Archive for the ‘Government surveillance’ Category

h1

Be afraid (2)

April 7, 2014

Ars Technica has an article about who decides how to pursue those suspected of cybercrime. On the one hand, it seems like a procedural change.

On the other hand, it seems like a way empower even more intrusive surveillance by the government.

As usual, read it and decide for yourself.

Feds want an expanded ability to hack criminal suspects’ computers
Proposed rules to let one judge authorize “remote access” essentially anywhere.

The United States Department of Justice wants to broaden its ability to hack criminal suspects’ computers, according to a new legal proposal that was first published by The Wall Street Journal on Thursday. [March 27th]

If passed as currently drafted, federal authorities would gain an expanded ability to conduct “remote access” under a warrant against a target computer whose location is unknown or outside of a given judicial district. It would also apply in cases where that computer is part of a larger network of computers spread across multiple judicial districts. In the United States, federal warrants are issued by judges who serve one of the 94 federal judicial districts and are typically only valid for that particular jurisdiction.

The 402-page document entitled “Advisory Committee on Criminal Rules” is scheduled to be discussed at an upcoming Department of Justice (DOJ) meeting next month in New Orleans.

Federal agents have been known to use such tactics in past and ongoing cases: a Colorado federal magistrate judge approved sending malware to a suspect’s known e-mail address in 2012. But similar techniques have been rejected by other judges on Fourth Amendment grounds. If this rule revision were to be approved, it would standardize and expand federal agents’ ability to surveil a suspect and to exfiltrate data from a target computer regardless of where it is.
Peter Carr, a DOJ spokesperson, told Ars that he was “not aware of any figures” as to how many times such “remote access” by law enforcement has taken place.

Cracking Tor is hard!

Civil libertarians and legal experts are very concerned that this would unnecessarily expand government power.

“It is nuts,” Chris Soghoian, a technologist and senior policy analyst with the American Civil Liberties Union, told Ars.

“What’s most shocking is that they’re not going to Congress and asking for this authority. This is a pretty big shift. This is a dangerous direction for the government to go in, and if we’re going to go in that direction then we really need Congress to sign on the dotted line, and [the DOJ is] trying to sneak it through the back door.”

Carr told Ars that the change is needed to combat criminals who use “sophisticated anonymizing technologies,” like Tor.

“Our proposal would not authorize any searches or remote access not already authorized under current law,” he wrote by e-mail. “The proposal relates solely to venue for a warrant application.”

Posted in Fear your government, Government surveillance, Uncategorized | Tagged , | Leave a Comment »

h1

How important is phone metadata?

March 16, 2014

Here’s an interesting article by Jonathon Mayer and Patrick Mutchler about collecting and analyzing metadata from cell phones. (To measure is to know.)

RTWT: it ends with some interesting conclusions based on phone metadata and on phone number matching from the Yelp and Google Places directories.

MetaPhone: The Sensitivity of Telephone Metadata

Is telephone metadata sensitive? The debate has taken on new urgency since last summer’s NSA revelations; all three branches of the federal government are now considering curbs on access. Consumer privacy concerns are also salient, as the FCC assesses telecom data sharing practices.

President Obama has emphasized that the NSA is “not looking at content.” “[T]his is just metadata,” Senator Feinstein told reporters. In dismissing the ACLU’s legal challenge, Judge Pauley shrugged off possible sensitive inferences as a “parade of horribles.”

On the other side, a number of computer scientists have expressed concern over the privacy risks posed by metadata. Ed Felten gave a particularly detailed explanation in a declaration for the ACLU: “Telephony metadata can be extremely revealing,” he wrote, “both at the level of individual calls and, especially, in the aggregate.” Holding the NSA’s program likely unconstitutional, Judge Leon credited this view and noted that “metadata from each person’s phone ‘reflects a wealth of detail about her familial, political, professional, religious, and sexual associations.’”

This is, at base, a factual dispute. Is it easy to draw sensitive inferences from phone metadata? How often do people conduct sensitive matters by phone, in a manner reflected by metadata? […]

At the outset of this study, we shared the same hypothesis as our computer science colleagues—we thought phone metadata could be very sensitive. We did not anticipate finding much evidence one way or the other, however, since the MetaPhone participant population is small and participants only provide a few months of phone activity on average.

We were wrong. We found that phone metadata is unambiguously sensitive, even in a small population and over a short time window. We were able to infer medical conditions, firearm ownership, and more, using solely phone metadata. […]

Conclusion

The dataset that we analyzed in this report spanned hundreds of users over several months. Phone records held by the NSA and telecoms span millions of Americans over multiple years. Reasonable minds can disagree about the policy and legal constraints that should be imposed on those databases. The science, however, is clear: phone metadata is highly sensitive.

Recall this when some President or some Senator tells you it’s "just metadata."

Ain’t nobody’s business but your own.

Posted in Fear your government, Government surveillance | Tagged , | Leave a Comment »

h1

Privacy today (2)

March 4, 2014

Radley Balko’s writing for The Washington Post these days. This is the opening of a piece he published yeterday about ‘stingray’ use in Florida. (My emphasis.)

The surveillance state: bigger, broader, and less accountable

Not only are local, state, and federal authorities finding more innovative, efficient, and comprehensive ways to spy on us, they’re doing it in ways that are less transparent and less accountable. From the ACLU:

It appears that at least one police department in Florida has failed to tell judges about its use of a cell phone tracking device because the department got the device on loan and promised the manufacturer to keep it all under wraps. But when police use invasive surveillance equipment to surreptitiously sweep up information about the locations and communications of large numbers of people, court oversight and public debate are essential. The devices, likely made by the Florida-based Harris Corporation, are called “stingrays,” and unfortunately this is not the first time the government has tried to hide their use.

So the ACLU and ACLU of Florida have teamed up to break through the veil of secrecy surrounding stingray use by law enforcement in the Sunshine State, last week filing a motion for public access to sealed records in state court, and submitting public records requests to nearly 30 police and sheriffs’ departments across Florida seeking information about their acquisition and use of stingrays (examples here and here).

Also known as “cell site simulators,” stingrays impersonate cell phone towers, prompting phones within range to reveal their precise locations and information about all of the calls and text messages they send and receive. When in use, stingrays sweep up information about innocent people and criminal suspects alike.

And here’s an article he linked recently. It’s about surveillance in southern California and appeared in the LA Weekly News.

Forget the NSA, the LAPD Spies on Millions of Innocent Folks 

Edward Snowden ripped the blinds off the surveillance state last summer with his leak of top-secret National Security Agency documents, forcing a national conversation about spying in the post-9/11 era. However, there’s still no concrete proof that America’s elite intelligence units are analyzing most Americans’ computer and telephone activity — even though they can.

Los Angeles and Southern California police, by contrast, are expanding their use of surveillance technology such as intelligent video analytics, digital biometric identification and military-pedigree software for analyzing and predicting crime. Information on the identity and movements of millions of Southern California residents is being collected and tracked.

In fact, Los Angeles is emerging as a major laboratory for testing and scaling up new police surveillance technologies. The use of military-grade surveillance tools is migrating from places like Fallujah to neighborhoods including Watts and even low-crime areas of the San Fernando Valley, where surveillance cameras are proliferating like California poppies in spring. […]

The Electronic Frontier Foundation and the American Civil Liberties Union of Southern California are suing LAPD and the Sheriff’s Department, demanding to see a sample week’s worth of that data in order to get some idea of what cops are storing in a vast and growing, regionally shared database. (See our story “License Plate Recognition Logs Our Lives Long Before We Sin,” June 21, 2012.)

Posted in Fear your government, Government surveillance | Tagged , , , | Leave a Comment »