Apple has apologized to its customers for allowing third-party contractors to listen in on audio picked up by Siri. The tech giant admitted that Siri was triggered by background noises including the sound of a “zipper” and regularly recorded intimate moments after a company whistleblower revealed the practice.
Category Archives: Privacy
Former NSA Director Says ‘Golden Age Of Electronic Surveillance’ Is Coming To An End, NSA Numbers Show He’s Wrong
(DCNF) Former National Security Agency and Central Intelligence Agency director Michael Hayden said in a podcast on Monday that the “golden age of electronic surveillance” is coming to an end, despite reports that indicate the opposite is true.
“Now we might be actually seeing another shift,” Hayden said on the podcast “Recode Decode,” citing the Christopher Steele dossier, adding that the new era will include “all human-sourced” information.
The NSA tripled its collection of American phone calls in 2017, going from 383 million records in 2016 to 534 million records in 2017, according to a U.S. intelligence agency report published on May 4. (RELATED: NSA Tripled The Amount Of Surveillance It Conducted In 2017)
Hayden, who was appointed Director of the NSA by both former presidents George W. Bush and Bill Clinton, made clear he was talking about “legitimate targets, and legitimate targeting,” implicitly trying to distant himself from the NSA’s collection of U.S. citizens’ data. “But it was the golden age of that,” he added.
But U.S. agencies also spied on more non-U.S. citizens living abroad in 2017 than in 2016, according to the same report. U.S. authorities spied on more than 129,000 non-U.S. citizens living abroad in 2017, which was 22,000 more than the previous year. The surveillance of foreigners increased about 45 percent in the past five years.
The U.S. government is not the only entity that conducts electronic surveillance — tech giants have come under fire recently for their role in collecting users’ data. Companies like Google, Facebook, Twitter and Amazon have all been scrutinized for either collecting phone calls, messages or even listening to conversations.
A Portland, Ore., family discovered their Amazon Echo listened, recorded and sent a private conversation to a person on their contacts list. Amazon said in a statement to The Daily Caller News Foundation on May 25 that the device allegedly “woke up due to a word in background conversation sounding like (the wake-up word) ‘Alexa.’ Then, the subsequent conversation was heard as a ‘send message’ request. At which point, Alexa said out loud ‘To whom?’ At which point, the background conversation was interpreted as a name in the customer’s contact list.”
ACLU: Amazon Is Selling Facial Recognition System To Local Law Enforcement
(DCNF) The American Civil Liberties Union (ACLU) Foundations of California revealed communications and other documents Tuesday that seem to show Amazon is offering its facial recognition services and products to local law enforcement.
Along with a diverse set of other organizations, the ACLU sent a letter to Amazon CEO Jeff Bezos calling for the tech giant to stop supplying the government with its facial recognition tool called “Rekognition.”
“Rekognition marketing materials read like a user manual for authoritarian surveillance,” Nicole Ozer, technology and civil liberties director for the ACLU of California, said in a statement provided to The Daily Caller News Foundation. “Once a dangerous surveillance system like this is turned against the public, the harm can’t be undone. Particularly in the current political climate, we need to stop supercharged surveillance before it is used to track protesters, target immigrants and spy on entire neighborhoods. We’re blowing the whistle before it’s too late.” (RELATED: DHS Seeking Facial Recognition Tech To Scan People’s Faces In Moving Cars)
The documents obtained “through a six-month ACLU investigation” show that Amazon has been trying to assist government agencies in states like Florida and Oregon in deploying the artificially intelligent spying apparatus. The city of Orlando, Fla., for example, has already been using Rekognition to identify people featured in government-deployed surveillance camera recordings, according to the ACLU.
The Washington County Sheriff’s Office in Oregon has reportedly created a mobile application using Rekognition’s unique capabilities, allowing it to scan images through its vast database of personal faces and their measurements. Several other governments have expressed interest in Amazon’s advanced technology, the ACLU alleges.
Facial recognition technology can be used to help nab criminals and arguably make certain processes more convenient. However, many, like the ACLU and other civil liberties groups, have deep-seated concerns with it being utilized for the wrong purposes and by the wrong entities.
The letter is also yet another example that as Amazon grows in power, so too does the larger public’s consternation with the company. (RELATED: There’s A Newfound Hatred Of Silicon Valley)
Concerns of surveillance have now joined other worries relating to antitrust, low wages, and an ostensibly cozy relationship with the Department of Defense.
Written by Eric Lieberman: follow Eric on Twitter.
This article was republished with permission from the Daily Caller News Foundation.
Five Years After Snowden, Michigan Set to Be First State to Impede NSA’s Warrantless Surveillance
On the heels of the fifth anniversary of whistleblower Edward Snowden’s disclosure of classified National Security Agency (NSA) documents to journalists, one state legislature has recently taken steps to hold the government agency accountable for its warrantless surveillance programs by making it illegal for state and local governments, including law enforcement and public utilities, to support the NSA’s warrantless spying on American citizens.
According to Michigan’s Fourth Amendment Rights Protection Act, also known as Public Act 71 of 2018, state and local governments can only assist or provide support to the federal government’s collection of data if there is a search warrant or the informed consent of the targeted party. The bill is set to take effect in just a few weeks on June 17th.
While the NSA has no publicly disclosed facility in the state, the bill’s proponents have asserted that it sends a clear message to the federal government regarding the lack of popularity for its warrantless wiretapping of millions of Americans in violation of the legal protections granted to them by the Constitution.
“It hangs up a sign on Michigan’s door saying, ‘No violation of the Fourth Amendment, look elsewhere’,” said Republican state Rep. Martin Howrylak, the bill’s author, according to the Washington Examiner. “Democrats as well as Republicans would certainly stand very strong in our position on what this law means.”
“This new law guarantees no state resources will be used to help the federal government execute mass warrantless surveillance programs that violate the Fourth Amendment protections enshrined in the U.S. Constitution,” Howrylak said soon after the bill was first passed earlier this year in March.
“Michigan will not assist the federal government with any data collection unless it is consistent with the constitution,” he added.
The Michigan law seeking to condemn the NSA’s most controversial program is not the first of its kind. However, it is the first to have been passed successfully without having been subsequently watered down. For instance, in 2014, state lawmakers in Maryland sought to shut off power and water to NSA headquarters but many of its sponsors dropped their support of the bill after a powerful political backlash. A similar bill was floated in Utah’s state legislature at the same time, but went nowhere after it was rejected by the state’s governor.
“It hangs up a sign on Michigan’s door saying, ‘No violation of the Fourth Amendment, look elsewhere.'”
The only state to have passed a bill similar to Michigan’s is California, which passed the Fourth Amendment Protection Act in 2014. However, that piece of legislation protects the Fourth Amendment in name only as it bans local assistance “in response to a request from a federal agency” and “if the state has actual knowledge that the request constitutes an illegal or unconstitutional collection.”
Despite the efforts being made by state legislatures to restore the Fourth Amendment, such efforts have been largely absent at the national level in recent years. Earlier this year, in January, Congress voted to extend the government’s warrantless surveillance of American citizens for another six years. However, Congress’ reauthorization of the program was more than a mere extension of the program as it actually helped expand the NSA’s authority by codifying some of the more controversial aspects of the program, suggesting that interest in protecting and restoring the Constitution is largely found at the state and local levels of government.
Illinois Moves to Legalize Police Drone Surveillance of Public Gatherings
Chicago, IL – Although Illinois passed legislation in 2013 requiring police to attain a warrant before using drones for most surveillance purposes, legislation reportedly backed by Chicago Mayor Rahm Emanuel would eliminate that restriction and allow the government to monitor large gatherings, rallies and protests using drones.
The proposal— SB 2562— by state Sen. Martin Sandoval (D-Chicago) would allow Illinois police departments to use drones for any “legitimate law enforcement purpose.”
“I don’t want Chicago to be the next Las Vegas-style outdoor terrorist attack. But I also don’t want drones to be surveilling everyone’s every move,” Sandoval said Thursday. “This legislation clearly is limited to drone usage for providing safety.”
Sandoval claimed the proposal would limit police drone use to large public gatherings.
“An individual’s private event, on their own property, would not fall under the exception for law enforcement for the use of a drone,” Sandoval said. “The bill states that large scale events are events that take place at a sports or entertainment area, a stadium, a convention hall, a special event center, an amusement facility, or an event open to the public on government property.”
Despite Sandoval’s assertions, the American Civil Liberties Union of Illinois has come out against the legislation, claiming that the change in law could allow for police to take pictures, record video, and even use facial recognition technology against peaceful protesters.
“Given Chicago’s history of surveillance against protestors and social justice advocates … the Chicago police should not be able to use this new, powerful tool to monitor protestors near silently and from above,” said Karen Sheley, the director of the ACLU Police Practices Project. “The legislation also ignores sweeping surveillance tools currently available to the police.”
Chicago police have a long history of surveillance of activists. Gizmodo reported that Mayor Emanual’s office objected to several additions suggested by the ACLU, including banning face recognition and banning weaponized drones. Additionally, Gizmodo noted that “the amendment includes no language barring drones from biometric data collection, nor does it include guidelines on how long such data is stored or who it’s shared with. Most troublingly, Sheley says the amendment opens a loophole that weakens the restrictions on drones equipped with weapons like tear gas or rubber bullets.”
“If this bill is passed, as drafted, during the next large scale political rally, drones could identify and list people protesting the Trump administration,” Sheley said. “The sight of drones overhead, collecting information, may deter people from protesting in a time when so many want to exercise their First Amendment rights….This is too much unchecked power to give to the police—in Chicago or anywhere.”
Reason reported that “the bill requires regular reporting of when police use drones and says any data collected must be deleted after 30 days unless it’s connected to a ‘criminal matter.’ It also forbids arming the drones with any sort of weapon, but only for this particular addition to the surveillance rules. Sheley worries that this new bill therefore creates a loophole that would allow police to arm drones for use in other circumstances.”
While drones can be an invaluable resource for law enforcement, critics are wary of agencies using them to monitor political activism. “The way it stands under this bill, if it’s passed, there’s a cheap tool to monitor First Amendment activity,” Sheley said, “and to collect information about who’s in the crowd and make lists of the people [attending].”
The Illinois Senate approved Sandoval’s drone rules, 36-2; the measure will now move to the House for a vote.
UK Parliamentary Committee Presses Zuckerberg to Address Privacy, User Data Questions
Damian Collins, Member of Parliament (MP) and chair of the UK’s Parliamentary Digital, Culture, Media and Sport (DCMS) Committee, recently issued a letter to Rebecca Stimson, the head of public policy at Facebook UK, renewing the committee’s request for Facebook CEO Mark Zuckerberg’s physical presence before Parliament as well as additional information detailing the company’s protocols.
Zuckerberg has repeatedly refused the committee’s multiple requests to appear for questioning. Most notably, following the Cambridge Analytica revelations earlier this year, the DCMS committee requested that “a senior Facebook executive” provide testimony about “how Facebook acquires, stores, and protects users’ data,” according to a report from The Verge. While Zuckerberg himself appeared before US Congress earlier this month and spoke with legislators for several hours, Facebook’s chief technical officer Mike Schroepfer met with the DCMS committee later in the month, during which he faced a reportedly tougher series of questioning regarding “the company’s data-collection techniques, oversight of app developers, fake accounts, political advertising and links to the voter-targeting firm Cambridge Analytica,” as noted by The New York Times.
In the request for Zuckerberg to appear before the DCMS committee, Collins expressed dissatisfaction with the information and responses provided by Schroepfer at the previous hearing and further claimed that Schroepfer “failed to answer fully” dozens of inquiries.
“This is especially disappointing to the committee considering that in his testimony to Congress Mark Zuckerberg also failed to give convincing answers to some questions,” Collins wrote.
“It is worth noting that, while Mr Zuckerberg does not normally come under the jurisdiction of the UK parliament, he will do so the next time he enters the country. We hope that he will respond positively to our request, but, if not, the committee will resolve to issue a formal summons for him to appear when he is next in the UK,” Collins noted.
[Related: Facebook Dodges New EU Privacy Regulations]
As Zuckerberg is reportedly set to visit with Parliamentary members later this month, he has been requested to appear before the committee on May 24. Collins listed the following questions to be answered by May 11, noting that “Mr. Schroepfer agreed that his team would follow up on the questions included below”:
1. What is the percentage of sites on the internet on which Facebook tracks users?
2. Did the Internet Research Agency use custom audiences? What targeting tools did the IRA use for their advertising? Did they have a custom audience for state-by-state campaigns/races in the USA? Did they use look-alike audiences from Facebook as part of their advertising spend?
3. What is Facebook’s definition of a political advertisement? What budget does Facebook put behind examining the parameters and use of political adverts?
4. How many developers did your enforcement team at Facebook take action against between 2011-2014?
5. Does the NDA signed with Dr Kogan prevent legal action being taken? What was the date of the agreement? Was there a payment made to Dr Kogan? [NB later in the session Mr. Schroepfer said that a) the date was June 2016 and that b) no payment was made, but it would be useful to have these points confirmed in writing. Confirmation was given in the session that the full NDA document would be provided to the Committee.]
6. Who was the person at Facebook responsible for the decision not to tell users affected in
2015?7. Who at Facebook heads up the investigation into Cambridge Analytica, including all the
strands of the investigation?8. Has Joseph Chancellor signed an NDA?
9. Agreement to provide documentation that Cambridge Analytica had certified the deletion of the data.
10. What was the number of paid adverts from the IRA during the US election?
11. From which country did the $2million that AIQ spent on ads come?
12. How many UK Facebook users and Instagram users were contacted by non-UK entities during the EU referendum?13. How many clicks or swipes does it take to alter your Facebook privacy settings on a
smartphone? What steps are you taking to reduce the lengthy process of changing one’s
privacy settings?14. What proportion of political campaigning ads globally are run on your platform? Do you have a rough estimate, based on average political campaign spend data?
15. What data on dark ads do you have?
16. Is it possible for Facebook to view pages set up during elections (e.g. the EU Referendum campaign) that host dark ads, and then are taken down a day later? Is it possible that no-one would ever be able to audit these dark ads, as no one (not even Facebook) would see them during the time they are online?
17. Was there any link between the US elections and the 2017 purge of fake accounts?
18. What proportion of the fake accounts you purged had any involvement from Russia?
19. Do you know how many developers were using and selling data on to third parties such as GSR? Is GSR the only company that has received letters from Facebook, demanding that they delete their Facebook data?
20. What kind of developer activity leading up to 2014 led to Facebook’s major policy changes related to sharing friends’ data? (Please give specific examples.) Were these changes responding to genuine concerns among Facebook users?
21. How many Facebook staff have been added to the app review team since 2014?
22. What is the legal situation regarding Facebook storing non-Facebook users’ data?
23. Did Facebook pass user information to Cambridge Analytica or to Aleksandr Kogan?
24. At the 8 February evidence session, Chris Matheson asked Simon Milner, “Have you
ever passed any user information over to Cambridge Analytica or any of its associated
companies?” Simon Milner replied “No”. Chris Matheson asked, “But they do hold a large
chunk of Facebook’s user data, don’t they?” Simon Milner said, “No. They may have lots of
data, but it will not be Facebook user data. It may be data about people who are on Facebook that they have gathered themselves, but it is not data that we have provided.” [Qq 447-448] Do you agree with this answer?25. At the time of Simon Milner’s testimony in February 2018, who at Facebook knew about
Cambridge Analytica? Who was in charge?26. When did Mark Zuckerberg know about Cambridge Analytica?
27. Can you tell us about the financial links between SCL and Cambridge Analytica? (In evidence Mr Schroepfer said he had knowledge to share about this.)
28. How much money has been made from fraudulent ads (for example – but not limited to- the recent case of financial expert Martin Lewis?) When you find out they have been fraudulent, do you return the money to the purchaser of the ads?
29. Can we see copies of adverts from AIQ? Who saw these adverts shown to? Who paid for them?
30. Why wasn’t GSR identified during audits of third party developers?
31. How can the feature allowing users to edit previews of article (in response to concerns over Fake News) be removed?
32. What work is Joseph Chancellor doing right now for Facebook? What is his job title? Was Facebook aware of Joseph Chancellor’s involvement in GSR at the time of his application to the company, or during his employment?
33. Mr Schroepfer said that recruitment is taking place to boost work being done in Myanmar. When is this happening and can you provide more details?
34. What is the average time taken to respond to content that has been reported to Facebook in the region?
35. How many fake accounts have been identified and removed in Myanmar?
36. How much of your revenue is derived from Myanmar?
37. Are custom audiences used as a tool by AIQ using the GSR data from the US? What was the total value of AIQ/Vote Leave spend on Facebook? Can we see examples and copies of adverts that they used? To whom were they sent, and who decided what kind of targeting to use?
38. Is there evidence that CA/SCL shared data with AIQ?
39. Why was data responsibility moved from Facebook Irl to Facebook Inc in California just one month before GDPR kicks in?
Facebook Dodges New EU Privacy Regulations
Amidst apologies over mishandling user data and the affirmation that the company is “offering everyone who uses Facebook the same privacy protections, controls and settings, no matter where they live,” the social network recently confirmed plans to shift all users outside the European Union (EU) to a Terms of Service agreement governed by US regulation. Currently, EU users agree to Terms of Service (ToS) under Irish law as the majority of Facebook’s EU user base is located in Ireland.
The move comes after EU announced plans to roll out a new, “game changing” policy aimed at protecting user privacy. The new regulations, dubbed the General Data Protection Regulation (GDPR), would fine companies that breach user privacy up to 4% of their annual profits. For Facebook, that would mean about $1.6 billion dollars based on 2017 reports.
Earlier this month, CEO Mark Zuckerberg said that Facebook would adhere “in spirit” to GDPR guidelines worldwide, but he did not confirm if this meant that US users would receive the same protection as those in the EU. The GDPR would affect up to 70% of Facebook’s user base, and moving users in Africa, Asia, Australia and Latin America from non-EU to US-governed terms and conditions would exempt Facebook from following GDPR guidelines. The social platform opened operations in Ireland in 2008, taking advantage of low corporate tax rates.
Under the new EU regulations— which will take effect next month— Facebook will have to ask users for permission to use their information for advertising purposes, but there will be no option to decline. This means that Facebook will continue to use their own data on user behavior in order to show targeted ads, and users will have to accept these terms via “permission screens” in order to view certain content.
According to a April 17th Facebook blog post, “People in the EU will start seeing these requests this week to ensure they have made their choices ahead of GDPR coming into effect on May 25. As part of our phased approach, people in the rest of the world will be asked to make their choices on a slightly later schedule, and we’ll present the information in ways that make the most sense for other regions.” However, Tuesday’s announcement about shifting users to ToS governed by US legislation raises questions about the motives behind the move as doing so means that Facebook will not be subject to GDPR sanctions.
In the US, a complaint filed on April 6 with the Federal Trade Commission accused Facebook of abusing user privacy through facial recognition practices after changes made this year to the site’s privacy policy allowed the company to scan photos for biometric data without consent.
Addressing reporters at Facebook corporate offices, Facebook Deputy Chief Privacy Officer Rob Sherman said that “Facebook users will be able to limit the kinds of data that advertisers use to target their pitches” but the option to opt-out completely will not be available. Sherman also added that “People can choose to not be on Facebook if they want.”
Last week, Ben Swann reported in a Reality Check episode about issues of privacy and data collection that were widely publicized following the news of personal data mishandling by Cambridge Analytica.
https://www.youtube.com/watch?v=PTxQf3qtjpk
ICE Faces Lawsuit Over Use of Warrantless Searches Via Secret Forensic Devices
The Electronic Privacy Information Center has filed a Freedom of Information Act lawsuit against the U.S. Immigration and Customs Enforcement regarding the agency’s use of forensic technology designed to hack cellphones. EPIC is attempting to clarify how ICE uses the devices to conduct warrantless electronic searches of cellphones and laptops along the U.S. border.
The digital rights group accuses ICE of failing to respond to previously filed records requests in a timely manner. EPIC is seeking all recent ICE contracts related to purchase of mobile forensics devices and technology; guidance, training materials, manuals, or other policies and procedures on ICE; and any information related to the use of mobile data forensics technology at the border.
“Over the last several years, ICE has tested various mobile forensic technologies.
Additionally, ICE has signed contracts with Cellebrite, a provider of mobile forensic technology,” EPIC writes in the complaint. Using one of Cellebrite’s devices ICE is able to electronically search travelers devices and access text messages, private emails, contact lists, and photos as well as other personal information. The company sells the Universal Forensic Extraction Devices (UFED) that unlock, decrypt, and extract phone data, including “real-time mobile data . . . call logs, contacts, calendar, SMS, MMS, media files, apps data, chats, passwords.”
Cellebrite is well known for maintaining close relationships with U.S. government agencies and police. The Israeli-based cybersecurity firm is the producer of the UFED Touch, the forensic extraction device which the FBI used to hack into the San Bernardino shooter’s iPhone in 2016. A partial list of Cellebrite’s known customers includes:
- Centers for Disease Control and Prevention
- Commodity Futures Trading Commission
- DEA, Department of Energy
- Department of State
- Defense Threat Reduction Agency
- DISA
- DoD
- DOE
- DOJ
- EPA
- FBI
- FDA
- Federal Law Enforcement Training Center
- Federal Prison System
- Forest Service
- FTC
- IRS
- NASA
- NIST
- Office of Inspector General
- Patent and Trademark Office
- Securities and Exchange Commision
- U.S. Air Force
- U.S. Army
- U.S. Coast Guard
- U.S. Customs and Border Protection
- U.S. Fish and Wildlife Services
- U.S. Immigrations and Customs Enforcement
- USDA
- U.S. Marshals Service
- U.S. Navy
- U.S. Secret Service
- USSOCOMM
- VA
- Washington Headquarters Services
In addition, in December 2016, it was revealed that more than 20 state police departments have also signed contracts with Cellebrite. Motherboard reported:
Cellebrite has sold its wares to regional agencies in 20 states, and likely many more, according to the cache of documents acquired by Motherboard. Those items specifically include Cellebrite’s range of Universal Forensic Extraction Devices (UFED); the typically laptop-sized or handheld devices for hoovering up data from phones. Some of the agencies note in the documents that they use the technology for legal searches of devices.
One month later it was reported that a hacker had stolen 900 GB of data from Cellebrite, including customer information, databases, and technical data related to Cellebrite’s products.
EPIC is not the only organization suing ICE for failing to disclose details on practices which likely violate the civil liberties of travelers. In December 2017, two organizations filed suit against ICE for failing to release records related to the agency’s use of devices to gather biometric data from immigrants. Mijente, an advocacy group focused on “promoting Latinx and Chicanx organizing and movement building,” and the National Immigration Project of National Lawyers Guild asked a federal court to force ICE and the Department of Homeland Security to release information related to the use of handheld devices used to gather biometric data from immigrants during raids.
The organizations state that ICE is responsible for promoting technologies with little oversight which endanger civil liberties. “The coinciding surge in immigration raids under the Trump Administration raises further alarm over whether such mobile biometric devices have adequate oversight and accountability,” the press release states. “As ICE increasingly promotes the use of such technologies, the public deserves to know the impact of their use on communities, including within immigrant communities and communities of color.”
The use of these devices is not surprising; since the beginning of the Trump administration, warrantless searches have increased as the border becomes an increasingly militarized surveillance checkpoint. In a statement to Congress last year, EPIC warned that enhanced surveillance at the border would negatively impact the rights of Americans. Based on the reported attempts at secrecy displayed by ICE and other agencies, it’s unknown how long the American public may have to keep waiting to find out what the federal government has been implementing.
Facebook Accused of Violating Privacy Via Facial Recognition Technology
On April 6, a coalition of consumer privacy organizations led by the Electronic Privacy Information Center filed a complaint with the Federal Trade Commission, accusing Facebook of violating individual’s privacy via the company’s facial recognition practices. The complaint focuses on changes to Facebook’s policy which went into effect in early 2018, namely the ability to scan user photos for biometric facial matches without consent.
The organizations say that Facebook is deceptively selling the facial recognition technology to users by encouraging them to identify people in photographs. “This unwanted, unnecessary, and dangerous identification of individuals undermines user privacy, ignores the explicit preferences of Facebook users, and is contrary to law in several state and many parts of the world,” the complaint states.
The coalition also claims Facebook’s policy violates the 2011 Consent Order with the Commission, calling the scanning of faces without “unlawful”. The organizations are calling on the FTC to reopen a 2009 investigation of Facebook due to recent revelations regarding Cambridge Analytica accessing millions of Facebook users private data. The Electronic Privacy Information Center has called on the FTC to investigate Facebook’s facial recognition practices since 2011.
“Facebook should suspend further deployment of facial recognition pending the outcome of the FTC investigation,” EPIC President Marc Rotenberg said.
Other organizations participating in the complaint against Facebook include The Campaign for a Commercial Free Childhood, The Center for Digital Democracy, The Constitutional Alliance, Consumer Action, The Consumer Federation of America, Consumer Watchdog, The Cyber Privacy Project, Defending Rights & Dissent, The Government Accountability Project, The Privacy Rights Clearinghouse, Patient Privacy Rights, The Southern Poverty Law Center, and The U.S. Public Interest Research Group.
This is not the first time Facebook has been under fire for their facial recognition technology. As far back as 2015, The Anti Media reported on a lawsuit involving a man who, despite not having a Facebook account, was fighting to get his “faceprint” from the company. The complaint was filed by Frederick William Gullen of Illinois. Gullen’s complaint stated:
Facebook is actively collecting, storing, and using — without providing notice, obtaining informed written consent or publishing data retention policies — the biometrics of its users and unwitting non-users … Specifically, Facebook has created, collected and stored over a billion ‘face templates’ (or ‘face prints’) — highly detailed geometric maps of the face — from over a billion individuals, millions of whom reside in the State of Illinois.
Although no federal law exists to govern the commercial use and collection of biometrics, Illinois and Texas have passed laws designed to protect the public. Illinois’ Biometric Information Privacy Act made it illegal to collect and store faceprints without obtaining informed written consent. The law also made it illegal for companies to sell, lease, or otherwise profit from a customer’s biometric information. Lawsuits filed against Facebook allege the company is violating BIPA because it makes faceprints without written consent.
With Facebook CEO Mark Zuckerberg facing pressure from the U.S. Congress and public, the company may shift towards privacy oriented practices. However, for the moment, users should be aware that their words and face are owned by Facebook and whoever else they decide to share the data with.
DHS “Media Monitoring Services” to Compile Database of Journalists
Washington, D.C. – A recently revealed plan to conduct surveillance of journalists, bloggers and other “media influencers,” by the Department of Homeland Security (DHS), has raised red flags among civil libertarians.
The program— known as “Media Monitoring Services”— is designed to give a contractor company “24/7 access to a password protected, media influencer database, including journalists, editors, correspondents, social media influencers, bloggers etc.” The solicitation for a suitable contractor was posted on April 3 on FedBizOps.gov for interested parties to apply. The listing says the deadline for contractor applicants is April 13 and that only companies “capable of performing the requirements of the attached Statement of Work (SOW) would be considered.
Forbes reported that “details of the attached Statement of Work, however, outline a plan to gather and monitor the public activities of media professionals and influencers and are enough to cause nightmares of constitutional proportions, particularly as the freedom of the press is under attack worldwide.”
The Media Monitoring Services program, advertised on April 3, states:
1.1 Background
NPPD’s mission is to lead the national effort to protect and enhance the resilience of the nation’s physical and cyber infrastructure. NPPD includes the Office of the Under Secretary (OUS) and five sub-components: the Office of Cybersecurity and Communications (CS&C), the Office of infrastructure Protection (IP), the Federal Protective Service (FPS), the Office of Biometric Identity Management (OBIM) and the Office of Cyber and Infrastructure Analysis (OCIA), which are headquartered with the National Capital Region (NCR). Along with NPPD/OUS, Public Affairs is responsible for media communication.
1.2 SCOPE
The contractor shall provide NPPD/OUS with traditional and social media monitoring and communications solutions.
OBJECTIVE
Services shall enable NPPD/OUS to monitor traditional news sources as well as social media, identify any and all media coverage related to the Department of Homeland Security or a particular event. Services shall provide media comparison tools, design and rebranding tools, communication tools, and the ability to identify top media influencers.
NPPD/OUS has a critical need to incorporate these functions into their programs in order to better reach Federal, state, local, tribal and private partners.
As Forbes has noted, it’s apparent that the “Media Monitoring Services” program is not about “media communication, but about media surveillance. The “monitor[ing] traditional news sources as well as social media” or “identify[ing] any and all media coverage related to the Department of Homeland Security or a particular event” is not about communication, as purported by DHS, but rather, about monitoring media— specifically journalists and “media influencers.”
Revealing the broad scope of the DHS-sponsored surveillance under the heading “Specific Requirements/Tasks,” the SOW lists “Task One: Online & Social Media Monitoring,” which involves the ability to “track global online sources for coverage relevant to Washington” and lists bullet points:
- Ability to track > 290,000 global news sources
- Ability to track online, print, broadcast, cable, radio, trade and industry publications, local sources, national/international outlets, traditional news sources, and social media
- Ability to track media coverage in > 100 languages, including Arabic, Chinese and Russian. Translation function to instantly translate these articles to English
- Ability to create up to 20 searches with each unlimited keywords
- Unlimited coverage per search (no cap on coverage)
- Ability to change the searches at keywords at any given time
- Ability to create unlimited data tracking, statistical breakdown, and graphical analyses on any coverage on an ad-hoc basis
Forbes revealed the ominous and pervasive nature of the media monitoring program:
Any and all media coverage,” as you might imagine, is quite broad and includes “online, print, broadcast, cable, radio, trade and industry publications, local sources, national/international outlets, traditional news sources, and social media.”
The database will be browsable by “location, beat and type of influencer,” and for each influencer, the chosen contractor should “present contact details and any other information that could be relevant, including publications this influencer writes for, and an overview of the previous coverage published by the media influencer.”
One aspect of the media coverage to be gathered is its “sentiment.
The New American reported that DHS planning “a long-term game is made clear in the ‘Period of Performance’ section. The options include “(1) 12-month, and four (4) 12-month option periods.”
After the listing saw public news coverage, DHS spokesman Tyler Q. Houlton tweeted:
Despite what some reporters may suggest, this is nothing more than the standard practice of monitoring current events in the media. Any suggestion otherwise is fit for tin foil hat wearing, black helicopter conspiracy theorists. https://t.co/XGgFFH3Ppl
— DHS Spokesperson (@SpoxDHS) April 6, 2018
While DHS claimed that this is “standard practice,” Bloomberg’s Big Law Business noted that “the request comes amid heightened concern about accuracy in media and the potential for foreigners to influence U.S. elections and policy through ‘fake news.'”
https://www.youtube.com/watch?v=4503ZDmzfoM
Trump Wants U.S. Military to Guard U.S.-Mexico Border Until Wall Is Complete
Update, April 4, 7:03 p.m.: The Associated Press has reported that “President Donald Trump will be signing a proclamation directing the departments of Defense and Homeland Security to work together with governors to deploy the National Guard to the southwest border.” The AP also noted that “Texas Gov. Greg Abbott’s office says he will add more National Guard members to the roughly 100 already deployed to the U.S.-Mexico border in the state. Abbott said in a statement Wednesday that he welcomed the Trump administration’s announcement that it will ‘immediately’ deploy guardsmen to the southwest border.”
Original article:
President Donald Trump has announced that his administration plans to use the military to secure the U.S.-Mexico border until a new border wall is built. The comments came from Trump during a lunch with world leaders and then again during a press conference; Trump originally claimed to have spoken about the plan with Secretary of Defense Jim Mattis. “We’re going to be doing things militarily until we can have a wall and proper security,” Trump said.
President Trump says he wants to use military to secure US-Mexico border until wall is built, calls it 'big step.' https://t.co/B2wNAXJCzK
— The Associated Press (@AP) April 3, 2018
“Until we can have a wall and proper security, we’re going to be guarding our border with the military. That’s a big step, we really haven’t done that before, or certainly not very much before.”
When questioned about the plan, Trump explained that the U.S. does not have laws, but instead has “catch-and-release.” Trump said that even when people are caught, they are immediately released and rarely come back to face court cases. Trump is ramping up his calls for border control following the recent omnibus budget bill, which failed to provide adequate funding for his multi-billion dollar vision. Trump was also upset about recent reports of a caravan of immigrants from across Latin America traveling through Mexico. Trump demanded Mexican officials take action and seemed to dare the caravan to try to cross the U.S. border.
According to the Associated Press, “Mexico routinely stops and deports Central Americans, sometimes in numbers that rival those of the United States. Deportations of foreigners dropped from 176,726 in 2015 to 76,433 in 2017, in part because fewer were believed to have come to Mexico, and more were requesting asylum in Mexico.”
As far as what Trump could actually order the military to do, his options may be a bit limited. Fox News reported that according to a memo obtained by Fox as well as discussions with officials, one area which the military could contribute patrols is at the Air Force’s Barry Goldwater live-fire range, along the Arizona-Mexico border.
Vox noted that Trump could follow the Obama and George W. Bush administrations by ordering the National Guard to the border. However, this practice has been ineffective and a financial waste in the past. In addition, The Posse Comitatus Act prevents the military from being involved in civilian law enforcement operations.
Still, despite any of these apparent legal or constitutional limitations, it should be noted that the U.S. government has been lurching further and further into surveillance of American citizens. Widespread mass surveillance via the internet, cellphones, closed-circuit cameras, automatic license plate readers, facial recognition cameras, and more have been pervading daily lives with increasing urgency, including under the Trump administration.
[RELATED: Civil Liberties Groups Warn CLOUD Act In Spending Bill Erodes Privacy]
In February, The Austin-American Statesman reported the U.S. Customs and Border Protection announced plans for a new pilot program that will test out biometric facial recognition technology as part of an effort to identify fugitives or terror suspects:
Thanks to quantum leaps in facial recognition technology, especially over the past year, the future is arriving sooner than most Americ, the future is arriving sooner than most Americans realize. As early as this summer, CBP will set up a pilot program to digitally scan the faces of drivers and passengers — while they are in moving vehicles — at the busy Anzalduas Port of Entry outside of McAllen, the agency announced Thursday.
The Texas-Mexico border is being used as testing grounds for the technology. The results of the pilot program will be used to help roll out a national program along the entire southern and northern borders. Additionally, it was recently reported that the U.S. Immigration and Customs Enforcement (ICE) agency now has access to a nationwide license plate recognition database after finalizing a contract with the industry’s top license plate data collection company. This database allows ICE to search a vehicle’s whereabouts over the last five years, as well as developing “hot lists” that can track particular vehicles indefinitely.
In February, it was revealed that the U.S. Immigration and Customs Enforcement (ICE) agency has access to a nationwide license plate recognition database after finalizing a contract with the industry’s top license plate data collection company. A copy of the contract shows that ICE finalized the deal in early January. The contract makes ICE the latest of several federal agencies who have access to billions of license plate records which can used for real-time location tracking.
In August 2017, Activist Post reported on the plans to launch a national program scan the faces of all airline passengers in the U.S. Customs and Border Protection launched a “Traveler Verification Service” (TVS) that intends to use facial recognition on all airline passengers, including U.S. citizens, boarding flights exiting the United States. That same month, it was reported that thirty-one sheriffs along the U.S.-Mexico border voted unanimously to adopt tools that will allow the collection and storing of iris scans.
When taken together, each of these pieces of information indicate a push towards a militarized border— one full of facial recognition cameras, license plate readers, biometric databases, social media monitoring, and ultimately, complete access to formerly private details.
Editor’s note, April 4, 2018, 7:03 p.m.: This article has been updated to reflect new information from the Associated Press regarding adding National Guard members to the U.S.-Mexico border in Texas.
Civil Liberties Groups Warn CLOUD Act In Spending Bill Erodes Privacy
Last Friday, President Donald Trump signed the controversial $1.3 trillion government spending bill into law, despite opposition from concerned citizens and senators who complained the public did not have adequate time to read the 2,232-page bill. The massive bill was handed to representatives on Wednesday night and put to a vote the following morning. The bill passed the House with a 256-167 vote and the Senate with a 65-32 vote, before being sent to Trump.
The vast majority of the funds— about $700 billion— will be going to the Department of Defense to continue funding America’s expanding empire. However, as is typical in Washington D.C., the bill was not only focused on government spending.
“In the final pages of the bill—meant only to appropriate future government spending—lawmakers snuck in a separate piece of legislation that made no mention of funds, salaries, or budget cuts,” The Electronic Frontier Foundation reported. “Instead, this final, tacked-on piece of legislation will erode privacy protections around the globe.”
The bill in question is The Clarifying Lawful Overseas Use of Data Act, or CLOUD Act, and its stated goal is to establish new standards for how the government acquires data outside of its jurisdiction. The CLOUD Act was heavily supported by the Department of Justice and major tech companies who stated the bill would advance consumer rights.
[RELATED: Trust Lost: How Social Media Users’ Data Should Be Protected]
Senators Ron Wyden (D-OR) and Rand Paul (R-KY) released a joint statement demanding the CLOUD Act not be included in the spending bill, and a coalition of 24 human rights and privacy advocates led by the American Civil Liberties Union condemned the bill. However, as the EFF noted, the bill was never reviewed or marked up by any committee in the House or the Senate before being put to a vote. Instead of being given time to debate the nuances of the bill, lawmakers voted on the bill as part of the trillion-dollar spending bill.
The EFF and the American Civil Liberties Union have both come out against the CLOUD ACT, with the EFF stating that the bill will give U.S. and foreign law enforcement “new mechanisms to seize data across the globe.” Neema Singh Guliani, legislative counsel with the ACLU, wrote in an op-ed for The Hill that the bill “would allow countries to wiretap on U.S. soil for the first time, including conversations that foreign targets may have with people in the U.S., without complying with Wiretap Act requirements.”
This includes private emails, instant messages, Facebook, Google, Snapchat, and any other communications or photos individuals have shared on the internet. The CLOUD Act will also allow foreign nations to access personal data that is stored on servers in the United States without approval by a judge. Finally, the bill grants the U.S. president the authority to sign “executive agreements” which give foreign agents access to data in the U.S., regardless of U.S. privacy laws.
The EFF outlined how the bill might work in real time:
London investigators want the private Slack messages of a Londoner they suspect of bank fraud. The London police could go directly to Slack, a U.S. company, to request and collect those messages. The London police would not necessarily need prior judicial review for this request. The London police would not be required to notify U.S. law enforcement about this request. The London police would not need a probable cause warrant for this collection. Predictably, in this request, the London police might also collect Slack messages written by U.S. persons communicating with the Londoner suspected of bank fraud. Those messages could be read, stored, and potentially shared, all without the U.S. person knowing about it. Those messages, if shared with U.S. law enforcement, could be used to criminally charge the U.S. person in a U.S. court, even though a warrant was never issued.
What are the implications for digital privacy and security? How might the CLOUD Act impact privacy protections guaranteed by the 4th Amendment?
Trust Lost: How Social Media Users’ Data Should Be Protected
Over the past few days, there has been public outrage over the way Facebook is handling personal data. This was brought to light by the recent scandal with Cambridge Analytica, but really should come as no surprise as Facebook has been treating its users this way since it launched back in 2004.
What Happened with Cambridge Analytica
The story that broke over the past few days is really just a piece of a much larger issue with Facebook and how they handle personal data. To summarize, a developer named Aleksandr Kogan developed an application in 2014 offering a personality quiz to Facebook users. About 270,000 users took the quiz, but in doing so they granted Kogan’s app access to not only their Facebook data, but the data of ALL of their Facebook friends as well— meaning the app now had data on 50 million users. Kogan then provided this data to Cambridge Analytica, who used it to create over 30 million psychographic profiles about potential voters.
Facebook is at fault for a major data breach because it failed to protect the personally identifiable information of its users.
1) Data Policy
Up until 2014, Facebook’s policy allowed for an application developer to ask permission from Facebook users to access their data. However, it also allowed the apps to collect that same data about ALL of that user’s friends on Facebook, without consent. Facebook changed this policy in 2014 to ensure that apps could not collect data on user’s friends, but at that point, the damage had been done.
An ex-Facebook employee on the privacy team stated, “At a company that was deeply concerned about protecting its users, this situation would have been met with a robust effort to cut off developers who were making questionable use of data. But when I was at Facebook, the typical reaction I recall looked like this: try to put any negative press coverage to bed as quickly as possible, with no sincere efforts to put safeguards in place or to identify and stop abusive developers. When I proposed a deeper audit of developers’ use of Facebook’s data, one executive asked me, ‘Do you really want to see what you’ll find?’”
2) Data Collection
The crux of the issue lies in the data that Facebook requires from new users in the first place. You are forced to provide your first name, last name, email or phone number, birthday and gender. The reason is simple – this information is a marketer’s (or a politician’s) targeting dream, and also the key to Facebook’s revenue and entire business model.
Facebook, however, does share blame with its users because when you sign up, you are agreeing to hand over rights regarding your personal information, so there is the level of consent. However, Facebook further deceives and confuses their users into thinking their information will not be disclosed by providing layers of permissions and privacy settings. If users were more aware about how much of their personal data was actually public (or being shared with government), they would be much more reserved in giving it away. Your personal data on Facebook is not private, and Zuckerberg has known this since the beginning. Obviously he has attempted to apologize for the below comments, but he has demonstrated no tangible actions to actually address the public concern.
How can you protect YOUR data?
1) Allow users to be anonymous if they want, untracked and free from surveillance and spying.
Anonymity means that site data is de-identified and not traceable to a person. As a result nearly all users data is public by default.
2) Maintain zero-knowledge on sensitive data.
This is essential in ensuring that users can chat freely with each other without the concern that the conversation is being monitored by anyone including Minds. All sensitive data on Minds is encrypted end to end whether in motion or at rest and original content is the property of the user.
3) 100% free and open source for public accountability and inspection.
Unlike top proprietary social networks, social media should be open source. You must be able to inspect code and even help contribute and build the network. This provides much needed community ownership and transparency into what the platform is actually doing, as opposed to simply taking their word for it.
This debate exposes the paradox between transparency and privacy, both of which are core principles of Internet freedom pioneers. Facebook has gotten themselves into a deadly trap by pretending they are giving people privacy with layered permissions levels and supposed ‘privacy’ settings while also exposing massive amounts of data without consent. They are handing over data to the highest bidders and the user has lost all control.
Social Networks must give that control back to the people. This is only the beginning of the privacy movement and we all must join together for a better future for everyone.
About the author:
Bill Ottman is an American internet entrepreneur, freedom of information activist and hacker based in New York City, best known as the CEO and co-founder of Minds, an open-source social networking service. He is a graduate of the University of Vermont, and co-founded Minds with John Ottman and Mark Harding in 2011.
Rand Paul: Deep State Exists, Uses Intelligence for Political Purposes
Washington, D.C.— Sen. Rand Paul (R-KY) said Tuesday during an appearance on The Laura Ingraham Show podcast that the term “deep state” accurately describes how an unelected bureaucracy of national security officials in positions of power exert influence without Congressional oversight.
“Absolutely, there is a deep state, because the deep state is the intelligence agencies that do not have oversight,” he said. “Only eight people in Congress know what they’re doing, and traditionally, those eight people have been a rubber stamp to let the intelligence communities do whatever they want. There is no skeptic among the eight people that are supposedly overseeing the intelligence community.”
The “Gang of Eight” that Paul referenced is made up of the majority and minority leaders of the House of Representatives and Senate, along with the chairmen and ranking members of the two intelligence committees, and are the select few members of Congress with real-time access to America’s most sensitive intelligence.
[RELATED: Reality Check: Ex CIA Director Says U.S. Meddles for a ‘Good Cause’]
Paul pointed out that he believed Obama-era CIA Director John Brennan, Director of National Intelligence James Clapper and others used intelligence collected “without any judicial warrants” for political purposes, in addition to “try to bring Trump down.”
“John Brennan and James Clapper were doing whatever the hell they wanted, without any judicial warrants, and I think there were numerous people in the Obama administration who were using intelligence — one, to try to bring Trump down; but two, also, they were using it for political purposes,” he said. “And this is very, very worrisome.”
Paul evidenced his point by noting Brennan’s politicized tweet over the weekend calling Trump a corrupt demagogue, and promising that America would “triumph” over him.
When the full extent of your venality, moral turpitude, and political corruption becomes known, you will take your rightful place as a disgraced demagogue in the dustbin of history. You may scapegoat Andy McCabe, but you will not destroy America…America will triumph over you. https://t.co/uKppoDbduj
— John O. Brennan (@JohnBrennan) March 17, 2018
“This is the real problem,” Paul said. “And [founding father James] Madison warned about this from the beginning. Madison said that men are not angels. And all you gotta do is look at John Brennan’s tweet to know that he’s not an angel. And listen to James Clapper lying to the Senate about whether they were spying on Americans.”
Paul previously tweeted that Brennan’s attacks on the “Bill of Rights” and “freedoms of every American” while running the CIA were “disgraceful.”
Further solidifying Paul’s point about “men are not angels,” Samantha Power, former UN Ambassador under President Obama, issued an ominous tweet: “Not a good idea to piss off John Brennan.”
Not a good idea to piss off John Brennan. https://t.co/VLg94OLL2R
— Samantha Power (@SamanthaJPower) March 17, 2018
Many took this tweet by Powers as an implicit threat on behalf of Brennan. After strong social media backlash following her tweet, Powers sent a follow-up tweet that aimed to walk back the implied threat she had first issued.
Whoa! Just home & see much misinterp. of earlier tweet. It’s testament to polarized times that it cd be misread as referring to something other than Brennan’s indignation. So will translate: not a good idea to upset @JohnBrennan bc/ he will raise an angry (& eloquent) voice. https://t.co/YgIjeKGAlp
— Samantha Power (@SamanthaJPower) March 18, 2018
Rand Paul’s commentary starts at roughly 21:30 in the podcast below.
https://www.youtube.com/watch?v=3E7BPxqTitg
Snowden Documents: NSA Worked to Track Bitcoin Users
A new report from The Intercept reveals that the National Security Agency has been able to track users of the popular cryptocurrency Bitcoin since at least 2013. The revelation is detailed in newly released classified documented obtained by whistleblower Edward Snowden and provided to the The Intercept. The documents show the agency accessing the fiber-optic cables which allow internet traffic to travel around the world in order to gain access to private information of bitcoin users.
The Intercept reported:
“Classified documents provided by whistleblower Edward Snowden show that the National Security Agency indeed worked urgently to target Bitcoin users around the world — and wielded at least one mysterious source of information to “help track down senders and receivers of Bitcoins,” according to a top-secret passage in an internal NSA report dating to March 2013. The data source appears to have leveraged the NSA’s ability to harvest and analyze raw, global internet traffic while also exploiting an unnamed software program that purported to offer anonymity to users, according to other documents.”
An internal NSA report from March 15, 2013 stated that the agency was interested in monitoring traffic for other cryptos; however, “Bitcoin is #1 priority”. Another memo from March 29, 2013 indicated that the NSA collected users’ passwords, internet history, and a unique device identification number known as a MAC address. The memo suggests analysts were also tracking internet users’ internet addresses, network ports, and timestamps. The documents also indicate the use of the NSA’s powerful internal search engine, XKeyScore.
“As of 2013, the NSA’s Bitcoin tracking was achieved through program code-named OAKSTAR, a collection of covert corporate partnerships enabling the agency to monitor communications, including by harvesting internet data as it traveled along fiber optic cables that undergird the internet,” The Intercept wrote. The NSA used a sub-program of OAKSTAR – known as MONKEYROCKET – to gather data from the Middle East, Europe, South America, and Asia.
MONKEYROCKET is also apparently falsely promoted to the public as a tool for anonymity. The documents describe MONKEYROCKET as a “non-Western Internet anonymization service” with a “significant user base” in Iran and China. One document notes that the goal of MONKEYROCKET was to “attract targets engaged in terrorism, [including] Al Qaida” to use the “browsing product,” which “the NSA can then exploit.” This is known as a honey pot in computer security. The NSA deceives users into believing they are secure and anonymous and then uses the program to track the activities of users. The documents do not clarify what type of program or software MONKEYROCKET actually is, but the description aligns with a virtual private network, or VPN, which is designed to encrypt and mask internet traffic.
Matthew Green, assistant professor at the Johns Hopkins University Information Security Institute, told The Intercept that the revelations are “bad news for privacy.” Green also said he is “pretty skeptical” that using Tor, the popular browser which promises anonymity, could escape the eyes and ears of the NSA. Green’s comments are bolstered by recently released documents which indicate that the TOR project is nearly entirely funded by agencies with connections to the U.S. government.
Another disturbing aspect of the latest Snowden revelation is the possibility that this program may have been used to illegally gather information in the Silk Road trial. In that trial, Ross Ulbricht was sentenced to three life sentences after the court was convinced he was the accused mastermind who created the Silk Road website which allowed drugs to be purchased using Bitcoin. Ulbricht’s attorneys attempted to have the charges thrown out throughout his trial because they believed the U.S. government had illegally obtained access to Ulbricht’s computers and property. The judge overruled such objections, and the entire premise was dismissed as a conspiracy. The Intercept noted that “although the documents leaked by Snowden do not address whether the NSA aided the FBI’s Silk Road investigation, they show the agency working to unmask Bitcoin users about six months before Ulbricht was arrested.”
These new documents show that the NSA had access to Bitcoin users around the world around the same time that Ulbricht’s case was heating up, pointing to plausibility that the NSA used this program (or another still secret tool) go gain access to the private documents of Ross Ulbricht. The question remains as to how many other Bitcoin and cryptocurrency users’ information was accessed by the NSA or other agencies of the U.S. government. Until there is a transparent investigation with subpoena power that looks into the hidden activities of the NSA and other intelligence agencies, the American public remains in the dark regarding the depth and nature of the American surveillance state.
WATCH: Senator Rand Paul Calls Out Government Surveillance Power on The Late Show with Stephen Colbert
New York City — On Wednesday night’s airing of The Late Show with Stephen Colbert, host Steven Colbert asked Sen. Rand Paul (R-KY) if he thought the FISA memo, which allegedly details the FBI using opposition research — funded by a major donor of GOP presidential candidate Marco Rubio, and subsequently paid for by the Clinton campaign — to manipulate the FISA court into allowing surveillance of President Trump’s campaign staff, should be released to the public.
“You said the Bob Mueller investigation was a witch hunt, and you think it is a distraction of Congress’s time,” Colbert said.
“Do you think it should be ended- do you think he should be gotten out of there? Do you think they should get rid of Rosenstein and release the memo, and just blow the whole thing up and forget it ever happened?” Colbert asked.
Paul then took the opportunity to express his concerns, while enlightening Colbert on the danger in allowing secretive intelligence agencies to monitor the private communications of every American — without a warrant signed by a judge — in light of “bias” in the intelligence community, clearly referring to the FBI and DOJ, as allegedly implicated in the now-released FISA memo.
[RELATED: Nunes Memo Released]
“I’m concerned. My biggest concern is over something that Madison said at the beginning of our country, he said that ‘men are not angels’ and that’s why we need more oversight of government,” Paul said.
“Our intelligence community has the authority to listen to every phone call. Everyone’s phone calls could be listened to if they wanted to. Everyone in your e-mails can be tracked, every one of your phone… who you call and how long you speak can be tracked, every bank transaction can be tracked,” Paul explained.
Paul went on to note that human nature can lead to potential “bias” in the “intelligence community,” and pointed out the critical need for “checks and balances” in the form of “a judge and a warrant.”
“I think because men are not angels and women aren’t either, that there can be bias that can enter into the intelligence community, so we have to be very, very careful that someone gives them a check and balance and that check and a balance should be a judge and a warrant, so one of the things, you know, I fought with over this collection of FISA data, we should go to a judge to get to that,” Paul stated.
Paul then explained that he was “concerned” that Mueller had gone beyond a “Russia Collusion” investigation. The Senator, who has previously called the investigation a “witchhunt” – invoked the indictment of former Trump National Security Advisor Michael Flynn, which was not for colluding with Russians, but for not being truthful about “what was recorded on the phone call.”
“I’m concerned that we give too much power to a prosecutor who was supposed to be going after Russian collusion,” the Senator cautioned.
“So far he’s gotten somewhat over. He recorded General Flynn and then got him to say something inconsistent with what was recorded on the phone call,” Paul reasoned.
“Think about it from a personal perspective, if I have a thousand phone calls of Stephen Colbert, what I could learn? And then I can interview you, and if you say anything inconsistent with what you said on your private phone calls, I could put you in jail.” Paul explained.
Following the recent release of the memo, Paul issued the following statement on Friday:
“While I applaud the release of this memo, I also call for Congress to take immediate action to help prevent such behavior in the future. It is imperative it start by listening to Americans who have expressed outrage over its disregard for the Fourth Amendment and reexamining the powers it reauthorized right before we learned of the memo. Continuing to ignore the Constitution will only guarantee that others fall victim to government abusing its domestic surveillance powers.”
Watch Sen. Paul explain the dangers of an intelligence apparatus given vast power to spy on Americans beginning at 15:10 in the video below.
FBI Cracks San Bernardino iPhone, Moves To End Case Against Apple
The Federal Bureau of Investigation claimed Monday that it successfully gained access to the iPhone used by one of the suspects in the San Bernardino shooting without the help of Apple Inc.
While the agency has not revealed the method it used or if any data was retrieved from the phone, it reportedly released a statement claiming that it is now “reviewing the information on the iPhone.”
“The government has now successfully accessed the data stored on Farook’s iPhone and therefore no longer requires the assistance from Apple Inc. mandated by Court’s Order Compelling Apple Inc. to Assist Agents in Search dated February 16, 2016,” prosecutors wrote in a filing dated March 28.
The Associated Press noted that “withdrawal of the court process also takes away Apple’s ability to legally request details on the method the FBI used in this case.”
After U.S. magistrate Judge Sheri Pym ruled in February that Apple must comply with the FBI by building software that would allow the agency to break the iPhone’s encryption, the agency requested a motion to vacate the hearing the night before it was scheduled.
[RELATED: FBI Claims It Has Found ‘Outside Party’ To Break Into iPhone in San Bernardino Case]
The FBI’s filing, which was approved by Judge Pym on March 21, named an unknown “outside party” and proposed that to make time for testing to determine “whether it is a viable method,” the government should have until April 5 to submit a status report.
Apple also released a statement, criticizing the FBI’s initial demand and saying that the case “should never have been brought.”
[pull_quote_center]From the beginning, we objected to the FBI’s demand that Apple build a backdoor into the iPhone because we believed it was wrong and would set a dangerous precedent. As a result of the government’s dismissal, neither of these occurred. This case should never have been brought. We will continue to help law enforcement with their investigations, as we have done all along, and we will continue to increase the security of our products as the threats and attacks on our data become more frequent and more sophisticated.[/pull_quote_center]
The statement went on to say that the company believes that people in the U.S. and around the world “deserve data protection, security and privacy,” and that “sacrificing one for the other only puts people and countries at greater risk.”
“This case raised issues which deserve a national conversation about our civil liberties, and our collective security and privacy,” the tech company concluded. “Apple remains committed to participating in that discussion.”
FBI Claims It Has Found ‘Outside Party’ To Break Into iPhone in San Bernardino Case
The night before Apple Inc. and the Federal Bureau of Investigation were set to face off in court over whether Apple should be forced to create software to override the iPhone’s encryption, the FBI requested that the hearing be cancelled.
The court hearing set for Tuesday was over the case of the iPhone used by Syed Farook, a suspect in the San Bernardino shooting in December. After claiming that the only way to access the data on Farook’s iPhone was for Apple to create software to break the phone’s encryption, the FBI stated Monday night that the agency may have found another method to hack the phone.
[RELATED: Apple: Founding Fathers ‘Would Be Appalled,’ Accuses DoJ of Trying to ‘Rewrite History’]
In a court filing, the FBI asked U.S. Magistrate Judge Sheri Pym to vacate the hearing, claiming that on Sunday, “an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone.”
[pull_quote_center]Testing is required to determine whether it is a viable method that will not compromise data on Farook’s iPhone. If the method is viable, it should eliminate the need for the assistance from Apple Inc. set forth in the All Writs Act Order in this case.[/pull_quote_center]
The filing did not name the “outside party,” but proposed that to make time for testing to determine “whether it is a viable method,” the government should have until April 5 to submit a status report.
[RELATED: Apple Rejects Government Order to Create ‘Backdoor’ for iPhone]
Judge Pym granted the FBI’s request around 9:30 p.m. EST Monday. She sided with the agency in February, ruling that the All Writs Act of 1789 justified the government forcing Apple to create the software to decrypt the iPhone, in order to access information on the phone used by Farook.
In contrast, Brooklyn Magistrate Judge James Orenstein ruled on March 1 that the government cannot use the All Writs Act to force Apple to provide data from a locked iPhone, in the case of a suspect facing criminal drug charges in New York.
Orenstein wrote, “The implications of the government’s position are so far-reaching — both in terms of what it would allow today and what it implies about congressional intent in 1789 — as to produce impermissibly absurd results.”
[RELATED: NY Judge: DoJ Cannot Force Apple to Extract Data from Locked iPhone in Drug Case]
Including the cases of the San Bernardino shooting suspect in California and the criminal drug suspect in New York, Apple is facing a total of 12 cases in which the FBI is pushing for the company’s help to gain access to encrypted data.
Fred Cate, a law professor at Indiana University, told Ars Technica that while the FBI’s request to vacate the hearing could be “good news” for Apple, it is not the end of an escalating security struggle.
“As a practical matter, if the FBI’s new technique works, it likely means that Apple will add more protection to its devices, which is a good thing for consumers, and the FBI will be back in court in the future asking a judge to compel Apple to help the government defeat Apple’s improved security,” Cate said. “So the issue probably has been deferred, not resolved.”
Apple: Founding Fathers ‘Would Be Appalled,’ Accuses DoJ of Trying to ‘Rewrite History’
In preparation for next week’s hearing, Apple Inc. submitted a court filing Tuesday criticizing the United States Department of Justice, claiming that the U.S. founding fathers “would be appalled” at the department’s order.
The company first brought attention to the conflict in February, when a U.S. magistrate judge ordered Apple to create the software to decrypt the iPhone 5c used by San Bernardino shooting suspect Syed Farook.
Apple CEO Tim Cook argued that creating software to override the iPhone’s encryption “has implications far beyond the legal case at hand,” and could set a precedent for future cases.
[RELATED: Apple Rejects Government Order to Create ‘Backdoor’ for iPhone]
In the court filing released Tuesday, Apple’s lawyers argued that the DoJ and the FBI are “seeking an order from this Court that would force Apple to create exactly the kind of operating system that Congress has thus far refused to require,” and that in doing so, “they are asking this Court to resolve a policy and political issue that is dividing various agencies of the Executive Branch as well as Congress. “
The DoJ has used the All Writs Act of 1789 as justification for its order. The act states that “The Supreme Court and all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law” and that “an alternative writ or rule nisi may be issued by a justice or judge of a court which has jurisdiction.”
[RELATED: NY Judge: DoJ Cannot Force Apple To Extract Data from Locked iPhone in Drug Case]
Apple is currently facing 12 orders from the DoJ to provide data from iPhones in various cases. On Feb. 29, Brooklyn Magistrate Judge Orenstein became the first federal judge to rule that the All Writs Act does not justify “imposing on Apple the obligation to assist the government’s investigation against its will” in a criminal drug case.
Apple argued that the court should reject the DoJ’s order in the San Bernardino case because the All Writs Act “cannot be stretched to fit this case,” claiming that by using it, the government “attempts to rewrite history.”
[pull_quote_center]This Court should reject that request, because the All Writs Act does not authorize such relief, and the Constitution forbids it. The All Writs Act cannot be stretched to fit this case because to do so ‘would be to usurp the legislative function and to improperly extend the limited federal court jurisdiction.’ …The government attempts to rewrite history by portraying the Act as an all-powerful magic wand rather than the limited procedural tool it is.[/pull_quote_center]
“According to the government, short of kidnapping or breaking an express law, the courts can order private parties to do virtually anything the Justice Department and FBI can dream up,” Apple argued. “The Founders would be appalled.”
[RELATED: FBI Director Admits Apple’s ‘Backdoor’ Could Be Used for Other iPhones]
Apple also criticized comments made by FBI Director James Comey during a recent congressional hearing from March 1, and questioned why the DoJ has not gone to the NSA, if it is just wanting to hack into the one iPhone in question.
“The government does not deny that there may be other agencies in the government that could assist it in unlocking the phone and accessing its data; rather, it claims, without support, that it has no obligation to consult other agencies,” Apple wrote, noting that former National Coordinator for Security, Infrastructure Protection and Counter-terrorism, Richard Clarke said, “Every expert I know believes that NSA could crack this phone.”
The court hearing is scheduled for March 22, and in its court filing, Apple’s lawyers argued that the DoJ’s order is far from what the government has described as a “modest” rule only applying to a “single iPhone.”
“Instead, this case hinges on a contentious policy issue about how society should weigh what law enforcement officials want against the widespread repercussions and serious risk their demands would create,” Apple wrote.
Bipartisan Senators to Introduce Bill Forcing Companies to Override Encryption
A bipartisan team of United States senators is reportedly close to introducing a controversial bill that would let law enforcement force companies to comply with court orders seeking access to encrypted data.
Sens. Dianne Feinstein (D-Calif.) and Richard Burr (R-N.C.), both members of the Senate Intelligence Committee, began working on the bill after mass shootings occurred in Paris in November, and in San Bernardino, California, in December.
Following the shootings, Feinstein said she was “going to seek legislation if nobody else is,” and she claimed that it was in sync with the changing world.
“I think this world is really changing in terms of people wanting the protection and wanting law enforcement, if there is conspiracy going on over the Internet, that that encryption ought to be able to be pierced,” Feinstein said.
[RELATED: U.S. Police Chiefs Demand Access to Encrypted Communications Following Paris Attacks]
One of Feinstein’s aides reportedly said that while the bill will require companies to decrypt previously encrypted data and turn it over to law enforcement, it does not list a specific penalty for noncompliance, which would leave the punishment up to the courts.
While the bill could be introduced this week, Feinstein told The Hill she passed the text along to the White House, leaving the timing of the introduction up to President Obama, and Burr said it “depends on how fast the White House gets back to us.”
[RELATED: Apple Rejects Government Order to Create ‘Backdoor’ for iPhone]
The bill has received criticism from Sen. Ron Wyden (D-Ore.), who told the Huffington Post that he believes it will give tech companies few options, and as a result, “the American people will be less safe and less secure in their homes and neighborhoods.”
“I will do anything necessary to block a bill that weakens strong encryption,” Wyden said. “I will use every procedural tool in the Senate to block a bill that weakens strong encryption because I believe that weakening strong encryption will leave millions of Americans less safe and less secure.”
[RELATED: NY Judge: DoJ Cannot Force Apple to Extract Data from Locked iPhone in Drug Case]
The introduction of Feinstein and Burr’s bill comes at a time when Apple Inc. is pushing back against the Department of Justice on 12 different court orders that would require the company to go from extracting contacts photos and call records from an iPhone, to designing new software that would let the government override the iPhone’s encryption altogether.