A USA Today investigation has discovered a network of paid informants working for Amtrak and nearly every US airline who illegally delve into passengers' travel records to find people who might be traveling with a lot of cash: these tip-offs are used by the DEA to effect civil forfeiture -- seizing money without laying any charges against its owner, under the rubric that the cash may be proceeds from drug sales. One Amtrak secretary was secretly paid $854,460 to raid her employer's databases for the DEA. Read the rest
Stingrays -- the trade name for an "IMSI catcher," a fake cellphone tower that tricks cellphones into emitting their unique ID numbers and sometimes harvests SMSes, calls, and other data -- are the most controversial and secretive law-enforcement tools in modern American policing. Harris, the company that manufactures the devices, swears police departments to silence about their use, a situation that's led to cops lying to judges and even a federal raid on a Florida police department to steal stingray records before they could be introduced in open court. Read the rest
The Supreme Court -- at the behest of the US government -- has announced changes to "Rule 41," a crucial procedure of the US court system, which will give law enforcement sweeping powers to hack into computers anywhere in the world, including victims' computers, with drastically reduced oversight. Read the rest
Ever since the TSA broke the law and abused him, Sai has been suing them over their illegal conduct, forcing them into court and then demonstrating to the court that the agency refuses to play by any rules, even its own. Read the rest
The Electronic Frontier Foundation's Cindy Cohn is on fire: "Let’s be clear: Under international human rights law, secret “law” doesn’t even qualify as 'law' at all." Read the rest
Microsoft read the email of Hotmail users without a warrant, in order to catch someone who'd leaked some Microsoft software. When they were caught out, the pointed out that they'd always reserved the right to read Hotmail users' email, and tried to reassure other Hotmail users by saying that they were beefing up the internal process by which they decided whose mail to read and when.
Now, citing the "'post-Snowden era' in which people rightly focus on the ways others use their personal information," the company has announced that it will not read its users' email anymore when investigating theft or copyright violations -- instead, it will refer this sort of thing to the police in future (they still reserve the right to read your Hotmail messages without a court order under other circumstances).
As Techdirt's Mike Masnick points out, this is a most welcome change. The message announcing the change by Brad Smith (General Counsel & Executive Vice President, Legal & Corporate Affairs) is thoughtful and forthright. It announces a future round-table on the questions raised by the company's snooping that the Electronic Frontier Foundation can participate in.
Smith asks a seemingly rhetorical question: "What is the best way to strike the balance in other circumstances that involve, on the one hand, consumer privacy interests, and on the other hand, protecting people and the security of Internet services they use?" That is indeed a fascinating question, but in the specific case of Hotmail, I feel like it has a pretty obvious answer: change your terms of service so that you promise not to read your customers' email without a court order. Read the rest
(click for full)
Despite the valiant efforts of the motley opposition in Ukraine, the tame Ukrainian Parliament has passed a brutal law that slides the country into full-on dictatorship. Forbidden under the new law on penalty of high fines and imprisonment: driving cars in columns that are more than five vehicles long; setting up an unauthorized sound system; distribution of "extremist opinion"; "mass disruptions" (10-15 years imprisonment!); collecting information on police or judges; and more.
The new law also demolishes the trappings of democracy: you can be convicted in absentia based on unsubstantiated hearsay; MPs can be arrested during plenary sessions; the state can order arbitrary Internet censorship; and legal service of documents now consists of signatures or "any other data." Read the rest
The UK Ministry of Defense has introduced by-laws in the vicinity of bases in the UK, making it a detainable offense to take pictures or make any image of any person or thing; to graze livestock; or to fail to clean up your dog's turds. The rules also allow the MoD to put you in jail "without warrant" for setting up protest camps on MoD property.
These rules come into effect just as a recent Snowden leak revealed that one of the bases in the UK was used by the NSA and GCHQ to spy on Oxfam, Medecins Sans Frontiers, as well as Angela Merkel. Another one of the affected bases is reportedly used to pilot drones deployed in Yemen.
All in all, the rules effect 150 bases around the UK. The MoD the second-largest landowner in the UK. Read the rest
Edward Snowden granted a 14-hour interview to the Washington Post, commenting on his relationship to the NSA, Russia, and the USA. It's a defiant, uncompromising, and principled interview. He says that his mission has been accomplished, because "I didn't want to change society. I wanted to give society a chance to determine if it should change itself," and that chance has arrived thanks to the sunlight he shone on the NSA's illegal spying activity.
He also says that he's still "working for the NSA" inasmuch as he's taking the only path he could identify to force the agency to conduct its affairs in accordance with the Constitution. And he defended leaking the documents he brought with, because "The oath of allegiance is not an oath of secrecy. That is an oath to the Constitution. That is the oath that I kept that Keith Alexander and James Clapper did not."
To those who say he overstepped ethical bounds by "electing himself" to disclose NSA wrongdoing, he counters that he was elected by the Congresspeople who were nominally overseeing the NSA, like Dianne Feinstein and Mike Rogers, as well as the judges of the FISA court -- that their dereliction of their duties left him with no alternative.
He vehemently denies that he did not attempt to raise the issues of mass spying internally at the NSA, and describes the "front page test" ("What do you think the public would do if this was on the front page?") that he routinely administered to his colleagues and superiors whenever they discussed the scope of spying. Read the rest
Two legislators have introduced legislation that would require the President to disclose his secret interpretation of America's spying laws. This is especially relevant in the wake of yesterday's Snoweden leaks showing how the NSA uses a secret interpretation of the FISA spying law to spy on Americans.
The new bill in the house complements a similar bill introduced in the Senate last week.
"In order to have an informed public debate on the merits of these programs, it is important for the American people to know how such programs have been authorized, their limits and their scope," said Rep. Adam Schiff (D-CA) in a statement.
"Particularly now that the existence of these programs has been acknowledged, I believe there is much more that can be shared with the public about their legal basis," Schiff said. "It is my hope that this legislation will increase transparency and inform the national debate about the surveillance authorities provided to the Intelligence Community. I also believe that requiring additional disclosure would provide another valuable check on any potential expansion of surveillance under these authorities, whether by this or any future Administration.”
Lawmakers introduce new bill to compel gov’t to declassify secret court opinions Read the rest
General Keith Alexander, who is in charge of the NSA, has asked Congress to pass legislation immunizing companies from liability if they break the law following NSA spying orders. While on its face this seems reasonable -- if the government orders you to do something, it seems unfair for its judicial branch to prosecute you -- it's really a tacit admission of NSA lawbreaking. Much more reassuring would be a promise from Alexander that his agency will limits its requests of companies to strictly lawful behavior, and a Congressional law immunizing companies that turn down NSA requests if they have a good faith basis for believing that the NSA is asking them to break the law.
Otherwise, as Mike Masnick points out, this is an invitation for companies and the NSA to conspire together for a campaign of lawless, criminal spying:
Read the rest
And, of course, rather than narrowly target this immunity, it appears that Alexander would like it as broad as possible.
One former White House aide told POLITICO that Alexander has been asking members of Congress for some time to adopt bill language on countermeasures that’s “as ill-defined as possible” — with the goal of giving the Pentagon great flexibility in taking action alongside Internet providers. Telecom companies, the former aide said, also have been asking Alexander for those very legal protections.
Given the revelations of the past few weeks, this seems like the exact wrong direction for Congress to be heading. We should want companies to push back against overaggressive demands from the government for information.
As we think about the postmortem on security procedures following from the Boston Marathon attack and plan on new procedures, Bruce Schneier has some crucial security design advice: don't forget transparency and accountability. Without these two crucial elements, security can't work:
Read the rest
Long ago, we realized that simply trusting people and government agencies to always do the right thing doesn't work, so we need to check up on them. In a democracy, transparency and accountability are how we do that. It's how we ensure that we get both effective and cost-effective government. It's how we prevent those we trust from abusing that trust, and protect ourselves when they do. And it's especially important when security is concerned.
First, we need to ensure that the stuff we're paying money for actually works and has a measureable impact. Law-enforcement organizations regularly invest in technologies that don't make us any safer. The TSA, for example, could devote an entire museum to expensive but ineffective systems: puffer machines, body scanners, FAST behavioral screening, and so on. Local police departments have been wasting lots of post-9/11 money on unnecessary high-tech weaponry and equipment. The occasional high-profile success aside, police surveillance cameras have been shown to be a largely ineffective police tool.
Sometimes honest mistakes led organizations to invest in these technologies. Sometimes there's self-deception and mismanagement -- and far too often lobbyists are involved. Given the enormous amount of security money post-9/11, you inevitably end up with an enormous amount of waste. Transparency and accountability are how we keep all of this in check.
The entire current issue of the Columbia Human Rights Law Review is given over to the tragic wrongful execution of Carlos DeLuna, an almost certainly innocent man who was murdered by the state of Texas on 8 December 1989. DeLuna's case is one where "everything that could go wrong did go wrong" in the words of Columbia law Professor James Liebman, who, with 12 students, wrote the 436-page issue. None of the evidence that would have exonerated DeLuna was considered by police or the prosecution, and the likely culprit, a man who was also named Carlos, and who was frequently mistaken for DeLuna, went free. It's a nightmarish account of a man whom the authorities "knew" to be guilty, who was killed despite his innocence. It's a chilling reminder where laws like the UK's stop-and-search rules (which allow police to stop and search without suspicion, if they "just know" there's something wrong) and the no-fly list (which allows for the arbitrary removal of the right to travel without any public airing of evidence or charge, when authorities "just know" you're not safe to fly) will inevitably end up.
From a Guardian story by Ed Pilkington:
Read the rest
From the moment of his arrest until the day of his death by lethal injection six years later, DeLuna consistently protested he was innocent. He went further – he said that though he hadn't committed the murder, he knew who had. He even named the culprit: a notoriously violent criminal called Carlos Hernandez.
The two Carloses were not just namesakes – or tocayos in Spanish, as referenced in the title of the Columbia book.
Vic Toews, the Canadian Tory MP pushing for the new spying bill says that people who oppose him are "standing with child pornographers." Mr Toews's bill will require ISPs to record all your online activity and give police access to those logs without a warrant. Ontario police recently busted a huge child-porn ring without needing any further spying power. In fact, no one can find any police investigation that has failed for lack of snooping powers. A leaked memo from the Canadian Association of Chiefs of Police shows that Canada's law enforcement has been scouring its records for evidence supporting the need for this bill, without luck.
(Thanks, Wild Rumpus!) Read the rest
The Oakland PD's use of projectile weapons such as flashbang grenades used in the assault (possibly by non-OPD officers) on the Occupy Oakland camp seems to violate the 2004 court settlement it agreed to in a class-action settlement with Iraq war demonstrators who were assaulted by police: "You would think that after signing an agreement and paying out taxpayer money to 'compensate' for abusive police practices, the Oakland Police Department would learn how to behave in a civilized fashion when dealing with people exercising their First Amendment rights." (Thanks, Cowicide!) Read the rest