In 2013, the world learned that the NSA and its UK equivalent, GCHQ, routinely spied on the German government. Amid the outrage, artists Mathias Jud and Christoph Wachter thought: Well, if they’re listening … let’s talk to them. With antennas mounted on the roof of the Swiss Embassy in Berlin’s government district, they set up an open network that let the world send messages to US and UK spies listening nearby. It’s one of three bold, often funny, and frankly subversive works detailed in this talk, which highlights the world’s growing discontent with surveillance and closed networks.
With a string of high-profile hacks affecting everyone from Sony Picturesto the insurance company Anthem, there’s broad agreement that more needs to be done to secure the internet. On Tuesday, the Senate passed legislation that supporters say will boost internet security by encouraging companies to share information about online threats with one another and with the government. The vote was 74 to 21.
The legislation, the Cybersecurity Information Sharing Act (CISA), is backed by Sen. Richard Burr (R-NC), chair of the Senate Intelligence Committee, and the committee’s top Democrat, Sen. Dianne Feinstein (D-CA). The House of Representatives has already passed companion legislation, and the bill has support from the Obama administration. The only remaining steps are for the House and Senate to reconcile the differences between their bills — and for President Obama to sign the compromise.
But there’s something strange about this supposed cybersecurity legislation. It doesn’t have much support among security experts in the private sector. And two leading technology industry trade groups — representing giants like Google, Apple, and Microsoft that are targeted by hackers more than anyone else on the internet — oppose it.
Indeed, support for the legislation seems to have come mostly from US intelligence agencies, which would gain access to even more information about Americans’ online activities. It’s not clear how much CISA would expand government surveillance of Americans’ online activities, but critics say the broad information-sharing language in the legislation creates a privacy menace that far outweighs any benefits from increased online security.
The head of the National Security Agency on Thursday told Senate lawmakers that preventing his agency from collecting Americans’ information in bulk would make it harder to do its job.
Under questioning before the Senate Intelligence Committee, Adm. Michael Rogers agreed that ending bulk collection would “significantly reduce [his] operational capabilities.”
“Right now, bulk collection gives us the ability … to generate insights as to what’s going on,” Rogers told the committee.
The NSA head also referenced a January report from the National Academy of Sciences that concluded there is “no software technique that will fully substitute for bulk collection” because of the ability to search through the storehouse of old information.
“That independent, impartial, scientifically-founded body came back and said no, under the current structure there is no real replacement,” Rogers said.
Rogers was questioned on Thursday by Sen. Ron Wyden (D-Ore.), a member of the Intelligence Committee who has become its most vocal privacy hawk.
You just know in your bones that the NSA spied on you and shared that data with Britain’s GCHQ spy agency, right? So how can you confirm this? Through a new online tool offered by the British civil liberties group Privacy International.
Thanks to a legal victory Privacy International obtained earlier this year, the UK’s Investigatory Powers Tribunal is now required to search through data the GCHQ obtained from the NSA for information collected on anyone in the world if that person so requests it. If you request the info and the Tribunal finds something, it must let you know. The catch is you have to make the request before December 5, 2015. Privacy International has made this easy with its “Did GCHQ Illegally Spy on You?” online tool.
Earlier this year the Investigatory Powers Tribunal in the UK ruled that British intelligence services acted unlawfully when they accessed the private communications of millions of people that had been collected by the NSA under its mass-surveillance programs known as PRISM and Upstream and shared with the British spy agency. The PRISM program, which began in 2007, allowed the NSA to collect data in bulk from U.S. companies like Yahoo and Google. The Upstream program involved the collection of data from taps placed on hundreds of undersea cables outside the U.S.
The Tribunal will only search for records shared between the NSA and GCHQ prior to December 2014. And, unfortunately, it won’t reveal if the GCHQ obtained data about you on its own and/or shared it with the NSA, or if the NSA spied on you and didn’t share that data with GCHQ. The amount of data the Tribunal will search may also be limited.
“Once a claim is filed, the IPT will usually only search GCHQ’s records for unlawful activity during the year before the claim was submitted,” Privacy International notes. “What this means is that a claim submitted on 14 September 2015 would lead to records being searched for the time period between 14 September 2014 and 5 December 2014.”
There’s one other caveat about the request. The Tribunal can only search its data for information about you if you submit details such as your name, email address and phone number. Of course in submitting your email address and phone number, you’re potentially providing the British government with information it doesn’t already have about you. But, as Privacy International points out in its FAQ about the tool, there’s no way around this.
The good news is that if the tribunal does find information collected about you, GCHQ must delete that data once the investigation into your records is done, along with the request form you submitted.
Microsoft counsel addresses question of US search warrant for Hotmail emails stored in Ireland: ‘We would go crazy if China did this to us’
The United States government has the right to demand the emails of anyone in the world from any email provider headquartered within US borders, Department of Justice (DoJ) lawyers told a federal appeals court on Wednesday.
The case being heard in the second circuit court of appeals is between the US and Microsoft and concerns a search warrant that the government argues should compel Microsoft to retrieve emails held on a Hotmail server in Ireland.
Microsoft contends that the DoJ has exceeded its authority with potentially dangerous consequences. Organizations including Apple, the government of Ireland, Fox News, NPR and the Guardian have filed amicus briefs with the court, arguing the case could set a precedent for governments around the world to seize information held in the cloud. Judges have ruled against the tech company twice.
Counsel for Microsoft contends that the US search warrant should not have been used to compel it to hand over emails stored in Ireland. “This is an execution of law enforcement seizure on their land,” Joshua Rosenkranz, counsel for Microsoft, told the court. “We would go crazy if China did this to us.”
The DoJ contends that emails should be treated as the business records of the company hosting them, by which definition only a search warrant would be needed in order to compel the provision of access to them no matter where they are stored. Microsoft argues the emails are the customers’ personal documents and a US warrant does not carry the authority needed to compel the company to hand it over.
“This notion of the government’s that private emails are Microsoft’s business records is very scary,” Rosenkranz told the court.
The United States National Security Agency spied on French presidents Jacques Chirac, Nicolas Sarkozy and Francois Hollande, WikiLeaks said in a press statement published on Tuesday, citing top secret intelligence reports and technical documents.
The revelations were first reported in French daily Liberation and on news website Mediapart, which said the NSA spied on the presidents during a period of at least 2006 until May 2012, the month Hollande took over from Sarkozy.
WikiLeaks said the documents derived from directly targeted NSA surveillance of the communications of Hollande (2012–present), Sarkozy (2007–2012) and Chirac (1995–2007), as well as French cabinet ministers and the French ambassador to the U.S.
According to the documents, Sarkozy is said to have considered restarting Israeli-Palestinian peace talks without U.S. involvement and Hollande feared a Greek euro zone exit back in 2012.
These latest revelations regarding spying among allied Western countries come after it emerged that the NSA had spied on Germany and Germany’s own BND intelligence agency had cooperated with the NSA to spy on officials and companies elsewhere in Europe.
“The French people have a right to know that their elected government is subject to hostile surveillance from a supposed ally,” WikiLeaks founder Julian Assange said in the statement, adding that more “important revelations” would soon follow.
The documents include summaries of conversations between French government officials on the global financial crisis, the future of the European Union, the relationship between Hollande’s administration and Merkel’s government, French efforts to determine the make-up of the executive staff of the United Nations, and a dispute between the French and U.S. governments over U.S. spying on France.
The documents also contained the cell phone numbers of numerous officials in the Elysee presidential palace including the direct cell phone of the president, WikiLeaks said.
Last week, WikiLeaks published more than 60,000 diplomatic cables from Saudi Arabia and said on its website it would release half a million more in the coming weeks.
It’s been exactly two years since Edward Snowden’s first leak about the NSA’s collection of phone metadata appeared in the press, and in an op-ed that appears in Friday’s New York Times, the former NSA contractor reflects on what he’s accomplished. Recalling his time preparing for the first leak with three journalists, he writes, “Privately, there were moments when I worried that we might have put our privileged lives at risk for nothing — that the public would react with indifference, or practiced cynicism, to the revelations. Never have I been so grateful to have been so wrong.”
Snowden goes on to note that the disclosures created a “change in global awareness,” and lauds the legal and technological steps taken against mass surveillance, particularly in the U.S.:
In a single month, the N.S.A.’s invasive call-tracking program was declared unlawful by the courts and disowned by Congress. After a White House-appointed oversight board investigation found that this program had not stopped a single terrorist attack, even the president who once defended its propriety and criticized its disclosure has now ordered it terminated.
This is the power of an informed public.
He concludes that while the right to privacy is still being threatened around the world, the disclosures continue to chip away at the surveillance state (hours earlier, the New York Times and Pro Publica published the results of a joint investigation based on Snowden’s trove of documents):
We are witnessing the emergence of a post-terror generation, one that rejects a worldview defined by a singular tragedy. For the first time since the attacks of Sept. 11, 2001, we see the outline of a politics that turns away from reaction and fear in favor of resilience and reason. With each court victory, with every change in the law, we demonstrate facts are more convincing than fear. As a society, we rediscover that the value of a right is not in what it hides, but in what it protects.
It’s an enticing thought, but U.S. politicians will probably redouble their fearmongering efforts as we get closer to the 2016 election.