Category Archives: surveillance

The archaic All Writs Act the government is using to try and unlock a terrorist’s iPhone

The Washington Post reports: The U.S. government and Apple are locked in a legal battle over unlocking an iPhone used by one of the San Bernardino shooters. But a new court order is throwing a law that dates to the days of the founding fathers into a high-tech debate over digital security.

On Tuesday, a U.S. magistrate judge in California ordered Apple to provide “reasonable technical assistance” to the government as it tries to bypass security features built into its products based on an interpretation of the “All Writs Act.”

The original form of that statute dates to the Judiciary Act of 1789, centuries before the iPhone was a twinkle in Steve Jobs’s eye. In its current form, the law gives federal courts the power to “issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”

Basically, it’s “a very short, cryptic statute” that gives the courts “all sorts of incidental powers” to require things not specifically covered by other laws, according to Stephen Vladeck, a law professor at American University.

In the past, the act has been used to compel non-parties — like service providers of tech companies — to help in criminal investigations, Vladeck said. But that help has typically been limited to straightforward requests, like activating or turning off particular features and using systems that are already in place, he said.

The new order is different: It tells Apple to help the government by creating an entirely new software to help investigators bypasses security features. “That requires Apple to go much further than any company has ever been required to go in one of these cases,” said Vladeck. [Continue reading…]

Last October, Jennifer Granick and Riana Pfefferkorn wrote: Under the government’s interpretation of the All Writs Act, anyone who makes software could be dragooned into assisting the government in investigating users of the software. If the court adopts this view, it would give investigators immense power. The quotidian aspects of our lives increasingly involve software (from our cars to our TVs to our health to our home appliances), and most of that software is arguably licensed, not bought. Conscripting software makers to collect information on us would afford the government access to the most intimate information about us, on the strength of some words in some license agreements that people never read. (And no wonder: The iPhone’s EULA came to over 300 pages when the government filed it as an exhibit to its brief.)

The government’s brief does not acknowledge the sweeping implications of its arguments. It tries to portray its requested unlocking order as narrow and modest, because it “would not require Apple to make any changes to its software or hardware, … [or] to introduce any new ability to access data on its phones. It would simply require Apple to use its existing capability to bypass the passcode on a passcode-locked iOS 7 phone[.]” But that undersells the implications of the legal argument the government is making: that anything a company already can do, it could be compelled to do under the All Writs Act in order to assist law enforcement. [Continue reading…]

Facebooktwittermail

How a New York judge inspired Apple’s encryption fight

Reuters reports: Last October, prosecutors from the Justice Department asked a federal magistrate judge in Brooklyn to issue an order directing Apple to help the Drug Enforcement Administration bust security on an iPhone 5 seized from the home of Jun Feng, a suspected meth dealer.

The government had previously obtained many such orders against Apple and other companies under the All Writs Act, a 1789 statute that grants federal courts broad power to issue “necessary or appropriate” writs.

The act has been a powerful tool for prosecutors since 1977, when the U.S. Supreme Court ruled in U.S. v. New York Telephone that the All Writs Act extends, under certain conditions, to private companies in a position to assist “the proper administration of justice.”

Apple has a long history of compliance with All Writs Act orders. The company helped New York investigators extract data from a suspected child sex abuser’s iPhone in 2008; rushed a data extraction in 2013 from the phone of an alleged child pornographer in Washington; and in 2015 provided federal agents in Florida with data the company extracted from a drug suspect’s phone.

According to a Justice Department brief filed last fall, Apple never objected to All Writs Act orders in those cases – nor, for that matter, to any All Writs Act order directing the company to help federal investigators break into iPhones.

Apple’s policy of acquiescence abruptly changed in the Jun Feng case last year. And for all of the attention now focused on Apple’s announced opposition to a newly issued All Writs Act order directing the company to help Justice Department investigators break the passcode on an iPhone belonging to San Bernardino shooter Syed Farook, the Feng case is quite likely to produce a ruling before the Farook case.

The impending showdown over Farook’s phone is an irresistibly stark depiction of the competing interests of individual privacy and national security. But keep your eye on precedent from Feng. [Continue reading…]

Facebooktwittermail

FBI’s push to ‘fix a typo’ would really expand its surveillance authority

Robyn Greene writes: At last week’s Senate Intelligence Committee hearing on Worldwide Threats, FBI Director James Comey reiterated his call for a major expansion of the FBI’s surveillance authorities, but disingenuously downplayed it as fixing a “typo” in the law. In fact, Comey’s proposed fix, which he calls one of the FBI’s top legislative priorities, would be a major expansion of surveillance authority, and a major hit to Americans’ privacy and civil liberties. It would grant the FBI access to a range of revealing and personal details about Americans’ online communications — what are called Electronic Communications Transactional Records (ECTR), in legalese — without court approval.

Through Comey’s “ECTR fix,” the FBI would have the unilateral authority to obtain information from phone and Internet companies about your online communications such as logs of emails you send and receive, cell site data (including your location information), and lists of websites you visit. The FBI wants to get this information using National Security Letters (NSLs), which are demands for information issued directly by local FBI offices without any court approval or supervision.

Under current law, the FBI can only use NSLs to get information pertaining to a customer’s “name, address, length of service, and local and long distance toll billing records of a person or entity.” By contrast, if the FBI wants to compel a company to hand over the much more revealing private information that is included in ECTRs, they currently can’t use NSLs — instead, they have to get a court order after convincing a judge that they have a factual basis for demanding those records. Therefore, the FBI’s proposal that Congress add ECTRs to the NSL statute is far from a typo fix, and would instead be a major expansion of FBI’s authority to conduct surveillance with virtually no oversight and no accountability. [Continue reading…]

Facebooktwittermail

Apple’s stance highlights a more confrontational tech industry

Farhad Manjoo writes: The battle between Apple and law enforcement officials over unlocking a terrorist’s smartphone is the culmination of a slow turning of the tables between the technology industry and the United States government.

After revelations by the former National Security Agency contractor Edward J. Snowden in 2013 that the government both cozied up to certain tech companies and hacked into others to gain access to private data on an enormous scale, tech giants began to recognize the United States government as a hostile actor.

But if the confrontation has crystallized in this latest battle, it may already be heading toward a predictable conclusion: In the long run, the tech companies are destined to emerge victorious.

It may not seem that way at the moment. On the one side, you have the United States government’s mighty legal and security apparatus fighting for data of the most sympathetic sort: the secrets buried in a dead mass murderer’s phone. The action stems from a federal court order issued on Tuesday requiring Apple to help the F.B.I. unlock an iPhone used by one of the two attackers who killed 14 people in San Bernardino, Calif., in December.

In the other corner is the world’s most valuable company, whose chief executive, Timothy D. Cook, has said he will appeal the court’s order. Apple argues that it is fighting to preserve a principle that most of us who are addicted to our smartphones can defend: Weaken a single iPhone so that its contents can be viewed by the American government and you risk weakening all iPhones for any government intruder, anywhere.

There will probably be months of legal tussling, and it is not at all clear which side will prevail in court, nor in the battle for public opinion and legislative favor.

Yet underlying all of this is a simple dynamic: Apple, Google, Facebook and other companies hold most of the cards in this confrontation. They have our data, and their businesses depend on the global public’s collective belief that they will do everything they can to protect that data. [Continue reading…]

Facebooktwittermail

Warnings about risks posed by encryption have been wildly overblown by intelligence agencies, says report

encryption

The New York Times reports: For more than two years the F.B.I. and intelligence agencies have warned that encrypted communications are creating a “going dark” crisis that will keep them from tracking terrorists and kidnappers.

Now, a study in which current and former intelligence officials participated concludes that the warning is wildly overblown, and that a raft of new technologies — like television sets with microphones and web-connected cars — are creating ample opportunities for the government to track suspects, many of them worrying.

“ ‘Going dark’ does not aptly describe the long-term landscape for government surveillance,” concludes the study, to be published Monday by the Berkman Center for Internet and Society at Harvard.

The study argues that the phrase ignores the flood of new technologies “being packed with sensors and wireless connectivity” that are expected to become the subject of court orders and subpoenas, and are already the target of the National Security Agency as it places “implants” into networks around the world to monitor communications abroad. [Continue reading…]

Facebooktwittermail

A private company has captured 2.2 billion photos of license plates in cities across the U.S.

Conor Friedersdorf writes: Throughout the United States — outside private houses, apartment complexes, shopping centers, and businesses with large employee parking lots — a private corporation, Vigilant Solutions, is taking photos of cars and trucks with its vast network of unobtrusive cameras. It retains location data on each of those pictures, and sells it.

It’s happening right now in nearly every major American city.

The company has taken roughly 2.2 billion license-plate photos to date. Each month, it captures and permanently stores about 80 million additional geotagged images. They may well have photographed your license plate. As a result, your whereabouts at given moments in the past are permanently stored. Vigilant Solutions profits by selling access to this data (and tries to safeguard it against hackers). Your diminished privacy is their product. And the police are their customers.

The company counts 3,000 law-enforcement agencies among its clients. Thirty thousand police officers have access to its database. Do your local cops participate?

If you’re not sure, that’s typical.

To install a GPS tracking device on your car, your local police department must present a judge with a rationale that meets a Fourth Amendment test and obtain a warrant. But if it wants to query a database to see years of data on where your car was photographed at specific times, it doesn’t need a warrant — just a willingness to send some of your tax dollars to Vigilant Solutions, which insists that license plate readers are “unlike GPS devices, RFID, or other technologies that may be used to track.” Its website states that “LPR is not ubiquitous, and only captures point in time information. And the point in time information is on a vehicle, not an individual.” [Continue reading…]

Facebooktwittermail

The color of surveillance

Alvaro Bedoya writes: Every day, we hear about the power and promise of pervasive surveillance. We are losing sight of its victims. Instead, an NSA debate that could have surfaced a long line of black, Latino, Asian, and Muslim victims of surveillance was cast as an argument between the U.S. military and Snowden — national security versus the hackers.

This narrow focus may have blinded Congress to a little known but especially troubling aspect of the NSA scandal. In June 2013, the headlines were that the NSA was logging everyone’s phone calls. We now know that the NSA’s call records program — the single largest domestic spying program in our nation’s history — was effectively beta-tested for almost a decade on American immigrants.

In 1992, the Drug Enforcement Administration began a call records program that’s considered the blueprint for the NSA’s program, which began after Sept. 11 and received court approval in 2006. The DEA program logged virtually all calls made from the United States to a list of countries, regardless of who made them or why. Over time, 116 countries were added to that list — including Mexico and most of Central and South America. This means that for almost a decade before the NSA call records program, countless immigrants’ calls were tracked by the DEA when they called home. This is particularly true for Hispanic immigrants, who make up a large part of what is now the largest minority group in the country. We do not know what transpired in Congress’ closed-door discussions about the NSA or DEA call records programs, but public debates largely ignored these facts.

The next NSA debate will peak at the end of 2017. That’s the expiration date of another surveillance law that allows the government to read — without a warrant — certain messages stored on companies’ U.S. servers where at least one party to the communication was a foreigner living abroad. Will Congress probe the likely disparate impact of this law? If not, when will Congress reckon with the color of surveillance? [Continue reading…]

Facebooktwittermail

How a misreported story is changing U.S. immigration policy

The Atlantic reports: On Sunday, The New York Times published a scorching story alleging that one of the killers in the San Bernardino attack had previously “talked openly on social media about her views on violent jihad.”

But by Thursday, the Times admitted it had gotten parts of the story wrong. Tashfeen Malik had not posted publicly about violent jihad before moving to the U.S. Instead, according to the FBI, she had written about violent jihad only in private messages—not public posts. The Times changed its story, issued a correction, and endured a par­tic­u­larly bru­tal pub­lic flog­ging at the hands of its public editor.

That correction, however, came far too late to put the genie back in the bottle. News of the so-called “public” posts had already rocketed around the Internet, been cited repeatedly in the Republican presidential debate, and, apparently, made quite an impression on Capitol Hill.

On Tuesday, Senator John McCain pointed to the Times report in an­noun­cing legislation to require the Department of Homeland Security to “search all public records, including Internet sites and social media profiles” when vetting applicants to enter the U.S.

The same day, nearly two dozen Democrats wrote to Homeland Security Secretary Jeh Johnson calling for “more robust social media background check process for all visitors and immigrants to the United States.” The let­ter references press ac­counts in­dic­at­ing that such work had been done inconsistently. And it says Ma­lik “may have ex­pressed rad­ic­al ji­hadist sentiments on so­cial me­dia platforms.” [Continue reading…]

Facebooktwittermail

Surveillance challenge: The transition from struggling identity to mujahid is often fast and furious

Scott Atran and Nafees Hamid write: French counterterrorism surveillance data (FSPRT) has identified 11,400 radical Islamists, 25 percent of whom are women and 16 percent minors — among the minors, females are in a majority. Legal proceedings are now underway against 646 people suspected of involvement in terrorist activity. French Prime Minister Manuel Valls conceded after Friday’s attacks that even keeping full track of those suspected of being prone to violent acts is practically impossible: around-the-clock surveillance of a single individual requires ten to twenty security agents, of which there are only 6,500 for all of France.

Nor is it a matter of controlling the flow of people into France. France’s Center for the Prevention of Sectarian Drift Related to Islam (CPDSI) estimates that 90 percent of French citizens who have radical Islamist beliefs have French grandparents and 80 percent come from non-religious families. In fact, most Europeans who are drawn into jihad are “born again” into radical religion by their social peers. In France, and in Europe more generally, more than three of every four recruits join the Islamic State together with friends, while only one in five do so with family members and very few through direct recruitment by strangers. Many of these young people identify with neither the country their parents come from nor the country in which they live. Other identities are weak and non-motivating. One woman in the Paris suburb of Clichy-sous-Bois described her conversion as being like that of a transgender person who opts out of the gender assigned at birth: “I was like a Muslim trapped in a Christian body,” she said. She believed she was only able to live fully as a Muslim with dignity in the Islamic State.

For others who have struggled to find meaning in their lives, ISIS is a thrilling cause and call to action that promises glory and esteem in the eyes of friends, and through friends, eternal respect and remembrance in the wider world that many of them will never live to enjoy. A July 2014 poll by ICM Research suggested that more than one in four French youth of all creeds between the ages of eighteen and twenty-four have a favorable or very favorable opinion of ISIS. Even if these estimates are high, in our own interviews with young people in the vast and soulless housing projects of the Paris banlieues we found surprisingly wide tolerance or support for ISIS among young people who want to be rebels with a cause — who want, as they see it, to defend the oppressed.

Yet the desire these young people in France express is not to be a “devout Muslim” but to become a mujahid (“holy warrior”): to take the radical step, immediately satisfying and life-changing, to obtain meaning through self-sacrifice. Although feelings of marginalization and outrage may build over a long time, the transition from struggling identity to mujahid is often fast and furious. The death of six of the eight Paris attackers by suicide bombs and one in a hail of police bullets testifies to the sincerity of this commitment, as do the hundreds of French volunteer deaths in Syria and Iraq. [Continue reading…]

Facebooktwittermail

After Paris attacks, CIA director rekindles debate over surveillance

Scott Shane writes: A diabolical range of recent attacks claimed by the Islamic State — a Russian airliner blown up in Egypt, a double suicide bombing in Beirut and Friday’s ghastly assaults on Paris — has rekindled a debate over the proper limits of government surveillance in an age of terrorist mayhem.

On Monday, in unusually raw language, John Brennan, the C.I.A. director, denounced what he called “hand-wringing” over intrusive government spying and said leaks about intelligence programs had made it harder to identify the “murderous sociopaths” of the Islamic State.

Mr. Brennan appeared to be speaking mainly of the disclosures since 2013 of the National Security Agency’s mass surveillance of phone and Internet communications by Edward J. Snowden, which prompted sharp criticism, lawsuits and new restrictions on electronic spying in the United States and in Europe.

In the wake of the 129 deaths in Paris, Mr. Brennan and some other officials sounded eager to reopen a clamorous argument over surveillance in which critics of the spy agencies had seemed to hold an advantage in recent years.

“As far as I know, there’s no evidence the French lacked some kind of surveillance authority that would have made a difference,” said Jameel Jaffer, deputy legal director of the American Civil Liberties Union. “When we’ve invested new powers in the government in response to events like the Paris attacks, they have often been abused.”

The debate over the proper limits on government dates to the origins of the United States, with periodic overreaching in the name of security being curtailed in the interest of liberty. This era of Al Qaeda and the Islamic State in some ways resembles battles that American and European authorities fought in the late 1800s with anarchists who carried out a wave of assassinations and bombings, provoking a huge increase in police powers, said Audrey Kurth Cronin, a historian of terrorism at George Mason University.

Since then, there were the excesses of McCarthyism exploiting fears of Communist infiltration in the 1950s, the exposure of domestic spying and C.I.A. assassination plots in the 1970s, and the battles over torture, secret detention and drone strikes since Sept. 11, 2001. [Continue reading…]

Facebooktwittermail

How policing in the U.S. is relentlessly being militarized

GQ reports: Last month, the local press in New York confirmed what civil rights advocates had been saying for years: the NYPD has been driving around in unmarked vans chock full of X-ray equipment and scanning for… something.

It was a major story, mostly because not much is known about “Z Backscatter” vans other than that they cost somewhere between $729,000 and $825,000. Yet, there’s no way to know for sure what they’re capable of because the NYPD refuses to talk about them, even though the ACLU won a lawsuit that required the department to reveal records about the vans (including their potential health impacts on people who might be exposed to X-rays without knowing it). “The devices we have, the vehicles if you will, are all used lawfully and if the ACLU and others don’t think that’s the case, we’ll see them in court — where they’ll lose!” Commissioner Bill Bratton told the New York Post.

The X-ray vans bring up all kinds of concerns about privacy, health, and general ickiness — no one wants to walk around New York wondering whether some bored cop in a van is checking out your skivvies — but by today’s police tech standards, the vans are actually relatively low-tech and benign. Departments large and small are using a host of new gadgets — from laser light weapons that can induce vomiting to surveillance systems that can predict crimes before they happen.

And what’s scariest of all is the majority of these technologies are being funneled down from the U.S. Military, down into neighborhoods that are most definitely not war zones. “After 15 years of war, there’s a demand for all these companies to find new markets for all these technologies,” said Joel Pruce a professor of human rights at the University of Dayton who studies police technology. “So it trickles down from the military to police.” The revelations about the backscatter vans were just one more sign that the future of policing is here, and it’s terrifying. [Continue reading…]

Facebooktwittermail

Judge deals a blow to NSA data collection program

The New York Times reports: A federal judge on Monday partly blocked the National Security Agency’s program that systematically collects Americans’ domestic phone records in bulk just weeks before the agency was scheduled to shut it down and replace it. The judge said the program was most likely unconstitutional.

In a separate case challenging the program, a federal appeals court in New York on Oct. 30 had declined to weigh in on the constitutional issues, saying it would be imprudent to interfere with an orderly transition to a replacement system after Nov. 29.

But on Monday, in a 43-page ruling, Judge Richard J. Leon of United States District Court for the District of Columbia wrote that the constitutional issues were too important to leave unanswered in the history of the program, which traces back to after the Sept. 11 terrorist attacks and came to light in 2013 in leaks by Edward J. Snowden, the former intelligence contractor. [Continue reading…]

Facebooktwittermail

Our web history reveals what we think and do. Shouldn’t that remain private?

By Paul Bernal, University of East Anglia

An overlooked aspect of the draft Investigatory Powers Bill is the significance of demanding that service providers store 12 months’ internet connection records. A record of every website visited and internet service connected to, the government presents this as the online equivalent of an itemised phone bill. But this is a false analogy: internet connection records carry far more detail than a phone book, and the government’s move to claim them represents an unprecedented intrusion into our lives.

Supporters of the bill suggest that this data provides a way of checking that someone accessed Facebook at a particular time, just as phone records can reveal that a user called a particular number at a certain time. But while this is true, it misunderstands the role the internet has in our lives, and consequently underplays how much it can reveal.

The phone is a communications tool, but we have complex online lives and use the internet for many things other than “communication”. We do almost everything online: we bank online, we shop, find relationships, listen to music, watch television and films, plan our holidays, read about and indulge our interests.

Access to the websites we visit, for an entire year, is not at all comparable to having an itemised telephone bill. It’s more equivalent to tailing someone as they visit the shops, the pub, the cinema, listen to the radio, go to the park and on holiday, read books and magazines and newspapers, and much more.

It’s not just the data that’s revealing, it’s the sort of direct, logical inferences that can be made given a web browsing history. For example, from the fact that someone visits sites connected with a particular religion, one can infer that they follow that religion. If they visit sites regarding a particular health condition, it’s possible to infer that they may suffer from that condition, or are worried about their health.

Continue reading

Facebooktwittermail

GCHQ’s surveillance hasn’t proved itself to be worth the cost to human rights

By Fiona de Londras, University of Birmingham

The release of yet more of Edward Snowden’s leaked files reveals the still-astonishing scale and breadth of government surveillance after more than a year of revelations. These recent papers revealed to The Intercept website discuss a programme within Britain’s GCHQ known as “Karma Police”, in which the intelligence agency gathered more than 1.1 trillion pieces of information on UK citizens between August 2007 and March 2009.

Spurred on by the expansion of intercept warrants under the Terrorism Act 2006, this information is users’ internet metadata – details of phone calls, email messages and browser connections that includes passwords, contacts, phone numbers, email addresses, and folders used to organise emails, but not the actual content of messages or emails.

Metadata can help identify people of interest, build profiles, and assist with decisions to start or escalate surveillance of individuals. All this information can be collected often at a fraction of the cost of doing this through traditional methods. In other words, metadata is not insignificant – and this is precisely why governments are so committed to collecting and processing it. However, bulk metadata collection – where information is collected from everyone whether a “person of interest” or not – is rightly a source of deep anxiety from both security and human rights perspectives.

Continue reading

Facebooktwittermail

If you’re not paranoid, you’re crazy

Walter Kirn writes: I knew we’d bought walnuts at the store that week, and I wanted to add some to my oatmeal. I called to my wife and asked her where she’d put them. She was washing her face in the bathroom, running the faucet, and must not have heard me—she didn’t answer. I found the bag of nuts without her help and stirred a handful into my bowl. My phone was charging on the counter. Bored, I picked it up to check the app that wirelessly grabs data from the fitness band I’d started wearing a month earlier. I saw that I’d slept for almost eight hours the night before but had gotten a mere two hours of “deep sleep.” I saw that I’d reached exactly 30 percent of my day’s goal of 13,000 steps. And then I noticed a message in a small window reserved for miscellaneous health tips. “Walnuts,” it read. It told me to eat more walnuts.

It was probably a coincidence, a fluke. Still, it caused me to glance down at my wristband and then at my phone, a brand-new model with many unknown, untested capabilities. Had my phone picked up my words through its mic and somehow relayed them to my wristband, which then signaled the app?

The devices spoke to each other behind my back—I’d known they would when I “paired” them—but suddenly I was wary of their relationship. Who else did they talk to, and about what? And what happened to their conversations? Were they temporarily archived, promptly scrubbed, or forever incorporated into the “cloud,” that ghostly entity with the too-disarming name?

It was the winter of 2013, and these “walnut moments” had been multiplying—jarring little nudges from beyond that occurred whenever I went online. One night the previous summer, I’d driven to meet a friend at an art gallery in Hollywood, my first visit to a gallery in years. The next morning, in my inbox, several spam e-mails urged me to invest in art. That was an easy one to figure out: I’d typed the name of the gallery into Google Maps. Another simple one to trace was the stream of invitations to drug and alcohol rehab centers that I’d been getting ever since I’d consulted an online calendar of Los Angeles–area Alcoholics Anonymous meetings. Since membership in AA is supposed to be confidential, these e‑mails irked me. Their presumptuous, heart-to-heart tone bugged me too. Was I tired of my misery and hopelessness? Hadn’t I caused my loved ones enough pain? [Continue reading…]

Facebooktwittermail

How Edward Snowden inadvertently helped Vladimir Putin’s internet crackdown

Andrei Soldatov and Irina Borogan write: In the 1990s the global nature of the Internet meant wires. When a user got connected, he could send his e-mail or visit a website anywhere in the world. In the 2000s the Internet meant the rise of global platforms that allowed users to share the same social networks, email services, search engines, and clouds. The Internet became more of a common ground for people from Argentina to Russia — they used the same Facebook, the same Twitter. That also meant that the information users exchanged was stored inside systems located far from the users — systems that could not be readily controlled by nations, their leaders, or their secret services. Most of the servers were located in the United States.

For Russian President Vladimir Putin, this was intolerable. In his mind the solution was simple: force the platforms — Facebook, Google, Twitter, and Apple among them — to locate their servers on Russian soil so Russian authorities could control them.

The challenge was how to do it.

The Kremlin obviously needed a pretext to put pressure on the global platforms to relocate their servers, and Edward Snowden’s revelations provided the perfect excuse to start the offensive. The members of the Russian parliament chosen by the Kremlin to define Internet legislation rushed to comment on his revelations. Legislation forcing global platforms to store Russians’ personal data in Russia was soon adopted, and came into force on Tuesday [Sept. 1], sending Western tech giants scrambling to comply. Russian censors announced plans to blacklist websites including Wikipedia, Github, the Wayback Machine, and BuzzFeed. Snowden had no say in the matter. [Continue reading…]

Facebooktwittermail

How GCHQ tracks web users’ online identities

The Intercept reports: There was a simple aim at the heart of the top-secret program: Record the website browsing habits of “every visible user on the Internet.”

Before long, billions of digital records about ordinary people’s online activities were being stored every day. Among them were details cataloging visits to porn, social media and news websites, search engines, chat forums, and blogs.

The mass surveillance operation — code-named KARMA POLICE — was launched by British spies about seven years ago without any public debate or scrutiny. It was just one part of a giant global Internet spying apparatus built by the United Kingdom’s electronic eavesdropping agency, Government Communications Headquarters, or GCHQ.

The revelations about the scope of the British agency’s surveillance are contained in documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps into Internet cables to monitor communications on a vast scale, but many details about what happens to the data after it has been vacuumed up have remained unclear.[Continue reading…]

Facebooktwittermail

AP sues over access to FBI records involving fake news story

The Associated Press reports: The Associated Press sued the U.S. Department of Justice Thursday over the FBI’s failure to provide public records related to the creation of a fake news story used to plant surveillance software on a suspect’s computer.

AP joined with the Reporters Committee for Freedom of the Press to file the lawsuit in U.S. District Court for the District of Columbia.

At issue is a 2014 Freedom of Information request seeking documents related to the FBI’s decision to send a web link to the fake article to a 15-year-old boy suspected of making bomb threats to a high school near Olympia, Washington. The link enabled the FBI to infect the suspect’s computer with software that revealed its location and Internet address.

AP strongly objected to the ruse, which was uncovered last year in documents obtained through a separate FOIA request made by the Electronic Frontier Foundation. [Continue reading…]

Facebooktwittermail