Tag: NSA

While the Senate failed to pass the USA Freedom Act during Sunday’s emergency session, it did get past a cloture vote to continue debate and consider amendments that could either weaken or strengthen the already inadequate reform of the controversial Section 215 of the Patriot Act. So for the moment, the most egregious parts of the act which violate the Fourth Amendment have expired. So what next? There is no chance to renew the Patriot Act, as the Senate Republican leadership would prefer. Amending the US Freedom Act would necessitate the bill being returned to the House for another vote or hash out the details in a conference committee. None of this looks good for a resolution anytime soon, which is not entirely a bad thing.

McConnell introduced a handful of amendments Sunday evening on behalf of himself and Senate Intelligence Committee Chairman Richard Burr (R-N.C.). Paul and Sen. Bernie Sanders (I-Vt.) has also attempted to bring up amendments of their own, but they were blocked.

Paul’s opposition will push votes on both those amendments and the final bill back to Tuesday at the earliest, and potentially Wednesday.

The House would then either need to vote on the new bill or hash out the details in a conference committee.

Rep. Justin Amash (R-Mich.) – an NSA critic – warned senators against adding amendments to the legislation that could potentially weaken the bill in the eyes of its supporters.

“On the House side, there’s not support for a more watered down version of the Freedom Act,” he said. “If they want to get something passed through the House, they need to make it better not worse.“

Pulitzer Prize-winning journalist with The Intercept, Glenn Greenwald gave his reaction to the expiration of the act and the fear mongering that will ensue to Democracy Now!‘s Amy Goodman’

The internecine GOP politics surrounding this are quite a maze since it involves not just Sen. Paul’s candidacy for president in 2016, but power fights between the House and Senate leaderships. Sen. McConnell and House Speaker John Boehner (R-OH) are not exactly best of friends.

The game is now in the Senate and could mean the permanent end of Section 215. Let’s keep our fingers crossed they screw this up.  

Former Assistant Secretary of State for Public Affairs in the Jimmy Carter administration Hodding Carter III has changed his mind about Edward Snowden whose leaks of NSA programs to the public has sparked the debate a the renewal of the Patriot Act. In an article in Salon, he explains  his change of heart and offered an apology to The Intercept‘s Glenn Greenwald.

Glenn Greenwald, I’m sorry: Why I changed my mind on Edward Snowden

What follows is based on sixty years of experience in public life and journalism. It arises from deepening concern about the people’s limited appreciation of the First Amendment and disgust with media waffling behind timidity’s breastworks. It also arises from urgent unease about government overreach in the name of “homeland security,” an overreach based on post-9/11 fear, political opportunism and an all but explicit assertion that a free people do not need to know and should not demand to know how they are being protected. There is no pretense here of carefully allocated balance, that briefly treasured convention of American journalism. Instead, this is an attempt to explain the evolution of today’s media-government confrontations and to suggest answers to the hard questions that currently face the press when national security clashes with the Bill of Rights.

Unless informed consent is to be treated as a dangerous relic of more tranquil times, these questions should be answered on behalf of the American people as often as they arise. That means applying general principles to specific cases. Knowing the evolution of press freedom can be useful. Having an accurate picture of the chaotic realities of the murky present is crucial. Hard cases are inevitable; hard-and-fast rules are rarely available and too often inapplicable to current conditions. In the end, as always, it is up to each journalist and news organization to be willing to stand alone, to ask, and to answer individually:

“Whose side are you on?”

Mr. Carter and Glenn Greenwald appeared on MSNBC’s “The Last Word” to discuss the surveillance and the firght over the renewal of the Patriot Act.

Whose side are you on?

C-Span is fast becoming my late night entertainment channel. The Senate’s votes on the House USA Freedom Act and Senate Majority Leader Mitch McConnell’s attempts to extend the Patriot Act provisions for mass surveillance, for even one day past June 1, were well worth staying up to the early morning hours well worth the loss of sleep. (Not that I don’t anyway.) It was, at last, an epic #FAIL for the spies and fear mongers on both votes.

By a vote of 57-42, the USA Freedom Act failed on Friday to reach the 60-vote threshold needed to advance in the Senate after hours of procedural manoeuvering lasted into the wee hours Saturday morning.

The result left the Senate due to reconvene on May 31, just hours before a wellspring of broad NSA and FBI domestic spying powers will expire at midnight.

Architects of the USA Freedom Act had hoped that the expiration at the end of May of the Patriot Act authorities, known as Section 215, provided them sufficient leverage to undo the defeat of 2014 and push their bill over the line.

The bill was a compromise to limit the scope of government surveillance. It traded the end of NSA bulk surveillance for the retention through 2019 of Section 215, which permits the collection of “business records” outside normal warrant and subpoena channels – as well as a massive amount of US communications metadata, according to a justice department report. [..]

On Saturday morning, after both cloture votes failed, Senate majority leader Mitch McConnell asked for unanimous consent to extend the Patriot Act for a week. Paul objected. Objections were then heard from Paul, as well as from Oregon Democrat Ron Wyden and New Mexico Democrat Martin Heinrich on four-day, two-day and one-day extensions. Eventually McConnell gave up and announced that the Senate would adjourn until 31 May, the day before the key provisions of the Patriot Act expire. [..]

Those who want a straight extension of the Patriot Act are in a distinct minority and supporters of the USA Freedom Act still cannot muster the necessary super majority to advance the bill. The result means those who are more than happy to simply let Section 215 expire on May 31 are in the driver’s seat.

When reporters asked Paul on Saturday morning whether he was concerned about the provisions of the Patriot Act expiring at the end of the month, the Kentucky Republican seemed unworried “We were liking the constitution for about 200 years and I think we could rely on the constitution.”

Watch Sen. Paul shut down Sen McConnell’s attempts to extend the Patriot Act,

Also caught in that clip was Sen. Huckleberry Butchmeup rolling his eyes and picking his nose as Sen. Paul was speaking.

This was Marcy Wheeler’s (emptywheel) reaction on the proceedings

It’s not certain just how “legal” Pres. Obama’s request to the FISA court would be considering the federal appeals court ruling last week that found the N.S.A.’s bulk collection of phone records illegal.

The Senate will return from the Memorial Day break one day early, on May 31, to reconsider an extension of the three provisions of the Patriot Act that will expire the next day.

Let me say two things. First, I am ashamed that any Democrat supported the farce House bill that does nothing to protect our Fourth Amendment rights. Sorry, Sen. Boxer, this is not protecting our county.

Second, a hearty thanks to Senator Rand Paul, who for the fist time that I can remember, went past Charles Pierce’s five minute rule for anything he says.

Good Morning! I have 3 articles for you on the NSA’s speech recognition program today.

First, an intro on the program:

THE COMPUTERS ARE LISTENING: HOW THE NSA CONVERTS SPOKEN WORDS INTO SEARCHABLE TEXT

Most people realize that emails and other digital communications they once considered private can now become part of their permanent record.

But even as they increasingly use apps that understand what they say, most people don’t realize that the words they speak are not so private anymore, either.

Top-secret documents from the archive of former NSA contractor Edward Snowden show the National Security Agency can now automatically recognize the content within phone calls by creating rough transcripts and phonetic representations that can be easily searched and stored.

Jump!

A federal court ion New York has ruled that the National Security Agency’s mass phone data collection under the Patriot Act is illegal.

Ruling on a program revealed by former government security contractor Edward Snowden, the 2nd U.S. Circuit Court of Appeals in Manhattan said the Patriot Act did not authorize the National Security Agency to collect Americans’ calling records in bulk.

Circuit Judge Gerard Lynch wrote for a three-judge panel that Section 215, which addresses the FBI’s ability to gather business records, could not be interpreted to have permitted the NSA to collect a “staggering” amount of phone records, contrary to claims by the Bush and Obama administrations.

The 2nd U.S. Circuit Court of Appeals in Manhattan held back from saying it was unconstitutional, nor did it order a halt to the program which expires on June 1.

The ruling has sparked concern by the Department of Justice. Newly appointed Attorney General Loretta Lynch said that the DOJ was reviewing the decision calling it “vital tool in our national security.” One more reason this woman is unfit for AG.

The Senate has decided to delay its consideration of the long term renewal of the Patriot Act.

Now, with the relevant section of the Patriot Act due to expire at the end of the month, Republican leaders in Congress are scrambling to find a shorter-term fix to keep the programme alive as it looks likely that the court ruling will prevent them from securing the necessary votes for a full extension in the remaining six days of this legislative session. [..]

One option would be a one-month extension to get Congress past the 1 June deadline in exchange for Republicans allowing an alternative vote on the USA Freedom Act – a reform bill designed to replace NSA collection of telephone metadata with a scheme involving data retention by telephone companies instead.

But newly emboldened Democrats angrily denied rumours that they had agreed to such a deal on Thursday. [..]

Many of those in favour of reform believe their best chance of forcing the Republican leader Mitch McConnell into allowing a vote on the Freedom Act is the prospect of him failing to pass anything and forcing the NSA to totally shutdown the controversial programme first revealed by Edward Snowden.

Such a scenario would be preferable to many privacy campaigners, such as the American Civil Liberties Union, which originally lodged Thursday’s court challenge.

But even a full reauthorisation of the Patriot Act would now require supreme court approval to be effective, argue campaigners.

Last week the House appeared ready to pass the U.S.A. Freedom Act which would end the collection of metadata, a mere band-aid on the problem. It would still allow the N.S.A.’s ability to analyze links between callers to hunt for terrorists, but keep the bulk records in the hands of phone companies, which could dispose of them after 18 months. The N.S.A. currently stores them for five years. With the court ruling, that may no longer be an option.

Needless to say this has the neo-con fear mongers scrambling

A spokesman for McConnell’s office insisted he continued to back the Patriot Act renewal and pointed to support for its use by judges in the Foreign Intelligence Surveillance Act (Fisa) courts that were designed to deal with such questions. “All the other courts, the Fisa courts, have ruled the other way,” he said.

“I think it’s very unfortunate,” the Arizona senator John McCain, a Republican, also told the Guardian. “I’m very concerned and it’s my understanding other courts have ruled otherwise.”

The problem with the argument about the “other Courts” is that the court they are talking about FISA has questionable constitutionality since it doesn’t fit the Article III and Fourth Amendment requirements.

And let us not forget 9/11

Lindsey Graham, the Republican senator from South Carolina and an ardent supporter of the NSA, invoked the attacks on September 11 to emphasise the importance of the surveillance programmes.

“I’ve got one goal: if you need to reform the programme, great, I just don’t want to gut it,” Graham told the Guardian. “I would continue until someone told me to stop. I believe if the programme were in operation before 9/11, we probably would have prevented 9/11.”

Graham added that he found it hard to believe lawmakers would diminish the programme, given the current national security climate, “based on a court ruling that’s not binding”.

On other thing that the ruling inadvertently did was vindicated whistleblower Edward Snowden whose leak of the NSA program prompted to public discussion and legal challenges.

The ruling was discussed by Senator Ron Wyden (D-OR) and The Intercept journalist Glenn Grenwald on MSNBC’s “Now” host Alex Wagner.

What Charlie Pierce said

(T)he program has now faced the clear light of an open court and it has been judged in its operation to be at best a baroque overreach and, at worst, un-American. This debate always has been better conducted in the open. This is the case with almost any debate, but especially those that arise under the tremulous camouflage of National Security. If I thought courage was as contagious as fear, I’d be more optimistic. And, again, I point out that all this ever was about was what kind of government we would be willing to tolerate and still maintain our identity as a constitutional self-governing Republic, and that none of this happens without the intervention of Edward Snowden, International Man Of Luggage, and Glenn Greenwald, who is simply Not One Of Us.

The battle over citizens’ right to privacy and the government’s mass collection of private data that has nothing to do with protecting the country from terrorist attacks, is coming to a head on June 1. That’s when the Patriot Act’s section 215, the provision of the act that the NSA used to authorize its bulk telephone metadata collection program, must either be renewed by congress or it expires. The problem is the lack of interest by the American public. In an extended segment of his HBO program, “This Week Tonight,” John Oliver found a subject that might pique their interest, “dick pics.” He presented his idea to Edward Snowden in a one on one exclusive interview.

So why all the trouble? In theory, Snowden’s revelations are old, they have proven to be either inaccessible or not titillating enough for the American public, and Oliver already covered the issue himself on the show in an interview with former NSA chief General Keith Alexander less than a year ago.

As it turns out, Oliver wasn’t satisfied. Using the June 1 expiration of controversial sections of the Patriot Act as a peg, Oliver decided to revive the conversation anew by highlighting one specific aspect of the surveillance issue that a majority of Americans could relate to.

And Sunday’s final product is earning Oliver plaudits across the Internet. In the interview, Oliver accomplishes several feats. He’s not only funny (Snowden apparently misses eating Hot Pockets, the sodium vehicle of the American freezer section), but also incisive and tough. [..]

But most notably of all, Oliver might finally have pinpointed a way to make the debate about surveillance accessible to a wide audience. By honing on one aspect of the government surveillance, the capacity for intelligence agencies to access “dick pics,” he captures the attention and summons the outrage of numerous passersby in a filmed segment in Times Square. Many of those interviewed can’t properly identify Edward Snowden or don’t quite recall what he had done, but all recoil at the thought of government access to intimate photography.

Thanks to John’s interview and the above viral video, which at this posting has

4,723,977 views, the movement to end mass surveillance has new life.

Privacy advocates experienced a major setback in November when a surveillance reform bill, the FREEDOM Act, died in a Senate procedural vote. But now they’re back, and with a new, simple question for Americans – Can they see your junk?

Playing off Oliver’s hilarious skit, one privacy activist built cantheyseemydick.com, which breaks down how each NSA program could be used to access private communications. Despite its flippant tone, the website offers simple explanations of complex programs that are difficult to understand.

On a more serious note, a new coalition of privacy groups led by the Electronic Frontier Foundation (EFF) today launched the Fight 215 campaign calling for an end to the NSA’s bulk collection of Americans’ phone records.

EFF activist Nadia Kayyali told TechCrunch the organizations launched the campaign today because of the impending deadline, but they were very excited about the Last Week Tonight with John Oliver skit and the attention it has already brought to surveillance reform.

With this campaign, the privacy advocates have taken a direct stance, end the bulk collection of Americans’ telephone records. [..]

Even with the new public attention on surveillance reform, privacy advocates face an uphill battle in Congress. Although surveillance reform is an issue that does not fall squarely on party lines, reform efforts in the Democratic-controlled Senate last year were thwarted primarily by Republican votes. Now Republicans control both chambers of Congress.

As the June 1 deadline approaches, no one in Congress has laid out a comprehensive plan to address government surveillance this year. Kayyali attributes the lack of action on the Hill to uncertainty.

“I think a lot of people, including people who want to see good legislation passed, weren’t certain where to start from,” Kayyali said. “It’s hard to say what Congress is thinking.”

As members look to form that plan, Kayyali hopes the new campaign will send them a clear message.

EEF and thirty other civil liberties organizations have launched a call in campaign, Fight 215. They will help connect you to your representatives to tell them to end mass surveillance.

Call Congress Now

Urge them to end mass surveillance under the Patriot Act.

What to say

Hi,

I’m one of your constituents, and I’m calling to urge you to end the NSA’s unconstitutional mass surveillance under the Patriot Act.

NSA surveillance illegally invades my privacy, along with millions of other innocent people, without making me safer.

Ending phone record surveillance is the first step to reining in surveillance abuses by the NSA. The time to put pressure on congress is now.

I’m going mostly light this Monday morning cuz, let’s be honest, who wants to think too hard on a Monday morning?

First, now you can find out whether you’ve been spied on:

Find Out if You’ve Been Spied on-and Join the Fight for Privacy

Because of the ruling, there is an opportunity for people to try to find out if their communications were among those shared by NSA with GCHQ. Intelligence agencies use information like ip addresses and email addresses as “selectors” when sifting through the massive quantities of data they collect. GCHQ will comply with the IPT’s ruling by searching “selectors” it received from the NSA prior to December 2014.

But this won’t happen automatically. People need to actually file requests with the IPT. To help people do so, PI is collecting people’s names, numbers, and emails in order to assist them in asserting their rights and finding out whether those selectors were subject to unlawful sharing. If they were, PI will help individuals seek a declaration that that person’s privacy rights have been violated under Article 8 and Article 10 of the UK Human Rights Act, the law that codified the European Convention on Human Rights into UK law. Once the IPT issues a declaration for an individual, that individual can also request that their records be deleted. There’s no need to be a UK citizen-anyone can participate.

Jump!

According to documents given to The Intercept by whistleblower Edward Snowden, even the newest cell phones (3G, 4G and LTE0 are not safe from the spies of the NSA and it British counterpart, GCHQ. According to the article, one of the largest manufacturers of SIM cards, which all cell phones depend on for communications, were hacked by these agencies spies who stole the encryption keys. This has given them access to even to billions of cell phones all over the world. As usual, Intercept contributors, Jeremy Scahill and Josh Begley are very thorough in their extensive article but here is the core or the report:

The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world. The company operates in 85 countries and has more than 40 manufacturing facilities. One of its three global headquarters is in Austin, Texas and it has a large factory in Pennsylvania.

In all, Gemalto produces some 2 billion SIM cards a year. Its motto is “Security to be Free.”

With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt. [..]

GCHQ and the NSA could have taken any number of routes to steal SIM encryption keys and other data. They could have physically broken into a manufacturing plant. They could have broken into a wireless carrier’s office. They could have bribed, blackmailed or coerced an employee of the manufacturer or cellphone provider. But all of that comes with substantial risk of exposure. In the case of Gemalto, hackers working for GCHQ remotely penetrated the company’s computer network in order to steal the keys in bulk as they were en route to the wireless network providers. [..]

TOP-SECRET GCHQ documents reveal that the intelligence agencies accessed the email and Facebook accounts of engineers and other employees of major telecom corporations and SIM card manufacturers in an effort to secretly obtain information that could give them access to millions of encryption keys. They did this by utilizing the NSA’s X-KEYSCORE program, which allowed them access to private emails hosted by the SIM card and mobile companies’ servers, as well as those of major tech corporations, including Yahoo and Google.

In effect, GCHQ clandestinely cyberstalked Gemalto employees, scouring their emails in an effort to find people who may have had access to the company’s core networks and Ki-generating systems. The intelligence agency’s goal was to find information that would aid in breaching Gemalto’s systems, making it possible to steal large quantities of encryption keys. The agency hoped to intercept the files containing the keys as they were transmitted between Gemalto and its wireless network provider customers.

GCHQ operatives identified key individuals and their positions within Gemalto and then dug into their emails. In one instance, GCHQ zeroed in on a Gemalto employee in Thailand who they observed sending PGP-encrypted files, noting that if GCHQ wanted to expand its Gemalto operations, “he would certainly be a good place to start.” They did not claim to have decrypted the employee’s communications, but noted that the use of PGP could mean the contents were potentially valuable.

The cyberstalking was not limited to Gemalto. GCHQ operatives wrote a script that allowed the agency to mine the private communications of employees of major telecommunications and SIM “personalization” companies for technical terms used in the assigning of secret keys to mobile phone customers. Employees for the SIM card manufacturers and wireless network providers were labeled as “known individuals and operators targeted” in a top-secret GCHQ document.

According to experts who were interviewed by The Guardain, this is a huge invasive breach and may still be continuing:

Gemalto, the company targeted by the spy agencies, produces 2bn sim cards per year for clients including AT&T, Sprint, T-Mobile and Verizon. The Netherlands-based company operates in 85 countries around the world and provides cards to some 450 wireless network providers globally.

The stolen encryption keys would allow intelligence agencies to monitor mobile communications without the approval or knowledge of telecom companies and foreign governments.

Chris Soghoian, principal technologist at the American Civil Liberties Union, told the Guardian the hack would allow spies to “put an aerial up on the embassy in Berlin and listen in to anyone’s calls in the area”.

Calls made on 3G and 4G mobile networks are encrypted. But with the keys, which a GCHQ slide described as living “in the phone”, spies could access any communication made on a device unless its owner uses an extra layer of encryption.

Soghoian said the latest Snowden revelations meant that it was difficult for anyone to trust the security of a mobile phone. “It is very unlikely that this is an issue that is going to be fixed anytime soon,” he said. “There is no reason for people to trust AT&T, Verizon or anyone at this point. Their systems are hopelessly insecure.”

“The real value of this is that it allows bulk surveillance of telecoms without anyone getting caught,” Soghoian said of hacks like the one at Gemalto, which he said would allow the spy agencies to target “whoever they wanted”.

“In countries where the government will not cooperate, that’s very useful,” he said. “It’s also very useful in countries where the government would help. Germany would allow spy on a suspected terrorist but not on [Angela] Merkel.”

This was the second revelation in what Mike Masnick at Techdirt called “This Week In ‘The NSA Knows F**king Everything’“:

Thought that the revelations of NSA/GCHQ spying were dying out? Having some “surveillance fatigue” from all the stories that have been coming out? Have no fear — or, rather, be very very very fearful — because two big new revelations this week show just how far the NSA will go to make sure it collects everything. First up: your hard drives. Earlier this week, Kaspersky Lab revealed that the NSA (likely) has figured out ways to hide its own spyware deep in pretty much any hard drive made by the most popular hard drive manufacturers: Western Digital, Seagate and Toshiba. [..]

As the report notes, it appears that this is a kind of “sleeper” software, that is buried inside tons of hard drives, but only “turned on” when necessary. The report notes that it’s unclear as to how the NSA was getting this software in there, but that it couldn’t do it without knowing the source code of the hard drive firmware — information that is not easily accessible. A few of the hard drive manufacturers have denied working with the government on this and/or giving them access to the firmware. It’s possible they’re lying/misleading — but it’s also possible that the NSA figured out other ways to get that information.

Scahill and Begley quoted President Barack Obama who just a little over a year ago said when he addressed the NSA spying scandal: “The bottom line is that people around the world, regardless of their nationality, should know that the United States is not spying on ordinary people who don’t threaten our national security and that we take their privacy concerns into account in our policies and procedures.”

Obama again has lied and Congress has failed to rein in the excesses of the NSA and the CIA.

Well, this didn’t take long. President Barack Obama and Britain’s Prime Minister David Cameron didn’t let any dust settle.

Cybersecurity bill: privacy activists warn of unnecessarily ‘broad legal immunity’

By Dan Roberts, The Gusrdian

White House hoping legislation will toughen private sector response by allowing companies to share information with government agencies including NSA

Barack Obama plans to announce new cybersecurity measures on Tuesday amid warnings from privacy campaigners about unnecessarily “broad legal immunity” that could put personal information at risk in the wake of attacks like the Sony Pictures hack.

Just a day after the Pentagon’s own Twitter account was compromised and Obama pushed a 30-day window for consumer security breaches, his administration was hoping the proposed legislation would toughen the response of the private sector by allowing companies to share information with government agencies including the NSA – almost immediately and under broad protection. [..]

The administration believes the legislation is necessary partly to give companies legal immunity for sharing information on attacks so that counter-measures can be coordinated, but the White House has stepped back from suggestions that companies should be allowed to individually retaliate against hackers, fearing such encouragement could lead to an escalation of cyber warfare.

A White House statement released in advance of Obama’s speech on Tuesday said it “encourages the private sector to share appropriate cyber threat information with the Department of Homeland Security’s National Cybersecurity and Communications Integration Center”.

David Cameron pledges anti-terror law for internet after Paris attacks

By Nicholas Watt, Rowena Mason and Ian Traynor, The Guardian

PM calls for new laws to break into terrorists’ communications but Nick Clegg warns of encroachment on civil liberties

Britain’s intelligence agencies should have the legal power to break into the encrypted communications of suspected terrorists to help prevent any Paris-style attacks, David Cameron proposed on Monday.

The prime minister said a future Conservative government would aim to deny terrorists “safe space” to communicate online, days after a warning from the director general of MI5, Andrew Parker, that the intelligence agencies are in danger of losing the ability to monitor “dark places” on the net.

His proposed legislation, which would be introduced within the first year of Cameron’s second term in Downing Street if the Conservatives win the election, would provide a new legal framework for Britain’s GCHQ and other intelligence agencies to crack the communications of terror suspects if there was specific intelligence of an imminent attack. Political approval would also be necessary.

They aren’t the only ones leaping on the security train wreck, the French and Italian governments have hooped on board.

More Surveillance Won’t Protect Free Speech

By Jillian York, Electronic Frontier Foundation

Following a terrorist attack, it is not uncommon to hear calls from politicians and government officials for increased surveillance. Fear and grief can lead to quick “solutions” that have significant consequences; as we pointed out last week, some of the most far-reaching surveillance and law enforcement powers around the world were devised in the wake of tragedies.

That’s why what we’re hearing this week-in the wake of the attack on Charlie Hebdo-alarms us. On Friday, French Prime Minister Manuel Valls suggested that “it will be necessary to take further measures” to address the threat of terrorism, despite the fact that French intelligence had collected “reams of intelligence” on the terror suspects, and despite a draconian anti-terror law established last November. As our German colleagues point out in a joint statement, France already has some of the strictest security measures in Europe. [..]

Italian authorities are planning new legislation that would enable the government to seize the passports of those suspected of traveling to Syria to join the Islamic State. Interior Minister Angelino Alfano stated Friday that Italy also needed “greater access to conversations between extremists online,” demanding help from Internet companies to provide the Italian government with better access to such data in order to create a “black list” of those who pose a security threat. [..]

Mass surveillance doesn’t only infringe on our privacy, but also our ability to speak freely. As a recent PEN American study found, for writers around the world, surveillance has the effect of chilling speech. The knowledge, or even the perception of surveillance, can prompt writers to think twice before touching upon a given issue.

Let us resist attempts to use this tragic moment as an opportunity to advance law enforcement surveillance powers. Freedom of speech can only thrive when we also have the right to privacy.

And last but not least, there is Manhattan District Attorney Cyrus Vance, a Democrat, scared that your i-phone is harboring criminals

New York’s Top Prosecutor Says We Need New Laws To Fight iPhone/Android Encryption

By Tim Cushing, Techdirt

from the because-child-murdering-drug-dealers,-of-course dept

The greatest threat to law enforcement since the motocar continues to receive attention from entities aghast at the notion that peoples’ communications and data might not be instantly accessible by law enforcement. Apple’s decision (followed shortly thereafter by Google) to offer default encryption for phone users has kicked off an avalanche of paranoid hyperbole declaring this effort to be a boon for pedophiles, murders and drug dealers.

New laws have been called for and efforts are being made to modify existing laws to force Apple and Google into providing “law enforcement-only” backdoors, as if such a thing were actually possible. New York County’s top prosecutor, Manhattan DA Cyrus Vance — speaking at an FBI-hosted cybersecurity conference — is the latest to offer up a version of “there ought to be a law.”

Mark Jaycox and Lee Tien of Electronic Frontier Foundaton released this statement regarding the president’s proposal.

Statement on President Obama’s Cybersecurity Legislative Proposal

More needs to be done to protect cyberspace and enhance computer security. But President Obama’s cybersecurity legislative proposal recycles old ideas that should remain where they’ve been since May 2011: on the shelf. Introducing information sharing proposals with broad liability protections, increasing penalties under the already draconian Computer Fraud and Abuse Act, and potentially decreasing the protections granted to consumers under state data breach law are both unnecessary and unwelcome.

Information Sharing

The status quo of overweening national security and law enforcement secrecy means that expanded information sharing poses a serious risk of transferring more personal information to intelligence and law enforcement agencies. Given that the White House rightly criticized CISPA in 2013 for potentially facilitating the unnecessary transfer of personal information to the government or other private sector entities when sending cybersecurity threat data, we’re concerned that the Administration proposal will unintentionally legitimize the approach taken by these dangerous bills.

Instead of proposing unnecessary computer security information sharing bills, we should tackle the low-hanging fruit. This includes strengthening the current information sharing hubs and encouraging companies to use them immediately after discovering a threat. [..]

Increased Criminalization

The administration’s proposals to increase penalties in the Computer Fraud and Abuse Act are equally troubling. We agree with the President: “Law enforcement must have appropriate tools to investigate, disrupt and prosecute cyber crime;” however, the past two years of surveillance disclosures has shown law enforcement certainly doesn’t need more legal authorities to conduct digital surveillance or prosecute criminals. [..]

Federal Data Breach Law

The President’s legislative proposal also follows up on yesterday’s announcement to pursue a federal data breach law. Consumers have a right to know when their data is exposed, whether through corporate misconduct, malicious hackers, or under other circumstances. Over 38 states already have some form of breach notification law-so the vast majority of Americans already get some protection on this score. While the President has not yet released detailed legislative language, the Administration’s May 2011 Cybersecurity legislative proposal would preempt state notification laws, removing the strong California standard and replacing it with a weaker standard. [..]

Many of these proposals are old ideas from the administration’s May 2011 Cybersecurity legislative proposal and should be viewed skeptically. While the Administration information sharing proposal may have better privacy protections than dangerously drafted bills like CISPA, we think the initial case for expanding information sharing requires much less secrecy about how intelligence and law enforcement agencies collect and use data on our networks. And instead of increasing penalties under the Computer Fraud and Abuse Act, we’ve long advocated common sense reform to decrease them.

Here’s hoping there are enough sane heads left in legislatures to stop this in its tracks, on both sides of the pond.  

The Senate was briefly in session this week where it took cloture votes on two note worthy bills. One to approve the Keystone XL pipeline and the second called the USA Freedom Act, would vaguely reform the NSA by limiting their ability to spy on Americans. Both bill failed.

Regardless of the denials by the Democratic leadership, the Keystone bill was brought to a vote in a vain attempt to save Louisiana’s Senator Mary Landrieu’s seat. While the Republicans would have bee gleeful of it had passed, the bill failed to reach cloture by one vote. The incoming leadership has vowed to bring it to the floor one more time.

The USA Freedom Act was another deal. Since the the likelihood this bill would never see the light of day in the next session, it was thought there were enough votes for cloture. There weren’t. It was roundly shouted down by Republicans because the Islamic state is coming to kill us.

NSA Reform Bill Dies As Republicans Hype Threats From Islamic State

Dan Froomkin, The Intercept

Supporters of the USA Freedom Act, including privacy groups and technology companies, had considered it an essential first step toward ending the NSA’s overreach. But Senate Minority Leader Mitch McConnell set the tone for the day in the morning, actively encouraging his caucus to block the measure, citing concerns that it would hurt the fight against such groups as the Islamic State. Republicans also took their cues from an op-ed in the Wall Street Journal, in which former CIA and NSA director Michael Hayden and former attorney general Michael Mukasey described the bill as NSA Reform That Only ISIS Could Love.

With Republicans taking control of the Senate in January, a vote during the current lame-duck session was widely considered the bill’s last, best shot.

The USA Freedom Act would have ended the government’s bulk collection of domestic phone records, forcing officials to make specific requests to phone companies. It would also have ended the law-enforcement monopoly on arguments before the secretive surveillance court by creating a role for a special advocate. And it would have required that significant court opinions be made public.

Writing for The Guardian, Trevor Timm thinks that the Republican may have shot themselves in the foot by opposing the bill:

But the Republicans – and NSA supporters everywhere – may have made a mistake that will come back to haunt them. They killed a measure that many reformers were holding their nose while supporting, and six month from now – by the middle of 2015 – they may have several even bigger fights on their hands. [..]

(T)he legislation Republicans just blocked also would have effectively shut down several promising lawsuits against the NSA in federal court and another case where National Security Letters were already ruled unconstitutional.

Now many of those cases, already in the appeals stage, may be decided within the next six months, and if the oral arguments are any indication, the US government may be in trouble. Indeed, the conservative justices may be willing to do more for your privacy than conservative lawmakers, as Judge Richard Leon proved last year when he ruled that the NSA’s phone surveillance program is likely unconstitutional.

But here’s the real reason the the USA Freedom Act’s failure could backfire on its biggest supporters: As I’ve mentioned before, Section 215 of the USA Patriot Act – the law that was re-interpreted in secret to allow for mass phone metadata surveillance in the first place – comes up for renewal next summer. It has to be reauthorized before June, or it will disappear completely.

And even though the Republicans will be in control next year, they won’t be able to pull the same stunts they did on Tuesday. Everyone knows getting “no” votes is a lot easier than getting a “yes”. And this time they’ll need 60 “yes” votes, plus the support of the House of Representatives, where we know already there are likely enough votes to kill an extension of the Patriot Act.

At the New York Times, Charles Savage found a little noticed provision in the Patriot Act that grandfathered on going investigations even if section 215 sunsets:

   The law says that Section 215, along with another section of the Patriot Act, expires on “June 1, 2015, except that former provisions continue in effect with respect to any particular foreign intelligence investigation that began before June 1, 2015, or with respect to any particular offense or potential offense that began or occurred before June 1, 2015.”

   Michael Davidson, who until his retirement in 2011 was the Senate Intelligence Committee’s top staff lawyer, said this meant that as long as there was an older counterterrorism investigation still open, the court could keep issuing Section 215 orders to phone companies indefinitely for that investigation.

   “It was always understood that no investigation should be different the day after the sunset than it was the day before,” Mr. Davidson said, adding: “There are important reasons for Congress to legislate on what, if any, program is now warranted. But considering the actual language of the sunset provision, no one should believe the present program will disappear solely because of the sunset.”

   Mr. Davidson said the widespread assumption by lawmakers and executive branch officials, as well as in news articles in The New York Times and elsewhere, that the program must lapse next summer without new legislation was incorrect.

   The exception is obscure because it was recorded as note accompanying Section 215; while still law, it does not receive its own listing in the United States Code. It was created by the original Patriot Act and was explicitly restated in a 2006 reauthorization bill, and then quietly carried forward in 2010 and in 2011.

While over at The Intercept, journalist and author, Glenn Greenwald found watching the Senate debate was “like watching a repeat of some hideously shallow TV show”. As he noted, congress is irrelevant on mass surveillance and points out what really matters:

The entire system in D.C. is designed at its core to prevent real reform. This Congress is not going to enact anything resembling fundamental limits on the NSA’s powers of mass surveillance. Even if it somehow did, this White House would never sign it. Even if all that miraculously happened, the fact that the U.S. intelligence community and National Security State operates with no limits and no oversight means they’d easily co-opt the entire reform process. That’s what happened after the eavesdropping scandals of the mid-1970s led to the establishment of congressional intelligence committees and a special FISA “oversight” court-the committees were instantly captured by putting in charge supreme servants of the intelligence community like Senators Dianne Feinstein and Chambliss, and Congressmen Mike Rogers and “Dutch” Ruppersberger, while the court quickly became a rubber stamp with subservient judges who operate in total secrecy. [..]

In pretty much every interview I’ve done over the last year, I’ve been asked why there haven’t been significant changes from all the disclosures. I vehemently disagree with the premise of the question, which equates “U.S. legislative changes” with “meaningful changes.” But it has been clear from the start that U.S. legislation is not going to impose meaningful limitations on the NSA’s powers of mass surveillance, at least not fundamentally. Those limitations are going to come from-are now coming from -very different places:

1) Individuals refusing to use internet services that compromise their privacy. The FBI and other U.S. government agencies, as well as the U.K. Government, are apoplectic over new products from Google and Apple that are embedded with strong encryption, precisely because they know that such protections, while far from perfect, are serious impediments to their power of mass surveillance. To make this observation does not mean, as some deeply confused people try to suggest, that one believes that Silicon Valley companies care in the slightest about people’s privacy rights and civil liberties. [..]

2) Other countries taking action against U.S. hegemony over the internet. Most people who claim nothing has changed from the Snowden disclosures are viewing the world jingoistically, with the U.S. the only venue that matters. But the real action has long been in other countries, acting individually and jointly to prevent U.S. domination of the internet. [..]

3) U.S. court proceedings. A U.S. federal judge already ruled that the NSA’s domestic bulk collection program likely violates the 4th Amendment, and in doing so, obliterated many of the government’s underlying justifications. Multiple cases are now on appeal, almost certainly headed to the Supreme Court. None of this was possible in the absence of Snowden disclosures. [..]

4) Greater individual demand for, and use of, encryption. In the immediate aftermath of the first Snowden reports, I was contacted by countless leading national security reporters in the U.S., who work with the largest media outlets, seeking an interview with Snowden. But there was a critical problem: despite working every day on highly sensitive matters, none of them knew anything about basic encryption methods, nor did their IT departments. Just a few short months later, well over 50 percent of the journalists who emailed me did so under the protection of PGP encryption. Today, if any journalist emails me without encryption, they do so apologetically and with embarrassment. [..]

The changes from the Snowden disclosures are found far from the Kabuki theater of the D.C. political class, and they are unquestionably significant. That does not mean the battle is inevitably won: The U.S. remains the most powerful government on earth, has all sorts of ways to continue to induce the complicity of big Silicon Valley firms, and is not going to cede dominion over the internet easily. But the battle is underway and the forces of reform are formidable-not because of anything the U.S. congress is doing, but despite it.

The USA Freedom Act would have made little difference to the unlawful NSA. What matters now is what the courts and we do to preserve our rights.