NSA phone-records spying is totally, utterly illegal

As Julian Sanchez points out, the NSA's program of phone record collection is clearly, unequivocally, and totally illegal (and the Privacy and Civil Liberties Oversight Board agrees). The Patriot Act's section 215 allows the FBI to collect relevant records for a specific investigation.

The NSA isn't collecting records, it isn't the FBI, the data it collects isn't relevant, and there is no specific investigation. It's pretty amazing that there are still people (including Obama) insisting that the program is legal.

Read the rest

American spies don't need new powers to catch terrorists, they just have to start doing their jobs

In an excellent, well-argued editorial, CNN National Security Analyst Peter Bergen eviscerates the claim that the NSA's total, global surveillance is necessary for preventing 9/11-style attacks. Bergen shows how the US intelligence agencies' own auditors concluded that pre-PATRIOT Act surveillance powers were more than sufficient to have predicted and prevented the 9/11 attack, and many attacks since, including the 2008 Mumbai attack, which was planned in Chicago; Maj. Nidal Hasan's 2009 shooting spree at Ford Hood; the 2009 shooting of a soldier in Little Rock, Arkansas; Umar Farouk AbdulMutallab's failed underwear bomb attack in 2009. All attacks for which America's spies had advance warning and did nothing or not enough.

Read the rest

Apple hides a Patriot-Act-busting "warrant canary" in its transparency report


"A green budgie sitting on a human finger." Thomas Skjaeveland/Shutterstock.

The Patriot Act provides for secret warrants to spy on ISPs' customers. These "Section 215" warrants come with gag orders that mean that the company can't disclose their existence. This lack of transparency is ripe for abuse and is bad for ISPs' business. Apple is fighting back with a "warrant canary": they've published a transparency report (PDF) that states "Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge an order if served on us." If they are served with a 215 order in future, their next transparency report will drop this language, omitting any mention of 215, and keen-eyed watchers will know that they've been subjected to a secret order. I proposed a more ambitious version of this in September, though I was hardly the first person to suggest it. Good for Apple for using it.

Lavabit's owner threatened with arrest for shutting down rather than spying on customers


NBC reports that senior US Attorney James Trump sent Lavabit founder Ladar Levison and his lawyer a veiled arrest threat when Levison shut down his private email service (used by NSA leaker Edward Snowden) rather than comply with a secret order to spy on his customers. Nothing more can be said definitively, because the order to Levison came with a gag order prohibiting Levison from discussing it. Everyone is pretty sure that Levison was served with a National Security Letter.

This gives additional context to the decision of Lavabit competitor Silent Circle to pre-emptively shut down its own private email service as well, in advance of any sort of court order. If a secret court can issue a secret order requiring you to spy on your customers, and if shutting down the service will land you in jail, then simply not operating the kind of service that spooks find snoopworthy is the only option.

Read the rest