Edward Snowden Explains That His Goal Was To Expose Putin For Lying About Mass Surveillance, Not To Whitewash Him

Yesterday Edward Snowden called into a question and answer show held by Vladamir Putin and asked him about mass surveillance in Russia. The video is above. Putin’s response:

“Mr. Snowden, you are a former agent,” the president replied. “I used to work for an intelligence service. Let’s speak professionally.”

“Our intelligence efforts are strictly regulated by our law,” Mr. Putin said. “You have to get a court’s permission first.” He noted that terrorists use electronic communications and that Russia had to respond to that threat.

“Of course we do this,” Mr. Putin said. “But we don’t use this on such a massive scale and I hope that we won’t.”

“But what is most important,” Mr. Putin concluded, “is that the special services, thank God, are under a strict control of the government and the society, and their activities are regulated by law.”

Most likely as a reflection of views they already had about him, some people have since criticized Snowden for giving Putin the opportunity to lie in this manner, as if the only way Putin could lie on Russian television is by responding to a question from Edward Snowden. Think Progress has pointed out some of the ways in which Putin was lying:

Numerous reports lay doubt to Putin’s claims that the collection of information is much more narrowly tailored in Russia. In fall 2012, Russia put into place a system it claimed was to protect children from viewing pornography. The method it decided to enact that goal, however, was one not only puts into place a list of banned websites that could surpress political speech, but also has the ability to track the flow of information across Russian networks. “Logistically, this will require Russia’s [internet service providers] to maintain detailed records of user traffic and would allow the Russian government a potential backdoor into the private lives of Russia’s internet users,” ThinkProgress explained at the time of the network’s launch.

Last October, Reuters also reported that the Russian government was requiring internet service providers to “store all traffic temporarily and make it available to the top domestic intelligence agency.” Under the order drafted in the Communications Ministry, the FSB — the successor to the KGB — would have access for 12 hours to all stored data, “including phone numbers, IP addresses, account names, social network activity and e-mail addresses.” That order is due to take effect this July.

And just this year, Russian officials admit while defending hotels in Sochi built for the Winter Olympics that they were equipped with surveillance equipment that was closely watched. The entire proceedings in the Russian resort town were subject to a massive dragnet of surveillance as a system was put into place to monitor all communications that flowed in and out. This was done using the SORM system that Russia utilizes to listen in to phone conversations and read email threads, which according to Privacy International, “gathers information from all communication media, and offers long-term storage (three years), providing access to all user data.” SORM is deployed year-round and controlled by the FSB.

Former U.S. Ambassador to Russia Michael McFaul said he has been on the receiving end of the Russian surveillance program. As a government official, he was a prime target, he told NBC just prior to stepping down earlier this year, but Americans writ large are also subject to having their information spied upon, given Moscow’s espionage abilities. “As we remind all Americans that come to this country,” McFaul said, “the Russian government has tremendous capabilities, and legal by their law, of intercepting phone calls, emails, etc.”

In a post at The Guardian entitled Vladimir Putin must be called to account on surveillance just like Obama, Snowden explained that “I questioned the Russian president live on TV to get his answer on the record, not to whitewash him.”

On Thursday, I questioned Russia’s involvement in mass surveillance on live television. I asked Russia’s president, Vladimir Putin, a question that cannot credibly be answered in the negative by any leader who runs a modern, intrusive surveillance program: “Does [your country] intercept, analyse or store millions of individuals’ communications?”

I went on to challenge whether, even if such a mass surveillance program were effective and technically legal, it could ever be morally justified.

The question was intended to mirror the now infamous exchange in US Senate intelligence committee hearings between senator Ron Wyden and the director of national intelligence, James Clapper, about whether the NSA collected records on millions of Americans, and to invite either an important concession or a clear evasion. (See a side-by-side comparison of Wyden’s question and mine here.)

Clapper’s lie – to the Senate and to the public – was a major motivating force behind my decision to go public, and a historic example of the importance of official accountability.

In his response, Putin denied the first part of the question and dodged on the latter. There are serious inconsistencies in his denial – and we’ll get to them soon – but it was not the president’s suspiciously narrow answer that was criticised by many pundits. It was that I had chosen to ask a question at all.

I was surprised that people who witnessed me risk my life to expose the surveillance practices of my own country could not believe that I might also criticise the surveillance policies of Russia, a country to which I have sworn no allegiance, without ulterior motive. I regret that my question could be misinterpreted, and that it enabled many to ignore the substance of the question – and Putin’s evasive response – in order to speculate, wildly and incorrectly, about my motives for asking it.

The investigative journalist Andrei Soldatov, perhaps the single most prominent critic of Russia’s surveillance apparatus (and someone who has repeatedly criticised me in the past year), described my question as “extremely important for Russia”. According to the Daily Beast, Soldatov said it could lift a de facto ban on public conversations about state eavesdropping.

Others have pointed out that Putin’s response appears to be the strongest denial of involvement in mass surveillance ever given by a Russian leader – a denial that is, generously speaking, likely to be revisited by journalists.

In fact, Putin’s response was remarkably similar to Barack Obama’s initial, sweeping denials of the scope of the NSA’s domestic surveillance programs, before that position was later shown to be both untrue and indefensible.

So why all the criticism? I expected that some would object to my participation in an annual forum that is largely comprised of softball questions to a leader unaccustomed to being challenged. But to me, the rare opportunity to lift a taboo on discussion of state surveillance before an audience that primarily views state media outweighed that risk. Moreover, I hoped that Putin’s answer – whatever it was – would provide opportunities for serious journalists and civil society to push the discussion further.

When this event comes around next year, I hope we’ll see more questions on surveillance programs and other controversial policies. But we don’t have to wait until then. For example, journalists might ask for clarification as to how millions of individuals’ communications are not being intercepted, analysed or stored, when, at least on a technical level, the systems that are in place must do precisely that in order to function. They might ask whether the social media companies reporting that they have received bulk collection requests from the Russian government are telling the truth.

I blew the whistle on the NSA’s surveillance practices not because I believed that the United States was uniquely at fault, but because I believe that mass surveillance of innocents – the construction of enormous, state-run surveillance time machines that can turn back the clock on the most intimate details of our lives – is a threat to all people, everywhere, no matter who runs them.

Last year, I risked family, life, and freedom to help initiate a global debate that even Obama himself conceded “will make our nation stronger”. I am no more willing to trade my principles for privilege today than I was then.

I understand the concerns of critics, but there is a more obvious explanation for my question than a secret desire to defend the kind of policies I sacrificed a comfortable life to challenge: if we are to test the truth of officials’ claims, we must first give them an opportunity to make those claims.

This comes a few days after The Guardian and the Washington Post received a Pulitzer Prize for Public Service for their reporting on the NSA surveillance based upon documents leaked by Edward Snowden.

Please Share

Brewer Vetoes Arizona Bill Legalizing Discrimination Against Gays

In the second of two reports of good news today, Arizona Governor Jan Brewer hasvetoed the bill recently passed by the state legislature to permit discrimination. The law would have allowed businesses to legally practice discrimination against homosexuals. I discussed the bill and conservative cherry picking of religious teachings further here.

Conservatives are promoting similar “religious freedom” bills in other states. To the religious right, “religious freedom” means the freedom to impose their religious views upon others in violation of the Constitutional protection of separation of church and state which this nation was founded upon. A similar bill in Georgia is expected to be defeated.

Please Share

Obama Takes First Step In Reforming NSA Surveillance

In a speech today, President Obama called for an overhaul of the NSA’s phone data collection program. The full text is here and the proposals are summarized here. There are meaningful improvements, including requiring a court order to obtain phone data, which will be held by a third party, and proceedings before the FISA court will become more adversarial with arguments made counter to the government’s arguments by a panel of public advocates.

Glenn Greenwald has some valid criticism and deserves credit for his work in bringing Edward Snowden’s revelations to the public. As has often been the case regarding Obama, I believe he is also underestimating the value of these reforms. It must be kept in mind that this issue is about what the NSA has done wrong, not about one’s opinion of Glenn Greenwald. I am finding that Greenwald’s sometimes overzealous attacks on Obama have led many liberals to automatically reject whatever he has to say, and I fear that this is contributing to the attitude of some liberals to fail to take the NSA revelations with the seriousness they deserve.

The American Civil Liberties Union has issued this statement, also arguing that Obama has not gone far enough:

President Obama today announced changes to some aspects of the NSA’s surveillance programs and left others in place. Anthony D. Romero, the executive director of the American Civil Liberties Union, had this reaction:

“The president’s speech outlined several developments which we welcome. Increased transparency for the Foreign Intelligence Surveillance Court, improved checks and balances at the FISA court through the creation of a panel of advocates, and increased privacy protections for non-U.S. citizens abroad – the first such assertion by a U.S. president – are all necessary and welcome reforms.

“However, the president’s decision not to end bulk collection and retention of all Americans’ data remains highly troubling. The president outlined a process to study the issue further and appears open to alternatives. But the president should end – not mend – the government’s collection and retention of all law-abiding Americans’ data. When the government collects and stores every American’s phone call data, it is engaging in a textbook example of an ‘unreasonable search’ that violates the Constitution. The president’s own review panel recommended that bulk data collection be ended, and the president should accept that recommendation in its entirety.”

A new chart comparing the ACLU’s proposals, President Obama’s announcement, and the USA FREEDOM Act (a bipartisan bill currently pending in Congress) is at:
aclu.org/national-security/where-does-president-stand-nsa-reform

ACLU Action is demanding an end to dragnet surveillance at:
aclu.org/endsurveillance

I do think that Glenn Greenwald could learn from the manner in which the ACLU both acknowledged the favorable aspects of Obama’s proposals while calling for greater reforms. This has been the general attitude which I have seen so far among liberal critics of NSA surveillance. Such an attitude is also more likely to bring about greater unity on the left for reform as opposed to his attacks which are causing some liberals to discount the entire issue.

The fact that Obama made this speech is further evidence of the value of Edward Snowden’s work, and I feel provides further vindication for his actions. Needless to say, many in the intelligence community do not agree, some having fantasies of dealing with Snowden as would be done in a third rate spy thriller:

One Army intelligence officer even offered BuzzFeed a chillingly detailed fantasy.

“I think if we had the chance, we would end it very quickly,” he said. “Just casually walking on the streets of Moscow, coming back from buying his groceries. Going back to his flat and he is casually poked by a passerby. He thinks nothing of it at the time starts to feel a little woozy and thinks it’s a parasite from the local water. He goes home very innocently and next thing you know he dies in the shower.”

There is no indication that the United States has sought to take vengeance on Snowden, who is living in an undisclosed location in Russia without visible security measures, according to a recent Washington Post interview. And the intelligence operators who spoke to BuzzFeed on the condition of anonymity did not say they expected anyone to act on their desire for revenge. But their mood is widespread, people who regularly work with the intelligence community said.

Granted this is just anonymous talk and no action has been taken, but this attitude does reinforce the need to keep the intelligence community under control, and could even be argued to represent further evidence that Snowden was right in his actions.

This all occurs a day after the latest revelations released by Edward Snowden that the NSA collects millions of text messages.

Please Share

Federal Judge Rules NSA Surveillance Is Unconstitutional

Earlier this year, Edward Snowden released information on NSA surveillance, including the accumulation of information on American citizens which appears to be far in excess of either what is necessary or what is allowed under the Constitution. A federal judge agreed with this criticism today:

A Federal District Court judge ruled on Monday that the National Security Agency program that is systematically keeping records of all Americans’ phone calls most likely violates the Constitution, and he ordered the government to stop collecting data on two plaintiffs’ personal calls and destroy the records of their calling history.

In a 68-page ruling, Judge Richard J. Leon of the District of Columbia called the program’s technology “almost Orwellian” and suggested that James Madison, the author of the Constitution, would be “aghast” to learn that the government was encroaching on liberty in such a way.

“I cannot imagine a more ‘indiscriminate’ and ‘arbitrary’ invasion than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying and analyzing it without prior judicial approval,” Judge Leon wrote. “Surely, such a program infringes on ‘that degree of privacy’ that the founders enshrined in the Fourth Amendment.”

Leon wrote that old judicial decisions with regards to privacy rights need to be reevaluated in light of modern technology with previous cases (such as Smith vs. Maryland)  not necessarily remaining relevant:

[T]he almost-Orwellian technology that enables the Government to store and analyse the phone metadata of every telephone user in the United States is unlike anything that could have been conceived in 1979. In Smith, the Supreme Court was actually considering whether local police could collect one person’s phone records for calls made after the pen register was installed and for the limited purpose of a small-scale investigation of harassing phone calls. The notion that the Government could collect similar data on hundreds of millions of people and retain that data for a five-year period, updating it with new data in perpetuity, was at best, in 1979, the stuff of science fiction.

More on the decision at SCOTUS Blog.

This decision will most likely be appealed and ultimately be decided by the Supreme Court.

Please Share

Three Senators Call For Reforming NSA Surveillance

Three Senators, Senators Ron Wyden (D-Ore), Mark Udall (D-Colo), and Martin Heinrich (D-N.M), have proposed legislation to help restore  Fourth Amendment privacy protections following recent revelations regarding NSA surveillance. They have an op-ed in The New York Times which explains their position and their opposition to currently proposed legislation form the Senate intelligence committee which would codify current surveillance without providing privacy protections. Their op-ed begins:

End the N.S.A. Dragnet, Now

THE framers of the Constitution declared that government officials had no power to seize the records of individual Americans without evidence of wrongdoing, and they embedded this principle in the Fourth Amendment. The bulk collection of Americans’ telephone records — so-called metadata — by the National Security Agency is, in our view, a clear case of a general warrant that violates the spirit of the framers’ intentions. This intrusive program was authorized under a secret legal process by the Foreign Intelligence Surveillance Court, so for years American citizens did not have the knowledge needed to challenge the infringement of their privacy rights.

Our first priority is to keep Americans safe from the threat of terrorism. If government agencies identify a suspected terrorist, they should absolutely go to the relevant phone companies to get that person’s phone records. But this can be done without collecting the records of millions of law-abiding Americans. We recall Benjamin Franklin’s famous admonition that those who would give up essential liberty in the pursuit of temporary safety will lose both and deserve neither.

The usefulness of the bulk collection program has been greatly exaggerated. We have yet to see any proof that it provides real, unique value in protecting national security. In spite of our repeated requests, the N.S.A. has not provided evidence of any instance when the agency used this program to review phone records that could not have been obtained using a regular court order or emergency authorization.

Despite this, the surveillance reform bill recently ratified by the Senate Intelligence Committee would explicitly permit the government to engage in dragnet collection as long as there were rules about when officials could look at these phone records. It would also give intelligence agencies wide latitude to conduct warrantless searches for Americans’ phone calls and emails.

This is not the true reform that poll after poll has shown the American people want. It is preserving business as usual. When the Bill of Rights was adopted, it established that Americans’ papers and effects should be seized only when there was specific evidence of suspicious activity. It did not permit government agencies to issue general warrants as long as records seized were reviewed with the permission of senior officials.

Please Share

NSA Monitored Phone Conversations Of Thirty-Five World Leaders

Following recent complaints by German Chancellor Angela Merkel that her phone was being tapped by the NSA, it now appears that she was just one of thirty-five world leaders according to a report in the Guardian:

The National Security Agency monitored the phone conversations of 35 world leaders after being given the numbers by an official in another US government department, according to a classified document provided by whistleblower Edward Snowden.

The confidential memo reveals that the NSA encourages senior officials in its “customer” departments, such the White House, State and the Pentagon, to share their “Rolodexes” so the agency can add the phone numbers of leading foreign politicians to their surveillance systems.

The document notes that one unnamed US official handed over 200 numbers, including those of the 35 world leaders, none of whom is named. These were immediately “tasked” for monitoring by the NSA.

The revelation is set to add to mounting diplomatic tensions between the US and its allies, after the German chancellor Angela Merkel on Wednesday accused the US of tapping her mobile phone.

After Merkel’s allegations became public, White House press secretary Jay Carney issued a statement that said the US “is not monitoring and will not monitor” the German chancellor’s communications. But that failed to quell the row, as officials in Berlin quickly pointed out that the US did not deny monitoring the phone in the past.

The NSA memo obtained by the Guardian suggests that such surveillance was not isolated, as the agency routinely monitors the phone numbers of world leaders – and even asks for the assistance of other US officials to do so.

The program has provided intelligence to add additional world leaders to those under surveillance but beyond this has provided “little reportable intelligence.” I imagine that to those who have the mentality that records should be kept on every phone call made in the United States, a program which increases the number of world leaders they can spy of is of value.

This report has led to protests from the European Union, including Germany, France, and Italy. I wonder how much useful intelligence might be denied to the United States in the future if other nations should be come wary about sharing intelligence with the United States.

Please Share

Fighting Gag Orders On NSA & FBI Surveillance

One aspect of post 9/11 surveillance which civil libertarians have objected to is the prohibition against disclosing requests for information, adding to the secrecy of these programs.  Cory Doctorow has discussed a possible way to get out information when the NSA or other government agencies  seek information, going back to an idea a librarian had in reaction to the portions of the Patriot Act which prohibited librarians from telling the subject about an information request:

In 2004, American librarians recoiled at the FBI’s demands to rummage through their patrons’ reading habits and use them to infer terroristic intent, and at the FBI’s gag orders preventing librarians from telling their patrons when the police had come snooping.

Jessamyn West, a radical librarian, conceived of a brilliant solution, a sign on the wall of her library reading “THE FBI HAS NOT BEEN HERE (watch very closely for the removal of this sign).” After all, she reasoned, if the law prohibited her from telling people that the FBI had been in, that wasn’t the same as her not not telling people the FBI hadn’t been in, right?

I was reminded of this last week on a call with Nico Sell, one of the organisers of the annual security conference Defcon (whose founder, Jeff Moss, told the NSA that it would not be welcome at this year’s event). Nico wanted me to act as an adviser to her company Wickr, which provides a platform for private messaging. I asked her what she would do in the event that she got a Lavabit-style order to pervert her software’s security.

She explained that her company had committed to publishing regular transparency reports, modelled on those used by companies like Google, with one important difference. Google’s reports do not give the tally of secret orders served on it by governments, because doing so would be illegal. Sell has yet to receive a secret order, so she can legally report in each transparency report: “Wickr has received zero secret orders from law enforcement and spy agencies. Watch closely for this notice to disappear.” When the day came that her service had been served by the NSA, she could provide an alert to attentive users (and, more realistically, journalists) who would spread the word. Wickr is designed so that it knows nothing about its users’ communications, so an NSA order would presumably leave its utility intact, but notice that the service had been subjected to an order would be a useful signal to users of other, related services.

This gave me an idea for a more general service: a dead man’s switch to help fight back in the war on security. This service would allow you to register a URL by requesting a message from it, appending your own public key to it and posting it to that URL.

Once you’re registered, you tell the dead man’s switch how often you plan on notifying it that you have not received a secret order, expressed in hours. Thereafter, the service sits there, quietly sending a random number to you at your specified interval, which you sign and send back as a “No secret orders yet” message. If you miss an update, it publishes that fact to an RSS feed.

Such a service would lend itself to lots of interesting applications. Muck-raking journalists could subscribe to the raw feed, looking for the names of prominent services that had missed their nothing-to-see-here deadlines. Security-minded toolsmiths could provide programmes that looked through your browser history and compared it with the URLs registered with the service and alert you if any of the sites you visit ever show up in the list of possibly-compromised sites.

This won’t help for another type of snooping which has been discovered recently–accessing smart phone data. The NSA can discover the data on the smartphones of suspected terrorists, and perhaps also view the nude pictures on celebrities’ smart phones before they leak to the press.

Please Share

DEA Using Vast Phone Records In Drug War

We now have information that the  NSA may not have been the government agency which has snooped the most on Americans. The New York Times has revealed information on a previously secret operation by the DEA which began under George Bush and continued during the Obama administration:

For at least six years, law enforcement officials working on a counternarcotics program have had routine access, using subpoenas, to an enormous AT&T database that contains the records of decades of Americans’ phone calls — parallel to but covering a far longer time than the National Security Agency’s hotly disputed collection of phone call logs.

The Hemisphere Project, a partnership between federal and local drug officials and AT&T that has not previously been reported, involves an extremely close association between the government and the telecommunications giant.

The government pays AT&T to place its employees in drug-fighting units around the country. Those employees sit alongside Drug Enforcement Administration agents and local detectives and supply them with the phone data from as far back as 1987.

The project comes to light at a time of vigorous public debate over the proper limits on government surveillance and on the relationship between government agencies and communications companies. It offers the most significant look to date at the use of such large-scale data for law enforcement, rather than for national security.

The scale and longevity of the data storage appears to be unmatched by other government programs, including the N.S.A.’s gathering of phone call logs under the Patriot Act. The N.S.A. stores the data for nearly all calls in the United States, including phone numbers and time and duration of calls, for five years.

Hemisphere covers every call that passes through an AT&T switch — not just those made by AT&T customers — and includes calls dating back 26 years, according to Hemisphere training slides bearing the logo of the White House Office of National Drug Control Policy. Some four billion call records are added to the database every day, the slides say; technical specialists say a single call may generate more than one record. Unlike the N.S.A. data, the Hemisphere data includes information on the locations of callers.

The slides were given to The New York Times by Drew Hendricks, a peace activist in Port Hadlock, Wash. He said he had received the PowerPoint presentation, which is unclassified but marked “Law enforcement sensitive,” in response to a series of public information requests to West Coast police agencies.

The program was started in 2007, according to the slides, and has been carried out in great secrecy.

“All requestors are instructed to never refer to Hemisphere in any official document,” one slide says. A search of the Nexis database found no reference to the program in news reports or Congressional hearings.

The ACLU has reasonable speculation as to why this program was kept so secret: “I’d speculate that one reason for the secrecy of the program is that it would be very hard to justify it to the public or the courts.”

Yes, very hard to justify. Any potential benefits here are far less significant than NSA surveillance which at least (other than for some reported cases of misuse) is directed at al Qaeda, which is far more significant than the targets of DEA investigations. If anything, the DEA’s perceived need to violate the rights of Americans in this manner is just one more reason why the drug war must be ended.

The Obama administration finds this helpful, apparently without consideration of the civil liberties concerns:

The Obama administration acknowledged the extraordinary scale of the Hemisphere database and the unusual embedding of AT&T employees in government drug units in three states.

But they said the project, which has proved especially useful in finding criminals who discard cellphones frequently to thwart government tracking, employed routine investigative procedures used in criminal cases for decades and posed no novel privacy issues.

Crucially, they said, the phone data is stored by AT&T, and not by the government as in the N.S.A. program. It is queried for phone numbers of interest mainly using what are called “administrative subpoenas,” those issued not by a grand jury or a judge but by a federal agency, in this case the D.E.A.

Brian Fallon, a Justice Department spokesman, said in a statement that “subpoenaing drug dealers’ phone records is a bread-and-butter tactic in the course of criminal investigations.”

James Joyner has posted more on this use of “administrative subpoenas” with references including this post at Wired from just over a year ago:

Meet the administrative subpoena (.pdf): With a federal official’s signature, banks, hospitals, bookstores, telecommunications companies and even utilities and internet service providers — virtually all businesses — are required to hand over sensitive data on individuals or corporations, as long as a government agent declares the information is relevant to an investigation. Via a wide range of laws, Congress has authorized the government to bypass the Fourth Amendment — the constitutional guard against unreasonable searches and seizures that requires a probable-cause warrant signed by a judge.

In fact, there are roughly 335 federal statutes on the books (.pdf) passed by Congress giving dozens upon dozens of federal agencies the power of the administrative subpoena, according to interviews and government reports. (.pdf)

“I think this is out of control. What has happened is, unfortunately, these statutes have been on the books for many, many years and the courts have acquiesced,” said Joe Evans, the utility’s attorney.

Anecdotal evidence suggests that federal officials from a broad spectrum of government agencies issue them hundreds of thousands of times annually. But none of the agencies are required to disclose fully how often they utilize them — meaning there is little, if any, oversight of this tactic that’s increasingly used in the war on drugs, the war on terror and, seemingly, the war on Americans’ constitutional rights to be free from unreasonable government trespass into their lives.

That’s despite proof that FBI agents given such powers under the Patriot Act quickly began to abuse them and illegally collected Americans’ communications records, including those of reporters. Two scathing reports from the Justice Department’s Inspector General uncovered routine and pervasive illegal use of administrative subpoenas by FBI anti-terrorism agents given nearly carte blanche authority to demand records about Americans’ communications with no supervision.

There are known risks to privacy rights going beyond what Edward Snowden released regarding the NSA. This information came out in response to public information requests. How much information about other abuses is out there which nobody knew enough to request, and how much is kept secret and unavailable under such requests?

Please Share

Tech Companies Fight Back Against Excessive Government Surveillance

Since Edward Snowden leaked information on the degree to which the NSA has been conducting surveillance on Americans it has often appeared that tech companies have given the government whatever access it wants to our personal information. An opinion piece at Wired suggests that tech companies are fighting back:

Everyone assumes that technology companies like Apple, Facebook, and Google don’t care that their customers are being spied on. I don’t believe that’s true.

On the very day the media dropped detailed documents on the NSA’s X-Keyscore collection program, the Facebook engineering team published a blog post stating that all access to Facebook via apps and web browsers was now SSL encrypted. Given X-Keyscore was a program primarily designed to intercept unencrypted internet traffic, you could be forgiven for interpreting Facebook’s post as a middle finger pointed in NSA’s direction. (Sources inside Facebook say it is a coincidence, and indeed the company had been in the process of enabling this across-the-board for years. But still. The timing.)

There are new interception hurdles everywhere you look. Even plain old SSL encryption is becoming more difficult to snoop on. Previously, governments could rely on complicit or compromised certificate authorities to provide them with the means to intercept encrypted traffic. Thanks to the Iranian government’s overly enthusiastic use of this technique, Google made changes to the Chrome browser to neuter the practice. Similar updates are expected soon in Internet Explorer. There goes another interception technique for law enforcement!

And it’s only going to get worse for the poor ole G-Men. Technology companies are enabling security features that make certain types of government surveillance extremely difficult, and it’s a trend that’s set to continue. That’s why the U.S. government has long wanted laws that force tech companies to make their products wiretap friendly…

Currently, there’s no law stopping companies like Apple, Facebook, and Google from introducing such security changes or forcing them to build in backdoors. Why would Apple want its users migrating to cross-platform, anti-snooping messaging apps like Hemlis (by the founders of The Pirate Bay)? Especially when the company could push itself out of the surveillance business with its own technical tweaks before federal regulations force them to become key players in warrant execution.

In fact, advancements in the usability of cryptographic protocols have made anti-surveillance features relatively simple for technology companies to bake into their communications products. And public demand for greater security and privacy in the wake of Edward Snowden’s revelations may make it virtually obligatory for them to do so before new wiretapping laws can be introduced.

It is increasingly looking like Edward Snowden’s release of information is as important in defending civil liberties (and understanding the threats) in the technological age as Daniel Ellsberg’s release of the Pentagon Papers were in spreading knowledge of how the government was lying about Viet Nam. Snowden’s actions have probably prevented the passage of new laws which would further enable organizations such as the NSA to violate our privacy rights:

Today, an attempt to introduce laws that would heavily fine software and internet companies for failing to make their products wiretap-friendly would be met by a full-scale revolt by the commentariat — and by the noisy political fringe on the left and the right.

President Obama was reportedly on the verge of backing the new wiretapping plan as recently as May this year. Only the “Snowden files” hit the press one month later, and surveillance became a hot-button issue. These laws seemingly dropped off the agenda.

For now.

Before Snowden, the proposed law would have been a mildly controversial but grudgingly accepted compliance regime for technology companies. The blowback might have been limited to a few angry Reddit threads and Anonymous denial-of-service attacks against government websites.

Now, it would become a serious political liability for the Obama administration — as well as a public relations and commercial disaster for the technology industry.

We are seeing an example of tech companies pushing back in this statement from Microsoft about a joint effort with Google to increase transparency. The Washington Post offers further background information as to why Microsoft and Google want to be able to discuss information beyond the government plans to  release annual reports on the government’s surveillance activity:

The company wants to be able to discuss just the court orders that it receives, rather than a larger bucket of reports that also includes demands made of other tech companies. Google has made a similar plea in a separate filing to the FISA court. It’s as much a public relations move as a bid for greater openness; by showing company-specific numbers, Microsoft and Google would be able to put distance between themselves and the Justice Department.

Microsoft goes one step further than Google, however. In accordance with the practices contained in its own transparency report, Microsoft said that the government should break down those numbers even more to distinguish requests for user metadata, such as IP addresses and e-mail header information, from demands for user content, which would expose personally identifiable information such as the actual text of e-mails to law enforcement.

Please Share

ACLU Files Suit Challenging Legality Of NSA Data Mining

The American Civil Liberties Union is challenging the legality of the NSA’s telephone data collection. A PDF of the challenge is available here. The New York Times reports:

In a detailed legal attack on the National Security Agency’s collection of Americans’ phone call data, the American Civil Liberties Union argued in court papers filed Monday that the sweeping data gathering violates the Constitution and should be halted.

The A.C.L.U. cited the writings of George Orwell and the comprehensive East German surveillance portrayed in the film “The Lives of Others” in warning of the dangers of large-scale government intrusion into private lives. The new motion, elaborating on the A.C.L.U.’s arguments against the data collection, came in a federal lawsuit challenging the N.S.A. program that the group filed in June.

Intelligence officials have emphasized that the N.S.A. database does not contain the contents of any Americans’ calls, but only the so-called metadata — the numbers called and the time and duration of each call. They say the database is searched only based on “reasonable, articulable suspicion” of terrorism and is valuable for tracking terror plots.

The Justice Department is expected to ask the judge in the case, William H. Pauley III of the Southern District of New York, to dismiss it. The department declined to comment on the A.C.L.U.’s filing.

In a declaration in support of the A.C.L.U., Edward W. Felten, a professor of computer science and public affairs at Princeton, said that by gathering data on the three billion calls made each day in the United States, the N.S.A. was creating a database that could reveal some of the most intimate secrets of American citizens.

“Calling patterns can reveal when we are awake and asleep; our religion, if a person regularly makes no calls on the Sabbath or makes a large number of calls on Christmas Day; our work habits and our social aptitude; the number of friends we have, and even our civil and political affiliations,” Mr. Felten wrote.

He pointed out that calls to certain numbers — a government fraud hot line, say, or a sexual assault hot line — or a text message that automatically donates to Planned Parenthood can reveal intimate details. He also said sophisticated data analysis, using software that can instantly trace chains of social connections, can make metadata even more revealing than the calls’ contents.

The N.S.A.’s collection of call log data is approved in general terms by the Foreign Intelligence Surveillance Court. But the information is collected without individualized court warrants, based in part on a Supreme Court ruling from 1979, Smith v. Maryland, that said call logs recorded in a criminal case were not subject to protection under the Fourth Amendment.

The A.C.L.U argues that the Smith ruling involves “narrow surveillance directed at a specific criminal suspect over a very limited time period.” The organization said the facts in the Smith case bore little resemblance to the mass collection of data on every call made in the country over the last seven years, which it said violated the Fourth Amendment’s guarantee against unreasonable searches and seizures.

The lawsuit also charges that the data collection violates the First Amendment’s free speech clause by imposing “a far-reaching chill” on the A.C.L.U.’s interaction with clients and sources.

The Washington Post had this on what is revealed from telephone metadata, from a legal brief filed in support of the ACLU’s position:

Certain telephone numbers are used for a single purpose, such that any contact reveals basic and often sensitive information about the caller. Examples include support hotlines for victims of domestic violence and rape, including a specific hotline for rape victims in the armed services.

Similarly, numerous hotlines exist for people considering suicide, including specific services for first responders, veterans, and gay and lesbian teenagers. Hotlines exist for suffers of various forms of addiction, such as alcohol, drugs, and gambling.

Similarly, inspectors general at practically every federal agency—including the NSA—have hotlines through which misconduct, waste, and fraud can be reported, while numerous state tax agencies have dedicated hotlines for reporting tax fraud. Hotlines have also been established to report hate crimes, arson, illegal firearms and child abuse. In all these cases, the metadata alone conveys a great deal about the content of the call, even without any further information.

Further examples are given regarding information which can be obtained from metadata obtained in bulk, including this example: “If a government employee suddenly begins contacting phone numbers associated with a number of news organizations and then the ACLU and then, perhaps, a criminal defense lawyer, that person’s identity as a prospective whistleblower could be surmised.”

Please Share