Aletho News

ΑΛΗΘΩΣ

Polls Continue to Show Majority of Americans Against NSA Spying

By Mark M. Jaycox | EFF | January 22, 2014

Update, January 2014: Polls continue to confirm the trend. In a poll conducted in December 2013 by the Washington Post, 66% of Americans were concerned “about the collection and use of [their] personal information by the National Security Agency.” Americans aren’t only concerned about the collection. A recent Pew poll found—yet again—that a majority of Americans oppose the government’s collection of phone and Internet data as a part of anti-terrorism efforts.

Since Americans are both concerned with, and opposed to, the spying, it’s no surprise that they also want reform. In a November 2013 poll by Anzalone Liszt Grove Research,1 59% of respondents noted that they wanted surveillance reform and 63% said they wanted more oversight of the spying programs. While these polls focused on the larger population of Americans, a Harvard University Insitute of Politics poll focusing on younger Americans (aged 18-29 years old) reaffirmed younger Americans are both wary of the NSA’s activities and that a majority do not want the government to collect personal information about them. 

Shortly after the June leaks, numerous polls asked the American people if they approved or disapproved of the NSA spying, which includes collecting telephone records using Section 215 of the Patriot Act and collecting phone calls and emails using Section 702 of the Foreign Intelligence Surveillance Act. The answer then was a resounding no, and new polls released in August and September clearly show Americans’ increasing concern about privacy has continued.

Since July, many of the polls not only confirm the American people think the NSA’s actions violates their privacy, but think the surveillance should be stopped. For instance in an AP poll, nearly 60 percent of Americans said they oppose the NSA collecting data about their telephone and Internet usage. In another national poll by the Washington Post and ABC News, 74 percent of respondents said the NSA’s spying intrudes on their privacy rights. This majority should come as no surprise, as we’ve seen a sea change in opinion polls on privacy since the Edward Snowden revelations started in June.

What’s also important is that it crosses political party lines. The Washington Post/ABC News poll found 70 percent of Democrats and 77 percent of Republicans believe the NSA’s spying programs intrude on their privacy rights. This change is significant, showing that privacy is a bipartisan issue. In 2006, a similar question found only 50 percent of Republicans thought the government intruded on their privacy rights.

Americans also continue their skepticism of the federal government and its inability to conduct proper oversight. In a recent poll, Rasmusson—though sometimes known for push polling—revealed that there’s been a 30 percent increase in people who believe it is now more likely that the government will monitor their phone calls. Maybe even more significant is that this skepticism carries over into whether or not Americans believe the government’s claim that it “robustly oversees” the NSA’s programs. In a Huffpost/You Gov poll, 53 percent of respondents said they think “the federal courts and rules put in place by Congress” do not provide “adequate oversight.” Only 18 percent of people agreed with the statement.

Americans seem to be waking up from its surveillance state slumber as the leaks around the illegal and unconstitutional NSA spying continue. The anger Americans—especially younger Americans—have around the NSA spying is starting to show. President Obama has seen a 14-point swing in his approval and disapproval rating among voters aged 18-29 after the NSA spying.

These recent round of polls confirm that Americans are not only concerned with the fact that the spying infringes their privacy, but also that they want the spying to stop. And this is even more so for younger Americans. Now is the time for Congress to act: join the StopWatching.Us coalition.

January 23, 2014 Posted by | Civil Liberties, Full Spectrum Dominance | , , , | Leave a comment

What President Obama’s Surveillance Speech Should Have Addressed

By Frank Pasquale · Concurring Opinions · January 21, 2014

In his recent speech on surveillance, President Obama treated the misuse of intelligence gathering as a relic of American history. It was something done in the bad old days of J. Edgar Hoover, and never countenanced by recent administrations. But the accumulation of menacing stories—from fusion centers to “joint terrorism task forces” to a New York “demographics unit” targeting Muslims—is impossible to ignore. The American Civil Liberties Union has now collected instances of police surveillance and obstruction of First Amendment‐protected activity in over half the states. From Alaska (where military intelligence spied on an anti-war group) to Florida (where Quakers and anti-globalization activists were put on watchlists), protesters have been considered threats, rather than citizens exercising core constitutional rights. Political dissent is a routine target for surveillance by the FBI.

Admittedly, I am unaware of the NSA itself engaging in politically driven spying on American citizens. Charles Krauthammer says there has not been a “single case” of abuse. But the NSA is only one part of the larger story of intelligence gathering in the US, which involves over 1,000 agencies and nearly 2,000 private companies. Moreover, we have little idea of exactly how information and requests flow between agencies. Consider the Orwellian practice of “parallel construction.” Reuters has reported that the NSA gave “tips” to the Special Operations Division (SOD) of the Drug Enforcement Administration, which also shared them with the Internal Revenue Service.

The legal status of such information sharing is murky at best: the national security data is not supposed to be used for law enforcement purposes. Apparently the SOD sidestepped these niceties by re-creating criminal investigations from scratch, fabricating alternative grounds for suspecting the targets. Thus the “parallel construction” of two realities for the law enforcers: one actual, secret record of how targets were selected, and another specially crafted for consumption by courts. Two senior Drug Enforcement Administration officials defended the program and called it legal, but did not disclose their reasoning. At present, the practice looks like little more than intelligence laundering. Five senators asked the Department of Justice to assess the legality of “parallel construction;” it has yet to respond.

I have little doubt that the DEA used parallel construction in cases involving some pretty nasty characters. It must be tempting to apply “war on terror” tactics to the “war on drugs.” Nevertheless, there are serious legal and ethical concerns here. One of the American revolutionaries’ chief complaints against the British Crown was the indiscriminate use of “general warrants,” which allowed authorities to search the homes of anyone without particularized suspicion they had committed a crime. Thus the 4th Amendment to the US Constitution decrees that “no Warrants shall issue, but upon probable cause.” Law enforcers aren’t supposed to set up “dragnet surveillance” of every communication, or use whatever data stores are compiled by the National Security Agency, unless there is a true security threat.

Between 1956 and 1971, the FBI’s COINTELPRO program engaged in domestic covert action designed to disrupt groups engaged in the civil rights, antiwar, and communist movements. As Lawrence Rosenthal has observed, “History reflects a serious risk of abuse in investigations based on the protected speech of the targets,” and politicians at the time responded. Reviewing intelligence agency abuses from that time period, the Church Committee issued a series of damning reports in 1975-76, leading to some basic reforms. If a new Church Committee were convened, it would have to cover much of the same ground. Moreover, it would need to put in place real safeguards against politicized (or laundered) domestic intelligence gathering. Those are presently lacking. I have yet to find a case where the parties involved in any of the intelligence politicization (or laundering) were seriously punished. Nor have I seen evidence that the victims of such incidents have received just compensation for the unwarranted intrusion on their affairs.

Before we can develop better surveillance policy, we need something like a Truth and Reconciliation Commission to review (and rebuke) the politicization of intelligence gathering post-9/11. Too many privacy activists have been unwilling to admit the persistence of catastrophic threats that may only be detected by spies. But the US government has been even less moored to reality, unwilling to admit that a runaway surveillance state has engaged in precisely the types of activities that the Bill of Rights is designed to prevent. To have a debate about the proper balance between liberty and security, we need to confront the many cases where misguided intelligence personnel spied on activists with neither goal in mind.

Frank Pasquale is Professor of Law at the University of Maryland. His research agenda focuses on challenges posed to information law by rapidly changing technology, particularly in the health care, internet, and finance industries. Frank accepts comments via email, at pasqresearch@gmail.com.

Related articles

January 23, 2014 Posted by | Civil Liberties, Corruption, Full Spectrum Dominance, Progressive Hypocrite | , , , , , | Leave a comment

Dianne Feinstein: NSA Would Never Abuse Its Powers Because It’s ‘Professional’

By Mike Masnick | Techdirt | January 21, 2014

Senator Dianne Feinstein, as we’ve noted, seems to have this weird blindness to even the very idea that the NSA might abuse its powers, despite a long history of it doing exactly that. The history of the US intelligence community is littered like a junk yard with examples of massive abuses of power by intelligence folks. And yet, Feinstein seems shocked at the idea that anyone questions the NSA’s ability to abuse the system. Why? Because the NSA is “professional.” Appearing on Meet the Press this weekend, Feinstein just kept repeating how “professional” the NSA is as if that was some sort of talisman that wards off any potential of abuse. First, host David Gregory pointed to reporter Bart Gellman’s claim that President Obama’s NSA reforms will allow for the expansion of the NSA’s collecting personal data on “billions of people around the world, Americans and foreign citizens alike” and told Feinstein that didn’t seem like it was protecting people’s privacy. And Feinstein went straight to her “but they’re professionals!” argument:

Well, I would disagree with Mr. Gellman. I think that what the president has said is that he wanted to maintain the capability of the program. That, as Chairman Rogers said, it has not been abused or misused. And it is carried out by very strictly vetted and professional people.

Of course it has been “abused” and “misused,” but let’s not let details get in the way.

Later in the interview, Gregory asks Feinstein to comment on Rep. Mike Roger’s totally unsubstantiated (and contradicted by nearly everyone else in the know) claims that Ed Snowden was working for Russian intelligence, and Feinstein bizarrely returns to talking about just how “professional” NSA staffers are.

DAVID GREGORY:
And do you agree with Chairman Rogers that he may have had help from the Russians?

SENATOR DIANNE FEINSTEIN:
He may well have. We don’t know at this stage. But I think to glorify this act is really to set sort of a new level of dishonor. And this goes to where this metadata goes. Because the N.S.A. are professionals. They are limited in number to 22 who have access to the data. Two of them are supervisors. They are vetted. They are carefully supervised. The data goes anywhere else. How do you provide that level of supervision?

Of course, Ed Snowden was also “vetted” and “professional.” And Feinstein seems to think he may have been working for the Russians, which seems to suggest that any of the other “vetted” and “professional” NSA employees might be abusing their position as well. And, I mean, I’m sure the NSA analysts who listened in on phone sex calls between Americans and then shared them around the office were also “vetted” and “professional.”

In fact, I’d think pretty much the entirety of human history concerning intelligence efforts suggests that abuse is almost always carried out by people who are “vetted” and “professional.” And that’s exactly what has most people so concerned about these programs and what the NSA is doing. No matter how well-meaning, well-trained or well-vetted people are, the temptation and ability for abuse is way too strong. Just last week, we were quoting a bunch of “vetted” and “professional” NSA folks talking about how they fantasized about murdering Ed Snowden. Those comments don’t sound particularly professional at all. They sound like people who shouldn’t be allowed within miles of people’s private data. But Feinstein apparently sees no problems with those kinds of people having the ability to search through your private data. Because they’re “professional.”

January 21, 2014 Posted by | Civil Liberties, Corruption, Full Spectrum Dominance | , , , | Leave a comment

NSA Metadata Collection: Fourth Amendment Violation

The Jurist | January 15, 2014

JURIST Contributing Editor Marjorie Cohn of the Thomas Jefferson School of Law discusses two recent decisions on the constitutionality of the National Security Agency’s (NSA) metadata collection program …

Edward Snowden, who worked for the National Security Agency (NSA), revealed a secret order of the Foreign Intelligence Surveillance Court (FISC), that requires Verizon to produce on an “ongoing daily basis … all call detail records or ‘telephony metadata’ created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls.”

The government has admitted it collects metadata for all of our telephone communications, but says the data collected does not include the content of the calls.

In response to lawsuits challenging the constitutionality of the program, two federal judges issued dueling opinions about whether it violates the Fourth Amendment’s prohibition on unreasonable searches and seizures.

Judge Richard J. Leon, of the US District Court for the District of Columbia, held that the metadata program probably constitutes an unconstitutional search and seizure. Judge William H. Pauley III, of the US District Court for the Southern District of New York, determined that it does not violate the Fourth Amendment.

Leon’s Opinion

Leon wrote, “Because the Government can use daily metadata collection to engage in ‘repetitive surreptitious surveillance of a citizen’s private goings on,’ the ‘program implicates the Fourth Amendment each time a government official monitors it.’” The issue is “whether plaintiffs have a reasonable expectation of privacy that is violated when the Government indiscriminately collects their telephony metadata along with the metadata of hundreds of millions of other citizens without any particularized suspicion of wrongdoing, retains all of that metadata for five years, and then queries, analyzes, and investigates that data without prior judicial approval of the investigative targets. If they do—and a Fourth Amendment search has thus occurred—then the next step of the analysis will be to determine whether such a search is ‘reasonable.’” The first determination is whether a Fourth Amendment “search” has occurred. If so, the second question is whether that search was “reasonable.”

The judicial analyses of both Leon and Pauley turn on their differing interpretations of the 1979 U.S. Supreme Court decision, Smith v. Maryland. In Smith, a robbery victim reported she had received threatening and obscene phone calls from someone who claimed to be the robber. Without obtaining a warrant, the police installed a pen register, which revealed a telephone in the defendant’s home had been used to call the victim. The Supreme Court held that a person has no reasonable expectation of privacy in the numbers dialed from his telephone because he voluntarily transmits them to his phone company.

Leon distinguished Smith from the NSA program, saying that whether a pen register constitutes a “search” is “a far cry from the issue in [the NSA] case.” Leon wrote, “When do present-day circumstances—the evolution of the Government’s surveillance capabilities, citizens’ phone habits, and the relationship between the NSA and telecom companies—become so thoroughly unlike those considered by the Supreme Court thirty-four years ago that a precedent like Smith simply does not apply? The answer, unfortunately for the Government, is now.”

Then Leon cited the 2012 Supreme Court case of United States v. Jones, in which five justices found that law enforcement’s use of a GPS device to track the movements of a vehicle for nearly a month violated a reasonable expectation of privacy. “Significantly,” Leon wrote, “the justices did so without questioning the validity of the Court’s 1983 decision in United States v. Knotts, that the use of a tracking beeper does not constitute a search because ‘[a] person travelling in an automobile on public thoroughfares has no reasonable expectation of privacy in his movements from one place to another.’” Leon contrasted the short-range, short-term tracking device used in Knotts with the constant month-long surveillance achieved with the GPS device attached to Jones’s car.

Unlike the “highly-limited data collection” in Smith, Leon noted, “[t]he NSA telephony metadata program, on the other hand, involves the creation and maintenance of a historical database containing five years’ worth of data. And I might add, there is the very real prospect that the program will go on for as long as America is combating terrorism, which realistically could be forever!” He called the NSA program “effectively a joint intelligence-gathering operation [between telecom companies and] the Government.”

“[T]he almost-Orwellian technology that enables the Government to store and analyze the phone metadata of every telephone user in the United States is unlike anything that could have been conceived in 1979,” Leon exclaimed, calling it “the stuff of science fiction.” He cited Justice Scalia’s opinion in Kyllo v. United States, which held the use of a thermal imaging device, that measures heat waste emanating from a house, constitutes a “search.” Justice Scalia was concerned about increasing invasions of privacy occasioned by developing technology.

Leon wrote, “I cannot imagine a more ‘indiscriminate’ and ‘arbitrary invasion’ than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying and analyzing it without prior judicial approval.”

Quoting Justice Sotomayor’s concurrence in Jones, Leon noted the breadth of information our cell phone records reveal, including “familial, political, professional, religious, and sexual associations.”

Having determined that people have a subjective expectation of privacy in their historical record of telephony metadata, Leon turned to whether that subjective expectation is one that society considers “reasonable.” A “search” must ordinarily be based on individualized suspicion of wrongdoing in order to be “reasonable.” One exception is when there are “special needs,” beyond the need for ordinary law enforcement (such as the need to protect children from drugs).

“To my knowledge, however, no court has ever recognized a special need sufficient to justify continuous, daily searches of virtually every American citizen without any particularized suspicion,” Leon wrote. “In effect,” he continued, “the Government urges me to be the first non-FISC judge to sanction such a dragnet.”

Leon stated that fifteen different FISC judges have issued 35 orders authorizing the metadata collection program. But, Leon wrote, FISC Judge Reggie Walton determined the NSA has engaged in “systematic noncompliance” and repeatedly made misrepresentations and inaccurate statements about the program to the FISC judges. And Presiding FISC Judge John Bates noted “a substantial misrepresentation [by the government] regarding the scope of a major collection program.”

Significantly, Leon noted that “the Government does not cite a single instance in which analysis of the NSA’s bulk metadata collection actually stopped an imminent attack, or otherwise aided the Government in achieving any objective that was time-sensitive in nature.”

Pauley’s Opinion

Pauley’s analysis of the Fourth Amendment issue was brief. He explained that prior to the September 11th terrorist attacks, the NSA intercepted seven calls made by hijacker Khalid al-Mihdhar to an al-Qaeda safe house in Yemen. But the overseas signal intelligence capabilities the NSA used could not capture al-Mihdhar’s telephone number identifier; thus, the NSA mistakenly concluded that al-Mihdhar was not in the United States. Pauley wrote: “Telephony metadata would have furnished the missing information and might have permitted the NSA to notify the Federal Bureau of Investigation (FBI) of the fact that al-Mihdhar was calling the Yemeni safe house from inside the United States.”

“If plumbed,” Pauley noted, the telephony metadata program “can reveal a rich profile of every individual as well as a comprehensive record of people’s association with one another.” He noted, “the Government acknowledged that since May 2006, it has collected [telephony metadata] for substantially every telephone call in the United States, including calls between the United States and a foreign country and calls entirely within the United States.”

But, unlike Leon, Pauley found Smith v. Maryland controls the NSA case. He quoted Smith: “Telephone users … typically know that they must convey numerical information to the telephone company; that the telephone company has facilities for recording this information; and that the telephone company does in fact record this information for a variety of legitimate business purposes.” Thus, Pauley wrote, when a person voluntarily gives information to a third party, “he forfeits his right to privacy in the information.”

While Leon’s distinction between Smith and the NSA program turned on the breadth of information collected by the NSA, Pauley opined, “The collection of breathtaking amounts of information unprotected by the Fourth Amendment does not transform that sweep into a Fourth Amendment search.” And whereas Leon’s detailed analysis demonstrated how Jones leads to the result that the NSA program probably violates the Fourth Amendment, Pauley failed to meaningfully distinguish Jones from the NSA case, merely noting that the Jones court did not overrule Smith.

Leon’s decision is the better-reasoned opinion.

Looking Ahead

This issue is headed to the Court of Appeals. From there, it will likely go the Supreme Court. The high court checked and balanced President George W. Bush when he overstepped his legal authority by establishing military commissions that violated due process, and attempted to deny constitutional habeas corpus to Guantanamo detainees. It remains to be seen whether the court will likewise refuse to cower before President Barack Obama’s claim of unfettered executive authority to conduct dragnet surveillance. If the court allows the NSA to continue its metadata collection, we will reside in what can only be characterized as a police state.

Marjorie Cohn is a Professor of Law at Thomas Jefferson School of Law, past president of the National Lawyers Guild, and deputy secretary general of the International Association of Democratic Lawyers. Her next book, Drones and Targeted Killing, will be published in 2014 by University of California Press.

Related article

January 16, 2014 Posted by | Civil Liberties, Full Spectrum Dominance | , , , , , | Leave a comment

NSA Goes From Saying Bulk Metadata Collection ‘Saves Lives’ To ‘Prevented 54 Attacks’ To ‘Well, It’s A Nice Insurance Policy’

By Mike Masnick | Techdirt | January 13, 2014

Want to know why no one trusts anything NSA officials and their defenders have to say any more? When the bulk metadata collection was first revealed, those defenders went on and on about how the program “saved countless lives” and was instrumental in stopping terrorist attacks. Some skeptics then asked what terrorist attacks, and we were told “around 50” though details weren’t forthcoming. Eventually, we were told that the real number was “54 terrorist events” (note: not attacks) and a review of them later revealed that basically none of them were legitimate. There was one “event” prevented via the program on US soil, and it was a taxi driver in San Diego sending some money to a terrorist group in Somalia, rather than an actual terrorist attack.

In fact, both judges and the intelligence task force seemed shocked at the lack of any actual evidence to support that these programs were useful.

And yet, the NSA and its defenders keep insisting that they’re necessary. Director of National Intelligence, James Clapper, a few months ago, tried out a new spin, claiming that effectiveness wasn’t the right metric, but rather “peace of mind.” Of course, the obvious response to that is to point out that spying on everyone makes most of us fairly uneasy, and we’d have a lot more “peace of mind” if they dropped the program.

And, now, the NSA number 2 guy, who’s about to retire, John C. “Chris” Inglis, gave a long interview with NPR, in which he is now claiming that even if the program hasn’t been particularly useful in the past, that “it’s a good insurance policy.”

“I’m not going to give that insurance policy up, because it’s a necessary component to cover a seam that I can’t otherwise cover.”

Basically, we want to keep this information because we want that information, even if it’s not been shown to be at all useful. Of course, that’s the same logic one can use to defend just about any violation of the 4th Amendment. Putting a private drone with a camera and a recording device streaming everything it sees and hears while following around NSA deputy director Chris Inglis may not discover that he’s a corrupt bureaucrat willing to lie to the public, but it seems like a reasonable “insurance policy” to make sure he stays honest. After all, without that, the American public can’t prove that he’s not corrupt — so it seems like a reasonable “insurance policy to cover a seam we can’t otherwise cover.” At least, in the logic of Chris Inglis.

Related articles

January 13, 2014 Posted by | Civil Liberties, Deception, Full Spectrum Dominance | , , | Leave a comment

The GAO’s Office In The NSA Is Collecting Dust Because Congress Hasn’t Asked For A Report In Years

By Tim Cushing | Techdirt | January 8, 2014

The NSA’s defenders go to great lengths to convince everyone (the public and many angered legislators) that it operates under a tremendous amount of oversight — so much though that even THINKING about abusing its capabilities is out of the question. The leaks have repeatedly proven this assertion false as members of the supposedly stringent oversight continue to state their shock and dismay over what’s been uncovered.

Steven Aftergood at Secrecy News points out there’s another layer of oversight that’s gone unutilized for years as well.

Years ago, the Government Accountability Office, the investigative arm of Congress, conducted routine audits and investigations of the National Security Agency, such that the two agencies were in “nearly continuous contact” with one another. In the post-Snowden era, GAO could perform that oversight function once again.

“NSA advises that the GAO maintains a team permanently in residence at NSA, resulting in nearly continuous contact between the two organizations,” according to a 1994 CIA memorandum for the Director of Central Intelligence.

Why haven’t we read any damning reports from the GAO about the NSA’s abuses over the past several years? Well, apparently it’s because no one wants to know.

At a 2008 Senate hearing, Sen. Daniel Akaka asked the GAO about its relationship with NSA. “I understand that GAO even had an office at the NSA,” Sen. Akaka noted.

“We still actually do have space at the NSA,” replied David M. Walker, then-Comptroller General, the head of the GAO. “We just don’t use it. And the reason we don’t use it is we are not getting any requests [from Congress]. So I do not want to have people sitting out there twiddling their thumbs.”

There’s that oversight at work again. Idle for “years” by 2008 and no signs that anything has occurred since then. The GAO maintains an office (currently unstaffed) within the NSA but because if no one’s asking any questions, it’s not providing any answers.

If there’s something the GAO does well, it’s track down internal issues and problematic behavior. Unfortunately, it’s limited to recommending courses of action rather than mandating any serious changes, meaning its follow-up reports are generally filled with descriptions of how these audited entities failed to pursue the recommendations and (often) performed considerably worse during the interim.

On the other hand, the GAO’s reports do at least make it clear to the American public exactly what’s wrong with nearly everything the government spends its money on. It’s very limited accountability that does nothing to change the underlying agency ethos, but at least it prevents them from pretending these problems don’t exist.

Being in-house should naturally raise concerns about the GAO’s objectivity. Unfortunately, considering the nature of the agency’s intelligence work, there’s probably no way around that. But the first step in renewing this layer of oversight is to remind Congress of its existence. It has the power to order a GAO investigation, but until it does, the office will continue to gather dust and the NSA’s internal problems will worsen — or at least go unnoticed by Congress.

Aftergood points out that James Clapper has ordered the agency to be responsive to GAO inquiries, apparently in the eventuality that it ever gets back to the business of asking questions.

In Intelligence Community Directive 114, issued in 2011 following years of stagnation in GAO oversight of intelligence, DNI James Clapper instructed U.S. intelligence agencies to be responsive to GAO, at least within certain boundaries.

“It is IC policy to cooperate with the Comptroller General, through the GAO, to the fullest extent possible, and to provide timely responses to requests for information,” the DNI wrote.

Of course, Clapper’s definition of “responsive” probably differs greatly from the normally-accepted usage of the word. Having Clapper condone cooperation with an agency that exists to find flaws and misconduct is a bit underwhelming. The NSA’s top men have been less than cooperative in the many hearings since the Snowden leaks began, most often recycling old talking points and insisting on discussing it in the context of one program (Section 215) when everyone else is clearly focused on another area.

Still, whatever the GAO finds (that somehow doesn’t get blotted out with black ink) will provide more useful information for its Congressional overseers. This certainly shouldn’t be used in place of more independent oversight committees, but it should prove to be a valuable addition. The real question Congress needs to answer is why it has ignored this option for so many years.

January 8, 2014 Posted by | Corruption, Deception | , , , | Leave a comment

7 Things You Missed If You Didn’t Read Wired’s Big Story On How The NSA Is Killing The Internet

By Mike Masnick | Techdirt | January 7, 2014

Steven Levy, who specializes in massive articles looking into aspects of the tech industry, has a new one for Wired, called How the NSA Almost Killed the Internet. It basically looks at how the NSA legally coerced the tech companies into having to comply with certain court orders to hand over information, and how the tech companies have been gagged from explaining what’s going on. And then… he gets the NSA’s side of the story. Much of what’s in there is stuff that you probably already know (especially if you read Techdirt regularly), but I wanted to call out a few tidbits that I hadn’t seen or heard anywhere else before:

  1. Google doesn’t charge the government for requests for information:

    FISA requires the government to reimburse companies for the cost of retrieving information. Google says it doesn’t bother to charge the government. But one company says it uses that clause, hoping to limit the extent of the requests. “At first, we thought we shouldn’t charge for it,” says an executive of that company. “Then we realized, it’s good—it forces them to stop and think.”

    This is kind of a “damned if you do/damned if you don’t” situation. I know plenty of folks in the civil liberties community go back and forth on it. When companies do charge, then you see articles about how companies are “making a profit” off of violating our privacy. If they don’t charge, then you see arguments about how they’re making it too easy for the government to get info. Either way, the standard has been to charge basic costs, so it’s interesting to see that Google doesn’t charge at all, probably betting on the fact that if they did, it would be misrepresented. Of course, the fact that they don’t might be misrepresented as well.

  2. The NSA has no response to fear of future abuse of programs beyond “we’d never do that.” Seriously.

    Critics charge that while there is not yet any evidence of massive abuse of the NSA’s collected data, there is also no guarantee that a future regime won’t ignore these touted protections. These officials discounted that possibility, saying that the majority of NSA employees wouldn’t stand for such a policy. “If that happened, there would be lines at the Inspector General’s office here, and at Congress as well—longer than a Disneyland line,” Ledgett says. (The fates of several NSA employees-turned-whistleblowers indicate that anyone in that hypothetical queue would be in for a ride far wilder than anything in Anaheim.)

    Sure, except there’s a very long history of the NSA and the FBI doing exactly the opposite (the claim of no evidence of massive abuse is not actually true). And, as Levy notes in that final parenthetical, the way whistleblowers are treated these days would probably shorten that line quite a bit.

  3. Keith Alexander admits that companies were compelled to comply and admits that we should stand up for the companies not to be harmed by all of this:

    “This isn’t the companies’ fault. They were compelled to do it. As a nation, we have a responsibility to stand up for the companies, both domestically and internationally. That is our nation’s best interest. We don’t want our companies to lose their economic capability and advantage. It’s for the future of our country.”

    Those words could have come from a policy spokesperson for Google, Facebook, Microsoft, or Yahoo. Or one of the legislators criticizing the NSA’s tactics. Or even a civil liberties group opposing the NSA. But the source is US Army general Keith Alexander, director of the NSA. Still, even as he acknowledges that tech companies have been forced into a tough position, he insists that his programs are legal, necessary, and respectful of privacy.

    This is just bizarre. If he doesn’t want the companies to lose their economic capability and advantage, maybe he shouldn’t have undermined a large portion of it.

  4. Companies were given about 90 minutes to respond to the (misleading) claims in the original PRISM article that they had given the NSA direct access to their servers.

    “We had 90 minutes to respond,” says Facebook’s head of security, Joe Sullivan. No one at the company had ever heard of a program called Prism. And the most damning implication—that Facebook and the other companies granted the NSA direct access to their servers in order to suck up vast quantities of information—seemed outright wrong. CEO Mark Zuckerberg was taken aback by the charge and asked his executives whether it was true. Their answer: no.

    Similar panicked conversations were taking place at Google, Apple, and Microsoft. “We asked around: Are there any surreptitious ways of getting information?” says Kent Walker, Google’s general counsel. “No.”

    This remains one of the most unfortunate bits about the Snowden leaks. While I think that Barton Gellman, Glenn Greenwald and Laura Poitras have done an incredible job with most of their reporting, the original PRISM stories that appeared in the Washington Post and Guardian both came out rushed and were misleading, which is still impacting how people are reporting on these things today. The PRISM program and Section 702 of the FISA Amendments Act have serious issues that need exploring, but it’s all been distorted by the misleading initial claims, which implied things that just weren’t true.

  5. The NSA claims it uses the very same encryption that it tries to push everyone else to use. Yes, the same encryption that Snowden docs have revealed was compromised by the NSA.

    And the NSA insists that, despite the implications of those Snowden-leaked documents, it does not engage in weakening encryption standards. “The same standards we recommend are the standards we use,” Ledgett says. “We would not use standards we thought were vulnerable. That would be insane.”

    Sorry, but no one believes that one at all. The clear takeover by the NSA of NIST standards shows that’s clearly not true.

  6. The NSA still doesn’t realize how serious all of this is. They still think it’s just been blown out of proportion.

    They understand that journalism conferences routinely host sessions on protecting information from government snoops, as if we were living in some Soviet society. And they are aware that multiple security specialists in the nation’s top tech corporations now consider the US government their prime adversary.

    But they do not see any of those points as a reason to stop gathering data. They chalk all of that negativity up to monumental misunderstandings triggered by a lone leaker and a hostile press.

  7. Patent troll Nathan Myhrvold is also completely clueless about national security:

    Former Microsoft research head Nathan Myhrvold recently wrote a hair-raising treatise arguing that, considering the threat of terrorists with biology degrees who could wipe out a good portion of humanity, tough surveillance measures might not be so bad. Myhrvold calls out the tech companies for hypocrisy. They argue that the NSA should stop exploiting information in the name of national security, he says, but they are more than happy to do the same thing in pursuit of their bottom lines. “The cost is going to be lower efficiency in finding terrorist plots—and that cost means blood,” he says.

    This is stupid on so many levels. First, the old argument that it’s somehow equivalent of tech companies and the NSA to make use of information — a claim that Levy ridiculously repeats multiple times in his article — is a line that has been debunked so many times it’s really beneath Levy to give it any life at all, let alone refuse to point out how stupid it is. Companies provide a direct service to users, and they make a decision: If I give this information, I get this service in return. It’s a decision made by the consumer, and a trade-off where they decide if it’s worth it. We can argue that people should have more information about the costs and benefits, but it’s still a trade-off where the final decision is their own. The NSA, on the other hand, is not providing a choice or a trade-off. They’re just taking everything in exchange for nothing. And, oh yeah, they have guns and can put you in jail — something no company can do.

    Second, Myhrvold incorrectly buys completely the line that all this data collection has been helpful in stopping terrorists. There’s just one problem: there is no evidence to support that. Besides, based on his idiotic reasoning, we might as well just do away with pretty much all our rights. For example, I’m pretty sure that we could all have protected Myhrvold more completely if there were video cameras streaming video of everything he did within the privacy of his own home, cars, office or just walking around, right? We could certainly make sure that no one was attacking him or, better yet, that he wasn’t about to attack anyone. The cost of not spying on every moment of Nathan Myhrvold might mean “blood.” So, based on his own logic, we should violate his privacy, right?

All in all there’s a lot in the article that’s worth reading, but those were a few key points that really stood out.

January 8, 2014 Posted by | Civil Liberties, Corruption, Deception, Full Spectrum Dominance | , , | Leave a comment

Obama Plans Cosmetic Surveillance Changes After All, Will Set Up Pretend Fight Over NSLs

By Mike Masnick | Techdirt | January 6, 2014

Leaks coming out of the Obama administration suggest that the President is preparing mostly cosmetic changes to the intelligence community, following the recommendations from the intelligence task force — which were much stronger than many expected. The reports suggest things like putting a public advocate to represent the public’s views in certain cases before the FISC. This has been talked about for a while, and was the main concession plenty of people had been expecting anyway. That’s hardly anything big.

The article talks about two other potential reforms. The first is shifting the holding of phone call metadata from the NSA to the phone companies, allowing the NSA to still search through it after getting a court order. While this may be a marginal improvement, it still has tremendous problems. It will almost certainly come with some sort of data retention law — something that the feds have wanted for ages, and which civil liberties activists have been fighting against for years. Companies shouldn’t be required to hang on to data they don’t need, especially if getting rid of it can better protect their users’ privacy. Furthermore, while not letting the NSA hang onto the data is a good thing, there is a reasonable concern that if the telcos are hanging onto the data themselves, that they, too, might do bad things with it, with little to no oversight.

However, most of the article from the LA Times focuses on National Security Letter (NSL) reform. We’ve written about those for years. NSLs are the way that the FBI can demand information from companies without any judicial review at all and, even more insane, with a complete gag order that prevents the recipient from telling anyone (including, at times, your lawyer). The FBI has an incredibly long history of “serious misuse” of NSLs, and has shown little to no interest in fixing the process. Nearly a year ago, a court actually ruled them unconstitutional, but there’s an ongoing appeals process that will take quite a bit of time.

However, as the article notes, the DOJ/FBI and other surveillance maximalists are all horrified by the idea that Obama might actually require judicial approval of NSLs, for all but “emergency” situations. What this sounds like is that the President may suggest something along those lines, there will be a well coordinated press attack from surveillance hawks freaking out about the danger this puts us all in… and then he’ll back down on that one point. And we’ll be left with… basically nothing, but the President will go around insisting that he reformed the intelligence community, while everything more or less stays the same.

Related articles

January 7, 2014 Posted by | Civil Liberties, Corruption, Deception, Full Spectrum Dominance, Progressive Hypocrite | , , , , , | Leave a comment

Canada’s CSE admits to ‘incidental’ spying

Press TV – January 7, 2014

Communications Security Establishment Canada (CSE) has admitted that it “incidentally” spied on Canadians, making it the first time the agency deviates from its standard statement that it does not “target” the electronic communications of Canadian citizens.

The country’s foreign intelligence agency said in a statement published on its website that “it is possible that we may incidentally intercept Canadian communications or information.”

A spokesman for the agency said the statement was an initial response to the media attention following the disclosures by American whistleblower Edward Snowden.

According to the CSE, additional information about how it operates is to be posted in coming months “to share more information about our organization in as transparent a manner as possible while still respecting our security obligations.”

However, experts say the effort by the CSE is mostly government mantra and it does not address issues raised by Snowden leaks.

Wesley Wark, a security intelligence expert at the University of Ottawa, said the statement does not discuss the disclosures about collections of metadata or about the use of CSE’s foreign intelligence partners, including the United States, for information exchanges about targets, including Canadians of national security concern.

The leaked documents published in recent months have revealed among others that Canada has set up cover spying posts around the world and spied on trading partners at the request of the US National Security Agency (NSA).

Reports published in Canadian media and based on the leaks have shown that Canada allowed the NSA to conduct surveillance operations on its soil during the 2010 summits of G8 and G20.

Other reports have shown that the Canadian intelligence agency spied on communications at Brazil’s Mining and Energy Ministry, as it has mining interests in the South American country.

Related articles

January 7, 2014 Posted by | Civil Liberties, Corruption, Full Spectrum Dominance | , , , , | Leave a comment

When Your Phone Is Not Your Friend

By Peter Lee | China Matters | January 2, 2014

Gadzooks!  They’ve cracked the iPhone!?

Newly leaked documents from the National Security Agency highlight Dropout Jeep, a piece of software that could target one of the country’s most popular devices — the iPhone.

According to documents published by the German news website Spiegel Online and dated Oct. 1, 2008, Dropout Jeep would give the NSA the ability to retrieve contact information, read through text messages, listen to voicemails and even turn on the iPhone camera and microphone.

The document goes on to say that while Drop Jeep was currently limited to installation through “close access methods,” the NSA would research ways to install the program remotely in future versions.

If you’re wondering how the NSA developed this fiendish capability, fingers are being pointed at Apple, but a trip through the Wayback machine suggests another possible culprit:

From a 2011 article by Mark Elgan at Computerworld:

Cellphone users say they want more privacy, and app makers are listening.

No, they’re not listening to user requests. They’re literally listening to the sounds in your office, kitchen, living room and bedroom.

A new class of smartphone app has emerged that uses the microphone built into your phone as a covert listening device — a “bug,” in common parlance.

The issue was brought to the world’s attention recently on a podcast called This Week in Tech. Host Leo Laporte and his panel shocked listeners by unmasking three popular apps that activate your phone’s microphone to collect sound patterns from inside your home, meeting, office or wherever you are.

The new apps are often sneakier about it [than older apps, which were activated by users in order to identify a song that was playing, etc.–CH]. The vast majority of people who use the Color app, for example, have no idea that their microphones are being activated to gather sounds.

Welcome to the future.

[M]arketers love cellphones, which are viewed as universal sensors for conducting highly granular, real-time market research.

Of course, lots of apps transmit all kinds of private data back to the app maker. Some send back each phone’s Unique Device Identification (UDI), the number assigned to each mobile phone, which can be used to positively identify it. Other apps tell the servers the phone’s location. Many apps actually snoop around on your phone, gathering up personal information, such as gender, age and ZIP code, and zapping it back to the company over your phone’s data connection.

Methinks it would behoove consumers wondering how the NSA might get into their iPhones to hie themselves to their local App Store.

A little further back in the Wayback machine brings us to the analog era, my favorite, when all that was needed to turn your home phone into a microphone was some fiddling at the telco switch.  From Bloomberg in 1999:

It’s hardly a secret that phone taps are a favorite ploy of industrial spies as well as law-enforcement agencies. What isn’t well-known is that the phone doesn’t even have to be off the hook to be tapped. It’s possible to activate a hung-up phone remotely and use it to eavesdrop. This techno-trick recently came to light as a result of a drug dealer’s court case in the Netherlands–but it is said that the technique will work on virtually any phone anywhere.

I remember reading somewhere that this was a much-cherished technology for various British intelligence outfits working through British Telecom and its previous incarnation, Post Office Telecommunications.

And from Mark Bowden’s book on the US-assisted manhunt for Pablo Escobar in the early 1990s, Killing Pablo, here is a nugget from the analog cell phone era which, I expect, still applies today:

There was another nifty secret feature to Centra Spike’s capability [a US Army sigint outfit that, unlike the NSA, was tasked with providing tactical intelligence to special operations–CH].  So long as their target left the battery in his cell phone, Centra Spike could remotely turn it on whenever they wished.  Without triggering the phone’s lights or beeper, the phone could be activated so that it emitted a low-intensity signal, enough for the unit to get a fix on its general location…

With this background, the extravagant cybercaution of Brookings China wonk Kenneth Lieberthal is understandable:

When Kenneth G. Lieberthal, a China expert at the Brookings Institution, travels to that country, he follows a routine that seems straight from a spy film.

He leaves his cellphone and laptop at home and instead brings “loaner” devices, which he erases before he leaves the United States and wipes clean the minute he returns. In China, he disables Bluetooth and Wi-Fi, never lets his phone out of his sight and, in meetings, not only turns off his phone but also removes the battery, for fear his microphone could be turned on remotely. He connects to the Internet only through an encrypted, password-protected channel, and copies and pastes his password from a USB thumb drive. He never types in a password directly, because, he said, “the Chinese are very good at installing key-logging software on your laptop.”

I have a feeling that Mr. Lieberthal’s countermeasures are informed both by awareness of PRC perfidy, and knowledge of the immense penetration and surveillance capabilities the industrial-security partnership has brought to the telecom and networking game around the world.

If you’re in China–or anywhere else–that phone in your pocket: it’s not your friend.

January 3, 2014 Posted by | Deception, Full Spectrum Dominance | | Leave a comment

NSA Unit Intercepts Computer Shipments for Secret Access Modifications

By Noel Brinkerhoff | AllGov | January 1, 2014

Sophisticated as it is with myriad forms of electronic spying at its disposal, the National Security Agency (NSA) sometimes resorts to old-fashioned, hands-on methods of breaking into someone’s computer system.

In rare instances when the agency can’t hack its way into a network, the NSA employs a special group of “plumbers” to gain access.

These specialists intercept computer shipments ordered by a targeted person and reroute the boxes to secret workshops. There, the packages are opened, and either software or hardware are implanted into the equipment to allow the NSA full access to the system once it’s operational by the target. The packages are then carefully resealed and sent on their way to the unsuspecting customers.

This type of old-school procedure, referred to by NSA as “interdiction,” is considered by the agency to be one of its “most productive operations,” a method that gives the NSA access to computer networks “around the world.”

These interceptions are just one of the many sneaky tasks performed by the NSA’s Office of Tailored Access Operations (TAO), which is also skilled at electronic snooping.

According to NSA documents obtained by the German newspaper Der Spiegel, TAO handles jobs involving counterterrorism, cyber attacks and traditional espionage.

Matthew Aid, a historian who specializes in NSA history, told Spiegel that TAO is “akin to the wunderkind of the US intelligence community,” adding that within the NSA, the unit is known for “getting the ungettable.”

TAO’s work has extended around the globe, reaching more than 250 targets in nearly 90 countries. It has been projected that about 85,000 computers worldwide were infiltrated by NSA specialists as of the end of 2013. Most of the “implants” were accomplished via the Internet by TAO teams.

“Indeed, TAO specialists have directly accessed the protected networks of democratically elected leaders of countries,” Spiegel wrote. “They infiltrated networks of European telecommunications companies and gained access to and read mails sent over Blackberry’s BES email servers, which until then were believed to be securely encrypted.”

The unit’s successes have given the NSA reason to expand its size and locations since first establishing TAO in 1997.

TAO offices now operate out of Wahiawa, Hawaii; Fort Gordon, Georgia; Buckley Air Force Base near Denver, Colorado; Lackland Air Force Base in San Antonio, Texas; and Fort Meade, Maryland (NSA headquarters).

The San Antonio unit alone is expected to grow from 60 to 270 specialists by 2015.

To Learn More:

Inside TAO: Documents Reveal Top NSA Hacking Unit (Der Spiegel)

Shopping for Spy Gear: Catalog Advertises NSA Toolbox (by Jacob Appelbaum, Judith Horchert and Christian Stöcker, Der Spiegel)

Computer Security Firm Accepted $10 Million Payoff to Give NSA Backdoor Access (by Noel Brinkerhoff, AllGov)

January 1, 2014 Posted by | Corruption, Full Spectrum Dominance | , , , , | Leave a comment

NSA Admits Lots Of People Could Have Done What Snowden Did

By Mike Masnick | Techdirt | December 31, 2013

The NSA keeps changing its story about Snowden. Was he brilliant or a nobody? Did he have access to all these documents or did he have to hack into systems? Did he get the important stuff or not? Each time the story seems to be different. A few months ago, you may recall the NSA insisted that Snowden needed to borrow the identities of others to access the documents he had. They also argued that he must have bypassed or deleted log files. However, in an interview, the NSA’s Director of Technology, Lonny Anderson, admits that basically anyone at the NSA with top secret clearance could all access the same stuff and also claims that all the log files were there:

contrary to much of what’s been reported about Snowden’s work at the NSA, it wasn’t his position as a systems administrator and the broad access to networks and databases that came with it that allowed him to steal so many secrets. Rather, Anderson said, “the lion’s share” of the information Snowden obtained was available to him because of his top-secret security clearance — TS/SCI — which allowed him to access so-called sensitive compartmented information.

That’s an important distinction, because it means any number of the thousands of people at the NSA with the same clearance level could have done what Snowden did — not just the smaller number of systems administrators, who have a kind of “super user” access that isn’t granted to all other employees. That helps explain why Anderson couldn’t tell the White House that there were no more Snowdens. Theoretically, there could have been thousands of them.

Of course, who knows if Anderson is telling the truth. Later in the interview he seems to contradict himself — both claiming that Snowden’s activities on the network were tracked (“He was not a ghost. It’s not like he was so stealthy that we didn’t see his activities”) and that Snowden was able to get away with what he did because he was “anonymous” on the network.

“Where I think we were negligent — if we were negligent — where we were is that we allowed him some form of anonymity as he did that. Someone wasn’t watching all of that. So the lesson learned for us is that you’ve got to remove anonymity from the network.”

I guess it’s possible that the actions were tracked without the identification of who it was. Amusingly, you could argue that the NSA had the metadata on Snowden’s actions, but not the actual details of who he was. Oh, the irony.

The one area where Snowden’s sysadmin role apparently did play a part was in being able to get many of those documents off the network without being noticed. Part of his job was, as revealed earlier, to move documents around within the NSA’s network, but his sysadmin status allowed him to download those documents without any alarm bells going off.

What Snowden could do as a systems administrator, as opposed to an employee without those privileges, was to “exfiltrate,” or remove data from the NSA networks, Anderson said. “That, a normal user would not have been able to do.” He acknowledged that the NSA’s information control regime is not currently designed to alert officials when documents are being removed by a systems administrator. That’s going to change, Anderson said. In the future, individuals will also be locked out of the networks if they remove data without authorization.

At this point, it’s difficult to believe anything that the NSA is saying about Snowden, because so much of it seems to contradict what the NSA itself has said in the past. Perhaps that’s just part of the disinformation campaign. Or, perhaps it’s a sign that the NSA still has no clue what happened.

Related article

December 31, 2013 Posted by | Deception | , , , | Leave a comment

« Previous Entries     Next Entries »