Subscribe: Privacy
Added By: Feedage Forager Feedage Grade B rated
Language: English
act  amendment  americans  bill  communications  court  fourth amendment  fourth  information  privacy  section  surveillance 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Privacy


All articles with the "Privacy" tag.

Published: Thu, 14 Dec 2017 00:00:00 -0500

Last Build Date: Thu, 14 Dec 2017 16:58:07 -0500


Amash, Massie, and Other Congress Members Demand Standalone Vote on Federal Surveillance Laws

Thu, 14 Dec 2017 13:40:00 -0500

Some federal intelligence surveillance powers are going to expire in just over two weeks, and a pack of congressmen and -women want to make sure that a renewal isn't simply shoved into an end-of-year spending bill. These 35 legislators have signed a letter to Speaker Paul Ryan (R-Wis.) and Minority Leader Nancy Pelosi (D-Calif.) calling for the House to consider renewal of this surveillance law separate from any other legislation. The list includes two names familiar to Reason readers, Reps. Justin Amash (R-Mich.) and Tom Massie (R-Ky.). Amash took the lead and put out a press release promoting the request. Section 702 of the Foreign Intelligence Surveillance Act (FISA) Amendments expires at the end of 2017. This part of the law authorizes the use of unwarranted secret surveillance against foreign targets outside of the United States. But it has also been used to collect data and communications from American targets within the U.S., again without warrants and without the citizens' knowledge. There have been pushes to put more concrete restrictions in Section 702 preventing the FBI and National Security Agency (NSA) from collecting and maintaining domestic communications without a warrant. There have also been rival pushes to either renew the law as it is or even declare that these agencies have the legal authority to snoop on Americans without warrants for certain crimes. (I went through the details of the bills bouncing around in this post.) The letter to Ryan and Pelosi reads in part: There may be temptation to attach reauthorization of the FISA Amendments Act to a large end-of-year legislative package, but doing so would undermine representative democracy by effectively precluding most members of Congress from being heard on the important issues it raises and preventing the public from finding out where their representatives stand. It also could further undermine public trust in the intelligence community by suggesting that one of its most heavily used statutory authorities could not have been reauthorized under regular order. None of these outcomes is desirable, and all are easily avoided by bringing reauthorization to the floor as a standalone bill. There are some Democrats in the mix, such as Reps. Jared Polis (D-Colo.) and Zoe Lofgren (D-Calif.), but about two-thirds of those who signed the letter are Republicans. The Republican leadership and the White House are the ones attempting to push through reauthorization without discussion or changes, so this GOP resistance is an important signal. Bloomberg notes that the House Freedom Caucus just warned Florida Republican Rep. Dennis Ross not to attempt to sneak Section 702 reauthorization into a disaster relief bill to help people in Florida, Texas, and Puerto Rico recover from hurricane damage. In the end, though, this Republican resistance is precisely why reauthorization is probably going to get shoved into an omnibus "must pass" bill. It seems very unlikely that standalone Section 702 can pass through the House without the stronger civil liberties protections that both the party leadership and the White House explicitly do not want. Meanwhile, any actual public debate over surveillance has become entangled in controversy over the circumstances by which the FBI snooped on people in President Donald Trump's campaign and whether biases against Trump and in favor of Hillary Clinton played a role in the surveillance. This whole case could have served as an example of exactly how these powers can be abused for political purposes and therefore should be scaled back, but that's not how it's playing out. If Section 702 is not renewed by the end of the year, the White House says it believes federal intelligence agencies can continue to use the snooping authorities the law grants until April before having to shut it all down.[...]

Cops Out HIV-Positive Woman to Neighbors and Media

Thu, 07 Dec 2017 14:05:00 -0500

Every time I think sex policing cannot hit a new low, the news delivers something like this story out of Broken Arrow, Oklahoma. After an arrested woman informed the police that she was HIV-positive, the cops decided to broadcast this information—along with her full name and photo—to all the local TV news stations. They also left letters on the subject on about 50 cars parked near her place of employment. The 40-year-old woman was arrested after a November sting on a massage parlor where she worked. The parlor's male owner was booked for procuring prostitution and for possession of a firearm while in the commission of a felony, and he has since been released on bail. The woman, who remains in the Tulsa Jail on a $5,000 bond, was booked for prostitution—a charge that was later dismissed—and knowingly spreading an infectious disease. Yet police present no evidence that she engaged in unprotected sex with customers—nor, for that matter, that she had sexual intercourse with them at all. They say they got a search warrant and raided the massage parlor based on a tip from a concerned neighbor, online ads that featured scantily clad women, and info from a confidential informant who had posed as a prospective employee. Police encountered the arrested woman for the first time during this raid, when they found her in a massage room with a naked customer. Notably, the customer did not say he was paying this woman for sexual intercourse, merely what the cops call "a sex act"—generally, police speak for oral sex or hands-on genital stimuation. And detectives have no record of her offering to have sexual intercourse, with or without a condom, with anyone. But let's say, from a public health and abundance-of-caution perspective, that it makes sense for officials to warn city residents and encourage them to get tested. Why couldn't they have simply noted that an employee at the raided massage parlor was HIV-positive? Public health concerns must be balanced with a respect for privacy and due process. And there's simply no way that a local publicity tour with this woman's identity and image is necessary to achieve any public health aims. (Indeed, if the aim is to encourage the institution's customers to get tested for the virus, narrowly focusing on one employee will be counterproductive.) Naturally, the TV stations that broadcast this woman's picture and HIV status do not share such ethical qualms: They put the woman's name and photo in segments that now live forever online. The reporters seemed less interested in questioning the cops' story than in expressing shock that prostitution could possibly exist in their town. "There are two schools on the next block, and just around the corner, there's a family neighborhood that's decorated for Christmas," Charles Ely reported at the local ABC affiliate, assuring us that these "crimes just don't fit Broken Arrow." Meanwhile, simply gave up on any pretense of not being a police propaganda outlet, running supposed details about the story with the end disclaimer that they were "provided by law enforcement with the request News 9 inform the public" and "News 9 can make no independent verification of the accuracy of the information."[...]

Court to Cops: Forcing a Teenager to Masturbate in Front of You Is Not Reasonable

Thu, 07 Dec 2017 13:50:00 -0500

"A reasonable police officer would have known that attempting to obtain a photograph of a minor child's erect penis, by ordering the child to masturbate in the presence of others, would unlawfully invade the child's right of privacy under the Fourth Amendment," the U.S. Court of Appeals for the 4th Circuit declares in a decision it issued on Tuesday. It is hard to argue with that conclusion (although a dissenting judge did). It is even harder to imagine the circumstances that made it necessary. As Robby Soave noted at the time, the story started with a video that Trey Sims, a 17-year-old Virginia boy, sent to his 15-year-old girlfriend in 2014. According to David E. Abbott, the Manassas detective who handled the case, the video showed Sims "fondling his erect penis," making Sims guilty of producing child pornography, an offense in which he was both victim and perpetrator. While investigating this supposed crime, Abbott obtained a search warrant authorizing him to take "photographs of the genitals, hands, and other parts of the body of Trey Sims that will be used as comparisons in recovered forensic evidence from the victim and suspect's electronic devices." The warrant explicitly covered "a photograph of the suspect's erect penis." Abbott and two uniformed, armed officers executed the search warrant in the locker room of a juvenile detention center, where Abbott ordered Sims to "pull down his pants so that photos could be taken of his penis." Abbott then instructed Sims to "use his hand to manipulate his penis in different ways" so the desired photograph of an erect phallus could be obtained. When "Sims was unable to achieve an erection," Abbott "took photographs of Sims' flaccid penis using Abbott's cellular telephone." Unsatisfied with that picture, Abbott obtained a second warrant for another photo shoot. But before he could serve it, the publicity generated by complaints from Sims' lawyer led the Mannassas City Police Department and Prince William County Commonwealth's Attorney Paul Ebert to condemn Abbott's methods. Claiborne T. Richardson II, the assistant commonwealth's attorney who had approved both search warrant applications, announced that the second warrant would not be executed and that the photographs Abbott had already taken would not be used as evidence against Sims. The juvenile court reduced the charge against Sims to felony possession of child pornography; that charge was dismissed after Sims completed a year of probation. But that was not the end of the case. Sims' family hired Victor Glasberg, an Alexandria civil rights attorney, who helped them file a federal lawsuit under 42 USC 1983, which allows people to recover damages from police officers and other officials who violate their constitutional rights. Because "Abbott died before the present case was filed," Sims sued the administrator of his estate, along with Richardson. The 4th Circuit does not mention how Abbott died, but it seems relevant in understanding his treatment of Sims. Abbott shot himself outside his home in December 2015 after Prince William County police arrived to arrest him on suspicion of molesting two boys he met as a youth hockey coach. "In spite of these recent developments regarding the serious allegations against him," the Manassas City Police Department said, "we are grateful for the contributions Det. Abbott made during his time with Manassas City Police." His contributions included investigating sex offenses as a member of the Northern Virginia-Washington D.C. Internet Crimes Against Children Task Force. U.S. District Judge Claude Hilton dismissed Sims' lawsuit, finding that Richardson was protected by absolute immunity as a prosecutor and that Abbott was protected by qualified immunity because the actions described by Sims did not violate any clearly established constitutional rights. The 4th Circuit disagreed with the latter conclusion. "Both the outrageous scope of the sexually intrusive search and the intimidating manner in which the search was conducted weigh st[...]

Chuck Schumer Freaks Out Over Direct-to-Consumer Genetic Testing Privacy

Fri, 01 Dec 2017 12:45:00 -0500

Lots of folks will give themselves and their relatives direct-to-consumer genetic testing kits as holiday gifts this year. Millions of customers have already used such kits to learn about their genetic ancestry. For example, 23andMe reports that 99.6 percent of my genes derive from Europe, with 43.2 percent being British and Irish. Also, I bear more Neanderthal variants than 85 percent of 23andMe customers, although Neanderthal ancestry accounts for less than 4 percent of my overall DNA. Sen. Chuck Schumer (D–N.Y.) thinks the testing companies don't provide enough privacy protection for their customers' genetic data. "Many don't realize that their sensitive information may end up in the hands of many other third party companies," he said at a press conference Sunday. Schumer wants the Federal Trade Commission to investigate the situation, with an eye toward establishing rules that forbid testing companies from sharing your genetic information with other companies or researchers. The senator did not cite any evidence that genetic testing customers are actually much worried about their privacy. I reached out to various testing companies asking if they had received many (or any) complaints from customers about their privacy policies. Only 23andMe got back to me: Spokesperson Andy Kill claimed there is "nothing substantial to report as far as customer concerns on this front." That sounds about right to me. First, my bona fides. Seven years ago, I wrote an article arguing that worries about genetic privacy are way overblown. I have gone so far as to post publically my 23andMe genotype scanning results. My results are constantly updated as new information about the genetic variants tested for become available. My point is that genetic information is not special, toxic, or occult. In any case, the direct-to-consumer genetic testing companies all post their privacy policies so that consumers can review them. All of them promise not to disclose your information without your permission. If the companies change their privacy policies, they notify users of the changes and give them an opportunity to withdraw from their services. For example, 23andMe states, "We will not sell, lease, or rent your individual-level information (i.e., information about a single individual's genotypes, diseases or other traits/characteristics) to any third-party or to a third-party for research purposes without your explicit consent." MyHeritage similarly declares: "In no case is the personal information provided by our users sold, licensed or otherwise shared by us with advertisers, sponsors, partners or other third parties. We will never sell or license DNA samples, DNA Results, DNA Reports or any other DNA information, to any third parties without your explicit informed consent, and we will never sell or license such information to insurance companies under any circumstances." won't disclose personal information to third parties without your knowledge and consent, except "as reasonably necessary to comply with a law, regulation, valid legal process (e.g. subpoenas or warrants served on us) or governmental or regulatory request." Of course, no company can promise absolutely that it can prevent disclosure through hacking. For what it's worth, I have basically consented to let 23andMe do whatever it wants with my genetic test results. I think that doing so advances biomedical research that will end up helping lots of people and aids in figuring out what makes us humans tick. For example, my 23andMe genetic data was used in a study published in Nature Communications that found genetic associations with the susceptibility to some common infectious diseases and another in Molecular Psychiatry that identified genetic correlations associated with empathy. You're welcome. At any rate, if any people do have concerns about their genetic privacy, they have a simple way to avoid the issue: Don't take the tests. Disclosoure: I am a longtime happy customer of 23andMe.[...]

Trump Administration Lawyer Pummeled by Sotomayor and Gorsuch in Cellphone Tracking Case

Wed, 29 Nov 2017 17:30:00 -0500

(image) Fans of the Fourth Amendment got a rare treat today at the U.S. Supreme Court. During oral arguments, both the liberal and conservative sides of the bench delivered a thorough pummeling to the government lawyer charged with defending the practice of warrantless cellphone data collection and tracking.

At issue today in Carpenter v. United States was whether the FBI violated the Fourth Amendment when it obtained, without a search warrant, 127 days' worth of historical cellphone records about a suspected armed robber named Timothy Carpenter. Thanks to those records, the government identified the cell towers that handled Carpenter's calls and then proceeded to trace back his whereabouts during the time periods in which his alleged crimes were committed.

According to Michael R. Dreeben, the deputy solicitor general in President Donald Trump's Department of Justice, this sort of warrantless law enforcement activity is perfectly constitutional.

That stance, however, evidently did not sit well with Justice Sonia Sotomayor, who came out swinging against the government lawyer. "Most Americans, I still think, want to avoid Big Brother," she informed Dreeben. "They want to avoid the concept that government will be able to see and locate you anywhere you are at any point in time."

Sotomayor then suggested that the government's position in the case was at odds with the bedrock protections secured by the Fourth Amendment. "The Constitution protects the rights of people to be secure," she observed. "Isn't it a fundamental concept, don't you think, that that would include the government searching for information about your location every second of the day for months and months at a time?"

Shortly after this drubbing by Sotomayor, Dreeben found himself on the receiving end of a verbal thrashing by Justice Neil Gorsuch. "It seems like your whole argument boils down to if we get it from a third-party [such as a cellular service provider] we're okay, regardless of property interest, regardless of anything else. But how does that fit with the original understanding of the Constitution and writs of assistance?" Gorsuch pressed.

"You know," he told Dreeben, "John Adams said one of the reasons for the war was the use by the government of third parties to obtain information." The British forced those third parties "to help as their snitches and snoops." Why isn't today's warrantless cellphone snooping, Gorsuch demanded, "exactly what the framers were concerned about?"

In other words, after charging the government lawyer with ignoring the original meaning of the Fourth Amendment, Justice Gorsuch then all but accused that lawyer of dishonoring the memory of John Adams. I suspect that today will not go down as Dreeben's all-time favorite day in federal court.

It is never a good idea to try and predict the outcome of a Supreme Court case based on the tenor of the oral arguments. But today's events do at least demonstrate that the Fourth Amendment still has a few fans left on the High Court.

Related: Use a Cellphone, Void the Fourth Amendment?

Will This Awful Bill Allowing Warrantless Domestic Snooping Get Shoved Into an End-of-Year Spending Plan?

Wed, 29 Nov 2017 12:15:00 -0500

Senate Intelligence Committee Chairman Richard Burr (R–N.C.) is attempting to insert a bill authorizing warrantless domestic surveillance into must-pass end-of-year omnibus legislation. Burr's bill reauthorizes Section 702 of the Foreign Intelligence Surveillance Act (FISA) Amendments. These amendments (and their secretive FISA court) allow the secret surveillance of foreign targets outside of America's borders without the use of warrants. They have grown increasingly controversial because the surveillance has also scooped up untold (as in, not publicly revealed) amounts of domestic communications, and that information is being used for domestic crimefighting purposes. This puts the program at odds with the Fourth Amendment's protections against unwarranted searches. Section 702 will expire at the end of the year unless Congress acts. There are several bills in play to renew Section 702 with various levels of protections against unwarranted domestic surveillance. (Not familiar with them? Check out my primer from last week.) Burr's bill is flat-out the worst of the lot. It openly authorizes the use of Americans' communications collected without a warrant for a host of domestic crimes. It also authorizes the use of "about" searches, where intelligence officials access communications that merely reference a target, not just communications to or from that target. Ordinarily Burr's bill would have no chance of passing. Too many legislators in both parties, particularly in the House, are opposed to such measures for them to get through under normal circumstances. But I've previously warned that Burr and Senate leadership might try to add this reauthorization to a massive end-of-year bill that has to be passed to keep the government functioning. And Burr now tells The Hill that that's exactly what he's going to try to do: House lawmakers have characterized Burr's legislation as dead on arrival in the lower chamber, where there is a larger group of reform advocates—but Burr dismissed those concerns Tuesday. "I heard that argument before we marked up and I think we found language that accommodated everybody's belief that this didn't just leave unfettered access to this information," he said. "Some of that is still rough around the edges but the architecture is there." Close watchers of the debate have long speculated that Senate Majority Leader Mitch McConnell (R-Ky.) may follow a version of the playbook he used in a failed 2015 bid to pass a clean reauthorization of the Patriot Act—wait for the House to go first, then try to pass a clean renewal at the last minute in an attempt to jam it through the lower chamber. That trick didn't work, thanks in part to filibustering from the likes of Sens. Rand Paul (R-Ky.) and Ron Wyden (D-Ore.). Paul and Wyden are currently teaming up to push a rival piece of legislation, so don't expect them to be any more deferential to unwarranted surveillance this time. When part of the PATRIOT Act expired, we ended up with the compromise USA Freedom Act, which authorizes warrantless collection of metadata from Americans but places significant limits on officials' ability to search and access that metadata. Similarly, there is a compromise Section 702 reauthorization bill called the USA Liberty Act. The House bill has wide enough exceptions, surveillance experts say, that intelligence officials could easily bypass restrictions and continue to access domestic communications. Right before the Thanksgiving holidays, some senators released a version of the USA Liberty Act that tightens up those exceptions and made the warrant demands stronger. Burr recognizes that a compromise is going to have to happen again, but he believes his bill is going to be the framework and that there's absolutely no chance that stricter warrant requirements are going to be part of the final reauthorization. Burr, obviously, is no disinterested observer. He wants to sell the idea that his[...]

Today at SCOTUS: Warrantless Cell Phone Tracking vs. the Fourth Amendment

Wed, 29 Nov 2017 08:30:00 -0500

(image) Today the U.S. Supreme Court will hear oral arguments in what may prove to be one of the most significant Fourth Amendment cases in years.

The Fourth Amendment, of course, famously guarantees "the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures." Yet according to the Supreme Court's 1979 decision in Smith v. Maryland, "a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties."

Otherwise known as the third-party doctrine, this legal rule has proven quite valuable to law enforcement agencies over the past four decades. Perhaps the police would like to learn the URLs of the websites that someone has visited, or perhaps learn the email addresses that someone has corresponded with? The third-party doctrine lets the police obtain that information without first obtaining a search warrant for it.

But doesn't the idea of granting vast warrantless search powers to the police run afoul of the privacy protections enshrined in the Fourth Amendment?

The Supreme Court will grapple with that question today when it hears oral arguments in Carpenter v. United States. At issue is whether the FBI violated the Fourth Amendment when it obtained, without a search warrant, the cellphone records of suspected armed robber Timothy Carpenter. With those records, law enforcement officials identified the cell towers that handled his calls and then proceeded to trace back his whereabouts during the time periods in which his alleged crimes were committed. That information was used against Carpenter in court.

According to Carpenter and his lawyers, "carrying a smartphone, checking for new emails from one's boss, updating the weather forecast, and downloading directions ought not license total surveillance of a person's entire life."

According to the Trump administration, "a cell-phone user has no reasonable expectation of privacy in business records created by his provider documenting the cell sites used to document his calls."

What will the Supreme Court do? Will the justices rework the third-party doctrine, cabin the power of the police, and recognize broad Fourth Amendment protections for the digital age?

At least one member of the Court seems inclined to do just that. As Justice Sonia Sotomayor remarked in the 2012 case of United States v. Jones, "people disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers.... I would not assume that all information voluntarily disclosed to some member of the public for a limited purpose is, for that reason alone, disentitled to Fourth Amendment protection."

We'll find out later this term whether or not a majority of the Court shares Sotomayor's welcome view of the Fourth Amendment.

Your Secrets Are Not Safe With Anyone

Wed, 29 Nov 2017 00:01:00 -0500

Timothy Carpenter specialized in stealing cellphones, the same devices that betrayed him. Based on four months of cellphone location data from the companies that provided Carpenter's mobile phone service, the FBI placed him near four stores while they were being robbed. Carpenter argues that the FBI should have obtained a warrant before looking at those records. His case, which the Supreme Court will hear today, gives the justices a chance to reconsider a misbegotten and increasingly obsolete rule that threatens everyone's privacy in an age when people routinely store large volumes of sensitive personal information outside their homes. That rule, as summarized by the Court in a 1976 case dealing with bank records, holds that "the Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to Government authorities, even if the information is revealed on the assumption that it will be used only for a limited purpose." The "third-party doctrine" means the Fourth Amendment's ban on unreasonable searches and seizures imposes no restrictions whatsoever on the government's power to examine the most intimate details of your life should you be foolhardy enough to entrust them to someone else. On its face, this license applies not just to cellphone records, which given modern habits can show where you are and where you've been at almost any given moment, but to remotely stored email, text messages, calendars, browsing and shopping histories, documents, photographs, videos, and audio recordings. Under the third-party doctrine, all of this material receives only as much protection as legislators decide to give it. No wonder that Justice Sonia Sotomayor was moved to suggest in 2012 that "it may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties." As Sotomayor noted, "This approach is ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks." The Court decided that case, which involved a suspected drug dealer whose movements police monitored for a month via a GPS tracker attached to his car, based on the trespass required to plant the device. But five justices endorsed the view that tracking someone for as long as a month reveals so much personal information that it qualifies as a search under the Fourth Amendment even if it does not involve a physical intrusion. While that position makes considerable sense as far as expectations of privacy go, defining a search based on the length of surveillance or the quantity of information collected requires distinctions that are bound to be fuzzy, arbitrary, or both. A brief that the Institute for Justice filed in Carpenter's case suggests a more promising approach. Drawing on the work of law professors William Baude (University of Chicago) and James Stern (William & Mary), the I.J. brief recommends a "positive law model" based on the principle that "when government officials use their power to obtain information in a manner that would be prohibited for private actors, those officials must demonstrate the reasonableness of their actions under the Fourth Amendment." That approach, I.J. notes, "is far more protective of an individual's privately shared information than the current Third Party Doctrine." Since federal law prohibits cellphone companies from disclosing location records to private parties "without the express prior authorization of the customer," a police demand for that information would clearly implicate the Fourth Amendment, and in all likelihood require a warrant, under the positive law model. The same would be true of any other information that private parties cannot legally obtain without the subject's consent. The basic idea is that when [...]

The Good, the Bad, and the Unspeakably Ugly: A Reason Surveillance Reform Bill Primer

Tue, 21 Nov 2017 09:30:00 -0500

Before the year's end Congress needs to decide what it's going to do about Section 702 of the Foreign Intelligence Surveillance Act (FISA), which permits the federal government to engage in surveillance of foreign targets that are not on U.S. soil, secretly and without warrants. Section 702 amendments sunset at the end of the year if Congress does not act to renew it. These amendments were originally passed in 2008 and renewed in 2012. These surveillance authorities have become a source of controversy because it has become increasingly clear to the public that Section 702 has drawn in domestic communications from Americans when they were speaking with (or even just talking about) targets of foreign surveillance. There are "minimization" procedures to limit the ability of intelligence agencies from reading private communications from and by Americans without a warrant, but civil rights groups and surveillance experts have warned FBI and NSA intelligence agents bend the rules with "back door searches" and "reverse targeting" in order to keep tabs of Americans or people on American soil. Intelligence agencies have also engaged in searches "about" a subject of foreign surveillance, in addition to communications to or from the target, futher drawing in communications of Americans. The top concerns here are that the surveillance is done without warrants and overseen by the deliberately secret FISA court. The secrecy is to protect intelligence investigations and anti-terror and anti-espionage efforts. Since the intended targets are not supposed to be American citizens and not on American soil, the Fourth Amendment protections against unwarranted searches are not compromised. But when the feds access and use data from Americans, there are problems. Privacy-minded groups and some supportive lawmakers are looking to reform Section 702 to provide stronger protections for American citizens against unwarranted surveillance. The White House, however, has said they do not want any changes in Section 702, even though President Donald Trump has complained about people in his 2016 presidential campaign having their conversations collected through such surveillance. Below is a useful primer on the three Section 702 bills floating around in Congress, what each bill hopes to accomplish and a subjective assessment of its chances. It's entirely possible all three fail and a renewal with no changes is added to a must-pass, end-of-year omnibus bill. It's also possible Congress will fail to get a renewal approved and Section 702 sunsets. The Electronic Frontier Foundation, among other groups, would love to see Section 702 surveillance authorities go away entirely. But there is little evidence lawmakers are willing to take that political risk at a time of public concern over mass violence or terrorist attack within the U.S. borders. USA Liberty Act of 2017 (H.R. 3989) This is an intended "compromise" bill that has been offered up to rein in the use of unwarranted use of Americans' communications to fight domestic crimes while still allowing some access intended to assist the FBI and NSA in fighting terrorism and espionage from foreign actors. What does it actually do about surveillance? The USA Liberty Act requires federal investigators to get a court order in order to access the content of domestic communications when looking for evidence of a crime. The information accessed must be directly related to an investigation. The bill provides exceptions for getting foreign intelligence information (which is the point of the surveillance authorization in the first place), if the subject qualifies under federal law for an emergency surveillance authorization, or if the target's life is directly threatened and the information may be used to assist them. The bill creates specific procedures to document requests for the "unmasking" of the id[...]

The Senate Intelligence Committee Really Wants to Secretly Snoop on Americans

Wed, 15 Nov 2017 13:30:00 -0500

A newly released report from the Senate's Select Committee on Intelligence shows how thoroughly its members are resisting any efforts to protect Americans from unwarranted surveillance. Section 702 of the Foreign Intelligence Surveillance Act (FISA) Amendments is up for renewal this year, or it expires. Section 702 is intended to be used to authorize federal agencies to surveil communications for foreign targets for anti-terror, anti-espionage, and various national defense purposes. But Americans are increasingly aware that the FBI and National Security Agency (NSA) have been using this authority to engage in domestic surveillance against American citizens for purposes far outside the open intent of the law. They're doing so secretly and without warrants, and Americans have little recourse in the matter. As lawmakers consider renewing Section 702, there has been a big push by privacy activists and civil rights organizations to limit what the FBI and NSA may do and to reduce the amount of domestic communications the federal government is allowed to collect and access. But it looks like the Senate Intelligence Committee isn't having it. They're advancing a bill by Committee Chairman Richard Burr (R-N.C.) that does pretty much the opposite of what civil liberties and privacy-minded folks would like and fully codifies that these tools intended for foreign surveillance can and may be used to fight domestic crimes and snoop on American citizens without warrants. Elizabeth Nolan Brown noted in October how Burr's bill actually advanced the permission to use these snooping powers against Americans. The newly released report shows this is clearly the intent of Burr and the Senate committee. They voted down several amendments to attempt to make it clear that the law is not supposed to be used to snoop on Americans. To wit: The committee rejected a proposed amendment by Sens. Dianne Feinstein and Kamala Harris (both California Democrats) to require the government to get a probable cause warrant from the FISA court for domestic Section 702 search queries. The committee rejected a proposed amendment by Sen. Ron Wyden (D-Ore.) to prohibit using FISA to collect communications without a warrant that are known to be entirely domestic in origin. The committee rejected a proposed amendment by Wyden that would have codified a ban on using FISA to collect communications that are merely "about" a subject as opposed to communications that were to or from a subject. The use of "about" searches have currently been suspended because they resulted in the federal government getting unwarranted access to all sorts of communications they really had no authority to look at. The committee rejected a proposed amendment by Wyden to stop domestic "reverse targeting" via the FISA search authorities. This is a method where the feds target a foreigner for surveillance, but what they really want to do is hear what the people on the other end—including Americans—are saying. The committee rejected a proposed amendment by Wyden to further restrict the use of communications collected via Section 702 in legal proceedings. When the generally terrible Feinstein is the one warning that people's Fourth Amendment rights are being violated, there is definitely a problem. Unfortunately, her courage didn't extend to voting against Burr's bill. Wyden, Harris, and Sen. Martin Heinrich (D-N.M.) were the only "no" votes. Feinstein did include a minority statement (as did Wyden, Harris, and Heinrich) expressing her concerns about Burr's legislation. Feinstein notes that since the misuse of Section 702 against Americans has become public, there have been legal challenges. She thinks calling for a probable cause warrant "actually protects the program by preserving its core capability and putting it on more solid constitutional footi[...]

Locked Texas Shooter’s iPhone Reignites Encryption Debate

Tue, 14 Nov 2017 08:30:00 -0500

Well, here we go again: the FBI has once more found itself locked out of the smartphone of a dead mass shooter, this time Texas church massacre suspect Devin Kelley. Unless the feds find some kind of workaround to allow access without undermining the core encryption protections afforded by consumer devices, this incident could ignite another battle between the FBI and the tech community over the tensions between user security and law enforcement access. The issue is a tender one. In the spring of 2016, the FBI and Apple engaged in a fraught standoff over the encryption question following the 2015 terrorist attack at San Bernardino. The battle played out both in the public and the courts, with the FBI arguing that Apple had a duty to compel its engineers to intentionally break security features in order to access data on the locked devices of deceased shooters Syed Rizwan Farook and Tashfeen Malik. Apple stood firm, refusing to compromise any of its devices and instead seeking to find alternative means to assist law enforcement. This intense showdown did not present a cathartic ending. The legal issues underpinning the debacle were never resolved in court. Rather, the brouhaha was rendered moot when an outside party swooped in to hack the phone for the FBI for a cool $900,000. The most recent shooting at a Texas church contains all of the elements to create yet another battle royale between law enforcement and security professionals. The FBI agent in charge of the investigation, Christopher Combs, has already started grumbling about encryption, griping that "law enforcement is increasingly not able to get into these phones." In an interview with Politico Pro, Department of Justice Deputy Attorney General Rod Rosenstein, who has developed quite a reputation as an encryption critic, recently characterized the desire for strong, unbreakable encryption as "unreasonable." The agency has confirmed that the device is an iPhone. But officials reportedly have yet to reach out to Apple for assistance, preferring instead to explore alternative means to access the phone's data. That's problematic. The iPhone's security features are set up in such a way that the first 48 hours after an incident are critical. If the FBI had reached out to Apple within this time frame, its engineers could have assisted law enforcement to exploit this window of opportunities. But since the FBI neglected to reach out, they may have inadvertently foiled their own options. For example, Apple's Touch ID feature allows individuals to unlock their device by scanning their fingerprint. If Kelley's iPhone had the Apple Touch ID feature enabled, law enforcement could have used the dead man's fingerprints to easily open the phone. That is, unless the device has been powered off and restarted, or 48 hours have passed—in which case, the user's private passcode would be needed. And you can't exactly ask a dead man to tell you his passcode. If a feckless Android user like myself was one of the first in law enforcement to handle the device, they could easily seal off that route by immediately restarting the device. After all, it's a natural first step that frustrated smartphone users turn to when flummoxed by their technology. But in this case, it could mean the difference between easy access to critical clues, or a drawn-out legal battle that risks undermining the nation's data security. Even if they didn't turn off the device, the critical two-day window has come and gone. One really hopes that the FBI did not allow pride or prejudice to prevent a simple request for Apple's assistance. But it wouldn't be the first time the agency has flubbed such a route. Recall that during the San Bernardino debacle, the FBI instructed municipal officials to remotely reset Farook's iCloud password, thereby elimi[...]

Showdown Looming over Reform of Federal Surveillance Laws

Thu, 09 Nov 2017 13:10:00 -0500

The House Judiciary Committee has advanced a bill that would provide Americans modest protections from unwarranted surveillance, but falls far short of what civil liberties and privacy groups (and several legislators) demand. It's no surprise the USA Liberty Act passed out of the committee, 27-8, yesterday, having been hammered out by committee members and lawyers. But the committee resisted amendments that would make the privacy protections for Americans stronger. The USA Liberty Act is meant to address the pending sunset of Section 702 of the Foreign Intelligence Surveillance Act (FISA) Amendments. Section 702 is one of several federal authorities for foreign surveillance by the National Security Agency (NSA) and FBI to keep tabs on potential spies and terrorists. But Section 702 has also been abused, allowing for "backdoor searches" of communications of American citizens. These communications are collected "incidentally" during the surveillance of foreign targets and are used by federal agencies in the investigation of domestic crimes. All of it happens without a warrant with the oversight of the secretive FISA court. After Edward Snowden helped Americans understand the full extent to which our communications and metadata were being collected by the federal government, there's been a concerted effort by civil rights groups and lawmakers, with strong support for the Fourth Amendment, to restrain the feds. The USA Liberty Act does modestly restrict the feds and requires that they seek court orders to view these communications when looking for evidence of a crime. But it doesn't do much about the collection of the data. And there are enough exceptions to worry that little will actually change. The Electronic Frontier Foundation warns: But the warrant requirement is limited due to a number of troubling carve-outs. First, this court oversight requirement won't be triggered except for those searches conducted to find evidence of a crime. No other searches for any other purposes will require court oversight, including when spy agencies search for foreign intelligence, and when law enforcement agencies explore whether a crime occurred at all. Metadata—how many communications are sent, to whom, at what times—won't require court oversight at all. In fact, the Liberty Act doesn't include the reforms to metadata queries the House had previously passed (which unfortunately did not pass the Senate). In the Massie-Lofgren Amendment, which passed the House twice, agents who conducted queries for metadata would be required to show the metadata was relevant to an investigation. That relevance standard is not in the Liberty Act. Reps. Zoe Lofgren (D-Calif.) and Ted Poe (R-Texas), co-founders of the House's Fourth Amendment Caucus, attempted to amend the Liberty Act to end these "backdoor searches" without a warrant. Their efforts were rejected. According to The Hill, leaders of the House would not continue supporting the bill with the increased restrictions. But it's not clear that rest of the House will support the USA Liberty Act without these reforms. Several civil rights groups, like the American Civil Liberties Union, are warning the bill needs these strong protections from searches. And members of the Republican Freedom Caucus have expressed opposition to a renewal that doesn't have strong protections for Americans against unwarranted snooping. Rep. Justin Amash (R-Mich.) tweeted that the Liberty Act, as it stands now, codifies Fourth Amendment violations in searches, so we explect a "no" vote from him. Members of the Senate have their own ideas. Sens. Rand Paul (R-Ky.) and Ron Wyden (D-Ore.) have teamed up on the USA RIGHTS Act, which more thoroughly restricts and allows fewer exceptions to unwarranted surveillance against Ameri[...]

IRS Rehired Employees Previously Fired as Security Risks

Fri, 27 Oct 2017 15:35:00 -0400

(image) Millions of Americans' personal information may be vulnerable to hackers, thanks to the Internal Revenue Service's carelessness.

Not only has the agency been using an outdated security system, but it has rehired hundreds of employees previously fired for wrongdoing or performance issues, according to testimony by J. Russell George, the Treasury's inspector general for tax administration.

According to an audit published this year by George's office, the IRS has been expanding online tools for taxpayer use without taking key steps to guarantee the safety of taxpayers' information. One out of three Americans files their taxes online on their own.

George said the IRS has not fully implemented monitoring tools to prevent and detect computer hacks, is not monitoring its computer networks effectively for suspicious activity, and operates outmoded computer systems.

This is particularly important, George said, in light of the recent Equifax breach, which exposed the Social Security information of 143 million Americans and could vastly increase the risk of identity theft.

The IRS it relies on a 50-year-old technology, called the Individual Master File, that runs on outdated code. A replacement system—the Customer Account Data Engine 2, or CADE 2—has been plagued with delays and has no "scheduled or planned completion date," George said.

Because of the highly sensitive nature of tax returns and the risk of identity theft, George's office also conducted an audit of the procedures the IRS takes when it hires employees. In the 15-month period from January 1, 2015, to March 31, 2016, the IRS hired 7,500 employees—of whom 2,000 had worked for the tax agency previously. Of those rehired employees, about 200, or 10 percent, had been previously fired for conduct or performance issues, including several who had willfully failed to file their own taxes and four who were under investigation for unauthorized access to taxpayer information.

IRS officials defended themselves by saying it would be "cost prohibitive" to check the performance of former employees. When challenged, George said, the agency could not document that checking would be expensive.

Rand Paul Worries Whether Surveillance Reform Will Even Be Debated in Senate

Wed, 25 Oct 2017 13:35:00 -0400

(image) Sen. Rand Paul (R-Ky.) is concerned his peers will attempt to reauthorize and possibly even expand the federal government's surveillance powers without any public debate at all.

Paul spoke with journalists this morning about the USA Rights Act, the bill he has introduced with Sen. Ron Wyden (D-Ore.) to reform the Foreign Intelligence Surveillance Act (FISA). Paul's goal, as when he has called for limits on government surveillance in the past, is compliance with the Fourth Amendment.

"What's most important to me is that, really, if we use less than a constitutional standard to gather information, that information should not be used to prosecute a crime," Paul said.

But yesterday afternoon, hours after Paul and Wyden unveiled their bill, the Senate Intelligence Committee voted to essentially maintain the rules as they are. The way Section 702 of FISA is currently being implemented allows the FBI and other federal agencies to use communications they collect during surveillance of foreign targets to prosecute domestic crimes, all without getting a warrant to access the information. Section 702 expires this year, so lawmakers must either pass something or allow it to expire entirely.

Paul hopes there will be debate on reforming the Section 702 surveillance laws, but he worries that's not going to happen.

"Our hope is that we'll actually get a vote on this," Paul told reporters. "It's disappointing that we may not get a debate or vote. Typically we wait until deadline and then stick it on spending bills."

But if Paul doesn't get a lot of support from his fellow senators, he has bipartisan support from a significant number of representatives in the House. He says that only a handful of GOP senators support his push for restrictions, but he calculates that somewhere between 60 and 100 conservatives in the House are receptive. The conservative House Freedom Caucus opposes renewing Section 702 without better protections for Americans against unwarranted surveillance.

Paul was also asked about his recent interactions with President Donald Trump and whether he pushed for Trump to embrace these reforms. Paul wouldn't get into specifics, but he confirmed that he had been "discussing privacy issues" with the president. The White House has said that it wants Section 702 reauthorized without changes.

Trump's concerns about surveillance privacy have primarily involved the unmasking of people in his orbit during the investigation of possible Russian meddling in the election, and leaks of information about those communications to the media. The line from the White House has typically been that the unmasking and the leaks were illegal and must be stopped. Paul agrees with that. But there's not much evidence that Trump shares Paul's broader concern about surveillance without warrants as an issue affecting everybody else.

Sens. Rand Paul and Ron Wyden Unveil Long-Awaited, Privacy-Protecting Surveillance Reform Bill

Tue, 24 Oct 2017 14:00:00 -0400

In this corner, Sen. Richard Burr (R–N.C.), head of the Senate Intelligence Committee, wants to expand the feds' ability to snoop on citizens without a warrant. In this corner, Sens. Rand Paul (R-Ky.) and Ron Wyden (D-Ore.) want to significantly restrain the federal government from accessing information collected without warrants. Let's fight it out. At issue is Section 702 of the Foreign Intelligence Surveillance Act, which establishes some of the rules for federal intelligence agencies when they snoop on the communications of foreign targets on foreign soil. This process has been subject to abuse: Surveillance of a foreign target can give investigators access to communications by American citizens, and the FBI has conducted "back door" searches of those stored communications to fight purely domestic crimes. All this happens without a warrant and without citizens even knowing their communications have been collected. Section 702 expires this year, so lawmakers now must either renew it or allow it to sunset entirely. Hence the dueling bills in the Senate. Burr's draft bill, which apparently will be debated behind closed doors today, not only renews Section 702's current set of federal powers for the next eight years; it expands them, and it formalizes some of activities that privacy and civil liberties groups are most concerned about. Burr's bill would formally authorize the FBI to use information from communications collected without a warrant for a list of wholly domestic crimes. These include various violent offenses, kidnapping, crimes against minors, pretty much anything related to "cybersecurity," any transnational organized crime, sex trafficking, and anything "related to the national security of the United States." Furthermore, if the attorney general determines that a crime qualifies as part of this list, the bill declares that this decision will not be subject to judicial review. Reason's Elizabeth Nolan Brown blogged earlier some of the concerns about how this surveillance will be used domestically. Burr's legislation would also restore what's known as "about" searches and communication collections. These have typically been described as allowing surveillance of communications to or from a foreign subject, but in fact the feds were also collecting communications that were simply "about" a foreign subject. (Hence the name.) This controversial practice was halted earlier in the year, as it was drawing in all sorts of communications that the FBI and National Security Agency (NSA) should not have had access to. Burr's bill would legally allow for these "about" searches unless Congress formally passes legislation forbidding it. In short, Burr's legislation would amp up the government's domestic surveillance powers with little oversight and would shred Americans' Fourth Amendment rights. The good news is that the bill is very unlikely to become law, thanks to a bipartisan push to restrain surveillance authorities. Paul and Wyden's bill would do pretty much the opposite of Burr's: It would roll back the NSA and FBI's ability to secretly, warrantlessly collect, access, and use communications from American citizens or from people on American soil. Their bill is titled the "Uniting and Strengthening America by Reforming and Improving the Government's High-Tech Surveillance Act of 2017"—the USA RIGHTS Act. It would restrain the feds' ability to acquire or access American citizens' communications and to use the information as evidence in court. It would prohibit "reverse targeting"—the practice of snooping on foreign targets as the law permits, but with the real motive of listening to the Americans communicating with them. The USA RIGHTS A[...]