Archive for the ‘surveillance’ tag
As I mentioned recently, I’ve been immersed in dystopian novels. George Orwell would mutter I told you so about these latest Smart TV revelations if he was still around.
McSherry called that bit of qualifying language “worrisome.”
“Samsung may just be giving itself some wiggle room as the service evolves, but that language could be interpreted pretty broadly,” she said.
(click here to continue reading Your Samsung SmartTV Is Spying on You, Basically – The Daily Beast.)
Samsung eventually admitted the 3rd party:
Samsung has confirmed that its “smart TV” sets are listening to customers’ every word, and the company is warning customers not to speak about personal information while near the TV sets.
The company revealed that the voice activation feature on its smart TVs will capture all nearby conversations. The TV sets can share the information, including sensitive data, with Samsung as well as third-party services.
Samsung has updated its policy and named the third party in question, Nuance Communications, Inc.
(click here to continue reading Samsung warns customers not to discuss personal information in front of smart TVs.)
Hmm, sounds familiar. Remember this from a few weeks ago:
Consumers have bought more than 11 million internet-connected Vizio televisions since 2010. But according to a complaint filed by the FTC and the New Jersey Attorney General, consumers didn’t know that while they were watching their TVs, Vizio was watching them. The lawsuit challenges the company’s tracking practices and offers insights into how established consumer protection principles apply to smart technology.
Starting in 2014, Vizio made TVs that automatically tracked what consumers were watching and transmitted that data back to its servers. Vizio even retrofitted older models by installing its tracking software remotely. All of this, the FTC and AG allege, was done without clearly telling consumers or getting their consent.
What did Vizio know about what was going on in the privacy of consumers’ homes? On a second-by-second basis, Vizio collected a selection of pixels on the screen that it matched to a database of TV, movie, and commercial content. What’s more, Vizio identified viewing data from cable or broadband service providers, set-top boxes, streaming devices, DVD players, and over-the-air broadcasts. Add it all up and Vizio captured as many as 100 billion data points each day from millions of TVs.
Vizio then turned that mountain of data into cash by selling consumers’ viewing histories to advertisers and others. And let’s be clear: We’re not talking about summary information about national viewing trends. According to the complaint, Vizio got personal. The company provided consumers’ IP addresses to data aggregators, who then matched the address with an individual consumer or household. Vizio’s contracts with third parties prohibited the re-identification of consumers and households by name, but allowed a host of other personal details – for example, sex, age, income, marital status, household size, education, and home ownership. And Vizio permitted these companies to track and target its consumers across devices.
(click here to continue reading What Vizio was doing behind the TV screen | Federal Trade Commission.)
You didn’t realize that your habits were worth so much money to the corporate surveillance world did you? Too bad the data mining industry doesn’t share in any of the profits they’ve harvested from your habits and propensities.
Plus the whole listening to you every second might not always be in your own best interests:
Upon further investigation, however, police began suspecting foul play: Broken knobs and bottles, as well as blood spots around the tub, suggested there had been a struggle. A few days later, the Arkansas chief medical examiner ruled Collins’s death a homicide — and police obtained a search warrant for Bates’s home.
Inside, detectives discovered a bevy of “smart home” devices, including a Nest thermostat, a Honeywell alarm system, a wireless weather monitoring system and an Amazon Echo. Police seized the Echo and served a warrant to Amazon, noting in the affidavit there was “reason to believe that Amazon.com is in possession of records related to a homicide investigation being conducted by the Bentonville Police Department.”
That warrant threw a wrinkle into what might have been a traditional murder investigation, as first reported by the Information, a news site that covers the technology industry.
While police have long seized computers, cellphones and other electronics to investigate crimes, this case has raised fresh questions about privacy issues regarding devices like the Amazon Echo or the Google Home, voice-activated personal command centers that are constantly “listening.” Namely, is there a difference in the reasonable expectation of privacy one should have when dealing with a device that is “always on” in one’s own home?
The Echo is equipped with seven microphones and responds to a “wake word,” most commonly “Alexa.” When it detects the wake word, it begins streaming audio to the cloud, including a fraction of a second of audio before the wake word, according to the Amazon website.
A recording and transcription of the audio is logged and stored in the Amazon Alexa app and must be manually deleted later. For instance, if you asked your Echo, “Alexa, what is the weather right now?” you could later go back to the app to find out exactly what time that question was asked.
(click here to continue reading Can Alexa help solve a murder? Police think so — but Amazon won’t give up her data. – The Washington Post.)
Luckily, my “dumb” tv still chugs along…
Update: the Samsung story is from 2015, the Amazon and the Vizio stories are more recent. Main point still stands however…
Speaking of biometrics, and facial recognition, both key components of the REAL ID Act of 2005, Illinois doesn’t allow private businesses to do scans of your face, at least as of today.
The Biometric Information Privacy Act of Illinois is not a law many are familiar with. But if you have ever shared a photo on social media, the little-known statute turns out to be one of the nation’s toughest regulations for how companies like Facebook and Google can use facial recognition technologies to identify you online.
On Thursday, an Illinois state senator, Terry Link, introduced an amendment that would have weakened the law by exempting photo-tagging technologies that are now commonly used on social media. The proposal also had the potential to extinguish several class-action lawsuits against technology companies like Facebook by retroactively removing the right of Illinois citizens to sue companies that might have broken the law in the past.
The amendment was lobbied for by Facebook, according to a person involved in the effort who spoke on the condition of anonymity. And it helps to illustrate how from drone aircraft to genetic information and statutes that govern how companies sell consumer information to data miners, tech companies are in a capital to capital fight to keep new laws from being passed or to soften those already on the books.
“The Illinois biometric privacy act is one of the best new privacy laws in the country,” said Marc Rotenberg, president of the Electronic Privacy Information Center. “It’s bad news for consumers when Internet companies start lobbying against good privacy laws.”
(click here to continue reading Tech Companies Take Their Legislative Concerns to the States – The New York Times.)
If the federal government wants to create a database with everyone’s face, no problem. But Facebook, Google or LinkedIn? Not so fast.
For what it is worth, I’d vote that neither Facebook nor the Feds have this kind of information.
Applicants will have their photograph taken at a local office and a digital copy will be submitted immediately to Springfield for comparison in a pool of several million digital photos, according to Jim Burns, inspector general for the secretary of state’s office.
“We have in Illinois one of the better facial recognition systems in the country,” he said.
Illinois is among 27 states either not in compliance or taking steps to comply with the Real ID Act. Under this act, stricter identification is required to pass through airport security and enter federal buildings. Homeland Security earlier this year postponed the deadline for states to comply to 2018.
Homeland Security also will accept the temporary paper document in conjunction with an old driver’s license or ID card to board an aircraft until the permanent card arrives in the mail.
Congress passed the law in 2005 after a 9/11 Commission recommendation to take steps that would make it tougher to counterfeit government-issued IDs.
Critics of Real ID, such as the American Civil Liberties Union, have complained that it is a blatant invasion of privacy and would make people vulnerable to identity theft.
Ed Yohnka, director of communications at American Civil Liberties Union of Illinois, said he believes Illinois and other states have been doing a good job protecting peoples’ identities, and switching to a national identification card would do more harm than good.
“Congress ought to pull the plug on this,” he said. “It creates a national identification system that puts people at a greater risk of having their identity stolen.
“They talk about this in terms of it being for safety and security, but there is no evidence that it adds any of those things,” Yohnka said. “But what we do know is that it creates this powerful dynamic that can be used for surveillance.
“Once you have this national database, the only natural thing to do next is to take it and begin to use it to track people,” Yohnka said. “Then you are just creating a huge surveillance system, and that’s the real danger.”
Yohnka said if Real ID is developed, the government would have the potential to track what people buy and where they go.
(click here to continue reading Illinois Takes Step Toward Real ID Compliance.)
Even with the new procedures, IL is still only 84% in compliance, whatever that really means. And by the way, for a state already in budgetary trouble, here’s an extra expense:
The system will cost the state an additional $8.3 million in vendor and postage costs a year, said Nathan Maddox, [ Illinois Secretary of State Jesse] White’s senior legal adviser. The state plans to use a fund dedicated to driver’s license upgrades to pay for the new system.
“We have been making steady progress in implementing Real ID,” Maddox said. “We’ve met approximately 84 percent of the requirements.”
Illinois Secretary of State Jesse White announced that his office is upgrading security features to the Driver’s License/ID card design and expanding the central issuance process for driver’s licenses and ID cards to all applicants. With implementation of these changes, Illinois has moved closer to achieving full REAL ID compliance, which is a federal mandate of the U.S. Department of Homeland Security (DHS). By the end of July, applicants visiting Driver Services facilities will no longer be issued a new permanent DL/ID card at the end of the application process. Instead, they will leave the facility with a temporary, secure paper driver’s license, which is valid for 45 days and will serve as their DL/ID for driving purposes and proof of identification. The temporary, secure paper driver’s license or ID card will contain a photo and the basic information that appears on the permanent driver’s license or ID card. In addition, the facility employee will return the old DL/ID card back to the applicant after punching a hole in it.
Meanwhile, the applicant’s information will be sent to a centralized, secure facility in Illinois. After fraud checks have been conducted to ensure the applicant’s identity, a higher quality, more secure DL/ID will be printed and sent via U.S. mail within 15 business days to the applicant’s address.
For purposes of air travel, DHS states that it will accept the temporary document in conjunction with the old DL/ID to board an aircraft until the permanent card arrives in the mail. Illinois joins 39 other states that have moved to centralized production of DL/ID cards.
Illinois DL/IDs will continue to be accepted as primary forms of identification to board commercial airplanes for domestic travel until January 22, 2018.
(click here to continue reading 42nd Ward Update: Respect. Honor. Remember. Chicago’s Memorial Day Parade and Wreath Laying Ceremony.)
The full press release, if you are curious (PDF file)…
Fine, whatever, as long as the damn thing doesn’t get lost in the maw of the unreliable Chicago mail – seriously, what percentage of these DL/ID cards will be left to burn under a dumpster?
What percent will be delivered to the wrong address? I’d estimate that our building gets several erroneously delivered pieces of mail a week. Often inconsequential direct mail, but often checks, invoices, utility bills, magazines, and so on. Let’s hope the Chicago branch of the USPS takes special care to deliver these new driver licenses…Footnotes:
- ridiculous [↩]
A few scraps of news discovered on my browser recently. Or is it in my browser?
Jimmy Comey, FBI director, seems to be of the mind that the only way that police can do their jobs is if they are allowed to be a military invading force, civil liberties be damned. If a cop is worried about his actions being controversial, perhaps the actions are the problem, not the videotape? Comey must want to be fired, the last time this topic came up, the White House vehemently disagreed via multiple channels. What will happen this time? Also am heartened to read the comments to this article, for once, 90% of the comments are thoughtful, and most agree that Comey is way out of line.
The director of the F.B.I. reignited the factious debate over a so-called “Ferguson effect” on Wednesday, saying that he believed less aggressive policing was driving an alarming spike in murders in many cities.
James Comey, the director, said that while he could offer no statistical proof, he believed after speaking with a number of police officials that a “viral video effect” — with officers wary of confronting suspects for fear of ending up on a video — “could well be at the heart” of a spike in violent crime in some cities.
“There’s a perception that police are less likely to do the marginal additional policing that suppresses crime — the getting out of your car at 2 in the morning and saying to a group of guys, ‘Hey, what are you doing here?’” he told reporters.
(click here to continue reading F.B.I. Director Says ‘Viral Video Effect’ Blunts Police Work – The New York Times.)
The FBI wants free reign to watch you, however, by installing malware on your devices at their whim, without even a warrant…
n an interview with Gizmodo, Senator Ron Wyden revealed that he’ll introduce legislation next week that, if passed, would stop the recent Supreme Court change to what’s known as “Rule 41,” which gave the government broader hacking power.
The Department of Justice has been pushing for the rule change for years, and it was finally granted by the Supreme Court in April. The new rule allows federal judges to grant warrants to agencies like the FBI to deploy “Network Investigative Techniques” (malware) to search any number of computers, be it 10 or 100,000, even if they don’t know what jurisdiction the computers are in. The rule change also allows judges to grant warrants to search the computers of victims of cybercrime, even if that person hasn’t been suspected of a crime. Congress has six months to oppose the rule change or else it will automatically go into effect.
Then there’s the question of infecting computers with malware in order to search them. In an interview with Gizmodo, Senator Wyden aired his concerns.
“By compromising computer systems, it could leave it open to other attackers. What if the government has to turn off the computer’s protections to search it?,” he said. “So if the government is out there turning of millions of security features in order to search computers, my view is that there could be some serious security threats.”
The legislation Wyden plans to introduce next week will be just one sentence, simply stating that the changes to rule 41 will not go into effect.
“What I hope is that the House and Senate Judiciary committees will start looking into the rule,” Wyden said. “They’ll start looking at our bill and and Senators would realize that this is the question for the Congress. An agency like the Department of Justice shouldn’t just be able to wave its arms around and grant itself vast new powers. The changes to rule 41 dramatically expand the government’s hacking authority.”
(click here to continue reading Senators Are Trying to Stop the Supreme Court’s Bullshit New Hacking Rule.)
or your Amazon Echo, if you are foolish enough to own one…
Back in March, I filed a Freedom of Information request with the FBI asking if the agency had ever wiretapped an Amazon Echo. This week I got a response: “We can neither confirm nor deny…”
We live in a world awash in microphones. They’re in our smartphones, they’re in our computers, and they’re in our TVs. We used to expect that they were only listening when we asked them to listen. But increasingly we’ve invited our internet-connected gadgets to be “always listening.” There’s no better example of this than the Amazon Echo.
In many ways the Echo is a law enforcement dream.
(click here to continue reading The FBI Can Neither Confirm Nor Deny Wiretapping Your Amazon Echo.)
Philosophy, and most Liberal Arts programs, in my experience, are weighted heavily towards Europe, mostly Northern Europe really.
The vast majority of philosophy departments in the United States offer courses only on philosophy derived from Europe and the English-speaking world. For example, of the 118 doctoral programs in philosophy in the United States and Canada, only 10 percent have a specialist in Chinese philosophy as part of their regular faculty. Most philosophy departments also offer no courses on Africana, Indian, Islamic, Jewish, Latin American, Native American or other non-European traditions. Indeed, of the top 50 philosophy doctoral programs in the English-speaking world, only 15 percent have any regular faculty members who teach any non-Western philosophy.
Given the importance of non-European traditions in both the history of world philosophy and in the contemporary world, and given the increasing numbers of students in our colleges and universities from non-European backgrounds, this is astonishing. No other humanities discipline demonstrates this systematic neglect of most of the civilizations in its domain. The present situation is hard to justify morally, politically, epistemically or as good educational and research training practice.
This is not to disparage the value of the works in the contemporary philosophical canon: Clearly, there is nothing intrinsically wrong with philosophy written by males of European descent; but philosophy has always become richer as it becomes increasingly diverse and pluralistic. Thomas Aquinas (1225-1274) recognized this when he followed his Muslim colleagues in reading the work of the pagan philosopher Aristotle, thereby broadening the philosophical curriculum of universities in his own era. We hope that American philosophy departments will someday teach Confucius as routinely as they now teach Kant, that philosophy students will eventually have as many opportunities to study the “Bhagavad Gita” as they do the “Republic,” that the Flying Man thought experiment of the Persian philosopher Avicenna (980-1037) will be as well-known as the Brain-in-a-Vat thought experiment of the American philosopher Hilary Putnam (1926-2016), that the ancient Indian scholar Candrakirti’s critical examination of the concept of the self will be as well-studied as David Hume’s, that Frantz Fanon (1925-1961), Kwazi Wiredu (1931- ), Lame Deer (1903-1976) and Maria Lugones will be as familiar to our students as their equally profound colleagues in the contemporary philosophical canon. But, until then, let’s be honest, face reality and call departments of European-American Philosophy what they really are.
(click here to continue reading If Philosophy Won’t Diversify, Let’s Call It What It Really Is – The New York Times.)
An interesting and brief history of the purple bag that Crown Royal Whiskey is sold with:
If you’ve ever bought a bottle of Crown Royal Canadian whisky, you know the iconic bag, that ubiquitous purple “velvet” satchel with gold stitching and tasseled drawstring. Nearly everyone has one, even if they’re unsure where it is, or even how they got it. They’re impossible to throw away, and are just the right size, perfect for, say, a camera lens, weed stash, or as a relative used it for, an old set of dentures. Heck, I had one moons before I even knew about the whisky, and was probably using it to store Tiddlywinks, or my Indian Head pennies.
The bag does go back generations. In fact, the Canadian distillery’s first batch of hooch was blended in 1939 for the premier visit to the Americas by none other than England’s King George VI and his wife, Queen Elizabeth. No reigning British monarch had ever set foot on the continent. Upon hearing of the impending visit, Seagrams Chairman Samuel Bronfman sought to create a whisky, well, suitable for a king. He was said to have sampled six hundred blends before approving the recipe, the etched-glass crown-shape bottle and cap and now-venerable purple bag, the color chosen to imbue royalty.
For many subsequent years, the purple bag and its contents remained under wraps in Canada. That ended in the 1960s, when some enterprising Canadians, having packed some purple pouches, headed for oil-rich Texas. After that the blended whisky and their bags were also sold in the United States.
(click here to continue reading For Keeps – The Awl.)
Instagram 8 introduced a new logo. I’m meh about it, I don’t like it, but I’m not having a tantrum. I do use Instagram a few times a week, by the way, here’s my page. Anyway, a discussion of the logo change itself is more interesting:
The skeuomorphic camera icon that has accompanied Instagram until today is a modern-day classic. Not because it’s good — it’s not, really — but because of its omnipresence in users’ phone screens. I bet it’s on the home screen of 99% of people who have the app and who tap it very regularly. When the iPhone first came out — if you’ll remember — skeuomorphism was the default aesthetic and now, for better or worse, it’s all about flat design with a dash of optional gradients so it’s no surprise that’s where Instagram has headed. If there was any surprise it’s that Instagram held on to the skeuomorphism for a relatively long five years.
I doubt anyone will be making cakes and cookies in the shape of the new Instagram logo and that’s the biggest problem the new logo faces: it’s not the old logo. The ensuing shitstorm on the internet today will be epic. About 75% of the negative reaction will be simply to the fact that it has changed and the other 25% will be to the not-quite-fact that there is a generic aesthetic to the new icon where it could be a “camera” icon for the upcoming smart microwave from Apple or whatever other user interface you would imagine. This is not to say it’s a bad-looking icon, no… as far as camera icons go, this is quite lovely and has the minimal amount of elements necessary to be recognized as a camera BUT not the minimal amount of elements necessary to be recognized as Instagram.
(click here to continue reading Brand New: New Icon for Instagram done In-house.)
Trump is so thin skinned, I can’t even make a joke about it:
Donald Trump’s campaign requires volunteers to sign a contract that forbids them from criticizing the Republican presidential front-runner, his family members, any Trump businesses or products, or his campaign. The six-page contract, reviewed in full by the Daily Dot, theoretically lasts for the entirety of a volunteer’s life.
Legal experts say, however, that the contract’s non-disparagement clause would likely never hold up in court.
The tight control of volunteers stands in stark contrast to not only American political-campaign norms but also Trump’s reputation for speaking his mind.
In addition to forbidding volunteers from disparaging Trump, the contract also includes a sentence that demands volunteers prevent their employees from criticizing Trump, thus making volunteers responsible for the free speech of others for an indeterminate amount of time.
Volunteers also sign a non-disclosure agreement, forbidding them from sharing any sensitive information from the campaign. What kind of information is sensitive or confidential is completely at Trump’s discretion, according to the contract.
“He’s apparently so afraid that people would say something bad about him after spending some time on his campaign that they have to sign some sort of agreement,” Perry explained. “I don’t see how this stands up. I don’t see how a court enforces this.”
Volunteers must also sign a non-compete agreement that extends until Trump ceases his campaign for president, identified in the contract as the “Non-Compete Cutoff Date.” The agreement also forbids volunteers from working for another presidential candidate, should they change their minds.
In the event of a Trump victory in November’s general election, the non-compete clause could extend until his 2020 reelection campaign or even 2024, at the end of a second Trump term, the document explains. If Trump loses but wants to run again in the next election or in any presidential election in the future, the contract states the volunteer cannot work for another candidate.
(click here to continue reading Donald Trump’s volunteer contract forbids all criticism of Trump.)
(The sculpture is called Progress Lighting the Way for Commerce)
embiggen by clicking
I took You Wanted To Disappear on September 12, 2009 at 05:14AM
and processed it in my digital darkroom on February 19, 2016 at 09:27AM
The National Security Agency’s ability to spy on vast quantities of Internet traffic passing through the United States has relied on its extraordinary, decades-long partnership with a single company: the telecom giant AT&T. While it has been long known that American telecommunications companies worked closely with the spy agency, newly disclosed N.S.A. documents show that the relationship with AT&T has been considered unique and especially productive. One document described it as “highly collaborative,” while another lauded the company’s “extreme willingness to help.” AT&T’s cooperation has involved a broad range of classified activities, according to the documents, which date from 2003 to 2013.
A police state? Whoever could imagine such a thing in the United States of America? Civil liberties? Ha! The Bill of Rights is no longer required because the War on Terra has usurped them.
This is the real legacy of disgraced former Congressman Dennis Hastert: willingly gutting the Constitution to please the Neo Cons and Dick Cheney, and his little puppy GWB.
Scores of low-flying planes circling American cities are part of a civilian air force operated by the FBI and obscured behind fictitious companies.
The Associated Press traced at least 50 aircraft back to the FBI, and identified more than 100 flights in 11 states over a 30-day period since late April, orbiting both major cities and rural areas. At least 115 planes, including 90 Cessna aircraft, were mentioned in a federal budget document from 2009.
For decades, the planes have provided support to FBI surveillance operations on the ground. But now the aircraft are equipped with high-tech cameras, and in rare circumstances, technology capable of tracking thousands of cellphones, raising questions about how these surveillance flights affect Americans’ privacy.
The Drug Enforcement Administration has its own planes, also registered to fake companies, according to a 2011 Justice Department inspector general report. At the time, the DEA had 92 aircraft in its fleet. And since 2007, the U.S. Marshals Service has operated an aerial surveillance program with its own fleet equipped with technology that can capture data from thousands of cellphones, the Wall Street Journal reported last year.
Some of the aircraft can also be equipped with technology that can identify thousands of people below through the cellphones they carry, even if they’re not making a call or in public.
(click here to continue reading FBI behind mysterious surveillance flights over Chicago, other U.S. cities – Chicago Tribune.)
In other words, we are all assumed to be guilty of something, and thus can be monitored and spied upon without need for quaint antiques like warrants or probable cause.
Evolving technology can record higher-quality video from long distances, even at night, and can capture certain identifying information from cellphones using a device known as a “cell-site simulator” — or Stingray, to use one of the product’s brand names. These can trick pinpointed cellphones into revealing identification numbers of subscribers, including those not suspected of a crime.
The FBI has recently begun obtaining court orders to use this technology. Previously, the Obama administration had been directing local authorities through secret agreements not to reveal their own use of the devices, even encouraging prosecutors to drop cases rather than disclose the technology’s use in open court.
Up in the sky! Look! It’s a bird! A plane! It’s the FBI!
From Wall Street Journal reporter Devlin Barrett last year:
The Justice Department is scooping up data from thousands of mobile phones through devices deployed on airplanes that mimic cellphone towers, a high-tech hunt for criminal suspects that is snagging a large number of innocent Americans, according to people familiar with the operations.
The U.S. Marshals Service program, which became fully functional around 2007, operates Cessna aircraft from at least five metropolitan-area airports, with a flying range covering most of the U.S. population, according to people familiar with the program.
Planes are equipped with devices—some known as “dirtboxes” to law-enforcement officials because of the initials of the Boeing Co. unit that produces them—which mimic cell towers of large telecommunications firms and trick cellphones into reporting their unique registration information.
Even having encryption on a phone, such as the kind included on Apple Inc.’s iPhone 6, doesn’t prevent this process.
Also unknown are the steps taken to ensure data collected on innocent people isn’t kept for future examination by investigators. A federal appeals court ruled earlier this year that over-collection of data by investigators, and stockpiling of such data, was a violation of the Constitution.
The dirtbox and Stingray are both types of what tech experts call “IMSI catchers,’’ named for the identification system used by networks to identify individual cellphones.
The name “dirtbox’’ came from the acronym of the company making the device, DRT, for Digital Receiver Technology Inc., people said. DRT is now a subsidiary of Boeing. A Boeing spokeswoman declined to comment.
“DRT has developed a device that emulates a cellular base station to attract cellphones for a registration process even when they are not in use,’’ according to a 2010 regulatory filing Boeing made with the U.S. Commerce Department, which touted the device’s success in finding contraband cellphones smuggled in to prison inmates.
(click here to continue reading Americans’ Cellphones Targeted in Secret U.S. Spy Program – WSJ.)
and a follow up by the same reporter:
The Central Intelligence Agency played a crucial role in helping the Justice Department develop technology that scans data from thousands of U.S. cellphones at a time, part of a secret high-tech alliance between the spy agency and domestic law enforcement, according to people familiar with the work.
The CIA and the U.S. Marshals Service, an agency of the Justice Department, developed technology to locate specific cellphones in the U.S. through an airborne device that mimics a cellphone tower, these people said.
Today, the Justice Department program, whose existence was reported by The Wall Street Journal last year, is used to hunt criminal suspects. The same technology is used to track terror suspects and intelligence targets overseas, the people said.
The surveillance system briefly identifies large numbers of cellphones belonging to citizens unrelated to the search. The practice can also briefly interfere with the ability to make calls, these people said.
Some law-enforcement officials are concerned the aerial surveillance of cellphone signals inappropriately mixes traditional police work with the tactics and technology of overseas spy work that is constrained by fewer rules. Civil-liberties groups say the technique amounts to a digital dragnet of innocent Americans’ phones.
(click here to continue reading CIA Aided Justice Department Secret Program to Spy on U.S. Cellphones – WSJ.)
Remember when the CIA was banned on spying on Americans, and from conducting operations on American soil? Ah, those were the days…
To civil libertarians, the close involvement of America’s premier international spy agency with a domestic law-enforcement arm shows how military and espionage techniques are now being used on U.S. citizens.
“There’s a lot of privacy concerns in something this widespread, and those concerns only increase if we have an intelligence agency coordinating with them,” said Andrew Crocker of the Electronic Frontier Foundation, which has filed a lawsuit seeking more details about the program and its origins.
Sigh. The REAL ID boondoggle isn’t dead yet. Doesn’t it sound like everything the Big Govment’ haters rail against? And yet, it was passed “in the wake of 9/11”…
Currently, Illinois licenses and identification cards do not meet minimum standards mandated by the Real ID Act, which passed in 2005 in the wake of 9/11. If the Department of Homeland Security does not grant Illinois an extension, residents would need additional identification like a passport or face additional security checks to get on planes.
The act aims to thwart efforts by terrorists, con artists and immigrants in the country illegally to obtain government-issued identification. Arguments about costs, privacy and whether the additional information would actually reduce threats have delayed implementation of the law for more than a decade.
A major feature of Real ID is the verification of birth certificates, which Illinois currently does not require. The information is electronically scanned and stored in a federal database, and data can be shared easily among states and the federal government.
“It’s a large database that allows us to verify birth certificates and death certificates, things of that nature,” said Henry Haupt, spokesman for Secretary of State Jesse White. “It’s quite costly. We estimate, in order to utilize it and have all the birth certificates verified for Illinois drivers, it would cost about $3.75 million each year.”
White’s office estimated it would cost $100 to $150 million just for staffing, equipment and data storage. A Real ID driver’s licenses could cost an estimated $75 in Illinois. A license currently costs $30 for ages 21-68, according to CyberDrive Illinois.
That cost would largely be shouldered by Illinois drivers and taxpayers. The Homeland Security estimates it could cost $4 billion nationwide to implement the act.
States and territories were initially required to implement the program by May 2008, but the federal government delayed its start four times. Twenty-one states and four territories have been granted extensions to meet the law’s standards; 22 states and Washington, D.C., have implemented the act, according to a Jan. 30 Homeland Security statement.
Seven states — Arizona, Idaho, Louisiana, Maine, Minnesota, New Hampshire, New York — have no plans to implement Real ID. Residents of five of those states will not be able to board airplanes without additional identification like a passport starting in 2016; New York and Minnesota have driver’s licenses with enhanced security measures that will allow their residents to board airplanes, according to Homeland Security.
(click here to continue reading State eyes more secure driver’s license to avoid flying restrictions – Chicago Tribune.)
Sen. Iris Martinez (D-Chicago), a long-time opponent of the bill, says:
“I viewed Real ID as yet another unfunded federal mandate on state governments already facing tough budgets for important priorities,” Martinez said. “The proposition of a creation of a ‘one size fits all’ ID card necessary to travel was of great concern.”
and the price of implementation to the states is steep:
Brian Zimmer, president of the Coalition for a Secure Driver’s License who helped draft the law’s provisions on driver’s licenses as a congressional committee staffer, said Illinois would have to construct or renovate buildings that issue licenses in order to meet security criteria, which could prove challenging.
The law prompted some states, like Wisconsin and Texas, to consolidate facilities. In Tennessee, licenses are issued from a single, secure location, he said. That means applicants get their license via mail instead of in person.
“Real ID required states to move from a business model where licensing was a revenue source to a business model where money needs to be invested in it to ensure it was done more securely,” Zimmer said. “The new model is security first, and security comes with a price.”
price, confusion, long lines, and of course, privacy theft concerns:
Critics of Real ID have complained that it is a blatant invasion of privacy and would make people vulnerable to identity theft.
Ed Yohnka, a spokesman for the American Civil Liberties Union of Illinois, said a government database of citizens and some of their personal information smacks of Big Brotherism and would be a gold mine for identity thieves.
“One of the troubling things is that the system to protect our data will no longer be dependent about what happens here in Illinois,” Yohnka said. “What happens in Mississippi or Maine or Montana will be a conduit to get to our data. If hackers can get into those systems, they can get to the national system.”
He noted that the state’s database of driver’s licenses has fought off tens of thousands of improper access attempts.
“From a pragmatic point of view, all this furor over something that doesn’t provide safety and security is ridiculous,” Yohnka said.
Sounds great! Can’t wait! Especially since I had such a bitch of a time getting my passport due to bureaucratic SNAFU ingrained in that system.
Good for Microsoft, and good for the tech industry to rally behind Microsoft1
A broad array of organizations in technology, media and other fields rallied on Monday behind Microsoft’s effort to block American authorities from seizing a customer’s emails stored in Ireland.
The organizations filing supporting briefs in the Microsoft case included Apple, Amazon, Verizon, Fox News, National Public Radio, The Washington Post, CNN and almost two dozen other technology and media companies. A cross-section of trade associations and advocacy groups, from the American Civil Liberties Union to the United States Chamber of Commerce, and 35 computer scientists also signed briefs in the case, which is being considered in New York by the United States Court of Appeals for the Second Circuit.
“Seldom do you see the breadth and depth of legal involvement that we’re seeing today for a case that’s below the Supreme Court,” Bradford L. Smith, Microsoft’s general counsel, said in an interview.
The case involves a decision by Microsoft to defy a domestic search warrant seeking emails stored in a Microsoft data center in Dublin. Microsoft has argued that the search warrant could provide a dangerous precedent that is already leading to privacy concerns among customers. The case is especially relevant, the company says, to customers who are considering conducting more of their electronic business in the cloud.
(click here to continue reading Tech and Media Companies Back Microsoft in Privacy Case – NYTimes.com.)
You know who isn’t mentioned here or at Microsoft’s public blog page for this case? Google. I wonder why? Seems like a pretty high profile case to be siding with the US DOJ instead of privacy advocates.
Today represents an important milestone in our litigation concerning the U.S. Government’s attempt to use a search warrant to compel Microsoft to obtain and turn over email of a customer stored in Ireland. That’s because 10 groups are filing their “friend of the court” briefs in New York today.
Seldom has a case below the Supreme Court attracted the breadth and depth of legal involvement we’re seeing today. Today’s ten briefs are signed by 28 leading technology and media companies, 35 leading computer scientists, and 23 trade associations and advocacy organizations that together represent millions of members on both sides of the Atlantic.
We believe that when one government wants to obtain email that is stored in another country, it needs to do so in a manner that respects existing domestic and international laws. In contrast, the U.S. Government’s unilateral use of a search warrant to reach email in another country puts both fundamental privacy rights and cordial international relations at risk. And as today’s briefs demonstrate, the impacts of this step are far-reaching.
Today’s briefs come from:
Leading technology companies such as Verizon, Apple, Amazon, Cisco, Salesforce, HP, eBay, Infor, AT&T, and Rackspace. They’re joined by five major technology trade associations that collectively represent most of the country’s technology sector, including the BSA | The Software Alliance and the Application Developers Alliance. These groups raise a range of concerns about the significant impact this case could have both on the willingness of foreign customers to trust American technology and on the privacy rights of their customers, including U.S. customers if other governments adopt the approach to U.S. datacenters that the U.S. Government is advocating here.
Seventeen major and diverse news and media companies, including CNN, ABC, Fox News, Forbes, the Guardian, Gannett, McClatchy, the Washington Post, the New York Daily News, and The Seattle Times. They’re joined by ten news and media associations that collectively represent thousands of publications and journalists. These include the Newspaper Association of America, the National Press Club, the European Publishers Council, and the Reporters Committee for Freedom of the Press. These organizations are concerned that the lower court’s decision, if upheld, will erode the legal protections that have long restricted the government’s ability to search reporters’ email for information without the knowledge of news organizations.
(click here to continue reading Business, Media and Civil Society Speak Up in Key Privacy Case – The Official Microsoft Blog.)Footnotes:
- not a sentence I’d thought I’d type [↩]
City of Chicago Emergency Management Surveillance Vehicle, probably with a Stingray device (taken at a Haymarket Riot Demonstration).
Remember those quaint old days when the United States had a Bill of Rights? And civil liberties were commonly respected?1
Attorney Matt Topic of Loevy & Loevy filed a suit against the Chicago Police Department last week.
The Chicago Police Department was sued Friday to force release of evidence that the department has purchased equipment that allows them to covertly scan people’s cell phones for detecting telephone numbers dialed and texted, tracking their location, and cell phones’ unique device identification numbers.
Cell site simulators, also known as IMSI catchers or stingrays, masquerade as cellphone towers to obtain data secretly from nearby cellular user devices.
“Many believe that Chicago Police have already deployed this kind of technology at protests,” said Matt Topic of Loevy & Loevy Attorneys at Law, which represents Chicago resident Freddy Martinez in the suit. “Local police departments in other states have widely used the technology, and have kept it secret, even to the courts, and even when it has been used to obtain evidence in a criminal case.”
“If the Chicago Police aren’t running afoul of the Fourth Amendment, they should have nothing to hide,” said Mr. Martinez. “This information will allow the public to learn the extent to which Chicago Police have this technology, and once we have that, we’ll pursue more information about how it is being used and whether Chicago Police are routinely using it to violate the Constitution.”
Mr. Martinez filed a FOIA request with Chicago Police looking for records documenting the purchase of this equipment. “FOIA and the Illinois Constitution are clear that all records related to the use of public funds are subject to disclosure,” said Topic, “yet Chicago Police have stonewalled Mr. Martinez for months.”
(click here to continue reading CPD Sued to Force Release Proof of Cell Phone Spying | Blog | Loevy & Loevy.)
and as Mr. Martinez says:
“Should federal, state, or local law enforcement be allowed to trick your cell phone into sharing information like your location, the numbers your called or texted, or your unique device ID without your consent?” asked Martinez. “Should they be deploying this kind of technology in secret? We don’t think so.”
Copies of the suit, No. 2014CH09565, are available here: Freddie Martinez v. Chicago Police Department.
From the suit, some additional background material, some of which we’ve blogged about, some not.
- as long as you were a white property owner [↩]
The No. 2 official at the Justice Department delivered a blunt message last month to Apple Inc. executives: New encryption technology that renders locked iPhones impervious to law enforcement would lead to tragedy. A child would die, he said, because police wouldn’t be able to scour a suspect’s phone, according to people who attended the meeting.
Apple executives thought the dead-child scenario was inflammatory. They told the government officials law enforcement could obtain the same kind of information elsewhere, including from operators of telecommunications networks and from backup computers and other phones, according to the people who attended.
Technology companies are pushing back more against government requests for cooperation and beefing up their use of encryption. On Tuesday, WhatsApp, the popular messaging service owned by Facebook Inc., said it is now encrypting texts sent from one Android phone to another, and it won’t be able to decrypt the contents for law enforcement.
AT&T Inc. on Monday challenged the legal framework investigators have long used to collect call logs and location information about suspects.
In a filing to a federal appeals court in Atlanta, AT&T said it receives an “enormous volume” of government requests for information about customers, and argued Supreme Court decisions from the 1970s “apply poorly” to modern communications. The company urged the courts to provide new, clear rules on what data the government can take without a probable cause warrant.
(click here to continue reading Apple and Others Encrypt Phones, Fueling Government Standoff – WSJ.)
Law enforcement officials are clever, they can find ways to get data in other ways, like this, for instance…
And good for Tim Cook – he suggests that Apple Inc. should not be in the business of enabling the police in their quest to snoop on our phones without first getting warrants. You know, like if we were living in a constitutional Democracy with a Bill of Rights again?
In June 2013, Mr. Snowden provided reporters with documents describing a government program called Prism, which gathered huge amounts of data from tech companies. At first, tech-company executives said they hadn’t previously heard of Prism and denied participating. In fact, Prism was an NSA code word for data collection authorized by the Foreign Intelligence Surveillance Court. Tech companies routinely complied with such requests.
More than a year later, tech executives say consumers still mistrust them, and they need to take steps to demonstrate their independence from the government.
Customer trust is a big issue at Apple. The company generates 62% of its revenue outside the U.S., where it says encryption is even more important to customers concerned about snooping by their governments.
These days, Apple Chief Executive Tim Cook stresses the company’s distance from the government.
“Look, if law enforcement wants something, they should go to the user and get it,” he said at The Wall Street Journal’s global technology conference in October. “It’s not for me to do that.”
In early September, Apple said the encryption on its latest iPhone software would prevent anyone other than the user from accessing user data stored on the phone when it is locked. Until then, Apple had helped police agencies—with a warrant—pull data off a phone. The process wasn’t quick. Investigators had to send the device to Apple’s Cupertino, Calif., headquarters, and backlogs occurred.
So the Senate Republicans blocked legislation ((S.2685: Uniting and Strengthening America by Fulfilling Rights and Ensuring Effective Discipline Over Monitoring Act of 2014)) that could theoretically protect us from government overreach. What a surprise!
Senate Republicans on Tuesday blocked a sweeping overhaul of the once-secret National Security Agency program that collects records of Americans’ phone calls in bulk.
But Tuesday’s vote only put off a debate over security and personal liberties until next year. While a Republican-controlled Senate is less likely to go along with the kinds of reforms that were in the bill, which sponsors had named the U.S.A. Freedom Act, the debate could further expose rifts between the party’s interventionist and more libertarian-leaning wings.
Under the bill, which grew out of the disclosures in June 2013 by Edward J. Snowden, the former intelligence contractor, the N.S.A. would have gotten out of the business of collecting Americans’ phone records. Instead, most of the records would have stayed in the hands of the phone companies, which would not have been required to hold them any longer than they already do for normal business purposes, which in some cases is 18 months.
The N.S.A., Mr. Snowden revealed, was systematically collecting such telephone metadata …from major American phone companies. The program began after the Sept. 11, 2001, terrorist attacks, based on an assertion of unilateral executive power by President George W. Bush. In 2006, the Foreign Intelligence Surveillance Court had secretly brought the program under its authority and started issuing orders under the Patriot Act to the companies for their records.
The proposed legislation would still have allowed analysts to perform so-called contact chaining in which they trace a suspect’s network of acquaintances, but they would been required to use a new kind of court order to swiftly obtain only those records that were linked, up to two layers away, to a suspect — even when held by different phone companies.
(click here to continue reading Bill to Restrict N.S.A. Data Collection Blocked in Vote by Senate Republicans – NYTimes.com.)
For all their chants about eliminating Big Gov’ment, Senator Mitch McConnell and his team secretly love expansion of federal reach. For the GOP: expanding government surveillance is good, controlling women’s uteruses is better, expanding defense contractors weaponry program is best. The only kind of government programs the GOP doesn’t like are things like SNAP, EPA, and so on. You know, the stuff that might actually help someone.
Also of note: Senator Rand Paul, Mr. Libertarian himself, voted no on this bill. Wonder how his acolytes will spin it? Especially since Senators Ted “Calgary” Cruz, Dean Heller, Mike Lee and Lisa Murkowski all voted yes…
From Bloomberg Businessweek, the tech industry was pushing for this bill:
The bill was an attempt to force spy agencies to collect only information sought through a court order and exclude the use of broad searches like by ZIP codes. A coalition of Internet and technology companies, which include Google Inc. and Twitter Inc., supported the Senate bill while saying the Republican-backed House version passed in May would still allow bulk collection of Internet user data.
U.S. Internet and technology companies say they’ve already lost contracts with foreign governments over the issue. Forrester Research Inc. estimates the backlash against NSA spying could cost as much as $180 billion in lost business. Facebook Inc., Microsoft Corp. and Apple Inc. are among the companies pushing for limits.
Americans learned of the spying in June 2013 when Snowden, a former NSA contractor revealed a program under which the U.S. uses court orders to compel companies to turn over data about their users. Documents divulged by Snowden also uncovered NSA hacking of fiber-optic cables abroad and installation of surveillance tools into routers, servers and other network equipment.
(click here to continue reading Senate Blocks Vote on Curbing NSA’s Bulk Data Collection Program – Businessweek.)
Devlin Barrett of the WSJ reports that the U.S. Justice Department is collecting data on phones through a novel approach: fake cellphone towers on airplanes that fly around the country. Warrants not necessary, of course, because when you clicked through the EULA terms on your new smartphone, you agreed that you gave up all rights to privacy. Well, probably, because who actually reads those things?
The Justice Department is scooping up data from thousands of mobile phones through devices deployed on airplanes that mimic cellphone towers, a high-tech hunt for criminal suspects that is snagging a large number of innocent Americans, according to people familiar with the operations.
The U.S. Marshals Service program, which became fully functional around 2007, operates Cessna aircraft from at least five metropolitan-area airports, with a flying range covering most of the U.S. population, according to people familiar with the program.
Planes are equipped with devices—some known as “dirt boxes” to law-enforcement officials because of the initials of the Boeing Co. unit that produces them1—which mimic cell towers of large telecommunications firms and trick cellphones into reporting their unique registration information.
The technology in the two-foot-square device enables investigators to scoop data from tens of thousands of cellphones in a single flight, collecting their identifying information and general location, these people said.
(click here to continue reading Americans’ Cellphones Targeted in Secret U.S. Spy Program – WSJ – WSJ.)
Sounds great. Warrants are so old fashioned, so 20th Century.
Or as Digby adds:
But never fear, they’ve assured us that they are only using it to catch bad guys.They have no interest in anything you might be doing. Well, unless you’re doing something wrong. If you are an upstanding citizen there’s little reason to worry that the police might be re-routing your phone calls without your knowledge right? Why should you care?
In fact, we really need to re-think that whole 4th Amendment thing altogether. When you think about it, you shouldn’t object to the police ransacking your house and your car without any probable cause either. They could be looking for someone they know is in your neighborhood. If you have nothing to hide in your home why would you object? Sure, they might find something they think is suspicious in your house when they go on their fishing expedition but maybe you shouldn’t have suspicious things in your house if you don’t want the cops finding it, eh?
This is what we call liberty.
(click here to continue reading Hullabaloo- Secrets and more secrets .)
Mariella Moon of Engadget writes
These dirtboxes are also sophisticated enough to mimic a particular provider. If a drug dealer under surveillance uses Verizon, for instance, then the machine pretends to be a Verizon cell tower and connects only to all the carrier’s subscribers in the area. Once a target’s phone is identified (at which point, connections to other people’s phones are dropped), the box can pinpoint his location within 3 meters and down to a specific room. The WSJ’s sources wouldn’t reveal how often planes loaded with these boxes are deployed (they have a flying range that covers the whole country’s population, by the way), but they said the Cessnas fly out regularly to target a handful of criminals per flight.
Obviously, the more densely populated the target area is, the more data the boxes collect, but it’s unclear what steps are in place to safeguard innocent people’s information. It’s also unclear at this point if they’ve ever used the newer dirtboxes’ capabilities, which include jamming phones and extracting messages, photos and other data remotely. If you’re thinking, “Hmmm fake cell towers? Those sound ominously familiar,” it’s because this isn’t the first time authorities used them. In fact, this dirtbox project sounds like a larger, airborne version of a previous one, wherein feds placed fake towers called “stingrays” in moving cars.
(click here to continue reading Flying fake cell towers target fugitives, but can ID your phone too.)
- Boeing subsidiary Digital Recovery Technology Inc. or DRT [↩]
FBI Director James Comey continues his public obfuscation tour, blaming the upcoming Joker and Riddler crime spree in Gotham on the fairly new ability of consumers to encrypt data on their own phones against unwilling intrusions by governments and other entities.
The director of the F.B.I., James B. Comey, said on Thursday that the “post-Snowden pendulum” that has driven Apple and Google to offer fully encrypted cellphones had “gone too far.” He hinted that as a result, the administration might seek regulations and laws forcing companies to create a way for the government to unlock the photos, emails and contacts stored on the phones.
But Mr. Comey appeared to have few answers for critics who have argued that any portal created for the F.B.I. and the police could be exploited by the National Security Agency, or even Russian and Chinese intelligence agencies or criminals. And his position seemed to put him at odds with a White House advisory committee that recommended against any effort to weaken commercial encryption.
Apple and Google have announced new software that would automatically encrypt the contents of cellphones, using codes that even the companies could not crack. Their announcement followed a year of disclosures from Edward J. Snowden, the former government contractor who revealed many government programs that collect electronic data, including information on Americans.
The new encryption would hinder investigations involving phones taken from suspects, recovered at crime scenes or discovered on battlefields. But it would not affect information obtained by real-time wiretaps, such as phone conversations, emails or text messages. And the government could still get information that is stored elsewhere, including emails, call logs and, in some cases, old text messages.
(click here to continue reading James Comey, F.B.I. Director, Hints at Action as Cellphone Data Is Locked – NYTimes.com.)
You know what isn’t mentioned in this long article? Warrants. I wonder why that is? Could it be that most criminal masterminds do not store their plans to rob Gotham National Bank solely upon their encrypted cellphones, leaving law enforcement completely in the dark? Possibly The Joker leaves other traces of his plan elsewhere? Or discusses his machinations with co-conspirators? According to Mr. Comey, without the government retaining the ability to tap into each and every one of our cellphones at any time, The Joker will win. He’ll win! He’ll win, Batman!
or as Marcy Wheeler rightfully notes, this seems to really be about warrantless searching, especially at the US border:
Encrypting iPhones might have the biggest impact on law enforcement searches that don’t involve warrants, contrary to law enforcement claims this is about warranted searches. As early as 2010, Customs and Border Patrol was searching around 4,600 devices a year and seizing up to 300 using what is called a “border exception.” That is when CBP takes and searches devices from people it is questioning at the border. Just searching such devices does not even require probable cause (though seizing them requires some rationale). These searches increasingly involve smart phones like the iPhone.
These numbers suggest border searches of iPhones may be as common as warranted searches of the devices. Apple provided account content to U.S. law enforcement 155 times last year. It responded to 3,431 device requests, but the “vast majority” of those device requests involved customers seeking help with a lost or stolen phone, not law enforcement trying to get contents off a cell phone (Consumer Reports estimates that 3.1 million Americans will have their smart phones stolen this year). Given that Apple has by far the largest share of the smart phone market in the U.S., a significant number of border device searches involving a smart phone will be an iPhone. Apple’s default encryption will make it far harder for the government to do such searches without obtaining a warrant, which they often don’t have evidence to get.
If law enforcement wants to retain this access, they should be honest about what they might lose and why every iPhone user should be asked to carry a phone that is susceptible to criminal targeting as a result. Trading default encryption for a limited law enforcement purpose is just that — a trade-off — and officials should be prepared to discuss it as such. And, as forensics expert Jonathan Zdziarski explains, there’s a mountain of other data still available to help law enforcement solve crimes. “There is such a mount of peripheral evidence out there that only a small handful of cases are even likely to have the iPhone be the sole smoking gun to begin with,” he explained. “Cops have iCloud data, iCloud backups, call records, voicemail records, text messages from the carrier (if obtained within a certain retention period), gmail, email, web logs, trap and trace, proxy logs, not to mention copies of data from other people involved or from the victims themselves, desktop backups (if available), sometimes even a desktop (as many criminals don’t use encryption at all). Add to that they’re eavesdropping on the whole damn Internet.”
(click here to continue reading America’s huge iPhone lie: Why Apple is being accused of coddling child molesters – Salon.com.)