Tuesday, July 01, 2014

OpenStack 07/01/2014 (p.m.)

  • Tags: surveillance-state, foreign-intelligence, NSA-targets, NSA-backdoors

    • Virtually no foreign government is off-limits for the National Security Agency, which has been authorized to intercept information “concerning” all but four countries, according to top-secret documents.

      The United States has long had broad no-spying arrangements with those four countries — Britain, Canada, Australia and New Zealand — in a group known collectively with the United States as the Five Eyes. But a classified 2010 legal certification and other documents indicate the NSA has been given a far more elastic authority than previously known, one that allows it to intercept through U.S. companies not just the communications of its overseas targets but any communications about its targets as well.

    • The certification — approved by the Foreign Intelligence Surveillance Court and included among a set of documents leaked by former NSA contractor Edward Snowdenlists 193 countries that would be of valid interest for U.S. intelligence. The certification also permitted the agency to gather intelligence about entities including the World Bank, the International Monetary Fund, the European Union and the International Atomic Energy Agency.

      The NSA is not necessarily targeting all the countries or organizations identified in the certification, the affidavits and an accompanying exhibit; it has only been given authority to do so. Still, the privacy implications are far-reaching, civil liberties advocates say, because of the wide spectrum of people who might be engaged in communication about foreign governments and entities and whose communications might be of interest to the United States.

    • That language could allow for surveillance of academics, journalists and human rights researchers. A Swiss academic who has information on the German government’s position in the run-up to an international trade negotiation, for instance, could be targeted if the government has determined there is a foreign-
      intelligence need for that information. If a U.S. college professor e-mails the Swiss professor’s e-mail address or phone number to a colleague, the American’s e-mail could be collected as well, under the program’s court-approved rules
    • On Friday, the Office of the Director of National Intelligence released a transparency report stating that in 2013 the government targeted nearly 90,000 foreign individuals or organizations for foreign surveillance under the program. Some tech-
      industry lawyers say the number is relatively low, considering that several billion people use U.S. e-mail services.
    • Still, some lawmakers are concerned that the potential for intrusions on Americans’ privacy has grown under the 2008 law because the government is intercepting not just communications of its targets but communications about its targets as well. The expansiveness of the foreign-powers certification increases that concern.
    • In a 2011 FISA court opinion, a judge using an NSA-provided sample estimated that the agency could be collecting as many as 46,000 wholly domestic e-mails a year that mentioned a particular target’s e-mail address or phone number, in what is referred to as “about” collection.

      “When Congress passed Section 702 back in 2008, most members of Congress had no idea that the government was collecting Americans’ communications simply because they contained a particular individual’s contact information,” Sen. Ron Wyden (D-Ore.), who has co-sponsored ­legislation to narrow “about” collection authority, said in an e-mail to The Washington Post. “If ‘about the target’ collection were limited to genuine national security threats, there would be very little privacy impact. In fact, this collection is much broader than that, and it is scooping up huge amounts of Americans’ wholly domestic communications.”

    • The only reason the court has oversight of the NSA program is that Congress in 2008 gave the government a new authority to gather intelligence from U.S. companies that own the Internet cables running through the United States, former officials noted.

      Edgar, the former privacy officer at the Office of the Director of National Intelligence, said ultimately he believes the authority should be narrowed. “There are valid privacy concerns with leaving these collection decisions entirely in the executive branch,” he said. “There shouldn’t be broad collection, using this authority, of foreign government information without any meaningful judicial role that defines the limits of what can be collected.”

  • Text of the bill is on Sen. Diane Feinstein's site, http://goo.gl/2cdsSA It is truly a bummer.

    Tags: surveillance state, legislation, ACLU, cybersecurity

    • A new cybersecurity bill poses serious threats to our privacy, gives the government extraordinary powers to silence potential whistleblowers, and exempts these dangerous new powers from transparency laws.

      The Cybersecurity Information Sharing Act of 2014 ("CISA") was scheduled to be marked up by the Senate Intelligence Committee yesterday but has been delayed until after next week's congressional recess. The response to the proposed legislation from the privacy, civil liberties, tech, and open government communities was quick and unequivocal – this bill must not go through.

      The bill would create a massive loophole in our existing privacy laws by allowing the government to ask companies for "voluntary" cooperation in sharing information, including the content of our communications, for cybersecurity purposes. But the definition they are using for the so-called "cybersecurity information" is so broad it could sweep up huge amounts of innocent Americans' personal data.

      The Fourth Amendment protects Americans' personal data and communications from undue government access and monitoring without suspicion of criminal activity. The point of a warrant is to guard that protection. CISA would circumvent the warrant requirement by allowing the government to approach companies directly to collect personal information, including telephonic or internet communications, based on the new broadly drawn definition of "cybersecurity information."

    • While we hope many companies would jealously guard their customers' information, there is a provision in the bill that would excuse sharers from any liability if they act in "good faith" that the sharing was lawful.

      Collected information could then be used in criminal proceedings, creating a dangerous end-run around laws like the Electronic Communications Privacy Act, which contain warrant requirements.

      In addition to the threats to every American's privacy, the bill clearly targets potential government whistleblowers. Instead of limiting the use of data collection to protect against actual cybersecurity threats, the bill allows the government to use the data in the investigation and prosecution of people for economic espionage and trade secret violations, and under various provisions of the Espionage Act.

      It's clear that the law is an attempt to give the government more power to crack down on whistleblowers, or "insider threats," in popular bureaucratic parlance. The Obama Administration has brought more "leaks" prosecutions against government whistleblowers and members of the press than all previous administrations combined. If misused by this or future administrations, CISA could eliminate due process protections for such investigations, which already favor the prosecution.

    • While actively stripping Americans' privacy protections, the bill also cloaks "cybersecurity"-sharing in secrecy by exempting it from critical government transparency protections. It unnecessarily and dangerously provides exemptions from state and local sunshine laws as well as the federal Freedom of Information Act. These are both powerful tools that allow citizens to check government activities and guard against abuse.

      Edward Snowden's revelations from the past year, of invasive spying programs like PRSIM and Stellar Wind, have left Americans shocked and demanding more transparency by government agencies. CISA, however, flies in the face of what the public clearly wants.

      (Two coalition letters, here and here, sent to key members of the Senate yesterday detail the concerns of a broad coalition of organizations, including the ACLU.)

  • Tags: surveillance state, smart-lights, cloud computing

    • Smart Lights: New LEDS Allow NSA To Spy On Your Every Mo

Posted from Diigo. The rest of Open Web group favorite links are here.

Post a Comment