Tag: surveillance

The Russian Connection: Carter Page FISA Warrant

Remember Carter Page? The Trump’s foreign policy advisor who they denied hiring or even knowing; who admitted that he was Male #1 in an FBI investigation of a Russian spy ring; and was closely affiliated with the Russian energy company Gazprom. Page’s problem’s with the FBI just got a lot worse. FBI obtained FISA warrant …

Continue reading

The Russian Connection: Surveillance and Incidental Collection

Yesterday, the chair of the House Intelligence Committee, Rep. Devin Nunes (R-CA), went to the White House to disclose classified information that he was given by an unknown source with regards to the investigation into the Trump administration’s Russian connection. To say this was highly irregular is an understatement. Nunes has absolutely no experience in …

Continue reading

Protecting The 2nd Amendment At Any Price

On Monday the Senate voted on four bills on gun control. Needless to say, the wholly owned Senate defeated even the most reasonable measure that would have closed the loop hole in back ground checks at gun shows and on line. Instead Congress panders to the right wing gun lovers and idiots who think that …

Continue reading

NSA Bulk Phone Data Mining Illegal

A federal court ion New York has ruled that the National Security Agency’s mass phone data collection under the Patriot Act is illegal.

Ruling on a program revealed by former government security contractor Edward Snowden, the 2nd U.S. Circuit Court of Appeals in Manhattan said the Patriot Act did not authorize the National Security Agency to collect Americans’ calling records in bulk.

Circuit Judge Gerard Lynch wrote for a three-judge panel that Section 215, which addresses the FBI’s ability to gather business records, could not be interpreted to have permitted the NSA to collect a “staggering” amount of phone records, contrary to claims by the Bush and Obama administrations.

The 2nd U.S. Circuit Court of Appeals in Manhattan held back from saying it was unconstitutional, nor did it order a halt to the program which expires on June 1.

The ruling has sparked concern by the Department of Justice. Newly appointed Attorney General Loretta Lynch said that the DOJ was reviewing the decision calling it “vital tool in our national security.” One more reason this woman is unfit for AG.

The Senate has decided to delay its consideration of the long term renewal of the Patriot Act.

Now, with the relevant section of the Patriot Act due to expire at the end of the month, Republican leaders in Congress are scrambling to find a shorter-term fix to keep the programme alive as it looks likely that the court ruling will prevent them from securing the necessary votes for a full extension in the remaining six days of this legislative session. [..]

One option would be a one-month extension to get Congress past the 1 June deadline in exchange for Republicans allowing an alternative vote on the USA Freedom Act – a reform bill designed to replace NSA collection of telephone metadata with a scheme involving data retention by telephone companies instead.

But newly emboldened Democrats angrily denied rumours that they had agreed to such a deal on Thursday. [..]

Many of those in favour of reform believe their best chance of forcing the Republican leader Mitch McConnell into allowing a vote on the Freedom Act is the prospect of him failing to pass anything and forcing the NSA to totally shutdown the controversial programme first revealed by Edward Snowden.

Such a scenario would be preferable to many privacy campaigners, such as the American Civil Liberties Union, which originally lodged Thursday’s court challenge.

But even a full reauthorisation of the Patriot Act would now require supreme court approval to be effective, argue campaigners.

Last week the House appeared ready to pass the U.S.A. Freedom Act which would end the collection of metadata, a mere band-aid on the problem. It would still allow the N.S.A.’s ability to analyze links between callers to hunt for terrorists, but keep the bulk records in the hands of phone companies, which could dispose of them after 18 months. The N.S.A. currently stores them for five years. With the court ruling, that may no longer be an option.

Needless to say this has the neo-con fear mongers scrambling

A spokesman for McConnell’s office insisted he continued to back the Patriot Act renewal and pointed to support for its use by judges in the Foreign Intelligence Surveillance Act (Fisa) courts that were designed to deal with such questions. “All the other courts, the Fisa courts, have ruled the other way,” he said.

“I think it’s very unfortunate,” the Arizona senator John McCain, a Republican, also told the Guardian. “I’m very concerned and it’s my understanding other courts have ruled otherwise.”

The problem with the argument about the “other Courts” is that the court they are talking about FISA has questionable constitutionality since it doesn’t fit the Article III and Fourth Amendment requirements.

And let us not forget 9/11

Lindsey Graham, the Republican senator from South Carolina and an ardent supporter of the NSA, invoked the attacks on September 11 to emphasise the importance of the surveillance programmes.

“I’ve got one goal: if you need to reform the programme, great, I just don’t want to gut it,” Graham told the Guardian. “I would continue until someone told me to stop. I believe if the programme were in operation before 9/11, we probably would have prevented 9/11.”

Graham added that he found it hard to believe lawmakers would diminish the programme, given the current national security climate, “based on a court ruling that’s not binding”.

On other thing that the ruling inadvertently did was vindicated whistleblower Edward Snowden whose leak of the NSA program prompted to public discussion and legal challenges.

The ruling was discussed by Senator Ron Wyden (D-OR) and The Intercept journalist Glenn Grenwald on MSNBC’s “Now” host Alex Wagner.

What Charlie Pierce said

(T)he program has now faced the clear light of an open court and it has been judged in its operation to be at best a baroque overreach and, at worst, un-American. This debate always has been better conducted in the open. This is the case with almost any debate, but especially those that arise under the tremulous camouflage of National Security. If I thought courage was as contagious as fear, I’d be more optimistic. And, again, I point out that all this ever was about was what kind of government we would be willing to tolerate and still maintain our identity as a constitutional self-governing Republic, and that none of this happens without the intervention of Edward Snowden, International Man Of Luggage, and Glenn Greenwald, who is simply Not One Of Us.

John Oliver Takes on Surveillance Reform

The battle over citizens’ right to privacy and the government’s mass collection of private data that has nothing to do with protecting the country from terrorist attacks, is coming to a head on June 1. That’s when the Patriot Act’s section 215, the provision of the act that the NSA used to authorize its bulk telephone metadata collection program, must either be renewed by congress or it expires. The problem is the lack of interest by the American public. In an extended segment of his HBO program, “This Week Tonight,” John Oliver found a subject that might pique their interest, “dick pics.” He presented his idea to Edward Snowden in a one on one exclusive interview.

So why all the trouble? In theory, Snowden’s revelations are old, they have proven to be either inaccessible or not titillating enough for the American public, and Oliver already covered the issue himself on the show in an interview with former NSA chief General Keith Alexander less than a year ago.

As it turns out, Oliver wasn’t satisfied. Using the June 1 expiration of controversial sections of the Patriot Act as a peg, Oliver decided to revive the conversation anew by highlighting one specific aspect of the surveillance issue that a majority of Americans could relate to.

And Sunday’s final product is earning Oliver plaudits across the Internet. In the interview, Oliver accomplishes several feats. He’s not only funny (Snowden apparently misses eating Hot Pockets, the sodium vehicle of the American freezer section), but also incisive and tough. [..]

But most notably of all, Oliver might finally have pinpointed a way to make the debate about surveillance accessible to a wide audience. By honing on one aspect of the government surveillance, the capacity for intelligence agencies to access “dick pics,” he captures the attention and summons the outrage of numerous passersby in a filmed segment in Times Square. Many of those interviewed can’t properly identify Edward Snowden or don’t quite recall what he had done, but all recoil at the thought of government access to intimate photography.

Thanks to John’s interview and the above viral video, which at this posting has

4,723,977 views, the movement to end mass surveillance has new life.

Privacy advocates experienced a major setback in November when a surveillance reform bill, the FREEDOM Act, died in a Senate procedural vote. But now they’re back, and with a new, simple question for Americans – Can they see your junk?

Playing off Oliver’s hilarious skit, one privacy activist built cantheyseemydick.com, which breaks down how each NSA program could be used to access private communications. Despite its flippant tone, the website offers simple explanations of complex programs that are difficult to understand.

On a more serious note, a new coalition of privacy groups led by the Electronic Frontier Foundation (EFF) today launched the Fight 215 campaign calling for an end to the NSA’s bulk collection of Americans’ phone records.

EFF activist Nadia Kayyali told TechCrunch the organizations launched the campaign today because of the impending deadline, but they were very excited about the Last Week Tonight with John Oliver skit and the attention it has already brought to surveillance reform.

With this campaign, the privacy advocates have taken a direct stance, end the bulk collection of Americans’ telephone records. [..]

Even with the new public attention on surveillance reform, privacy advocates face an uphill battle in Congress. Although surveillance reform is an issue that does not fall squarely on party lines, reform efforts in the Democratic-controlled Senate last year were thwarted primarily by Republican votes. Now Republicans control both chambers of Congress.

As the June 1 deadline approaches, no one in Congress has laid out a comprehensive plan to address government surveillance this year. Kayyali attributes the lack of action on the Hill to uncertainty.

“I think a lot of people, including people who want to see good legislation passed, weren’t certain where to start from,” Kayyali said. “It’s hard to say what Congress is thinking.”

As members look to form that plan, Kayyali hopes the new campaign will send them a clear message.

EEF and thirty other civil liberties organizations have launched a call in campaign, Fight 215. They will help connect you to your representatives to tell them to end mass surveillance.

Call Congress Now

Urge them to end mass surveillance under the Patriot Act.

What to say

Hi,

I’m one of your constituents, and I’m calling to urge you to end the NSA’s unconstitutional mass surveillance under the Patriot Act.

NSA surveillance illegally invades my privacy, along with millions of other innocent people, without making me safer.

Ending phone record surveillance is the first step to reining in surveillance abuses by the NSA. The time to put pressure on congress is now.

 

Even Encrypted Phones Are Not Safe from Spy Agencies

According to documents given to The Intercept by whistleblower Edward Snowden, even the newest cell phones (3G, 4G and LTE0 are not safe from the spies of the NSA and it British counterpart, GCHQ. According to the article, one of the largest manufacturers of SIM cards, which all cell phones depend on for communications, were hacked by these agencies spies who stole the encryption keys. This has given them access to even to billions of cell phones all over the world. As usual, Intercept contributors, Jeremy Scahill and Josh Begley are very thorough in their extensive article but here is the core or the report:

The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world. The company operates in 85 countries and has more than 40 manufacturing facilities. One of its three global headquarters is in Austin, Texas and it has a large factory in Pennsylvania.

In all, Gemalto produces some 2 billion SIM cards a year. Its motto is “Security to be Free.”

With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt. [..]

GCHQ and the NSA could have taken any number of routes to steal SIM encryption keys and other data. They could have physically broken into a manufacturing plant. They could have broken into a wireless carrier’s office. They could have bribed, blackmailed or coerced an employee of the manufacturer or cellphone provider. But all of that comes with substantial risk of exposure. In the case of Gemalto, hackers working for GCHQ remotely penetrated the company’s computer network in order to steal the keys in bulk as they were en route to the wireless network providers. [..]

TOP-SECRET GCHQ documents reveal that the intelligence agencies accessed the email and Facebook accounts of engineers and other employees of major telecom corporations and SIM card manufacturers in an effort to secretly obtain information that could give them access to millions of encryption keys. They did this by utilizing the NSA’s X-KEYSCORE program, which allowed them access to private emails hosted by the SIM card and mobile companies’ servers, as well as those of major tech corporations, including Yahoo and Google.

In effect, GCHQ clandestinely cyberstalked Gemalto employees, scouring their emails in an effort to find people who may have had access to the company’s core networks and Ki-generating systems. The intelligence agency’s goal was to find information that would aid in breaching Gemalto’s systems, making it possible to steal large quantities of encryption keys. The agency hoped to intercept the files containing the keys as they were transmitted between Gemalto and its wireless network provider customers.

GCHQ operatives identified key individuals and their positions within Gemalto and then dug into their emails. In one instance, GCHQ zeroed in on a Gemalto employee in Thailand who they observed sending PGP-encrypted files, noting that if GCHQ wanted to expand its Gemalto operations, “he would certainly be a good place to start.” They did not claim to have decrypted the employee’s communications, but noted that the use of PGP could mean the contents were potentially valuable.

The cyberstalking was not limited to Gemalto. GCHQ operatives wrote a script that allowed the agency to mine the private communications of employees of major telecommunications and SIM “personalization” companies for technical terms used in the assigning of secret keys to mobile phone customers. Employees for the SIM card manufacturers and wireless network providers were labeled as “known individuals and operators targeted” in a top-secret GCHQ document.

According to experts who were interviewed by The Guardain, this is a huge invasive breach and may still be continuing:

Gemalto, the company targeted by the spy agencies, produces 2bn sim cards per year for clients including AT&T, Sprint, T-Mobile and Verizon. The Netherlands-based company operates in 85 countries around the world and provides cards to some 450 wireless network providers globally.

The stolen encryption keys would allow intelligence agencies to monitor mobile communications without the approval or knowledge of telecom companies and foreign governments.

Chris Soghoian, principal technologist at the American Civil Liberties Union, told the Guardian the hack would allow spies to “put an aerial up on the embassy in Berlin and listen in to anyone’s calls in the area”.

Calls made on 3G and 4G mobile networks are encrypted. But with the keys, which a GCHQ slide described as living “in the phone”, spies could access any communication made on a device unless its owner uses an extra layer of encryption.

Soghoian said the latest Snowden revelations meant that it was difficult for anyone to trust the security of a mobile phone. “It is very unlikely that this is an issue that is going to be fixed anytime soon,” he said. “There is no reason for people to trust AT&T, Verizon or anyone at this point. Their systems are hopelessly insecure.”

“The real value of this is that it allows bulk surveillance of telecoms without anyone getting caught,” Soghoian said of hacks like the one at Gemalto, which he said would allow the spy agencies to target “whoever they wanted”.

“In countries where the government will not cooperate, that’s very useful,” he said. “It’s also very useful in countries where the government would help. Germany would allow spy on a suspected terrorist but not on [Angela] Merkel.”

This was the second revelation in what Mike Masnick at Techdirt called “This Week In ‘The NSA Knows F**king Everything’“:

Thought that the revelations of NSA/GCHQ spying were dying out? Having some “surveillance fatigue” from all the stories that have been coming out? Have no fear — or, rather, be very very very fearful — because two big new revelations this week show just how far the NSA will go to make sure it collects everything. First up: your hard drives. Earlier this week, Kaspersky Lab revealed that the NSA (likely) has figured out ways to hide its own spyware deep in pretty much any hard drive made by the most popular hard drive manufacturers: Western Digital, Seagate and Toshiba. [..]

As the report notes, it appears that this is a kind of “sleeper” software, that is buried inside tons of hard drives, but only “turned on” when necessary. The report notes that it’s unclear as to how the NSA was getting this software in there, but that it couldn’t do it without knowing the source code of the hard drive firmware — information that is not easily accessible. A few of the hard drive manufacturers have denied working with the government on this and/or giving them access to the firmware. It’s possible they’re lying/misleading — but it’s also possible that the NSA figured out other ways to get that information.

Scahill and Begley quoted President Barack Obama who just a little over a year ago said when he addressed the NSA spying scandal: “The bottom line is that people around the world, regardless of their nationality, should know that the United States is not spying on ordinary people who don’t threaten our national security and that we take their privacy concerns into account in our policies and procedures.”

Obama again has lied and Congress has failed to rein in the excesses of the NSA and the CIA.

NSA Spying Reform Defeated by ISIS and GOP

The Senate was briefly in session this week where it took cloture votes on two note worthy bills. One to approve the Keystone XL pipeline and the second called the USA Freedom Act, would vaguely reform the NSA by limiting their ability to spy on Americans. Both bill failed.

Regardless of the denials by the Democratic leadership, the Keystone bill was brought to a vote in a vain attempt to save Louisiana’s Senator Mary Landrieu’s seat. While the Republicans would have bee gleeful of it had passed, the bill failed to reach cloture by one vote. The incoming leadership has vowed to bring it to the floor one more time.

The USA Freedom Act was another deal. Since the the likelihood this bill would never see the light of day in the next session, it was thought there were enough votes for cloture. There weren’t. It was roundly shouted down by Republicans because the Islamic state is coming to kill us.

NSA Reform Bill Dies As Republicans Hype Threats From Islamic State

Dan Froomkin, The Intercept

Supporters of the USA Freedom Act, including privacy groups and technology companies, had considered it an essential first step toward ending the NSA’s overreach. But Senate Minority Leader Mitch McConnell set the tone for the day in the morning, actively encouraging his caucus to block the measure, citing concerns that it would hurt the fight against such groups as the Islamic State. Republicans also took their cues from an op-ed in the Wall Street Journal, in which former CIA and NSA director Michael Hayden and former attorney general Michael Mukasey described the bill as NSA Reform That Only ISIS Could Love.

With Republicans taking control of the Senate in January, a vote during the current lame-duck session was widely considered the bill’s last, best shot.

The USA Freedom Act would have ended the government’s bulk collection of domestic phone records, forcing officials to make specific requests to phone companies. It would also have ended the law-enforcement monopoly on arguments before the secretive surveillance court by creating a role for a special advocate. And it would have required that significant court opinions be made public.

Writing for The Guardian, Trevor Timm thinks that the Republican may have shot themselves in the foot by opposing the bill:

But the Republicans – and NSA supporters everywhere – may have made a mistake that will come back to haunt them. They killed a measure that many reformers were holding their nose while supporting, and six month from now – by the middle of 2015 – they may have several even bigger fights on their hands. [..]

(T)he legislation Republicans just blocked also would have effectively shut down several promising lawsuits against the NSA in federal court and another case where National Security Letters were already ruled unconstitutional.

Now many of those cases, already in the appeals stage, may be decided within the next six months, and if the oral arguments are any indication, the US government may be in trouble. Indeed, the conservative justices may be willing to do more for your privacy than conservative lawmakers, as Judge Richard Leon proved last year when he ruled that the NSA’s phone surveillance program is likely unconstitutional.

But here’s the real reason the the USA Freedom Act’s failure could backfire on its biggest supporters: As I’ve mentioned before, Section 215 of the USA Patriot Act – the law that was re-interpreted in secret to allow for mass phone metadata surveillance in the first place – comes up for renewal next summer. It has to be reauthorized before June, or it will disappear completely.

And even though the Republicans will be in control next year, they won’t be able to pull the same stunts they did on Tuesday. Everyone knows getting “no” votes is a lot easier than getting a “yes”. And this time they’ll need 60 “yes” votes, plus the support of the House of Representatives, where we know already there are likely enough votes to kill an extension of the Patriot Act.

At the New York Times, Charles Savage found a little noticed provision in the Patriot Act that grandfathered on going investigations even if section 215 sunsets:

   The law says that Section 215, along with another section of the Patriot Act, expires on “June 1, 2015, except that former provisions continue in effect with respect to any particular foreign intelligence investigation that began before June 1, 2015, or with respect to any particular offense or potential offense that began or occurred before June 1, 2015.”

   Michael Davidson, who until his retirement in 2011 was the Senate Intelligence Committee’s top staff lawyer, said this meant that as long as there was an older counterterrorism investigation still open, the court could keep issuing Section 215 orders to phone companies indefinitely for that investigation.

   “It was always understood that no investigation should be different the day after the sunset than it was the day before,” Mr. Davidson said, adding: “There are important reasons for Congress to legislate on what, if any, program is now warranted. But considering the actual language of the sunset provision, no one should believe the present program will disappear solely because of the sunset.”

   Mr. Davidson said the widespread assumption by lawmakers and executive branch officials, as well as in news articles in The New York Times and elsewhere, that the program must lapse next summer without new legislation was incorrect.

   The exception is obscure because it was recorded as note accompanying Section 215; while still law, it does not receive its own listing in the United States Code. It was created by the original Patriot Act and was explicitly restated in a 2006 reauthorization bill, and then quietly carried forward in 2010 and in 2011.

While over at The Intercept, journalist and author, Glenn Greenwald found watching the Senate debate was “like watching a repeat of some hideously shallow TV show”. As he noted, congress is irrelevant on mass surveillance and points out what really matters:

The entire system in D.C. is designed at its core to prevent real reform. This Congress is not going to enact anything resembling fundamental limits on the NSA’s powers of mass surveillance. Even if it somehow did, this White House would never sign it. Even if all that miraculously happened, the fact that the U.S. intelligence community and National Security State operates with no limits and no oversight means they’d easily co-opt the entire reform process. That’s what happened after the eavesdropping scandals of the mid-1970s led to the establishment of congressional intelligence committees and a special FISA “oversight” court-the committees were instantly captured by putting in charge supreme servants of the intelligence community like Senators Dianne Feinstein and Chambliss, and Congressmen Mike Rogers and “Dutch” Ruppersberger, while the court quickly became a rubber stamp with subservient judges who operate in total secrecy. [..]

In pretty much every interview I’ve done over the last year, I’ve been asked why there haven’t been significant changes from all the disclosures. I vehemently disagree with the premise of the question, which equates “U.S. legislative changes” with “meaningful changes.” But it has been clear from the start that U.S. legislation is not going to impose meaningful limitations on the NSA’s powers of mass surveillance, at least not fundamentally. Those limitations are going to come from-are now coming from -very different places:

1) Individuals refusing to use internet services that compromise their privacy. The FBI and other U.S. government agencies, as well as the U.K. Government, are apoplectic over new products from Google and Apple that are embedded with strong encryption, precisely because they know that such protections, while far from perfect, are serious impediments to their power of mass surveillance. To make this observation does not mean, as some deeply confused people try to suggest, that one believes that Silicon Valley companies care in the slightest about people’s privacy rights and civil liberties. [..]

2) Other countries taking action against U.S. hegemony over the internet. Most people who claim nothing has changed from the Snowden disclosures are viewing the world jingoistically, with the U.S. the only venue that matters. But the real action has long been in other countries, acting individually and jointly to prevent U.S. domination of the internet. [..]

3) U.S. court proceedings. A U.S. federal judge already ruled that the NSA’s domestic bulk collection program likely violates the 4th Amendment, and in doing so, obliterated many of the government’s underlying justifications. Multiple cases are now on appeal, almost certainly headed to the Supreme Court. None of this was possible in the absence of Snowden disclosures. [..]

4) Greater individual demand for, and use of, encryption. In the immediate aftermath of the first Snowden reports, I was contacted by countless leading national security reporters in the U.S., who work with the largest media outlets, seeking an interview with Snowden. But there was a critical problem: despite working every day on highly sensitive matters, none of them knew anything about basic encryption methods, nor did their IT departments. Just a few short months later, well over 50 percent of the journalists who emailed me did so under the protection of PGP encryption. Today, if any journalist emails me without encryption, they do so apologetically and with embarrassment. [..]

The changes from the Snowden disclosures are found far from the Kabuki theater of the D.C. political class, and they are unquestionably significant. That does not mean the battle is inevitably won: The U.S. remains the most powerful government on earth, has all sorts of ways to continue to induce the complicity of big Silicon Valley firms, and is not going to cede dominion over the internet easily. But the battle is underway and the forces of reform are formidable-not because of anything the U.S. congress is doing, but despite it.

The USA Freedom Act would have made little difference to the unlawful NSA. What matters now is what the courts and we do to preserve our rights.

Your Privacy Matters

The NSA, FBI and DOJ are upset with the new Apple and Google encryption apps that they can’t hack. The poor Director of the FBI, James Comey is “concerned” so he plays the “fear card”

“I am a huge believer in the rule of law, but I also believe that no one in this country is beyond the law,” Comey told reporters at FBI headquarters in Washington. “What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law.”

Apple said last week that it would no longer be technically feasible to unlock encrypted iPhones and iPads for law enforcement because the devices would no longer allow user passcodes to be bypassed. The move comes as tech companies struggle to manage public concerns in the aftermath of last year’s leak of classified National Security Agency documents about government access to private user data. [..]

“Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data,” the company said. “So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”

Comey said that while he understood the need for privacy, government access to mobile devices may be needed in extreme circumstances, such as in the event of a terror attack.

“I like and believe very much that we should have to obtain a warrant from an independent judge to be able to take the content of anyone’s closet or their smart phone,” he said. “The notion that someone would market a closet that could never be opened — even if it involves a case involving a child kidnapper and a court order — to me does not make any sense.”

Comey said FBI officials have had conversations with both Apple and Google about the marketing of their devices.

“Google is marketing their Android the same way: Buy our phone and law-enforcement, even with legal process, can never get access to it,” he said.

Why anyone would think that the guy who approved torture believes in the rule of law is beyond me. Trevor Timm at The Guardian dissects what Comey said:

Comey began:

  I am a huge believer in the rule of law, but I also believe that no one in this country is beyond the law. … What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law.

First of all, despite the FBI director’s implication, what Apple and Google have done is perfectly legal, and they are under no obligation under the “the rule of law” to decrypt users’ data if the company itself cannot access your stuff. From 47 U.S. Code § 1002 (emphasis mine):

   A telecommunications carrier shall not be responsible for decrypting, or ensuring the government’s ability to decrypt, any communication encrypted by a subscriber or customer, unless the encryption was provided by the carrier and the carrier possesses the information necessary to decrypt the communication.

Comey continued:

   I like and believe very much that we should have to obtain a warrant from an independent judge to be able to take the content of anyone’s closet or their smart phone.

That’s funny, because literally four months ago, the United States government was saying the exact opposite (pdf) before the US supreme court, arguing that, in fact, the feds shouldn’t need to get a warrant to get inside anyone’s smartphone after you’re arrested. In its landmark June ruling in the case, Riley v California, the court disagreed. So it’s great to see that Jim Comey, too, has come around to the common sense conclusion that cops need a warrant to search your cellphone data, but it would’ve been nice for him to express those sentiments when they actually mattered.

Comey doubled down in another statement with the absurd fear that criminals, like child kidnappers would be able to evade the law. On its face that’s insanely ridiculous since law enforcement has numerous ways tools to access your data. The Intercept‘s Micah Lee points out that Apple still has access to plenty of your data to feed to the Feds. He went on how bemoan the NSA leaks by Edward Snowden has caused the need to protect a person’s private information may have gone too far. How so, Mr. Comey? As Timm notes in his article

Congress has not changed surveillance law at all in the the nearly 16 months since Edward Snowden’s disclosures began, mostly because of the vociferous opposition from intelligence agencies and cops. The pendulum is still permanently lodged squarely on law enforcement’s side. If it has swung at all, it’s because of the aforementioned ruling by the supreme court of the United States, along with tech companies implementing more privacy protections unilaterally because US tech companies are losing billions of dollars because of the government’s spying scandals.

A week ago, The Intercept‘s Glenn Greenwald gave a Ted Talk in Rio de Janeiro on why your privacy matters

Crypto wars redux: why the FBI’s desire to unlock your private life must be resisted

In 1995, the US government tried – and failed – to categorise encryption as a weapon. Today, the same lines are being drawn and the same tactics repeated as the FBI wants to do the same. Here’s why they are wrong, and why they must fail again

Eric Holder, the outgoing US attorney general, has joined the FBI and other law enforcement agencies in calling for the security of all computer systems to be fatally weakened. This isn’t a new project – the idea has been around since the early 1990s, when the NSA classed all strong cryptography as a “munition” and regulated civilian use of it to ensure that they had the keys to unlock any technological countermeasures you put around your data.

In 1995, the Electronic Frontier Foundation won a landmark case establishing that code was a form of protected expression under the First Amendment to the US constitution, and since then, the whole world has enjoyed relatively unfettered access to strong crypto. [..]

The arguments then are the arguments now. Governments invoke the Four Horsemen of the Infocalypse (software pirates, organised crime, child pornographers, and terrorists) and say that unless they can decrypt bad guys’ hard drives and listen in on their conversations, law and order is a dead letter.

On the other side, virtually every security and cryptography expert tries patiently to explain that there’s no such thing as “a back door that only the good guys can walk through” (hat tip to Bruce Schneier). Designing a computer that bad guys can’t break into is impossible to reconcile with designing a computer that good guys can break into.

If you give the cops a secret key that opens the locks on your computerised storage and on your conversations, then one day, people who aren’t cops will get hold of that key, too. The same forces that led to bent cops selling out the public’s personal information to Glen Mulcaire and the tabloid press will cause those cops’ successors to sell out access to the world’s computer systems, too, only the numbers of people who are interested in these keys to the (United) Kingdom will be much larger, and they’ll have more money, and they’ll be able to do more damage.

Long live The Republic.

Democracy Under Fire

In a joint statement, the ACLU and Human Rights Watch released a 120 page report documenting how mass surveillance by the US is undermining constitutional rights to freedom of the press and legal council

The 120-page report, “With Liberty to Monitor All: How Large-Scale US Surveillance is Harming Journalism, Law, and American Democracy,” is based on extensive interviews with dozens of journalists, lawyers, and senior US government officials. It documents how national security journalists and lawyers are adopting elaborate steps or otherwise modifying their practices to keep communications, sources, and other confidential information secure in light of revelations of unprecedented US government surveillance of electronic communications and transactions. The report finds that government surveillance and secrecy are undermining press freedom, the public’s right to information, and the right to counsel, all human rights essential to a healthy democracy.

Amy Goodman and Aaron Mate sat down with Alex Sinha, Aryeh Neier fellow at Human Rights Watch and the American Civil Liberties Union, and Jeremy Scahill, staff reporter with The Intercept to discuss the threat to Americans’ liberties.

In a new report, Human Rights Watch and the American Civil Liberties Union warn that “large-scale surveillance is seriously hampering U.S.-based journalists and lawyers in their work.” The report is based on interviews with dozens of reporters and lawyers. They describe a media climate where journalists take cumbersome security steps that slows down their reporting. Sources are afraid of talking, as aggressive prosecutions scare government officials into staying silent, even about issues that are unclassified. For lawyers, the threat of surveillance is stoking fears they will be unable to protect a client’s right to privacy. Some defendants are afraid of speaking openly to their own counsel, undermining a lawyer’s ability provide the best possible defense.



Transcript can be read here

Journalism under fire: America’s freedom of the press is in danger

By Heather Digby Parton, Salon

If there’s one thing that civil libertarians across the American political spectrum tend to agree upon, it’s that the Bill of Rights is a guiding document. It doesn’t say everything but it says a lot. The various political factions do sometimes differ in their emphasis and interpretation, with the right’s civil libertarians often tending to focus more closely on the 1st Amendment’s establishment clause and the 2nd Amendment while the left-leaning civil libertarians take a harder line on freedom of speech and the 4th amendment. This is of course a sweeping generalization which can be disproved in dozens of individual cases, but for the sake of argument, it can probably be stipulated that those who concern themselves with the civil liberties enshrined in the Constitution all agree on the Bill of Rights’ importance to our constitutional order.  And they tend to agree across the board, with equal fervor, on the necessity of a free press to a functioning democracy. [..]

Considering the reaction of many people in the government toward reporters involved in the NSA revelation, it’s clear they have reason to be paranoid. There are government officials awho consider them to be spies and have said they should be punished as such. Even fellow journalists have brought up the question of “aiding and abetting” as if it’s a legitimate line of inquiry.

The atmosphere of mistrust is also rampant within the government, as with the administration having cracked down on contacts between the intelligence community and issuing threats of legal action even before the Snowden revelations. The institutionalized, government-wide initiative called the Insider Threat Program could have any federal employee looking over his  shoulder and worrying that his innocent behavior might be construed as suspicious. [..]

And it’s not just national security agencies that are subject to this program. They are in effect in departments as disparate as the Department of Education and the Peace Corps.

Top Journalists and Lawyers: NSA Surveillance Threatens Press Freedom and Right to Counsel

By Dan Froomkin, The Intercept

Not even the strongest versions of NSA reform being considered in Congress come anywhere close to addressing the chilling effects on basic freedoms that the new survey describes.

“If the US fails to address these concerns promptly and effectively,” report author  G. Alex Sinha writes, “it could do serious, long-term damage to the fabric of democracy in the country.”

Even before the Snowden revelations, reporters trying to cover important defense, intelligence and counter-terrorism issues were reeling from the effects of unprecedented secrecy and attacks on whistleblowers.

But newfound awareness of the numerous ways the government can follow electronic trails –  previously considered the stuff of paranoid fantasy – has led sources to grow considerably more fearful.

USA Freedom Act Still Won’t Protect Americans’ Liberties

Senator Patrick Leahy (D-NH) introduced the version of the USA Freedom Act on Tuesday.

Leahy’s bill, like the House’s, would still provide the NSA with access to enormous amounts of American phone data. Though it would require a judge to issue an order to telecos for “call detail records” based on a “reasonable, articulable suspicion” of association with terrorism or a foreign power, the NSA will be able to use that single order to obtain the “call detail records” of a suspicious entity, as well as those of entities in “direct connection” with it and entities in connection with those.

While that would permit the NSA to yield thousands of records off of a single court order, on a daily basis for six months, the NSA and the bill’s architects contend that it bans “bulk collection.”

Leahy’s bill would go further than the House version in narrowing the critical definition of “specific selection term,” a foundational aspect of the bill defining what the government can collect. The House definition is a “term specifically identifying a person, entity, account, address, or device,” which privacy groups have lambasted as unreasonably broad.

Seeking to plug that loophole, Leahy would prevent the NSA or the FBI from accessing a service provider’s entire clientele or a wholesale “city, state, zip code, or area code.”

Although the Leahy bill has the support of several civil libertarian groups and major tech firms like Facebook and Google, it does not revive some privacy proposals that those organizations considered crucial but the intelligence agencies and their advocates in Congress stripped from the House measure.

There are still some really big loopholes, as noted by emptywheel’s Marcy Wheeler:

Leahy’s bill retains the language from USA Freedumber on contact chaining, which reads,

   (iii) provide that the Government may require the prompt production of call detail records-

   (I) using the specific selection term that satisfies the standard required under subsection (b)(2)(C)(ii) as the basis for production; and

   (II) using call detail records with a direct connection to such specific selection term as the basis for production of a second set of call detail records;

Now, I have no idea what this language means, and no one I’ve talked to outside of the intelligence committees does either. It might just mean they will do the same contact chaining they do now, but if it does, why adopt this obscure language? It may just mean they will correlate identities, and do contact chaining off all the burner phones their algorithms say are the same people, but nothing more, but if so, isn’t there clearer language to indicate that (and limit it to that)? [..]

I remain concerned, too, that such obscure language would permit the contact chaining on phone books and calendars, both things we know NSA obtains overseas, both things NSA might have access to through their newly immunized telecom partners.

In addition, Leahy’s bill keeps USA Freedumber’s retention language tied to Foreign Intelligence purpose, allowing the NSA to keep all records that might have a foreign intelligence purpose.

That’s just for starters. She is also concerned about the vague language will still be used to allow bulk collection. She doesn’t think it’s strong enough

The question is whether this “agency protocol” – what Chief Justice John Roberts said was not enough to protect Americans’ privacy – is sufficient to protect Americans’ privacy.

I don’t think it is.

First, it doesn’t specify how long the NSA and FBI and CIA can keep and sort through these corporate records (or what methods it can use to do so, which may themselves be very invasive).

It also permits the retention of data that gets pretty attenuated from actual targets of investigation: agents of foreign powers that might have information on subjects of investigation and people “in contact with or known to” suspected agents associated with a subject of an investigation.

Known to?!?! Hell, Barack Obama is known to all those people. Is it okay to keep his data under these procedures?

Also remember that the government has secretly redefined “threat of death or serious bodily harm” to include “threats to property,” which could be Intellectual Property.

So CIA could (at least under this law – again, we have no idea what the actual FISC orders this is based off of) keep 5 years of Western Union money transfer data until it has contact chained 3 degrees out from the subject of an investigation or any new subjects of investigation it has identified in the interim.

In other words, probably no different and potentially more lenient than what it does now.

And one more thing from Marcy: Leahy’s version still will allow the FBI uncounted use of backdoor searches:

I strongly believe this bill may expand the universe of US persons who will be thrown into the corporate store indefinitely, to be subjected to the full brunt of NSA’s analytical might.

But that’s not the part of the bill that disturbs me the most. It’s this language:

   ‘(3) FEDERAL BUREAU OF INVESTIGATION.-

   Subparagraphs (B)(iv), (B)(v), (D)(iii), (E)(iii), and (E)(iv) of paragraph (1) of subsection (b) shall not apply to information or records held by, or queries conducted by, the Federal Bureau of Investigation.

The language refers, in part,  to requirements that the government report to Congress [..]

These are back door searches on US person identifiers of Section 702 collected data – both content (iv) and metadata (v).

In other words, after having required the government to report how many back door searches of US person data it conducts, the bill then exempts the FBI.

The FBI – the one agency whose use of such data can actually result in a prosecution of the US person in question.

We already know the government has not provided all defendants caught using 702 data notice. And yet, having recognized the need to start counting how many Americans get caught in back door searches, Patrick Leahy has decided to exempt the agency that uses back door searches the most.

And if they’re not giving defendants notice (and they’re not), then this is an illegal use of Section 702.

While the Senate version may be a good enough reason for some civil libertarians, privacy groups and technology firms to back, it still falls far short of what is needed to protect Americans’ constitutional rights and privacy.

Load more