And now the DOJ comes for WhatsApp

Via the New York Times:

WhatsApp, which is owned by Facebook, allows customers to send messages and make phone calls over the Internet. In the last year, the company has been adding encryption to those conversations, making it impossible for the Justice Department to read or eavesdrop, even with a judge’s wiretap order.

As recently as this past week, officials said, the Justice Department was discussing how to proceed in a continuing criminal investigation in which a federal judge had approved a wiretap, but investigators were stymied by WhatsApp’s encryption.

The Justice Department and WhatsApp declined to comment. The government officials and others who discussed the dispute did so on condition of anonymity because the wiretap order and all the information associated with it were under seal. The nature of the case was not clear, except that officials said it was not a terrorism investigation. The location of the investigation was also unclear.

* * *

In a twist, the government helped develop the technology behind WhatsApp’s encryption. To promote civil rights in countries with repressive governments, the Open Technology Fund,  which promotes open societies by supporting technology that allows people to communicate without the fear of surveillance, provided $2.2 million to help develop Open Whisper Systems, the encryption backbone behind WhatsApp.

Because of such support for encryption, Obama administration officials disagree over how far they should push companies to accommodate the requests of law enforcement.

DOJ mad at WhatsApp for using crypto, but US gov paid to develop the crypto WhatsApp uses.

— Christopher Soghoian (@csoghoian) March 12, 2016

Yet another secret program (updated)

Reuters is reporting that the US government is using data secretly collected to identify possible criminals, but the data so used is kept secret from defendants and US agents use the data, then reverse-engineer from the data to secure traditionally available data. Needless to say, the program is classified.


A secretive U.S. Drug Enforcement Administration unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans.

Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin – not only from defense lawyers but also sometimes from prosecutors and judges.

The undated documents show that federal agents are trained to “recreate” the investigative trail to effectively cover up where the information originated, a practice that some experts say violates a defendant’s Constitutional right to a fair trial. If defendants don’t know how an investigation began, they cannot know to ask to review potential sources of exculpatory evidence – information that could reveal entrapment, mistakes or biased witnesses.

“I have never heard of anything like this at all,” said Nancy Gertner, a Harvard Law School professor who served as a federal judge from 1994 to 2011. Gertner and other legal experts said the program sounds more troubling than recent disclosures that the National Security Agency has been collecting domestic phone records. The NSA effort is geared toward stopping terrorists; the DEA program targets common criminals, primarily drug dealers.

“It is one thing to create special rules for national security,” Gertner said. “Ordinary crime is entirely different. It sounds like they are phonying up investigations.”

Secret data has no place in criminal prosecutions of Americans. Defendants have a right to review all data for possible exculpatory evidence.

Update: Apparently the DOJ is looking into the legality of this program.

Greenwald tweets of the day

The EFF wins in FISA court

Today, the EFF scored a major victory in its appeal to the FISA court for the publication of a specific (and rare) FISA court ruling that determined that certain aspects of a NSA program were in fact unconstitutional. The DOJ fought to fight this, although clearly their arguments were unpersuasive. Here is the order:

In effect, the FISA court seems to have ruled that the copies of a FISA court judgment which are within the possession of the Executive Branch can be released, provided that the District Court in which the EFF filed the original case agrees that such opinion is must be produced under the FOIA request originally filed by the EFF. The DOJ had claimed that it could not release the opinion because the FISA rules themselves prohibit such a release. The FISA court obviously disagreed.

More here.

Google asks to have DOJ gag order lifted

Google has written to Eric Holder requesting him to lift the gag orders that prohibit them from discussing exactly what information they are providing to the Federal government.

Google has worked tremendously hard over the past 15 years to earn our users’ trust. For example, we offer encryption across our services; we have hired some of the best security engineers in the world; and we have consistently pushed back on overly broad government requests for our users’ data.

We have always made clear that we comply with valid legal requests. And last week, the director of national intelligence acknowledged that service providers have received Foreign Intelligence Surveillance Act (FISA) requests.

Assertions in the press that our compliance with these requests gives the U.S. government unfettered access to our users’ data are simply untrue. However, government nondisclosure obligations regarding the number of FISA national security requests that Google receives, as well as the number of accounts covered by those requests, fuel that speculation.

We therefore ask you to help make it possible for Google to publish in our Transparency Report aggregate numbers of national security requests, including FISA disclosures — in terms of both the number we receive and their scope. Google’s numbers would clearly show that our compliance with these requests falls far short of the claims being made. Google has nothing to hide.

Google appreciates that you authorized the recent disclosure of general numbers for national security letters. There have been no adverse consequences arising from their publication, and in fact more companies are receiving your approval to do so as a result of Google’s initiative. Transparency here will likewise serve the public interest without harming national security.

DOJ: iPhone is “too secure”

Simson L. Garfinkel, writing in Technology Review, notes that the DOJ believes that iPhone encryption is “too secure.”

“I can tell you from the Department of Justice perspective, if that drive is encrypted, you’re done,” said Ovie Carroll, director at the Justice Dept.’s Computer Crime and Intellectual Property Section, during his address earlier this month.

“When conducting criminal investigations, if you pull the power on a drive that is whole-disk encrypted you have lost any chance of recovering that data.”

To reach such a high security level it is important that the user implement a numerical PIN that must be entered to access the device, and that the PIN be longer than four numbers.

Read the entire article for all the details. I can say that I have increased the length of my PIN already.

Chronicle of an assult on the Constitution

It seems that whenever Americans feel insecure the first actions are to jettison long held Constitutional protections that were created only by revolution and bloodshed. The latest such action, of course, was what happened after the 9/11 attacks, 10 years ago next week.

David Shipler, writing in The American Prospect, outlines chapter and verse of this sad time for the US Constitution. The entire article is worth a read.  The litany of civil liberties abuses is long and should be sufficient to illuminate the very real risks to freedom that fear has generated even in the US.

Here is an excerpt:

… the Patriot Act of 2001 emasculated an array of privacy statutes that had been enacted in the last quarter of the 20th century. In 2008, Congress further amended one of those laws, the Foreign Intelligence Surveillance Act (FISA) to legalize the extensive surveillance that Bush had clandestinely authorized during the weeks following the attacks. At the time, while legislators and civil-liberties groups were arguing over the Patriot Act’s changes to FISA, Bush was evading FISA by ordering the National Security Agency to monitor Internet and phone communications without judicial oversight. Bush’s program sparked outrage in Congress when The New York Times reported it in 2005, but in the 2008 FISA Amendments Act, Congress “gave the government even broader authority to intercept international communications” than the president had given himself, according to a joint report by the inspectors general of the CIA, the National Security Agency, the Justice and Defense departments, and the Office of the Director of National Intelligence.

The inspectors general did not credit the program with many successes. While it “had value in some counterterrorism investigations,” they found, “it generally played a limited role in the FBI’s overall counterterrorism efforts.” Most officials interviewed for the report “had difficulty citing specific instances” when the monitoring had contributed to counterterrorism. A senior CIA official told the investigators that the surveillance “was rarely the sole basis for an intelligence success, but that it frequently played a supporting role.” Other CIA officials discounted the intelligence as “vague or without context.”

Political quote of the day

In a free country, you should never feel comfortable being searched. This is not the country I was born in. We’re a fascist nation now.

Jesse Ventura, former wrestler and governor of Minnesota, speaking to a DOJ attorney following a court hearing. Ventura has filed a case challenging the legality of TSA groping procedures.

Update on the Thomas Drake case

In an earlier post, I pointed to the Thomas Drake case in which the federal government was accusing Mr. Drake under the Espionage Act for blowing the whistle on what he saw as monumental waste of resources at the NSA. Then the prosecution’s case fell apart shortly before trial.

And now, the judge has delivered his ruling:

Judge Richard D. Bennett of the Federal District Court praised the former National Security Agency official, Thomas A. Drake, for his exemplary record of public service before giving him a mild scolding for improperly providing information on alleged agency mismanagement to The Baltimore Sun.

But Judge Bennett reserved his strongest condemnation for the Justice Department, saying the two and a half years that elapsed between the search of Mr. Drake’s home and his indictment in 2010 was far too long.

The visibly angry judge said that Mr. Drake had been through “four years of hell” and that the dragging out of the investigation — and then the dropping of the major charges on the eve of trial — was “unconscionable.”

“It doesn’t pass the smell test,” he said.

Federal government over-reach, as usual in cases with the slightest connection to the “war” on terror.

Obama administration case collapses

The Obama administration has filed (and appears to be planning to file) more cases against government whistle blowers than the George W. Bush administration. It is part of the Obama administration’s consistent attack on civil liberties and hardened governmental secrecy.

Well, one of these cases, against Thomas Drake, formerly of the NSA. I noted this case in an earlier post.  The DOJ had charged Drake with violating the Espionage Act of 1917 because of his efforts to disclose waste, fraud and abuse at the NSA.  The case has collapsed. Drake agreed to plead to a single misdemeanor, and prosecutors have said they would not object to no jail time. It is a scandal that he and his family were subject to a multi-year federal investigation for simply trying to bring problems to light.  Jane Mayer, staff writer for The New Yorker talks on NPR about the collapsed case here.

Your tax dollars at work

Jane Mayer, writing the current issue of The New Yorker, tells an amazing story about a former NSA employee who is charged under the Espionage Act for blowing the whistle on waste, fraud and abuse inside the NSA. The article also describes the scope and illegality of the country’s warrantless wiretap program against Americans. I strongly recommend you read the entire article.

In December, 2005, the N.S.A.’s culture of secrecy was breached by a stunning leak. [The accused man was not involved in the story.] The Times reporters James Risen and Eric Lichtblau revealed that the N.S.A. was running a warrantless wiretapping program inside the United States. The paper’s editors had held onto the scoop for more than a year, weighing the propriety of publishing it. According to Bill Keller, the executive editor of the Times, President Bush pleaded with the paper’s editors to not publish the story; Keller told New York that “the basic message was: You’ll have blood on your hands.” After the paper defied the Administration, Bush called the leak “a shameful act.” At his command, federal agents launched a criminal investigation to identify the paper’s source.

The Times story shocked the country. Democrats, including then Senator Obama, denounced the program as illegal and demanded congressional hearings. A FISA court judge resigned in protest. In March, 2006, Mark Klein, a retired A.T. & T. employee, gave a sworn statement to the Electronic Frontier Foundation, which was filing a lawsuit against the company, describing a secret room in San Francisco where powerful Narus computers appeared to be sorting and copying all of the telecom’s Internet traffic—both foreign and domestic. A high-capacity fibre-optic cable seemed to be forwarding this data to a centralized location, which, Klein surmised, was N.S.A. headquarters. Soon, USA Today reported that A.T. & T., Verizon, and BellSouth had secretly opened their electronic records to the government, in violation of communications laws. Legal experts said that each instance of spying without a warrant was a serious crime, and that there appeared to be hundreds of thousands of infractions.

President Bush and Administration officials assured the American public that the surveillance program was legal, although new legislation was eventually required to bring it more in line with the law. They insisted that the traditional method of getting warrants was too slow for the urgent threats posed by international terrorism. And they implied that the only domestic surveillance taking place involved tapping phone calls in which one speaker was outside the U.S.

Drake [the accused former employee] says of Bush Administration officials, “They were lying through their teeth. They had chosen to go an illegal route, and it wasn’t because they had no other choice.” He also believed that the Administration was covering up the full extent of the program. “The phone calls were the tip of the iceberg. The really sensitive stuff was the data mining.” He says, “I was faced with a crisis of conscience. What do I do—remain silent, and complicit, or go to the press?”

Drake faces 35 years in prison if convicted. Yet, the masterminds of an illegal and unconstitutional domestic spying program have gone unprosecuted.

Mark Klein, the former A.T. & T. employee who exposed the telecom-company wiretaps [see the first related link below], is also dismayed by the Drake case. “I think it’s outrageous,” he says. “The Bush people have been let off. The telecom companies got immunity. The only people Obama has prosecuted are the whistle-blowers.”

Related articles

Obama wants copyright enforcement

The Obama White House, which cannot seem to be able to convict any of the bankers that almost took down our entire economy, has issued a 20 page proposal seeking to greatly ratchet up law enforcement activity in alleged intellectual property/copyright infringement.

A couple of highlights from a summary written by Declan McCullagh:

  • Under federal law, wiretaps may only be conducted in investigations of serious crimes, a list that was expanded by the 2001 Patriot Act to include offenses such as material support of terrorism and use of weapons of mass destruction. The administration is proposing to add copyright and trademark infringement, arguing that move “would assist U.S. law enforcement agencies to effectively investigate those offenses.”
  • Under the 1998 Digital Millennium Copyright Act, it’s generally illegal to distribute hardware or software–such as the DVD-decoding software Handbrake available from a server in France–that can “circumvent” copy protection technology. The administration is proposing that if Homeland Security seizes circumvention devices, it be permitted to “inform rightholders,” “provide samples of such devices,” and assist “them in bringing civil actions.”

This type of enforcement is unnecessary and is nothing but a huge subsidy to the entertainment industry who thereby avoids having to fund their own IP protection efforts.  Outrageous pandering to special interests.

Taibbi: Why no jail?

Matt Taibbi’s latest article questions the lack of prosecutions of Wall Street bankers following the collapse. Other than Bernie Madoff, it seems clear that the regulatory/enforcement system is not working. Taibbi notes that the enforcers leave the regulators or the US Attorneys Office after a few years and then move to the law firms and banks they previously regulated. Does this lead to lax enforcement? Why does no one prohibit the revolving door?

But the real fireworks came when Khuzami, the SEC’s director of enforcement, talked about a new “cooperation initiative” the agency had recently unveiled, in which executives are being offered incentives to report fraud they have witnessed or committed. From now on, Khuzami said, when corporate lawyers like the ones he was addressing want to know if their Wall Street clients are going to be charged by the Justice Department before deciding whether to come forward, all they have to do is ask the SEC.

“We are going to try to get those individuals answers,” Khuzami announced, as to “whether or not there is criminal interest in the case — so that defense counsel can have as much information as possible in deciding whether or not to choose to sign up their client.”

Aguirre, listening in the crowd, couldn’t believe Khuzami’s brazenness. The SEC’s enforcement director was saying, in essence, that firms like Goldman Sachs and AIG and Lehman Brothers will henceforth be able to get the SEC to act as a middleman between them and the Justice Department, negotiating fines as a way out of jail time. Khuzami was basically outlining a four-step system for banks and their executives to buy their way out of prison. “First, the SEC and Wall Street player make an agreement on a fine that the player will pay to the SEC,” Aguirre says. “Then the Justice Department commits itself to pass, so that the player knows he’s ‘safe.’ Third, the player pays the SEC — and fourth, the player gets a pass from the Justice Department.”

When I ask a former federal prosecutor about the propriety of a sitting SEC director of enforcement talking out loud about helping corporate defendants “get answers” regarding the status of their criminal cases, he initially doesn’t believe it. Then I send him a transcript of the comment. “I am very, very surprised by Khuzami’s statement, which does seem to me to be contrary to past practice — and not a good thing,” the former prosecutor says.

Earlier this month, when Sen. Chuck Grassley found out about Khuzami’s comments, he sent the SEC a letter noting that the agency’s own enforcement manual not only prohibits such “answer getting,” it even bars the SEC from giving defendants the Justice Department’s phone number. “Should counsel or the individual ask which criminal authorities they should contact,” the manual reads, “staff should decline to answer, unless authorized by the relevant criminal authorities.” Both the SEC and the Justice Department deny there is anything improper in their new policy of cooperation. “We collaborate with the SEC, but they do not consult with us when they resolve their cases,” Assistant Attorney General Lanny Breuer assured Congress in January. “They do that independently.”

FBI: Give us back our secret tracker

Fascinating story of what happened when a man in California discovered a tracking device had been secretly planted on his car.