The National Security Agency is currently collecting the telephone records of millions of US customers of Verizon, one of America’s largest telecoms providers, under a top secret court order issued in April.
The order, a copy of which has been obtained by the Guardian, requires Verizon on an “ongoing, daily basis” to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.
The document shows for the first time that under the Obama administration the communication records of millions of US citizens are being collected indiscriminately and in bulk – regardless of whether they are suspected of any wrongdoing.
The secret Foreign Intelligence Surveillance Court (Fisa) granted the order to the FBI on April 25, giving the government unlimited authority to obtain the data for a specified three-month period ending on July 19.
Under the terms of the blanket order, the numbers of both parties on a call are handed over, as is location data, call duration, unique identifiers, and the time and duration of all calls. The contents of the conversation itself are not covered.
The disclosure is likely to reignite longstanding debates in the US over the proper extent of the government’s domestic spying powers.
Under the Bush administration, officials in security agencies had disclosed to reporters the large-scale collection of call records data by the NSA, but this is the first time significant and top-secret documents have revealed the continuation of the practice on a massive scale under President Obama.
It is not known whether Verizon is the only cell-phone provider to be targeted with such an order, although previous reporting has suggested the NSA has collected cell records from all major mobile networks. It is also unclear from the leaked document whether the three-month order was a one-off, or the latest in a series of similar orders.
The court order appears to explain the numerous cryptic public warnings by two US senators, Ron Wyden and Mark Udall, about the scope of the Obama administration’s surveillance activities.
For roughly two years, the two Democrats have been stridently advising the public that the US government is relying on “secret legal interpretations” to claim surveillance powers so broad that the American public would be “stunned” to learn of the kind of domestic spying being conducted.
Because those activities are classified, the senators, both members of the Senate intelligence committee, have been prevented from specifying which domestic surveillance programs they find so alarming. But the information they have been able to disclose in their public warnings perfectly tracks both the specific law cited by the April 25 court order as well as the vast scope of record-gathering it authorized. [READ]
When considering the implications of the massive digital Panopticon being developed today, it is important to reflect upon the impact upon individual liberty which even crude, old-fashioned surveillance causes. With the revelation that the New York Police Department had been conducting blanket-spying on Muslims living in New York City and its environs - using methods such as paid informants, wiretapping, detailed cataloguing of Muslim neighbourhoods, documentation of Muslim-owned businesses, infiltration of houses of worship, and many other invasive tactics, it can be observed what effects intensive monitoring can have on ordinary individuals. Throughout six years of spying on entire communities for no other reason than their religion, not a single lead or terrorism investigation was generated by the programme. Nonetheless, the damage done to the psyches of individuals who knew their community was deeply infiltrated was palpable. Communities and personal relationships were torn apart by government-induced suspicion and paranoia, as people became too afraid to speak or even associate with one another. … Given what relatively crude means of surveillance can do to a community, what long-term effect will a pervasive, technologically-advanced, multi-billion dollar national spying programme have on the fabric of society? One means of combatting seditious and unwanted speech is to simply make ordinary people too afraid to speak and commiserate with each other whatsoever, and the surveillance state being built today may ultimately accomplish this goal.
When considering the implications of the massive digital Panopticon being developed today, it is important to reflect upon the impact upon individual liberty which even crude, old-fashioned surveillance causes. With the revelation that the New York Police Department had been conducting blanket-spying on Muslims living in New York City and its environs - using methods such as paid informants, wiretapping, detailed cataloguing of Muslim neighbourhoods, documentation of Muslim-owned businesses, infiltration of houses of worship, and many other invasive tactics, it can be observed what effects intensive monitoring can have on ordinary individuals.
Throughout six years of spying on entire communities for no other reason than their religion, not a single lead or terrorism investigation was generated by the programme. Nonetheless, the damage done to the psyches of individuals who knew their community was deeply infiltrated was palpable. Communities and personal relationships were torn apart by government-induced suspicion and paranoia, as people became too afraid to speak or even associate with one another.
… Given what relatively crude means of surveillance can do to a community, what long-term effect will a pervasive, technologically-advanced, multi-billion dollar national spying programme have on the fabric of society? One means of combatting seditious and unwanted speech is to simply make ordinary people too afraid to speak and commiserate with each other whatsoever, and the surveillance state being built today may ultimately accomplish this goal.
Murtaza Hussain, An increasingly unchecked surveillance state
“Every day, collection systems at the National Security Agency intercept and store 1.7 billion e-mails, phone calls and other types of communications.”
The Justice Department has released 15 pages of completely blacked-out material in response to a request for information about how text messages from cellphones are intercepted. The American Civil Liberties Union says the Obama administration is reading emails and other electronic communications without a warrant, despite a court ruling against the practice. In response to a recent Freedom of Information Act request on the issue, the Justice Department released a memo with black rectangles covering every bit of text except the title, sender and recipient. ACLU spokesperson Josh Bell told ABC News: “We got very little information about the policy on text messages. [The document] does not even show the date, let alone what the policy is.”
Paperclipped to the last page of the redacted document was a sheet of white paper, blank, except for the phrase, perfectly centered both vertically and horizontally, “Go Fuck Yourself” in 12 pt. brush script.
“The FBI’s plan would effectively make an entire category of emerging secure platforms — such as the encrypted voice app Silent Circle or the Dropbox-like cloud storage service Spider Oak — illegal overnight.”
The FBI has some strange ideas about how to “update” federal surveillance laws: They’re calling for legislation to penalize online services that provide users with too much security.
I’m not kidding. The proposal was revealed in The Washington Post last week — and a couple days ago, a front-page story in The New York Times reported the Obama administration is preparing to back it.
Why? Federal law enforcement agencies like the FBI have long feared their wiretap capabilities would begin “going dark” as criminals and terrorists — along with ordinary citizens — shift from telephone networks, which are required to be wiretap-ready under the 1994 Communications Assistance for Law Enforcement Act (CALEA), to the dizzying array of online communications platforms available today.
While it’s not yet clear how dire the going-dark scenario really is, the statutory “cure” proposed by the FBI — with fines starting at $25,000 a day for companies that aren’t wiretap capable — would surely be worse than the disease.
The FBI’s misguided proposal would impose costly burdens on thousands of companies (and threaten to entirely kill those whose business model centers on providing highly secure encrypted communications), while making cloud solutions less attractive to businesses and users. It would aid totalitarian governments eager to spy on their citizens while distorting business decisions about software design. Perhaps worst of all, it would treat millions of law-abiding users with legitimate security needs as presumed criminals — while doing little to hamper actual criminals.
That is something that I don’t think most people realize,” [ACLU technologist, Christopher] Soghoian says. “Even if you turn on disk encryption with a password, these firms can and will provide the government with a way to get your data.
Apple deluged by police demands to decrypt iPhones
WASHINGTON — The Obama administration, resolving years of internal debate, is on the verge of backing a Federal Bureau of Investigation plan for a sweeping overhaul of surveillance laws that would make it easier to wiretap people who communicate using the Internet rather than by traditional phone services, according to officials familiar with the deliberations.
The F.B.I. director, Robert S. Mueller III, has argued that the bureau’s ability to carry out court-approved eavesdropping on suspects is “going dark” as communications technology evolves, and since 2010 has pushed for a legal mandate requiring companies like Facebook and Google to build into their instant-messaging and other such systems a capacity to comply with wiretap orders.
A recent article in The Wall Street Journal by Google Executive Chairman Eric Schmidt, “The Dark Side of the Digital Revolution,” makes for very scary reading. It is not so much because of what he and co-author Jared Cohen, the director of Google Ideas, have to say about how dictators can use new information technology to suppress dissent; we know those guys are evil. What is truly frightening is that the techniques of the totalitarian state are the same ones pioneered by so-called democracies where commercial companies, like Google, have made a hash of the individual’s constitutionally guaranteed right to be secure in his or her private space.
The dictators, mired in more technologically primitive societies, didn’t develop the fearsome new implements of control of the National Security State. Google and other leaders in this field of massively mined and shared information did. As the authors concede and expand on in their new book:
“Despite the expense, everything a regime would need to build an incredibly intimidating digital police state—including software that facilitates data mining and real-time monitoring of citizens—is commercially available right now. … Companies that sell data-mining software, surveillance cameras and other products will flaunt their work with one government to attract new business. It’s the digital analog to arms sales. …”
The Google execs have inadvertently let us in on the world that they inhabit, where the data mining of individual preferences—for such interests as sex and politics—can be cross filed and tabulated by supercomputers to be exploited for commercial gain. The drive for ever more detailed information on individual behavior is on with a vengeance in the profit-driven world of data mining, as anyone who observes the ads that mysteriously pop up during Internet browsing sessions well knows. But that invasive technology is now undergoing a massive revolutionary upgrade provided by the collection of vast numbers of biometric markers.
“Don’t think the data being collected by autocracies is limited to Facebook posts or Twitter comments,” Schmidt and Cohen warn. “The most important data they will collect in the future is biometric information, which can be used to identify individuals through their unique physical and biological attributes. Fingerprints, photographs and DNA testing are all familiar biometric data types today. … With cloud computing, it takes just seconds to compare millions of faces. … By indexing our biometric signatures, some governments will try to track our every move and word, both physically and digitally.” [++]
An annual report to the United States Senate by the Justice Department shows the Foreign Intelligence Surveillance Court did not deny one single request made to the court by federal law enforcement. All applications to conduct electronic surveillance or “physical searches for foreign intelligence purposes” were granted.
The maker of one of the Internet’s most popular browsers is taking on one of the world’s best-known purveyors of surveillance software, accusing a British company of hijacking the Mozilla brand to camouflage its espionage products.
The Mozilla Foundation — responsible for the Firefox browser — said late Tuesday that Gamma International Ltd. was passing off its FinFisher spy software as a Firefox product to avoid detection. Mozilla described the tactic as abusive.
“We are sending Gamma, the FinFisher parent company, a cease and desist letter demanding that these practices be stopped immediately,” Mozilla executive Alex Fowler said in a statement from the company, based in Mountain View, California.
Gamma, based in Andover, England, did not respond to seven emails. The company has ignored repeated questions from The Associated Press for more than a month.
Gamma’s FinFisher is one of many corporate-made viruses which have attracted scrutiny after the wave of Arab revolutions exposed the high-tech tools used by repressive regimes to stifle dissent. FinFisher — which can log keystrokes, record Skype calls, and turn webcams and cellphones into improvised surveillance devices — drew particular attention after a sales pitch for the spyware was discovered in an Egyptian state security building in 2011.
Citizen Lab, a research group based at the University of Toronto’s Munk School of Global Affairs, has since linked FinFisher to servers in 36 countries and found the virus hidden in documents including news updates from Bahrain and photographs of Ethiopian opposition figures. In a report published late Tuesday, Citizen Lab said that it had also found a FinFisher sample hiding in a document about Malaysia’s upcoming general election.
Citizen Lab’s Morgan Marquis-Boire said the evidence fell short of proving that FinFisher was being used by one government or another, but said its dispersal hinted at the global reach of espionage programs.
“It really shows the ubiquity of this type of software,” he said.
That ubiquity has already given Gamma a public relations headache. In March, the company was identified as one of five “corporate enemies of the Internet” by journalists’ lobbying group Reporters Without Borders. Earlier this month the rights group Privacy International sued the British government over allegations that Gamma had illegally exported its surveillance technology — an accusation the company has denied.
The legislation is intended to force these companies into finding technology solutions that would enable real-time surveillance.
A bipartisan committee voted on Thursday to advance a bill to clamp down on warrantless government searches of email and other private electronic information.
The bill seeks to modify the 1986 Electronic Communications Privacy Act (ECPA) and require government and law enforcement agencies to get a judge’s approval in most cases in order to access electronic communications. A vote is now expected next month, but while the bill has cross-party support law officials, regulators and some senators are pushing for amendments to weaken its impact.
Democratic senator Patrick Leahy, co-sponsor of the bill with Utah’s Republican senator Mike Lee, said: “I think Americans are very concerned about unwanted intrusions into our private lives in cyberspace. There’s no question if someone wants to go into your house and go through your files and draws you are going to need a search warrant. But if you have those same files in the cloud you ought to have the same sense of privacy.”
I think the privacy issue has really been taken off the table.
NYPD Commissioner Ray Kelly
CISPA is all but dead, again.
The controversial cybersecurity bill known as the Cyber Information Sharing and Protection Act, which passed the House of Representatives last week, will almost certainly be shelved by the Senate, according to a representative of the U.S. Senate Committee on Commerce, Science and Transportation.
The bill would have allowed the federal government to share classified “cyber threat” information with companies, but it also provided provisions that would have allowed companies to share information about specific users with the government.* Privacy advocates also worried that the National Security Administration would have gotten involved.
“We’re not taking [CISPA] up,” the committee representative says. “Staff and senators are divvying up the issues and the key provisions everyone agrees would need to be handled if we’re going to strengthen cybersecurity. They’ll be drafting separate bills.”
Sen. Jay Rockefeller, D-W.V., chairman of the committee, said the passage of CISPA was “important,” but said the bill’s “privacy protections are insufficient.”
* This is goodish news. However, “provisions that would have allowed companies to share information about specific users with the government” already exist, without CISPA, thanks to the Obama DOJ: U.S. gives big, secret push to Internet surveillance | CNET