domestic surveillance – Techdirt (original) (raw)
Legislator Apparently Used Slides Of NYC Protests In His Pitch For Reauthorizing Section 702 Surveillance
from the I-guess-it's-cool-if-you-don't-like-the-protesters dept
As the debate over Section 702 continues, more weird stuff keeps happening. For once, there’s serious opposition to a clean renewal, and it’s coming from both sides of the legislature. Then there are things like this, which is one of the stranger incidents to accompany a surveillance fight, as reported by Dell Cameron for Wired.
At a private meeting about the reauthorization of a major United States surveillance program late last year, the Republican chairman of the US House Permanent Select Committee on Intelligence (HPSCI) presented an image of Americans protesting the war in Gaza while implying possible ties between the protesters and Hamas, an allegation that was used to illustrate why surveillance reforms may prove detrimental to national security, WIRED has learned. Sources who attended the meeting say it alarmed Republicans who are pursuing new limits on the US government’s power to warrantlessly access the communications of US citizens.
Yeah, that should alarm everyone, not just Republicans looking for any reason to stick it to the FBI after a few of their own (Trump supporters all) got swept up by the Bureau’s warrantless access to the NSA’s ostensibly foreign-facing collection.
Now, there are lots of reasons most Republicans aren’t happy with this development. The first reason was listed in the previous paragraph. They also may not like protesters being placed under surveillance because many of them still make excuses for the insurrectionists in their midst and love to portray the January 6th invasion of the Capitol building as a protest that just got a little out of hand.
Republicans are also aware this is an executive power and right now they don’t have their own guy as Chief Executive. That’s another reason to oppose a clean reauthorization of Section 702 surveillance powers. The fact that Biden himself has asked for clean reauthorization is another reason to oppose it, even if they might have supported one with Trump still in office.
But this is still pretty disturbing, all politics aside. HPSCI Chairman Mike Turner apparently felt these slides were appropriate for a discussion of a foreign-facing surveillance power — one that’s come under considerable fire for the FBI’s constant, casual abuse of this collection to engage in warrantless domestic surveillance.
Mike Turner, of course, doesn’t really want anything to happen to Section 702. And, given this presentation, it seems clear he doesn’t mind if the FBI uses it to target American citizens, even those engaged in protected First Amendment activities. Faced with an actual reform bill that would codify a warrant requirement for accessing US persons’ communications, Turner fired off a competing “reform” proposal.
His proposal would have codified the FBI’s voluntary changes (which do not include a warrant requirements) and exempt people like him from being targeted by backdoor searches of NSA collections. His reform would force the FBI to notify Congress members if they had been subject to a 702 query and seek permission from certain government officials before gathering information that might include communications harvested by the NSA. As for the rest of us, nothing.
Turner’s briefing — and his startling PowerPoint presentation — were part of a concerted effort to talk legislators into dropping the proposed warrant requirement. I guess the good news is that this attempt failed spectacularly and may have even pushed some people off the fence towards the side demanding warrants.
As you read the next few paragraphs, keep in mind this is coming from the head of the House Intelligence Committee, which is not only a committee (meaning several legislators are involved) but one with access to actual intelligence (in the spy sense of the word), interns, staffers, advisors, aides, and any number of people who might have been able to head this off before it happened.
Instead, now that it’s been made public, the PR wing of the HPSCI has offered up whatever the fuck this is:
A spokesperson for the House Intelligence Committee said in an email on Friday that the protesters depicted in the slide had “responded to what appears to be a Hamas solicitation.”
A WIRED review of the slides shown by Turner casts doubt on that claim. Notably, while the two slides were portrayed as being related to a single protest in November outside Senate majority leader Chuck Schumer’s Brooklyn residence, WIRED has since learned that the slides reference two separate events that occurred nearly a month apart.
What’s more, the allegation that the protesters were following Hamas’ lead is based on a post on X that contains false information about who organized one of these two events.
Jeff Naft, the HPSCI spokesperson, further stated that the purpose of the slides was to “illustrate” that even if the pictured protesters “had ties to Hamas,” they could not be lawfully surveilled using Section 702.
I have no reason to believe that was the original intent of the slides. But even if it was, no one who viewed this presentation saw it that way, as Cameron reports.
“At the outset of the presentation, he’s running through slides, making his case for why 702 reauthorization is needed,” a senior Republican aide tells WIRED. “Then he throws up that photo. The framing was: ‘Here are protesters outside of Chuck Schumer’s house. We need to be able to use 702 to query these people.’”
Another aide in attendance said: “The sentiment was that [Turner] wanted to know if these people were talking to Hamas. That’s how I interpreted why he brought up those slides.”
That appears to have been the intent, no matter what Turner’s spokesperson is saying after the fact. If Naft is supposed to be the spin doctor, the HPSCI needs to sue him for malpractice.
And even if anyone in attendance agreed with Turner’s insinuation that pro-Palestinian protesters should be placed under the Section 702-enabled microscope, at least they’re smart enough to realize how this sort of thing works if it becomes the FBI’s new pattern-and-practice following reauthorization:
“What we know for sure is this,” a Republican aide says, “However the government decides to treat left-wing protesters today, that’s how we should expect protesters in our party to be treated under future administrations.”
That’s how it works. Surveillance powers like Section 702 cross administrations. They don’t align with election years. And that should nudge more legislators to consider what’s best in the long run, rather than what’s politically expedient. And, no matter how you feel about the FBI and its steady dipping into the NSA pool, you should never try to insinuate that political protesters should be subjected to domestic surveillance.
Filed Under: 1st amendment, 4th amendment, domestic surveillance, free speech, nsa, protests, section 702, surveillance
Well, That’s Everyone: Senator Wyden Letter Confirms The NSA Is Buying US Persons’ Data From Data Brokers
from the you'd-think-the-NSA-would-have-a-better-data-plug dept
Buying domestic data from data brokers is just something the government does all the time. Bypassing restraints enacted by the Supreme Court, federal agencies (along with local law enforcement agencies) are hoovering up whatever domestic data they can from private companies all too happy to be part of the problem.
Sure, the government can pretend the Third Party Doctrine applies here. But chances are that most of this data being collected by phone apps and other services isn’t being collected with the full knowledge of device users. This is the sort of thing that’s hidden in the deep end of Terms of Use boilerplate, suckering people out of all kinds of data because they made the mistake of assuming a seemingly-innocuous match-3 game wouldn’t attempt to ping their phone’s location and tie it to specific device IDs.
So, this latest news — as revealed by Senator Ron Wyden — is only surprising in terms of which agency is involved.
U.S. Senator Ron Wyden, D-Ore., released documents confirming the National Security Agency buys Americans’ internet records, which can reveal which websites they visit and what apps they use. In response to the revelation, today Wyden called on the administration to ensure intelligence agencies stop buying personal data from Americans that has been obtained illegally by data brokers. A recent FTC order held that data brokers must obtain Americans’ informed consent before selling their data.
“The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans’ privacy are not just unethical, but illegal,” Wyden wrote in a letter to Director of National Intelligence (DNI) Avril Haines today. “To that end, I request that you adopt a policy that, going forward, IC elements may only purchase data about Americans that meets the standard for legal data sales established by the FTC.”
You’d think the NSA would be able to obtain this data without having to buy it from sketchy third-party vendors. I mean, it has erected one of the most pervasive surveillance apparatuses in the world. It’s completely capable of engaging in domestic surveillance. And, indeed, it often does! So why would it need to purchase something it can obtain (more legitimately[?]) from its own dragnets and risk having part of its collection techniques exposed?
There’s no clear answer to that question, other than it’s pretty easy to spend government money when you’ve got plenty of it. Wyden’s letter [PDF] goes into a bit more detail, but (for obvious reason) it’s not the equivalent of sneaking damning documents out of an NSA data center and handing them over to journalists after exiting the country.
That being said, it took Wyden holding a top NSA position hostage for the government to admit it was buying data from brokers to engage in domestic surveillance.
The secrecy around data purchases was amplified because intelligence agencies have sought to keep the American people in the dark. It took me nearly three years to clear the public release of information revealing the NSA’s purchase of domestic internet metadata. DoD first provided me with that information in March, 2021, in response to a request from my office for information identifying the DoD components buying Americans’ personal data. DoD subsequently refused a request I made in May, 2021, to clear the unclassified information for public release. It was only after I placed a hold on the nominee to be the NSA director that this information was cleared for release.
Wyden asks each “IC [Intelligence Community] element” to open an investigation into the purchase of data from data brokers, as well as an FTC investigation into the business practices of the data brokers themselves. Each IC component is also asked to provide “an inventory of personal data purchased” from data brokers.
Wyden’s letter deals with all data purchased from brokers, but specifically exposes the NSA’s acquisition of internet browser records, which show which sites users visit and which apps they use. The NSA’s denial — delivered to Wyden late last year — claims the NSA isn’t doing something else entirely.
[N]SA does not buy and use location data collected from phones known to be used in the United States either with or without a court order.
That’s the only firm denial in the letter and it only says things about location data, which isn’t what Wyden is expressing his concern about.
However, the NSA — in the same 2023 letter — admitted to doing exactly what Wyden accused it of:
NSA does buy and use commercially available netflow (i.e., non-content) data related wholly to domestic internet communications and internet communications where one side of the communication is a U.S. Internet Protocol address and the other is located abroad.
The NSA is admitting to domestic surveillance. Not the best look for an agency still hoping to resuscitate its reputation following several years of damning leaks, investigations, and inadvertent exposures. We already know the NSA is fully capable of “inadvertently” sweeping up US persons’ data and communications with its Section 702 collection. That’s the thing the FBI constantly abuses to engage in domestic surveillance. It should never need to buy this data from brokers because it has always been able to obtain it otherwise.
This appears to be the NSA collecting even more just because the situation presented itself, rather than for any demonstrated national security need. And that’s the sort of thing no American should be willing to treat as government business as usual.
Filed Under: 4th amendment, avril haines, data brokers, doj, domestic surveillance, internet records, location data, nsa, privacy, ron wyden, surveillance, third party doctrine
ODNI Report Shows Uncle Sam Buys Huge Troves Of Consumer Data From Brokers To Avoid Warrants, Trample The Law
from the it's-the-corruption,-stupid dept
Wed, Jun 14th 2023 05:19am - Karl Bode
Story after story after story has showcased how the intentionally convoluted adtech and data broker market sloppily traffics in all manner of sensitive consumer data, whether it’s your daily physical movements (say, the last time you visited an abortion clinic), your granular browsing habits, your medical history, your household energy use patterns, or even your mental health data.
This massive trove of data is then used to categorize and classify Americans on an increasingly complicated array of criteria in a bid to sling ads and sell products online. Companies collect way more consumer data than is needed, it’s simply not secured in any competent way, and while adtech brokers will happily claim they “anonymize” this data to protect consumer privacy, study after study have showcased how that word is absolutely meaningless, providing flimsy cover as the sector sells access to datasets relatively cheaply, often without competently screening the purchaser.
Obviously that’s a problem for a long list of reasons. Vigilantes can obtain abortion clinic visitation data. Foreign governments can obtain detailed profiles of Americans. Sexual preferences can be weaponized. And, of course, the U.S. government can easily abuse this unaccountable free-for-all to obtain U.S. consumer data without pesky warrants or oversight.
The latest case in point: a new report by The Office of the Director of National Intelligence (ODNI) once again confirms the obvious: that the U.S. government is exploiting the largely unregulated data broker market to obtain vast, cheap troves of sensitive U.S. consumer data, even when Congress and the Supreme Court have expressly forbidden it:
In the shadow of years of inaction by the US Congress on comprehensive privacy reform, a surveillance state has been quietly growing in the legal system’s cracks. Little deference is paid by prosecutors to the purpose or intent behind limits traditionally imposed on domestic surveillance activities. More craven interpretations of aging laws are widely used to ignore them. As the framework guarding what privacy Americans do have grows increasingly frail, opportunities abound to split hairs in court over whether such rights are even enjoyed by our digital counterparts.
The report is also quick to note what everybody has known for a long time: claims that industry “anonymizes” this data to protect consumer identities are generally bullshit, since it’s relatively trivial to identify users with just a modicum of additional data. “Anonymization” is tossed around casually as some kind of ethical and privacy get out of jail free card, when it’s simply gibberish:
It is no secret, the report adds, that it is often trivial “to deanonymize and identify individuals” from data that was packaged as ethically fine for commercial use because it had been “anonymized” first. Such data may be useful, it says, to “identify every person who attended a protest or rally based on their smartphone location or ad-tracking records.” Such civil liberties concerns are prime examples of how “large quantities of nominally ‘public’ information can result in sensitive aggregations.” What’s more, information collected for one purpose “may be reused for other purposes,” which may “raise risks beyond those originally calculated,” an effect called “mission creep.”
Sure, wholesale corruption and greed is a major reason why it’s 2023 and we still haven’t passed even a baseline privacy law for the internet era and competently regulated data brokers. But it’s also because holding the data broker and adtech space for lax privacy and security practices operates in stark contrast to the interests of those keen on mindlessly expanding our domestic surveillance apparatus:
Perhaps most controversially, the report states that the government believes it can “persistently” track the phones of “millions of Americans” without a warrant, so long as it pays for the information. Were the government to simply demand access to a device’s location instead, it would be considered a Fourth Amendment “search” and would require a judge’s sign-off. But because companies are willing to sell the information—not only to the US government but to other companies as well—the government considers it “publicly available” and therefore asserts that it “can purchase it.”
That’s why the often performative policy fixation on TikTok — and the pretense that banning TikTok actually fixes the broader problem — are naïve baby talk. It’s also a giant (often intentional) distraction from the real problem: our corrupt inability to pass even basic privacy legislation or regulate a data broker market that’s been running amok for the better part of two decades.
You’ll see endless hyperventilation in DC about China and TikTok, yet those same folks will curiously avoid discussing how domestic intelligence is also able to obtain this same data on the cheap. And they’ll avoid it because they don’t actually care about privacy, but they do care about making money and mindlessly expanding U.S. government surveillance power as it tramples accountability underfoot.
Filed Under: adtech, anonymization, corruption, data brokers, domestic surveillance, odni, privacy, security, spying
Gizmodo Found 28,000 Apps Sending TikTok User Data
from the putting-out-wildfires-with-a-tin-cup dept
Fri, Mar 10th 2023 05:31am - Karl Bode
Under the dull roar of our great TikTok moral panic I’ve been trying to make the semi-nuanced point that while TikTok does present some legitimate privacy issues, a ban won’t fix the actual problem. Largely because U.S. policymakers and businesses don’t want to fix the actual problem. They don’t even want to acknowledge what the actual problem is.
Namely that we’ve created a vast, largely unregulated data broker market that traffics in vast realms of private user data. That data at scale is hugely profitable for everybody in the chain. But it’s also easily exploitable by Chinese intelligence agencies keen on building detailed profiles of Americans. And it’s a great way for the U.S. government to obtain sensitive U.S. resident data without those pesky warrants.
So again, banning TikTok isn’t actually doing what U.S. politicians (especially on the GOP side) claim.
Case in point: a new Gizmodo investigation found that over 28,000 different apps make use of TikTok’s software development kits. All of these apps send TikTok various data to handle things like slinging ads, logging in to services, and sharing videos from the app. It’s another example of how “ban TikTok and we’ve fixed the problem” is simplistic and stupid:
“A simple ban on the TikTok app itself is not going to stop data flowing to TikTok,” said Daniel Kahn Gillmor, a senior staff technologist at the American Civil Liberties Union. “TikTok has software in other places, not to mention TikTok trackers spread across other parts of the web. I don’t have a TikTok account, but there are still plenty of ways the company can get data about me.”
That’s of course just the SDK. Were Chinese intelligence really keen on obtaining vast troves of U.S. resident location, browsing, and even mental health data… it’s rather trivial to buy it on the cheap from the global data broker market whose operations are convoluted specifically to help them avoid regulatory accountability. With or without TikTok’s help.
It’s kind of weird to me how despite the rampant coverage of the TikTok fracas, Gizmodo is one of very few outlets consistently pointing out to readers how banning TikTok doesn’t really address our propaganda or privacy problems:
“I’m not at all saying TikTok is innocent, but focusing specifically on one app from one country is not going to solve whatever problem you think you’re solving. It truly misses the point,” Kahn Gillmor said. “Do we really think that Facebook or Google are not capable of being influenced by the Chinese government? They know a market when they see one. I think the pressure that’s building is basically a race to be seen as tough on China.”
Again, if U.S. policymakers were actually serious about national security and privacy, we’d take widespread U.S. corruption more seriously. Corruption is eminently exploitable by foreign intelligence (see both Russia and China). It also prevented us from passing even a baseline privacy law for the internet era despite two straight decades of very clear warnings from experts and activists.
TikTok is held up as some exceptional, unique threat to U.S. consumer privacy and national security, and it’s just not. The entire ecosystem is rotten and exploitable by bad actors of every stripe, and it’s rotten because we’ve spent the better part of the last generation prioritizing making money over market health, consumer welfare, or national security:
“Lots of people have had a good look at the TikTok app, and they haven’t found a smoking gun, or anything that looks different from what happens with Facebook, Twitter, and other social networks,” Stockley said. “If the federal government had something within the app that they could expose, I would expect they’d do it.”
Actually fixing this problem would result in U.S. companies making less money from over-collecting consumer data then failing repeatedly to secure it before selling access to it to any nitwit with a few nickels. Actually fixing this problem would require reining in the U.S. government’s widespread domestic surveillance machine, and its routine abuse of this barely regulated market to avoid getting warrants.
A TikTok ban lets a parade of DC blowhards pretend they’re doing something about the problem and being tough on China, even if they’re not actually doing either. For the GOP, it also serves as chum for a xenophobic base, and it lets them pretend they’re fixing a problem (a barely regulated data broker market) their own shitty policies actively created.
Filed Under: china, corruption, domestic surveillance, national security, privacy, security, social media, surveillance, tiktok ban
Companies: tiktok
Nokia Busted Helping Russia’s FSB Spy On Citizens, Activists, Journalists
from the it's-fine-when-we-do-it dept
Wed, Mar 30th 2022 06:38am - Karl Bode
Telecom giants are no strangers to helping governments spy on journalists, activists, and their own citizens. AT&T, for example, is effectively so bone-grafted to the NSA here in the States, you literally cannot physically tell where the government ends and the telecom giant begins.
Chinese companies like Huawei have also jumped to the head of the line when asked by repressive governments in Africa to spy on government political opponents, critics, and journalists, or to help Chinese officials track and manage the genocide of the Uighur population.
Now the war in Ukraine and the subsequent economic sanctions on Russia has revealed that Nokia’s also perfectly willing to help violent and oppressive governments when there’s money to be made. When Nokia decided to join countless other companies in exiting Russia to punish it for its attack on Ukraine, the New York Times notes they left something very interesting behind:
“For more than five years, Nokia provided equipment and services to link SORM to Russia’s largest telecom service provider, MTS, according to company documents obtained by The New York Times. While Nokia does not make the tech that intercepts communications, the documents lay out how it worked with state-linked Russian companies to plan, streamline and troubleshoot the SORM system’s connection to the MTS network.”
While this sort of behavior usually sees some light hand-wringing, there’s a long history of both this sort of cooperation, and limited accountability for it. The United States, for example, provided significant IT and telecom support to vicious, tyrannical governments in South America during Operation Condor in the 70s, helping them better coordinate widespread acts of terrorism, murder, and torture.
In this case, Nokia’s planning and strategic aid helped the Russian NSB and Russian telecom giant MTS implement the System for Operative Investigative Activities (SORM), which, in turn, helped with the tracking, surveillance, and violence against and in some cases the murder of activists, journalists, and political opponents.
The documents obtained by the Times indicated that Nokia knew it was aiding the Russian government in this way, and made hundreds of millions of dollars in annual revenue as a result. Analysis of the documents suggest the system simply wouldn’t have been possible without Nokia’s help. Some of this had been reported previously, though Nokia had tried to downplayed its involvement.
This was the sort of thing that U.S. lawmakers spent years freaking out over when it came to allegations that Huawei used its hardware to spy, leading to a massive global embargo of Huawei products (though no public evidence was ever offered, and the U.S. was often caught doing similar things). In fact, Nokia’s now a big player in our 5G deployments thanks to the embargo on Huawei.
So the great irony here is that the U.S. (an increasingly authoritarian government and a big fan of unchecked surveillance), embargoed Huawei gear over unchecked surveillance in service to an authoritarian government, driving a significant chunk of U.S. 5G build out business to Nokia, which was just caught… helping authoritarian governments engage in unchecked surveillance.
Super consistent and savvy policy making.
What Congress gets upset about on the domestic surveillance front often ebbs and flows arbitrarily, based on things like the color of an executives’ skin, who is flinging around campaign contributions, and whether the U.S. is the one doing the spying. We’ve led by (poor) example on much of this stuff for more than a generation, and the sour outcome shouldn’t be particularly surprising.
Filed Under: china, domestic surveillance, fsb, nsa, russia, spying, telecom
Companies: nokia
Declassified Documents Shows The CIA Is Using A 1981 Executive Order To Engage In Domestic Surveillance
from the bypassing-checks,-balances,-and-oversight-with-Executive-power dept
When most people think of the CIA (Central Intelligence Agency), they think of a foreign-facing spy agency with a long history of state sponsored coup attempts (some successful!), attempted assassinations of foreign leaders, and putting the US in the torture business. What most people don’t assume about the CIA is that it’s also spying on Americans. After all, we prefer our embarrassments to be foreign-facing — something that targets (and affects) people we don’t really care about and governments we have been told are irredeemable.
An entity with the power to provoke military action halfway around the world has periodically shown an unhealthy interest in domestic affairs, which are supposed to be off-limits for the nation’s most morally suspect spies. The CIA (along with the FBI) routinely abuses its powers to perform backdoor searches of foreign surveillance stashes to locate US-based communications. It also has asked the FBI to do its dirty secondhand surveillance work for it in order to bypass restrictions baked into Executive Order 12333 — an executive order issued by Ronald Reagan that significantly expanded surveillance permissions for US agencies.
Perhaps most significantly — at least in terms of this report — the order instructed other government agencies to be more compliant with CIA requests for information. Since its debut in December 1981, the order has been modified twice (by George W. Bush) to give the government more power.
That’s the authority the CIA has been using to spy on Americans, as a recent PCLOB (Privacy and Civil Liberties Oversight Board) report shows. The PCLOB performed a “deep dive” in CIA domestic spying at the request of Senators Ron Wyden and Martin Heinrich. After its completion, the senators asked for an unclassified version of the PCLOB’s report. That report has arrived. And, according to Ron Wyden’s statements, it shows the CIA is utilizing EO 12333 to spy on Americans and bypass the protections (however minimal) the FISA court provides to Americans.
“FISA gets all the attention because of the periodic congressional reauthorizations and the release of DOJ, ODNI and FISA Court documents,” said Senators Wyden and Heinrich in response to the newly declassified documents. “But what these documents demonstrate is that many of the same concerns that Americans have about their privacy and civil liberties also apply to how the CIA collects and handles information under executive order and outside the FISA law. In particular, these documents reveal serious problems associated with warrantless backdoor searches of Americans, the same issue that has generated bipartisan concern in the FISA context.”
Wyden and Heinrich called for more transparency from the CIA, including what kind of records were collected and the legal framework for the collection. The PCLOB report noted problems with CIA’s handling and searching of Americans’ information under the program.
Even if the spying isn’t direct, the outcome is pretty much identical to direct targeting. With EO 12333, the CIA obtains the compliance from other federal agencies envisioned by Ronald Reagan back in 1981 as his administration ran headlong into the CIA-implicating Iran-Contra scandal.
Domestic data is supposed to be “masked” if incidentally acquired by foreign-facing surveillance collections. Sometimes this simply doesn’t happen. Sometimes unmasking occurs without proper permission or oversight. The FBI uses this to its advantage. So does the CIA. But the FBI handles domestic terrorism. The CIA does not. That makes the CIA’s abuse possibly more egregious than the FBI’s numerous violations of the same restrictions placed on domestic surveillance via foreign interception of communications by the NSA.
The PCLOB report [PDF] shows the CIA has obtained bulk financial data from other sources, possibly without proper masking of incidentally-collected US persons data. According to the CIA’s response to the report, the only thing separating CIA analysts from US persons’ data and communications is a pop-up box warning them that access may be illegal. This is only a warning. It does not (nor could it) prevent analysts from obtaining data they shouldn’t have access to without explicit permission.
How extensive this “incidental” collection is remains to be seen. And there’s a good chance no one will ever know how often this pop-up was ignored to collect data generated by US citizens and residents. Much of the report is redacted and what was shared with the PCLOB was limited to whatever the CIA felt like sharing. The oversight of programs like these is deliberately limited by the Executive Order — one that made the assumption some things (like national security) are too important to be done properly or overseen directly.
The report does note that the CIA has internal processes to limit abuse of backdoor searches. But it also points out the CIA has read EO 12333 and its modifications to mean it can do what it wants when it wants without worrying too much about straying outside of the generous lines drawn by this Executive Order.
The limits include a requirement to use the “least intrusive collection techniques feasible within the United States or directed against United States persons abroad.” Annex A implements E.O. 12333’s “least intrusive collection technique” requirement regarding activities outside of the United States involving U.S. persons. Given that the Executive Order’s restriction only applies to activities in the United States or activities directed against U.S. persons abroad, the CIA interprets the language of Annex A to only apply to collections directed against USPs abroad. Annex A does not require [redacted] to apply the least intrusive collection technique to collections covered by this report, which are generally not directed against USPs.
There’s the exploitable loop: the EO only applies to collections “directed” at US persons. Since all information is pulled from foreign-facing surveillance collections that “incidentally” collect US persons data, the resulting collection the CIA has access to is completely legal. Analysts access these collections specifically to find US persons’ data, but because no agency deliberately targeted US persons, it’s all above board.
This is the exploitation of foreign bulk collections to obtain information about Americans. While some may argue the damage is minimal because it only accesses information (financial records) unlikely to have an established expectation of privacy, people obviously know their financial institutions track their purchases, but that’s not the same thing as people assuming the government should be able to access records — which may contain sensitive information — using nothing more than an Executive Order that was ostensibly written to strengthen foreign surveillance efforts.
And that’s only what can be observed from this redacted release. This isn’t the CIA’s only attempt to hoover up info on US persons via side channels. Wyden’s letter hints at FISA reforms, which likely refers to domestic phone records the NSA used to collect in bulk — a program that was specifically targeted by Congress following the Snowden revelations. What’s contained in this report is a narrow examination of one part of the CIA’s exploitation of bulk collections to obtain US persons data. And if it feels this confident about its nearly unrestricted ability to perform these backdoor searches, examinations of other aspects of this program are likely to find other domestic data is ending up in the hands of CIA analysts who are supposed to be focused on foreign activities.
Filed Under: cia, domestic surveillance, eo 12333, executive order, pclob, ron wyden, surveillance
DHS Is Engaging In Domestic Surveillance To Protect The Homeland Against Threats To Statues
from the i'm-sorry-i-don't-make-the-rules dept
The DHS doesn’t mind engaging in domestic surveillance. After all, it’s the Department of Homeland Security, so its purview is the homeland and everyone in it. The problem is the American public has rights and that is always something to consider, however briefly, when doing things like flying drones over American cities or, more questionably, placing people engaged in First Amendment expression under surveillance.
The DHS is now directly engaged in policing free speech. Demonstrations triggered by a Minnesota police officer’s killing of an unarmed Black man are occurring on a daily basis. In some cities, the protests have never stopped. Federal agents — including (inexplicably) a task force from the DEA — have stepped in to investigate suspected federal crimes. However noble and correct the goal, the physical manifestation of this effort has been unidentified federal officers — clad head-to-toe in war gear — dragging people off the street and into unmarked vehicles.
Those who’ve experienced this say they were questioned aggressively by officers who refused to identify themselves and released with zero paperwork documenting their seemingly unconstitutional detainment or what criminal acts they were suspected of committing.
The DHS is prepared to take its Gestapo act nationwide with the blessing of the president. Any city with a crime problem, or a protest problem… or a “liberal” mayor can expect a swarm of DHS components to step in and start intimidating the protesting populace.
As is the case with any mission involving surveillance, you need to be prepared for the creep. No, this creep belongs to the mission supported by your average DHS foot soldier — one dressed like he’s in Fallujah and believes he has seen the enemy. And it is you. (By “you,” I mean your average American standing within rental-car-driving distance of any federal property.)
The DHS is expanding its mission. This fortuitous move accompanies the extension of its leash by President Trump, who seems to feel people expressing their displeasure with law enforcement violence and racism should be intimidated into silence. Lawfare — generally known as the home of pro-surveillance commentators — has obtained a document showing the DHS is expanding its enforcement and surveillance efforts to cover other federal property: namely, the statues and monuments protesters have been vandalizing or destroying.
A document provided to Lawfare on July 19 from the Department of Homeland Security’s (DHS) Office of Intelligence & Analysis (I&A) describes personnel as “collecting and reporting on various activities in the context of elevated threats targeting monuments, memorials, and statues”—and it gives legal guidance concerning the “expanded intelligence activities necessary to mitigate the significant threat to homeland security” posed by such activities.
The document, titled “Job Aid: DHS Office of Intelligence & Analysis (I&A) Activities in Furtherance of Protecting American Monuments, Memorials, Statues, and Combatting Recent Criminal Violence,” is not classified. Its three pages each bear the heading “UNCLASSIFIED//FOR OFFICIAL USE ONLY.” But it clearly indicates that at least parts of the intelligence community are being tasked with monitoring and collecting information on some protest activities.
Try not to live or work too close to national monuments, Americans. You are the newest threat to the homeland’s security. Participation trophies erected to victims of the War of Northern Aggression are sacrosanct if they’re owned and operated by the US of A.
One DHS official says this is fine. (Likely more of them feel the same way, but this is the one Lawfare got on the record.) Ken Cuccinelli says statues and such are “federal facilities,” and therefore as important to the nation’s security as actual government buildings or government databases. And it’s not just the federal stuff. The South may rise again yet.
It appears to also include planned vandalism of Confederate (and other historical) monuments and statues, whether federally owned or not.
Thank god this country is coming to the defense of long-dead white men. That’s what’s important in the wake of white officers killing unarmed Black men.
The memo leverages federal law as a truncheon against anyone who might harbor ill will against federal property which, it must be repeatedly noted, includes monuments erected to racists who engaged in treason. Say what you will about the current president, but at least he hasn’t engaged in treason in an openly racist fashion. Yet.
So, in order to ensure the existence of certain people and their progeny, the DHS will be ramping up its domestic surveillance in hopes of catching those violently or non-violently opposed to icons representing America’s racist history. Here’s what the DHS is permitted to do in response to Trump’s executive order demanding the protection of icons who presided over a secession that didn’t even last as long as Heinz colored ketchup.
I&A personnel are required to use the least intrusive collection techniques feasible and sufficient when collecting [US person information] or when collecting intelligence or information within the United States. … I&A personnel are permitted to engage in physical surveillance, the use of mail covers, and the use of monitoring devices only to the extent permitted by and consistent with [rules limiting their use to counterintelligence investigations]. I&A personnel are not permitted to engage in electronic surveillance or unconsented physical searches. Use of these techniques within the United States will be coordinated with the Federal Bureau of Investigation….
Oh, good. Whoever wrote this must be unfamiliar with most of the terms used in the memo they wrote. I’m not sure where they got their info, but it was likely surreptitious and removed from court oversight. You cannot combine “least intrusive method” and “coordinated with the FBI” and still expect “least intrusive” to remain “least intrusive.” As for the mail cover part, does the DHS really feel the “liberal anarchists” routinely blamed by the administration are communicating via snail mail? “Hey, we’re going to tear down a racist monument later this week. As soon as I can find what’s left of my ‘forever’ stamps, I’ll send you the details.”
As for the ban on “unconsented physical searches,” it would appear dragging people into unmarked vans for searches and questioning — as observed in Portland, Oregon — would violate the DHS’s internal rules.
The DHS is supposed to focus on threats, according to this memo. But the threats include those against non-living sculptures and government buildings. Nothing forbids the DHS from going “open source” and surveilling even more protected speech: social media posts by American citizens. Whatever’s published publicly can be observed without troubling any Constitutional amendments. But should the DHS do this, especially when the only thing “threatened” is some statues of questionable societal value?
The memo does at least tell DHS personnel they can’t engage in surveillance of protected speech. But the rest of it gives them all the excuses they need to ignore this Constitutional guidance. Free speech apparently isn’t free if it includes disparagement of national monuments that agents and officers can construe as potentially threatening.
While we may agree there is value in protecting certain federal property from attacks or vandalism, the inclusion of non-entities whose replacement value is up for discussion twists this into an easily-abusable avenue for increased domestic surveillance. As Lawfare points out, it’s kind of absurd to extend efforts to prevent harm to government functions to include literally symbolic entities.
We will leave for another day the almost philosophical question of what level of damage might reasonably be said to impede the purpose or function of a statue. Suffice it to say that DHS analysts are now authorized to collect intelligence on threats to inflict such damage—though apparently not damage that falls short of impeding a statue’s “purpose or function,” whatever that may be.
The memo cautions against unjustified surveillance but surrounds it with vague directives like this one, where actions not overtly worshipful of a federally-erected monument could be perceived as an impediment to its “purpose or function.” Most monuments are erected in hopes of respectful adoration. Standing in the way of intended adoration may be enough to welcome the unblinking gaze of the DHS’s many eyes.
This isn’t how America is supposed to work. Political speech deserves the utmost in First Amendment protections. There’s a long list of federal crimes federal agencies could be concerning themselves with. But the DHS and the administration have decided idolatry is a proud tradition that must be upheld. The president loves his symbols. And the DHS’s activities — observed with horror by American citizens engaged in peaceful protests — are Trump’s jingoistic words made flesh.
Filed Under: 1st amendment, dhs, domestic surveillance, donald trump, executive order, statues, surveillance
AG William Barr Doesn't Want The Government Spying On The President But Thinks It's OK If It Spies On Everyone Else
from the selective-deployment dept
Attorney General William Barr is against* domestic surveillance.
Attorney General William Barr on Friday continued to go to bat for President Donald Trump, reiterating his attempt to justify his investigation into the origins of the FBI investigation into Trump campaign’s ties to Russia ? including by claiming without evidence that U.S. government “spying” on Trump’s campaign was just as grave as Russian interference in the 2016 election.
“I think people have to find out what the government was doing during that period. If we’re worried about foreign influence, for the very same reason we should be worried about whether government officials abused their power and put their thumb on the scale,” he said in a Fox News interview airing Friday. “I’m not saying that happened, but I’m saying that we have to look at that.”
Let me restate that: William Barr is opposed to certain, very narrow subsets of domestic surveillance. Specifically, Barr doesn’t think the government should have spied on Trump and his campaign staff, if that’s what actually happened, which Barr doesn’t actually seem to know.
But if you’re literally anyone else, domestic surveillance is just another name for national security, whether you’re a random Verizon customer or one of the world’s most useful websites.
The Wikimedia Foundation sued the federal government over domestic surveillance back in 2015. The suit lives on four years later, thanks to the Fourth Circuit Court of Appeals recognizing the Foundation had stated enough credible facts to be granted standing. The fight continues, with Barr’s DOJ reiterating its original point that there’s nothing wrong with spying on Americans when national security is on the line.
Wikimedia’s case could mark the first time a public court weighs in on the constitutionality of this decade-old spying operation. But in stark contrast to Barr’s public expressions of concern over the privacy of Americans, his Justice Department has thrown up a series of litigation roadblocks in an effort to prevent the court from ruling on the legality of this surveillance dragnet.
In fact, on Thursday, Justice Department lawyers argued that Wikimedia’s case should be dismissed outright. They contend that Wikimedia cannot prove with sufficient certainty that its communications are surveilled, and that it therefore lacks “standing” to sue.
We expect hypocrisy from those in the self-service business. Government officials are not expected to apply their ideals and beliefs consistently across the board. The DOJ itself, however, is completely ambivalent. It is more than willing to spy on both presidential candidates and everyone else in the country, even as it argues none of the millions of entities swept up in the NSA’s dragnets have standing to sue over violated rights.
Barr wants to dig into the federal government’s spying on Trump, but doesn’t want the public to dig into the government’s spying on everyone else. Tough, but unfair. But that’s how the government operates, and AG William Barr is no exception. To use the DOJ’s own argument, Barr’s seemingly baseless claims about spying on the Trump campaign shouldn’t be granted standing by the general public, much less the DOJ he wants to investigate itself.
*The DEA has run multiple bulk records collections for more than 20 years, given the green light by our current Attorney General, William Barr, who also ran the DOJ back in 1992.
Filed Under: doj, domestic surveillance, mass surveillance, surveillance, william barr
Utah Senate Passes Bill That Would Lock The Government Out Of Warrantless Access To Third Party Records
from the enjoy-your-new-home-turf,-NSA dept
Perhaps no state has unrolled and rolled up a welcome mat set out for a federal guest faster than Utah. What was once a shiny new installation with 5-10,000 jobs attached swiftly became a PR black eye after Ed Snowden exited the NSA and sprung a leak.
Suddenly, the sweetheart deal on water given to the NSA seemed like an attempt to curry favor with domestic spies, placing local politicians on the receiving end of reflected wrath from the general public. Utah’s government reversed course, setting itself up as a champion of the people. An attempt was made to shut down the spy center’s water supply. It never made its way into law, but the anti-panopticon tone was set. But the state is still moving forward with efforts taking on the federal government, engaged in the always-awkward grappling of the The Man sticking it to The Man.
Bills forbidding state agencies from participating in domestic surveillance have been introduced elsewhere in the country. Few of these have moved forward. But the Utah legislature — burned by its close ties with the spy agency non grata — has proven more tenacious than most. As Molly Davis reports for Wired, the Utah government is one step away from locking the government out of access to third party records.
On March 12, Utah legislators voted unanimously to pass landmark legislation in support of a new privacy law that will protect private electronic data stored with third parties like Google or Facebook from free-range government access. The bill stipulates that law enforcement will be required to obtain a warrant before accessing “certain electronic information or data.”
The shift towards greater privacy protections may have been prompted by the NSA data sinkhole currently hoovering up water outside of Bluffdale, but this law would affect every other state and federal agency that has made use of the Third Party Doctrine ever since its unwelcome appearance over 40 years ago.
This is very good news for Utah residents, considering the number of third parties collecting data has expanded exponentially over the past two decades. The same court that handed the government the Third Party Doctrine recently gave a little something back to the people, ruling that cell site location info has an expectation of privacy. This alters the contours of third party/government interactions, with every record grabbed without a warrant could result in a legal challenge that restores a bit more of the Fourth Amendment.
Until then, states are free to limit government access to these records on their own. Voluntarily turning over info to private third parties should not be interpreted as citizens turning over this information to everyone and their government-deputized dog.
More states should be like Utah — a phrase that’s probably never been uttered before. Hopefully, more states will follow this lead and get out ahead of the tech curve by providing their residents with these same protections.
Filed Under: 4th amendment, domestic surveillance, third party doctrine, utah, warrants
Trump Doesn't Understand Surveillance Powers; House Votes To Give Him More Of It
from the surveillance-madness dept
As discussed this morning, the House voted a few hours ago on a bill to reauthorize Section 702 of the FISA Amendments Act that did not reform the widely abused surveillance rules — other than to codify some of the power allowing them to continue to abuse it for warrantless surveillance on Americans. There was a vote on an important Amendment from Reps. Justin Amash and Zoe Lofgren that would have allowed the reauthorization of the underlying program, but (importantly) required a warrant (as per the 4th Amendment) for spying on Americans. And, unfortunately, the amendment was voted down (183-233) and the awful reauthorization passed, 256 to 164.
The fight over this bill was… weird in so many ways. There was the expected bullshit: politicians outright lying to the public, arguing that the Amash/Lofgren amendment (which again, just said that the program had to be conducted in accordance with the 4th Amendment) would somehow stop the intelligence and law enforcement community from finding terrorists (it wouldn’t). Again: everyone expected that. What was weird was (1) having some of Donald Trump’s loudest detractors in Congress… then argue against the Amash amendment and in favor of giving the Trump administration more power to warrantlessly spy on Americans and share that data widely among law enforcement. And (2) having President Trump tweet a series of confused tweets this morning that demonstrated that he clearly didn’t know what the debate is actually about… and suggesting he was against the reauthorization, despite the fact that the White House (his White House) had issued a statement strongly supporting the reauthorization.
So despite the White House (which, last I checked is supposed to represent the views of the President) tweeted in support of Section 702, here’s what the President himself tweeted early this morning:
?House votes on controversial FISA ACT today.? This is the act that may have been used, with the help of the discredited and phony Dossier, to so badly surveil and abuse the Trump Campaign by the previous administration and others?
— Donald J. Trump (@realDonaldTrump) January 11, 2018
Not surprisingly, this came just minutes after Trump’s besties at Fox & Friends had complained about Section 702, and even directly said “Mr. President, this is not the way to go.”
During the segment, after claiming that Trump's "woes began" with "surveillance of him," Andrew Napolitano literally turns to the camera and says, "Mr. President, this is not the way to go." pic.twitter.com/W8NrtDDP3I
— Matthew Gertz (@MattGertz) January 11, 2018
That resulted in Trump’s tweet which freaked out supporters of the bill, and even had a few members of Congress suggesting delaying the vote. Of course, while Trump later when on to tweet about some other topic, hours later, he added another tweet to the original tweet above, suggesting that he was now in favor of the reauthorization:
With that being said, I have personally directed the fix to the unmasking process since taking office and today?s vote is about foreign surveillance of foreign bad guys on foreign land. We need it! Get smart!
— Donald J. Trump (@realDonaldTrump) January 11, 2018
You will be unsurprised, of course, to learn that in the hours between those tweets, Rep. Paul Ryan (who was soon to go on the floor and completely misrepresent the bill) had spoken to the President.
It’s worth pointing out, of course, that both of Trump’s tweets totally misrepresent the 702 program and the vote today. While there are many, many examples of abuse of Section 702 surveillance powers, there has yet to be any evidence that it was abused to do surveillance on the Trump campaign. But the second tweet is also wrong. The issue was not “foreign bad guys on foreign land” but the fact that the new bill authorizes surveillance of totally innocent people — including American citizens at home in America — without a warrant.
As for the other oddity: some of Trump’s biggest critics in Congress — Adam Schiff and Nancy Pelosi — just helped to give Trump much greater surveillance powers on Americans without a warrant… despite regularly complaining that he has abused his powers.
…the most powerful member of the Democratic Caucus, House Democratic Leader Nancy Pelosi, was notably silent on the bill. If Pelosi had whipped Democrats to vote against the bill and supported the USA RIGHTS Act instead, there?s a good chance that Trump and Ryan would have failed to get their full extension. Yet, just before the floor vote today she said she would not support the USA Rights Act and shamefully voted to hand Trump exactly what he wanted.
Almost worse than Pelosi’s willingness to go along with the NSA was Rep. Adam Schiff’s, D-Calif., who has seen his star rise over the last year being the Democrat?s go-to voice on the Russia investigation. On CNN with Jake Tapper this weekend, Schiff talked at length how he thought Trump was abusing his power and misusing the Justice Department to go after his political enemies.
Nonetheless, Schiff was a leading driver in the House to extend the NSA’s surveillance powers, and has been undercutting the more robust reforms proposed by other Democrats, like longtime Senate Intelligence Committee member Sen. Ron Wyden, for months.
So, in summary: this bill that effectively expands the power of US intelligence and law enforcement communities to spy on Americans without warrants… was supported, then opposed, then supported again by the President while demonstrating he had no idea what was in the bill… then supported by Democrats who keep warning that the President will abuse the wider surveillance powers that they are voting to give him… and then the bill passed just as expected.
This is all kinds of fucked up.
Either way, this now moves on to the Senate. And while there are some Senators who are speaking out against the reautorhization — mainly Senators Ron Wyden, Rand Paul and Mike Lee — it’s widely believed that there’s not enough 4th Amendment supporters in the Senate to stop the bad bill from getting passed as well. And, at that point, it’s quite likely that the President will sign the bill, despite his own tweet complaining about the program this morning.
Filed Under: 4th amendment, adam schiff, domestic surveillance, donald trump, fisa, fisa amendments act, nancy pelosi, section 702, warrants