Peek-a-boo I See Your Data!
Wikipedia
Electronic police states are characterized by government surveillance of telephone traffic, cellular telephone traffic, emails, Internet surfing, video surveillance, and other forms of electronic (including fiber optic) tracking. A crucial characteristic of this process is that the data is gathered universally and silently, and only later organized for use in prosecutions in legal proceedings.
The inhabitants of an electronic police state may be almost fully unaware that their communications and activities are being recorded by the state, or that these records are usable as evidence against them in courts of law. Those who are aware of these facts may be restrained in their complaints or actions against their governments, knowing that any embarrassing, juvenile or unlawful actions in their past can be pulled from pre-existing databases, which could lead to humiliation and/or criminal trials.
In addition, there is also a risk of such databases being widely used in civil proceedings, wherein opposing attorneys demand access to all evidence related to an individual, including vast government databases. This issue seems not to have been addressed by the legal system of any nation thus far.
The classification of a country or regime as an electronic police state may be debated. Because of the pejorative connotation of the term, no country has ever identified itself as an electronic police state. The classification is often established by one or more external critics.
Seventeen key factors for judging the development of an electronic police state have been suggested:
1.Daily Documents: Requirement of state-issued identity documents and registration.
2.Border Issues: Inspections at borders, searching computers, demanding decryption of data.
3.Financial Tracking: State’s ability to search and record all financial transactions: Checks, credit card use, wires, etc.
4.Gag Orders: Criminal penalties if you tell someone the state is searching their records.
5.Anti-Crypto Laws: Outlawing or restricting cryptography and/or privacy enhancing technologies (anonymity networks).
6.Constitutional Protection: A lack of constitutional protections for the individual, or the overriding of such protections.
7.Data Storage Ability: The ability of the state to store the data they gather.
8.Data Search Ability: The ability to search the data they gather.
9.ISP Data Retention: States forcing Internet Service Providers to save detailed records of all their customers’ Internet usage.
10.Telephone Data Retention: States forcing telephone companies to record and save records of all their customers’ telephone usage.
11.Cell Phone Records: States forcing cellular telephone companies to record and save records of all their customers’ usage.
12. Medical records: States demanding records from all medical service providers and retaining the same
13. Enforcement Ability: The state’s ability to use overwhelming force (exemplified by SWAT Teams) to seize anyone they want, whenever they want.
14.Habeas Corpus: Lack of habeas corpus – the right not to be held in jail without prompt due process. Or, the overriding of such protections.
15.Police-Intel Barrier: The lack of a barrier between police organizations and intelligence organizations. Or, the overriding of such barriers.
16.Covert Hacking: State operatives removing – or adding! – digital evidence to/from private computers covertly. Covert hacking can make anyone appear as any kind of criminal desired. One example of covert hacking software is Magic Lantern
17.Loose Warrants: Warrants issued without careful examination of police statements and other justifications by a truly independent judge.
This list does include factors that also apply to other forms of police states, such as the use of identity documents and police enforcement, but go considerably beyond them.
Electronic police states may outwardly be either dictatorial or democratic. The crucial elements are not politically based. So long as the regime can afford the technology, and the populace will permit it to be used, an electronic police state can form.
The NSA has, of course, been big news of late. But, astonishingly, the MSM and even Dkos members are questioning the importance of recent and not so recent revelations. A blow-by-blow list, of one aspect, is needed and will be attempted here. The seventeen key indicators for an electronic police state.
[Sarcasm] Take the quiz for your country today! [/Sarcasm]
[Be advised the proceeding section is expansive.]
Cowen Thorne
(Shock and Awed)
And here we go down the slipper slope metaphor of our eroded liberties under the tide of anti-terrorism hysteria...
1. Daily Documents: Requirement of state-issued identity documents and registration.
Appeals court clears way for Georgia’s show-me-your-papers statute to take effect
State and local police could soon start enforcing one of the most controversial parts of Georgia’s illegal immigration law now that a federal appeals court in Atlanta has issued a ruling in a related legal case.
At issue is a provision — nicknamed the “show-me-your-papers” law — that would give police the option to investigate the immigration status of suspects they believe have committed state or federal crimes and who cannot provide identification or other information that could help police identify them. It also would empower police to detain people determined to be in the country illegally and take them to jail.
"Show Me Your Papers" Law Takes Effect in Arizona
The law allows police, when in the process of investigating or enforcing other possible crimes, to demand proof of immigration status from those they suspect of not being documented US citizens.
A challenge of the controversial provision reached all the way to the US Supreme Court earlier this year, but the law was upheld on the grounds that it did not conflict with other federal statutes.
ACLU: Utah's "Show Me Your Papers" Law
HB 497 effectively turns Utah into a police state. Like the Arizona “show me your papers” law that inspired it, this law compels all people in the state of Utah, citizens and non-citizens alike, to carry identification documents on them at all times, just in case they are stopped by police officers and asked to prove their citizenship or immigration status. The law requires police to ask for and examine the identification documents of anyone they stop, detain or arrest. Depending on the level of alleged offense and identity-verification process, it either requires or authorizes the police to investigate the immigration status of that person. Even if someone who is stopped has one of the acceptable forms of identification, police officers can still reject it if they have “reasonable suspicion” that the documents are false. These “police state” tactics are more commonly associated with totalitarian regimes than with robust democracies.
2. Border Issues: Inspections at borders, searching computers, demanding decryption of data.
Andy Greenberg, This Machine Kills Secrets
But Appelbaum’s best evidence of Tor’s purity from Big Brother’s interference, perhaps, is his very public association with WikiLeaks, the American government’s least favorite website. In a surprise speech at the Hackers on Planet Earth conference in July 2010, Appelbaum gave a keynote address on behalf of WikiLeaks after Julian Assange decided that traveling to the United States spelled legal trouble. Since then, the U.S. government has expressed its displeasure with him by tasking Customs and Border Protection agents with harassing him every time he crosses the border, where the Fourth Amendment’s restrictions on searches and seizures abandon citizens. According to Appelbaum’s accounts, he’s often detained for hours, searched in intrusive bodily detail, and forced to miss any connecting flight.
In those detainment sessions, Appelbaum is separated from any phones, computers, or storage devices that he may be carrying, a painful security breach for a privacy-conscious cypherpunk. After abandoning several computers that he considered compromised, he no longer travels with a hard drive in his machines. How does that work? I ask. “Not very well,” he says.
He takes the harassment with a dose of humor, often live-blogging his run-ins with customs on Twitter and at least once leaving a spring-loaded snake inside a fake can of nuts for a customs agent to find. But the intimidation as he tries to reenter his own country serves as a constant reminder to Appelbaum of the looming threat of prosecution. When the agents interrogate him, he says the questions are always the same: “What’s your relationship to Julian Assange? What’s your association with WikiLeaks?”
Appelbaum usually responds to those questions with stony silence, and he won’t answer them for me either. But when I ask Appelbaum if Tor is in fact the powerful tool for anonymous whistleblowing that Assange and others believe it to be, he smiles. Then he quotes Assange quoting Oscar Wilde.
“Give a man a mask,” he says, “and he’ll tell you the truth.”
"Border search exception"
Currently, the main area of contention concerning the border search exception is its application to the search of the electronic files and information contained in travelers' laptops and other electronic storage devices for illlegal materials including child pornography. Two notable decisions have been rendered with the respective intermediate appellate courts backing the United States Government's position that the search of electronic devices falls under the category of property searches and that the devices are functionally and qualitatively equivalent to other closed containers.[10] According to this position, the Government asserts that it may open, login, and search through all the electronic information stored on traveler's electronic devices. The only federal appeals court to address this issue directly, the Ninth Circuit Court of Appeals, agreed with the government's position and held that "reasonable suspicion is not needed for customs officials to search a laptop or other electronic device at the international border."
Suit responds to growing complaints by U.S. citizens and immigrants of excessive or repeated screenings by U.S. Customs and Border Protection
Border Searches
The Asian Law Caucus (ALC) and EFF have filed suit against the U.S. Department of Homeland Security (DHS) for denying access to public records on the questioning and searches of travelers at U.S. borders.
The suit responds to growing complaints by U.S. citizens and immigrants of excessive or repeated screenings by U.S. Customs and Border Protection agents. ALC a San Francisco-based civil rights organization received more than 20 complaints from Northern California residents last year who said they were grilled about their families religious practices volunteer activities political beliefs or associations when returning to the United States from travels abroad. In addition customs agents examined travelers' books business cards collected from friends and colleagues handwritten notes personal photos laptop computer files and cell phone directories and sometimes made copies of this information.
Defending_privacy_Border-Slides.pdf
Border Search Policies: CBP
Customs and Border Protection agents can inspect
electronic devices and data at the border “with or
without individualized suspicion.”
• May keep for a “brief, reasonable” time
• May send device or data to other another agency to
seek help, e.g., with technical issues or decryption
• Unclear how privileged or sensitive data is handled
3. Financial Tracking: State’s ability to search and record all financial transactions: Checks, credit card use, wires, etc.
U.S. amasses Big Data on 10 million people as banks protest
The new US consumer finance watchdog is gearing up to monitor how millions of Americans use credit cards, take out mortgages, and overdraw their checking accounts. Their bankers aren’t happy about it.
The Consumer Financial Protection Bureau is demanding records from the banks and is buying anonymous information about at least 10 million consumers from companies including Experian.
While the goal is to sharpen enforcement and rule-making, banking executives question why the bureau is collecting so much without being more specific about the benefits.
U.S. to let spy agencies scour Americans' finances
(Reuters) - The Obama administration is drawing up plans to give all U.S. spy agencies full access to a massive database that contains financial data on American citizens and others who bank in the country, according to a Treasury Department document seen by Reuters.
The proposed plan represents a major step by U.S. intelligence agencies to spot and track down terrorist networks and crime syndicates by bringing together financial databanks, criminal records and military intelligence. The plan, which legal experts say is permissible under U.S. law, is nonetheless likely to trigger intense criticism from privacy advocates.
Financial institutions that operate in the United States are required by law to file reports of "suspicious customer activity," such as large money transfers or unusually structured bank accounts, to Treasury's Financial Crimes Enforcement Network (FinCEN).
The Federal Bureau of Investigation already has full access to the database. However, intelligence agencies, such as the Central Intelligence Agency and the National Security Agency, currently have to make case-by-case requests for information to FinCEN.
4. Gag Orders: Criminal penalties if you tell someone the state is searching their records.
Judge Keeps Gag Order In Place On ISP Boss Over Feds Demand For Info On Customer
The government has the ability to issue "national security letters" that let them demand information without a court warrant and at the same time gag those who are forced to reveal the info. Given such power, it's no surprise that the Justice Department abused it widely and conveniently forgot to report many of the uses when some oversight was attempted. The whole setup of NSLs seems highly questionable. What's wrong with actually getting a warrant? Adding a gag order to it is especially troubling -- so it was great to see an anonymous ISP owner pushback on such a use of NSLs. Last year, an appeals court limited when such NSLs could be used, tightening the standard. However, the lower court has said that, even with these tighter restrictions, the government's use of NSLs against this ISP was proper. Of course, it's difficult to determine if this actually makes sense, because the gov't revealed secret info to the judge that even those on the other side of the case were unable to see. The problem, obviously, is that there's simply no way to know if this is legit or not -- but any opportunity you give the government to say "just trust us" on being able to get otherwise private info with no oversight seems like an area ripe for abuse.
Judge Declares FBI Surveillance Gag Orders Unconstitutional
They are used by the FBI to bypass courts and conduct secret surveillance. But now, in what could prove to be a major blow to the Department of Justice, a federal court has found that National Security Letters are unconstitutional.
In a ruling released today, U.S. District Judge Susan Illston said that NSLs suffer from “significant constitutional defects” and violate the First Amendment because of the way they can be used to effectively gag companies that receive them. Illston has ordered the FBI to stop issuing NSLs and cease enforcing their gag provisions in all cases. However, the ruling has been stayed for 90 days, giving the government the chance to appeal to the 9th Circuit Court of Appeals because of the “constitutional and national security issues at stake.”
NSLs were created in the late 1970s to help the FBI obtain information about suspected foreign spies. But their use was expanded under the Patriot Act following 9/11, and they can now be used to order companies to provide data on Americans. Last week, Google disclosed that it had been forced to hand over data on thousands of its users in recent years after being served with NSLs—but it was able to divulge only vague information, rather than exact numbers. A company that receives a NSL can be forbidden from talking about it with anyone but a lawyer, or else potentially face years in prison.
No More Asking for Permission To Speak
The Patriot Act permits FBI agents to write their own search warrants and gives those warrants the patriotic and harmless-sounding name of national security letters (NSLs). This authorization is in direct violation of the Fourth Amendment to the U.S. Constitution, which says that the people shall be secure in their persons, houses, papers and effects from unreasonable searches and seizures, and that that security can only be violated by a search warrant issued by a neutral judge and based upon probable cause of crime.
The probable cause requirement compels the feds to acquire evidence of criminal behavior about the person whose records they seek, so as to prevent politically motivated invasions of privacy and fishing expeditions like those that were common in the colonial era. Judges are free, of course, to sign the requested warrant, to modify it and sign it, or to reject it if it lacks the underlying probable cause.
The very concept of a search warrant authorized by law enforcement and not by the courts is directly and profoundly antithetical to the Constitution -- no matter what the warrant is called. Yet, that's what Congress and President Bush made lawful when they gave us the Patriot Act.
When FBI agents serve the warrants they've written for themselves -- the NSLs as they call them -- they tell the recipient of the warrant that he or she will commit a felony if he or she tells anyone -- a lawyer, a judge, a spouse, a priest in confessional -- of the receipt of the warrant. The NSLs are typically not served on the person whose records the FBI wants; rather, they are served on the custodians of those records, such as computer servers, the Post Office, hospitals, banks, delivery services, telephone providers, etc.
Because of the Patriot Act's mandated silence, the person whose records the FBI seeks often never knows his or her records have been seized. Since October 2001, FBI agents and other federal agents have served more than 350,000 search warrants with which they have authorized themselves to conduct a search. Each time they have done so, they have warned the recipient of the warrant to remain silent or be prosecuted for telling the truth about the government.
Occasionally, recipients have not remained silent. They have understood their natural and constitutionally protected right to the freedom of speech and their moral and fiduciary duty to their customer or client, and they have moved in federal court either to suppress the warrant or for the right to tell the customer or client whose records are being sought that the FBI has come calling. Isn't that odd in America -- asking a judge for permission to tell the truth about the government?
5. Anti-Crypto Laws: Outlawing or restricting cryptography and/or privacy enhancing technologies (anonymity networks).
New Anti-Encryption Laws Won't Help Catch Criminals, But They Will Help Hackers Spy On You
Good news for hackers: The U.S. government may soon require online communications services to water down their encryption techniques.
The proposed legislation, which federal law enforcement and national security officials hope to present to Congress next year, would mandate that all services that can be used for online communications be capable of providing transcripts of their users’ emails or chats to the government if asked. The services would have to be able to intercept and decode all encrypted messages sent using their sites or software.
The rules would affect e-mail transmitters like BlackBerry, social networking sites like Facebook, and peer-to-peer messaging software like Skype. Officials hope to write the bill in general terms, without reference to specific technologies, so that other, yet unimagined, services would also fall under the regulations.
Barack Obama's pick for vice president is an ally of the music industry on copyright and the FBI on wiretaps. He also unintentionally spurred the creation of PGP.
Privacy, the FBI, and PGP
On privacy, Biden's record is hardly stellar. In the 1990s, Biden was chairman of the Judiciary Committee and introduced a bill called the Comprehensive Counter-Terrorism Act, which the EFF says he was "persuaded" to do by the FBI. A second Biden bill was called the Violent Crime Control Act. Both were staunchly anti-encryption, with this identical language:
It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law.
Translated, that means turn over your encryption keys. The book Electronic Privacy Papers describes Biden's bill as representing the FBI's visible effort to restrict encryption technology, which was taking place in concert with the National Security Agency's parallel, but less visible efforts. (Biden was no foe of the NSA. He once described now-retired NSA director Bobby Ray Inman as the "single most competent man in the government.")
Biden's bill -- and the threat of encryption being outlawed -- is what spurred Phil Zimmermann to write PGP, thereby kicking off a historic debate about export controls, national security, and privacy. Zimmermann, who's now busy developing Zfone, says it was Biden's legislation "that led me to publish PGP electronically for free that year, shortly before the measure was defeated after vigorous protest by civil libertarians and industry groups."
While neither of Biden's pair of bills became law, they did foreshadow the FBI's pro-wiretapping, anti-encryption legislative strategy that followed -- and demonstrated that the Delaware senator was willing to be a reliable ally of law enforcement on the topic. (They also previewed the FBI's legislative proposal later that decade for banning encryption products such as SSH or PGP without government backdoors, which was approved by one House of Representatives committee but never came to a vote in the Senate.)
6. Constitutional Protection: A lack of constitutional protections for the individual, or the overriding of such protections.
ACLU:Bush Administration Memo Says Fourth Amendment Does Not Apply To Military Operations Within U.S.
A newly disclosed secret memo authored by the Department of Justice's Office of Legal Counsel (OLC) in March 2003 that asserts President Bush has unlimited power to order brutal interrogations of detainees also reveals a radical interpretation of the Constitution's Fourth Amendment protection from unreasonable search and seizure. The memo, declassified yesterday as the result of an American Civil Liberties Union lawsuit, cites a still-secret DOJ memo from 2001 that found that the "Fourth Amendment had no application to domestic military operations."
The October 2001 memo was almost certainly meant to provide a legal basis for the National Security Agency's warrantless wiretapping program, which President Bush launched the same month the memo was issued. As a component of the Department of Defense, the NSA is a military agency.
"The recent disclosures underscore the Bush administration's extraordinarily sweeping conception of executive power," said Jameel Jaffer, Director of the ACLU's National Security Project. "The administration's lawyers believe the president should be permitted to violate statutory law, to violate international treaties, and even to violate the Fourth Amendment inside the U.S. They believe that the president should be above the law."
ACLU: FBI mapping and suspicionless spying, violate 1st, 4th and 14th amendments
The FBI has been using "mass suspicion" domestic spying for years, but the ACLU discovered the FBI has been using Census data for geospatial mapping based on "crude" and "unconstitutional stereotyping" of ethnic and religious groups. The FBI domestic spying may include "techniques such as physical surveillance, commercial and law enforcement database searches, FBI interviews, and informants." Intrusive investigations are launched; assessments require absolutely no suspicion whatsoever, and preliminary investigations are based on "mere speculation that a crime may be committed in the future." The filed suspicious activity reports (SARs) may forever stay in counterterrorism databases. As the ACLU stated, "Even when these investigations produce no evidence of wrongdoing, the FBI retains the information collected indefinitely." In other words, it's stomping the Constitution in the name of national security.
Last year, the ACLU reported that Americans are harassed and put under surveillance for simply exercising their First Amendment rights and that spying on free speech in America was nearly as bad now as it was during the Cold War. But the FBI has a history of spying on peaceful activists and groups "based on factually weak" possibilities of any federal crime. The FBI also has a history of lying to the Justice Department about the illegal surveillance. And that was before the FBI was granted even more authority via the 2011 edition of the Domestic Investigations and Operations Guide (DIOG) which will turn 14,000 FBI agents into a dumpster diving brigade. The newly expanded FBI spying powers require neither probable cause nor the need to be suspected of actual wrongdoing before scrutinizing your life. The ACLU said of these new snooping rights, that the FBI is "lowering its already rock bottom standards for surveillance."
Supreme Court Dismisses Challenge to FISA Amendments Act; EFF's Lawsuit Over NSA Warrantless Wiretapping Remains
Yesterday, the Supreme Court sadly dismissed the ACLU’s case, Clapper v. Amnesty International, which challenged the FISA Amendments Act (FAA)—the unconstitutional law that allows the government to wiretap Americans communcating with people overseas. Under the FAA, the government can conduct this surveillance without naming individuals and without a traditional probable cause warrant, as the Fourth Amendment requires.
The court didn’t address the constitutionality of the FAA itself, but instead ruled that the plaintiffs—a group of lawyers, journalists, and human rights advocates who regularly communicate with likely "targets" of FAA wiretapping—couldn’t prove the surveillance was "certainly impending," so therefore didn’t have the "standing" necessary to sue. In other words, since the Americans did not have definitive proof that they were being surveilled under the FAA—a fact the government nearly always keeps secret—they cannot challenge the constitutionality of the statute.
NSA Phone Record Collection 'Beyond Orwellian,' ACLU Says
The Obama administration's seizure of millions of phone Verizon phone records under a secret court order is "alarming" and "beyond Orwellian," an American Civil Liberties Union official said Wednesday.
...
“From a civil liberties perspective, the program could hardly be any more alarming," Jameel Jaffer, the deputy legal director of the ACLU, said in a statement. "It’s a program in which some untold number of innocent people have been put under the constant surveillance of government agents. It is beyond Orwellian, and it provides further evidence of the extent to which basic democratic rights are being surrendered in secret to the demands of unaccountable intelligence agencies.”
...
"This sort of widescale surveillance should concern all of us and is the kind of government overreach I've said Americans would find shocking," Udall said. "As a member of the Senate Intelligence Committee, it's why I will keep fighting for transparency and appropriate checks on the surveillance of Americans."
...
"The Patriot Act’s incredibly broad surveillance provision purportedly authorizes an order of this sort, though its constitutionality is in question and several senators have complained about it," the Center for Constitutional Rights said in a statement. "The Patriot Act provision requires the FBI to notify Congress about the number of such warrants, but this single order covering millions of people is a deceptive end-run around that disclosure requirement."
7. Data Storage Ability: The ability of the state to store the data they gather.
The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say)
But “this is more than just a data center,” says one senior intelligence official who until recently was involved with the program. The mammoth Bluffdale center will have another important and far more secret role that until now has gone unrevealed. It is also critical, he says, for breaking codes. And code-breaking is crucial, because much of the data that the center will handle—financial information, stock transactions, business deals, foreign military and diplomatic secrets, legal documents, confidential personal communications—will be heavily encrypted. According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: “Everybody’s a target; everybody with communication is a target.”
...
Given the facility’s scale and the fact that a terabyte of data can now be stored on a flash drive the size of a man’s pinky, the potential amount of information that could be housed in Bluffdale is truly staggering. But so is the exponential growth in the amount of intelligence data being produced every day by the eavesdropping sensors of the NSA and other intelligence agencies. As a result of this “expanding array of theater airborne and other sensor networks,” as a 2007 Department of Defense report puts it, the Pentagon is attempting to expand its worldwide communications network, known as the Global Information Grid, to handle yottabytes (1024 bytes) of data. (A yottabyte is a septillion bytes—so large that no one has yet coined a term for the next higher magnitude.)
It needs that capacity because, according to a recent report by Cisco, global Internet traffic will quadruple from 2010 to 2015, reaching 966 exabytes per year. (A million exabytes equal a yottabyte.) In terms of scale, Eric Schmidt, Google’s former CEO, once estimated that the total of all human knowledge created from the dawn of man to 2003 totaled 5 exabytes. And the data flow shows no sign of slowing. In 2011 more than 2 billion of the world’s 6.9 billion people were connected to the Internet. By 2015, market research firm IDC estimates, there will be 2.7 billion users. Thus, the NSA’s need for a 1-million-square-foot data storehouse. Should the agency ever fill the Utah center with a yottabyte of information, it would be equal to about 500 quintillion (500,000,000,000,000,000,000) pages of text.
NSA Building $860 Million Data Center in Maryland
As its current data collection makes headlines, the National Security Agency is continuing to expand its data storage and processing capabilities. The agency recently broke ground on an $860 million data center at Fort Meade, Maryland that will span more than 600,000 square feet, including 70,000 square feet of technical space.
Last month the NSA and the U.S. Army Corps of Engineers began building the High Performance Computing Center-2, an NSA-run facility that will be located on base at Fort Meade, which is home to much of the agency’s existing data center operations. The data center will be supported by 60 megawatts of power capacity, and will use both air-cooled and liquid-cooled equipment.
The NSA is already building a massive data center in Utah, investing up to $1.5 billion in a project that will feature up to 1 million square feet of facilities.
The construction at Fort Meade will see investment of $400 million in fiscal 2013 and $431 million in fiscal 2014. Up to 6,000 workers will be involved in the construction and development phase, the NSA said.
8. Data Search Ability: The ability to search the data they gather.
Massive NSA Phone Data-Mining Operation Revealed
Using the Patriot Act, the U.S. government has been secretly tracking the calls of every Verizon Business Network Services customer – whom they talked to, from where, and for how long – for the past 41 days, according to a report published by The Guardian.
"From a civil liberties perspective, the program could hardly be any more alarming. It’s a program in which some untold number of innocent people have been put under the constant surveillance of government agents," said Jameel Jaffer, American Civil Liberties Union deputy legal director. "It is beyond Orwellian, and it provides further evidence of the extent to which basic democratic rights are being surrendered in secret to the demands of unaccountable intelligence agencies."
The program was put in place under the Patriot Act’s Section 215, a controversial provision that authorizes the government to seek secret court orders for the production of "any tangible thing" relevant to a foreign-intelligence or terrorism investigation. Recipients of Section 215 orders, such as telecommunications companies, are prohibited from disclosing that they gave the government their customers’ records.
Newly Declassified Files Detail Massive FBI Data-Mining Project
A fast-growing FBI data-mining system billed as a tool for hunting terrorists is being used in hacker and domestic criminal investigations, and now contains tens of thousands of records from private corporate databases, including car-rental companies, large hotel chains and at least one national department store, declassified documents obtained by Wired.com show.
Headquartered in Crystal City, Virginia, just outside Washington, the FBI’s National Security Branch Analysis Center (NSAC) maintains a hodgepodge of data sets packed with more than 1.5 billion government and private-sector records about citizens and foreigners, the documents show, bringing the government closer than ever to implementing the “Total Information Awareness” system first dreamed up by the Pentagon in the days following the Sept. 11 attacks.
Such a system, if successful, would correlate data from scores of different sources to automatically identify terrorists and other threats before they could strike. The FBI is seeking to quadruple the known staff of the program.
9. ISP Data Retention: States forcing Internet Service Providers to save detailed records of all their customers’ Internet usage.
House panel approves broadened ISP snooping bill
Internet providers would be forced to keep logs of their customers' activities for one year--in case police want to review them in the future--under legislation that a U.S. House of Representatives committee approved today.
The 19 to 10 vote represents a victory for conservative Republicans, who made data retention their first major technology initiative after last fall's elections, and the Justice Department officials who have quietly lobbied for the sweeping new requirements, a development first reported by CNET.
A last-minute rewrite of the bill expands the information that commercial Internet providers are required to store to include customers' names, addresses, phone numbers, credit card numbers, bank account numbers, and temporarily-assigned IP addresses, some committee members suggested. By a 7-16 vote, the panel rejected an amendment that would have clarified that only IP addresses must be stored.
It represents "a data bank of every digital act by every American" that would "let us find out where every single American visited Web sites," said Rep. Zoe Lofgren of California, who led Democratic opposition to the bill.
[This Bill Never Became Law. Democracy limps, but lives.]
However...
Mandatory data retention laws
United States
Current Status: The United States currently has no mandatory data retention law. However, if providers of electronic communications or remote computing services store electronic communications or communications records, the government may obtain access to the stored data under the Stored Communications Act (SCA), enacted as part of the Electronic Communications Privacy Act in 1986. The SCA also establishes mandatory data preservation, under which providers must preserve stored data for up to 180 days on government request.
Precisely how government officials may compel providers to grant access to such data depends on several variables, including the type of service the company is providing the user, the type of data, and in the case of stored communications content, the length of time the data has been in storage. The SCA also allows providers to voluntarily disclose such data to the government in emergencies where delay in disclosure involves danger of death or serious physical injury to a person. In general, compelled access to communications content requires a court order. By contrast, compelled access to data such as user/subscriber name, address, telephone number, and records of phone calls and communications requires an administrative subpoena, which is not issued by a court.
Google Transparency Report Shows Government Snooping Up
Law enforcement is asking Google for its users' data more than ever -- and most of the time, they aren't getting a warrant first.
That's the takeaway from a Wednesday update to the Google Transparency Report with information that breaks down for the first time how often the FBI and local cops use a subpoena, as opposed to a warrant, to snoop on Google users' information.
From July to December 2012, Google revealed, the company received 8,438 total requests for information about 14,791 users or accounts in the United States. Requests were up 34 percent from 2011 to 2012.
Google has been disclosing requests from law enforcement for the past three years, making it one of the few email providers to do so. In that time, the number of requests has steadily ticked up -- no huge surprise, according to the company, since it has more users and more data.
10. Telephone Data Retention: States forcing telephone companies to record and save records of all their customers’ telephone usage.
Telecommunications data retention
In the field of telecommunications, data retention (or data preservation) generally refers to the storage of call detail records (CDRs) of telephony and internet traffic and transaction data (IPDRs) by governments and commercial organisations. In the case of government data retention, the data that is stored is usually of telephone calls made and received, emails sent and received and web sites visited. Location data is also collected.
The primary objective in government data retention is traffic analysis and mass surveillance. By analysing the retained data, governments can identify the locations of individuals, an individual's associates and the members of a group such as political opponents. These activities may or may not be lawful, depending on the constitutions and laws of each country. In many jurisdictions access to these databases may be made by a government with little or no judicial oversight (e.g. USA, UK, Australia).
Former FBI Agent: All Your Communications are Recorded, Government Accessible
"All of that stuff is being captured as we speak whether we know it or like it or not" -- former FBI agent
Are the U.S. Federal Bureau of Investigation (FBI) and other federal agencies secretly working with telecommunication firms to record your every call for later use, if necessary? That's the alarming possibility that's being raised by supposed leaks from government officials claiming that the investigation of last month's Boston bombing has refocused on phone calls the suspects placed to friends and family prior to the attack.
I. All Digital Communications Belong to Us
Concern intensified when on a segment of CNN's Out Front with Erin Burnett, former FBI counterterrorism agent Tim Clemente suggested that the FBI has access to every U.S. citizen's phone conversations past and present.
...
III. Surveillance Continues at Room 641a and Other Secret Locations
Meanwhile, in a 2007-era whistleblower-report supporting a lawsuit filed against the federal government by the Electronic Frontier Foundation, an expert witness suggested that the surveillance efforts were alive and well. The witness in a court deposition wrote that the NSA had worked with AT&T, Inc. (T), the second largest wireless carrier in the country on a program to "vacuum up" phone traffic, internet traffic, emails, and more without warrant.
In that report, a retired 22-year AT&T technician, Mark Klein, recalls "that the NSA set up a system that vacuumed up Internet and phone-call data from ordinary Americans with the cooperation of AT&T" and that "contrary to the government's depiction of its surveillance program as aimed at overseas terrorists . . . much of the data sent through AT&T to the NSA was purely domestic."
11. Cell Phone Records: States forcing cellular telephone companies to record and save records of all their customers’ usage.
Which Telecoms Store Your Data the Longest? Secret Memo Tells All
The nation’s major mobile-phone providers are keeping a treasure trove of sensitive data on their customers, according to newly-released Justice Department internal memo that for the first time reveals the data retention policies of America’s largest telecoms.
The single-page Department of Justice document, “Retention Periods of Major Cellular Service Providers,” (.pdf) is a guide for law enforcement agencies looking to get information — like customer IP addresses, call logs, text messages and web surfing habits – out of U.S. telecom companies, including AT&T, Sprint, T-Mobile and Verizon.
The document, marked “Law Enforcement Use Only” and dated August 2010, illustrates there are some significant differences in how long carriers retain your data.
Verizon, for example, keeps a list of everyone you’ve exchanged text messages with for the past year, according to the document. But T-Mobile stores the same data up to five years. It’s 18 months for Sprint, and seven years for AT&T.
That makes Verizon appear to have the most privacy-friendly policy. Except that Verizon is alone in retaining the actual contents of text messages. It allegedly stores the messages for five days, while T-Mobile, AT&T, and Sprint don’t store them at all.
The document was unearthed by the American Civil Liberties Union of North Carolina via a Freedom of Information Act claim. (After the group gave a copy to Wired.com, we also discovered it in two other places on the internet by searching its title.)
Is Big Data Turning the Government into Big Brother?
The revelations that the National Security Agency is perusing millions of U.S. customer phone records at Verizon Communications and snooping on the digital communications stored by nine major Internet services illustrate how aggressively personal data is being collected and analyzed.
Verizon is handing over so-called metadata, excerpts from millions of U.S. customer records, to the NSA under an order issued by the secretive Foreign Intelligence Surveillance Court, according to a report in the British newspaper The Guardian. The report was confirmed Thursday by Sen. Dianne Feinstein, D-Calif., who chairs the Senate Intelligence Committee.
Former NSA employee William Binney told the Associated Press that he estimates the agency collects records on 3 billion phone calls each day.
The NSA and FBI appear to be casting an even wider net under a clandestine program code-named “PRISM” that came to light in a story posted late Thursday by The Washington Post. PRISM gives the U.S. government access to email, documents, audio, video, photographs and other data that people entrust to some of the world’s best known companies, according to The Washington Post. The newspaper said it reviewed a confidential roster of companies and services participating in PRISM. The companies included AOL Inc., Apple Inc., Facebook Inc., Google Inc., Microsoft Corp., Yahoo Inc., Skype, YouTube and Paltalk.
12. Medical records: States demanding records from all medical service providers and retaining the same.
FBI retains access to medical records under the newly reauthorized Patriot Act
The renewed USA Patriot Act continues to allow the FBI to search confidential medical records as part of counterterrorism investigations but provides new legal options for physicians ordered to hand over patients' records.
The bill's passage this month came after months of delays and negotiations over key provisions of the federal antiterrorism law, which some lawmakers criticized for not adequately protecting civil liberties. In the end, the bill passed by wide margins in both chambers -- 89-10 in the Senate and 280-138 in the House.
Surveillance Under the USA PATRIOT Act
1. Expanded access to personal records held by third parties
One of the most significant provisions of the Patriot Act makes it far easier for the authorities to gain access to records of citizens' activities being held by a third party. At a time when computerization is leading to the creation of more and more such records, Section 215 of the Patriot Act allows the FBI to force anyone at all - including doctors, libraries, bookstores, universities, and Internet service providers - to turn over records on their clients or customers.
Unchecked power
The result is unchecked government power to rifle through individuals' financial records, medical histories, Internet usage, bookstore purchases, library usage, travel patterns, or any other activity that leaves a record. Making matters worse:
The government no longer has to show evidence that the subjects of search orders are an "agent of a foreign power," a requirement that previously protected Americans against abuse of this authority.
The FBI does not even have to show a reasonable suspicion that the records are related to criminal activity, much less the requirement for "probable cause" that is listed in the Fourth Amendment to the Constitution. All the government needs to do is make the broad assertion that the request is related to an ongoing terrorism or foreign intelligence investigation.
Judicial oversight of these new powers is essentially non-existent. The government must only certify to a judge - with no need for evidence or proof - that such a search meets the statute's broad criteria, and the judge does not even have the authority to reject the application.
Surveillance orders can be based in part on a person's First Amendment activities, such as the books they read, the Web sites they visit, or a letter to the editor they have written.
A person or organization forced to turn over records is prohibited from disclosing the search to anyone. As a result of this gag order, the subjects of surveillance never even find out that their personal records have been examined by the government. That undercuts an important check and balance on this power: the ability of individuals to challenge illegitimate searches.
Doctors outraged at Patriot Act's potential to seize medical record
US doctors across the political spectrum are protesting at a provision in the Patriot Act that allows the government to seize patients' medical records without a probable cause or a warrant. The act prohibits doctors from telling anyone, including the patient, that their sensitive medical records have been seized. Doctors who violate the gagging order can be fined and prosecuted for obstruction of justice.
The Association of American Physicians and Surgeons (a libertarian group based in Tucson, Arizona) and the American Civil Liberties Union, which has many doctor members, have joined in a coalition, called Patriots to Restore Checks and Balances, to urge Congress to amend Section 215 of the act. The provision, which only recently came to light, allows the Federal Bureau of Investigation (FBI) to get a secret court order to seize “any tangible things,” including medical records, student or work records, and even library records. Coalition members say that medical records are unlikely to provide useful information about terrorists.
The act, passed in the wake of the 11 September 2001 terrorist attacks, gives the government a broad range of rights to monitor US citizens and is set to expire on 3 February. President Bush is urging Congress to renew the act. He said, “We're still under threat, there's still an enemy that wants to harm us, and they understand the Patriot Act is an important tool for those of us here in the executive branch to use to protect our fellow citizens.”
13. Enforcement Ability: The state’s ability to use overwhelming force (exemplified by SWAT Teams) to seize anyone they want, whenever they want.
ACLU Launches Nationwide Police Militarization Investigation
The American Civil Liberties Union (ACLU) has launched a nationwide campaign to assess police militarization in the United States. Starting Wednesday, ACLU affiliates in 23 states are sending open records requests to hundreds of state and local police agencies requesting information about their SWAT teams, such as how often and for what reasons they're deployed, what types of weapons they use, how often citizens are injured during SWAT raids, and how they're funded. More affiliates may join the effort in the coming weeks.
Additionally, the affiliates will ask for information about drones, GPS tracking devices, how much military equipment the police agencies have obtained through programs run through the Pentagon and the Department of Homeland Security, and how often and for what purpose state National Guards are participating in enforcement of drug laws.
"We've known for a while now that American neighborhoods are increasingly being policed by cops armed with the weapons and tactics of war," said Kara Dansky, senior counsel at the ACLU's Center for Justice, which is coordinating the investigation. "The aim of this investigation is to find out just how pervasive this is, and to what extent federal funding is incentivizing this trend."
SWAT Teams Replace Civilian Police: Target Minority Communities
Experts partially blame the militarization of police forces on the proliferation of military-style weapons in the general public. As gangs and drug dealers became much more heavily armed, the police became increasingly militarized. Cheap war-surplus material was made available as a result of the military spending cuts at the end of the Cold War, and the abundance of military hardware facilitated the trend towards high-tech weaponry on both sides of the drug war.
...
According to the author, paramilitary forces now specifically target minority groups and communities. Joseph McNamara, of the Hoover Institution at Stanford University, points to the racism evident in many of the incidents occurring where paramilitary forces are used. Most of the paramilitary operations occur in inner-city neighborhoods. During an “Operation Readi-Rock” raid in North Carolina, an entire block of an African-American neighborhood was isolated. Nearly 100 black individuals were detained, while all whites were allowed to leave the area.
How the War on Terror Has Militarized the Police
Undoubtedly, American police departments have substantially increased their use of military-grade equipment and weaponry to perform their counterterrorism duties, adopting everything from body armor to, in some cases, attack helicopters. The logic behind this is understandable. If superior, military-grade equipment helps the police catch more criminals and avert, or at least reduce, the threat of a domestic terror attack, then we ought deem it an instance of positive sharing of technology -- right? Not necessarily. Indeed, experts in the legal community have raised serious concerns that allowing civilian law enforcement to use military technology runs the risk of blurring the distinction between soldiers and peace officers.
This is especially true in cases where, much to the chagrin of civil liberty advocates, police departments have employed their newly acquired military weaponry not only to combat terrorism but also for everyday patrolling. Before 9/11, the usual heavy weaponry available to a small-town police officer consisted of a standard pump-action shot gun, perhaps a high power rifle, and possibly a surplus M-16, which would usually have been kept in the trunk of the supervising officer's vehicle. Now, police officers routinely walk the beat armed with assault rifles and garbed in black full-battle uniforms. When one of us, Arthur Rizer, returned from active duty in Iraq, he saw a police officer at the Minneapolis airport armed with a M4 carbine assault rifle -- the very same rifle Arthur carried during his combat tour in Fallujah.
14. Habeas Corpus: Lack of habeas corpus – the right not to be held in jail without prompt due process. Or, the overriding of such protections.
Death Row Inmates Must Not Be Denied Habeas Corpus
Propelled by a wave of tough-on-crime rhetoric, Congress legislated substantial curtailment of the availability of the writ for state prisoners challenging their death sentences in federal court. Under this 1996 law, despite federal courts’ historical duty to "say what the law is" (a duty the Bounmedine court reaffirmed), a federal court cannot order the writ of habeas corpus for a death-sentenced prisoner whose constitutional rights have been violated. Only in the event that a federal judge determines that a state court unreasonably applied binding Supreme Court precedent, may she order the writ of habeas corpus. The 1996 law also passed stringent deadlines for seeking the writ. The right to the great writ is extinguished when death-row inmates miss these deadlines, even through no fault of their own. Given the appointment in many states of incompetent, untrained, and under-resourced attorneys to handle habeas and post-conviction matters, deadlines are frequently missed. The ACLU Capital Punishment Project recently documented an astonishing sixteen capital cases in which private lawyers employed in Florida missed their clients’ deadlines for seeking federal habeas review.
Making matters worse, in 2005, Congress passed legislation allowing some states to apply even more draconian deadlines for the filing and processing of federal habeas petitions — subject not to the approval of the federal courts or some neutral body, but to the approval of the nation’s top prosecutor, the attorney general.
Antiterrorism and Effective Death Penalty Act
In 1996, following the Oklahoma City bombing, Congress passed (91–8–1 in the Senate, 293–133–7 in the House) and President Clinton signed into law the Antiterrorism and Effective Death Penalty Act of 1996 (AEDPA). The AEDPA was intended to "deter terrorism, provide justice for victims, provide for an effective death penalty, and for other purposes." The AEDPA introduced one of the few limitations on habeas corpus. For the first time, its Section 101 set a statute of limitations of one year following conviction for prisoners to seek the writ. The Act limits the power of federal judges to grant relief unless the state court's adjudication of the claim has resulted in a decision that
* Is contrary to, or has involved an unreasonable application of clearly established federal law as determined by the Supreme Court of the United States; or
* Has resulted in a decision that was based on an unreasonable determination of the facts in light of the evidence presented in the state court proceeding.
It generally but not absolutely barred second or successive petitions, with several exceptions. Petitioners who had already filed a federal habeas petition were required first to secure authorization from the appropriate United States Court of Appeals, to ensure that such an exception was at least facially made out.
...
The November 13, 2001 Presidential Military Order purported to give the President of the United States the power to detain non-citizens suspected of connection to terrorists or terrorism as enemy combatants. As such, that person could be held indefinitely, without charges being filed against him or her, without a court hearing, and without legal counsel. Many legal and constitutional scholars contended that these provisions were in direct opposition to habeas corpus, and the United States Bill of Rights. However in Hamdi v. Rumsfeld (2004)[32] the U.S. Supreme Court re-confirmed the right of every American citizen to access habeas corpus even when declared to be an enemy combatant. The Court affirmed the basic principle that habeas corpus could not be revoked in the case of a citizen.
In Hamdan v. Rumsfeld (2006)[33] Salim Ahmed Hamdan petitioned for a writ of habeas corpus, challenging that the military commissions set up by the Bush administration to try detainees at Guantanamo Bay "violate both the UCMJ and the four Geneva Conventions." In a 5-3 ruling the Court rejected Congress's attempts to strip the court of jurisdiction over habeas corpus appeals by detainees at Guantánamo Bay. Congress had previously passed the Department of Defense Appropriations Act, 2006 which stated in Section 1005(e), "Procedures for Status Review of Detainees Outside the United States":
(1) Except as provided in section 1005 of the Detainee Treatment Act of 2005, no court, justice, or judge shall have jurisdiction to hear or consider an application for a writ of habeas corpus filed by or on behalf of an alien detained by the Department of Defense at Guantanamo Bay, Cuba. (2)The jurisdiction of the United States Court of Appeals for the District of Columbia Circuit on any claims with respect to an alien under this paragraph shall be limited to the consideration of whether the status determination ... was consistent with the standards and procedures specified by the Secretary of Defense for Combatant Status Review Tribunals (including the requirement that the conclusion of the Tribunal be supported by a preponderance of the evidence and allowing a rebuttable presumption in favor of the Government's evidence), and to the extent the Constitution and laws of the United States are applicable, whether the use of such standards and procedures to make the determination is consistent with the Constitution and laws of the United States.
On 29 September 2006, the U.S. House and Senate approved the Military Commissions Act of 2006, a bill which suspended habeas corpus for any alien determined to be an "unlawful enemy combatant engaged in hostilities or having supported hostilities against the United States"[34][35] by a vote of 65-34. (This was the result on the bill to approve the military trials for detainees; an amendment to remove the suspension of habeas corpus failed 48-51.[36]) President Bush signed the Military Commissions Act of 2006 (MCA) into law on October 17, 2006. With the MCA's passage, the law altered the language from "alien detained ... at Guantanamo Bay":
Except as provided in section 1005 of the Detainee Treatment Act of 2005, no court, justice, or judge shall have jurisdiction to hear or consider an application for a writ of habeas corpus filed by or on behalf of an alien detained by the United States who has been determined by the United States to have been properly detained as an enemy combatant or is awaiting such determination." §1005(e)(1), 119 Stat. 2742.
15. Police-Intel Barrier: The lack of a barrier between police organizations and intelligence organizations. Or, the overriding of such barriers.
DHS ‘fusion centers’ portrayed as pools of ineptitude, civil liberties intrusions
Some analysts at the department’s Office of Intelligence and Analysis, which received the fusion center reports, were found to be so unproductive that supervisors imposed quotas for reports, knowing those quotas would diminish the quality of the intelligence, according to the Senate report. Many of those analysts at the DHS intelligence office were contractors.
Investigators found instances in which the analysts used intelligence about U.S. citizens that may have been gathered illegally. In one case, a fusion center in California wrote a report on a notorious gang, the Mongols Motorcycle Club, that had distributed leaflets telling its members to behave when they got stopped by police. The leaflet said members should be courteous, control their emotions and, if drinking, have a designated driver.
“There is nothing illegal or even remotely objectionable [described] in this report,” one supervisor wrote about the draft before killing it. “The advice given to the groups’ members is protected by the First Amendment.”
US intelligence budget: $75 billion and 200,000 employees. Fusion centers will have access to classified military intelligence
In unveiling an unclassified version of the National Intelligence Strategy (NIS), Blair asserts he is seeking to break down "this old distinction between military and nonmilitary intelligence," stating that the "traditional fault line" separating secretive military programs from overall intelligence activities "is no longer relevant."
As if to emphasize the sweeping nature of Blair's remarks, Federal Computer Week reported September 17 that "some non-federal officials with the necessary clearances who work at intelligence fusion centers around the country will soon have limited access to classified terrorism-related information that resides in the Defense Department's classified network." According to the publication:
Under the program, authorized state, local or tribal officials will be able to access pre-approved data on the Secret Internet Protocol Router Network. However, they won't have the ability to upload data or edit existing content, officials said. They also will not have access to all classified information, only the information that federal officials make available to them.
The non-federal officials will get access via the Homeland Security department's secret-level Homeland Security Data Network. That network is currently deployed at 27 of the more than 70 fusion centers located around the country, according to DHS. Officials from different levels of government share homeland security-related information through the fusion centers. (Ben Bain, "DOD opens some classified information to non-federal officials," Federal Computer Week, September 17, 2009)
Since the September 11, 2001 terrorist attacks, the federal government has encouraged the explosive growth of fusion centers. As envisaged by securocrats, these hybrid institutions have expanded information collection and sharing practices from a wide variety of sources, including commercial databases, among state and local law enforcement agencies, the private sector and federal security agencies, including military intelligence.
But early on, fusion centers like the notorious "red squads" of the 1960s and '70s, morphed into national security shopping malls where officials monitor not only alleged terrorists but also left-wing and environmental activists deemed threats to the existing corporate order.
The Homeland Security Apparatus: Fusion Centers, Data Mining and Private Sector Partners
Following the terrorist attacks of September 11, 2001, a nationwide "homeland security""counter terrorism" apparatus emerged. Components of this apparatus include the U.S. Department of Homeland Security, the Office of the Director of National Intelligence, the National Counterterrorism Center, and state/regional "fusion centers." Fusion centers, by and large, are staffed with personnel working in "counter terrorism" "homeland security" units of municipal, county, state, tribal and federal law enforcement/public safety/"counter terrorism" agencies. To a large degree, the "counter terrorism" operations of municipal, county, state and tribal agencies engaged in fusion centers are financed through a number of U.S. Department of Homeland Security grant programs.
Initially, fusion centers were intended to be intelligence sharing partnerships between municipal, county, state, tribal and federal law enforcement/"counter terrorism" agencies, dedicated solely to the dissemination/sharing of "terrorism"-related intelligence. However, shortly following the creation of fusion centers, their focus shifted from this exclusive interest in "terrorism," to one of "all hazards"-- an umbrella term used to describe virtually anything (including "terrorism") that may be deemed a "hazard" to the public, or to certain private sector interests. And, as has been mandated through a series of federal legislative actions and presidential executive orders, fusion centers (and the "counter terrorism" entities that they are comprised of) work-- in ever closer proximity-- with private corporations, with the stated aim of protecting items deemed to be "critical infrastructure/key resources."
16. Covert Hacking: State operatives removing – or adding! – digital evidence to/from private computers covertly. Covert hacking can make anyone appear as any kind of criminal desired. One example of covert hacking software is Magic Lantern
Magic Lantern
Magic Lantern can reportedly be installed remotely, via an e-mail attachment or by exploiting common operating system vulnerabilities, unlike previous keystroke logger programs used by the FBI.[3][4] It has been variously described as a virus and a Trojan horse. It is not known how the program might store or communicate the recorded keystrokes.
In response to a Freedom of Information Act request filed in 2000 by the Electronic Privacy Information Center, the FBI released a series of unclassified documents relating to Carnivore, which included the "Enhanced Carnivore Project Plan". Sullivan's confidential source said that redacted portions of that document mention "Cyber Knight",
a database that sorts and matches data gathered using various Carnivore-like methods from e-mail, chat rooms, instant messages, and Internet phone calls. It also matches files with captured encryption keys.
...
When asked if Magic Lantern would need a court order to deploy, FBI spokesman Paul Bresson would not comment, stating: "Like all technology projects or tools deployed by the FBI it would be used pursuant to the appropriate legal process."[14][15] Proponents of Magic Lantern argue the technology would allow law enforcement to efficiently and quickly decrypt messages protected by encryption schemes. Implementing Magic Lantern does not require physical access to a suspect's computer, unlike Carnivore, a predecessor to Magic Lantern, since physical access to a computer would require a court order.
Carnivore
The Carnivore system was a Microsoft Windows-based workstation with packet-sniffing software and a removable disk drive.[2] This computer must be physically installed at an Internet service provider (ISP) or other location where it can "sniff" traffic on a LAN segment to look for email messages in transit. The technology itself was not highly advanced — it used a standard packet sniffer and straightforward filtering. The critical components of the operation were the filtering criteria. To accurately match the appropriate subject, an elaborate content model was developed.
Official Statement:
The Carnivore device works much like commercial "sniffers" and other network diagnostic tools used by ISPs every day, except that it provides the FBI with a unique ability to distinguish between communications which may be lawfully intercepted and those which may not. For example, if a court order provides for the lawful interception of one type of communication (e.g., e-mail), but excludes all other communications (e.g., online shopping) the Carnivore tool can be configured to intercept only those e-mails being transmitted either to or from the named subject. ... [it] is a very specialized network analyzer or "sniffer" which runs as an application program on a normal personal computer under the Microsoft Windows operating system. It works by "sniffing" the proper portions of network packets and copying and storing only those packets which match a finely defined filter set programmed in conformity with the court order. This filter set can be extremely complex, and this provides the FBI with an ability to collect transmissions which comply with pen register court orders, trap & trace court orders, Title III interception orders, etc.... ...It is important to distinguish now what is meant by "sniffing." The problem of discriminating between users' messages on the Internet is a complex one. However, this is exactly what Carnivore does. It does NOT search through the contents of every message and collect those that contain certain key words like "bomb" or "drugs." It selects messages based on criteria expressly set out in the court order, for example, messages transmitted to or from a particular account or to or from a particular user.
FBI Files Unlock History Behind Clandestine Cellphone Tracking Tool
Stingrays, as I’ve reported here before, are portable surveillance gadgets that can trick phones within a specific area into hopping onto a fake network. The feds call them “cell-site simulators” or “digital analyzers,” and they are sometimes also described as “IMSI catchers.” The FBI says it uses them to target criminals and help track the movements of suspects in real time, not to intercept communications. But because Stingrays by design collaterally gather data from innocent bystanders’ phones and can interrupt phone users’ service, critics say they may violate a federal communications law.
A fresh trove of FBI files on cell tracking, some marked “secret,” was published this week by the Electronic Privacy Information Center. They shed light on how, far from being a “new” tool used by the authorities to track down targets, Stingray-style technology has been in the hands of the feds since about 1995 (at least). During that time, local and state law enforcement agencies have also been able to borrow the spy equipment in “exceptional circumstances,” thanks to an order approved by former FBI Director Louis Freeh.
EPIC, a civil liberties group, obtained the documents through ongoing Freedom of Information Act litigation that it is pursuing in order to get the feds to hand over some 25,000 pages of documents that relate to Stingray tools, about 6,000 of which are classified. The FBI has been drip-releasing the documents monthly, and there have been a couple of interesting nuggets in the batches so far—like a disclosure that the FBI has a manual called “cell tracking for dummies” and details hinting that the feds are well aware the use of Stingrays is in shaky legal territory.
How Your Cell Phone Make Spying Easier for the Government and Police
Your wireless company is tracking you with GPS, recording your phone calls and text messages . . . and they are selling the information they collect to other corporations, nations, governments – anyone willing to pay for the data. The US government is one of the wireless corporation’s biggest client. They are collecting yotabytes of data from multiple sources on all American citizens.
Like a prisoner, your cell phone knows where you go, what you do, when you do it. And so does the US governmental agencies that are interested in this information. CIA hackers are being utilized with spyware that allow them to listen in on your cell phone conversations. Even when you phone is turned off, it can be remotely controlled, record information, take pictures, and send this information to the CIA, DHS, NSA, or whoever is controlling your phone.
17. Loose Warrants: Warrants issued without careful examination of police statements and other justifications by a truly independent judge.
New Justice Department Documents Show Huge Increase in Warrantless Electronic Surveillance
Justice Department documents released today by the ACLU reveal that federal law enforcement agencies are increasingly monitoring Americans’ electronic communications, and doing so without warrants, sufficient oversight, or meaningful accountability.
The documents, handed over by the government only after months of litigation, are the attorney general’s 2010 and 2011 reports on the use of “pen register” and “trap and trace” surveillance powers. The reports show a dramatic increase in the use of these surveillance tools, which are used to gather information about telephone, email, and other Internet communications. The revelations underscore the importance of regulating and overseeing the government’s surveillance power. (Our original Freedom of Information Act request and our legal complaint are online.)
Pen register and trap and trace devices are powerfully invasive surveillance tools that were, twenty years ago, physical devices that attached to telephone lines in order to covertly record the incoming and outgoing numbers dialed. Today, no special equipment is required to record this information, as interception capabilities are built into phone companies’ call-routing hardware.
Supreme Court Thwarts Challenge to Warrantless Surveillance
The 5-4 decision (.pdf) by Justice Samuel Alito was a clear victory for the President Barack Obama administration, which like its predecessor, argued that government wiretapping laws cannot be challenged in court. What’s more, the outcome marks the first time the Supreme Court decided any case touching on the eavesdropping program that was secretly employed in the wake of 9/11 by the President George W. Bush administration, and eventually codified into law twice by Congress.
A high court majority concluded that, because the eavesdropping is done secretly, the American Civil Liberties Union, journalists and human-rights groups that sued to nullify the law have no legal standing to sue — because they have no evidence they are being targeted by the FISA Amendments Act. Some of the plaintiffs, which the court labeled “respondents,” are also journalists and among other things claimed the 2008 legislation has chilled their speech and violated their Fourth Amendment privacy rights.
The act, known as §1881, authorizes the government to electronically eavesdrop on Americans’ phone calls and e-mails without a probable-cause warrant so long as one of the parties to the communication is outside the United States. The communications may be intercepted “to acquire foreign intelligence information.”
Report: Obama Officials Authorized New 'Cybersecurity' Warrantless Surveillance Program, Fresh Immunity Given to ISPs
Yesterday, in a disturbing report published on CNET, new documents obtained by EPIC reveal that Obama administration officials have authorized a new government program involving the interception of communications on Internet service providers, including AT&T—one of the key players in the NSA warrantless wiretapping program.
Under long-standing federal law, the government needs to use legal process to compel service providers to hand over customer communications, yet reportedly, the government is promising these companies they will not to prosecute them for violating US wiretapping laws if they hand over the information voluntarily. And the secret surveillance authorization seems quite broad, touching on huge swaths of private, domestic activity:
The secret legal authorization from the Justice Department originally applied to a cybersecurity pilot project in which the military monitored defense contractors' Internet links. Since then, however, the program has been expanded by President Obama to cover all critical infrastructure sectors including energy, healthcare, and finance starting June 12.
CNET reported also that the National Security Agency (NSA) and Department of Defense were “deeply involved in press for the secret legal authorization” further underscoring widespread worries that the military may be given access to Americans’ personal information through cybersecurity operations. The report comes as Congress is debating CISPA, a dangerous bill that carves a “cybersecurity” loophole in all our privacy laws.
While we are still sifting through the more than thousand pages of documents—obtained by EPIC Privacy through the Freedom of Information Act and posted to their website—the most controversial aspect of this program seems to be that the government has not used legal process to obtain Internet traffic from AT&T and other ISPs involved in the program. Instead, the Justice Department has handed them what the Justice Department calls a “2511 letter”—named after a section of the Wiretap Act—which purports to immunize them from prosecution.
Section 2511 makes it a crime to wiretap—intercept electronic communications—with some exceptions, like a properly issued warrant. It provides no exception for a letter from the Justice Department. CNET reported an industry representative told them "the 2511 letters provided legal immunity to the providers by agreeing not to prosecute for criminal violations of the Wiretap Act. It's not clear how many 2511 letters were issued by the Justice Department."
IRS backs off on warrantless email surveillance
Following last week’s uproar over internal IRS documents that suggested it engaged in warrantless email surveillance, a top agency official told a Senate committee Tuesday that it does no such thing.
Internal documents from the agency’s criminal division, revealed through a Freedom of Information Act (FOIA) request by the ACLU, suggested that the agency has had a policy allowing for it to engage in warrantless email surveillance for several years.
Acting IRS Commissioner Steven Miller told the Senate Finance Committee Tuesday, “In the criminal context, we seek a warrant in advance.”
We have lost so much, it is hard to comprehend.
Apologies for the near lack of book quotes, I did not have a quote mining folder on this topic. Short on notice short on quotes... :\
Cowen Thorne
(Shock and Awed)