Homeland Security Internet Watch List leaked; Boing Boing omitted from list of must-read sites for domestic spying

I am outraged that our blog once again failed to make it on to the list of websites the U.S. Department of Homeland Security's command center routinely monitors. The grandfather of all rogue leak sites, Cryptome, published a copy of the 2011 edition of the government document (PDF link to document copy). Apparently, there's a new 2012 version some have seen, on which a current round of news coverage is based.

There's a Reuters article summarizing its significance here:

A "privacy compliance review" issued by DHS last November says that since at least June 2010, its national operations center has been operating a "Social Networking/Media Capability" which involves regular monitoring of "publicly available online forums, blogs, public websites and message boards." The purpose of the monitoring, says the government document, is to "collect information used in providing situational awareness and establishing a common operating picture."

The document adds, using more plain language, that such monitoring is designed to help DHS and its numerous agencies, which include the U.S. Secret Service and Federal Emergency Management Agency, to manage government responses to such events as the 2010 earthquake and aftermath in Haiti and security and border control related to the 2010 Winter Olympics in Vancouver, British Columbia.

"This is a representative list of sites that the NOC will start to monitor in order to provide situational awareness and establish a common operating picture under this Initiative," the document reads.

Oh fine, so, the imminent Yeti invasion isn't something that needs to be monitored? Read the rest

Whistleblower site Cryptome.org shut down by Microsoft over leaked surveillance doc

John Young and Deborah Natsios' whistleblower archive Cryptome has long been a thorn in the flesh of US government agencies. But if my memory serves correctly, none of them ever managed to do what Microsoft did today: shut the site down.

Network Solutions shut off the lights in response to a DMCA notice, after Cryptome published a 22-page Microsoft document outlining how the company stores private user data in its web-connected servers. The document also explains how government agencies can access that personal data.

More at Wired News, and you can download the disputed PDF here. More at ReadWriteWeb, with comments from the EFF.

[ Photo: John Young of Cryptome, shot by Declan McCullagh, NYC, 2001.]

Previously:Boing Boing: Cryptome founder John Young profiled in Radar ABC News story on Cryptome.org Cryptome: Eyeballing Katrina Cryptome gallery of Bush Bulge pics Read the rest

What do ISPs charge the law to spy on you?

Cryptome is hosting several ISPs' pricelists and guidelines for "lawful spying" activities on behalf of law enforcement. Included is Yahoo's price-guide (hilariously, Yahoo tried to send them a copyright takedown notice to make this go away).

One of the more remarkable elements of Yahoo's document is the sheer quantity of material that Yahoo retains for very, very long periods. From /.: "IP logs last for one year, but the original IPs used to create accounts have been kept since 1999. The contents of your Yahoo account are bought for $30 to $40 by law enforcement agencies."

Yahoo! will seek reimbursement based on the actual time expended by Yahoo!'s compliance staff in complying with the request. The average costs related to compliance matters are listed below for your convenience. These estimates are neither a ceiling nor a floor but represent the average costs of typical searches. Time spent may vary considerably based on the wording of the request and the information available about the user. These time estimates are also based on narrowly tailored requests that do not require extensive searches in multiple databases. These estimates are not price quotes, budgets, or guarantees and should not be used for budgeting purposes. Yahoo! reserves the right to adjust its estimates and reimbursement charges as necessary.

* Basic subscriber records: approx. $20 for the first ID, $10 per ID thereafter

* Basic Group Information (including information about moderators): approx. $20 for a group with a single moderator

* Contents of subscriber accounts, including email: approx.

Read the rest