Here's commentary from TechDirt.com's Mike Masnick regarding the initially-publicized topic Snowden discussed before the Parliamentary Assembly of the Council of Europe: the ongoing NSA surveillance of human rights organizations, throughout the world and domestically, here in the U.S...
NSA Spied On Human Rights Watch And Amnesty International
Mike Masnick
TechDirt.com
Tuesday, April 8th, 2014 3:38PM
Ed Snowden testified (via video, of course) for the Council of Europe, the "top human rights body" of Europe, and told them that the NSA spied on various human rights groups, including Human Rights Watch and Amnesty International.
He told council members: "The NSA has specifically targeted either leaders or staff members in a number of civil and non-governmental organisations … including domestically within the borders of the United States." Snowden did not reveal which groups the NSA had bugged.
The assembly asked Snowden if the US spied on the "highly sensitive and confidential communications" of major rights bodies such as Amnesty and Human Rights Watch, as well as on similar smaller regional and national groups. He replied: "The answer is, without question, yes. Absolutely."
Of course, one of the things that's bugged me most of all about the response from NSA defenders is the typical line: "we're not listening to you talk to your grandmother" or whatever similar line may be. But, as more and more revelations have come out, they get closer and closer to the kinds of communications I actually do have on a regular basis. Talking to sources working on interesting technology projects, talking to human rights and civil society groups around the globe. Spying on journalists. Each day there's more and more evidence that while the NSA might not care about some mythical person talking to his or her mythical grandmother, it is very much collecting all sorts of information that those very same people thought were private -- and which clearly have nothing to do with national security.
Here's the
Guardian's Luke Harding. At first, he covers the human rights organization angle, but then he digs a bit deeper into Snowden's statements...
Snowded Testifies NSA Spies On Human Rights Workers
Luke Harding
The Guardian
Tuesday 8 April 2014 11.49 EDT
...He told council members: “The NSA has specifically targeted either leaders or staff members in a number of civil and non-governmental organisations … including domestically within the borders of the United States.” Snowden did not reveal which groups the NSA had bugged.
Later in his article, he continues to quote Snowden...
“...This technology represents the most significant new threat to civil liberties in modern times,” he declared.
XKeyscore allows analysts to search with no prior authorisation through vast databases containing emails, online chats, and the browsing histories of millions of individuals.
Snowden said on Tuesday that he and other analysts were able to use the tool to select an individual’s metadata and content “without judicial approval or prior review”.
In practical terms, this meant the agency tracked citizens not involved in any nefarious activities, he stressed. The NSA operated a “de facto policy of guilt by association”, he added…
...
...The exiled American spy, however, said the NSA should abandon its electronic surveillance of entire civilian populations…
...
...The NSA says Snowden should have brought his complaints to its own internal oversight and compliance bodies. Snowden, however, insisted he did raise concerns formally, including through emails sent to the NSA’s lawyers. “I directly challenge the NSA to deny that I contacted NSA oversight and compliance bodies directly via email,” he stated...
...
...The XKeyscore program amounted to an egregious form of mass surveillance, Snowden suggested, because it hoovered up data from “entire populations”. Anyone using non-encrypted communications might be targeted on the basis of their “religious beliefs, sexual or political affiliations, transactions with certain businesses” and even “gun ownership," he claimed.
What isn't stated outright by Harding is that Snowden's almost certainly/directly referring (at least somewhat) to the NSA's domestic surveillance of the U.S., in the last paragraph immediately above.
...Snowden said he did not believe the NSA was engaged in “nightmare scenarios”, such as the active compilation of a list of homosexuals “to round them up and send them into camps”. But he said that the infrastructure allowing this to happen had been built. The NSA, its allies, authoritarian governments and even private organisations could all abuse this technology, he said, adding that mass surveillance was a “global problem”. It led to “less liberal and safe societies”, he told the council…
At this juncture, I'll direct readers to
Marcy Wheeler, who picked up the story, again, late today...
Fingerprints and the Phone Dragnet’s Secret “Correlations” Order
Published April 9, 2014 | By emptywheel
Yesterday, I noted that ODNI is withholding a supplemental opinion approved on August 20, 2008 that almost certainly approved the tracking of “correlations” among the phone dragnet (though this surely extends to the Internet dragnet as well).
I pointed out that documents released by Edward Snowden suggest the use of correlations extends well beyond the search for “burner” phones.
At almost precisely the same time, Snowden was testifying to the EU. The first question he answered served to clarify what “fingerprints” are and how XKeyscore uses them to track a range of innocent activities. (This starts after 11:16, transcription mine.)
Here, I'm excerpting a portion of Marcy's transcription of about a third of Snowden's statement(s) from Tuesday (I transcribed an additional few minutes of it, farther down below)…
It has been reported that the NSA’s XKeyscore for interacting with the raw signals intercepted by mass surveillance programs allow for the creation of something that is called “fingerprints.”
I’d like to explain what that really means. The answer will be somewhat technical for a parliamentary setting, but these fingerprints can be used to construct a kind of unique signature for any individual or group’s communications which are often comprised of a collection of “selectors” such as email addresses, phone numbers, or user names.
This allows State Security Bureaus to instantly identify the movements and activities of you, your computers, or other devices, your personal Internet accounts, or even key words or other uncommon strings that indicate an individual or group, out of all the communications they intercept in the world are associated with that particular communication. Much like a fingerprint that you would leave on a handle of your door or your steering wheel for your car and so on.
However, though that has been reported, that is the smallest part of the NSA’s fingerprinting capability. You must first understand that any kind of Internet traffic that passes before these mass surveillance sensors can be analyzed in a protocol agnostic manner — metadata and content, both. And it can be today, right now, searched not only with very little effort, via a complex regular expression, which is a type of shorthand programming. But also via any algorithm an analyst can implement in popular high level programming languages. Now, this is very common for technicians. It not a significant work load, it’s quite easy.
This provides a capability for analysts to do things like associate unique identifiers assigned to untargeted individuals via unencrypted commercial advertising networks through cookies or other trackers — common tracking means used by businesses everyday on the Internet — with personal details, such as individuals’ precise identity, personal identity, their geographic location, their political affiliations, their place of work, their computer operating system and other technical details, their sexual orientation, their personal interests, and so on and so forth. There are very few practical limitations to the kind of analysis that can be technically performed in this manner, short of the actual imagination of the analysts themselves.
And this kind of complex analysis is in fact performed today using these systems. I can say, with authority, that the US government’s claim that “keyword filters,” searches, or “about” analysis, had not been performed by its intelligence agencies are, in fact, false. I know this because I have personally executed such searches with the explicit authorization of US government officials. And I can personally attest that these kind of searches may scrutinize communications of both American and European Union citizens without involvement of any judicial warrants or other prior legal review.
What this means in non-technical terms, more generally, is that I, an analyst working at NSA, or, more concerningly, an analyst working for a more authoritarian government elsewhere, can without the issue of any warrant, create an algorithm that for any given time period, with or without human involvement, sets aside the communications of not only targeted individuals, but even a class of individual, and that just indications of an activity — or even just indications of an activity that I as the analyst don’t approve of — something that I consider to be nefarious, or to indicate nefarious thoughts, or pre-criminal activity, even if there’s no evidence or indication that’s in fact what’s happening. that it’s not innocent behavior. The nature of the mass surveillance — of these mass surveillance technologies — create a de facto policy of assigning guilt by association rather than on the basis of specific investigations based on reasonable suspicion…
At the end of Marcy’s partial transcript, we read/listen to Snowden referencing a subject that
I’ve been discussing over the past year, as well; and it’s the reality that the
Five Eyes program, a surveillance alliance between the U.S., Great Britain (where approximately 2,000 NSA employees are stationed at offices throughout that country’s version of the NSA, known as the GCHQ and/or General Communications Headquarters, beyond the United States’ borders, where the U.S. Constitution no longer applies), Canada, Australia and New Zealand,
facilitates much of the NSA’s domestic “dirty work”…
…This mass surveillance network, constructed by the NSA, which, as I pointed out, is an Agency of the US military Department of Defense, not a civilian agency, and is also enabled by agreements with countries such as the United Kingdom, Australia, and even Germany, is not restricted for being used strictly for national security purposes, for the prevention of terrorism, or even for foreign intelligence more broadly.
XKeyscore is today secretly being used for law enforcement purposes, for the detection of even non-violent offenses, and yet this practice has never been declared to any defendant or to any open court.
We need to be clear with our language. These practices are abusive. This is clearly a disproportionate use of an extraordinarily invasive authority, an extraordinarily invasive means of investigation, taken against entire populations, rather than the traditional investigative standard of using the least intrusive means or investigating specifically named targets, individuals, or groups...
Courtesy of
yours truly (a full transcript of Snowden's testimony before the Paliametary Assembly of the Council of Europe is not yet available to the public), here's the conclusion of Snowden's statement(s) from Tuesday, covering the final portion of his video appearance before the Assembly, where he, once again, discusses
what he's been telling us since early June of last year: how virtually anyone at his level within the NSA could access
trillions of emails and phone calls, including the
content of those files,
both domestically and internationally, despite U.S. government propaganda to the contrary.
And, again, we hear the word, "trillions," this time from Snowden, directly, just like Glenn Greenwald reported it eight months ago: "Greenwald on ABC: Low-Level NSA Analysts Read, Listen Via Database of "Trillions" of Emails, Calls." But, that was then, this is now...
...The screening of trillions of private communications for the vaguest indications of association, or some other nebulous pre-criminal activity, is a violation of the human right to be free from unwarranted interference, to be secure in our communications and our private affairs, and it must be addressed.
The activities—routine; that I point out; unexceptional activities that happen every day—are only a tiny portion of what the Five Eyes are secretly doing behind closed doors, without the review, consent or approval of any public body.
This technology represents the most significant—what I would consider the most significant—new threat to civil rights in modern times. The committee should consider what truly bad actors will use these capabilities for if we allow them to go unchecked. And, how we will develop enduring norms and technical standards to safeguard against such abuses wherever they will occur.
Our human rights can only be protected if we insure that our laws have a clear meaning, and the meaning of the words within those laws cannot be secretly interpreted by any legal body or intelligence agency without the public’s knowledge and consent.
That’s the end of my comments.
# # #
As I’ve been noting this for a couple of years, well before we even heard of the name, Edward Snowden, and as Attorney General Eric Holder recently acknowledged it in front of the House Judiciary Committee (see below), as far as our government’s concerned, "metadata" means "content" (too). And, despite all of the kabuki emanating from D.C. to the contrary, that’s in large part due to our government’s highly-obfuscated “translation” of Section 215 of the Patriot Act, where a legal determination has already been made that there really is no distinction between phone call metadata and content versus Internet metadata and content.
Also see HERE, HERE, and HERE.
It's about everything there is to know about us. It’s all--as in: "collect it all"--fair game.
So, in case readers are still doubting this, here’s TechDirt.com’s Mike Masnick with a little reminder today about where all of this political theater is taking us (in circles and nowhere fast), directly from Representative Zoe Lofgren and Attorney General Eric Holder, no less...
Eric Holder Admits That, If It Wanted, NSA Could Collect Internet Searches & Emails Just Like Phone Metadata
Mike Masnick
TechDirt.com
Wednesday, April 9th, 2014 11:04AM
During a recent House Judiciary Committee hearing concerning oversight, Rep. Zoe Lofgren decided to quiz Attorney General Eric Holder about the federal government's surveillance efforts, starting off with a rather simple question. She notes that the bulk phone record collection program is considered to be legal by its supporters, based on Section 215 of the Patriot Act, which allows for the collection of "business records." So, she wonders, is there any legal distinction between phone records and, say, internet searches or emails?
In other words, does the DOJ believe that it would be perfectly legal for the US government to scoop up all your search records and emails without a warrant? Holder clearly does not want to answer the question, and first tries to answer a different question, concerning the bulk phone records program, and how the administration is supposedly committed to ending it. But eventually he's forced to admit that there's no legal distinction:
http://youtu.be/...
This is important. As you may recall, some of the attempts to deal with the phone record collection, including President Obama's, focus only on ending the specific phone record collection program, not the underlying law (or the interpretation of that law). This isn't to say that there are ongoing programs to do bulk warrantless collection of those other types of information, but it is worth recognizing that the government believes there would be no Constitutional issue if it decided to set up such a program.
All along, this has been the problem with Section 215...
As Masnick notes, "When it first was discussed, it was often called the 'library' provision, as the example that people talked about was using Section 215 to collect the records of what books someone checked out of the library."
Masnick continues on to tell us that (as the public's learned more about the NSA's phone metadata/content collection efforts) it's morphed into "...something much, much broader. Fixing this interpretation is going to take a lot more than just ending one program. It requires changing what is allowed by Section 215."
# # #
So, ten months into the Snowden story, while we're still being told by Snowden, Greenwald, et al, that there's much more to this story than we've been informed, to date, it's becoming more and more obvious, with every passing day, that the NSA is already collecting it all; or, they can and will whenever they damn well feel like it.
As Masnick notes, immediately above, "Fixing this...is going to take a lot more than just ending one program..."
# # #
Comments are closed on this story.