Subscribe: Privacy
Added By: Feedage Forager Feedage Grade B rated
Language: English
access  americans  citizens  communications  court  data  foreign  government  information  law  nsa  people  privacy  surveillance 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Privacy


All articles with the "Privacy" tag.

Published: Fri, 21 Jul 2017 00:00:00 -0400

Last Build Date: Fri, 21 Jul 2017 18:33:41 -0400


Want to Look at Online Porn? The U.K. Gov't Wants to Strip You of Your Privacy

Tue, 18 Jul 2017 16:45:00 -0400

(image) Prime Minister Theresa May's administration wants to demolish British citizens' privacy if they look at pornography online.

That's not what the government saying, but that's exactly what's going to happen. The United Kingdom is tightening its controls on internet porn in an efforit to keep children away. They're doing this by mandating that porn companies collect proof that anybody attempting to visit a site is a legal adult before letting him see so much as a nipple. This could potentially force people to surrender private information—a credit card number, for example—just to get access, let alone download anything.

The authorities plan to get this system in place by next spring. The enforcement looks pretty severe, according to Ars Technica:

Sites that refuse to cooperate face the wrath of earmarked regulator the British Board of Film Classifications (BBFC). It will have the power to dish out fines of up to £250,000 [about $325,000] for non-compliance, cut loose misbehaving porn operators from their payment providers, advertisers, and other ancillary services that they use in the UK, or they could be blocked by ISPs—a method that the government's DCMS parliamentary under-secretary Lord Ashton previously insisted" would be used sparingly."

Ars Technica notes that many of these porn sites are not based in the United Kingdom, and that it's going to be hard to implement a policy that people can't work around. But more importantly: For the sites that are forced into compliance, what could potentially happen to that data if it's breached? This isn't just porn purchases being tracked now. It's porn site visits attached to an identifiable person's name:

"Age verification could lead to porn companies building databases of the UK's porn habits, which could be vulnerable to Ashley Madison style hacks," argued Open Rights Group director Jim Killock.

"The government has repeatedly refused to ensure that there is a legal duty for age verification providers to protect the privacy of Web users," he said, adding: "There is also nothing to ensure a free and fair market for age verification."

Let us not forget that May's government has implemented the Investigatory Powers Act, which requires internet providers store users' online histories for access by various government agencies in crime-fighting efforts.

Let us also not forget that even when granting that adults have the right to look at pornography, the U.K. government demands the authority to decide what sort of sexual practices you are allowed to enjoy. The government nanny is not fond of kinksters who get their jollies off naughty fetishes where people do mean things to each other.

Last year Ars Technica documented just how difficult it will actually be for the U.K. to keep people—even those under the age of 18—from accessing internet porn. Read more about it here.

Australian Leader’s Stupid Quote About Laws Trumping Math Is Encryption Fight in a Nutshell

Mon, 17 Jul 2017 13:10:00 -0400

Australia's Prime Minister Malcolm Turnbull is getting mocked by the encryption savvy for asserting that the laws of mathematics are subservient to the laws of Australia. The Australian government is considering legislation that would require online communication companies decrypt messages on demand of law enforcement officials in order to fight crime. The problem is end-to-end encryption blocks companies from decrypting the communications. It's a safety and security measure to make it much harder for people with sinister intentions—either criminals or dangerous governments—to access users' private data. Turnbull's quote may make him look like an idiot, but the fundamental attitude he's expressing is shared by lawmakers and government officials in other countries, including the United States and England. These people want to deliberately jeopardize everybody's data privacy and security in order to serve the demands for information by law enforcement and the intelligence community. Government officials have been wanting to force "back doors" into encryption so that they can get access to data in order to fight crime and terrorism. But there's no such thing as a back door that only the government can access. Once there is a key to break encryption, it can be (and frequently has been) either discovered or reverse engineered by others. Furthermore, no single government, no matter how powerful it is, has the ability to prevent new, unheard of encryption tools from becoming available for criminals and terrorists to access. The inevitable outcome would be average users of commonly distributed communication apps having their data compromised, and actual criminals finding new ways to keep their communications secret. In this context, Turnbull was asked whether this mathematical reality trumped government's desire to get access on demand to encrypted communication. His response: "Well the laws of Australia prevail in Australia, I can assure you of that. The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia." We should actually appreciate the blunt stupidity of Turnbull's response, because it highlights how stubbornly unwilling government officials have been in recognizing the actual consequences of their proposals. We've seen it from American senators on both the left and the right like Dianne Feinstein (D-California) and Richard Burr (R-North Carolina). We've seen it from British Prime Minister Theresa May's administration. Throughout this encryption fight we have seen government and law enforcement officials lean on their power to legally demand access to information with warrants and investigatory tools in a bid for the authority to compromise everybody's security. The quote from Turnbull vividly demonstrates their belief that the existence of a government law outweighs consideration of other consequences. The quote should be used as a rhetorical weapon against the likes of Feinstein and May to force them (and law enforcement representatives) to deal with the dangerous consequences of the laws they propose.[...]

DHS to American Citizens: Let Us Scan Your Faces, or No International Travel

Thu, 13 Jul 2017 12:30:00 -0400

Prepare to get your faces scanned whether you like it or not, U.S. citizens, if you want to fly to other countries. It won't be those other countries scanning your mug to make sure it's safe to let you in. These facial recognition and biometric systems, allegedly intended to track foreign travelers for immigration enforcement, will be foisted on you by your own government. Don't blame this on President Donald Trump's anti-immigration fearmongering. This pilot project was put into place a year ago by President Barack Obama's Department of Homeland Security (DHS). You might not have heard much about it yet, because Americans' participation in it is currently voluntary. But as the program expands next year, it may get more coercive. A new report from DHS claims that they have the authority to require citizens to let the government scan their faces as a condition of getting on an international flight. The report says early on, "Because crossing the border is considered voluntary, travelers are subject to the laws and rules enforced by" Customs and Border Protection (CBP). That logic may not exactly hold up to close scrutiny—speech is often voluntary, but that doesn't mean the government can regulate it—but the report rolls with it, arguing that the government's right to inspect travelers extends to biometric scans: [T]he only way for an individual to ensure he or she is not subject to collection of biometric information when traveling internationally is to refrain from traveling. Individuals seeking to travel internationally are subject to the laws and rules enforced by CBP and are subject to inspection. Another way to ensure citizens aren't subject to having their biometric information collected try to get the courts or lawmakers to stop it. The Associated Press notes that Sen. Edward Markey (D-Mass.) thinks U.S. citizens should be able to opt out of the program. The report does mention the possibility that travelers will be allowed to opt out of the scans and prove their identity another way. But as this report and the AP coverage notes, there is a significant likelihood that such requests might not be honored in the future. The plan also calls for deleting all scans of U.S. citizens after 14 days and not using them for any other purposes. But a CBP representative told the AP that in the future, these images might be stored and then perhaps used for other purposes. None of this should come as a surprise. The government has been increasingly prone to profiling and tracking Americans as they travel, whether it's local police departments scanning license plates or the more than two dozen state departments of motor vehicles that add driver's license photos to facial recognition databases. We've already seen some of the ways this can be abused. Cities are sending threatening letters to car owners just for being parked in areas where prostitution is commonplace. New York City is implementing facial recognition software into its cashless toll road program in order to try to catch people who skip out on paying. There is absolutely no reason to trust that this program will never be more than a way to monitor the comings and goings of foreign travelers. Instead, Americans may find themselves in a permanent virtual police lineup.[...]

California Looking to Give Unions Private Workers' Phone Numbers, Addresses

Fri, 07 Jul 2017 00:30:00 -0400

Even those observers of California state government who are aware of the degree to which the Democratic-controlled legislature is in the tank for public-sector unions might be shocked by the latest bill that's making its way to the governor's office. Legislators are about to require that private-sector workers in the home-care industry provide a wide range of personal information—home address, email contact, cell-phone number—to any labor organization that wants it. Those unions would then be free, at their discretion, to pester these workers into joining the union. The bill only affects one industry, but the precedent is clear. How long before an ever-expanding list of private workers in California are subject to union organizers showing up at their doorstep and contacting them on their private emails and cell phones? The Service Employees International Union (SEIU) has already been able to unionize home healthcare workers receiving government payments to care for a loved one. Clearly, SEIU is expanding its horizons. In fact, the bill apparently is such a priority to the Democratic leadership that Senate President Pro Tempore Kevin de Leon (D-Los Angeles) recently stacked the Human Services Committee with three new Democratic members to assure its passage. It's a highly unusual move to expand the size of a committee to assure passage of particular legislation. Assembly Bill 1513 ostensibly is designed to improve the licensure and regulation of home-care organizations—companies that provide aides to the homes of sick, disabled or elderly people to help them with laundry, cooking, showers and other basic needs. The state already requires aides to pass background checks, receive necessary training and register with the California Department of Social Services to help combat abuse. The aides must already provide their personal information to the state government. Clients can search an existing database to double-check the backgrounds of those who provide such work in their homes. This new Home Care Services Consumer Protection Act claims to improve home health services by allowing "home care aides the opportunity to benefit from information, resources and more," according to Assemblyman Ash Kalra (D-San Jose). But the real purpose is to let the bill's sponsor, SEIU, gain personal information for organizing purposes. There's no need to speculate about the goal here. The previous version of the bill required employees to provide their personal information to the state, which would then provide the information "to a governmental or non-profit entity that provides training, educational classes, and other specified services" upon that entity's request. The newly amended bill requires "a copy of a registered home care aide's name, mailing address, cellular telephone number, and email address on file with the department to be made available, upon request, to a labor organization." The labor unions would be free to use the information for "employee organizing, representation and assistance activities." That provides wide latitude with few restrictions. The bill includes an "opt out" mechanism, but that doesn't offer much protection. A home-care worker would need to go through the trouble of trying to keep personal information out of the union's grasp. And we've seen the problems with such a system in the current union dues-paying system. A 1977 U.S. Supreme Court ruling allows public employees to opt out of paying those portions of their dues that are used for direct political purposes. But employees who want to opt out often complain about the difficult and convoluted process of doing so. Obviously, unions—and the state government—have no reason to make such a process easy. This bill is nothing more than a union-organizing ploy. Again, the state government already has all the requisite personal information of those who provide home-care services. The public can search that information using an employee number. We're talking about private em[...]

New York Lawmakers Back Unwarranted Phone Searches of Drivers

Tue, 27 Jun 2017 14:30:00 -0400

Lawmakers in New York want to give police the authority to search without a warrant phones of people involved in crashes to crack down on drivers texting behind the wheel. If that weren't intrusive enough, the bill would authorize police to immediately suspend the driver's license for a minimum of one year of anybody with the temerity to resist a search. And this suspension, along with fines of $500 to $750, would stick regardless of whether or not the person was ultimately found guilty of a crime. This significant end run around citizens' rights to privacy and due process gets only the slightest attention from a recent NBC News story. Instead, NBC was on hand to hype the technology involved. Mobile forensics text company Cellebrite is working on a tool called the "textalyzer," which they're marketing to lawmakers and police agencies as a breathalyzer for phones. Connect the textalyzer to a phone and it is able to determine what you had been doing with it at any time, including which apps had been recently used. This is private data that could be used to implicate people for crimes. A representative for the American Civil Liberties Union worried that police could use it to get all sorts of additional information. The CEO of Cellebrite says it can't access actual communications data; it's just determining what you're accessing. They're essentially arguing, "We're not trying to snoop on the content of your conversations, but we still think we should be able to access your data in order to collect potential evidence of a crime." And they should be able to—once they get a warrant. But for those supporting Senate bill S2306 (and its Assembly counterpart A3955), the process of getting a warrant is just too much work. The bill is being pushed along by the father of a teen killed in a car crash, so it's a familiar case of a tragedy leading to poorly thought-up, rights-violating legislation. Ben Lieberman's son, Evan, was killed in a car crash in 2011 and Ben found out months after the fact that the driver of the car he was in had been texting. From NPR: "We often hear, 'just get a warrant' or 'just get the phone records.' ... The implication is that the warrant is like filling out some minor form," he says. "It's not. In New York, it involves a D.A. and a judge. Imagine getting a D.A. and a judge involved in every breathalyzer that's administered, every sobriety test that's administered." Lieberman filed a civil lawsuit to subpoena the phone records, which showed the driver had been texting before the crash. But even getting the phone records won't tell you much, he says. "It doesn't detect any of the important distractions, like email, social media or Web browsing." Advocates keep making the breathalyzer comparison for a reason: Courts have ruled that these types of sobriety tests are not terribly intrusive and therefore do not require a warrant. But what this law actually proposes is forcing drivers to allow police to access private, personal data. (It's also worth observing that Lieberman is working directly with Cellebrite, according to NPR, so the advocate for the legislation is partnering with the company that wants to provide the tools that would be used.) A more accurate comparison would be North Dakota's law that punished suspected drunken drivers for refusing to submit to warrantless blood tests. That's the law the Supreme Court struck down as unconstitutional because of its intrusiveness. Legislators had hoped to pass it by the end of their session this month, but the bill didn't make it. To be clear, though, its prospects are not dead, and the state Senate's Transportation Committee gave it a unanimous thumbs up. Expect to see it back next year.[...]

Gawker Documentary Fails to Make Case for Publishing Sex Tape

Fri, 23 Jun 2017 15:00:00 -0400

Nobody Speak: Trials of the Free Press. Available now on Netflix. I'm afraid that merely to disclose the subject of the Netflix documentary Nobody Speak: Trials of the Free Press is about—the dire threat to the First Amendment posed by a jury's decision that a website did not have a right to show a stolen video of professional wrestler Hulk Hogan's penis in action—is to give away the entire plot: Yes, this is the latest and greatest chapter in the news media's eternal proclamation of martyrdom at the hands of prigs and fascists. And yes, it rises to such an awesome level of whining self-aggrandization that it threatens to spoil the good name of hogwash. So, spoiler alert. The case that's the subject of Nobody Speak is possibly the most fascinating and least significant in the three-century history of media litigation. It's full of depraved sex, villainous intrigue, and lurid betrayals. But its ultimate contribution to legal canon was not exactly epic. As longtime media lawyer Charles Glasser (an interview of whom would have been a welcome addition to Nobody Speak) wrote after the verdict, the case's lesson was simple: "Don't publish secretly-made sex tapes." The story begins in 2012, when celebrity wrestler Hogan (nom de real life: Terry Bollea) got an unusual gesture of friendship from his best pal, radio shock-jock Bubba the Love Sponge: Hey, wanna sleep with my wife? Hogan knew this was a frequent recreational activity of Bubba (nom de non-perv world: Todd Alan Clem) and the busty Mrs. Sponge and had previously declined to participate But this time, down on his luck—and wallet—after a series of business reverses and an expensive divorce, he agreed. What Hogan didn't know was that the Sponges routinely and secretly taped these marital guest appearances. (After the case blew up, Bubba claimed Hogan knew all about the taping, but he wouldn't repeat it under oath during the trial.) That might not have mattered except that a copy of the recording, apparently stolen by one of Bubba's employees, found its way into the hands of the scabby gossip website Gawker. Founded in 2002, Gawker regularly trafficked in sex tapes and such scoops as the grooming of Republican senatorial candidate Christine O'Donnell's pubic hair. Founder Nick Denton, the British journalist who built Gawker into the centerpiece of a $200 million online media empire, routinely defended his celebrity-bullying scandal sheet as a champion of truth and democracy in a world of lickspittle mainstream media. "Everybody knows what usually appears, certainly, in the establishment media bears little resemblance to what's really going on," he says in Nobody Speak. Speaking truth to Bristol Palin and Justin Beiber! Gawker posted a chunk of the tape; Hogan's attorney asked it be taken down, and when Gawker refused, filed a breach of privacy lawsuit. What followed was a series of potboiler plot twists: Another sex tape, with racist remarks by Hogan that would get him booted out of pro wrestling; intimations that Gawker, wittingly or not, was acting as a stalking horse for blackmailers; an FBI sting against a sex-tape broker; and a series of legal stratagems by Hogan's attorneys that the Gawker legal team considered inexplicably stupid but which turned out to be brilliant. The real stupidity occurred on the Gawker side of the courtroom, none so lethally damaging as the swaggering arrogance of the site's former editor, A.J. Daulerio, who wrote the story accompanying the Hogan sex tape. During his testimony, Daulerio insisted that images of boinking celebrities are always newsworthy. Always? wondered Hogan's attorney. Well, maybe not if the celebrity was a child, Daulerio conceded dismissively. Under what age? asked the attorney. "Four," sneered Daulerio, a remark that nearly everybody agrees sent Gawker's case into a death spiral. In an interview in Nobody Speak, a wounded Daulerio insists that "Clearly, I'm kidding." So, there's [...]

Freedom Caucus Conservatives Break from Trump, Want More Surveillance Reform

Fri, 16 Jun 2017 13:40:00 -0400

The White House and several prominent Senate Republicans want to keep the scope of federal surveillance powers intact, but there's a rebellion afoot. The House Freedom Caucus has said it does not want to renew some federal snooping powers unless there's reform that better protects Americans from unwarranted data collection. Earlier this month, such Republican senators as Tom Cotton of Arkansas, Marco Rubio of Florida, John McCain of Arizona, and Susan Collins of Maine, among others, announced they were introducing a bill to make permanent some temporary surveillance powers granted by amendments to the Foreign Intelligence Surveillance Act (FISA). The White House has formally declared its support for this bill. The powers under dispute fall under Section 702 of FISA amendments. Section 702 is intended to allow the National Security Agency (NSA) to snoop on the communications of foreign targets. But this surveillance often ends up drawing in data and records and communications from United States citizens as well, all collected without a warrant. While there's a "minimization" process intended to protect U.S. citizens' privacy and due process rights, there's also an "unmasking" procedure government officials have used to investigate domestic crimes beyond threats of terrorism and espionage. Such a process appears to run afoul of the Fourth Amendment's protections, and civil rights advocates across the political spectrum want to reform Section 702 to protect against these "backdoor" searches. Section 702 wll expire at the end of the year if Congress does nothing (or is unable to get enough votes to pass something). So this short announcement from House Freedom Caucus Chairman Mark Meadows (R-N.C.) is a warning to President Donald Trump, Sen. Cotton, and others that the party is not in total agreement: Government surveillance activities under the FISA Amendments Act have violated Americans' constitutionally protected rights. We oppose any reauthorization of the FISA Amendments Act that does not include substantial reforms to the government's collection and use of Americans' data. If this conflict within the party sounds familiar, it's because it played out after Edward Snowden's leaks too. At that time, several privacy-minded Republicans resisted efforts to renew a part of the Patriot Act that was being used to justify the mass collection of Americans' private phone call and online activity metadata. The end result of that fight was that part of the Patriot Act was allowed to sunset and was replaced by the USA Freedom Act, which formalized but also put some restrictions on how the government was able to access that metadata. I noted earlier in the week that the pro-surveillance senators who support the unchanged renewal of Section 702 were in a difficult situation because they did not have a lot of leverage: All opponents have to do to make them fail is nothing at all. This warning by the Freedom Caucus, which has about three dozen members, will let the Senate and the White House know that Republican control over Congress doesn't mean reauthorization is going to be easy. This may be the first step in a USA Freedom Act–style compromise.[...]

White House Makes It Official: It Wants to Keep Snooping on Americans

Tue, 13 Jun 2017 15:30:00 -0400

President Donald Trump and allies may complain on Twitter and out loud how the Deep State illegally snooped on him under his predecessor, Barack Obama, but that doesn't mean the White House wants less surveillance authority. The White House and several GOP senators have made it official: They want to make some significant surveillance authorities permanent under law without addressing concerns by civil liberties and privacy advocates that these authorities are being used to collect Americans' data without the use of warrants. What we're talking about is Section 702 of the Foreign Intelligence Surveillance Act (FISA) Amendments. Section 702 grants some important authorities for the National Security Agency (NSA) to engage in unwarranted surveillance of foreign agents and potential threats overseas. It expires this year if Congress doesn't renew it. The problem: While Section 702 is sold as a mechanism of snooping on foreign agents and potential terrorists in other countries, it also ends up collecting private information and communications from Americans if they've made contact with these targets. When Trump complained his campaign had been snooped upon while communicating with officials connected to foreign governments (like Russian and Turkey), in all likelihood, the foreign officials were the actual targets. The NSA has "minimization" procedures when private data and communications originating from American citizens ends up "incidentally" gathered through Section 702. NSA analysts aren't supposed to be able to easily invade the privacy of citizens. But there is an "unmasking" process for select people in the government to see names and more identifying information than they would otherwise. According to a recent report, names were unmasked, revealing the identity of a U.S. citizen, on at least 1,200 occasions in 2016. In this process of "backdoor" searches, the federal government is clearly gaining limited access to the private communications of citizens without getting warrants and with much more limited oversight (there is a FISA court, but it doesn't operate the same way as a normal court in oversight of these 702 searches). And therefore citizens are not aware when the government has collected and accessed data about them. But despite Trump's complaints about allegedly illegal unmasking, the White House has taken to The New York Times to call for Section 702 to be renewed and made permanent. There's some circular reasoning here in the response to critics who want better protections to keep citizens data from being reviewed: [I]t does not permit backdoor targeting of Americans, whose communications with foreign persons can be incidentally captured in the process. National security officials may use search terms or identifiers associated with Americans, such as an email address, to query the information lawfully acquired using Section 702 authority. But this does not entail the collection or search of any new information, and the practice has been upheld by the FISA court and all other federal courts that have considered this issue. It is also consistent with the long history of our legal system. Imposing a warrant requirement to conduct such data queries, as some in Congress have proposed, would be legally unnecessary and a step toward re-erecting pre-9/11 barriers to our ability to identify foreign terrorists and their contacts. It's legal because the law says it's legal. That's not exactly an argument against changing the law if people don't agree with the amount of authority it grants to both the NSA and the FBI. Sen. Tom Cotton (R-Arkansas), who appears to have hitched his star to any wagon promising a more authoritarian government, is leading an effort among pro-surveillance Senate Republicans to keep 702 and the rest of the FISA authorities intact. Even if the Republican Party controls Congress and has a supportive Whit[...]

James Comey’s Lackluster Civil Liberties Record Shows Washington’s Failure to Police Itself

Wed, 07 Jun 2017 16:45:00 -0400

As all of Washington braces for James Comey's incendiary testimony before Congress Thursday, it's worth a trip down memory lane to reflect on his tenure as FBI director. When Comey was appointed by Barack Obama to lead the FBI in 2013, he was seen as a hero in many circles for dramatically pushing back against the Bush administration's illegal surveillance programs. "Jim understands that in time of crisis, we aren't judged solely by how many plots we disrupt or how many criminals we bring to justice," Obama said as he nominated Comey in 2013. "We're also judged by our commitment to the Constitution that we've sworn to defend, and to the values and civil liberties that we've pledged to protect." Yet as Reason's Nick Gillespie wrote shortly after Comey's nomination, "Comey has been applauded for standing up to some of Bush's more-expansive surveillance policies, but he also defended indefinite detention without a trial, waterboarding, and—once a new legal rationale had been hammered out—those more-expansive surveillance policies." During his confirmation hearing to replace then-FBI Director Robert Mueller—who, because time is a flat circle, is now the special counsel leading the investigation into the Trump campaign's ties to Russia—Comey assured senators and the public that there were plenty of checks and safeguards against FBI overreach, such as the FISA court, investigative guidelines from the attorney general, and oversight from Congress and the inspector general. "I think folks don't understand that the FBI operates under a wide variety of constraints," Comey argued. But as all good civil libertarians know, the FBI has always been an intensely political agency that is almost never restrained from using its vast powers to address the anxieties and paranoias of the people in power. (See: the redbaiting of the '50s, the efforts to blackmail and discredit civil rights leaders in the '60s, and the infiltration of dissident political groups both before and after 9/11.) Congress, meanwhile, is deferential to the point of uselessness when it comes to delegating power to the intelligence community. It was about six months after Comey's appointment that Edward Snowden leaked evidence that the National Security Agency was vacuuming up massive amounts of U.S. citizens' phone data. Comey said he was "confused" by the public perception of Snowden as a whistleblower—hero, even—since all three branches of government had approved the surveillance dragnet. "I see the government operating the way the founders intended," Comey declared. "So I have trouble applying the whistleblower label to someone who basically disagrees with the way our government is structured and operates." As Reason's Scott Shackford wrote in 2014: Even before Edward Snowden began leaking classified documents showing exactly how humongous federal data collection had become, there were already a number of previous examples of government snooping out of control. In particular, the FBI's system of using National Security Letters (NSLs) to obtain personal records without a court order was found by the Department of Justice's inspector general to have been terribly abused, gathering records with little oversight or reason, not following processes and resorting to "exigent letters" to even bypass the NSL rules entirely by claiming emergencies. Similarly, when Apple and Google announced in 2014 they were making encryption easier for consumers, Comey knew who the real victim was: the government. "What concerns me about this is companies marketing something expressly to allow people to hold themselves beyond the law," Comey told reporters. Over his tenure, Comey would repeatedly testify about the dangers of allowing U.S. citizens to keep their communications hidden from the government's prying eyes. Comey put muscle behind that rhetoric in 2016 [...]

Another Court Panel Allows Trans Teen to Use Bathroom of His Choice

Tue, 30 May 2017 17:15:00 -0400

Another federal circuit court has weighed in on whether transgender school students should be able to select which bathrooms to use and has ruled in the student's favor. A three-judge panel of the 7th Circuit Court of Appeals today affirmed an injunction in place telling Kenosha Unified School District in Wisconsin that it can't refuse to let Ashton Whitaker, 17, use the male facilities. The panel heard the case yesterday. Read the ruling here. Whitaker began transitioning into a male in 2014, is currently taking hormones, and has legally changed his name. His school district, however, is refusing to acknowledge his change unless he's had full reassignment surgery, according to the lawsuit. They've ordered him to use the women's facilities (even though he looks like a male) or a singular unisex bathroom far from his classes to which none of the other students have access. He has sued and today the panel unanimously decided in his favor. They chose Whitaker's interpretation of Title IX (They have to respect his gender identity under the law's restrictions against sex discrimination.) over the school district's interpretation (They're protecting the other students' privacy with sex-based segregation as permitted under the law). The judges were not impressed with the district's insistence they were protecting students from harm, dismissing it as all speculative. The school district had no problems with Whitaker using male facilities until they suddenly did: The School District has not produced any evidence that any students have ever complained about Ash's presence in the boys' restroom. Nor have they demonstrated that Ash's presence has actually caused an invasion of any other student's privacy. And while the School District claims that preliminary injunctive relief infringes upon parents' ability to direct the education of their children, it offers no evidence that a parent has ever asserted this right. These claims are all speculative. This particular federal case matters because it comes after Attorney General Jeff Sessions rescinded an executive branch interpretation of Title IX from under President Barack Obama's administration. Under Obama, the Department of Justice and Department of Education told schools they must accommodate transgender students based on some current court precedents related to sex-stereotype-based discrimination. The Supreme Court had been planning to hear this case, in part to look at whether the court should defer to the executive branch when deciding how to apply the law to transgender students. But after Sessions withdrew the order, the Supreme Court kicked the case back down to the 4th Circuit and ordered a new review. This ruling, then, is not based on any sort of deference to the executive branch on how to interpret Title IX. Instead, the court is using other previous court precedents that determine discrimination on the basis of whether somebody conforms to gender stereotypes is illegal. The panel today determined that Whitaker had a good chance of winning a case that extends that stereotype argument to transgender students. That's exactly what happened with the case the Supreme Court is considering. So the panel decided to leave in place an injunction allowing Whitaker to continue using the men's facilities. This panel ruling doesn't really change the math or arguments in this debate whatsoever. It's really more of a sign that this issue is going to continue coming up in the federal courts until the Supreme Court finally weighs in or until Congress passes some sort of legislation clarifying Title IX (and other sex-focused discrimination laws) one way or the other. Also worth noting: The 7th Circuit is also where the full court ruled that workplace discrimination against people on the basis of being gay or lesbian is also a violation of federal [...]

People Who Called Snowden a Traitor Shocked to Learn About All This Domestic Surveillance

Fri, 26 May 2017 13:00:00 -0400

There's this whole "Life comes at you fast" shtick that folks on Twitter use to point out people's hypocrisy. Suddenly Democrats care about federalism when it comes to immigration law enforcement! Suddenly Republicans don't care about federalism when it comes to immigration law enforcement! I try not to engage in the shtick too much, because it feels more like point-scoring than actual debate. But I can't help but bring it up right now. Yesterday, a story about federal surveillance abuses made the rounds in the conservative parts of Twitter I pay attention to, not the tech-security circles where I usually see such discussions. The story, via a media outlet called Circa, documents a recently released report from the Foreign Intelligence Surveillance Court (FISA Court). The report features examples of the FBI passing along private data it collected without warrants to people who should not be seeing it. It's an important story, and it's great that it's getting attention. But what it reveals is well-known to anybody who has been paying attention to the surveillance disclosures and FISA Court document releases that have slowly been surfacing since Edward Snowden started leaking. The federal government is accessing and spreading around more information about U.S. citizens than we realize. That's what Snowden's disclosures were about, right? So here's a March tweet from conservative contributor Kurt Schilchter calling Snowden a traitor: Fuck him. He's a traitor. @NehemiahGraham @Snowden @KamVTV — Kurt Schlichter (@KurtSchlichter) March 8, 2017 Here's an outraged Schlichter today, sharing a link to the Circa story: Tell me more about Trump — Kurt Schlichter (@KurtSchlichter) May 26, 2017 I selected Schlichter because he's pretty prominent (and isn't going to be bothered by me pointing this out), but I've seen several tweets of the "Why isn't the MSM covering this?" variety from other conservative tweeters, acting as though the press is giving former President Barack Obama cover for setting up a surveillance system that they now think is being used to attack President Donald Trump. The reality is that these surveillance problems do get reported to an American public that has largely, unfortunately, stopped paying much attention. (As a guy who has been covering surveillance for Reason for years, I can easily map out the decline in readership of these pieces, and I suspect other sites can as well.) If you think the intelligence community and the deep state is abusing its powers to go after Trump and his allies for political reasons, guess what: This is exactly the consequence that Snowden himself warned of! A major criticism of the expansive surveillance state has always, always, been its potential for abusive snooping on citizens, whether it's Black Lives Matter or a militia. The problem cuts across the political spectrum. Perhaps people shouldn't have been so quick to call Snowden a traitor. Perhaps they could have spent more time thinking about the actual consequences of the powerful surveillance state, and maybe all those previously reported FISA Court disclosures that helped inform the very story they're passing around now. But regardless of how folks like Schlichter got here, welcome to the surveillance skeptic club! Now that you're here, you should know that there's a very important congressional vote coming up. Section 702 of the FISA authorizations sunsets this year, and Congress has to act. Right now, tech companies are lobbying for changes that would provide more oversight on the National Security Agency and limit the feds' ability to collect information without warrants within in the U.S. One problem: The White House has said that it doesn't want any reforms to Section 702. They want to leave government's su[...]

San Francisco Officials Continue Attacks on Uber

Fri, 19 May 2017 00:01:00 -0400

The City of San Francisco filed suit last week against the ridesharing service Uber after the company filed a motion in court to block the release of a drivers' personal information. This sets up the latest battle between the city and one of the leading transportation network companies over an issue that has privacy implications beyond the ridesharing industry. San Francisco's tax collector wants the home addresses and other information of drivers to post on a web site that includes a map that pinpoints the exact location of registered business owners in the city. Because these drivers are independent contractors, most of them use their home addresses as their official business address. The web site is publicly searchable, which means that anyone can easily find where these drivers live. "We've asked the city to allow us to get the consent of drivers and to remove their personal information from the public web site, but they have refused," said Uber Northern California's general manager, in a statement last week. The city's treasurer, Jose Cisneros, portrayed Uber's actions as an effort to "circumvent the tax laws that apply to all businesses in San Francisco." He notes that 130,000 other businesses—ranging from big ones such as Pacific Gas & Electric to small hairdressers—must also provide the information. "San Francisco needs this information to determine whether Uber's drivers are complying with San Francisco's Business Registration Certificate requirement and paying annual registration fees," the city wrote in its legal brief filed in San Francisco Superior Court. In a statement, City Attorney Dennis Herrera referred to privacy concerns as a "red herring." But critics of the city's legal approach see it as its latest effort to hobble these increasingly popular ridesharing platforms. For instance, Cisneros seemed to suggest in a statement that the dispute goes beyond a simple business-registration request, as he ticked off a variety of unrelated complaints that he has with the company. "Once again Uber believes they are above the law," said Cisneros. "If Uber is so concerned about the financial well-being and privacy of their drivers, I recommend they raise wages, convert the contractors to employees, or push for their driver's inclusion in statewide licensing like limousine drivers." If this is a question of registration, then why bring up pay rates or drivers' independent-contractor status or unrelated licensing issues? The city attorney's office likewise brought up other issues. It alleges that Uber has engaged in a "pattern of obstruction" because it "has refused to share information with the San Francisco Municipal Transportation Agency about its operations, tested self-driving cars on the streets of San Francisco without a state permit, and has fought calls by the SFMTA and the San Francisco International Airport for stricter criminal background checks on its drivers." The city attorney's office also complained that, because ridesharing companies such as Uber are regulated by the California Public Utilities Commission, it has "limited the ability of cities to provide oversight." The statement criticizes Uber for its backing of Senate Bill 182, which "would prohibit local jurisdictions from requiring a transportation network company driver to obtain more than one business license, regardless of the number of jurisdictions in which they operate," according to the Senate bill analysis. That measure has passed two committees with little opposition. As the San Francisco Chronicle reported, drivers are concerned that myriad cities will require business licenses, which means they would have to register and pay fees in every city where they operate. There are dozens of cities in the Bay Area alone, and drivers frequently[...]

Another Reason to Thank Snowden: Increased Federal Surveillance Transparency

Wed, 03 May 2017 12:55:00 -0400

The National Security Agency (NSA) collected more than 150 million records about the phone calls of Americans in 2016. Believe it or not, this is almost grounds for celebration. That's because this massive number actually represents a scaling back in the amount of our communications data the NSA has access to. The passage of the USA Freedom Act in 2015 reduced the ability of the NSA to collect phone metadata records on their own, a direct result of Edward Snowden's whistleblowing. This new report from the Office of the Director of National Intelligence (ODNI) shows the impact. Instead of collecting and storing the phone call metadata records of nearly all Americans, the NSA requested and received 151 million records from providers. It's important to note that the number refers to the number of records, not individuals, and the circumstances of collecting the records means there may be many redundancies that are nevertheless counted separately. The actual number of Americans whose call records ended up in the custody of the NSA is much lower (and we don't know what it is). It's also important to note that this particular information and collection of Americans call records is completely separate and unrelated to the announcement from last week that the NSA was ending another type of surveillance that intercepted communications by Americans. The NSA monitored email communications looking for references to foreign individuals targeted for NSA surveillance. The result was that the NSA was able to access and scan the contents of communications by Americans originating domestically without a warrant, which it's not supposed to do. Furthermore it turned out the NSA was often unable to isolate just those particular emails and was incidentally collecting an unrevealed number of completely unrelated communications. The NSA announced it was ending that particular type of active surveillance. The 151 million number is a different form of data collection, accessing stored metadata records of phone calls. There are a lot of different ways the NSA and the federal government collects data and engages in surveillance, often making it a challenge to fully evaluate trends. This is particularly true given that this is only the fourth annual transparency report released by ODNI. These new transparency reports go all the way back to all of 2014. So it's sometimes challenging to really determine trends. The report shows that the number of National Security Letters (NSLs) sent by the FBI has declined. NSLs are demands that companies (typically telecoms and internet companies) provide records about targeted customers to assist FBI investigations. These NSLs also have legally enforced gag orders attached keeping the companies from informing the customers and the public. Over the past four years the number of NSLs administered has dropped from 19,212 to 12,150. But we can't truly say that's a decline in the amount of people having their records snooped on because an individual NSL may have multiple names on them and the FBI may send letters to multiple companies looking for the same records. So we know only how many letters were sent, not how many people were affected. The report does show that the number of foreign targets who are the subject of surveillance orders has increased over the past few years. More than 106,000 non-U.S. people have been the subject of "Section 702" orders in 2016. Section 702 of the Foreign Intelligence Surveillance Act has been implicated in the incidental surveillance of American citizens and plays a big role in the current political fight over the circumstances through which President Donald Trump's associates were dragged into surveillance of foreign officials. If a perfectly legal target of fo[...]

NSA Ends One Particular Type of Domestic Email Data Collection

Fri, 28 Apr 2017 15:45:00 -0400

Let's hear it for a little bit more communication privacy for Americans! Charlie Savage at The New York Times is reporting via sources that the National Security Agency (NSA) is ending a particular type of intrusive surveillance that scanned the contents of Americans' emails for key words. Specifically, the NSA monitors messages for references of foreign individuals under their surveillance, even when such communications originate here domestically from Americans. This is often referred to in shorthand as "about" searches, meaning they're looking for messages that are "about" people they're watching, not just from or to these people. The NSA argues that this is legal as part of its job to gather intelligence about potential foreign threats. But this happens without warrants and and the implication here is at the very least the scanning of the contents of Americans' communications without evidence of wrongdoing. Furthermore it appears as though NSA employees were not able to confine themselves to collecting just the communications that referenced the foreign target. This technical issue had been raised before in the Foreign Intelligence Surveillance Court (FISC): Through this process, the NSA was collecting and potentially getting access to all sorts of communications it wasn't supposed to be looking at, even if one were to accept that the "about" searches were legal. From Savage: The problem stemmed from certain bundled messages that internet companies sometimes packaged together and transmitted as a unit. If even one of them had a foreign target's email address somewhere in it, all were sucked in. After the N.S.A. brought that issue to the court's attention in 2011, a judge ruled that it violated the Fourth Amendment, which bars unreasonable searches. The agency then proposed putting the bundled messages in a special repository to which analysts, searching through intercepts to write intelligence reports, would generally not have access. The court permitted that type of collection to continue with that restriction. But last year, officials said, the N.S.A. discovered that analysts were querying the bundled messages in a way that did not comply with those rules. The agency brought the matter to the court's attention, resulting in a delay in reauthorizing the broader warrantless surveillance program until the agency proposed ceasing this collection practice. And now it looks like, at least for the time being, they're stopping these searches. This is potentially a significant change because of what's called "backdoor" searches. Once the NSA collects information from this warrantless surveillance, it can be used by other federal agencies to search for information about specific Americans in order to target domestic criminal behavior. And they're allowed to do so even though this private information was collected without warrants. So naturally reducing the amount of communications the NSA is collecting will reduce the potential for backdoor, warrantless searches. It won't eliminate the possibility of these backdoor searches, though, and this decision from the NSA might just be temporary until they figure out a way to resolve the problem of incidental collection of unrelated emails. Section 702 of the Foreign Intelligence Surveillance Act, which sets up some of the rules and authorization for this data collection, will sunset this year unless Congress renews it. Privacy and civil rights advocates would like to see reforms to 702 to better protect Americans from unwarranted snooping. This change helps a touch, but there's still going to be a push to try to stop those backdoor searches. More about Section 702 reforms and federal surveillance issues were discussed in a recent So[...]

Australian Police Admit Illegally Snooping on Journalist

Fri, 28 Apr 2017 13:15:00 -0400

Today we have a reminder from Australia that when government collects massive amounts of private information abuse ultimately follows. The Australian Federal Police (AFP) admitted today that an officer illegally accessed a journalist's call records (metadata) in order to track down a source who was leaking confidential police information. Remarkably, the AFP commissioner then subsequently described the breach in a press conference as a result of "human error." Clearly it was not some sort of mistake that a police officer just happened to get his or her hands on this information. What he really meant was that the proper rules were not followed. Apparently the investigator "failed in their obligation to know the law," the commissioner stated, according to The Guardian. But he also laid some of the blame on "the system," the extremely familiar argument that this is all a "training issue." The timing is particularly interesting. In 2015 Australia passed a law mandating communication companies collect and store the metadata from their customers for two years so that authorities can access it. It was sold to Australians as a mechanism to fight terrorism and crime, just as similar mass surveillance authorities have been sold to citizens in other countries. Media companies and journalists were worried that police would access their data in precisely this way. So the law included a provision that required police to get a warrant to access the metadata of journalists. Mind you, the journalist would not be informed that the police had requested or received access to said metadata, but at least there would be an additional layer of oversight. But even that didn't happen here. The AFP official did not get a warrant. Furthermore, despite the breach of the law, they have not identified or told the journalist who was affected due to the ongoing investigation. The metadata has been destroyed, but the commissioner acknowledged that the officer who violated the law cannot unsee the information. He also said the officer would likely face no discipline because there was no "ill will or bad intent." While the law was passed two years ago, the full data retention orders were just formally implemented just weeks ago in order to give internet and telecom companies time to comply. Media and privacy advocates in the country are appalled. From The Guardian: The Human Rights Law Centre legal advocacy director, Emily Howie, told Guardian Australia the breach showed that the metadata powers were putting "press freedom at risk". "The fact that police can so easily access a honey pot of personal information at any time surely has a chilling effect on free speech," Howie said. "Let's not forget that it is not only journalists whose metadata might be accessed. "Australia's metadata regime is the most oppressive in the western world. It effectively allows law enforcement bodies to watch everybody, all of the time, without them knowing." It's also a reminder that metadata reveals an awful lot about who we are and what we're doing. Government officials who support this type of metadata collection are constantly reminding citizens that they're not eavesdropping on actual conversations or reading the content of emails. But in this case, just the government's access to a list of people who spoke to a journalist over a specific time frame has the potential to implicate them. Metadata is useful to the government entirely because it does actually reveal private behavior. Libertarian (technically Liberal Democratic) Australian Senator David Leyonhjelm had been warning about expanding the government's access to citizen metadata back in 2014 when he joined the Senate. In response to this l[...]