You are browsing the archive for surveillance.

by msmolly

Over Easy: A Small Price to Pay?

7:45 am in Uncategorized by msmolly

Caricature of James Clapper

We’re only keeping you safe!

The myths surrounding the revelations by Ed Snowden about the unchecked surveillance state are like zombies that never die. After I posted the Day We Fight Back information on my Facebook timeline on Tuesday, a friend I’ll call “Susan” (not her real name) replied with the following comment:

I’m sorry but I believe it’s a small price to pay for our protection from evil.

The myths surrounding the NSA’s surveillance persist, despite some excellent attempts to counter them with facts. An article from The Guardian, republished on the ACLU website, tries to set things straight.

Within minutes after the Guardian published that first leak on the NSA’s activities, pro-surveillance forces starting making bold claims about how necessary broad spying is to our very security. And almost every justification for indiscriminate spying on Americans and people abroad has been methodically refuted ever since. It turns out that assertions made by the administration, members of Congress and security commentators were little more than myths.

Just a few of those myths:

NSA surveillance programs have thwarted terror attacks here at home.

Administration representatives insisted during hearings that spying, including vast collection of phone metadata, had stopped 54 terror incidents. When pressed for specific details, the administration said around 10 were based in the US. That number finally shrank to one San Diego cab driver who was convicted of sending $8,500 to a Somali terrorist group. So it turns out that there were no attacks in America that were derailed by domestic spying.

Top National Security Experts: Spying Program Doesn’t Make Us Safer, and Spying Leaks Don’t Harm America

We’ve stayed safe. Doesn’t that prove the government efforts have worked?

This is like believing that government spying has prevented alien invasions or stopped boogeymen from hiding under our beds. The 9/11 attacks argument is a straw-man justification for whatever the NSA wants to do, just another way of scaring us into accepting anything in the name of Keeping Us Safe™. NSA spying would not have stopped 9/11, because the government already had information it needed, and didn’t effectively share or act on it.

NSA’s programs only work if they collect all information on everyone.

In their investigation the Privacy and Civil Liberties Oversight Board found no cases supporting the need for bulk collection, and concluded that bulk collection has not provided any information that the NSA could not have gotten using more targeted surveillance.

They’re only collecting metadata, not listening in on our calls.

The NSA reportedly traces three hops from a target: Alice knows Bob, Jeff, and Rebecca. But if Jeff becomes a target, Jeff’s three hops mean the NSA can check out Fran, Evan and Gloria. The Guardian calculated that if Alice has 50 friends, the number of targets generated under the NSA’s three-hops rule would be more than 1.3 million people. I really do hope that you (and everyone you know, and the 1.3 million people they know) don’t mind too much. Are you OK with the government knowing whom you call and when, from where to where, and how long your call lasts, and for the government then to know who those people called and when and for how long?

There’s no less-intrusive way to achieve the same goals.

Read the rest of this entry →

by msmolly

Over Easy: Still Fighting the Surveillance State

6:45 am in Uncategorized by msmolly

Eff spying eagle

Spying Eagle

Welcome to 2014. No, the surveillance state didn’t disappear with the rollover of the calendar.

It seems, among other things, that there is a surveillance order that has been flying under the radar, known as Executive Order 12333–United States intelligence activities. It has been around since Reagan signed it in December 1981, and its preamble begins,

Timely and accurate information about the activities, capabilities, plans, and intentions of foreign powers, organizations, and persons and their agents, is essential to the national security of the United States. All reasonable and lawful means must be used to ensure that the United States will receive the best intelligence available.

On December 30th, the ACLU and Yale Law School’s Media Freedom and Information Access Clinic filed a FOIA lawsuit in Federal court, demanding that the government release information about its use of Executive Order 12333 to conduct surveillance of Americans’ international communications. The complaint reads, in part,

The executive order, signed by President Reagan in 1981 and modified many times since, is the authority relied upon by the intelligence agencies, including the NSA, to conduct surveillance of foreigners outside of the United States. According to recent reports, however, the government relies upon the executive order to sweep up the international communications of countless Americans. For example, it collect billions of records every day containing the location information of mobile phones, including Americans’ phones; to harvest the address books of email users; and to sweep up the information of users of Google and Yahoo as it travels between those companies’ data centers abroad.

One document already released to the ACLU is a recent version of U.S. Signals Intelligence Directive 18, dated 2011 [that] regulates the NSA’s collection of Americans’ communications, including from surveillance conducted on foreign soil. Until Edward Snowden’s disclosures, little was known about how the NSA interpreted its authority under USSID 18. Many questions remain unanswered even since those disclosures, but this much is clear: the government interprets USSID 18 to permit it to sweep up Americans’ international communications without any court order and with little oversight.

For years the NSA has used its authority to gather foreign intelligence as permission to conduct sweeping surveillance of Americans’ international communications. This happens under the laws that govern surveillance on U.S. soil. Recent revelations by Edward Snowden make it clear that this happens — probably to an even greater extent — in surveillance conducted abroad under Executive Order 12333.

Almost all of the rationale for surveillance programs under Section 215 of the PATRIOT Act, and Section 702 of the FISA Amendments Act that the NSA has offered does not apply to surveillance under Executive Order 12333. Claims that the surveillance has oversight from all three branches of government is demonstrably untrue. It also is untrue that the courts have tested these programs, because the FISA Court has no authority over programs that fall under this Executive Order.

We are learning daily how this ungoverned authority has led to dangerous surveillance overreach. The ACLU is asking for the release of documents that would clarify the internal rules the administration applies to itself (or doesn’t) when it monitors international communications abroad — including those of Americans. Since it’s obvious that these programs are — and have been for a long time — collecting information about Americans on American soil, the ACLU is arguing for legal analysis, beginning with making the government disclose its own basis for conducting these programs.

Read the rest of this entry →

by msmolly

Over Easy: …one more thing

7:45 am in Uncategorized by msmolly

Blog-comments

…one more thing.

This is a very late addition to the post, because it is very important for anyone who uses Linkedin AND iOS devices like iPhones or iPads. If this doesn’t apply to you, please just skip to the hoocoodanode department below.

LinkedIn ‘Intro’duces Insecurity

LinkedIn released a new product today called Intro. They call it “doing the impossible,” but some might call it “hijacking email.” Why do we say this? Consider the following:

Intro reconfigures your iOS device (e.g., iPhone, iPad) so that all of your emails go through LinkedIn’s servers. You read that right. Once you install the Intro app, all of your emails, both sent and received, are transmitted via LinkedIn’s servers. LinkedIn is forcing all your IMAP [incoming] and SMTP [outgoing] data through their own servers and then analyzing and scraping your emails for data pertaining to…whatever they feel like.

Keep reading the article; it gets worse! It lists the problems this would cause for personal and business emails. The email tech gurus at Notre Dame took this seriously enough to send an alert. If you use Exchange/Outlook, you probably aren’t affected. If you use another email client and install the Intro app, you may regret it.

Here’s a link to Linkedin’s announcement of the app. I’m not sure I believe their “update” at the end, either. I wonder how quickly they will scrap this idea, or conversely, how many people will fall for it?

LinkedIn Intro: Doing the Impossible on iOS

Now back to your regularly scheduled programming…

From the hoocoodanode department, we have these items.

Security Check Now Starts Long Before You Fly

The Transportation Security Administration is expanding its screening of passengers before they arrive at the airport by searching a wide array of government and private databases that can include records like car registrations and employment information.

If you’re anywhere near Washington, D.C., Join the Largest Privacy Protest Ever This Weekend

US Representative John Conyers Jr., Pentagon Papers whistleblower Daniel Ellsberg and actor Maggie Gyllenhaal join a chorus of prominent voices calling for an end to mass suspicionless surveillance by the National Security Agency (NSA) in a new short video released by the StopWatching.us coalition.

I recently discovered the Stop Watching Us organization, and I’m really pleased to see some grass roots protest bubbling up about our out-of-control security state. Watch the Stop Watching Us video below:

Read the rest of this entry →

by msmolly

Over Easy: …one more thing

7:45 am in Uncategorized by msmolly

Three Surveillance cameras

Watching…

It’s even worse than we thought. We are being monitored, spied upon, tracked, whatever you want to call the egregious invasion of our personal privacy, even more pervasively and subtly than most of us knew. My astonishment was greater than it should have been when I came upon information about still more — and more hidden and intrusive — spying than I had imagined.

We’ve all had a crash course in the past four months in how Washington has created a global surveillance state shrouded in extreme secrecy, on a scale almost beyond our imaginations. Glenn Greenwald and Laura Poitras continue to reveal information from Edward Snowden’s documents. And yet for all that we know, and all that has been released but we have yet to fully comprehend, it’s clear that we’ve nowhere near a complete picture of the totality of the U.S. surveillance enterprise.

There are little known software products hidden inside our cellphones and lurking behind our web browsers that can follow us around anywhere. Companies can routinely install various kinds of software in all of our communications devices, and sell them to the government to use to spy on us. Pratap Chatterjee reveals on Mother Jones (via TomDispatch) how The Data Hackers mine our information for Big Brother.

Many of us have played Farmville or Bejeweled Blitz on Facebook, or used Google’s free search, Gmail, Google Docs, etc. We’ve talked on previous Over Easy threads about how these products suck up our data for various purposes.

We willingly hand over all of this information to the big data companies and in return they facilitate our communications and provide us with diversions. Take Google, which offers free email, data storage, and phone calls to many of us, or Verizon, which charges for smartphones and home phones. We can withdraw from them anytime, just as we believe that we can delete our day-to-day social activities from Facebook or Twitter. (msmolly’s note: we can’t.)

Some of us have installed software that helps prevent this data mining, hoping to retain some shred of privacy. But there are high-tech outfits that help themselves to our information without our knowledge, to allow government agencies to dig into our past and present. They get government contracts to (in effect) break into our homes in broad daylight and steal all our information — on our (the taxpayer’s) dime.

One example that raised the hairs on the back of my neck is an International Mobile Subscriber Identity (IMSI) catcher. An IMSI catcher is a portable device that poses as a mini cellphone tower and can capture all of the phone signals in a specific place. Each mobile phone has a unique IMSI. Once deployed, an IMSI catcher tricks phones into sending it data wirelessly. Some IMSI catchers fit into a briefcase or are no larger than a mobile phone.

By setting up several IMSI catchers in an area and measuring the speed of the responses or “pings” from a phone, an analyst can follow the movement of anyone with a mobile phone even when they are not in use. (My emphasis.)

Furthermore, much of our communications (voice and data) now travels across optical fiber, especially internationally. A company called Glimmerglass provides network management for optical fiber installations, and a product they call CyberSweep™ which

is an agile platform for identifying persona from communications networks and performing behavioral and predictive analytics to identify internal and external threats as well as identifying the source from communication networks.

According to the Glimmerglass website,

Our fast and agile solutions derive results and discover the source in near real time to counter cyber terrorism, cyber crime, and ensure public safety. Glimmerglass serves a global customer base in Cyber Security, Defense, and Telecommunications.

So all of our communications are “swept up” in secrecy, fed to the government (or who knows whom else?) all without our knowledge. This goes way beyond the “metadata” they claim is “all” they can see — they see everything that crosses the optical fiber or the airwaves between cell towers.

I feel safer now. Don’t you? (It is clear to me that we need a sarcasm font!!)

And on a slightly different but related topic, a new report out today from the Committee to Protect Journalists terms the Obama administration worse than the Nixon administration on its unparallelled secrecy and unprecedented attacks on journalists. Read the entire report here. And read Glenn Greenwald’s commentary about it here.

by msmolly

Over Easy: …one more thing

7:45 am in Uncategorized by msmolly

Flickr - law keven - Watching you...watching me....

Watching you…watching me…

I vowed to myself that this week I was going to post about something other than surveillance, but this one is too good not to write about!

A Data Broker Offers a Peek Behind the Curtain

The Acxiom Corporation, a marketing technology company that has amassed details on the household makeup, financial means, shopping preferences and leisure pursuits of a majority of adults in the United States, is trying something new. According to the NYT, Acxiom is the “quiet giant” of consumer database marketing. It knows who you are. It knows where you live. It knows what you do.

Few consumers have ever heard of Acxiom. But analysts say it has amassed the world’s largest commercial database on consumers — and that it wants to know much, much more. Its servers process more than 50 trillion data “transactions” a year. Company executives have said its database contains information about 500 million active consumers worldwide, with about 1,500 data points per person. That includes a majority of adults in the United States.

But now Acxiom, one of the most secretive and prolific collectors of consumer information, is embarking on a novel public relations strategy: openness. On Wednesday, September 4, Acxiom unveiled a free Web site where we can all see, edit, or suppress the information the company has collected about us.

The data on the site, called AbouttheData.com, includes biographical facts, like education level, marital status and number of children in a household; homeownership status, including mortgage amount and property size; vehicle details, like the make, model and year; and economic data, like whether a household member is an active investor with a portfolio greater than $150,000. Also available will be the consumer’s recent purchase categories, like plus-size clothing or sports products; and household interests like golf, dogs, text-messaging, cholesterol-related products or charities.

From the About the Data website,

Ever wonder what kind of information determines the ads you see or the offers you receive? You’ve come to the right place. About The Data brings you answers to questions about the data that fuels marketing and helps ensure you see offers on things that mean the most to you and your family.

More from the website:
Why is data about me important to companies?
How do companies get data about me and what do they do with it?
What types of data do companies use about me?

Now, if you’re curious, you can look at the data they have about you, and you have an option to edit it, or opt out of their collecting altogether. They say the penalty for opting out is that the ads you see will no longer be targeted to your personal interests or lifestyle. To look at your data, you first enter information about yourself, a Captcha code, and agree to terms of use.

To make sure we are accessing information about the correct person, we ask for some personal information, which we then compare to our Authentication system. We do this for your protection so that we can verify that we are only giving access to Acxiom’s digital Marketing Data about you.

I took a look at my own data, and here’s what I found.

  • “Characteristic Data” showed that I’m married (I’ve been divorced since 1990), 1 child “present,” 14 years old, a surname that’s Scottish/Irish (I still use my ex husband’s last name), no political party. My children are in their 40s (no 14 year old!) and don’t live with me.
  • “Home Data” was reasonably accurate. Most of that is available from public records, and they use home value and property size ranges, not specifics. But there was no mortgage amount shown.
  • “Vehicle Data” was not found. Interesting, because I own a registered, licensed automobile, the same one for about 5 years.
  • “Economic Data” showed regular American Express credit card use (I have only one credit card, and it isn’t an American Express card), regular online purchasing (that’s true), but the other info in that category wasn’t accurate, including household income.
  • “Shopping Data” also was inaccurate. It way understated my purchasing, both in dollars (only $408!) and in frequency (3 purchases in 24 months). It says I’m a mail order responder and a mail order buyer, and it does seem to show basic categories of my purchases reasonably correctly.
  • “Household Interests Data” lists categories accurately, except I don’t have or purchase collectible antiques, nor do I own a pet.

I didn’t see any information about my…

Read the rest of this entry →

by msmolly

Over Easy: …one more thing

7:45 am in Uncategorized by msmolly

Snooping dog

Snoop dog!

Surveillance notes from all over, for your Friday morning indigestion.

Did you know that J. Edgar Hoover and the FBI relentlessly pursued Dr. Martin Luther King?

The Dark Side of “I have a dream”

FBI agents placed bugs in King’s hotel rooms; they tapped his phones; they bugged his private apartment in Atlanta. The surveillance collected conversations about the civil rights movement’s strategies and tactics—and also the sounds of sexual activity.

If you had trouble getting to the NYT or using Twitter this week, it was because they were hacked by a Syrian group.

MelbourneIT, an Australian Internet service provider that sells and manages domain names including Twitter.com and NYTimes, said on Tuesday the credentials of a reseller had been used improperly to change domain settings and hack into sites including the NYTimes.com.

Facebook released its first Global Government Requests Report, and guess which country is #1 in the number of requests for information about Facebook users?

Kevin Drum observes:

…the real takeaway from this chart is that the United States isn’t really very unique in its desire to spy on people. When you adjust for their smaller size, Germany, France, Italy, and the UK are all in the same league. These countries may not intercept phone calls on the scale we do, but if Facebook nosiness is any clue, that’s only because they don’t have the technical capability, not because the idea outrages them.

It’s not just the NSA (but we knew that)…
Data Brokers Amass Detailed Profiles on Everyone Online

The excellent Wall Street Journal series, What They Know, provides a feel for what these databases can mean for people. One story was about Linda Twombly, a 67-year-old woman who, when surfing the Internet, was flooded with ads for Republican candidates leading up to the 2010 primary elections. The Journal revealed that RapLeaf Inc had a profile on her that included her full name and identified her as a conservative who was interested in Republican politics and the Bible, and donated to political and environmental causes. “Holy smokes,” she said. “It is like a watchdog is watching me, and it is not good.” The Journal found that RapLeaf’s profiles included such sensitive information as a person’s household income range, age range, and political leaning; the gender and age of children in the household; and personal interests in topics including religion, the Bible, gambling, tobacco, adult entertainment, and “get rich quick” offers.

And this week we learn that The Scariest Thing About NSA Analysts Spying On Their Lovers [LOVEINT] Is How They Were Caught

So not only can the public add LOVEINT to the list of abuses by government workers with access to government databases, but lack of security mechanisms also means that nobody truly knows how widespread the abuses have been.

I feel safer already. Don’t you??

by msmolly

Over Easy: …one more thing

7:45 am in Uncategorized by msmolly

Cat peeking from couch

Surveillance

This morning there is more news on the surveillance state:

Facial Scanning is Making Gains in Surveillance.

Although the system is not ready for use, researchers say they are making significant advances. That alarms privacy advocates, who say that now is the time for the government to establish oversight rules and limits on how it will someday be used.

They’re spending over $5.1M on this Facial Recognition Surveillance Program. But just yesterday a commenter on a Facebook post in my news feed trotted out the “if you have nothing to hide, who cares?” line.

Here’s a nifty graphic showing How the NSA Scours Internet Traffic in the U.S.

Meanwhile, the Obama administration asks the Supreme Court to allow warrantless cellphone searches. Is it my imagination, or is ObamaLLC becoming increasingly brazen in its surveillance? They’re not even trying to hide it.

And it’s not just the NSA. Turns out the NRA (yes, the National Rifle Association) has been building a massive database of gun owners, all the while screaming about the possibility of a national gun registry.

The organization’s database includes personal information from people who have attended gun-safety classes taught by NRA-certified instructors or gun shows. The NRA also collected gun permit information from state and county offices, as well as the names of gun magazine subscribers.

And as for involvement of the NSA’s internet “partners,” here is a disturbing commentary from the CEO of a company called Private WiFi.

What Google Knows

It doesn’t matter if you use ad-blocking or private browser features, Google still collects this data about you. Google stores all this information about you in giant databases so they can mine it, target ads with it, and run various algorithms with it.

…and share it with the NSA, presumably. Your Google Dashboard offers a simple view into the data associated with your Google Account if you have one, and most of us probably do. Might want to check it out!

Cat image by kevindooley, Creative Commons Attribution 2.0 Generic license

by msmolly

Over Easy …one more thing

7:45 am in Uncategorized by msmolly

Smallpox vaccine I’ve been following the uproar over ABC’s planned hire of Jenny McCarthy as one of the hosts of The View. ABC is hiring McCarthy to replace Elisabeth Hasselbeck, a right-winger whose contract wasn’t renewed because of her unpopularity with viewers, and who will jump to (surprise!) Fox.

I find the network’s decision to give such a prominent position to this woman — whose job includes sharing her opinions with viewers — incredibly irresponsible. Salon’s Alex Pareene sums it up:

McCarthy certainly has a more pleasant, or at least less confrontational, television style [than Hasselbeck]. Really the only problem with hiring her is that her life’s mission at this point is the advancement of dangerous fictions about vaccines. She devotes a great deal of energy to promoting the untrue belief that vaccines lead to autism, and it seems possible that she now views her career as a television personality and prominent celebrity as a means of carrying out her mission to spread what she believes is the truth about autism.

McCarthy joined this movement after her son turned two and was diagnosed with autism, and she seized on research published in The Lancet in 1998 that linked vaccinations to autism. That research was fraudulent, and its publisher, Andrew Wakefield, was later stripped of his medical license and The Lancet retracted the published research.

McCarthy declared, as a fact, that vaccinations had caused her son’s autism, and promoted this idea in venues aimed at mothers, such as on Oprah. McCarthy later claimed that she had cured their son through a combination of diet and vitamins. She accuses the government of being afraid to confront “the truth” about vaccines. Although she now admits her son never had autism, she is still selling fear of the childhood schedule of vaccines as dangerous. She has put the full force of her celebrity behind convincing parents to leave their children unvaccinated and vulnerable.

Vaccines have nearly eliminated a multitude of formerly deadly childhood diseases. But many of those diseases have come back from near extinction because gullible parents aren’t having their children vaccinated — and children have died because of it. We’ve seen a rapid increase in outbreaks of pertussis (whooping cough), measles, and mumps in the U.S. For example, last winter whooping cough hit its highest rate of infection in 50 years in the United States. Study after study has refuted the claimed link between vaccines and autism. The Anti-Vaccine Body Count website, dedicated to tracking the illnesses and deaths associated with the anti-vaccine movement, cites more than 118,000 illnesses and more than 1100 deaths from these preventable diseases, and 0, that is zip, zero, no, diagnoses of autism scientifically linked to vaccines.

The fear of vaccines doesn’t potentially harm only the children whose parents forgo vaccination, it harms other children (and adults) as well, because it threatens the “herd immunity” that we rely on to protect the larger population from disease.

It’s irresponsible for a broadcast television network to put Jenny McCarthy on their network in a role where she will give her opinions every day to a daytime audience largely made up of women and mothers.

I am hoping the uproar might be enough to change the network’s hiring decision. If you are so inclined, write to ABC and ask them to find a different replacement for Elisabeth Hasselbeck and keep Jenny McCarthy off The View.

Finally, a postscript to last week’s post is a new report from the ACLU, You Are Being Tracked, detailing another way we are being tracked and monitored. [You can download the PDF at the link.]

A little noticed surveillance technology, designed to track the movements of every passing driver, is fast proliferating on America’s streets. Automatic license plate readers, mounted on police cars or on objects like road signs and bridges, use small, high-speed cameras to photograph thousands of plates per minute.

The information captured by the readers – including the license plate number, and the date, time, and location of every scan – is being collected and sometimes pooled into regional sharing systems. As a result, enormous databases of innocent motorists’ location information are growing rapidly. This information is often retained for years or even indefinitely, with few or no restrictions to protect privacy rights.

Photo Credit: James Gathany Content Providers(s): CDC [Public domain], via Wikimedia Commons