In 2013, the world learned that the NSA and its UK equivalent, GCHQ, routinely spied on the German government. Amid the outrage, artists Mathias Jud and Christoph Wachter thought: Well, if they’re listening … let’s talk to them. With antennas mounted on the roof of the Swiss Embassy in Berlin’s government district, they set up an open network that let the world send messages to US and UK spies listening nearby. It’s one of three bold, often funny, and frankly subversive works detailed in this talk, which highlights the world’s growing discontent with surveillance and closed networks.
With a string of high-profile hacks affecting everyone from Sony Picturesto the insurance company Anthem, there’s broad agreement that more needs to be done to secure the internet. On Tuesday, the Senate passed legislation that supporters say will boost internet security by encouraging companies to share information about online threats with one another and with the government. The vote was 74 to 21.
The legislation, the Cybersecurity Information Sharing Act (CISA), is backed by Sen. Richard Burr (R-NC), chair of the Senate Intelligence Committee, and the committee’s top Democrat, Sen. Dianne Feinstein (D-CA). The House of Representatives has already passed companion legislation, and the bill has support from the Obama administration. The only remaining steps are for the House and Senate to reconcile the differences between their bills — and for President Obama to sign the compromise.
But there’s something strange about this supposed cybersecurity legislation. It doesn’t have much support among security experts in the private sector. And two leading technology industry trade groups — representing giants like Google, Apple, and Microsoft that are targeted by hackers more than anyone else on the internet — oppose it.
Indeed, support for the legislation seems to have come mostly from US intelligence agencies, which would gain access to even more information about Americans’ online activities. It’s not clear how much CISA would expand government surveillance of Americans’ online activities, but critics say the broad information-sharing language in the legislation creates a privacy menace that far outweighs any benefits from increased online security.
The head of the National Security Agency on Thursday told Senate lawmakers that preventing his agency from collecting Americans’ information in bulk would make it harder to do its job.
Under questioning before the Senate Intelligence Committee, Adm. Michael Rogers agreed that ending bulk collection would “significantly reduce [his] operational capabilities.”
“Right now, bulk collection gives us the ability … to generate insights as to what’s going on,” Rogers told the committee.
The NSA head also referenced a January report from the National Academy of Sciences that concluded there is “no software technique that will fully substitute for bulk collection” because of the ability to search through the storehouse of old information.
“That independent, impartial, scientifically-founded body came back and said no, under the current structure there is no real replacement,” Rogers said.
Rogers was questioned on Thursday by Sen. Ron Wyden (D-Ore.), a member of the Intelligence Committee who has become its most vocal privacy hawk.
You just know in your bones that the NSA spied on you and shared that data with Britain’s GCHQ spy agency, right? So how can you confirm this? Through a new online tool offered by the British civil liberties group Privacy International.
Thanks to a legal victory Privacy International obtained earlier this year, the UK’s Investigatory Powers Tribunal is now required to search through data the GCHQ obtained from the NSA for information collected on anyone in the world if that person so requests it. If you request the info and the Tribunal finds something, it must let you know. The catch is you have to make the request before December 5, 2015. Privacy International has made this easy with its “Did GCHQ Illegally Spy on You?” online tool.
Earlier this year the Investigatory Powers Tribunal in the UK ruled that British intelligence services acted unlawfully when they accessed the private communications of millions of people that had been collected by the NSA under its mass-surveillance programs known as PRISM and Upstream and shared with the British spy agency. The PRISM program, which began in 2007, allowed the NSA to collect data in bulk from U.S. companies like Yahoo and Google. The Upstream program involved the collection of data from taps placed on hundreds of undersea cables outside the U.S.
The Tribunal will only search for records shared between the NSA and GCHQ prior to December 2014. And, unfortunately, it won’t reveal if the GCHQ obtained data about you on its own and/or shared it with the NSA, or if the NSA spied on you and didn’t share that data with GCHQ. The amount of data the Tribunal will search may also be limited.
“Once a claim is filed, the IPT will usually only search GCHQ’s records for unlawful activity during the year before the claim was submitted,” Privacy International notes. “What this means is that a claim submitted on 14 September 2015 would lead to records being searched for the time period between 14 September 2014 and 5 December 2014.”
There’s one other caveat about the request. The Tribunal can only search its data for information about you if you submit details such as your name, email address and phone number. Of course in submitting your email address and phone number, you’re potentially providing the British government with information it doesn’t already have about you. But, as Privacy International points out in its FAQ about the tool, there’s no way around this.
The good news is that if the tribunal does find information collected about you, GCHQ must delete that data once the investigation into your records is done, along with the request form you submitted.
Microsoft counsel addresses question of US search warrant for Hotmail emails stored in Ireland: ‘We would go crazy if China did this to us’
The United States government has the right to demand the emails of anyone in the world from any email provider headquartered within US borders, Department of Justice (DoJ) lawyers told a federal appeals court on Wednesday.
The case being heard in the second circuit court of appeals is between the US and Microsoft and concerns a search warrant that the government argues should compel Microsoft to retrieve emails held on a Hotmail server in Ireland.
Microsoft contends that the DoJ has exceeded its authority with potentially dangerous consequences. Organizations including Apple, the government of Ireland, Fox News, NPR and the Guardian have filed amicus briefs with the court, arguing the case could set a precedent for governments around the world to seize information held in the cloud. Judges have ruled against the tech company twice.
Counsel for Microsoft contends that the US search warrant should not have been used to compel it to hand over emails stored in Ireland. “This is an execution of law enforcement seizure on their land,” Joshua Rosenkranz, counsel for Microsoft, told the court. “We would go crazy if China did this to us.”
The DoJ contends that emails should be treated as the business records of the company hosting them, by which definition only a search warrant would be needed in order to compel the provision of access to them no matter where they are stored. Microsoft argues the emails are the customers’ personal documents and a US warrant does not carry the authority needed to compel the company to hand it over.
“This notion of the government’s that private emails are Microsoft’s business records is very scary,” Rosenkranz told the court.
The United States National Security Agency spied on French presidents Jacques Chirac, Nicolas Sarkozy and Francois Hollande, WikiLeaks said in a press statement published on Tuesday, citing top secret intelligence reports and technical documents.
The revelations were first reported in French daily Liberation and on news website Mediapart, which said the NSA spied on the presidents during a period of at least 2006 until May 2012, the month Hollande took over from Sarkozy.
WikiLeaks said the documents derived from directly targeted NSA surveillance of the communications of Hollande (2012–present), Sarkozy (2007–2012) and Chirac (1995–2007), as well as French cabinet ministers and the French ambassador to the U.S.
According to the documents, Sarkozy is said to have considered restarting Israeli-Palestinian peace talks without U.S. involvement and Hollande feared a Greek euro zone exit back in 2012.
These latest revelations regarding spying among allied Western countries come after it emerged that the NSA had spied on Germany and Germany’s own BND intelligence agency had cooperated with the NSA to spy on officials and companies elsewhere in Europe.
“The French people have a right to know that their elected government is subject to hostile surveillance from a supposed ally,” WikiLeaks founder Julian Assange said in the statement, adding that more “important revelations” would soon follow.
The documents include summaries of conversations between French government officials on the global financial crisis, the future of the European Union, the relationship between Hollande’s administration and Merkel’s government, French efforts to determine the make-up of the executive staff of the United Nations, and a dispute between the French and U.S. governments over U.S. spying on France.
The documents also contained the cell phone numbers of numerous officials in the Elysee presidential palace including the direct cell phone of the president, WikiLeaks said.
Last week, WikiLeaks published more than 60,000 diplomatic cables from Saudi Arabia and said on its website it would release half a million more in the coming weeks.
It’s been exactly two years since Edward Snowden’s first leak about the NSA’s collection of phone metadata appeared in the press, and in an op-ed that appears in Friday’s New York Times, the former NSA contractor reflects on what he’s accomplished. Recalling his time preparing for the first leak with three journalists, he writes, “Privately, there were moments when I worried that we might have put our privileged lives at risk for nothing — that the public would react with indifference, or practiced cynicism, to the revelations. Never have I been so grateful to have been so wrong.”
Snowden goes on to note that the disclosures created a “change in global awareness,” and lauds the legal and technological steps taken against mass surveillance, particularly in the U.S.:
In a single month, the N.S.A.’s invasive call-tracking program was declared unlawful by the courts and disowned by Congress. After a White House-appointed oversight board investigation found that this program had not stopped a single terrorist attack, even the president who once defended its propriety and criticized its disclosure has now ordered it terminated.
This is the power of an informed public.
He concludes that while the right to privacy is still being threatened around the world, the disclosures continue to chip away at the surveillance state (hours earlier, the New York Times and Pro Publica published the results of a joint investigation based on Snowden’s trove of documents):
We are witnessing the emergence of a post-terror generation, one that rejects a worldview defined by a singular tragedy. For the first time since the attacks of Sept. 11, 2001, we see the outline of a politics that turns away from reaction and fear in favor of resilience and reason. With each court victory, with every change in the law, we demonstrate facts are more convincing than fear. As a society, we rediscover that the value of a right is not in what it hides, but in what it protects.
It’s an enticing thought, but U.S. politicians will probably redouble their fearmongering efforts as we get closer to the 2016 election.
The legislation will ban bulk collection of records, backers say.
The mass surveillance-reforming USA Freedom Act passed the Senate on Tuesday afternoon, ending an impasse on reauthorization of three surveillance authorities and putting in motion a purportedly permanent end to the government’s automatic bulk collection of U.S. phone records.
President Barack Obama supports the legislation and likely will sign it into law at the earliest opportunity, reinstating and modifying surveillance powers that lapsed Sunday night through 2019.
Within six months, the National Security Agency will need to abandon its wholesale collection of phone records and transition to acquiring call logs of targets and those of their contacts as needed in intelligence investigations.
Thirty-two senators voted against the legislation, which would not require phone companies to store records longer than they currently do.
Federal regulations require landline phone providers to keep records at least 18 months, but wireless and online call providers have retention policiesranging from zero days to 10 years, introducing the potential for privacy-conscious carrier changes.
The legislation ultimately backed by 67 senators blocks the government from transferring mass phone record collection to other authorities, such as national security letter statutes or Section 214 of the Patriot Act – one of 14 Patriot Act provisions made permanent in 2005.
The legal authority for U.S. spy agencies’ collection of Americans’ phone records and other data expired at midnight on Sunday after the Senate failed to pass legislation extending their powers.
After debate pitting Americans’ distrust of intrusive government against fears of terrorist attacks, the Senate voted to advance reform legislation that would replace the bulk phone records program revealed two years ago by former National Security Agency contractor Edward Snowden.
Although the Senate did not act in time to keep the program from expiring, the vote was at least a partial victory for Democratic President Barack Obama, who had pushed for the reform measure as a compromise addressing privacy concerns while preserving a tool to help protect the country from attack.
But final Senate passage was delayed until at least Tuesday by objections from Senator Rand Paul, a libertarian Republican presidential hopeful who has fulminated against the NSA program as illegal and unconstitutional.
As a result, the government’s collection and search of phone records terminated at midnight when key provisions of a post-Sept. 11, 2001, law known as the USA Patriot Act expired.
In addition, U.S. law enforcement and security agencies will lose authority to conduct other programs.
Those allow for “roving wiretaps” aimed at terrorism suspects who use multiple disposable cell phones; permit authorities to target “lone wolf” suspects with no connection to specific terrorist groups, and make it easier to seize personal and business records of suspects and their associates.
President Obama pressured the Senate on Saturday to immediately authorize the USA Freedom Act.
“Today, I’m calling on Americans to join me in speaking with one voice to the Senate,” Obama said in his weekly address.
“Put the politics aside,” he said. “Put our national security first. Pass the USA Freedom Act — now.”
It struck a measured balance between privacy rights and protecting national security, he added.
“As president and commander in chief, my greatest responsibility is the safety of the American people,” Obama said.
“And in our fight against terrorists, we need to use every effective tool at our disposal – both to defend our security and to protect the freedoms and civil liberties enshrined in our Constitution.”
Obama also argued that extremists could exploit even the smallest gaps in the nation’s intelligence capabilities.
“Terrorists like al Qaeda and ISIL aren’t suddenly going to stop plotting against us at midnight tomorrow,” Obama said. “And we shouldn’t surrender the tools that help keep us safe.”
“It would be irresponsible,” Obama added. “It would be reckless. And we shouldn’t allow it to happen.”
The USA Freedom Act would renew several major counterterrorism and intelligence measures detailed in the Patriot Act.
It was also stop the bulk, warrantless collection of individual phone records by the National Security Administration.
Advocates argue the USA Freedom Act presents a compromise between privacy and national security concerns.
Critics have countered it still allows too much government overreach into the personal lives of everyday Americans.
Sen. Rand Paul (R-Ky.) has led the Senate attack against the Patriot Act and similar alternative legislation.
The GOP presidential candidate and his supporters have charged the law violates the constitutional rights of U.S. citizens.