work around the world if
human rights defenders and victims of abuse can now credibly believe their confidential
correspondence with us is likely to end up in the hands of governments? "After
18 months of litigation and all the denials and subterfuge that entailed, we now have
confirmation that we were in fact subjected to UK government mass surveillance. "The
revelation that the UK government has been spying on Amnesty International highlights the
gross inadequacies in the UK's surveillance legislation." He continued: "If they
hadn't stored our communications for longer than they were allowed to, we would never even
have known. What's worse, this would have been considered perfectly lawful." At the
time of the original judgement the government said it welcomed "the IPT's
confirmation that any interception by GCHQ in these cases was undertaken lawfully and
proportionately"." |
"One of the National Security Agency’s most powerful tools of
mass surveillance makes tracking someone’s Internet usage as easy as entering an
email address, and provides no built-in technology to prevent abuse. Today, The
Intercept is publishing 48 top-secret and other classified documents about
XKEYSCORE dated up to 2013, which shed new light on the breadth, depth and
functionality of this critical spy system — one of the largest releases yet of
documents provided by NSA whistleblower Edward Snowden. The NSA’s XKEYSCORE program,
first revealed
by The Guardian, sweeps up countless people’s Internet searches, emails, documents,
usernames and passwords, and other private communications. XKEYSCORE is fed a constant flow of Internet traffic from fiber
optic cables that make up the backbone of the world’s communication network,
among other sources, for processing. As of 2008, the surveillance system boasted
approximately 150 field sites in the United States, Mexico, Brazil, United Kingdom, Spain,
Russia, Nigeria, Somalia, Pakistan, Japan, Australia, as well as many other countries,
consisting of over 700 servers. These servers store 'full-take data' at the collection
sites — meaning that they captured all of the traffic collected — and, as of
2009, stored content for 3 to 5 days and metadata for 30 to 45 days. NSA documents
indicate that tens of billions of records are stored in its database. 'It is a fully
distributed processing and query system that runs on machines around the world,' an NSA
briefing on XKEYSCORE says. 'At field sites, XKEYSCORE can run on multiple computers that
gives it the ability to scale in both processing power and storage.'" |
"The Foreign Intelligence Surveillance Court ruled late Monday that
the National Security Agency may temporarily resume its once-secret program that
systematically collects records of Americans’ domestic phone calls in bulk. But the
American Civil Liberties Union said Tuesday that it would ask the United States Court of
Appeals for the Second Circuit, which had ruled that the surveillance program was illegal,
to issue an injunction to halt the program, setting up a potential conflict between the
two courts. The program lapsed on June 1, when a law
on which it was based, Section 215 of the USA Patriot Act, expired. Congress revived that
provision on June 2 with a bill called the USA Freedom Act, which said the provision could
not be
used for bulk collection after six months. The six-month period was intended to give
intelligence agencies time to move to a new system in which the phone records — which
include information like phone numbers and the duration of calls but not the contents of
conversations — would stay in the hands of phone companies. Under those rules, the
agency would still be able to gain access to the records to analyze links between callers
and suspected terrorists. But, complicating matters, in May the Court of Appeals for the
Second Circuit, in New York, ruled
in a lawsuit brought by the A.C.L.U. that Section 215 of the Patriot Act could not
legitimately be interpreted as permitting bulk collection at all." |
"The U.S. National Security Agency wiretapped the communications of
two successive French finance ministers and collected information on French export
contracts, trade and budget talks, according to a report by WikiLeaks. The transparency website said the ministers targeted were Francois Baroin
and Pierre Moscovici, who between them headed the finance ministry from 2011 to 2014. The
allegations, published jointly with newspaper Liberation and online outlet Mediapart, came
a week after Wikileaks reported that the NSA had spied on three French presidents from at
least 2006 to May 2012, prompting the government to protest to Washington that such
behavior between allies was unacceptable. Wikileaks
said that in one document dating from 2002 and renewed in 2012, the NSA asked intelligence
services from Australia, the United Kingdom, Canada, and New Zealand to collect
information on proposed French export contracts worth more than $200 million in sectors
including telecoms, electricity, nuclear energy, transport, and health. No specific French companies were named in the Wikileaks documents." |
"It's not the cold war
any more. It's much more like the 19th century, in the sense that nation states look out
for themselves....[During the cold war] we [in the United States] didn't spy on allies,
Nato allies ... We're in a situation where we're all [economic] competitors now. We have
no need for unity. There is no threat. We've
manufactured this threat about Mr Putin, but otherwise there's not a real threat." |
"I won't make any specific accusations about France, but there are
several nations on the continent that use their intelligence services to spy on the
granting of contracts internationally to help their own countries' corporations - to help
those corporations bribe others in order to give contracts to their own countries'
companies. If they would stop bribing then we would
stop spying on them." |
"The British and American spy agencies deliberately broke
anti-virus software so that they could read the messages of their citizens, according to
new leaks. Both the NSA and GCHQ have long been said to have deliberately reversed
engineer software so that they could find weaknesses in software and exploit them to read
communications. But new documents show that the
agencies did so to some of the most popular antivirus software, potentially exposing
hundreds of millions of people to dangerous viruses, according to a report from The
Intercept. The agencies reverse engineered Kaspersky antivirus software so that they could
see how it worked and ensure that it didn’t keep them from looking through computers,
according to the report. They also looked through emails that had been sent to the company
flagging up viruses and vulnerabilities, the Intercept reported....GCHQ obtained a warrant for the reverse engineering because it
might otherwise be considered 'unlawful', according to The Intercept, which saw the
details of the request for permission in files leaked by Edward Snowden. The Intercept
says that the warrant is 'legally questionable on several grounds'." |
"British spies build fake websites, impersonate people, and create
'persuasive' YouTube videos to disrupt their targets' activities, according
to documents obtained by The Intercept. JTRIG, or the Joint Threat Research
Intelligence Group, is part of British spy agency GCHQ, and was first revealed publicly in
documents leaked by exiled NSA whistleblower Edward Snowden. A newly published document
dating from 2011, which Business Insider has been unable to independently verify, appears
to shed more light on the secretive group's activities. In one section, the document lists
a number of the tactics that JTRIG staff have employed....These techniques are deployed against a number of law enforcement
targets, including suspects believed to be engaged in 'online credit card fraud and child
exploitation.' It also co-operates with other domestic British law enforcement agencies,
and helps '[provide] evidence for judicial outcomes' and monitoring domestic terrorist
groups. The documents also go into detail about psychological research that could be used
to help promote JTRIG's goals. 'Theories and research in the field of social psychology
may prove particularly useful for informing JTRIG's effects and online HUMINT operations,'
one document says, identifying topics including 'conformity,' 'obedience,' and
'psychological profiling' as 'particularly relevant for social influence.' In short: The
documents — if accurate — demonstrate how the British spy agency uses
sophisticated psychological techniques to try and shape the flow of information online to
achieve its strategic goals." |
"The company behind the open-source blogging
platform Ghost is moving its paid-for service out of the UK because of government
plans to weaken protection for privacy and freedom of expression. Ghost's founder, John
O'Nolan, wrote in a blog post:
'we’ve elected to move the default location for all customer data from the UK to
DigitalOcean’s [Amsterdam] data centre. The Netherlands is ranked #2 in the world for
Freedom of Press, and has a long history of liberal institutions, laws and funds designed
to support and defend independent journalism.'
O'Nolan was particularly worried by the UK government's plans to scrap the Human Rights
Act, which he said enshrines key rights such as 'respect for your private and family life'
and 'freedom of expression.' The Netherlands, by contrast, has 'some of the strongest
privacy laws in the world, with real precedents of hosting companies successfully
rejecting government requests for data without full and legal paperwork,' he writes. This
is by no means the first software company to announce that it will be leaving the UK
because of the government's plans to attack privacy through permanent bulk surveillance of
online activities and weakened crypto." |
"Privacy
campaigners and open source developers are up in arms over the secret installing of Google
software which is capable of listening in on conversations held in front of a computer.
First spotted by open source developers, the Chromium browser – the open source basis
for Google’s Chrome
– began remotely installing audio-snooping code that was capable of listening to
users. It was designed to support Chrome’s new
'OK, Google' hotword detection – which makes the computer respond when you talk to it
– but was installed, and, some users have claimed, it is activated on computers
without their permission. 'Without consent, Google’s code had downloaded a black box
of code that – according to itself – had turned on the microphone and was
actively listening to your room,' said Rick Falkvinge, the Pirate party founder, in a blog
post. 'Which means that your computer had been stealth configured to send what was
being said in your room to somebody else, to a private company in another country, without
your consent or knowledge, an audio transmission triggered by … an unknown and
unverifiable set of conditions.' The feature is installed by default as part of
Google’s Chrome browser. But open source advocates are up in arms about it also being
installed with the open source variant Chromium, because the listening code is considered
to be 'black box', not part of the open source audit process. 'We don’t know and
can’t know what this black box does,' said Falkvinge. Google responded
to complaints via its developer boards. It said: 'While we do download the hotword
module on startup, we do not activate it unless you opt in to hotwording.' However,
reports from developers indicate otherwise." |
"The United States National Security Agency spied on French
presidents Jacques Chirac, Nicolas Sarkozy and Francois Hollande, WikiLeaks said in a
press statement published on Tuesday, citing top secret intelligence reports and technical
documents. The revelations were first reported in French daily Liberation and on news
website Mediapart, which said the NSA spied on the presidents during a period of at least
2006 until May 2012, the month Hollande took over from Sarkozy. WikiLeaks said the
documents derived from directly targeted NSA surveillance of the communications of
Hollande (2012–present), Sarkozy (2007–2012) and Chirac (1995–2007), as
well as French cabinet ministers and the French ambassador to the U.S. According to the
documents, Sarkozy is said to have considered restarting Israeli-Palestinian peace talks
without U.S. involvement and Hollande feared a Greek euro zone exit back in 2012. These
latest revelations regarding spying among allied Western countries come after it emerged
that the NSA had spied on Germany and Germany's own BND intelligence agency had cooperated
with the NSA to spy on officials and companies elsewhere in Europe.... The documents include summaries of conversations between French
government officials on the global financial crisis, the future of the European Union, the
relationship between Hollande's administration and Merkel's government, French efforts to
determine the make-up of the executive staff of the United Nations, and a dispute between
the French and U.S. governments over U.S. spying on France. The documents also contained
the cell phone numbers of numerous officials in the Elysee presidential palace including
the direct cell phone of the president, WikiLeaks said. Last week, WikiLeaks published
more than 60,000 diplomatic cables from Saudi Arabia and said on its website it would
release half a million more in the coming weeks.... Former NSA employee Edward Snowden
created an uproar in Germany after he revealed that Washington had carried out large-scale
electronic espionage in Germany and claimed the NSA had bugged Merkel's phone. 'While the
German disclosures focused on the isolated fact that senior officials were targeted by
U.S. intelligence, WikiLeaks' publication today provides much greater insight into U.S.
spying on its allies,' WikiLeaks said. This includes 'the actual content of intelligence
products deriving from the intercepts, showing how the U.S. spies on the phone calls of
French leaders and ministers for political, economic and diplomatic intelligence'." |
"GCHQ spied on two human rights organisations, it has emerged, and
breached its own internal policies in how it handled the information. The intelligence
agency lawfully monitored communications at the Egyptian Initiative for Personal Rights
(EIPR) and the Legal Resources Centre (LRC) in South Africa, the Investigatory Powers
Tribunal found. But it ruled that the data on the
EIPR was kept beyond the permitted time and GCHQ breached its own procedures on how to
select which communications to monitor in the case of the LRC. The tribunal, which handles
complaints against the spy agencies, ruled the breaches were 'technical' ones and did not
award damages. It also dismissed claims by other civil liberty groups such as Liberty,
Privacy International and Amnesty International as to whether their communications were
unlawfully intercepted." |
"Privacy International and Liberty failed today to convince the
Investigatory Powers Tribunal (IPT) that GCHQ had unlawfully intercepted the
communications of, and snooped on, UK-based human rights groups. The IPT, in its third and
final judgment relating to the spying activities of Blighty spooks, said in its ruling on Monday that 'no determination' had been made in
favour of the UK claimants in the case. However, it found that GCHQ had acted unlawfully
with the handling of communications data it had secretly slurped from two foreign civil
liberties outfits. In the first instance, Blighty's spies used RIPA to 'lawfully and
proportionately' intercept and access the email comms of the Egyptian Initiative for
Personal Rights. The IPT added, however, that GCHQ held onto the information 'for
materially longer than permitted' under UK law's data retention policies. It ruled that
British spies had breached Article 8, under the European Convention on Human Rights. As a
result of that decision, GCHQ has been ordered to destroy any of the comms data that it
had retained for longer than the retention limit." |
"When the Russian security firm Kaspersky Lab disclosed recently
that it had been hacked, it noted that the attackers, believed to be from Israel, had been
in its network since sometime last year. The company also said the attackers seemed intent
on studying its antivirus software to find ways to subvert the software on customer
machines and avoid detection. Now newly published documents released by Edward Snowden
show that the NSA and its British counterpart, GCHQ, were years ahead of Israel and had
engaged in a systematic campaign to target not only Kaspersky software but the software of
other antivirus and security firms as far back as 2008. The documents, published
today by The Intercept, don’t describe actual computer breaches against the
security firms, but instead depict a systematic campaign to reverse-engineer their
software in order to uncover vulnerabilities that could help the spy agencies subvert it.
The British spy agency regarded the Kaspersky software in particular as a hindrance to its
hacking operations and sought a way to neutralize it. 'Personal security products such as
the Russian anti-virus software Kaspersky continue to pose a challenge to GCHQ’s CNE
[Computer Network Exploitation] capability,' reads one of the documents, 'and SRE
[software reverse-engineering] is essential in order to be able to exploit such software
and to prevent detection of our activities.' An NSA
slide describing 'Project CAMBERDADA' lists at least 23 antivirus and security firms that
were in that spy agency’s sights. They include the Finnish antivirus firm F-Secure,
the Slovakian firm Eset, Avast software from the Czech Republic. and Bit-Defender from
Romania. Notably missing from the list are the American anti-virus firms Symantec and
McAfee as well as the UK-based firm Sophos." |
"A Sunday Times article stating that British spies had been
'betrayed' to Russian and Chinese intelligence services as a result of Edward
Snowden’s mass-surveillance revelations to the press is 'utter nonsense,' claims the
whistleblower’s lawyer. Robert Tibbo could not
be more straightforward. 'There was no possibility of interception. Zero,' says the
Canadian lawyer from Montreal who has represented Edward Snowden in Hong Kong since June
of 2013. That was when the former U.S. National Security Agency contractor leaked
classified documents on America’s mass surveillance programs to members of the press.
Mr. Tibbo’s client came under pressure after British sources revealed last weekend
that spies were pulled out of operations because China and Russia have cracked Mr.
Snowden’s files. 'He left this place [Hong Kong]
with no data on him', Mr. Tibbo claimed in a telephone interview from Hong Kong on Monday.
He was one of the only two people, along with solicitor Jonathan Man, who had any
knowledge of Mr. Snowden’s whereabouts in the city at the time. In an interview Mr.
Tibbo was with Mr. Snowden when the whistleblower left Hong Kong for Russia. 'There was no data in a cloud. He passed the data on to the journalists and
that was it. Any actual copy he had with him was destroyed [before he left Hong Kong],
precisely to avoid it from being seized or intercepted. I was a witness to all of that.
'The Sunday Times, a British newspaper owned by media mogul Rupert Murdoch, published a
story last weekend claiming that Britain was forced to 'pull agents out of live operations
in hostile countries' as a result of China and Russia having cracked the 'top secret cache
of files stolen' by Edward Snowden. The article cited only anonymous sources identified as
coming from Downing Street, the Home Office and security services. But there was no such
cache, claims Mr. Tibbo. 'No one has accessed these files from the Chinese or Russian
governments. They’ve never even had access to any of it. Any speculation to the
effect that Mr. Snowden would or may have provided documents to the Chinese or the
Russians is false.' None of the files that he
personally saw referred to the identity of U.S. or U.K. field agents, he added." |
"Britain has pulled out agents from live operations in 'hostile
countries' after Russia and China
cracked top-secret information contained in files leaked by former U.S. National Security
Agency contractor Edward Snowden, the Sunday Times reported....The revelations about the impact of Snowden on intelligence operations
comes days after Britain's terrorism law watchdog said the rules governing the security
services' abilities to spy on the public needed to be overhauled. Conservative lawmaker
and former minister Andrew Mitchell said the timing of the report was 'no accident'." |
"Who needs the movies when life is full of such spectacular
coincidences? On Thursday, David Anderson, the government’s reviewer of terrorism
legislation, condemned
snooping laws as 'undemocratic, unnecessary and – in the long run – intolerable',
and called for a comprehensive new law incorporating judicial warrants – something
for which my organisation, Liberty,
has campaigned for many years. This thoughtful intervention brought new hope to us and
others, for the rebuilding of public trust in surveillance conducted with respect for
privacy, democracy and the law. And it was only possible thanks to Edward
Snowden. Rumblings from No 10 immediately
betrayed they were less than happy with many of Anderson’s recommendations –
particularly his call for judicial oversight. And three days later, the empire strikes
back! An exclusive story in the Sunday Times saying that MI6 'is
believed' to have pulled out spies because Russia and China decoded Snowden’s files.
The NSA whistleblower is now a man with 'blood on his hands' according to one anonymous
'senior Home Office official'. Low on facts, high on assertions, this flimsy but
impeccably timed story gives us a clear idea of where government spin will go in the
coming weeks. It uses scare tactics to steer the debate away from Anderson’s
considered recommendations – and starts setting the stage for the home
secretary’s new investigatory powers bill. In his report, Anderson clearly states no
operational case had yet been made for the snooper’s charter. So it is easy to see
why the government isn’t keen on people paying too close attention to it. But then,
when it comes to responding to criticism, the approach of the Conservative leadership has
been the same for some time: shut down all debate by branding Snowden – or anyone
else who dares question the security agencies – as an enemy of the state and an
apologist for terror." |
"We all know we need to protect our PCs from cyber villains and are
starting to become aware of threats to our smartphones, but our cars? Come on. With the
dawn of connected and autonomous vehicles well and truly upon us, mutterings of potential
concerns have quickly followed. According to security specialist Kaspersky Lab, however,
the threats are very much real, and already here. As drivers and passengers alike hand
over more and more data to their increasingly electronic vehicles, Kaspersky has warned
there are a already number of very serious security concerns which surround the automotive
industry. 'You don’t need autonomous cars to be hacked,' Alexander Moiseev,
Kaspersky’s Managing Director of Europe explained speaking with TrustedReviews. 'The
car is built on the premise that the internal combustion engine is not accessible, which
is not true. The threat to cars is already an issue.' Looking to the reality of car concerns, he added: 'There have been a few
security breaches in the car recently. The problem is that IT security was never involved
into the design of the cars themselves. 'It’s like living in a house with no roof and
being worried about security. You can put bars on the windows, but that won’t help.'
Looking at areas of the car already open to attack, Moiseev highlighted two seemingly
innocuous features found on many modern motors – parking assist and in-car
microphones. 'You have park assist, you press a button and it parks your car. It’s
the ultimate proof of concept,' he explained. 'It is a piece of software that resides on
the head unit, which is connected to different components. It can steer the wheel for you,
it can use the breaks, it can use the throttle, it can lock the doors, and it can use the
sensors. 'I don’t need anything else to drive the car, and this is a piece of
software. 'Is the head unit accessible? Yes, it is. This is accessible, people could
change this software.' Discussing the car’s integrated mics, he added: 'Imagine a
mega VIP who visits rooms which are completely secured. He has tonnes of bodyguards, he is
totally protected and everyone is interested in the data he knows, but then suddenly you
can gain access to the microphone in his car. 'The real problem right now is that nobody
can tell you for sure that those threats are not active.'" |
"As if being ankle deep in muddy
field, surrounded by pretend hippies seemingly re-enacting highlights of the Battle of Waterloo
was bad enough, attendees of the aptly named Download Festival will be subjected to a new
police facial recognition system, and surveillance of their onsite location and
expenditure via the debut of RFID wristbands. The debut surveillance technologies are a
new facial recognition system being rolled out by Leicestershire Police, and Download's
own RFID wristbands, provided by German RFID specialists YouChip. Leicestershire Police
have been trialling NEC Corporation's
NeoFace facial recognition system since April 2014, though only announced the trial in
July of that year, and seem to have been delighted with its results to date. NeoFace has
compared facial images, captured by CCTV/IPTV recordings, with facial images stored in
Leicestershire's local custody database. NEC,
however, advertises its NeoFace suite as able to offer much more in biometrics
surveillance, and while the particular system to be used at Download has not been
revealed, it may also be part of the company's suite. NeoFace Watch is the mobile
surveillance platform from the NeoFace suite, which functions by "integrating face
matching technology with video surveillance input, while checking individuals against
known photographic watch lists, and producing real-time alerts" according to a product brochure.
According to an interview with DC Kevin Walker, published
in Police Oracle on Monday, 'Strategically placed cameras will scan faces at the Download Festival site in
Donington before comparing [them] with a database of custody images from across Europe.'
The Register has been told the database of 'lawfully held European custody photos' is 'a
stand-alone database of legally held custody photographs drawn together with partners in
Europol'. In response to a freedom of information request we filed to Leicestershire
Police in April asking whether NeoFace had, or could, utilise information received from
outside of its custody database — making specific reference to SIS
II — we were told: 'NeoFace has been intentionally limited in scope to ensure
that it only uses images held on our custody database. It is a stand-alone system that
does not link with other national databases such as the PNC.' This is true, The Register
understands, as the real-time facial recognition system is being considered as a 'totally
different project' from the existing facial recognition system that the coppers are using.
We have also learned that the Police Oracle's publication of the interview has caused
significant upset for management at Leicestershire Police, who did not want any advance
publicity of their "new" surveillance project. In addition to police
surveillance, Download Festival will be "the first major UK festival to use RFID
technology for full cashless payment and access control". Download's 'customers' will
be issued with an RFID festival wristband on arrival which will determine what areas of
Donington Park they have access to, and will also function as an electronic payment
system, linked to specifically set-up customer accounts through which 'customers' will
have to pay for food, drinks and merchandise. 'Every
single person on site, including staff, children, RIP and VIP customers will need a dog
tag to get around the festival,' according
to the FAQ section of the site. 'The only way to get around the festival and pay for
stuff is to use this system. It’s not possible to opt out of this.' Download's privacy
policy acknowledges that it will collect your information through the use of the
cashless payment wristbands and will, typically, share that information with other
companies, who will collaborate to establish your interests, purchases and household type
to aid in profiling you for advertising purposes. The
FAQ also asks whether your 'movement[s] can be tracked with RFID technology?' 'No, it
can't' cometh the answer: 'Your dog tag will not be equipped with GPS technology and
therefore it will be impossible to track your movements.' This is quite a cynical response
which relies upon a very specific definition of what constitutes the tracking of
movements. While correctly distinguished from a positioning system, RFID 'control access'
functions allow a database operator to locate the wrist-bound devices by logging its
passage into each access-controlled area. Another
statement in the FAQs says: 'All payments on the website are encrypted and use 3D secure
technology. Each RFID chip is encrypted and unique to you'. This does not mean that the
RFIDs themselves use encryption. The Register understands that this is possible, but will not
be commercially available until 2015 Q3. Talking to
The Register, Raj Samani, chief technology officer at Intel Security, said: 'There is a
risk that RFID tags could be used for the profiling and/or tracking of individuals because
identifiers could be used to re-identify a particular individual. It is important for
consumers to be made aware of the policy, and give their consent for the tags to be made
operational. Without appropriate consent retailers who pass RFID tags to customers without
automatically deactivating or removing them may enable this risk of RFID tags being used
for tracking individuals.'" |
"Fake mobile towers that scoop up data from passing phones are
routinely being used in London, an investigation by Sky News suggests. Working with
German security company GMSK Cryptophone, it claims to have uncovered direct evidence, the
first in the UK, of at least 20 instances of the use of these cell site simulators. These
portable Stingray boxes could be used to track police suspects. The Metropolitan Police Service refused to confirm or deny it was using
them. All the data captured by the investigation has been put
in a Google document. By mimicking a legitimate mobile tower and tricking every phone
in range into connecting to them, the boxes 'catch' the international mobile subscriber
number (IMSI) and electronic serial number (ESN) of each and reveal the exact location of
its user. Met Commissioner Bernard Hogan-Howe told Sky News: 'We're not going to talk
about it, because the only people who benefit are the other side, and I see no reason in
giving away that sort of thing.' Privacy International (PI), which has been campaigning
for more transparency about the use of surveillance equipment, described the Met's stance
as 'laughable'. Advocacy officer Matthew Rice said: 'We
can't be sure that all these are used by law enforcement agencies. They can be used by
criminals, and are easily bought from the internet for about £1,000. " The police
need to explain what they are doing to protect the public from criminals using such
equipment as well as explaining how they use it. Even when used by police, IMSI catchers
are very difficult to use in a targeted manner, meaning when used in urban areas thousands
of people's mobile phones would be swept up in that dragnet...'" |
"In an effort to put an end to the bulk data collection of phone
records and other large datasets from millions of people, campaign group Privacy
International has filed a complaint with a U.K. court. The complaint was filed with the
U.K. Investigatory Powers Tribunal, which deals with claims against U.K. intelligence
agencies, including the country’s Government Communications Headquarters (GCHQ). It
is meant to put an end to bulk data collection that was already banned in the U.S. Last
Tuesday, the U.S. Senate passed
the USA Freedom Actwhich put a stop to the old U.S. National Security Agency’s
(NSA) bulk collection of domestic telephone records, restoring a limited telephone records
program. The U.S. is so much further ahead on the issue than the U.K., the campaign group
said, adding that the bulk collection of data of millions of people who have no ties to
terrorism and are not suspected of any crime is plainly wrong. In the U.K., intelligence agencies also collect bulk
personal datasets, a report by the U.K. Parliament’s Intelligence and Security
Committee showed in March. The Committee considered the bulk collection of data to be
relevant to national security investigations." |
"If you’re one of those people that gets a bit vocal about
politics, you’ll be interested to know that your Facebook, Twitter and personal blog
are about to begin being monitored for references to the Government. Ministers announced yesterday that the Government had awarded a
contract to five companies who will monitor what people tweet, post to Facebook or blog
about the Government and provide updates to Whitehall in real time." |
"Two years ago today,
three journalists and I worked nervously in a Hong Kong hotel room, waiting to see how the
world would react to the revelation that the National Security Agency had been making
records of nearly every phone call in the United States. In the days that followed, those
journalists and others published documents revealing that democratic governments had been
monitoring the private activities of ordinary citizens who had done nothing wrong. Within
days, the United States government responded by bringing charges against me under World
War I-era espionage laws. The journalists were advised by lawyers that they risked arrest
or subpoena if they returned to the United States. Politicians raced to condemn our
efforts as un-American, even treasonous. Privately,
there were moments when I worried that we might have put our privileged lives at risk for
nothing — that the public would react with indifference, or practiced cynicism, to
the revelations. Never have I been so grateful to have been so wrong. Two years on, the
difference is profound. In a single month, the N.S.A.’s invasive call-tracking
program was declared unlawful by the courts and disowned by Congress. After a White
House-appointed oversight board investigation found that this program had not stopped a
single terrorist attack, even the president who once defended its propriety and criticized
its disclosure has now ordered it terminated. This is the power of an informed public.
Ending the mass surveillance of private phone calls under the Patriot Act is a historic
victory for the rights of every citizen, but it is only the latest product of a change in
global awareness. Since 2013, institutions across Europe have ruled similar laws and
operations illegal and imposed new restrictions on future activities. The United Nations
declared mass surveillance an unambiguous violation of human rights. In Latin America, the
efforts of citizens in Brazil led to the Marco Civil, an Internet Bill of Rights.
Recognizing the critical role of informed citizens in correcting the excesses of
government, the Council of Europe called for new laws to protect whistle-blowers. Beyond
the frontiers of law, progress has come even more quickly. Technologists have worked
tirelessly to re-engineer the security of the devices that surround us, along with the
language of the Internet itself. Secret flaws in critical infrastructure that had been
exploited by governments to facilitate mass surveillance have been detected and corrected.
Basic technical safeguards such as encryption — once considered esoteric and
unnecessary — are now enabled by default in the products of pioneering companies like
Apple, ensuring that even if your phone is stolen, your private life remains private. Such structural technological changes can ensure access to basic privacies
beyond borders, insulating ordinary citizens from the arbitrary passage of anti-privacy
laws, such as those now descending upon Russia. Though we have come a long way, the right
to privacy — the foundation of the freedoms enshrined in the United States Bill of
Rights — remains under threat. Some of the world’s most popular online services
have been enlisted as partners in the N.S.A.’s mass surveillance programs, and
technology companies are being pressured by governments around the world to work against
their customers rather than for them. Billions of
cellphone location records are still being intercepted without regard for the guilt or
innocence of those affected. We have learned that our government intentionally weakens the
fundamental security of the Internet with 'back doors' that transform private lives into
open books. Metadata revealing the personal associations and interests of ordinary
Internet users is still being intercepted and monitored on a scale unprecedented in
history: As you read this online, the United States government makes a note.... At the turning of the millennium, few imagined that citizens of
developed democracies would soon be required to defend the concept of an open society
against their own leaders. Yet the balance of power is beginning to shift. We are witnessing the emergence of a post-terror generation, one
that rejects a worldview defined by a singular tragedy. For the first time since the attacks of Sept. 11, 2001, we see the
outline of a politics that turns away from reaction and fear in favor of resilience and
reason. With each court victory, with every change in the law, we demonstrate facts are
more convincing than fear. As a society, we rediscover that the value of a right is not in
what it hides, but in what it protects." |
"Two MPs – the Conservative David Davis and Labour’s
Tom Watson – have joined forces for a combined challenge against emergency
surveillance legislation introduced by the coalition last year. Their high court claim
aims to overturn powers created by the Data Retention and Investigatory Powers Act 2014
(Dripa) which was rushed through parliament last July. Dinah Rose QC, appearing for both
MPs at London’s high court, said: 'The claimants I represent are both distinguished
members of parliament who are not very often to be seen sitting next to each other on the
same front bench.' Both MPs, she said, had a particular need to protect the
confidentiality of their contacts with constituents and other members of the public –
including whistleblowers – who might approach them with sensitive information. Both appreciated the importance of communications data in relation to the
fight against crime and terrorism. However, Rose continued: 'Their concern is that this
legislation doesn’t contain the necessary minimum safeguards to protect against the
risk of arbitrary, disproportionate or abusive retention and use of personal data, and for
that reason it breaches the fundamental right to privacy.' Dripa contains the same flaws
as those identified in an EU directive on data retention that was overturned by the
European court of justice (ECJ) last year in the case of Digital Rights Ireland, she told
Lord Justice Bean and Mr Justice Collins. During Rose’s submission, Collins said that
there were plenty of examples of speedy legislation that had 'frequently led to disastrous
results'. In the legal challenge, which is backed by the human rights organisation
Liberty, the MPs argue that the legislation is incompatible with Article 8 of the European
convention on human rights, the right to respect for private and family life, and Articles
7 and 8 of the EU charter of fundamental rights, respect for private and family life and
protection of personal data. The MPs complain that use of communications data is not
limited to cases involving serious crime, that individual notices of data retention are
kept secret and that no provision is made for those under obligation of professional
secrecy, in particular lawyers and journalists. Nor, they argue, are there adequate
safeguards against communications data leaving the European Union. The prime minister,
David Cameron, and the then deputy prime minister, Nick Clegg, said last year that the
acceleration of Dripa through parliament was necessary because of an emergency created by
a ruling in April last year by the ECJ, which they said would have the effect of denying
police and security services access to vital data about phone and email communications.
They insisted the act would simply maintain existing powers, which required communications
companies to retain data for 12 months for possible investigation, but did not allow
police or security agencies to access the content of calls or emails without a
warrant. According to the Interception of
Communications Commissioner’s Office, the court was told, there were 517,236 notices
and authorisations for communications data issued by public authorities last year plus a
further 55,346 urgent oral authorisations. Each authorisation may cover numerous
individuals. Emma Norton, legal officer for Liberty, said in a statement: 'The executive
dominance of parliament in rushing through this legislation – using a wholly
fabricated ‘emergency’ – made a mockery of parliamentary sovereignty and
the rule of law, and showed a staggering disregard for the entire population’s right
to privacy. 'It is thanks to the Human
Rights Act that we are able to challenge the government’s actions – the same
government which now seeks to axe that very piece of legislation and, by doing so, curb
the British people’s ability to do so in future.'" |
"Apple chief executive Tim Cook has heavily criticised tech
companies which attempt to monetise customer data for advertising purposes, saying such a
trade comes at 'a very high cost'. While Cook did not explicitly identify the companies,
his assertion that some of Silicon Valley's most prominent and successful companies 'have
built their businesses by lulling their customers into complacency about their personal
information' can be read as referring to Facebook and Google, who use
targeted advertising and store vast amounts of user data. Speaking by video link during
EPIC’s Champions of Freedom event in Washington upon being honoured by the research
centre for corporate leadership, Cook said he and his team at Apple firmly
believed customers should not have to compromise between privacy and security. 'We can,
and we must provide both in equal measure,' he said. 'We believe that people have a
fundamental right to privacy. The American people demand it, the constitution demands it,
morality demands it.' 'I’m speaking to you from
Silicon Valley, where some of the most prominent and successful companies have built their
businesses by lulling their customers into complacency about their personal information.
They’re gobbling up everything they can learn about you and trying to monetise it. We
think that’s wrong. And it’s not the kind of company that Apple wants to be.'
Google launched its new Google
Photos product at its annual I/O developers conference last week, which offers
customers unlimited photo storage for free. The app organises images by person, subject,
place or date, using advanced facial and landmark recognition technology. 'We
don’t think you should ever have to trade it for a service you think is free but
actually comes at a very high cost,' Cook continued. 'This is especially true now that
we’re storing data about our health, our finances and our homes on our devices. We
believe the customer should be in control of their own information. You might like these so-called free services, but we don’t
think they’re worth having your email, your search history and now even your family
photos data mined and sold off for god knows what advertising purpose. And we think some
day, customers will see this for what it is.' " |
"A top secret report to the British prime minister has recommended
that a new international treaty be negotiated to force the cooperation of the big US
internet companies in sharing customers’ personal data, the Guardian has learned. Privacy campaigners said the
decision to classify the report, written by the former diplomat Sir Nigel Sheinwald, as
top secret was designed to bury it and its key recommendation for an international treaty
could provide a legal, front-door alternative to the government’s renewed
'snooper’s charter' surveillance proposals. It is believed the former British
ambassador to Washington concluded that such a treaty could overcome US laws that prevent
web giants based there, including Facebook, Google, Twitter, Microsoft and Yahoo, from
sharing their customers’ private data with British police and security services. It would also mean not having to revive the powers, which require British
phone companies to share data from the US giants passing over their networks, from the
2012 communications data bill that would enforce their compliance. Jim Killock of the Open
Rights Group said: 'The Sheinwald report should be published. Any attempt to hide it can
only be interpreted as an attempt to close down debate about whether the snooper’s
charter is really needed. 'A new international treaty is the right approach to
cross-border requests for data by law enforcement agencies. This approach undermines
Theresa May’s claim that there is a need for a new snooper’s charter when there
is a simple, transparent and workable solution.' But the Cabinet Office defended its
decision to keep the report secret. It said Shinewald 'reports on progress to the prime
minister but … is not undertaking a public review'. The
Guardian understands the report has been classified as top secret by the Cabinet Office
because it goes into the detail of each company’s operations. Shinewald was appointed
by Cameron in September 2014 as his special envoy on intelligence and law enforcement data
sharing." |
"David Cameron could have been spied on by the US because they have
already collected his phone records, Edward Snowden claimed. The former CIA contractor
said the US National Security Agency had stored everyone's communication records under its
mass surveillance programmes and the Prime Minister’s would be among them. He said
spy chiefs in America could therefore look at such records anytime their wished. It would
include the 'who, when and where' details such as the time, date of Mr Cameron’s
calls and who he phoned. Mr Snowden’s was
speaking via a live link from Russia to an audience in London two years after he exposed
the tactics of the NSA and GCHQ after stealing tens of thousands of sensitive files and
going on the run.... Asked if the US had spied on Mr Cameron, Mr Snowden referred to a
request by American Congressman Bernie Sanders last year to the Director of the NSA as to
whether it spied on him and his colleagues. He said: 'The Director wrote a very
wordy reply that basically boiled down to ‘yes, of course, because we are
intercepting everyone’s’.' 'So, yes, David Cameron’s is in the database
alongside everyone else and if the NSA director decides he wants to look at it he can.' He
said his leaks had been 'worth it' but repeated again that 21 countries had turned him
down for asylum. He said the UK Government was trying to reform surveillance laws in a
very negative way, adding: 'Rather than preserving civil liberties, they are trying to
limit it'. Surveillance methods being used around the world gave government a window into
'anybody's life at any given time'. He asked: 'Do we really want the Government watching
everybody all the time?'" |
"The first
revelation from the Snowden documents, less than two years ago, exposed systematic
storage and analysis of all Americans’ telephone records by the National Security
Agency and the FBI. As of midnight last night, that programme – launched in secrecy
soon after 9/11 by the then vice-president, Dick Cheney – is
over. Congress refused to sanction the continuation of domestic mass surveillance in
the guise of collecting 'business records'. The clear mood was that substantial
restrictions on NSA surveillance had become inevitable. Outside the US, some proponents of
surveillance have travelled in the opposite direction. France
passed an intrusive new internet surveillance law less than a month ago. Australia has
done the same. Emboldened by the election victory and no longer restrained by principled
Lib Dem concerns, Theresa May now pledges to force
her souped-up investigatory powers bill on the UK. I was asked to start the conference discussions, sitting beside
GCHQ’s new director, Robert Hannigan But despite the machismo of political discourse,
and what intelligence chiefs have publicly professed about 'capability gaps', it appears
that in private many lessons from Snowden have been understood. Two weeks ago at Ditchley
Park, a thinktank and conference centre near Oxford, a remarkable follow-up to the
revelations took place when Sir John
Scarlett, the former chief of SIS – the Secret Intelligence Service, or MI6 –
presided as 40-plus participants from around the world spent three days intensively reviewing
changed approaches to intelligence, security and privacy. I was asked to
start the conference discussions, sitting beside GCHQ’s
new director, Robert Hannigan. In attendance was a veritable band of Big Brothers
– current and former CIA, GCHQ and SIS chiefs, current and former European spy
bosses, counter-terrorism commanders. From the private sector, there
were Google, Apple and Vodafone policy staff, alongside European legal experts.
Although Hannigan attended only the first discussion, another senior GCHQ director stayed
to the second day. Discussions followed the Chatham
House rule, freeing officials to offer personal opinions, with other participants
undertaking not to say who said what. Following Hannigan, I emphasised transparency,
accountability, disclosure (including post hoc disclosure to surveillance subjects), and
legal sanctions for breaches as means to deal properly with competing human rights. No one present argued against calls for greater openness.
That’s a first: coming 40 years after a time when it was in effect
a crime in Britain even to mention the existence of GCHQ, and programmes on the
subject were banned. Nor was trust a given. 'There must be oversight – do not assume
agencies will follow the rules,' one discussion concluded. Perhaps to many participants’ surprise, there was general agreement
across broad divides of opinion that Snowden – love him or hate him – had
changed the landscape; and that change towards transparency, or at least 'translucency',
and providing more information about intelligence activities affecting privacy, was both
overdue and necessary. 'We should have seen it coming in the first place, and put more
information in the public domain first,' was another observation. I did not hear the
phrase 'capability gap' mentioned. That sort of rhetoric seemed to be reserved for the
political arena. Away from the populist headlines, I
heard some unexpected comments from senior intelligence voices, including that 'cold winds
of transparency' were here to stay. An event like this would have been inconceivable
without Snowden. One of the stipulations made by the intelligence officials and regulators
alike was that there should be 'no secret laws' unavailable to the public. Sir David Omand, the former GCHQ
director and Home Office permanent secretary, has written that 'investigative
activity should be regulated by ‘black letter law’'. Another suggestion made
by Omand (who attended the Ditchley conference) that 'not everything that technically can
be done should be done' was not disputed at the event. Other points of agreement were that
agencies needed strong external controls, including supervision of internal ethical
controls. Oversight should not govern just what was collected, but needed to expand to
include the 'combination of data' (such as massive metadata analysis), 'information
sharing', and the 'use of intelligence collected'.
Internet companies should not have to face 'ad hoc approaches and conflicts of law'.
Agencies were asked to use the front door in making requests for law enforcement data, and
not (as hitherto) steal it from internal networks by hacking or by intercepting data
flows. A different senior speaker reflected that Snowden’s actions were an
inevitable, and perhaps necessary, counterbalance to excesses of intelligence collection
after 9/11, while also considering his disclosures 'hugely damaging'." |
"Police forces are asking permission to snoop into Britons' phone
records, text messages and emails every two minutes. The
astonishing extent to which officers are spying on people's mobiles and computers using
the Regulation of Investigatory Powers Act (Ripa) is laid bare today in a new report.
Under the legislation, supposedly brought in to fight terrorism, police can access a range
of communications data, including records of who someone called or texted, or any web
searches they carried out, as long as they do not access the content. But the report by
the civil liberties group Big Brother Watch has found a significant increase in intrusive
surveillance. Between 2012 and 2014, police forces requested access to communications data
stored by mobile phone operators and internet firms 733,237 times – the equivalent of
28 requests an hour, or one every 128 seconds. Some 96 per cent of requests were approved
– mostly by a senior officer in the same force. It means that typically, just one in
every 25 requests for data is rejected. The report also highlighted huge disparities
between how much different forces tap into personal information. The Metropolitan Police
made the most requests for phone and computer records over the three-year period –
177,287 – and had 18 per cent refused. West Midlands Police came second with 99,444,
but had only 1.3 per cent turned down. Requests soared by 12 per cent from 219,487 in 2012
to 246,329 last year. Critics say this undermines Home Office claims that police access to
communications data is falling. Big Brother Watch
wants all Ripa requests to be approved by a judge, rather than a senior officer in the
force carrying out the checks. It said the findings were worrying at a time when the
police and security services are to be given the right to spy on encrypted websites and
social media such as WhatsApp." |
"The legal authority for US spy agencies to bulk collect Americans'
phone data has expired, after the Senate failed to reach a deal. Republican presidential hopeful Rand Paul blocked a Patriot Act extension
and it lapsed at midnight (04:00 GMT). However, the Senate did vote to advance the White
House-backed Freedom Act so a new form of data collection is likely to be approved in the
coming days. The Freedom Act imposes more controls, after revelations by Edward Snowden. The
former National Security Agency (NSA) contractor first exposed the extent of the data
collection in 2013. The White House described the expiry of the deadline as an
'irresponsible lapse' by the Senate.... The failure to reach a deal means that security
services have temporarily lost the right to bulk collect Americans' phone records, to
monitor 'lone wolf' terror suspects and to carry out 'roving wiretaps' of suspects. The
government can still continue to collect information related to any foreign intelligence
investigations. Analysts also said there could be workarounds to allow continued data
collection in some cases. Authorities could try to argue that older legal provisions -
so-called grandfather clauses - still apply. A Senate
vote on the Freedom Act can come no earlier than 01:00 local time on Tuesday. The NSA, which runs the majority of surveillance programmes, stopped
collecting the affected data at 19:59 GMT on Sunday. The failure to reach any agreement in
the rare Sunday sitting of the Senate was the result of the actions of Rand
Paul. A libertarian, Mr Paul led a filibuster - using extended
debates to delay or block the passing of legislation - to stop the quick passage of
the Freedom Act, arguing that data collection is illegal and unconstitutional. He also
blocked an extension of the Patriot Act. On Sunday he said: 'This is what we fought the
revolution over, are we going to so blithely give up our freedom?'" |
"Tim Berners-Lee, the inventor of the world wide web, has urged
Britons to fight the government’s plans to
extend the country’s surveillance powers, and act as a worldwide leader for
promoting good governance on the web. Berners-Lee said Britain had 'lost the moral
leadership' on privacy and surveillance, following the revelations of the former National
Security Agency contractor, Edward
Snowden. Speaking before the Web We Want
Festival in London’s Southbank Centre, which starts on Saturday, Berners-Lee
expressed concern about the UK government’s decision to reintroduce a beefed-up
version of the 'snooper’s charter'. In an unexpected move announced in the
Queen’s Speech earlier this week, the government is to introduce an investigatory
powers bill far more wide-ranging than expected. The legislation will include not only the
expected snooper’s charter, enabling the tracking of everyone’s web and social
media use, but also moves to strengthen the security services’ warranted powers for
the bulk interception of the content of communications. 'The discussion [in the
Queen’s Speech] of increased monitoring powers is something which is a red flag
… this discussion is a global one, it’s a big one, it’s something that
people are very engaged with, they think it’s very important, and they’re right,
because it is very important for democracy, and it’s very important for business. 'So
this sort of debate is something that should be allowed to happen around legislation.
It’s really important that legislation is left out for a seriously long comment
period,' and not simply rushed through into law.... On the 800th anniversary of the
signing of Magna Carta, Berners-Lee and the Web We Want festival have convened to produce
a Magna Carta for the 21st century. But while the document is intended to inspire change
globally, Berners-Lee bemoaned the loss of Britain’s 'moral high ground', following
the Edward Snowden revelations in 2013. 'It has lost a lot of that moral high ground, when
people saw that GCHQ was doing things that even the Americans weren’t,' Berners-Lee
said. 'So now I think, if Britain is going to establish a leadership situation, it’s
going to need to say: ‘We have solid rules of privacy, which you as an individual can
be assured of, and that you as a company can be assured of.’' That way, he said, 'if
you want to start a company in Britain, then you can offer privacy to your users, because
you’ll know that our police force won’t be demanding the contents of your discs
willy-nilly, they’ll only be doing so under a very well defined and fairly extreme
set of circumstances.' He accepts it was an uphill battle to get people in Britain to
care, however. 'This is a wild generalisation, but traditionally, people in the US are
brought up in kindergarten to learn to distrust the government. That’s what the
constitution’s for. Whereas people in the UK are brought up more to trust the
government by default, and distrust corporations. People in America tend not to have a
natural distrust of large corporations. 'So that seems to be where people are coming from.
In the light of that, it’s not so surprising that UK folks tended to feel more
comfortable with government surveillance - but they also feel less comfortable with
surveillance by corporations.'" |
"More than 10,000 websites blocked users from computers in Congress
on Friday, in a demonstration against any possible re-authorization of NSA surveillance powers. 'This is a blackout,' read the site
to which computers from congressional IP addresses were redirected. 'We are blocking your
access until you end mass surveillance laws.' 'Right now the code affects only visitors
from Congress, we’re willing to keep it up,' said Holmes Wilson, a co-founder of
Fight for the Future, the group which wrote the code and is leading the online protest.
The redirect site also includes semi-nude, sometimes explicit photos submitted by people,
under the heading: 'NSA spying makes me feel naked.' 'We’ll keep blocking sites until
either the USA Freedom Act is either dramatically improved or dead, or until the Patriot
Act provisions have sunset,' Wilson said, referring to the debate in Congress over whether
to let some of the NSA’s full surveillance powers expire on 1 June or to pass a bill,
called the USA Freedom Act, that eliminates or changes some of those powers. Wilson said
the group does not support the USA Freedom Act in its current incarnation, and wants
Section 215 of the Patriot Act, which the NSA and FBI use to collect
massive amounts of Americans’ data, to expire. 'The NSA considers the USA Freedom
Act completely benign and it will not change their operations in the slightest,' Wilson
said, adding that passing the reform-minded act would 'throw away' the
recent decision by a federal appeals court that bulk collection under Section 215 is
illegal. 'USA Freedom would change the way that program is done but would effectively wipe
out the court’s determination,' he said. Many privacy and civil liberties activists,
including Republican senator Rand Paul, argue that the USA Freedom Act has been 'looted by
surveillance hawks', as Wilson put it. The bill represents the
first legislative reforms of US surveillance law in more than a decade, but critics
say it does not go nearly far enough." |
"As member of congress struggle to agree on which surveillance
programs to re-authorize before the Patriot Act expires, they might consider the unusual
advice of an intelligence analyst at the National Security Agency who warned about the
danger of collecting too much data. Imagine, the analyst wrote in a leaked document, that
you are standing in a shopping aisle trying to decide between jam, jelly or fruit spread,
which size, sugar-free or not, generic or Smucker’s. It can be paralyzing.'We in the
agency are at risk of a similar, collective paralysis in the face of a dizzying array of
choices every single day,' the analyst wrote in 2011.
'’Analysis paralysis’ isn’t only a cute rhyme. It’s the term for what
happens when you spend so much time analyzing a situation that you ultimately stymie any
outcome …. It’s what happens in SIGINT [signals intelligence] when we have
access to endless possibilities, but we struggle to prioritize, narrow, and exploit the
best ones.' The document is one of about a dozen in which NSA intelligence experts express
concerns usually heard from the agency’s critics: that the U.S. government’s
'collect it all' strategy can undermine the effort to fight terrorism. The documents,
provided to The Intercept by NSA whistleblower Edward Snowden, appear to contradict years
of statements from senior officials who have claimed that pervasive surveillance of global
communications helps the government identify terrorists before they strike or quickly find
them after an attack." |
"Security officials are to be given sweeping surveillance powers,
including the right to spy on social media and encrypted websites. Ministers say the extra
weapons for MI5, MI6, GCHQ and the police will help repair the damage caused by US traitor
Edward Snowden. The proposals, which will also force technology firms to record every
internet visit, text message and phone call for up to 12 months, are far broader than
expected. Dubbed a ‘turbo-charged snoopers’ charter’, the measures will
enrage privacy campaigners, who defeated a far weaker scheme. Some backbench Tory MPs could revolt. Central to the debate will be
official access to encrypted apps and other internet services that allow users to swap
messages on social media in secret.... Lib Dem Nick Clegg said his party’s
determination to fight the proposals was ‘clearer than ever’. He dubbed them a
‘turbo-charged snoopers’ charter’. Nicholas Lansman, of the Internet
Services Providers’ Association, said the Government must ‘properly balance
security, privacy, costs to industry, technical feasibility and the need to maintain the
UK’s reputation as a leading place to do business online’. Jim Killock, of the
Open Rights Group, said: ‘We should expect attacks on encryption, which protects all
our security.’" |
"The ability to track subway riders represents a significant
cybersecurity threat to the tens of millions of people who use public transportation every
day. There are more than 5.5 million daily New York
City subway passengers, and over half of those people are carrying smartphones, thus
exposing themselves to tracking. 'If an attacker can trace a smartphone user for a few
days, he may be able to infer the user’s daily schedule and living/working areas and
thus seriously threaten her physical safety,' wrote Jingyu Hua, Zhenyu Shen, and Sheng
Zhong of Nanjing University, one of China’s oldest universities. 'Another interesting
example is that if the attacker finds Alice and Bob often visit the same stations at
similar non-working times, he may infer that Bob is dating Alice." Smartphones have
long been considered God’s gift to spies. They offer myriad tracking tools, from the
browser to the GPS sensor, and they stay with their owners almost all day, every day. The
new research, which has not yet been peer reviewed, shows hackers can track people without
either cell service or GPS, both of which are heavily protected from attackers and often
don't work underground anyway. By contrast, motion sensors, like the accelerometer that
enables screen rotation, are much more vulnerable and can give everything away. Every
subway in the world has a unique fingerprint, the researchers said, and every time a train
runs between two stations, that fingerprint can be read in the accelerometer, potentially
giving attackers access to crucial information. 'The cause is that metro trains run on
tracks, making their motion patterns distinguishable from cars or buses running on
ordinary roads,' the researchers wrote. 'Moreover, due to the fact that there are no two
pairs of neighboring stations whose connecting tracks are exactly the same in the real
world, the motion patterns of the train within different intervals are distinguishable as
well.' To make this attack a reality, the researchers propose a new attack that learns
each subway’s fingerprint and then installs malware on a target’s phone that
steals accelerometer readings. The trio of researchers performed experiments in China by
tracking volunteers carrying smartphones through subways in Nanjing. Tracking accuracy
reached 70 to 92 percent. The attack is "more effective and powerful than using GPS
or cellular network to trace metro passengers," the researchers assert.
Accelerometers simply aren't protected the way GPS and cell networks are. An accelerometer
can be accessed, run, and read without the user knowing, whereas smartphones display
indicators when either GPS or cell service is being used. There are several defenses
against this hack, the most interesting one being power-consumption scrutiny. To track
someone using this method, a hacker would have to continuously access the phone's
accelerometer, draining significant power no matter how well the malware was concealed. If
you monitor your phone's power consumption, you should notice when an app is using too
much of the battery—possibly for nefarious reasons." |
"Keith Harding, former
membership secretary of the Paedophile Information Exchange (Pie) was made Worshipful
Master of the Mercurius Lodge in Cheltenham, Gloucestershire, in 2011. The child molester,
who died last summer, presided over ceremonies and rituals from an ornate throne. Harding
was convicted of an indecent assault against four children aged eight and nine in 1958 and
classified a Schedule-1 offender, which meant the offence remained on his criminal record
all his life. His name was also on a list of about 400 Pie members seized by police in
1984, the year the organisation disbanded. The Sunday Express revealed earlier this month
how Harding met MPs Cyril Smith and Leon Brittan in the 1980s when he ran a north London
antiques store. Thirty-five years ago he appeared alongside paedophile television
presenter Jimmy Savile in a Christmas special of Jim’ll Fix It. The lodge boasts of
its Government Communications Headquarters heritage on its website. A source close to
Harding revealed: 'The Mercurius Lodge is known as
the Spies Lodge because it was set up by GCHQ and over the years many intelligence
officers have become members. 'These are people
trained to find out sensitive information and yet none of them had any idea of
Keith’s background and past convictions. 'They even voted him the highest honour by
making him Worshipful Master. 'Keith felt the Freemasons were somewhere he finally
belonged, he called them his 'brotherhood'. 'When he died last year, they arranged his
funeral and made sure the ceremony started at midday because the time apparently has
significance within Masonic ritual.' Spies displaced from London and Bletchley Park in
Buckinghamshire, where the German wartime Enigma code was cracked, set up the Mercurius
Lodge in 1957." |
"Canada and its spying partners exploited weaknesses in one of the
world's most popular mobile browsers and planned to hack into smartphones via links to
Google and Samsung app stores, a top secret document obtained by CBC News shows.
Electronic intelligence agencies began targeting UC Browser — a massively
popular app in China and India with growing use in North America — in late
2011 after discovering it leaked revealing details about its half-billion users. Their goal, in tapping into UC Browser and also looking for larger
app store vulnerabilities, was to collect data on suspected terrorists and other
intelligence targets — and, in some cases, implant spyware on
targeted smartphones. The 2012 document shows that the surveillance agencies
exploited the weaknesses in certain mobile apps in pursuit of their national security
interests, but it appears they didn't alert the companies or the public to
these weaknesses. That potentially put millions of users in danger of their data
being accessed by other governments' agencies, hackers or criminals. 'All of this is being done in the name of providing safety and yet …
Canadians or people around the world are put at risk,' says the University of Ottawa's Michael Geist, one of Canada's foremost
experts on internet law. CBC News analysed the top secret document in
collaboration with U.S. news site The
Intercept, a website that is devoted in part to reporting on
the classified documents leaked by U.S. whistleblower Edward Snowden." |
"The National Security Agency and its closest allies planned to
hijack data links to Google and Samsung app stores to infect smartphones with spyware, a
top-secret document reveals. The surveillance project was launched by a joint electronic
eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies
from each of the countries in the 'Five Eyes' alliance — the United States, Canada,
the United Kingdom, New Zealand and Australia. The top-secret document, obtained from NSA
whistleblower Edward Snowden, was published
Wednesday by CBC News in collaboration with The Intercept. The document
outlines a series of tactics that the NSA and its counterparts in the Five Eyes were
working on during workshops held in Australia and Canada between November 2011 and
February 2012. The main purpose of the workshops was to find new ways to exploit
smartphone technology for surveillance. The agencies
used the Internet
spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables
and then to track down smartphone connections to app marketplace servers operated by
Samsung and Google. (Google declined to comment for this story. Samsung said it would not
be commenting 'at this time.') As part of a pilot project codenamed IRRITANT HORN, the
agencies were developing a method to hack and hijack phone users’ connections to app
stores so that they would be able to send malicious 'implants' to targeted devices. The
implants could then be used to collect data from the phones without their users noticing.
Previous disclosures
from the Snowden files have shown agencies in the Five Eyes alliance designed spyware for
iPhones and Android smartphones, enabling them to infect targeted phones and grab emails,
texts, web history, call records, videos, photos and other files stored on them. But
methods used by the agencies to get the spyware onto phones in the first place have
remained unclear." |
"Senate majority leader
Mitch McConnell said on Sunday that legislation concerning the federal
government’s powers of surveillance that was passed by the House of
Representatives this week could cause the country to 'go dark' when it comes to
collecting Americans’ phone records. McConnell said that if such a state of affairs
came about, 'we’ll not be able to have yet another tool that we need to combat this
terrorist threat from overseas'. The USA Freedom Act,
which would end the bulk collection of phone records by the National Security Agency
– as revealed in the Guardian in 2013 through the whistleblower Edward Snowden
– passed
the House this week by a wide margin. It is now headed for the Senate. Earlier this month, such mass phone surveillance was ruled
illegal by the US court of appeals. Under the USA Freedom Act, intelligence
officials would only be able to search data held by telephone companies on a case-by-case
basis. McConnell opposes that, instead seeking an extension of section 215 of the Patriot
Act, under which the bulk collection of phone records has taken place, for a few
months, while legislators took a closer look at the House plan... If Congress does not act
by 1 June, authority to collect the phone records will expire, along with two other
intelligence-related provisions." |
"The UK government has quietly passed new legislation that
exempts GCHQ, police, and other intelligence officers from prosecution for hacking into
computers and mobile phones. While major or
controversial legislative changes usually go through normal parliamentary process (i.e.
democratic debate) before being passed into law, in this case an amendment to the Computer
Misuse Act was snuck in under the radar as secondary
legislation. According to Privacy
International, "It appears no regulators, commissioners responsible for
overseeing the intelligence agencies, the Information Commissioner's Office, industry,
NGOs or the public were notified or consulted about the proposed legislative
changes... There was no public debate." Privacy International also
suggests that the change to the law was in direct response to a complaint that it
filed last year. In May 2014, Privacy International and seven communications providers
filed a complaint with the UK Investigatory Powers Tribunal (IPT), asserting that GCHQ's
hacking activities were unlawful under the Computer Misuse Act. On June 6, just a few
weeks after the complaint was filed, the UK government introduced the new legislation via the Serious
Crime Bill that would allow GCHQ, intelligence officers, and the police to hack
without criminal liability. The bill passed into law on March 3 this year, and became
effective on May 3. Privacy International says there was no public debate before the law
was enacted, with only a rather one-sided set of stakeholders being consulted
(Ministry of Justice, Crown Prosecution Service, Scotland Office, Northern Ireland Office,
GCHQ, police, and National Crime Agency)." |
"The British government quietly changed anti-hacking laws to exempt
GCHQ and other law enforcement agencies from criminal prosecution, it has been claimed.
Details of the change were revealed at the Investigatory Powers Tribunal which is hearing
a challenge to the legality of computer hacking by UK law enforcement and intelligence
agencies. The Government amended the Computer Misuse
Act (CMA) two months ago. It used a little-noticed addition to the Serious Crime Bill
going through parliament to provide protection for the intelligence services. The change
was introduced just weeks after the Government faced a legal challenge that GCHQ’s
computer hacking to gather intelligence was unlawful under the CMA. The challenge, by the
charity Privacy International and seven internet service providers, claims GCHQ’s
actions were unlawful and called for the techniques to be stopped. It followed revelations
by Edward Snowden, the US intelligence whistle-blower, that US and UK agencies were
carrying out mass surveillance operations of internet traffic. He claimed that GCHQ and
its US counterpart – the National Security Agency – had the ability to infect
potentially millions of computer and mobile handsets with malware which enabled them to
gather up immense amounts of digital content, switch on microphones or cameras on
user’s computers, listen to phone calls and track their locations.Eric King, the
deputy director of Privacy International, said: 'The underhand and undemocratic manner in
which the Government is seeking to make lawful GCHQ’s hacking operations is
disgraceful. 'Hacking is one of the most intrusive surveillance capabilities available to
any intelligence agency, and its use and safeguards surrounding it should be the subject
of proper debate. Instead, the Government is continuing to neither confirm nor deny the
existence of a capability it is clear they have, while changing the law under the
radar.'Government sources insisted the amendment did not change the law as the
intelligence agencies had powers under the Intelligence Services Act. Parliamentary
guidance notes explaining the amendment described its purpose was to 'remove any ambiguity
over the interaction between the lawful exercise of powers … and the offence
provisions.'Privacy International insisted that the notes accompanying the changes to the
Serious Crime Bill did not explain its full impact, and that no regulators, commissioners,
industry or members of the public were consulted before it came into law. The legislation
came into effect on 3 May. The charity said it wasn’t the first time the Government
has changed the law. In February, a code of practice for GCHQ which gives 'spy agencies
sweeping powers to hack targets, including those who are not a threat to national security
nor suspected of any crime', was released, a charity spokesman claimed. The Home Office
rejected the activists' claims. A spokesperson said: "There have been no changes made
to the Computer Misuse Act 1990 by the Serious Crime Act 2015 that increase or expand the
ability of the intelligence agencies to carry out lawful cyber crime investigation." |
"Marios
Savvides, a Carnegie Mellon engineering professor, says he’s invented .... a
long-range iris scanner that can identify someone as they glance at their rear-view
mirror.... 'There’s no X-marks-the-spot.
There’s no place you have to stand. Anywhere between six and 12 meters, it will find
you, it will zoom in and capture both irises and full face,' he said. Carnegie Mellon
describes a whole host of functions for the scanner beyond just police use. It could
replace government IDs at the airport and elsewhere. Like other types of biometrics, it
could replace a laptop’s login system. As a sector, biometrics are undoubtedly
important. Many security experts believe that passwords—and the security regime that
accompanies them—are fundamentally broken. Savvides, for his part, sees biometrics as
one more method of human-computer interaction. ... Yet there’s something threatening
about long-range iris scanning. Identification to a degree comparable to finger prints, at
a distance, is not something our social habits and political institutions are wired
for.... It’s just not hard at all to imagine
sinister applications of this technology. If Savvides’s invention works as well as he
says it does, governments could scan the face of everyone walking on a city block. It
could algorithmically identify a disguised political activist walking down a city street,
driving a car, or passing through airport security." |
"Last week a federal appeals court said
police do not need a warrant to look at cellphone records that reveal everywhere you've
been. Two days later, another appeals court said
the National Security Agency (NSA) is breaking the law by indiscriminately collecting
telephone records that show whom you call, when you call them, and how long you talk. On the face of it, that's one victory for government snooping and
one defeat. But both decisions highlight the precariousness of privacy in an age when we
routinely store huge amounts of sensitive information outside our homes. The Fourth
Amendment prohibits "unreasonable searches and seizures" of our "persons,
houses, papers, and effects." But according to the Supreme Court, the Fourth
Amendment does not protect our papers once we entrust them to someone else. In a 1976 case
involving bank records, the Court declared
that "the Fourth Amendment does not prohibit the obtaining of information revealed to
a third party and conveyed by him to Government authorities, even if the information is
revealed on the assumption that it will be used only for a limited purpose and the
confidence placed in the third party will not be betrayed." Three years later, in a
case involving phone records, the Court reiterated
that "a person has no legitimate expectation of privacy in information he voluntarily
turns over to third parties." This dubious "third-party doctrine,"
enunciated before the Internet existed and mobile phones became ubiquitous, was crucial to
the outcome of a case decided by the U.S. Court of Appeals for the 11th Circuit last week.
The court said
an armed robber named Quartavius Davis had no constitutional grounds to object when the
FBI linked him to several crime scenes with cellphone location data that it obtained
without a probable-cause warrant. The court's logic was straightforward: Those records did
not belong to Davis; they belonged to MetroPCS, his mobile phone company. So even though
they revealed everywhere he went over the course of 67 days, he had no reasonable
expectation that the information would remain private. Dissenting Judge Beverly Martin
noted that the majority's reasoning invites even bigger intrusions. "Under a plain
reading of the majority's rule," she said, "by allowing a third-party company
access to our e-mail accounts, the websites we visit, and our search-engine
history—all for legitimate business purposes—we give up any privacy interest in
that information." That means the government can find out what we watch on YouTube,
what we look up on Wikipedia, what we buy on Amazon, and whom we "friend" on
Facebook or date via Match.com—"all without a warrant." In fact, Martin
noted, "the government could ask 'cloud'-based file-sharing services like Dropbox or
Apple's iCloud for all the files we relinquish to their servers."" |
"The debate over the NSA’s bulk collection of phone records
has reached a critical point after a federal appeals court last week ruled
the practice illegal, dramatically raising the stakes for pending Congressional
legislation that would fully or partially reinstate the program. An army of pundits promptly took to television screens, with many of them
brushing off concerns about the surveillance. The talking heads have been backstopping the
NSA’s mass surveillance more or less continuously since it was revealed. They spoke
out to support the agency when NSA contractor Edward Snowden released details of its
programs in 2013, and they’ve kept up their advocacy ever since — on television
news shows, newspaper op-ed pages, online and at Congressional hearings. But it’s
often unclear just how financially cozy these pundits are with the surveillance state they
defend, since they’re typically identified with titles that give no clues about their
conflicts of interest. Such conflicts have become particularly important, and worth
pointing out, now that the debate about NSA surveillance has shifted from simple outrage
to politically prominent legislative debates." |
"Theresa May, who retains her position as Home Secretary after last
week's general election, has indicated that bringing
back the 'Snooper's Charter' is a priority for the UK's new Conservative government. According to the Guardian, she told the BBC: 'David Cameron has already
said, and I’ve said, that a Conservative government would be giving the security
agencies and law enforcement agencies the powers that they need to ensure they’re
keeping up to date as people communicate with communications data.' May made clear that it
was only because of a veto by the Liberal Democrats in the previous coalition government
that the Draft
Communications Data Bill (aka the Snooper's Charter) was dropped when it was
first presented. She added: 'we are determined to bring that [legislation] through,
because we believe that is necessary to maintain the capabilities for our law enforcement
agencies such that they can continue to do the excellent job, day in and day out, of
keeping us safe and secure.' In its manifesto,
the Conservative party wrote: 'we continue to reject any suggestions of sweeping,
authoritarian measures that would threaten our hard-won freedoms.' It also attempted to
distinguish between metadata and content retention: 'We will keep up to date the ability
of the police and security services to access communications data—the ‘who,
where, when and how’ of a communication, but not its content." However, speaking
from Russia at a conference in Australia on Friday evening, the whistleblower Edward
Snowden warned against accepting this distinction: 'The
impacts of metadata can’t be overstated, they are collecting data on everyone
regardless of wrongdoing. When you have metadata, it’s a proxy for content, so when
politicians split hairs about metadata you should be very sceptical.' He went on to say that adopting these data retention laws was a 'radical
departure from the operation of traditional liberal societies around the world,' and
pointed out that mass surveillance had not stopped the Sydney siege, the Boston marathon
bombings, or the attack on the Charlie Hebdo magazine in France." |
"The Conservatives are already planning to introduce the huge
surveillance powers known as the Snoopers’ Charter, hoping that the removal from
government of the Liberal Democrats that previously blocked the controversial law will
allow it to go through. The law, officially known as
the Draft Communications Data Bill, is already back on the agenda according to Theresa
May. It is expected to force British internet service providers to keep huge amounts of
data on their customers, and to make that information available to the government and
security services. The snoopers’ charter received huge criticism from computing
experts and civil liberties campaigners in the wake of introduction. It was set to come
into law in 2014, but Nick Clegg withdrew his support for the bill and it was blocked by
the Liberal Democrats. Theresa May, who led the legislation as home secretary, said
shortly after the Conservatives' election victory became clear that she will seek to
re-introduce it to government. With the re-election of May and the likely majority of her
party, the bill is likely to find success if the new government tries again. David Cameron
has suggested that his party could introduce even more wide-ranging powers if he was
re-elected to government. Speaking
in January, he said that there should be no form of communication that the government was
unable to read — likely causing chaos among the many internet services that rely on
encryption to keep users’ data safe." |
"The US court of appeals has ruled that the bulk collection of
telephone metadata is unlawful, in a landmark decision that clears the way for a full
legal challenge against the National Security Agency.
A panel of three federal judges for the second circuit overturned
an earlier ruling that the controversial surveillance practice first revealed to the
US public by NSA whistleblower Edward Snowden in 2013 could not be subject to judicial
review." |
"Most people realize that emails and other digital communications
they once considered private can now become part of their permanent record. But even as
they increasingly use apps that understand what they say, most people don’t realize
that the words they speak are not so private anymore, either. Top-secret documents from
the archive of former NSA contractor Edward Snowden show the National Security Agency can
now automatically recognize the content within phone calls by creating rough transcripts
and phonetic representations that can be easily searched and stored. The documents show NSA analysts celebrating the development of what they
called 'Google for Voice' nearly
a decade ago. Though perfect transcription of natural conversation apparently remains
the Intelligence Community’s 'holy grail,' the Snowden
documents describe
extensive use of keyword searching as well as computer programs designed to analyze
and 'extract' the content of voice conversations, and even use sophisticated algorithms to
flag conversations of interest. The documents include vivid examples of the use of speech
recognition in war zones like Iraq and Afghanistan, as well as in Latin America. But they
leave unclear exactly how widely the spy agency uses this ability, particularly in
programs that pick up considerable amounts of conversations that include people who live
in or are citizens of the United States. Spying on international telephone calls has
always been a staple of NSA surveillance, but the requirement that an actual person do the
listening meant it was effectively limited to a tiny percentage of the total traffic. By
leveraging advances in automated speech recognition, the NSA has entered the era of bulk
listening. And this has happened with no apparent public oversight, hearings or
legislative action. Congress hasn’t shown signs of even knowing that it’s going
on.... Civil liberty experts contacted by The Intercept said the NSA’s speech-to-text
capabilities are a disturbing example of the privacy invasions that are becoming possible
as our analog world transitions to a digital one. 'I think people don’t understand
that the economics of surveillance have totally changed,' Jennifer Granick, civil
liberties director at the Stanford Center for
Internet and Society, told The Intercept. 'Once you have this capability, then the
question is: How will it be deployed? Can you temporarily cache all American phone calls,
transcribe all the phone calls, and do text searching of the content of the calls?' she
said. 'It may not be what they are doing right now, but they’ll be able to do it.'
And, she asked: 'How would we ever know if they change the policy?' Indeed, NSA officials
have been secretive about their ability to convert speech to text, and how widely they use
it, leaving open any number of possibilities." |
"The European
Commission's top chief has admitted that he has recommended the implementation of a
European spy agency in order to combat spying from within the European Union, according to
reports. At a meeting of the EU's 28 commissioners, Jean-Claude Juncker proposed the
creation of Europe's own supranational spy service to combat spying by agencies such as
Germany's foreign intelligence body, the Bundesnachrichtendienst (BND), who monitored
officials in the European Commission, the French foreign ministry and France's Elysee
Palace, according to The
Times. German media reports claimed that the intelligence agency gathered information
on 'high-ranking officials' in what amounted to 'political espionage' before passing it to
the US National Security Agency (NSA). 'At a college meeting, I said that the European
Commission should have a secret service, because the agents are here,' Juncker revealed
yesterday.....Juncker spoke of his own experience with spying in Europe, after resigning
as Luxembourg's prime minister in 2013 because of the country's own illegal covert
activity. 'I'm a sort of specialist of secret
services,' he said. "I know by personal experience that they are very difficult to
keep under under control.'" |
"A former National
Security Agency official turned whistleblower has spent almost a decade and a half in
civilian life. And he says he's still "pissed" by what he's seen leak in the
past two years. In a lunch meeting hosted by Contrast Security founder Jeff Williams on
Wednesday, William Binney, a former NSA official who spent more than three decades at the
agency, said the US government's mass surveillance programs have become so engorged with
data that they are no longer effective, losing vital intelligence in the fray. That, he
said, can -- and has -- led to terrorist attacks succeeding. Binney said that an analyst
today can run one simple query across the NSA's various databases, only to become
immediately overloaded with information. With about
four billion people -- around two-thirds of the world's population -- under the NSA and
partner agencies' watchful eyes, according to his estimates, there is too much data being
collected....Binney left the NSA a month after the
September 11 attacks in New York City in 2001, days after controversial counter-terrorism
legislation was enacted -- the Patriot Act -- in the wake of the attacks. Binney stands
jaded by his experience leaving the shadowy eavesdropping agency, but impassioned for the
job he once had. He left after a program he helped develop was scrapped three weeks prior
to September 11, replaced by a system he said was more expensive and more intrusive.
Snowden said he was inspired by Binney's case, which in part inspired him to leak
thousands of classified documents to journalists.Since then, the NSA has ramped up its
intelligence gathering mission to indiscriminately "collect it all." ...Binney
said the NSA is today not as interested in phone records -- such as who calls whom, when,
and for how long. Although the Obama administration calls
the program a "critical national security tool," the agency is increasingly
looking at the content of communications, as the Snowden disclosures have shown. Binney
said he estimated that a "maximum" of 72 companies were participating in the
bulk records collection program -- including
Verizon, but said it was a drop in the ocean. He also called PRISM, the clandestine
surveillance program that grabs data from nine
named Silicon Valley giants, including Apple, Google, Facebook, and Microsoft, just a
"minor part" of the data collection process. The Upstream program is where the
vast bulk of the information was being collected," said Binney, talking about how the
NSA tapped undersea fiber optic cables. With help from its British counterparts at GCHQ,
the NSA is able to "buffer" more
than 21 petabytes a day. Binney said the "collect it all" mantra now may be
the norm, but it's expensive and ineffective. "If you have to collect
everything, there's an ever increasing need for more and more budget," he said.
"That means you can build your empire."" |
"Germany
has been spying and eavesdropping on its closest partners in the EU and passing the
information to the US for more than a decade, a parliamentary inquiry in Berlin has found,
triggering allegations of lying and coverups reaching to the very top of Angela
Merkel’s administration. There was
outrage in Germany two years ago over the revelations by NSA whistleblower Edward
Snowden of US and British surveillance activities in Europe. The fresh disclosures are
embarrassing for Berlin, which stands accused of hypocrisy in its protests about the US
spying on its allies. 'You
don’t spy on your friends,' said the chancellor when it was made known to her
that her mobile phone was being monitored by the US National Security Agency (NSA). Since
then, both sides have been embroiled in arguments about data privacy, with much talk among
officials and diplomats of a collapse of German trust in the Americans. But according to
reports on a confidential Bundestag committee of inquiry into the NSA scandal, under a
2002 pact between German intelligence (BND) and the NSA, Berlin used its largest
electronic eavesdropping facility in Bavaria to monitor email and telephone traffic at the
Élysée Palace, the offices of the French president, and of key EU institutions in
Brussels including the European commission. Thomas de Maizière, the interior minister and
a Merkel confidant, is in the firing line for allegedly lying about or covering up the
German collaboration with the Americans. The minister has denied the allegations robustly
and promised to answer before the parliamentary inquiry 'the sooner the better'. The
best-selling tabloid Bild depicted de Maiziere as Pinocchio this week and accused him of
'lying with impunity'. From 2005-9 he served as Merkel’s chief of staff, the post in
Berlin that exercises authority over the BND. He is said to have been told of the spying
activities in 2008....According to the newspaper Süddeutsche Zeitung and the public
broadcasters WDR and NDR, citing information from the closed parliamentary inquiry, the
BND’s biggest listening post at Bad Aibling in Bavaria 'was abused for years for NSA
spying on European states'..... 'The core is the political spying on our European
neighbours and EU institutions,' an unnamed source said to be familiar with the evidence
told the Süddeutsche. As well as the political intelligence activities, the NSA also got
the BND to spy on European aerospace and defence firms, the reports allege. German and
American individuals and companies were not monitored under the terms of the espionage
pact. The Bad Aibling complex of listening posts was an NSA facility for years. Under an
agreement in 2002, it was handed over to the Germans in 2004, since when much of the
information gleaned was routinely passed to the Americans. According to the Süddeutsche,
the Americans supplied search terms on a weekly basis to the Germans – totalling
690,000 phone numbers and 7.8m IP addresses up until 2013." |
"GCHQ has been ordered to destroy documents arising from its illegal interception of communications
between a Libyan dissident kidnapped with the aid of British intelligence and his lawyers.
The watchdog body for Britain’s intelligence
agencies found that the Government’s listening station had breached the human rights
of Sami al-Saadi, an opponent of former dictator Muammar Gaddafi who was forcibly removed
from Hong Kong with his family in 2004 and placed into Libyan custody with the apparent
connivance of MI6. Lawyers for Mr Al-Saadi, who received a £2.2m settlement from the
British Government two years ago, said the ruling by the Investigatory Powers Tribunal
(IPT) was the first time in its 15-year history that it had upheld a complaint against the
security services. It is also the first time that one of Britain’s intelligence
agencies has been ordered to surrender surveillance material. The IPT gave GCHQ 14 days in
which to confirm it has destroyed the two documents, which contained material based on
contacts between Mr Al-Saadi and his British lawyers in the run up to his legal claim
against the authorities. In a separate case relating to Government secrecy, another
tribunal yesterday heard claims that documents relating to alleged corruption in a deal to
arm the Saudi military were being wrongly withheld to protect national security." |
"A study has found that many people in the UK are worried about
having smart meters in their homes because they fear that data about their personal energy
use will be shared. The UK government says it wants
all homes to have smart meters within five years. These will allow users to set
equipment that only needs energy intermittently – such as washing machines and
freezers – to switch on at times when the grid has spare capacity and power is cheap.
The meters will save people money, as well as making it easier for the grid to incorporate
fluctuating sources of renewable energy such as wind and solar power – thus helping
to cut greenhouse-gas emissions. But in an online survey of more than 2400 people in the
UK, Alexa Spence of
Nottingham University found that a fifth would be "uncomfortable" with the data
sharing needed to do that. Strangely, she says, people who were worried about their energy
bills were the most fearful, whereas those who were more concerned about climate change
tended to be more amenable to data sharing." |
"The secrecy
surrounding the National
Security Agency’s post-9/11 warrantless surveillance and bulk data collection
program hampered its effectiveness, and many members of the intelligence community later
struggled to identify any specific terrorist attacks it thwarted, a newly
declassified document shows. The document is a lengthy report on a once secret N.S.A.
program code-named Stellarwind. The report was a joint project in 2009 by inspectors
general for five intelligence and law enforcement agencies, and it was withheld from the
public at the time, although a short,
unclassified version was made public. The government released a redacted version of
the full report to The New York Times on Friday evening in response to a Freedom of
Information Act lawsuit. Shortly after the terrorist
attacks on Sept. 11, 2001, President George W. Bush secretly
told the N.S.A. that it could wiretap Americans’ international phone calls and
collect bulk data about their phone calls and emails without obeying the Foreign Intelligence Surveillance Act. Over time, Stellarwind’s legal basis evolved, and pieces of it
emerged into public view, starting with an article in The Times about
warrantless wiretapping in 2005. The report amounts to a detailed history of the program.
While significant parts remain classified, it includes some new information. For example,
it explains how the Bush administration came to tell the chief judge of the Foreign
Intelligence Surveillance Court at the time of the Sept. 11 attacks, Royce C. Lamberth,
about the program’s existence in early 2002. James A. Baker, then the Justice
Department’s top intelligence lawyer, had not been told about the program. But he
came across 'strange, unattributed' language in an application for an ordinary
surveillance warrant and figured it out, then insisted on telling Judge Lamberth. Mr.
Baker is now the general counsel to the F.B.I. It
also says that Mr. Baker developed procedures to make
sure that warrant applications using information from Stellarwind went only to the judges
who knew about the program: first Judge Lamberth and then his successor, Judge Colleen
Kollar-Kotelly....After
the warrantless wiretapping part became public, Congress legalized it in 2007; the report said this should have happened earlier to remove 'the
substantial restrictions placed on F.B.I. agents’ and analysts’ access to and
use of program-derived information due to the highly classified status' of Stellarwind....
The report has new details about a dramatic episode in March 2004, when several Justice
Department officials confronted Alberto R. Gonzales, the White House counsel at the time,
in the hospital room of Mr. Ashcroft over the legality of the program. The officials
included Mr. Thompson’s successor as deputy attorney general, James B. Comey, who is
now the F.B.I. director, and the new head of the office where Mr. Yoo had worked, Jack
Goldsmith. The showdown prompted Mr. Bush to make two or three changes to Stellarwind, the
report said. But while the report gives a blow-by-blow account of the bureaucratic fight,
it censors an explanation of the substance of the legal dispute and Mr. Bush’s
changes....Last year, the Obama administration released a redacted
version of a memo that Mr. Goldsmith later wrote about Stellarwind and similarly
censored important details. Nevertheless, it is public
knowledge, because of documents leaked by the former intelligence contractor Edward J.
Snowden, that one part of the dispute concerned the
legality of the component of Stellarwind that collected bulk records about Americans’
emails...... In
2004, the F.B.I. looked at a sampling of all the tips to see how many had made a
'significant contribution' to identifying a terrorist, deporting a terrorism suspect, or
developing a confidential informant about terrorists. Just 1.2 percent of the tips from
2001 to 2004 had made such a contribution. Two years later, the F.B.I. reviewed all the
leads from the warrantless wiretapping part of Stellarwind between August 2004 and January
2006. None had proved useful." |
"Germany's intelligence service, the Bundesnachrichtendienst (BND),
has been helping the NSA
spy on European politicians and companies for years, according to the German news
magazine Der Spiegel. The NSA has been sending lists of 'selectors'—identifying
telephone numbers, e-mail and IP addresses—to the BND, which then provides
related information that it holds in its surveillance databases. According to the German newspaper Die Zeit, the NSA sent selector lists
several times a day, and altogether
800,000 selectors have been requested. The BND realized as early as 2008 that some of
the selectors were not permitted according to its internal rules, or covered by a 2002
US-Germany anti-terrorism 'Memorandum of Agreement' on intelligence cooperation. And yet
it did nothing to check the NSA's requests systematically. It was only in the summer of
2013, after Edward Snowden's revelations of massive NSA and GCHQ surveillance, that the
BND finally started an inquiry into all the selectors that had been processed. According to Der Spiegel, investigators found that the BND had
provided information on around 2,000 selectors that were clearly against European and
German interests. Not only were European businesses such as the giant aerospace and defense company EADS,
best-known as the manufacturer of the Airbus planes, targeted, so were European
politicians—including German ones. However, the BND did not inform the German
Chancellor's office, which only found out about the misuse of the selector request system
in March 2015. Instead, the BND simply asked the NSA to make requests that were fully
covered by the anti-terrorism agreement between the two countries. According to Die Zeit, this was because the BND was worried that the NSA
might curtail the flow of its own intelligence data to the German secret services if the
selector scheme became embroiled in controversy. The information about this activity has
finally come out thanks to a long-running committee
of inquiry, set up by the German Bundestag (federal parliament), which has been trying
to get to the bottom of the NSA activities in Germany, and of the BND's involvement in
them. The committee's investigation suggests that as
many as 40,000 of the selectors were targeting European and German interests—far more than the 2,000 found by the BND. There is likely to be
considerable political fallout from the latest news. Because
of the way the affair has been handled, with the German Chancellor kept in the dark for
years, it is widely expected that the head of the BND, Gerhard Schindler, will be forced
to resign. News that the BND has been actively helping the NSA to spy on European
companies and politicians will also deepen the public's already considerable anger at US
surveillance of Germans, first revealed by Snowden's leaks. That, in its turn, could
make it even harder to persuade them to accept the huge US-EU trade agreement currently
being negotiated behind closed doors, known as the Transatlantic Trade and Investment
Partnership (TTIP). The Germans are already the leading skeptics: over a million of them have signed an online petition
calling for the TTIP talks to be halted, while thousands
took to the streets earlier this month to protest against the proposed deal." |
"Escaping from the hectic world to curl up with a good book is one
of life’s simple pleasures. But thanks to the popularity of e-readers, it seems that
when you settle down to enjoy a novel you’re no longer alone. The digital devices not
only track which books you read, but can monitor the passages you dwell on and the time
you put your book down at night to go to sleep. Michael
Tamblyn, of Kobo, which supplies e-readers to WHSmith, John Lewis and Tesco, said it
collects information from users to recommend new books and boost
sales. ‘We’re synchronising a bookmark constantly as you move along,’
he said.... Renate Samson, of the privacy campaign group Big Brother Watch, said: ‘It
is rather alarming to think that whilst you read your e-book your e-reader device is
reading you.‘That these products feel the need to monitor more than just what we
read, but to actively store data on what page we might linger on or more worryingly what
time of day or night we choose to read seems disproportionately intrusive on what is to
most of us a moment of personal quiet time.’... At the moment e-books account for
around a fifth of all book sales in the UK, across all age groups. Many older readers
have adopted the gadgets because they can easily increase the font size, making books
easier to read without having to pay for a special large-print edition." |
"About a year ago, a thirtysomething sculptor in Los Angeles began
working on a bust of Edward Snowden. When he was done, he shipped the bust to his artist
friends on the East Coast. Just before dawn April 6, the artists crept under cover of
darkness into Brooklyn's Fort Greene Park and installed the 100-pound bust atop a
Revolutionary War memorial. 'We chose to pay tribute
to Snowden through the medium of a bust because that is one of the visual pieces society
uses as a guidepost to who a hero is,' one of the artists said in a video released after
the bust was installed. By 3 p.m. the New York Parks Department and police had taken the
bust down. But the next morning, a different group of artists cast a holographic image of
Snowden where the bust had stood. The message to the authorities could not be clearer:
Snowden is not going away. A large and important segment of our society sees Snowden as
hero and whistleblower — and its members are the future. In late February, the
American Civil Liberties Union commissioned a global
poll surveying millennials (18- to 34-year-olds) in 10 countries, including the
United States, about their opinions of Snowden and what the effect of his disclosures will
mean for privacy. The results confirmed that surveillance reform, like marriage equality,
will come about because of generational change. The poll showed that in every country
surveyed — Australia, Canada, France, Germany, Britain, Italy, New Zealand, the
Netherlands, Spain and the U.S. — millennials have an overwhelmingly positive opinion
of Snowden. In continental Europe, 78% to 86% has positive opinions of him. Even in the
United States, where the Justice Department has charged Snowden with espionage, 56% view
him favorably. The poll also found that millennials believe Snowden's disclosures will
benefit privacy rights. In Germany, Italy, Spain and the Netherlands, 54% to 59% said they
thought Snowden's actions would lead to more privacy protection. It might seem
counterintuitive to think that Snowden's disclosures will lead to greater privacy
protections when many of the governments in the countries polled are insistent on
maintaining or enhancing their abilities to spy on their citizens. Canada, France and the
Netherlands are considering expansive surveillance powers similar to the Patriot Act, and
Australia already has enacted such a law. Though surveillance reform may confront
resistance in the near term, millennials have made it clear that they don't want
government agencies tracking them online or collecting data about their phone calls. In
the United States, millennials will surpass the baby boomer generation this year, and by
2020, they will represent 1 out of 3 adults. As they grow in influence, so too will the
demand to rein in the surveillance state. Conventional wisdom says that the young and
idealistic grow up and shed their naive ideals as they confront the real world. By that
logic, as millennials age, they will recognize the need for the surveillance state to keep
us safe from terrorism. But given the lack of
evidence that mass surveillance works — President
Obama's own review group concluded that the National Security Agency's call-records
program never played a pivotal role in any investigation
— it is unlikely this generation of digital natives will shed a fundamental
commitment to the free exchange of information." |
"Want to see how secrecy is corrosive to democracy? Look no further
than a series of explosive investigations by various news organizations this week that
show the government hiding surveillance programs purely to prevent a giant public
backlash. USA Today’s Brad Heath published
a blockbuster story on Monday about the Drug Enforcement Administration (DEA) running
a massive domestic spying operation parallel to the NSA’s that was tracking billions
of international calls made by Americans. They kept it secret for more than two decades. According to the USA Today
report, the spying program was not only used against alleged terrorist activity, but
countless supposed drug crimes, as well as 'to identify US suspects in a wide range of
other investigations'. And they collected information
on millions of completely innocent Americans along the way. Heath’s story is awash with incredible
detail and should be read in full, but one of the most interesting parts was buried
near the end: the program was shut down by the Justice Department after the Snowden leaks,
not because Snowden exposed the program, but because they knew that when the program
eventually would leak, the government would have no arguments to defend it. The justification they were using for the NSA’s program -
that it was only being used against dangerous terrorists, not ordinary criminals - just
wasn’t true with the DEA. The public would
clearly be outraged by the twisted legal justification that radically
re-interpreted US law in complete secrecy. 'They couldn’t defend both programs',
a former Justice Department official told Heath.
The piece also reveals that Attorney General Eric Holder 'didn’t think we should have
that information' in the first place, which is interesting because Holder was one of the
first Justice Department officials to approve the program during the Clinton
administration. It’s nice he came to his senses, but if the program never risked
going public, would he have felt the same? There are
many other surveillance programs the government is desperate to keep hidden. Consider
Stingray devices, the mini fake
cell phone towers that can vacuum up cell phone data of entire neighborhoods at the
same time and which are increasingly being used by local cops all around the country. The Associated
Press reported this week that the Baltimore police have used these controversial
devices thousands of times in the course of ordinary investigations and have tried to hide
how the devices are used from judges. The lengths to
which the FBI will go to keep these devices secret from the public is alarming. As a Guardian
investigation detailed on Friday, the FBI makes local police that use them sign
non-disclosure agreements, and goes as far as to direct them to dismiss charges against
potential criminals if the phone surveillance will be exposed at trial (as is required by
due process rights in the Fifth Amendment)." |
"The U.S. government started keeping secret records of Americans'
international telephone calls nearly a decade before the Sept. 11 terrorist attacks,
harvesting billions of calls in a program that provided a blueprint for the far broader
National Security Agency surveillance that followed. For more than two decades, the
Justice Department and the Drug Enforcement Administration amassed logs of virtually all
telephone calls from the USA to as many as 116 countries linked to drug trafficking,
current and former officials involved with the operation said. The targeted countries changed over time but included Canada, Mexico and
most of Central and South America....The data collection began in 1992 during the
administration of President George H.W. Bush, nine years before his son, President George
W. Bush, authorized the NSA to gather its own logs of Americans' phone calls in 2001. It
was approved by top Justice Department officials in four presidential administrations and
detailed in occasional briefings to members of Congress but otherwise had little
independent oversight, according to officials involved with running it. The DEA used its
data collection extensively and in ways that the NSA is now prohibited from doing. Agents
gathered the records without court approval, searched them more often in a day than the
spy agency does in a year and automatically linked the numbers the agency gathered to
large electronic collections of investigative reports, domestic call records accumulated
by its agents and intelligence data from overseas.... The DEA asked the Pentagon for help.
The military responded with a pair of supercomputers and intelligence analysts who had
experience tracking the communication patterns of Soviet military units. "What they
discovered was that the incident of a communication was perhaps as important as the
content of a communication," a former Justice Department official said.The military
installed the supercomputers on the fifth floor of the DEA's headquarters, across from a
shopping mall in Arlington, Va." |
"In a case before the Court of Justice of the European Union (CJEU), the
European Commission admitted that the Safe Harbor Framework doesn’t adequately
protect EU citizens’ data from potential U.S. spying. And a fix isn’t really
coming anytime soon, Ars Technica reveals, quoting a report from euobserver. The best way for preventing such
spying operations, for anyone worried about NSA snooping, would be to stop using certain
U.S.-based online services, including Facebook, at least until they open data centers in Europe.'You might consider closing your Facebook account, if you have
one,'European Commission attorney Bernhard Schima told attorney-general Yves Bot at the
CJEU on Tuesday, suggesting that personal data transferred from Europe to the U.S.
isn’t necessarily protected under the U.S.-EU pact, even though the Framework should
ensure data privacy and security. The case was brought before the CJEU after Austrian privacy activist
Max Schrems filed complaints with the Irish High Court following the Prism revelations
against the five U.S. companies mentioned above. The Irish court then referred it to the
higher European body. Schrems basically says that
data passed to the U.S. can’t be considered as adequately protected, as it’s not
clear what happens with it in light of the Prism program leaks. The
European Commission is still in talks about improving data protection for EU citizens, even though the Safe Harbour Framework
can’t yet guarantee that protection." |
"Spying by the GCSB on those competing against National Government
minister Tim Groser for the World Trade Organisation's top job has appalled a former
foreign affairs and trade minister and astonished one of the country's most experienced
diplomats. An inquiry is likely into the actions of the GCSB after Labour leader Andrew
Little said he would ask the Inspector-General of Intelligence and Security to investigate
today. The Herald and US news site the Intercept
yesterday revealed a top secret GCSB document showing the electronic surveillance agency
had been searching for email communications which mentioned Mr Groser, the Trade Minister,
in association with names of candidates competing against him. The news broke as Prime
Minister John Key and Mr Groser prepared to sign a Free Trade Agreement in South Korea,
whose former trade minister was among the surveillance targets vying for the $700,000 WTO
job. Mr Key told reporters the South Korean hosts "wouldn't give a monkey's" and
"wouldn't believe it" but refused to comment further. A spokeswoman last night
said Mr Key was confident the inspector-general would investigate "any matters as she
sees fit". Mr Groser also refused comment but told TVNZ: "I assume that
everything I say on the phone is being intercepted."" |
"Top-secret documents obtained by the CBC show Canada's electronic spy
agency has developed a vast arsenal of cyberwarfare tools alongside its U.S. and British
counterparts to hack into computers and phones in many parts of the world, including in friendly trade countries like
Mexico and hotspots like the Middle East. The little
known Communications Security Establishment wanted to become more aggressive by 2015, the
documents also said. Revelations about the agency's prowess should serve as a 'major
wakeup call for all Canadians,' particularly in the context of the current parliamentary
debate over whether to give intelligence officials the power to disrupt national security
threats, says Ronald Deibert, director of the Citizen Lab, the respected internet research
group at University of Toronto's Munk School of Global Affairs. 'These are awesome powers
that should only be granted to the government with enormous trepidation and only with a
correspondingly massive investment in equally powerful systems of oversight, review and
public accountability,' says Deibert. Details of the CSE’s capabilities are revealed
in several top-secret documents analyzed by CBC News in collaboration with The
Intercept, a U.S. news website co-founded by Glenn Greenwald, the journalist who
obtained the documents from U.S. whistleblower Edward Snowden. The CSE toolbox
includes the ability to redirect someone to a fake website, create unrest by pretending to
be another government or hacker, and siphon classified information out of computer
networks, according to experts who viewed the documents. The agency refused to answer
questions about whether it's using all the tools listed, citing the Security of
Information Act as preventing it from commenting on such classified matters. In a written statement,
though, it did say that some of the documents obtained by CBC News were dated and do 'not
necessarily reflect current CSE practices or programs. Canada's electronic spy agency and
the U.S. National Security Agency 'cooperate closely' in 'computer network access and
exploitation' of certain targets, according to an April 2013 briefing note for the NSA.
Their targets are located in the Middle East, North Africa, Europe and Mexico, plus other
unnamed countries connected to the two agencies' counterterrorism goals, the documents
say. Specific techniques used against the targets are not revealed. Deibert notes that
previous Snowden leaks have disclosed that the CSE uses the highly sophisticated
WARRIORPRIDE malware to target cellphones, and maintains a network of infected private
computers — what's called a botnet ?— that it uses to disguise itself
when hacking targets. Other leaked documents revealed
back in 2013 that the CSE
spied on computers or smartphones connected to Brazil's mining and energy ministry to get
economic intelligence." |
"Air-gapped systems, which are isolated from the Internet and are not
connected to other systems that are connected to the Internet, are used in situations that
demand high security because they make siphoning data from them difficult. Air-gapped systems are
used in classified military networks, the payment networks that process credit and debit
card transactions for retailers, and in industrial control systems that operate critical
infrastructure. Even journalists use them to prevent intruders from remotely accessing
sensitive data. To siphon data from an air-gapped system generally requires physical
access to the machine, using removable media like a USB flash drive or a firewire cable to
connect the air-gapped system directly to another computer. But
security researchers at Ben Gurion University in Israel have found a way to retrieve data
from an air-gapped computer using only heat emissions and a computer’s built-in
thermal sensors. The method would allow attackers to surreptitiously siphon passwords or
security keys from a protected system and transmit the data to an internet-connected
system that’s in close proximity and that the attackers control. They could also use the internet-connected system to send malicious
commands to the air-gapped system using the same heat and sensor technique. In a video
demonstration produced by the researchers, they show how they were able to send a command
from one computer to an adjacent air-gapped machine to re-position a missile-launch toy
the air-gapped system controlled. The proof-of-concept attack
requires both systems to first be compromised with malware. And currently, the attack
allows for just eight bits of data to be reliably transmitted over an hour—a rate
that is sufficient for an attacker to transmit brief commands or siphon a password or
secret key but not large amounts of data. It also works only if the air-gapped system is
within 40 centimeters (about 15 inches) from the other computer the attackers control. But
the researchers, at Ben Gurion’s Cyber Security Labs, note that this latter
scenario is not uncommon, because air-gapped systems often sit on desktops alongside
Internet-connected ones so that workers can easily access both. The method was developed by Mordechai Guri in a project overseen by his
adviser Yuval Elovici. The research represents just a first step says Dudu Mimran, chief
technology officer at the lab, who says they plan to present their findings at a security
conference in Tel Aviv next week and release a paper describing their work later on.'We
expect this pioneering work to serve as the foundation of subsequent research, which will
focus on various aspects of the thermal channel and improve its capabilities,'the
researchers note in their paper. With additional
research, they say they may be able to increase the distance between the two communicating
computers and the speed of data transfer between them....
This isn’t the only way to communicate with air-gapped systems without using physical
media. Past research by other teams has focused on using acoustic inaudible channels,
optical channels and electromagnetic emissions. All of these, however, are unidirectional
channels, meaning they can be used to siphon data but not send commands to an air-gapped
system. The same Ben Gurion researchers previously
showed how they could siphon data from an air-gapped machine
using radio frequency signals and a nearby mobile phone. That proof-of-concept hack
involved radio signals generated and transmitted by an infected machine’s video card,
which could be used to send passwords and other data over the air to the FM radio receiver
in a mobile phone. The NSA reportedly has been using a more sophisticated version of this
technique to not only siphon
data from air-gapped machines in Iran and elsewhere but also to inject them with malware, according to
documents leaked by Edward Snowden. Using an NSA hardware implant called the
Cottonmouth-I, which comes with a tiny embedded transceiver, the agency can extract data
from targeted systems using RF signals and transmit it to a briefcase-sized relay
station up to 8 miles away. There’s no
evidence yet that the spy agency is using heat emissions and thermal sensors to steal data
and control air-gapped machines— their RF technique is much more efficient than
thermal hacking. But if university researchers in Israel have explored the idea of thermal
hacking as an attack vector, the NSA has likely considered it too." |
"How would you feel if
your phone carrier accidentally leaked every record of every call you made—and
didn’t even tell you? If you’re like most Americans, you would be livid, because
the vast majority of us care deeply about the privacy of our phone records. A November
report from the Pew Research Center found that 82 percent of Americans consider
location information gathered by their phones to be'sensitive'or'very sensitive,'and 75
percent feel that way about the numbers they have called or texted. But a forthcoming bill
from Congress could dramatically reduce the security of that information—amid a
number of high-profile data breaches. The threat comes from a bill—scheduled to be
introduced in the House this week—called (incongruously) the'Data
Security and Breach Notification Act of 2015.'As I explained in testimony
before the House of Representatives last week, counter to its name, this piece of legislation would actually eliminate key legal
protections for phone, cable, and satellite records. What would this mean for you? You
could no longer assume that any information your phone, cable, or satellite provider
collects about you is protected, and companies would no longer be obligated to tell you if
that information is compromised. The results could be disastrous. Just a list of the phone
numbers called by a customer would reveal not only information about that customer’s
ties to other individuals, but also ties to organizations, health-related entities,
hotlines, support groups, and so on. That list of numbers could reveal that the customer
had called a hotline for suicidal thoughts or domestic violence. It could indicate that
the customer likely had an abortion, needed 911 services, battled addiction, or struggled
to come to terms with her sexual orientation. And analyzing the records further would
reveal even more intimate details, including, in
the words of computer scientist Ed Felten: - '[W]hen we are awake and asleep; our
religion, if a person regularly makes no calls on the Sabbath, or makes a large number of
calls on Christmas Day; our work habits and our social attitudes; the number of friends we
have; and even our civil and political affiliations.' - Phone records also contain location information. Even when customers turn
off GPS on their phones, carriers keep a record of which network antenna is communicating
with the phone during every call. As computer scientist Vitaly Shmatikov explained
last year in a letter to the Federal Communications Commission, this information can
be used to reconstruct a customer’s movements, revealing the path someone takes to
drive to work or walk to her children’s school, or the location of his gym or place
of worship. As for cable and satellite
customers’ viewing histories, it’s hard to imagine a class of information with
greater potential for humiliation than an account of what we watch in the privacy of our
own homes. Indeed, Congress was so spooked by the publication of Supreme Court nominee
Robert Bork’s innocuous video rental history in 1988 that they almost immediately
passed the Video Privacy
Protection Act, which protects records about video rentals. Right now, phone carriers have to train personnel on protections for these
records, have an express disciplinary process in place for abuses, and annually certify
that they are in compliance with the rules. Cable and satellite providers also have to
carefully protect all of their customers’ information. The new bill would change all
that." |
"British police claim a criminal investigation they are conducting
into journalists who have reported on leaked documents from Edward Snowden has to be kept
a secret due to a'possibility of increased threat of
terrorist activity.'Following Snowden’s disclosures from the National Security Agency
in 2013, London’s Metropolitan Police and a lawyer for the United Kingdom government separately
confirmed
a criminal probe had been opened into the leaks. One of the Metropolitan Police’s
most senior officers publicly
acknowledged during a parliamentary hearing that the investigation was focusing on
whether reporters at the Guardian had committed criminal offenses for their role in revealing
British government mass surveillance operations exposed in Snowden’s documents. But
now, the Metropolitan Police, known as the Met, says
everything about the investigation’s existence is a secret and too dangerous to
disclose." |
"German Vice Chancellor Sigmar Gabriel (above) said this week in
Homburg that the U.S. government threatened to cease sharing intelligence with Germany if
Berlin offered asylum to NSA whistleblower Edward Snowden or otherwise arranged for
him to travel to that country.'They told us they
would stop notifying us of plots and other intelligence matters,'Gabriel said. The vice
chancellor delivered
a speech in which he praised the journalists who worked on the Snowden archive, and
then lamented the fact that Snowden was forced to seek refuge in'Vladimir Putin’s
autocratic Russia'because no other nation was willing and able to protect him from threats
of imprisonment by the U.S. government (I was present at the event to receive an award).
That prompted an audience member to interrupt his speech and yell out:'Why don’t you
bring him to Germany, then?'There has been a sustained
debate in Germany over whether to grant asylum to Snowden, and a
major controversy arose last year when a Parliamentary Committee investigating NSA
spying divided as to whether to bring Snowden to testify in person, and then narrowly
refused at the behest of the Merkel government. In response to the audience
interruption, Gabriel claimed that Germany would be legally obligated to extradite
Snowden to the U.S. if he were on German soil. Afterward, however, when I pressed the vice
chancellor (who is also head of the Social Democratic Party, as well as the country’s
economy and energy minister) as to why the German government could not and would not offer
Snowden asylum — which, under international law, negates
the asylee’s status as a fugitive — he told me that the U.S. government
had aggressively threatened the Germans that if they did so, they would be'cut off'from
all intelligence sharing. That would mean, if the threat were carried out, that the
Americans would literally allow the German population to remain vulnerable to a brewing
attack discovered by the Americans by withholding that information from their
government." |
"While you’ve likely never heard of companies like Yesware,
Bananatag, and Streak, they almost certainly know a good deal about you. Specifically,
they know when you’ve opened an email sent by one of their clients, where you are,
what sort of device you’re on, and whether you’ve clicked a link, all without
your awareness or consent. That sort of email tracking is more common than you might
think. A Chrome extension called Ugly
Mail shows you who’s guilty of doing it to your inbox. Sonny Tulyaganov, Ugly
Mail’s creator, says he was inspired to write the'tiny script'when a friend told him
about Streak, an email-tracking
service whose Chrome extension has upwards of 300,000 users. Tulyaganov was appalled.'[Streak] allowed users track emails, see when,
where and what device were used to view email,'he recalled to WIRED.'I tried it out and
found it very disturbing, so decided to see who is actually tracking emails in my
inbox.'Once the idea for Ugly Mail was born, it only took a few hours to make it a
reality. The reason it was so easy to create is that the kind of tracking it monitors is
itself a simple procedure. Marketers—or anyone
who’s inspired to snoop—simply insert a transparent 1×1 image into an email.
When that email is opened, the image pings the server it originated from with information
like the time, your location, and the device you’re using. It’s a read receipt
on steroids that you never signed up for. Pixel tracking is a long-established practice,
and there’s nothing remotely illegal or even particularly discouraged about it;
Google even has a support page
dedicated to guiding advertisers through the process. That doesn’t make it any less
unsettling to see just how closely your inbox activity is being monitored. Using Ugly Mail is as simple as the service is effective. Once
you’ve installed it, the code identifies emails that include tracking pixels from any
of the three services mentioned above. Those messages will appear in your inbox with an
eye icon next to the subject heading, letting you know that once clicked, it will alert
the sender. Tulyaganov also confirmed to WIRED that Ugly Mail also doesn’t store,
save, or transmit any data from your Gmail account or computer; everything takes place on
the user’s end. Ugly Mail appears to work as advertised in our test, but it has its
limitations. It’s only built for Gmail (sorry… Outlookers?) and is only
available for Chrome, although Tulyaganov says that Firefox and Safari versions are in the
works." |
"The government has admitted that its intelligence services have the broad
power to hack into personal phones, computers, and communications networks, and
claims they are legally justified to hack anyone, anywhere in the world, even if the
target is not a threat to national security nor suspected of any crime. That is the
claim of pressure group Privacy International, following admissions by the government in a
court document published today by the organisation. It follows two court cases initiated
last year against GCHQ that challenge what Privacy International claims is invasive
state-sponsored hacking that was revealed by Edward Snowden. In
the document, the government outlines the broad authority it has given UK intelligence
services to infiltrate personal devices, the internet, and social media websites. In addition, government lawyers claim that while the intelligence
services require authorisation before they are allowed to hack into the computer and
mobile phones of 'intelligence targets', GCHQ is equally permitted to break into computers
anywhere in the world, even if they are not connected to a crime or a threat to national
security. 'Such powers are a massive invasion of
privacy. Hacking is the modern equivalent of entering someone's house, searching
through filing cabinets, diaries and correspondence, and planting devices to permit
constant surveillance in future,' commented the organisation. 'If
mobile devices are involved, the government can obtain historical information,
including every location visited in the past year and the ongoing surveillance will
capture the affected individual wherever they go.' The
court document relies heavily on a draft code on 'equipment interference', according to
the pressure group, which was quietly released to the public on the same day that the
Investigatory Powers Tribunal found that GCHQ had engaged in unlawful information sharing
with the US National Security Agency (NSA). For the
past decade, GCHQ has been involved in state-sponsored hacking without this code being
available to the public, claims Privacy International, which means that they have almost
certainly been acting against the law. Indeed, the
draft code has not even been approved by Parliament yet, and remains open for public
comment until 20 March. Privacy International has been involved in two separate complaints
to the Investigatory Powers Tribunal, one filed on its own that challenges the UK security
services' presumed rights to attack any computer devices in the perceived pursuit of its
work; the other is with seven internet service providers and communications companies,
which calls for GCHQ to be stopped from attacks against communications networks. 'The government has been deep in the hacking business for nearly a
decade, yet they have never once been held accountable for their actions. They have
granted themselves incredible powers to break into the devices we hold near and dear, the
phones and computers that are so integral to our lives,' said Eric King, deputy director
of Privacy International. He continued: 'What's
worse is that without any legitimate legal justification, they think they have the
authority to target anyone they wish, no matter if they are suspected of a crime. This
suspicionless hacking must come to an end and the activities of our intelligence agencies
must be brought under the rule of law.'" |
"Barbie’s been a lot of things, but could she be a spy?
That’s the fear among thousands of parents in the U.S. and Canada over Hello Barbie,
a Mattel
doll set to hit store shelves later this year that the toymaker calls'interactive.'Using WiFi
and voice recognition technology, Hello Barbie can record conversations and talk back,
using the recorded information to mimic a conversation between friends. She can remember.
She can learn. Cool? Creepy, according to the U.S.-based Campaign for a Commercial-Free
Childhood, which has garnered more than 5,000 names in less than a week from the U.S. and
Canada on a petition asking Mattel to yank the toy.'This has taken off like no campaign
we’ve ever done. People are outraged. I’ve never seen anything like this,'said
Josh Golin, associate director of Campaign for a Commercial-Free Childhood.'I think it’s the creep factor ... It just opens a whole
Pandora’s box of what could happen.'Oren Jacob, chief executive officer of ToyTalk,
the San Francisco company behind the technology, points out that several billion
smartphones and tablets in the world already connect to the Internet and come with
built-in microphones. Voice recognition is widely used in applications that
include Apple’s Siri, Google Now and Xbox Kinect. Hello Barbie is a highly controlled
experience, according to Jacob. The Hello Barbie microphone can only record when it is
activated. On the prototype doll, the microphone button is located on her belt buckle.
There is no GPS chip in the doll. Hello Barbie does not ask personal questions or collect
personal information. Her possible responses are drafted by content teams at Mattel and
ToyTalk. The questions and answers are stored for up to two years, and are used for
product development, including improving voice recognition systems for children. Parents
can access the comments, using a password. They can also delete the comments." |
"New Zealand spies programmed an internet mass surveillance system
to intercept messages about senior public servants and a leading anti-corruption
campaigner in the Solomon Islands, a top-secret document reveals. For the first time, New Zealanders can learn about people their government
has targeted as part of its role in Five Eyes, a surveillance alliance that includes New
Zealand, the United States, the United Kingdom, Canada, and Australia. The secret
document, dated from January 2013, shows some of the names and other search terms that the
Government Communications Security Bureau (GCSB) entered into the internet spying system XKeyscore. XKeyscore is run by the US National Security Agency and is
used to analyse vast amounts of email, internet browsing sessions and online chats that
are intercepted from some 150 different locations worldwide. GCSB has gained access to
XKeyscore through its partnership in Five Eyes, and contributes data to the system that is
swept up in bulk from a surveillance base in Waihopai Valley. XKeyscore would have
searched through the South Pacific communications intercepted by the GCSB and highlighted
those containing the specified Solomon Islands target names and search terms. When Prime
Minister John Key talks of New Zealand's intelligence operations, he voices concern over
the threat of terrorism. In the case of the Solomon Islands, the government and civil
society targets appear to be respectable people working in the best interests of their
country. The top secret document obtained by the Herald on Sunday and US news site The
Intercept gives an unprecedented insight into specific targeting by New Zealand's largest
and most secretive intelligence agency. No individual foreign targets of the GCSB have
ever before reached the public. The GCSB target list features seven Solomon Islanders by
name under the heading "Terms associated with Solomon Islands Government
documents". The names are a who's who of senior public servants in the Solomon
Islands government at the time the list was written. They include Barnabas Anga, the
Permanent Secretary of the Ministry of Foreign Affairs and External Trade, Robert Iroga,
Chief of Staff to the Prime Minister, Dr Philip Tagini, Special Secretary to the Prime
Minister, Fiona Indu, senior Foreign Affairs official, James Remobatu, Cabinet Secretary,
and Rose Qurusu, a Solomon Islands public servant. Targeting emails associated with these
officials would have provided day-by-day monitoring of the internal operation of the
Solomon Islands government, including its negotiations with the New Zealand, Australian
and other Five Eyes governments. The target list includes the usernames of the senior
public servants' computer accounts. The surveillance was tailored to intercept documents
they or other officials sent between each other..... The seventh person caught up in the
GCSB's surveillance sweep is the leading anti-corruption campaigner in the Solomons,
Benjamin Afuga. For several years he has run an online publication that exposes
corruption, often publishing leaked information and documents from whistleblowers within
the government. It has a large following.... The existence of XKeyscore was first revealed
by the Guardian in 2013, based on documents leaked by NSA whistleblower Edward Snowden.
The documents showed that the NSA views the system as its "widest reaching"
surveillance tool because it is capable of seeing "nearly everything a typical user
does on the internet"." |
"The names suggest a parade of a C-list websites. There was
NewJunk4U.com and Monster-Ads.net, CoffeeHausBlog.com and SuddenPlot.com. But, these
sad-sounding domains actually were artful creations of the National Security Agency: They
were fronts for distributing and controlling government malware around the world. Those
domains and 109 others came to light last month as part of the'Equation Group'report
from anti-virus vendor Kaspersky. Researchers at Kaspersky identified 300 such domains, and published 113 of them. The
NSA’s malware domains always have been a closely guarded secret—it’s the
kind of direct, actionable information that can expose even old cyber espionage operations. Now the agency is in an awkward position:
What should it do with these domains now that their covers have been blown? The domains
were chosen to look legitimate, which means the US government is effectively cyber
squatting on a sizable portfolio of names like newjunk4u.com and businessdealsblog.com
that are no longer useful for espionage, but potentially valuable for business." |
"The government is attempting to keep secret the extent of the
intelligence services’ unlawful behaviour, a tribunal has heard. An application for a
confidential judgment that would never be published has been made by lawyers for MI5, MI6
and GCHQ in a highly sensitive case
about the interception of legally privileged conversations between lawyers and their
clients. The request was made during a claim before
the investigatory powers tribunal (IPT) brought by the Libyan dissident Abdel
Hakim Belhaj and his family who were abducted in a UK-US rendition operation and
returned to Muammar Gaddafi’s regime in Tripoli. The IPT deals with complaints about
the conduct of the intelligence services. Belhaj is suing the government over his
treatment. Following revelations by the US National Security Agency whistleblower Edward
Snowden about widespread online and phone surveillance by GCHQ and other agencies, Belhaj
launched a claim in the IPT alleging that his legally protected exchanges with his lawyers
had been intercepted – possibly giving the government an unfair advantage in the
compensation case. Belhaj is supported by Amnesty
International, Reprieve and other human rights groups. Lawyers for MI5,
MI6 and GCHQ have already admitted that the policies and procedures they had in place to
deal with legally privileged material were unlawful. No'Chinese walls'were in place to
prevent those involved in litigation seeing sensitive intelligence material. Conversations between lawyers and their clients have a protected
status under English law. Ben Jaffey, counsel for
Belhaj and his family, told the tribunal:'There has been a failure of legal oversight that
has allowed this to happen.'We know these policies have had a real-world effect. In at
least one case there has been tainting and there’s a risk that it could have given
them an unfair advantage.'Jaffey said the government was asking the tribunal to keep
secret whether Belhaj had been the victim of'serious interference with his lawyers'and how
that might have occurred.'The proposal of [the government] is to deal with this case
behind secret curtains. The public exposure of unlawfulness is very painful for the
agencies. It may make it more difficult for them to do their job but such is the rule of
law.'Hugh Tomlinson QC, for Amnesty, said:'If the tribunal says nothing or says it may
have happened, the public will be left thinking: ‘What has happened? Is this a can of
worms? Is this an iceberg under the water?’'There’s nothing more likely to
undermine confidence in the security services than the impression that there’s dirty
dealing behind the curtains and nothing has been revealed.'The IPT, which conducts many of
its hearings in secret, is empowered to consider claims on a hypothetical basis. James
Eadie QC, for the intelligence agencies, told the tribunal that making a public
determination at the end of the case could endanger public safety. Confirming to any
claimant that they were being monitored would undermine the well-established
government’s principle of'neither confirm nor deny'(NCND), he said." |
"...Nigel Inkster of
the International Institute for Strategic Studies and former deputy chief at intelligence
service MI6, sought to downplay the activities of the spy agencies. Asked whether mass
surveillance should be troubling in a free society, Inkster said: 'It would be troubling
if it were mass surveillance but it's not what we're talking about here. It is a bulk
collection of civilian telecommunications, something
which has actually been going on for decades without
obvious detriment to civil liberty human rights, in order for the intelligence agencies to
identify very narrow and specific sets of information about threats.' This is an
interesting statement given that such activities may
well have been against the law." |
"Town halls were granted permission to access private
communications data more times than GCHQ and MI6 last year, according to official figures.
Councils were granted permission to access records of internet use and telephone calls in
2,110 cases last year, according to a report by the surveillance watchdog. It compares to 1,291 approved interceptions of communication data for
GCHQ, the Government listening service, and 652 approvals for the Secret Intelligence
Service, known as MI6. Eric Pickles, the Local Government Secretary, accused councils
of'acting out their James Bond fantasies'and said the law on municipal surveillance powers
may need tightening up. Quangos including the Environment Agency, the Health and Safety
Executive, Royal Mail, the Rail Accident investigation branch and the NHS were given
permission to acquire communications data thousands of times. In total, police forces,
intelligence agencies and other bodies were granted 517,236 authorisations to look at
communications data under the Regulation of Investigatory Powers Act last year, a decline
on the previous two years. The so-called'envelope'data can be used to identify who is
emailing or telephoning whom, and covers the location and time from which messages are
sent. It would typically cover an itemised telephone bill, or the name of an account
holder of an email address or Twitter account. Some 2,795 warrants were issued to
intercept the actual content of emails and phone calls to nine bodies, including the
Metropolitan Police, the intelligence agencies, HMRC and the National Crime Agency. Of the
half a million interceptions, 88.9 per cent were granted by police forces and law
enforcement agencies, 9.8 per cent by intelligence agencies, 0.4 per cent by local
authorities and 0.9 per cent by other public bodies. MI5, the domestic security service,
accounted for the lions’ share of the agencies’ requests for communications
data: 48,639 out of 50,582." |
"Within an hour of
FOX31 Denver discovering a hidden camera, which was positioned to capture and record the
license plates and facial features of customers leaving a Golden Post Office, the device
was ripped from the ground and disappeared. FOX31
Denver investigative reporter Chris Halsne confirmed the hidden camera and recorder is
owned and operated by the United State Postal Inspection Service, the law enforcement
branch of the U.S. Postal Service. The recording device appeared to be tripped by any
vehicle leaving the property on Johnson Road, but the lens was not positioned to capture
images of the front door, employee entrance, or loading dock areas of the post office. An
alert customer first noticed the data collection device, hidden inside a utilities box,
around Thanksgiving 2014. It stayed in place, taking
photos through the busy Christmas holidays and into mid-January. Managers inside the post
office tell FOX31 Denver they were unaware customers were being photographed outside and
that the surveillance was not part of the building’s security monitoring. A
spokesperson for Postal Inspection Service declined to address the specific reason for the
domestic surveillance, but admitted the agency had a'number of cameras at their
disposal.'Pamela Durkee, a Federal Law Enforcement Agent and U.S. Postal Inspector, sent
an email to FOX31 Denver explaining,'(We) do not engage in routine or random surveillance.
Cameras are deployed for law enforcement or security purposes, which may include the
security of our facilities, the safety of our customers and employees, or for criminal
investigations. Employees of the Postal Inspection Service are sworn to uphold the United
States Constitution, including protecting the privacy of the American public.'FOX31 Denver
reviewed criminal search warrants on file in city, county, and federal court but none
appeared to be related to the Golden post office camera set-up. The Postal Inspection
Service would not confirm or deny that the camera was collecting data for a specific case
or cases."" |
"David
Cameron has moved to close a hole in the oversight of Britain’s intelligence
agencies after it was revealed for the first time that they were creating'bulk personal
datasets'containing millions of items of personal information, some of it gathered
covertly without any statutory accountability. Some of the data appears to have been
gathered from other government departments as well as commercial organisations. The
disclosure came in a long-awaited 149-page report prepared by parliament’s
intelligence and security committee (ISC) examining the oversight and capabilities of the
UK intelligence agencies in the wake of the revelations of Edward Snowden, the former US
National Security Agency (NSA) contractor. The inquiry found the laws governing the
agencies’ activities – including mass surveillance – require a total
overhaul to make them more transparent, comprehensible and capable of restoring trust in
their work. The report said the legal
framework is unnecessarily complicated and – crucially – almost impenetrable.
The current laws could be construed as providing the agencies with a'blank cheque to carry
out whatever actives they deem necessary', it said.'The legal framework has developed
piecemeal and is unnecessarily complicated,'the report concluded.'We have serious concerns
about the resulting lack of transparency, which is not in the public interest.'In its key
recommendation the committee proposed that'all the current legislation governing the
intrusive capabilities of the security and intelligence agencies be replaced by a new,
single act of parliament'. Although all sides welcomed the proposed clarification and
consolidation of the complex laws, the precise content of that legislation will be hotly
contested in the next parliament as advocates of security and privacy argue over how the
new legal lines must be drawn. In a sign of the scope of the existing loopholes David
Cameron, the prime minister, rushed out a statement in the wake of the report saying the
intelligence services commissioner, Sir Mark Waller, would be given'statutory powers of
oversight of use of bulk personal datasets'. In a heavily censored section of the report,
the committee said the datasets contain personal information about a wide range of people
and vary in size from hundreds to millions of records. It added that there is no legal
constraint on storage, restraint, retention, sharing and destruction. Surveillance agencies do not
require ministerial authorisation in any way to access the information. Committee members
said the information gathered in the bulk personal datasets is not necessarily gathered by
the agencies, implying it may have been harvested by either commercial organisations or
other government agencies for other purposes, and then handed over. The datasets vary from hundreds to millions of records and are acquired
through overt and covert channels,
the committee disclosed and are not derived from any specific legal power. Hazel Blears, the leading Labour committee member, was reluctant to
disclose the nature of the information collected, but likened the datasets to a telephone
directory and added they applied only to people in a certain category of interest to the
agencies. The committee state they were'concerned that until publication of its report
there had been no public or Parliamentary consideration of the related privacy
consideration and safeguards'. It appears that Waller raised the issue of the bulk
personal datasets, telling the committee 'it is
a risk that some individuals will misuse the powers of access to private data which must
be carefully guarded against'. More broadly, the
committee found that existing laws are not being broken by the agencies and insisted the
bulk collection of data by the government does not amount to mass surveillance or a threat
to individual privacy. Blears, said:'What we’ve found is that the way in which the
agencies use the capabilities they have is authorised, lawful, necessary and
proportionate.'But what we’ve also found is there is a degree of confusion and lack
of transparency about the way in which this is authorised in our legal system. It is that
lack of transparency that leads to people reaching the conclusion that there is blanket
surveillance, indiscriminate surveillance.'The report
confirmed that GCHQ
does have the capability for bulk interceptions but
denied that represents a blanket or indiscriminate surveillance, saying the security
services neither have the resources nor motive to look at more than a small fraction of
the material available to it. It said GCHQ could theoretically access communications
traffic from a small percentage of the 100,000 servers which make up the core
infrastructure of the internet, chosen on the basis of the possible intelligence value of
the traffic they carry. But in a controversial move, the committee redacted the
percentage of items sent across the internet in a single day that are ever selected to be
read by a GCHQ analysts, emphasising: 'They will have gone through several stages
of targeting filtering and searching so they are believed to be the ones of the very
highest intelligence value.'" |
"Spies have been
dismissed and disciplined for inappropriately accessing private information on citizens in
recent years, the intelligence and security committee (ISC) report on privacy has found.
The report reveals a small number of staff at the intelligence agencies misused their
surveillance powers, but it is not specific about how the information was wrongly
accessed.'Deliberate abuse of access to GCHQ’s systems would constitute gross
misconduct (depending on the circumstances) – to date there has only been one case
where GCHQ have dismissed a member of
staff for misusing access to GCHQ’s systems,'the report states. It adds:'Each agency
reported that they had disciplined – or in some cases dismissed – staff for
inappropriately accessing personal information held in these datasets in recent years.'One
member of the committee, Lord Butler of Brockwell, said there were only'very small single
figures of abuse'of surveillance powers by intelligence agents. The report is part of an
inquiry triggered by the revelations of Edward Snowden, the former US
National Security Agency (NSA) contractor. Overall, the 18-month inquiry has found the
existing laws are not being broken by the agencies and insists the bulk collection of data
by the government does not amount to mass surveillance or a threat to individual privacy.
But it also says the legal framework is unnecessarily complicated and – crucially
– lacks transparency. The current laws could be
construed as providing the agencies with a'blank cheque to carry out whatever actives they
deem necessary', it says. The committee said it had
been told by the intelligence agencies that all staff with access to'bulk personal
datasets'are trained on their legal responsibilities and all searches must be justified on
the basis of necessity and proportionality. Searches made by staff are also subject to
audit to ensure any misuse is identified.Asked about the dismissals, committee member
Hazel Blears said it was extremely rare and no one should think unauthorised spying was
widespread.'We also recommend in our report that these matters should say this should be a
criminal offence because we regard this as extremely serious indeed,'she said.'If you are
trying to get public confidence around privacy if someone breaches the rules there ought
to be absolutely severe sanctions. 'We are not in a position today to give you the
detailed information. I’m not sure we would be in a position to give you that
detailed information.'" |
"The legal framework surrounding surveillance is 'unnecessarily
complicated' and 'lacks transparency', a Parliamentary committee says. The
Intelligence and Security Committee (ISC) report also says there should be a single
law to govern access to private communications by UK agencies. Its inquiry has considered the impact of such activities on people's
privacy. Meanwhile, official regulators revealed a case last year when a GCHQ employee was
sacked over unauthorised searches. The
Interception of Communications Commissioner's Office (IOCCO) report said it was the
first known instance of deliberate abuse of GCHQ's interception and communications data
systems in this way. The ISC inquiry began after leaks in 2013 about surveillance by US
and UK agencies. Edward Snowden, a former US intelligence contractor, who now lives in
Russia after fleeing the US, gave the media details of extensive internet and phone
surveillance. BBC security correspondent Gordon Corera said Mr Snowden's revelations
raised concerns in some quarters that spies had accrued too much power in secret. The
committee's report looked at whether current legislation provides the necessary powers,
what the privacy implications are and whether there is sufficient oversight and
accountability. Following its publication, Shami
Chakrabarti, director of rights campaign group Liberty, said the ISC was 'a simple
mouthpiece for the spooks'. Among its findings, the
report said that the UK's intelligence and security agencies 'do not seek to circumvent
the law' and that its activities do not equate to 'blanket surveillance' or
'indiscriminate surveillance'. Today was not quite a clean bill of health for Britain's
spies. The ISC does come firmly down on the side of GCHQ in arguing that collecting data
in bulk in order, but only reading small amounts of it, does not constitute mass
surveillance. But on a wider issue of transparency and accountability, the committee has
taken a tougher line. The legal system is deemed as
lacking transparency and requiring a total overhaul. Some of the problems were evident
today. The committee revealed that 'bulk datasets' are acquired, but was not able to tell
people what they are. The interception commissioner
will now also oversee the way in which the 1984 Telecoms Act is used to acquire data but
the clear implication is that no one was overseeing this in the past. And finally for GCHQ
there is the embarrassing revelation that a member of staff had to be sacked for gross
misconduct in conducting unauthorised searches. It also said the Government Communications
Headquarters (GCHQ) agency requires access to internet traffic through 'bulk interception'
primarily in order to uncover threats by finding 'patterns and associations, in order to
generate initial leads', which the report described as an 'essential first step'. 'Given
the extent of targeting and filtering involved, it is evident that while GCHQ's bulk
interception capability may involve large numbers of emails, it does not equate to blanket
surveillance, nor does it equate to indiscriminate surveillance. 'GCHQ is not collecting
or reading everyone's emails: they do not have the legal authority, the resources, or the
technical capability to do so.' The ISC also said
that it had established that bulk interception methods cannot be used to search for and
examine the communications of an individual in the UK unless GCHQ 'first obtain a specific
authorisation naming that individual, signed by a secretary of state'. Ms Chakrabarti said the ISC was 'so
clueless and ineffective that it's only thanks to Edward Snowden that it had the slightest
clue of the agencies' antics'.... Nigel Inkster,
from the International Institute for Strategic Studies, told the BBC's Today programme
that the security and intelligence agencies had 'pretty adequate' powers of surveillance,
which should remain. He added: 'What we're talking about here is the bulk collection of
civilian telecommunications, something which has actually been going on for decades without
obvious detriment to civil liberties or human rights, in order for the intelligence
agencies to identify very narrow and specific sets of information about threats.... There
were 2,795 interception warrants issued to access communications content in 2014,
according to the IOCCO report. Overall, the commissioner Sir Anthony May said there was
relatively little change in the number of interception warrants and communications data
requests from intelligence agencies and police. In
June 2013 the Guardian reported that GCHQ was tapping fibre-optic cables that carry
global communications and sharing vast amounts of data with the NSA, its US
counterpart." |
"GCHQ was last night cleared of carrying out mass surveillance of
the public using vast trawls of internet traffic. The Intelligence and Security Committee
said the central claims made by the Guardian newspaper on the back of documents stolen by
American whistle-blower Edward Snowden were wrong and it cleared the Government’s
listening station of wrongdoing. After an 18-month
inquiry, the committee dismissed the claims that GCHQ had ‘blanket coverage’ of
web communications and was rooting indiscriminately through private messages. In reality,
it said, GCHQ can access only a small part of the web and operatives see only a ‘tiny
fraction’ of the messages collected after a sophisticated filtering process. The
committee concluded that the only items seen by analysts were those of the ‘highest
intelligence value’, and these amounted to several thousand a day. Tory MP Mark
Field, a member of the committee, said: ‘The big mistake that Snowden and the
Guardian made in its coverage was to equate bulk data with bulk surveillance. ‘The
truth is that the filtering process means that a tiny proportion of the bulk data that is
collected is ever examined. ‘That point was never really made by the Guardian, who
gave the impression that with every phone call, every email and every text message, the
public had a spy on their shoulder.’ Labour MP Hazel Blears said the ‘two main
claims’ made off the back of the Snowden leaks were untrue and surveillance was
neither blanket nor indiscriminate. ‘What we’ve found is that the way in which
the agencies use the capabilities they have is authorised, lawful, necessary and
proportionate." |
"Every time you email someone overseas, the NSA copies and searches
your message. It makes no difference if you or the person you're communicating with has
done anything wrong. If the NSA believes your message could contain information
relating to the foreign affairs of the United States – because of whom you're talking
to, or whom you're talking about – it may hold on to it for as long as three years
and sometimes much longer. A new ACLU lawsuit filed
today challenges this dragnet spying, called 'upstream' surveillance, on behalf of
Wikimedia and a broad coalition of educational, human rights, legal, and media
organizations whose work depends on the privacy of their communications. The plaintiffs
include Amnesty International USA, the National Association of Criminal Defense Lawyers,
and The Nation magazine, and many other organizations whose work is critical to the
functioning of our democracy. But the effect of the surveillance we're challenging goes
far beyond these organizations. The surveillance affects virtually every American who uses
the Internet to connect with people overseas – and many who do little more than email
their friends or family or browse the web. And it should be disturbing to all of us,
because free expression and intellectual inquiry will wither away if the NSA is looking
over our shoulders while we're online..... Inside the United States, upstream surveillance
is conducted under a controversial spying law called the FISA Amendments Act, which allows
the NSA to target the communications of foreigners abroad and to intercept Americans'
communications with those foreign targets. The main problem with the law is that it
doesn't limit which foreigners can be targeted. The
NSA's targets may include journalists, academics, government officials, tech workers,
scientists, and other innocent people who are not connected even remotely with terrorism
or suspected of any wrongdoing. The agency sweeps up Americans' communications with all of
those targets. And, as our lawsuit explains, the NSA
is exceeding even the authority granted by the FISA Amendments Act. Rather than limit
itself to monitoring Americans' communications with the foreign targets, the NSA is spying
on everyone, trying to find out who might be talking or reading about those targets. As a
result, countless innocent people will be caught up in the NSA's massive net. For
instance, a high school student in the U.S. working on a term paper might visit a foreign
website to read a news story or download research materials. If those documents happen to
contain an email address targeted by the NSA – like this news report
does – chances are the communications will be intercepted and stored for further
scrutiny. The same would be true if an overseas friend, colleague, or contact sent the
student a copy of that news story in an email message. As former NSA Director Michael Hayden recently put
it, '[L]et me be really clear. NSA doesn't just
listen to bad people. NSA listens to interesting people. People who are communicating
information.'" |
"The Central Intelligence Agency played a crucial role in helping
the Justice Department develop technology that scans data from thousands of U.S.
cellphones at a time, part of a secret high-tech
alliance between the spy agency and domestic law enforcement, according to people familiar
with the work." |
"Researchers working with the Central Intelligence Agency have
conducted a multi-year, sustained effort to break the security of Apple’s iPhones and
iPads, according to top-secret
documents obtained by The Intercept. The
security researchers presented their latest tactics and achievements at a secret annual
gathering, called the'Jamboree,'where attendees discussed strategies for exploiting
security flaws in household and commercial electronics. The conferences have spanned
nearly a decade, with the first CIA-sponsored meeting taking place a year before the first
iPhone was released. By targeting essential security keys used to encrypt data stored on
Apple’s devices, the researchers have sought to thwart the company’s attempts to
provide mobile security to hundreds of millions of Apple customers across the globe.
Studying both'physical'and'non-invasive'techniques, U.S. government-sponsored research has
been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted
firmware. This could enable spies to plant malicious code on Apple devices and seek out
potential vulnerabilities in other parts of the iPhone and iPad currently masked by
encryption. The CIA declined to comment for this story. The security researchers also
claimed they had created a modified version of Apple’s proprietary software
development tool, Xcode, which could sneak surveillance backdoors into any apps or
programs created using the tool. Xcode, which is distributed by Apple to hundreds of
thousands of developers, is used to create apps that are sold through Apple’s App
Store. The modified version of Xcode, the researchers claimed, could enable spies to steal
passwords and grab messages on infected devices. Researchers also claimed the modified
Xcode could'force all iOS applications to send embedded data to a listening post.'It
remains unclear how intelligence agencies would get developers to use the poisoned version
of Xcode. Researchers also claimed they had successfully modified the OS X updater, a
program used to deliver updates to laptop and desktop computers, to install
a'keylogger.'Other presentations at the CIA conference have focused on the products of
Apple’s competitors, including Microsoft’s BitLocker encryption system, which is
used widely on laptop and desktop computers running premium editions of Windows. The
revelations that the CIA has waged a secret campaign to defeat the security mechanisms
built into Apple’s devices come as Apple and other tech giants are loudly resisting
pressure from senior U.S. and U.K. government officials to weaken the security of their
products. Law enforcement agencies want the companies to maintain the government’s
ability to bypass security tools built into wireless devices. Perhaps more than any other
corporate leader, Apple’s CEO, Tim Cook, has taken a stand for privacy as a core
value, while sharply criticizing the actions of U.S. law enforcement and intelligence
agencies. Security researchers from Sandia National Laboratories presented their
Apple-focused research at a secret annual CIA conference called the Trusted Computing Base
Jamboree. The Apple research and the existence of the conference are detailed in documents
provided to The Intercept by National Security Agency whistleblower Edward Snowden. The
conference was sponsored by the CIA’s Information Operations Center, which conducts
covert cyberattacks. The aim of the gathering, according to a 2012 internal NSA wiki, was
to host'presentations that provide important information to developers trying to
circumvent or exploit new security capabilities,'as well as to'exploit new avenues of
attack.'NSA personnel also participated in the conference through the NSA’s
counterpart to the CIA’s Trusted Computing Base, according to the document. The NSA
did not provide comment for this story. The Jamboree
was held at a Lockheed Martin facility inside an executive office park in northern
Virginia. Lockheed is one of the largest defense contractors in the world; its tentacles
stretch into every aspect of U.S. national security and intelligence. The company is akin
to a privatized wing of the U.S. national security state — more than 80
percent of its total revenue comes from the U.S. government. Lockheed also owns Sandia
Labs, which is funded by the U.S. government, whose researchers have presented Apple
findings at the CIA conference.'Lockheed Martin’s role in these activities should not
be surprising given its leading role in the national surveillance state,'says William
Hartung, director of the Arms and Security Project at the Center for International Policy
and author of Prophets of War, a book that chronicles Lockheed’s history.'It is the
largest private intelligence contractor in the world, and it has worked on past
surveillance programs for the Pentagon, the CIA and the NSA. If you’re looking for a
candidate for Big Brother, Lockheed Martin fits the bill.'The Apple research is consistent with a much broader secret U.S.
government program to analyze'secure communications products, both foreign and domestic'in
order to'develop exploitation capabilities against the authentication and encryption
schemes,'according to the 2013 Congressional Budget Justification. Known widely as
the'Black Budget,'the top-secret CBJ was provided to The Intercept by Snowden and gives a
sprawling overview of the U.S. intelligence community’s spending and architecture.
The White House did not respond to a request for comment.... For years, U.S. and British
intelligence agencies have consistently sought to defeat the layers of encryption and
other security features used by Apple to protect the iPhone. A joint task force comprised
of operatives from the NSA and Britain’s Government Communications Headquarters,
formed in 2010, developed surveillance software targeting iPhones, Android devices and
Nokia’s Symbian phones. The Mobile Handset
Exploitation Team successfully implanted malware on iPhones as part of WARRIOR PRIDE, a
GCHQ framework for secretly accessing private communications on mobile devices. That
program was disclosed in Snowden documents reported
on last year by The Guardian." |
"A complaint has been lodged with the Inspector General of
Intelligence and Security claiming the GCSB has broken the law by spying on Kiwis
holidaying, living and working in the Pacific. It is a direct challenge to the Prime
Minister's assertion the Government Communications Security Bureau acts legally. The Green
Party complaint was lodged after documents from whistleblower Edward Snowden showed there
was 'full take' collection of satellite communications in the Pacific by the GCSB. This morning, former director of the GCSB Sir Bruce Ferguson told Radio
New Zealand that mass surveillance was being undertaken in the Pacific, and it was
'mission impossible' to eliminate New Zealanders' data from the collection.
'It's the whole method of surveillance these days - it's mass collection. To actually
individualise that is mission impossible,' he said. He said he supported Mr Key's
assurances that the GCSB were not spying on New Zealanders. Sir Bruce said it wasn't
happening 'willingly' or intentionally'. 'I'd back those assurances up certainly for my
time, nothing illegal is happening there.' He said the data of New Zealanders collected
would be 'discarded" and not used. New Zealanders had never been targeted by the GCSB
without reason, he said. Following Sir Bruce's, comments, Dr Norman said Mr Key now needed
to 'put up, not shut up'. 'Both the American National Security Agency (NSA) papers and Sir
Bruce have confirmed there is 'full take collection' in the Pacific. John Key needs to
justify how that spying squares with our law. 'I challenge John Key to point to anywhere
in the law that says this kind of mass indiscriminate spying on New Zealanders and the
wholesale collection of our data is legal,' Dr Norman said." |
"Glasses might be helpful for improved vision, but a new type are
being tested that allow wearers to be invisible in unwanted photographs. Invisibility
Glasses by AVG, a software security company, were designed in a bid to help protect
people's online identities in the digital age. With the increased use of cell phone
cameras in public, the glasses makes it difficult to capture a person's identity in facial
recognition software, for example the kind used on Facebook. The wearable technology, which does not hide the rest of the person's
body, debuted on Sunday at technology showcase Pepcom in Barcelona, according to Gizmodo.
The developers of the privacy glasses, AVG
Innovation Labs, said that with the advancement in facial recognition technologies
like Facebook's DeepFace system, they began investigating how technology can be used when
it comes to securing online privacy. DeepFace
will be able to determine whether two captured faces are of the same person with 97.25 per
cent accuracy. And this coupled with other advancements left developers questioning how to
combat privacy. The glasses, through the use of infrared LED light and retro-reflective
materials, block a clear facial capture of the wearer, developers claim." |
"China
has dropped some of the world's leading technology brands from its approved state purchase
lists, while approving thousands more locally made products, in what some say is a
response to revelations of widespread Western cybersurveillance. Others put the shift down to a protectionist impulse to shield China's
domestic technology industry from competition.Chief casualty is
U.S. network equipment maker Cisco Systems Inc (CSCO.O), which in
2012 counted 60 products on the Central Government Procurement Center's (CGPC) list, but
by late 2014 had none, a Reuters analysis of official data shows. Smartphone and PC maker
Apple Inc (AAPL.O)
has also been dropped over the period, along with Intel Corp's (INTC.O) security
software firm McAfee and network and server software firm Citrix Systems (CTXS.O)....
China's change of tack coincided with leaks by former U.S. National Security Agency (NSA)
contractor Edward Snowden in mid-2013 that exposed several global surveillance program,
many of them run by the NSA with the cooperation of telecom companies and European
governments. "The Snowden incident, it's become a real concern, especially for top
leaders," said Tu Xinquan, Associate Director of the China Institute of WTO Studies
at the University of International Business and Economics in Beijing. "In some sense
the American government has some responsibility for that; (China's) concerns have some
legitimacy." |
"Jack Straw and Sir
Malcolm Rifkind are feeling sore having been caught boasting of the clout and contacts to
representatives of a fake Chinese company pretending to offer them money.... Both men
showed woeful judgement in talking to a purported public relations firm apparently without
even cursory due diligence.... Sir Malcolm, who has
been chairman of the House of Commons' intelligence and security committee for virtually
the whole of this parliament, met the phoney firm without adequately checking its bona
fides. This is hardly the cool scepticism one would hope for from a scrutineer of
Britain's top secret intelligence." |
"The head of Greenpeace International, Kumi Naidoo, was targeted by
intelligence agencies as a potential security threat ahead of a major international
summit, leaked documents reveal. Information about Naidoo, a prominent human rights
activist from South
Africa, was requested from South African intelligence by South Korea’s National
Intelligence Service (NIS) in the runup to a meeting of G20 leaders in Seoul in 2010. He was linked in the intelligence request with two other South Africans
who had been swept up in an anti-terrorist raid in Pakistan but later released and
returned to South Africa.
Greenpeace
is one of the world’s best known environmental groups, combining lobbying with
high-profile direct action protests. South Korean intelligence may have been concerned
about possible disruption at the summit. Told this week of the approach, Naidoo described
it as outrageous. According to a document, marked confidential and written by South
African intelligence, the NIS asked its South African counterpart eight months before the
summit 'to indicate any possible security threat against the president of South Africa
during the G20 summit to be held in South
Korea from 11-12 November 2010'. The document added: 'Specific security assessments
were requested on the following SA nationals: the Director of Green Peace [sic], Mr Kim
Naidoo; Mr Feerzoz Abubaker Ganchi (DoB 28/01/1971); Mr Zubair Ismail (DoB 06/12/1984).'
Ganchi and Ismail were held in jail in Pakistan in 2004 after being arrested by
anti-terrorist police hunting al-Qaida members. The two said they had been planning a trek
in Pakistan and were released, returning to South Africa. In the runup to the Seoul
summit, Naidoo called for action over climate change, international poverty and gender
inequality, and for global tax initiatives to back it up. He was involved in the
anti-apartheid movement as a teenager and arrested several times. After a period in exile
in the UK, he returned to South Africa after the release of Nelson Mandela and worked for
the African National Congress. Greenpeace and other environmental groups have long been
the target of extensive intelligence operations, both by governments and corporations,
across the world. In 1985, the Greenpeace flagship Rainbow Warrior was sunk by French
intelligence agents in Auckland, New Zealand, on its way to protest against a French
nuclear test, killing a photographer. The FBI, undercover British police and corporations
such as Shell and BP have targeted or used private security firms to spy on
Greenpeace." |
"As a result of cash-for-access
allegations, the Conservative party has suspended
the whip from former foreign secretary Sir Malcolm Rifkind pending a disciplinary
inquiry. However, the MP’s most important, most sensitive – and indeed most
controversial – role is the chairmanship of the parliamentary intelligence and
security committee (ISC). A huge question mark now hangs over a body whose burden of work
is currently greater than it has ever been. ... When Rifkind was appointed chairman of the
committee by David Cameron in 2010 he proposed strengthening its powers – up to a
point. He conceded that its past investigations had been inadequate, and its resources too
meagre. He recognised it suffered from a lack of credibility. But did he do enough to
restore that credibility? The committee has found itself fielding a number of increasingly
urgent questions surrounding the activities of MI5, MI6, and GCHQ, not least the
revelations of the US whistleblower Edward Snowden, and that most vital of issues, the
protection of personal privacy against the forces of the national security state. On these issues Rifkind was seen by his detractors as being
insufficiently tough on the agencies involved. Of Tempora,
the programme that saw GCHQ secretly gain access to private communications, Rifkind
said: 'The reality is that the British public are well aware that its intelligence
agencies have neither the time nor the remotest interest in the emails or telephone
conversations of well over 99% of the population who are neither potential terrorists nor
serious criminals.' He added that he was 'yet to hear of any other country' that had 'a
more effective and extensive system of independent oversight than the UK and the US'. But Rifkind too often appeared to approach the security services
with the attitude of a critical friend, rather than with the dogged scepticism required of
a really effective committee chair." |
"Invasive school surveillance practices are the norm in the UK and
USA, and according to a University of Adelaide criminologist, such practices are becoming
increasingly popular in Australian schools. Associate
Professor Andrew Hope’s research into school-based surveillance in the UK, USA,
Europe and Australia was published in the British
Journal of Sociology of Education. Associate Professor Hope says while the school
surveillance revolution is fundamentally fuelled by concerns about the safety and
wellbeing of staff and students, these initiatives threaten the inherent nature of
schooling. 'An estimated 1.28 million students are fingerprinted in the UK, largely for
daily registration purposes; there is an excess of 106,000 closed-circuit television
(CCTV) cameras installed in English, Welsh and Scottish secondary schools; while students
in a USA high school use pedometers to ensure that they meet their gym class’s
physical activity requirement,' says Associate Professor Hope, Head of the Department of Gender Studies and
Social Analysis at the University of Adelaide. 'In most cases, school surveillance
initiatives are introduced to protect students, and while the safety of children is
important, we must not lose sight of their rights to privacy,' he says. 'Excessive use of
surveillance devices can threaten the values of a progressive education, undermine trust,
stigmatise individuals and limit the potential for student engagement.' Associate
Professor Hope says surveillance in Australian schools is steadily growing, with increased
safety concerns, including fear of homeland terrorism, influencing people’s attitudes
to surveillance." |
"One of the most
shocking parts of the recently discovered
spying network Equation Group is its mysterious module designed to reprogram or
reflash a computer hard drive’s firmware with malicious code. The Kaspersky
researchers who uncovered this said its ability to subvert hard drive firmware—the
guts of any computer—'surpasses anything else' they had ever seen. The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers
God-like control of the system in a way that is stealthy and persistent even through
software updates. The module, named 'nls_933w.dll', is the first of its kind found in the
wild and is used with both the EquationDrug and GrayFish spy platforms Kaspersky
uncovered. It also has another capability: to create
invisible storage space on the hard drive to hide data stolen from the system so the
attackers can retrieve it later. This lets spies like the Equation Group bypass disk
encryption by secreting documents they want to seize in areas that don’t get
encrypted. Kaspersky has so far uncovered 500
victims of the Equation Group, but only five of these had the firmware-flashing module on
their systems. The flasher module is likely reserved for significant systems that present
special surveillance challenges. Costin Raiu, director of Kaspersky’s Global Research
and Analysis Team, believes these are high-value computers that are not connected to the
internet and are protected with disk encryption." |
"British and US intelligence services can tap into mobile voice and
data communications of many devices after stealing encryption keys of a major SIM card
maker, according to a new report. The report, from
investigative website The Intercept, said the US National Security Agency and its British
counterpart GCHQ obtained encryption keys of the global SIM manufacturer Gemalto. Citing a
2010 document leaked by former NSA contractor Edward Snowden, the report said that with
the encryption keys, the intelligence services can secretly monitor a large portion of
global communications over mobile devices without using a warrant or wiretap. The
Intercept said a covert operation led by GCHQ with support from the NSA was able to mine
private communications of unwitting engineers at Gemalto, which is based in the
Netherlands. The report suggests the intelligence services could have access to a wider
range of communications than has been previously reported. Other documents have indicated
NSA can monitor email and traditional phone communications. The NSA did not immediately
respond to an AFP request for comment. A Gemalto spokeswoman said in an email to AFP that
the company 'is especially vigilant against malicious hackers and of course has detected,
logged and mitigated many types of attempts over the years.' Gemalto 'at present can
make no link between any of those past attempts and what was reported by The Intercept,'
the statement said. 'We take this publication very seriously and will devote all resources
necessary to fully investigate and understand the scope of such highly sophisticated
technique to try to obtain SIM card data.'" |
"If privacy conscious
folk aren’t already using encrypted mobile communications apps (I can personally
vouch for WhatsApp or TextSecure for texts, and RedPhone or Signal for calls), they should
be convinced to do so by the latest Edward Snowden revelations in The Intercept.
They outline GCHQ’s 'DAPINO GAMMA' attack on the
world’s biggest provider of SIM cards, Gemalto , as well as widespread
targeting of telecoms industry employees the world over. With the NSA, GCHQ has
effectively destroyed any remaining shred of trust people had in use of everyday telecoms
services. From the slides obtained from Snowden,
it’s apparent GCHQ acquired emails and other communications of targeted Gemalto
employees to obtain access to the crucial encryption keys held in SIM cards, each one
known as a 'Ki'. These keys encrypt calls, texts and internet usage between the mobile
user and their telecoms provider. By stealing them, GCHQ could harvest communications
data, as the agency is known to do, and unlock the content of the messages any time they
wanted. An extensive list of telecoms companies use Gemalto’s SIMs (the little chips
that act as the core of a modern mobile phone’s telecommunications functions) and
their services can now also be considered compromised by intelligence agencies. These
include AT&T
T -0.03%,
T-Mobile, Verizon and Sprint in the US. In Europe, they include Vodafone ,
Orange, EE and Royal KPN. For Asia, Gemalto supplies China Unicom, Japan’s NTT and
Chungwa Telecom in Taiwan. There’s this huge list of
Gemalto partners who will also have cause for concern and other indications of who is
affected on the firm’s website, which includes China Mobile, Banco Santander, Red Hat
and government organisations in The Netherlands, Algeria and South Africa. By cracking
Gemalto, GCHQ has cracked a lot of other companies too. A neat move if you’re paid by
the UK government to spy on as many people on the planet as possible. The brazen hacking
methods used by GCHQ on telecoms companies detailed by The Intercept is fairly startling
too. Glenn Greenwald’s publication claimed that since 2010, a GCHQ unit called the
Mobile Handset Exploitation Team (MHET) has been given sole responsibility for subverting
all kinds of mobile comms. The Intercept said snoops accessed the email and Facebook
accounts of engineers and other key targets at SIM manufacturers and telecoms businesses.
These included many firms along the supply chain, including hardware manufacturers
Ericsson and Nokia, mobile operators like MTN Irancell and Belgacom (another company that
GCHQ allegedly hacked), and SIM card providers Bluefish and Gemalto. They used the
NSA’s now-notorious X-KEYSCORE hacking tool to do this. Once they’d gained
access to emails, they would mine them for terms related to the SIM keys. During their
initial trials of such techniques that showed that by mining just six email addresses,
they acquired 85,000 keys. In June 2010, GCHQ boasted about obtaining 300,000 keys for
mobile phone users in Somalia. The number of keys it’s now sitting on must be
astonishing. One NSA document claimed that in 2009, the US was already able to process up
to 22 million keys per second." |
"Smartphone users might balk at letting a random app like Candy
Crush or Shazam track their every move via GPS. But researchers have found that Android
phones reveal information about your location to every app on your device through a
different, unlikely data leak: the phone’s power consumption. Researchers at Stanford University and Israel’s defense
research group Rafael have created a technique they call PowerSpy, which they say can
gather information about an Android phone’s geolocation merely by tracking its power
use over time. That data, unlike GPS or Wi-Fi location tracking, is freely available to
any installed app without a requirement to ask the user’s permission. That means it
could represent a new method of stealthily determining a user’s movements with
as much as 90 percent accuracy—though for now the method only really works when
trying to differentiate between a certain number of pre-measured routes. Spies
might trick a surveillance target into downloading a specific app that
uses the PowerSpy technique, or less malicious app makers could use its location tracking
for advertising purposes, says Yan Michalevski, one of the Stanford researchers. ...
PowerSpy takes advantage of the fact that a phone’s cellular transmissions use more
power to reach a given cell tower the farther it travels from that tower, or when
obstacles like buildings or mountains block its signal. That correlation between
battery use and variables like environmental conditions and cell tower distance is
strong enough that momentary power drains like a phone conversation or the use of another
power-hungry app can be filtered out, Michalevsky says. One of the machine-learning tricks
the researchers used to detect that 'noise' is a focus on longer-term trends in the
phone’s power use rather than those than last just a few seconds or minutes. 'A
sufficiently long power measurement (several minutes) enables the learning algorithm to
‘see’ through the noise,' the researchers write. 'We show that measuring the
phone’s aggregate power consumption over time completely reveals the phone’s
location and movement.' Even so, PowerSpy has a major limitation: It requires that the
snooper pre-measure how a phone’s power use behaves as it travels along defined
routes. This means you can’t snoop on a place you or a cohort has never been, as you
need to have actually walked or driven along the route your subject’s phone takes in
order to draw any location conclusions. The Stanford and Israeli researchers collected
power data from phones as they drove around California’s Bay Area and the Israeli
city of Haifa. Then they compared their dataset with the power consumption of an LG Nexus
4 handset as it repeatedly traveled through one of those routes, using a different,
unknown choice of route with each test. They found that among seven possible routes, they
could identify the correct one with 90 percent accuracy." |
"Picking faces out of a
crowd is something humans are hardwired to do, but training computers to act in the same
way is much more difficult. There have been various breakthroughs in this field in
recent months, but the latest could be the most significant yet. Researchers from Yahoo Labs and Stanford University have developed
an algorithm that can identify faces from various different angles, when part of the face
is hidden and even upside down. At the moment,
the so-called Deep Dense Face Detector doesn't recognise who the individual faces belong
to, just that there is a face. But the technology has the potential to be trained in
this way." |
"The regime under which UK intelligence agencies, including MI5 and
MI6, have been monitoring
conversations between lawyers and their clients for the past five years is unlawful, the
British government has admitted.The admission that
the activities of the security services have failed to comply fully with human rights laws
in a second major area – this time highly sensitive legally privileged communications
– is a severe embarrassment for the government. It follows hard on the heels of the British
court ruling on 6 February declaring that the regime surrounding the sharing of mass
personal intelligence data between America’s national security agency and
Britain’s GCHQ was unlawful for seven years. The admission that the regime
surrounding state snooping on legally privileged communications has also failed to comply
with the European convention on human rights comes in advance of a legal challenge, to be
heard early next month, in which the security services are
alleged to have unlawfully intercepted conversations between lawyers and their clients
to provide the government with an advantage in court. The case is due to be heard before
the Investigatory Powers Tribunal (IPT). It is being brought by lawyers on behalf of two
Libyans, Abdel-Hakim Belhaj and Sami al-Saadi, who, along with their families, were
abducted in a joint MI6-CIA operation and sent back to Tripoli to be tortured by Muammar
Gaddafi’s regime in 2004.... Exchanges between lawyers and their clients enjoy a
special protected status under UK law. Following exposure of widespread
monitoring by the US whistleblower Edward Snowden in 2013, Belhaj’s lawyers
feared that their exchanges with their clients could have been compromised by GCHQ’s
interception of phone conversations and emails." |
"The U.S. National Security Agency has figured out how to hide
spying software deep within hard drives made by Western Digital, Seagate, Toshiba and
other top manufacturers, giving the agency the means to eavesdrop on the majority of the
world's computers, according to cyber researchers and former operatives. That long-sought
and closely guarded ability was part of a cluster of spying programs discovered by
Kaspersky Lab, the Moscow-based security software maker that has exposed a series of Western
cyberespionage operations. Kaspersky said it found
personal computers in 30 countries infected with one or more of the spying programs, with
the most infections seen in Iran,
followed by Russia, Pakistan, Afghanistan, China, Mali, Syria, Yemen and Algeria. The
targets included government and military institutions, telecommunication companies, banks,
energy companies, nuclear researchers, media, and Islamic activists, Kaspersky said.
The firm declined to publicly name the country behind the spying campaign, but said it was
closely linked to Stuxnet, the NSA-led cyberweapon that was used to attack Iran's uranium
enrichment facility. The NSA is the agency responsible for gathering electronic
intelligence on behalf of the United States. A former NSA employee told Reuters that
Kaspersky's analysis was correct, and that people still in the intelligence agency valued
these spying programs as highly as Stuxnet. Another former intelligence operative
confirmed that the NSA had developed the prized technique of concealing spyware in hard
drives, but said he did not know which spy efforts relied on it. NSA spokeswoman Vanee
Vines declined to comment. Kaspersky published the technical details of its research on
Monday, which should help infected institutions detect the spying programs, some of which
trace back as far as 2001. The disclosure could further hurt the NSA's surveillance
abilities, already damaged by massive leaks by former contractor Edward Snowden. Snowden's
revelations have hurt the United States' relations with some allies and slowed the sales
of U.S. technology products abroad. The exposure of these new spying tools could lead to
greater backlash against Western technology, particularly in countries such as China, which is already
drafting regulations that would require most bank technology suppliers to proffer copies
of their software code for inspection. Peter Swire, one of five members of U.S. President
Barack Obama's Review Group on Intelligence and Communications Technology, said the
Kaspersky report showed that it is essential for the country to consider the possible
impact on trade and diplomatic relations before deciding to use its knowledge of software
flaws for intelligence gathering. "There can be serious negative effects on other
U.S. interests," Swire said." |
"If you own a ‘smart TV’ from South Korean tech giant
Samsung, every word you say can be captured by the device and beamed over the internet to
Samsung and to any other companies with whom it chooses to share your data. This ability
for the TV to earwig your conversations on the sofa is part of the set’s voice
command feature, which enables viewers to tell the TV to change channels rather than use a
remote. Such a feature is typical of many smart TVs, which are to the humble old cathode
ray TV set what a jet aircraft is to a propeller plane. Crucially, smart television sets
connect to the internet, from where they can download programmes and films from services
such as Netflix or BBC iPlayer. And increasingly, experts are realising that if the
internet can be used to bring information into your TV, it can also be used to take it
out. Smart TVs also have a whole range of advanced
features, of which voice recognition is one. There is no doubt that many viewers find
voice recognition a welcome addition, but its darker side was revealed this week when a
hawk-eyed U.S. journalist found the following sentence in Samsung’s surely misnamed
‘privacy’ policy. ‘Please be aware that if your spoken words include
personal or other sensitive information, that information will be among the data captured
and transmitted to a third party through your use of voice recognition.’ The TV
itself is programmed to understand certain phrases, such as ‘turn on’, but it
can also record everything else that is said in the room. The idea that your most private
conversations could be shared with anyone whom the unaccountable Samsung sees fit is
highly disturbing to say the least. And it’s not just television sets. It emerged
yesterday that millions of Britons are being spied on by Microsoft’s voice-activated
Xbox games consoles, which can listen in to everything around them. In its privacy policy,
Microsoft states that it is ‘only interested in your voice commands to Xbox, which we
capture along with any ambient background noise. If you give Microsoft permission, we
record commands whether you are online or offline’. The company says it stores this
data and, under its privacy policy, states that it can share it with ‘affiliates and
vendors’. However, despite Microsoft’s assurances that the data is safe, one has
only to look at how Xbox’s Live Platform servers were brought down by hackers on
Christmas Day to realise that our data is far from secure. These spies in our living rooms
are chillingly comparable to a passage in the novel Nineteen Eighty-Four, in which every
home in George Orwell’s terrifying vision of a constantly monitored future is
equipped with an all-seeing ‘telescreen’. ‘There was, of course, no way of
knowing whether you were being watched at any given moment,’ wrote Orwell in the book
that was published in 1949. And, just like those fictional ‘telescreens’, many
smart TV sets today don’t just have ears, but they also have eyes, in the form of
cameras used for facial recognition, which are designed to allow only specific people to
watch the set.... The truth is there are hundreds of ways in which we consumers have
permitted multinationals to invade our homes with devices that can record every word we
say and every movement we make even every toss and turn when we are asleep. We are being
spied on and stalked in this way because our private lives are seen as nothing more than
rich sources of data that can be sucked dry by vampiric corporations desperate to empty
our wallets.... if you use Google’s Gmail service, then you’ve long since signed
away any privacy in your life. Have you ever noticed how the adverts that appear alongside
emails seem oddly applicable to you? Of course, that is no coincidence. Google reads every
email you send and receive, and then works out which goods and services you might want to
buy. Try it send some emails about moving house and within minutes, the adverts will be
all about mortgages and estate agents. And then there is the so-called ‘Internet of
Everything’, which refers to the increasing number of household devices that are
hooked up to the internet. For example, with the humble heating thermostat, many energy
companies are offering customers ‘smart meters’ that enable us to control our
boilers over the internet using our smartphones. This cleverly allows us to put on the
heating remotely as we head home from work, for example but it also means that the
companies will be able to know when we are at home or out . . . and when we go away on
holiday." |
"Millions of Britons are being spied on in their homes by
Microsoft’s voice-activated Xbox game consoles, Apple smartphones and other hi-tech
gadgets. The revelation comes after Samsung’s admission that its internet-linked
smart TVs could be listening in on householders’ private conversations. Yesterday it emerged that some Microsoft and Apple gadgets, and
Samsung’s smartphones, are also snooping on customers." |
"UK spies had acted illegally when they collected data on British
residents' online communications that was gathered by the US National Security Agency, a
British court has ruled in a landmark judgment against Britain's security services. But
the judges said in the verdict on Friday that now, since details of the practices were
known, they were within the law.... The groups
brought the case after former US intelligence analyst Edward Snowden's disclosures about
the mass harvesting of communications data. Snowden disclosed NSA programmes known as
PRISM - which accessed data from Internet firms such as Yahoo and Google - and Upstream,
which tapped into undersea communications cables." |
"It
is a rare thing to bring truth to bear on the most powerful and secretive arm of the
state. Never before has the Investigatory Powers Tribunal the British court tasked with
reviewing complaints against the security services ruled against the government. Not once
have the spooks been taken to task for overstepping the lawful boundaries of their
conduct. Not a single British spy has been held accountable for mass surveillance,
unlawful spying or snooping on private emails and phone calls. Until
today. Privacy International has spent the past
25 years fighting back against the ever-expanding British surveillance state. Together with our allies, we’ve resisted the snooper’s
charter (multiple times), mandatory ID cards and the provision of passenger name
records. Yet in June 2013 we were as shocked as
everyone else to learn that GCHQ, in collaboration with the NSA, had acquired the
capabilities to completely control, monitor, copy, read and analyse the world’s
private communications.....In July 2013, the
Intelligence and Security Committee assured us that GCHQ access to NSA surveillance
material, in particular through the Prism programme, was entirely lawful. Unsurprisingly,
we did not find the reassurances of a body that has consistently and blindly backed the
services that it is meant to scrutinise comforting. That’s why we decided to take
GCHQ to court. Alongside Liberty, Amnesty International and human rights organisations
from around the world, we argued that mass surveillance is not an acceptable activity of a
democratic government, and that the cosy dealings between GCHQ and the NSA, conducted under a veil of
secrecy that was only lifted by a whistleblower’s bravery, had to be brought within
public control and scrutiny. The evidence was overwhelming and the history of human rights
law was in our favour, but the tribunal which at that point had never before found that
the surveillance activities of GCHQ broke the law disagreed. Mass surveillance, it found
in its decision of December 2014, was legitimate under British law. GCHQ’s access to
NSA mass surveillance was also acceptable, it said, given that the government had
disclosed details of its relationship with the US during the course of our case. The
decision was a disappointing one, and we’ll soon appeal to the European court of
human rights. But it left us with a small glimmer of hope. The
tribunal said that it was lawful for GCHQ and the NSA to swap and share surveillance
material only because GCHQ has secret internal policies that it reluctantly disclosed in
response to Privacy
International’s case. Now that those secret policies are no longer secret, the court
reasoned, the British public know what’s going on, and that in itself must make those
activities lawful. It must follow, therefore, that
before those policies were public prior to Edward Snowden’s disclosures, and our case
in the IPT GCHQ was acting outside the law. Complicated reasoning aside, this finding was
a genuine and rare success. The tribunal agreed, and we today have a firm statement that
the intelligence services were acting completely out of bounds. It is not the judgment we
would have liked that we still hope to get from the European court of human rights in
Strasbourg later this year but it is a significant victory against an arm of the state
that has rarely been forced to account for its wrongdoings." |
"GCHQ unlawfully spied on British citizens, a secretive UK court
has ruled. The decision could mean GCHQ will be forced to delete the information it
acquired from people that were spied on. The Investigatory Powers Tribunal (IPT), the
secretive court that was created to keep Britain’s intelligence agencies in check,
said that GCHQ’s access to information intercepted by the NSA breached human rights
laws. The court found that the collection contravened Article 8 of the European Convention
on Human Rights, which protects the right to a private and family life. It also breaches Article 6, which protects the right to a fair trial. The
breaches open up the possibility of anyone who 'reasonably believes' they were spied on to
ask for the information that GCHQ holds on them to be deleted. Citizens can send complaints
to the IPT to find out whether they were spied on and ask for a deletion. Some of the
privacy groups that brought the complaint are beginning proceedings to do so. The IPT has never ruled against any intelligence agency since it
was set up in 2000. It
found in December that GCHQ’s access to the data was lawful from that point
onward, and it re-affirmed that decision today. That ruling is now being appealed. GCHQ
pointed to that decision in its response to today's ruling, which it said it welcomed. A
GCHQ spokesperson said: 'We are pleased that the Court has once again ruled that the
UK’s bulk interception regime is fully lawful. It follows the Court’s clear
rejection of accusations of ‘mass surveillance’ in their December judgment.' But the court said today that historical collection was unlawful
because the rules governing how the UK could access information received from the NSA were
kept secret. It concerned practises disclosed as
part of documents disclosed by Edward Snowden, and related to information found through
the NSA’s PRISM and UPSTREAM surveillance programmes. PRISM allegedly allowed the NSA
access to data from companies including Google, Facebook, Microsoft and Skype. UPSTREAM
allowed the NSA to intercept data through the fibre optic cables that power the internet.
The ruling comes after a legal challenge brought by civil liberties groups Privacy
International, Bytes for All, Amnesty International and Liberty. Some of those groups will
now seek to find whether their information was collected through the programmes and ask
for that information to be deleted. 'For far too long, intelligence agencies like GCHQ and
NSA have acted like they are above the law,' said Eric King, deputy director of Privacy
International. 'Today’s decision confirms to the public what many have said all along
over the past decade, GCHQ and the NSA have been engaged in an illegal mass surveillance
sharing program that has affected millions of people around the world.' But GCHQ argued
that the decision was based on a technicality." |
"British intelligence officials are so alarmed at a parliamentary inquiry into their activities in Germany that they have
threatened to stop sharing information if it goes ahead. According to a report in Focus magazine, British spy chiefs are worried
that German politicians could reveal classified information about their joint projects,
including details about code-breaking and technology. They fear a Europe-wide surveillance
project that began last year, and includes British and German intelligence, could be
comprised. Germany is taking the threat, said to have been made by senior British
officials, seriously. Gerhard Schindler, the head of Germany's federal intelligence
agency, the Bundesnachrichtendienst (BND) reportedly brief the parliamentary inquiry on
the 'unusually tense relations with British partner agencies' on Wednesday evening." |
"Back in August 2013, The Wall Street Journal introduced
the world to an internal term that NSA analysts have come up with to describe the act of
spying on one’s ex-partner: LOVEINT. The word
is reminiscent of existing spycraft parlance like HUMINT (human intelligence) or SIGINT
(signals intelligence). (LOVEINT also spawned
endless Twitter jokes.)
In a letter
sent Monday to the attorney general, Sen. Chuck Grassley (R-Iowa) described how he
initially asked the Department of Justice (DOJ) to explain what it was doing to address
the 12 publicly known instances of this inappropriate use of NSA surveillance capability.
However, the DOJ has stayed mum. '... One LOVEINT instance, which was described
in September
2013 by the NSA’s Office of the Inspector General, involved an employee who
on his first day of work in 2005, 'queried six e-mail addresses belonging to a former
girlfriend, a US person, without authorization.' An internal NSA audit four days
later revealed this violation. His punishment? 'A reduction in grade, 45 days restriction,
45 days of extra duty, and half pay for two months. It was recommended that the subject
not be given a security clearance.'" |
"Metadata help America’s intelligence agencies kill. And the
BND, Germany’s foreign intelligence agency, is helping the NSA and CIA collect
precisely these kinds of metadata. Not in a targeted manner, but on a massive scale. The
BND scoops up several million metadata and passes them on to its American counterparts.
More precisely: 220 million metadata every day. A paradigm change is taking place at the
BND: Rather than investigating individual suspects, the agency is placing its bets on mass
surveillance. Research conducted by ZEIT ONLINE now shows for the first time just how
extensive and troubling this reorganization is. It
used to be that spies would eavesdrop on people, secretly copy their letters and wiretap
their phones. They wanted to know what people were saying, what they were arranging with
and disclosing to others. To this day, people have continued to picture surveillance as an
agent wearing earphones and listening in. But those days are over. Today’s spies are
interested in completely different traces: metadata. From them, intelligence agencies can
deduce who communicated with whom, when, where and for how long. Every email bears such
metadata, every text message, every digital image, every WhatsApp message. Whoever can
interpret them knows not only what people are telling each other, as metadata betray much
more: exactly where people are, where they came from, what they are doing at that moment,
even what they are planning. They uncover every hiding place and every secret contact. 'We
kill people based on metadata,' former NSA and CIA head Gen. Michael
Hayden said in 2014. Whoever knows the right metadata knows where the deadly drone
must be dispatched.... ZEIT ONLINE has learned from secret BND documents that five agency
locations are involved in gathering huge amounts of metadata. Metadata vacuumed up across
the world – 220 million pieces of it every single day – flows into BND branch
offices in the German towns of Schöningen, Reinhausen, Bad Aibling and Gablingen. There,
they are stored for between a week and six months and sorted according to still-unknown
criteria. But the data aren’t just collected; they are also used to keep tabs on and
track of suspects. Exactly where the BND obtains the data remains unclear. The Bundestag
committee investigating the NSA spying scandal has uncovered that the German intelligence
agency intercepts communications traveling via both satellites and Internet cables. The
220 million metadata are only one part of what is amassed from these eavesdropping
activities." |
"The presidential advisory board on privacy that recommended a slew
of domestic surveillance reforms in the wake of the Edward Snowden revelations reported today that many of its
suggestions have been agreed to 'in principle' by the Obama administration, but in
practice, very little has changed. Most notably, the
Privacy and Civil Liberties Oversight Board called attention to the obvious fact that one
full year after it concluded
that the government’s bulk collection of metadata on domestic telephone calls is
illegal and unproductive, the program continues apace. 'The Administration accepted
our recommendation in principle. However, it has not ended the bulk telephone records
program on its own, opting instead to seek legislation to create an alternative to the
existing program,' the report notes." |
"A Senior European politician has caused outrage by calling for
computers to be fitted in all European cars as part of an EU wide road pricing system.
Transport Commissioner Violeta Bulc said the current system which is decided by national
parliaments was'a burden on car drivers and an obstacle to their mobility'she told German
newspaper ‘World
on Sunday’.... her comments were slammed by
UKIP transport spokesman Jill Seymour MEP, who said that the British people had'repeatedly
rejected government attempts to introduce pay-by-the-mile road schemes. ''Yet look how the
EU overrides the democratic decision of the British people: an unelected Slovenian
bureaucrat in Brussels announces in a German newspaper interview that she wants to force
all British drivers to fit computers in their cars which will count every mile they drive.
'Britain will be forced into an EU-wide scheme in which Commissioner Bulc will force all
drivers to pay for using our own roads, and the money will go straight to Brussels. This
would be outrageous on three counts. First, it would be the imposition of a tax on tens of
millions of UK citizens without the consent or control of parliament. Second, the money
raised would not go to HM Treasury but to the bureaucrats in Brussels who would then
undemocratically decide how the money would be spent on their own EU road schemes. Third, the idea that every British car would be fitted with a
high-tech computer tracking every trip a driver makes is an invasion of privacy which we
cannot tolerate.'" |
"The US government’s privacy board is calling out President Barack Obama for continuing to
collect Americans’ phone data in bulk, a year after it urged an end to the
controversial National Security Agency program. The Obama administration could cease the
mass acquisition of US phone records 'at any time', the Privacy and Civil Liberties
Oversight Board (PCLOB) said in an assessment it issued on Thursday. The PCLOB’s assessment comes amid uncertainty over the fate of
legislation to cease that collection. An effort intended to stop it, known as the USA
Freedom Act, failed in
the Senate in November. While the administration said after its defeat that Obama
would push for a new bill, it has yet to do so in the new Congress, and the president has
thus far pledged in his State of the Union address only to update the public on how the
bulk-surveillance program now works in practice." |
"The United States government is tracking the movement of vehicles
around the country in a clandestine intelligence-gathering programme that has been
condemned as a further official exercise to build a database on people’s lives. The
Drug Enforcement Administration was monitoring license plates on a 'massive' scale, giving
rise to 'major civil liberties concerns', the American Civil Liberties Union said on
Monday night, citing DEA documents obtained under freedom of information. 'This story highlights yet another way government security agencies are
seeking to quietly amplify their powers using new technologies,' Jay Stanley, a senior
policy analyst with ACLU, told the Guardian." |
"Europe’s top rights body has said mass surveillance practices
are a fundamental threat to human rights and violate the right to privacy enshrined in
European law. The parliamentary assembly
of the Council of Europe says in a report that it is 'deeply concerned' by the
'far-reaching, technologically advanced systems' used by the US and UK to collect, store
and analyse the data of private citizens. It describes the scale of spying by the US
National Security Agency, revealed by Edward Snowden, as 'stunning'. The report also suggests that British laws that give the monitoring agency
GCHQ wide-ranging powers are incompatible with the European convention on human rights. It
argues that British surveillance may be at odds with article
8, the right to privacy, as well as article 10, which guarantees freedom of
expression, and article 6, the right to a fair trial. 'These rights are cornerstones of
democracy. Their infringement without adequate judicial control jeopardises the rule of
law,' it says. There is compelling evidence that US intelligence agencies and their allies
are hoovering up data 'on a massive scale', the report says. US-UK operations encompass
'numerous persons against whom there is no ground for suspicion of any wrongdoing,' it
adds....There is no mention of the recent attacks in Paris by three jihadist terrorists
who shot dead 17 people. All three were known to the French authorities, who had them
under surveillance but discontinued eavesdropping last summer. David Cameron has
argued that the Paris attacks show that British spies need further surveillance
powers. The report implicitly rejects this conclusion.... The assembly sent a letter to
the German, British and US authorities asking whether they colluded with each other –
in other words, got round laws preventing domestic spying by getting a third party to do
it for them. The Germans and British denied this; the US failed to reply. The report
concludes that the UK response was probably true, given extensive British laws that
already allow practically unlimited spying. The new Data Retention and Investigatory
Powers Act – Drip, for short – passed in July, allows the wide-ranging
collection of personal data, in particular metadata, the report says. 'There seems to be
little need for circumvention any more,' it concludes." |
"Three WikiLeaks journalists are facing charges of espionage and
conspiracy after Google turned over their confidential data to the U.S. government, WikiLeaks
announced on its site Monday morning. The whistleblower organization now wants an
explanation from both Google and the Justice Department. 'The US government is claiming universal jurisdiction to apply the
Espionage Act, general Conspiracy statute and the Computer Fraud and Abuse Act to
journalists and publishers – a horrifying precedent for press freedoms around the
world,' WikiLeaks posted on its website. WikiLeaks alleges the warrants violated the
Privacy Protection ACt of 1980, 'which protects journalists and publishers from being
forced to turn over to law enforcement their journalistic work product and documentary
materials,' the letter from WikiLeaks attorneys read." |
"Edward Snowden, the infamous former contractor for the National
Security Agency who leaked thousands of pages of previously classified NSA intelligence
documents, reportedly thinks that Apple's iPhone has 'special software' that authorities
can activate remotely to be able to gather information about the user. 'Edward never uses an iPhone; he's got a simple phone,' said the lawyer of
Snowden, Anatoly Kucherena, in an interview with the Russian media company RIA Novosti.
'The iPhone has special software that can activate itself without the owner having to
press a button and gather information about him; that's why on security grounds he refused
to have this phone,' Kucherena added. It is not clear if the 'special software' being referred to in
the interview is made up of standard diagnostic tools, or if the NSA whistleblower thinks
intelligence agencies from the United States have found a way to compromise the mobile
operating system developed by Apple. Apple was among the first companies accused of participating in the PRISM data mining project of the
NSA, following the release by Snowden of the agency's classified documents. The project
reportedly involved extracting video, audio, pictures, documents, emails and connection
logs from devices, allowing analysts to track the movement of the device's user and the
communications that they are receiving or sending out." |
"Imagine a world where mosquito-sized robots fly around stealing
samples of your DNA. Or where a department store knows from your buying habits that
you’re pregnant even before your family does. That is the terrifying dystopian world
portrayed by a group of Harvard professors at the World Economic Forum in Davos on
Thursday, where the assembled elite heard that the notion of individual privacy is
effectively dead. 'Welcome to today. We’re already in that world,' said Margo
Seltzer, a professor in computer science at Harvard University. 'Privacy as we knew it in
the past is no longer feasible… How we conventionally think of privacy is dead,' she
added. Another Harvard researcher into genetics said
it was 'inevitable' that one’s personal genetic information would enter more and more
into the public sphere. Sophia Roosth said intelligence agents were already asked to
collect genetic information on foreign leaders to determine things like susceptibility to
disease and life expectancy. 'We are at the dawn of the age of genetic McCarthyism,' she
said, referring to witch-hunts against Communists in 1950s America. What’s more,
Seltzer imagined a world in which tiny robot drones flew around, the size of mosquitoes,
extracting a sample of your DNA for analysis by, say, the government or an insurance firm.
Invasions of privacy are 'going to become more
pervasive,' she predicted. 'It’s not whether this is going to happen, it’s
already happening… We live in a surveillance state today.'" |
"Whistleblower Edward Snowden,
who is in exile in Russia, prefers basic phones rather than smartphones such as Apple's
iPhone, as he fears that smartphones may have secret spyware that enable governments to
watch users without their knowledge. Snowden's lawyer said the former contractor at the US
National Security Agency is not using an iPhone due to fears of snooping by the
government. "Edward never uses an iPhone, he's
got a simple phone," Anatoly Kucherena told Russian news agency RIA Novosti.
"The iPhone has special software that can activate itself without the owner having to
press a button and gather information about him, that's why on security grounds he refused
to have this phone." The lawyer added that Snowden's decision not to use an iPhone
stemmed from a concern for professional privacy rather than from a dislike for the device.
In October, Snowden urged the internet community to shun services offered by popular firms
Dropbox, Facebook and Google, on grounds that they do not have a friendly attitude towards
personal privacy." |
"British counter-terror spooks must watch everyone if they are to
continue to prevent terrorist atrocities in the UK, the ex-head
of MI6 has warned. In his first speech since
quitting the role Sir John
Sawers said it was not possible to monitor terrorists without intruding upon the lives
of ordinary people. He agreed with the Prime Minister’s belief that there cannot be
'no-go areas' online where terrorists can 'ply their trades'." |
"The CCTV cameras are slowly being switched off in Britain's
austerity hit streets and town centres as, one by one, skint local councils and police
forces decide they are not worth the overheads. Before the money ran out, CCTV was the
darling of crime prevention. In the 1990s, the Home Office spent three quarters of its
entire crime prevention budget on CCTV cameras. Fuelled by the grainy images of Jamie
Bulger being led from Bootle shopping centre by his young killers, the government spent
£500 million between 1996 and 2006 on making the British population the most watched on
earth. At around 4 million cameras, Britain has more CCTV than the rest of Europe put
together. Banksy built his career on the haunting, iconic image of the Closed Circuit TV
camera. He summed up the uneasiness some felt under the glare of street surveillance when
he drew a boy in a red jacket daubing 'One Nation Under CCTV' in huge white capitals next
to a CCTV camera on a wall off Oxford Street in 2008. It was soon white-washed by
Westminster Council. But now local authorities across the UK, in Wales, Yorkshire,
Cornwall, Birmingham, Thames Valley, Blackpool and London, are either scaling down the use
of their cameras or switching them off altogether. A Freedom of Information request by
Labour MP Gloria de Piero in 2013 revealed one in five councils had cut their CCTV
capacity in the previous three years. CCTV is far from being the magic bullet everyone
thought it would be. Studies show that, while it's excellent at catching drunken fighting
and old ladies dumping cats in bins, it's not all that in terms of crime prevention and
detection. One study said cameras were less effective in reducing crime than street lamps.
Another report found that cameras made people more
fearful of crime than when they weren't there. When they switched CCTV cameras off in
Monmouth in south Wales, crime levels remained the same.... But surveillance is not going
away, it's merely mutating, and being replaced by a more pernicious breed of monitoring. A
report by the police and crime commissioner for Dyfed-Powys in Wales from the end of last
year concluded that the region's public CCTV network was not fit for purpose. It
suggested, amongst other things, the ratcheting up of CCTV in pubs and bars – as
opposed to streets – by attaching the installation of cameras as a condition of
granting alcohol licenses to newly established or renovated venues. Dyfed-Powys is not the
first region to crank up the monitoring of Brits in their downtime. In 2013, responding to
concerns about the rising number of cameras in British pubs, MP Brandon Lewis , who at the
time was the government's Community Pubs Minister, which is a strange job, announced the
end of 'the blanket use of surveillance in pubs'. 'This government has called time
on Big Brother's secret, intrusive and costly rules that has forced pub landlords to pay
to install CCTV where it was not needed,' he said. 'Well-run community pubs that don't
have a public order problem shouldn't be tarred with the same brush. The public deserves
to have a pint in peace in a community pub without being snooped on.' That promise appears
to have been flushed down the urinal like so much lagery piss. ... When I spoke to Graeme
Cushion, a partner at Poppleston Allen, one of the UK's biggest firms of licensing
solicitors, he suggested that the government's advice is being roundly ignored. 'Requiring
CCTV is the norm in almost all alcohol licensing applications now,' he said. 'It is
becoming more common and more prescriptive, in terms of what venues have to provide and
their duties to hand footage over to the police. A decade ago it used to be just clubs
where CCTV cameras were a condition of an alcohol license, but now it's low-risk pubs and
restaurants.' ... In the past, a pub or bar covered with CCTV cameras would be a handy
code for helping drinkers suss what kind of place it was, like the signs saying 'No
trainers allowed' at clubs – when you entered, you were aware there was a fair chance
you could get chinned. But while having CCTV in a pub with a weekly stabbing makes sense,
there is something game changing about the fact that in a decade every gulp could be
recorded." |
"At least 50 U.S. law enforcement agencies have secretly equipped
their officers with radar devices that allow them to effectively peer through the walls of
houses to see whether anyone is inside, a practice raising new concerns about the extent
of government surveillance. Those agencies,
including the FBI and the U.S. Marshals Service, began deploying the radar systems more
than two years ago with little notice to the courts and no public disclosure of when or
how they would be used. The technology raises legal and privacy issues because the U.S.
Supreme Court has said officers generally cannot use high-tech sensors to tell them about
the inside of a person's house without first obtaining a search warrant. The radars work
like finely tuned motion detectors, using radio waves to zero in on movements as slight as
human breathing from a distance of more than 50 feet. They
can detect whether anyone is inside of a house, where they are and whether they are
moving." |
"GCHQ’s bulk surveillance of electronic communications has scooped up
emails to and from journalists working for some of the US and UK’s largest media
organisations, analysis of documents released by whistleblower Edward Snowden reveals.
Emails from the BBC, Reuters, the Guardian, the New York Times, Le Monde, the Sun, NBC and
the Washington Post were saved by GCHQ and shared on the agency’s intranet as part of
a test exercise by the signals intelligence agency. The disclosure comes as the British
government faces intense pressure to protect the confidential communications of reporters, MPs and lawyers from snooping. The
journalists’ communications were among 70,000 emails harvested in the space of less
than 10 minutes on one day in November 2008 by one of GCHQ’s numerous taps on the
fibre-optic cables that make up the backbone of the internet. The communications, which
were sometimes simple mass-PR emails sent to dozens of journalists but also included
correspondence between reporters and editors discussing stories, were retained by GCHQ and
were available to all cleared staff on the agency intranet. There is nothing to indicate
whether or not the journalists were intentionally targeted. The mails appeared to have been captured and stored as the output of a
then-new tool being used to strip irrelevant data out of the agency’s tapping
process. New evidence from other UK intelligence
documents revealed by Snowden also shows that a GCHQ information security assessment
listed 'investigative journalists' as a threat in a hierarchy alongside terrorists or
hackers. Senior editors and lawyers in the UK have called for the urgent introduction of a
freedom of expression law amid growing concern over safeguards proposed by ministers to
meet concerns over the police use of surveillance powers linked to the Regulation of
Investigatory Powers Act 2000 (Ripa). More than 100 editors, including those from all the
national newspapers, have signed a letter, coordinated by the Society of Editors and Press
Gazette, to the UK prime minister, David Cameron, protesting at snooping on
journalists’ communications. In the wake of
terror attacks on the Charlie Hebdo offices and a Jewish grocer in Paris, Cameron has
renewed calls for further bulk-surveillance powers, such as those which netted these
journalistic communications. Ripa has been used to access journalists’ communications
without a warrrant, with recent cases including police accessing the phone records of Tom
Newton-Dunn, the Sun’s political editor, over the Plebgate investigation. The call
records of Mail on Sunday reporters involved in the paper’s coverage of Chris
Huhne’s speeding row were also accessed in this fashion. Under Ripa, neither the
police nor the security services need to seek the permission of a judge to investigate any
UK national’s phone records instead, they must obtain permission from an appointed
staff member from the same organisation, not involved in their investigation. However,
there are some suggestions in the documents that the collection of billing data by GCHQ
under Ripa goes wider and that it may not be confined to specific target individuals. A
top secret document discussing Ripa initially explains the fact that billing records
captured under Ripa are available to any government agency is 'unclassified' provided that
there is 'no mention of bulk'. The GCHQ document goes
on to warn that the fact that billing records 'kept under Ripa are not limited to
warranted targets' must be kept as one of the agency’s most tightly guarded secrets,
at a classification known as 'Top secret strap 2'. That is two levels higher than a normal
top secret classification as it refers to 'HMG [Her Majesty’s government]
relationships with industry that have areas of extreme sensitivity'. Internal security advice shared among the intelligence agencies was often
as preoccupied with the activities of journalists as with more conventional threats such as foreign intelligence, hackers
or criminals. One restricted document intended for those in army intelligence warned that
'journalists
and reporters representing all types of news media represent a potential threat to
security'. It continued: 'Of specific concern are ‘investigative journalists’ who
specialise in defence-related exposés either for profit or what they deem to be of the
public interest. 'All classes of journalists and reporters may try either a formal approach or an informal approach,
possibly with off-duty personnel, in their attempts to gain official information to which
they are not entitled.' It goes on to caution 'such approaches pose a real threat', and
tells staff they must be 'immediately reported' to the chain-of-command. GCHQ information security assessments, meanwhile, routinely list
journalists between 'terrorism' and 'hackers' as 'influencing threat sources', with one
matrix scoring journalists as having a 'capability' score of two out of five, and a
'priority' of three out of five, scoring an overall 'low' information security risk.
Terrorists, listed immediately above investigative journalists on the document, were given
a much higher 'capability' score of four out of five, but a lower 'priority' of two. The matrix concluded terrorists were therefore a 'moderate' information
security risk." |
"British spooks intercepted emails from US and UK media
organisations and rated ‘investigative journalists’ alongside terrorists and
hackers as potential security threats, secret documents reveal. Internal advice circulated
by intelligence chiefs at the Government spy centre GCHQ claims ‘journalists and
reporters representing all types of news media represent a potential threat to
security’. Intelligence documents leaked by the
fugitive US whistleblower Edward Snowden also show that British security officers scooped
up 70,000 emails in just 10 minutes during one interception exercise in 2008. Among the
private exchanges were emails between journalists at the BBC, New York Times and US
network NBC. The disclosure comes amid growing calls for the security services to be
handed more power to monitor the internet following the Paris terror attacks. Internal
security advice, shared among British intelligence agencies, scored journalists in a table
of potential threats. One restricted document, which according to the Guardian was intended for those in army intelligence, warned that
‘journalists and reporters representing all types of news media represent a potential
threat to security’. It continued: ‘Of specific concern are 'investigative
journalists' who specialise in defence-related exposés either for profit or what they
deem to be of the public interest.' The document adds: ‘All classes of journalists
and reporters may try either a formal approach or an informal approach, possibly with
off-duty personnel, in their attempts to gain official information to which they are not
entitled.’ It warns staff that ‘such approaches pose a real threat’, adding
it must be ‘immediately reported’. One table scored journalists a
‘low’ information security risk – compared to terrorists who are seen as a
‘moderate’ threat.... Emails from the BBC, the Sun and the Mail on Sunday were
picked up and shared on the agency’s internal computer system - alongside memos from
US media organisations. The revelation comes as the British government faces growing
pressure to ensure journalists’ texts and emails are protected from snooping.
Newspaper editors and lawyers have called for a new freedom of expression law." |
"...
the [NSA] isn't just trying to achieve mass
surveillance of Internet communication, either. The digital spies of the Five Eyes
alliance -- comprised of the United States, Britain, Canada, Australia and New Zealand --
want more. According to top secret documents from the archive of NSA whistleblower Edward
Snowden seen exclusively by SPIEGEL, they are planning for wars of the future in which the
Internet will play a critical role, with the aim of being able to use the net to paralyze
computer networks and, by doing so, potentially all the infrastructure they control,
including power and water supplies, factories, airports or the flow of money. During
the 20th century, scientists developed so-called ABC weapons -- atomic, biological and
chemical. It took decades before their deployment could be regulated and, at least partly,
outlawed. New digital weapons have now been developed for the war on the Internet. But
there are almost no international conventions or supervisory authorities for these D
weapons, and the only law that applies is the survival of the fittest. Canadian media
theorist Marshall McLuhan foresaw these developments decades ago. In 1970, he wrote,
'World War III is a guerrilla information war with no division between military and
civilian participation.' That's precisely the reality that spies are preparing for today.... From a military perspective, surveillance of the Internet is merely
'Phase 0' in the US digital war strategy. Internal NSA documents indicate that it is the
prerequisite for everything that follows. They show that the aim of the surveillance is to
detect vulnerabilities in enemy systems. Once 'stealthy implants' have been placed to
infiltrate enemy systems, thus allowing 'permanent accesses,' then Phase Three has been
achieved -- a phase headed by the word 'dominate' in the documents. This enables them to
'control/destroy critical systems & networks at will through pre-positioned accesses
(laid in Phase 0).' Critical infrastructure is considered by the agency to be anything
that is important in keeping a society running: energy, communications and transportation.
The internal documents state that the ultimate goal is 'real time controlled escalation'.
In recent years, malware has emerged that experts have attributed to the NSA and its Five
Eyes alliance based on a number of indicators. They include programs like Stuxnet, used to
attack the Iranian nuclear program. Or Regin, a powerful spyware trojan that created a
furor in Germany after it infected the USB stick of a high-ranking staffer to Chancellor
Angela Merkel. Agents also used Regin in attacks against the European Commission, the EU's
executive, and Belgian telecoms company Belgacom in 2011. Given
that spies can routinely break through just about any security software, virtually all
Internet users are at risk of a data attack.... Intelligence agencies have adopted 'plausible deniability' as
their guiding principle for Internet operations. To ensure their ability to do so, they
seek to make it impossible to trace the author of the attack. It's a stunning approach
with which the digital spies deliberately undermine the very foundations of the rule of
law around the globe. This approach threatens to transform the Internet into a lawless
zone in which superpowers and their secret services operate according to their own whims
with very few ways to hold them accountable for their actions." |
"MI6
has been forced to reveal documents detailing how it may access legally privileged
communications between solicitors and their clients, even if the lawyers are suing the
government. Policy guidance handed over to the civil liberties organisation Reprieve shows
how the Secret Intelligence Service (SIS) is attempting to regulate its mass surveillance
practices and demonstrate compliance with the law. The revelations have emerged from a
case brought by lawyers for two Libyans, Abdel-Hakim Belhaj and Sami al-Saadi, who,
along with their families, were abducted in a joint MI6-CIA operation and sent back to
Tripoli to be tortured by Colonel Muammar Gaddafi’s regime in 2004. Their complaint
about illegal monitoring is being heard before the investigatory
powers tribunal and a full trial of the issues is expected this spring. Exchanges
between lawyers and their clients enjoy a special protected status under UK law. Following
exposure of widespread monitoring by the US whistleblower Edward Snowden in 2013,
Belhaj’s lawyers feared that their exchanges with their clients could have been
compromised by GCHQ’s interception of phone conversations and emails. To demonstrate that its policies satisfy legal safeguards, MI6 has been
required to disclose internal guidance on how intelligence staff should deal with material
protected by legal professional privilege. The papers note: 'Undertaking interception in
such circumstances would be extremely rare and would require strong justification and
robust safeguards. It is essential that such intercepted material is not acquired or used
for the purpose of conferring an unfair or improper advantage on SIS or HMG [Her
Majesty’s government] in any such litigation, legal proceedings or criminal
investigation.'... Commenting on the latest document releases, Cori Crider, a lawyer who
represents Belhaj, said: 'MI6’s brand-new eavesdropping policy still has serious
problems it still envisages that MI6 will snoop on
private legal calls even in cases where it is being sued for torture. 'But these issues only highlight the double-decker-sized loopholes that
were in place when Mr Belhaj and his wife were preparing their legal claims. This
last-minute effort by MI6 to clean up their act shows Reprieve was right to fear that our
private communications with torture victims, and possibly with the police in Operation
Lydd [the investigation into the Libyan renditions], were compromised. 'There can be no
justification for spying on our privileged calls. If spying took place, and information
leaked, the government must come clean about it immediately so we can begin to set this
family’s torture trial back on a fair footing.'" |
"The home secretary, Theresa May, led demands for a
new Europe-wide travel database to track the movement of all air, train and ferry
passengers at an emergency meeting of EU interior ministers in Paris on Sunday. While 4 million people marched in the name of liberty across France, the EU ministers, joined
by senior US ministers, agreed to step up their drive against radicalisation, particularly
on the internet, and to disrupt the movement of terrorist networks. The joint statement
said: 'We are further convinced of the crucial and urgent need to move toward a European
passenger name record (PNR) framework, including intra-EU PNR. We are prepared to move
forward, adopting a constructive approach with the European parliament.'" |
"David
Cameron appears to want to strengthen the laws that allow the security services to
intercept communications so that no method or element of online communication is out of
reach of the state, as long as they have a warrant personally signed by the home
secretary. The security services complain that the growth of encryption of online data
means there are already services available that are sold as guaranteeing privacy or are in
some other way beyond the reach of the intelligence services. It could mean that a new
intercept law might outlaw services such as Snapchat, by which text, photos or video are
shared for up to 10 seconds before they are deleted from the company’s servers. More than 700m photos and videos are shared each day using such services.
It could also mean that companies that offer encrypted email services could be banned or
required to hand over their encryption keys to the security services in specified
circumstances such as terrorism or paedophile cases. The prime minister also appears to
want to future-proof any new measure. Traditionally the security services and the police
have always had the authority to intercept and read any letter or listen in to any phone
call as long as they have a warrant personally signed by the home secretary.
Cameron’s comments suggest that he wants a blanket law that would cover not only
existing forms of communication such as encrypted services or Snapchat-style services but
also any that might develop into the future. This would amount to an extremely sweeping
new power. But the details are still unclear and Cameron’s aides are reluctant to
spell out in any more detail what might be involved beyond saying that it is a matter for
after the general election due in May. The demand for more powers for the security
services made by Andrew Parker, the head of MI5,
in the immediate aftermath of the Paris attacks was not the first time a security chief
has tried to put the subject on the table. Parker warned last week that the pace of
technological change meant the 'dark places [on the net] from where those who wish us harm
can plot or plan are increasing', and that agencies’ capability to tackle them were
decreasing. Previously, the first act of Robert Hannigan when he took over as head of GCHQ
in November was to launch a public attack on the US technology giants, accusing them of
being ''the command-and-control networks of choice for terrorists and criminals'. The
security agencies say the use of encryption for emails and chats increasingly
offered as standard by the internet companies is making it harder for them to track
terrorist suspects. They are also exercised by software such as Tor, which disguises the
location of the person surfing the net, sending messages or using chat. Anyone using Tor
immediately becomes suspect, even though they may be doing so only because they want to
ensure privacy. Neither Parker nor Hannigan explicitly mentioned the communications data
bill the snooper’s charter, as it is known by its critics but everyone from Cameron
downwards knows that is also on their minds. The snooper’s charter was blocked by
Nick Clegg, the deputy prime minister, after a joint parliamentary committee which
included a former cabinet secretary and was chaired by a Tory ex-Home Office minister
concluded that its provisions were so sweeping that they amounted to 'overkill', and a
better balance was needed between security and privacy. The Liberal Democrats have made
clear they will block any attempt to introduce the snooper’s charter before the
election. Cameron’s focus on the issue in the immediate aftermath of the Paris attack
suggests he wants to turn it into a clear dividing line with the Lib Dems in the election
campaign." |
"If you’re starting the New Year on the hunt for a new role, beware:
your online habits could be giving you away to your boss. HR teams and recruiters are
now using technology, such as that offered by Joberate, to track how their employees use
social networks. Employees are given a baseline score, and if the technology spots signs
that suggests they are looking for a new job, it flags up the changes to their bosses.
Joberate describes itself as technology that ‘measures job seeking behaviours of the
global workforce.’ The company tells Joberate’s system which employees it wants
to track. Selected employees are then awarded a baseline score, based on their role, how
long they’ve been at the firm, and which sites they regularly use, for example. This
so-called social ID then plots a typical behaviour pattern on various sites such as Twitter and LinkedIn. If the employee follows a new company on Twitter, or connects with a
recruiter on LinkedIn, their score increases. But this is weighted, based on their
previous behaviour. For example, if a person who regularly follows company accounts likes
a new business page, their score only increases by one point. Meanwhile, if a person who
rarely follows companies or uses their accounts begins increasing activity, they are given
eight points. Joberate uses what it calls a ‘machine learning predictive analytics
engine’ to establish whether the employee is exhibiting signs of job hunting, before
alerting the employee’s boss. It doesn’t reveal, categorically, that the
employee is looking for a new role; instead it sends a numerical score saying how likely
it is they might leave. And, as the technology learns more about a firm’s employees,
the more accurate these predictions become. Joberate’s chief executive Michael
Beygleman told Tom Whipple at The
Times that changing a job is ‘like buying a car, or getting married…but we
actually know very little about how this event appears in social media.’ He added,
though, that all of the data the technology uses is from public databases, profiles or
sites. It can’t view the content of personal emails, for example, or log in to social
accounts." |
"Android apps are spying on users far more than expected, a new
study has found. The research by Vocativ
shows the apps that can access user's microphones, call logs and contacts. It found
one of the worst offenders was a game aimed at children. Called Happy Fish, developer
HappyElements, programmed the game so that it can collect a precise location, has access
to your photos and can read your text messages. It
can even tell which Wi-Fi network you're using. Android users have taken to messageboards
to complain about the problems. The hugely popular game Fruit Ninja asks users for
permissions described as 'crazy' by users. One reviewer wrote 'I will never install this
until it is clear as to why the developer needs access to all your private content.' The
chart ranks the apps (top to bottom) that ask for the most permissions. AntiVirus
Security, Viber and Facebook top the charts. However, more than half of the 25 apps have
access to contacts, and about a third tap into text messages, call log and microphone. The
key to the permissions, experts say, is ads. 'These advertisers are trying to get more
targeted information about you, so they can get more targeted ads,' PrivacyGrade.org
founder and Carnegie Mellon professor of computer science Jason Hong said. 'These apps
access information about a user that can be highly sensitive, such as location, contact
lists and call logs, yet it often is difficult for the average user to understand how that
information is being used or who it might be shared with,'.." |
|
".... if you look around and see what the world
is now facing I don't think in the last two or three hundred years we've faced such
a concatenation of problems all at the same time..... if we are to solve the issues
that are ahead of us, we are going to need to think
in completely different ways. " "Individual peace is the unit of world
peace. By offering Consciousness-Based
Education to the coming generation, we can promote a strong foundation for a
healthy, harmonious, and peaceful world.... Consciousness-Based education is not a luxury.
For our children who are growing up in a stressful, often frightening, crisis-ridden
world, it is a necessity." |
||
|
NLPWESSEX,
natural law publishing |
