Tag Archives: privacy

Your tax dollars at work

Posted on by
2

The FBI is circulating a set of flyers purported to identify suspicious behaviors that indicates possible terrorist activities that therefore should be reported to the FBI by all good citizens.  The flyers are headlined “Communities Against Terrorism” and there are at least 25 versions.

The version for Internet Cafes is particularly disturbing in that is essentially says that anyone protecting their privacy online is quite possibly a terrorist.  Among the “suspicious” activities listed on the flyer are:

  • Always pay cash
  • Evidence of a residential based internet provider (signs on to Comcast, AOL, etc.)
  • Use of anonymizers, portals, or other means to shield IP address
  • Encryption or use of software to hide encrypted data in digital photos, etc.
  • Suspicious communications using VOIP or communicating through a PC game
  • Gather information about vulnerable infrastructure or obtain photos, maps or diagrams of transportation, sporting venues, or populated locations

So people who want to protect their privacy online, or who wish to pay for things with money, or who look up a sports stadium (maybe to find their seat for an event, say) ought to be reported to the FBI?

Related articles

Supreme Court blocks at least some warrantless GPS tracking

Posted on by
Reply

The US Supreme Court today unanimously blocked GPS tracking by law enforcement without a warrant, at least in certain cases.  The decision concluded that GPS tracking did constitute a “search” within the meaning of the fourth amendment, but various groupings of Justices offered differing rationales.

A good summary of the case is available at Wired’s Threat Level.

“We hold that the government’s installation of a GPS device on a target’s vehicle, and its use of that device to monitor the vehicle’s movements, constitutes a ‘search,’” Justice Antonin Scalia wrote for the five-justice majority. The majority declined to say whether that search was unreasonable and required a warrant.

All nine justices, however, agreed to toss out the life sentence of a District of Columbia drug dealer who was the subject of a warrantless, 28-day surveillance via GPS.

I was particularly impressed by this dicta from Justice Sotomayor, which seems to get at the current reality of modern digital life:

Physical intrusion is now unnecessary to many forms of surveillance.  [In the case of G.P.S. devices], I would ask whether people reasonably expect that their movements will be recorded and aggregated in a manner that enables the government to ascertain, more or less at will, their political and religious beliefs, sexual habits, and so on.

[Further,] it may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties.

People disclose the phone numbers that they dial or text to their cellular providers; the URLs that they visit and the e-mail addresses with which they correspond to their Internet service providers; and the books, groceries, and medications they purchase to online retailers. I for one doubt that people would accept without complaint the warrantless disclosure to the government of a list of every Web site they had visited in the last week, or month, or year.

Top 10 TSA “good catches” of 2011 (updated)

Posted on by
1

What do the billions of dollars we spend on the TSA bring us in terms of results? Well, from the TSA’s official blog, comes the TSA’s own list of their top 10 good catches in 2011.

Yes, a number of firearms were found, obviously carried aboard by our nation’s gun-lovers and by accident.

But there is one word you will not find anywhere in the top 10 list: terrorist. Can anyone explain how we are getting our money’s worth from this program and why it is not unconstitutional to begin with?

Update: For fiscal year 2011, the TSA budget for air travel security was $5.83 Billion, not counting air marshals. So each of those 1200 guns cost $4,800,000 to identify. This is a ridiculous waste of money. And of course that does not include the additional costs imposed on passengers for delay, humiliation and arrogant, over-reaching screeners who pretend to police officers but who are not.

And TSA offers no details on how many fines or other actions were taken in response to those guns, but I will assume that overwhelmingly there were small fines for simple errors and virtually none of the firearms presented a real threat.

There is ample deterrence without the bloated TSA in the fact that, after 9/11, all airplane passengers fully understand that a highjacking will likely end in their death. Passengers will very quickly take action to protect the plane. And terrorists have far better/softer targets to take now, like schools, theaters, shopping malls, hospitals, etc. See this article.

More importantly, these statistics are worse than the performance of airport security prior to 9/11. For more than a decade prior to 9/11, the FAA was required to report to Congress semi-annually the number of firearms discovered by the FAA’s airport security program. [Section 325(a) of the Federal Aviation Act of 1958.] Take a look at those reports if you want. One example that I picked at random is for January through June, 1988. The report indicated that for the six month period covered by the report 1,291 firearms were detected. This means that the limited, cheaper and less intrusive security program at the time detected twice as many firearms than does the current TSA (and there are likely to be far more air travelers now than in 1988).

Related articles

Massive wiretap case can proceed

Posted on by
Reply

The Ninth Circuit Court of Appeals has ruled that a case claiming that the Federal government (with the active participation of some of the telcos) illegally wiretapped millions of Americans following the 9/11 attack could proceed on the merits.

The 9th U.S. Circuit Court of Appeals today blocked the government’s attempt to bury the Electronic Frontier Foundation’s (EFF’s) lawsuit against the government’s illegal mass surveillance program, returning Jewel v. NSA to the District Court for the next step.

The court found that Jewel had alleged sufficient specifics about the warrantless wiretapping program to proceed. Justices rejected the government’s argument that the allegations about the well-known spying program and the evidence of the Folsom Street facility in San Francisco were too speculative.

“Since the dragnet spying program first came to light, we have been fighting for the chance to have a court determine whether it is legal,” said EFF Legal Director Cindy Cohn. “Today, the Ninth Circuit has given us that chance, and we look forward to proving the program is an unconstitutional and illegal violation of the rights of millions of ordinary Americans.”

The full opinion is available here.

Congress passed a bill providing immunity from suit to the participating telcos, but the court has ruled that there is no immunity for unconstitutional actions by the Federal government.

This case was backed primarily by the Electronic Frontier Foundation and they deserve your support.

Related articles

85 year old woman strip searched at airport

Posted on by
Reply

Details here. And more here.

An 85-year-old woman said Saturday that she was injured and humiliated when she was strip searched at an airport after she asked to be patted down instead of going through a body scanner, allegations that transportation security officials denied.

Lenore Zimmerman said she was taken to a private room and made to take off her pants and other clothes after she asked to forgo the screening because she worried it would interfere with her defibrillator. She missed her flight and had to take one 2 1/2 hours later, she said.

“I’m hunched over. I’m in a wheelchair. I weigh under 110 pounds (50 kilograms),” she said from her winter home at a seniors community in Coconut Creek, Florida. “Do I look like a terrorist?”

And here is the serious threat herself in a photo by The New York Daily News.

The TSA says she is lying.

Patriot Act clouds cloud computing

Posted on by
Reply

Cloud computing is growing rapidly and it is already a big business. But, it turns out, US-based cloud computing companies are facing a grave threat from the Patriot Act. Foreign governments and cloud competitors are claiming that data stored on US clouds is subject to being turned over to the US government. Quelle suprise.

While no foreign governments have moved to block U.S. tech companies, authorities in the Netherlands as recently as September floated the idea of banning U.S.-based cloud firms from competing for government contracts. And Verveer said on a trip to Germany in October that technology firms based in that country were openly using the PATRIOT Act as a “marketing proposition” to raise questions about U.S. cloud firms.

It has created a high-stakes trade issue that’s become a top agenda item for U.S. firms already profiting in the cloud and for those eyeing the technology for the future. It also registers high on the list of international tech priorities for the White House because of the potential negative impact such fears could have on the U.S. cloud market.

Tech quote of the day

Posted on by
Reply

We do recognize the power and value of this data. We’re very aware that this information is sensitive. It’s a treasure trove.

Andrew Coward, chief marketing officer of Carrier IQ.  The company stands accused of capturing extensive data from cell phone users, including every phone number dialed and every text message sent, without such users’ knowledge.

Related articles

No mobile phone privacy (updated x3)

Posted on by
Reply

As reported in Wired, a new report (together with a related video) shows how software called Carrier IQ is secretly installed on millions of cellphones, with no notice to the users. The software seems clearly to log virtually all actions of the user and deliver the information to the cellphone carrier.

Though the software is installed on most modern Android, BlackBerry and Nokia phones, Carrier IQ was virtually unknown until 25-year-old Trevor Eckhart of Connecticut analyzed its workings, revealing that the software secretly chronicles a user’s phone experience — ostensibly so carriers and phone manufacturers can do quality control.

But now he’s released a video actually showing the logging of text messages, encrypted web searches and, well, you name it.

Eckhart labeled the software a “rootkit,” and the Mountain View, California-based software maker threatened him with legal action and huge money damages. The Electronic Frontier Foundation came to his side last week, and the company backed off on its threats. The company told Wired.com last week that Carrier IQ’s wares are for “gathering information off the handset to understand the mobile-user experience, where phone calls are dropped, where signal quality is poor, why applications crash and battery life.”

The company denies its software logs keystrokes. Eckhart’s 17-minute video clearly undercuts that claim.

So far it appears to be installed only on Android, Blackberry and Nokia phones. How functions of this software can be squared with so-called cellphone security and encryption is impossible to say. In other words, at least if you have one of the enumerated phones, your data is clearly at risk.

Update: References to Carrier IQ are contained in Apple’s iOS software on iPhones. However, it seems the software is not activated unless the iPhone is placed in diagnostic mode. From The Verge:

chpwn notes that initial research indicated that Carrier IQ’s software may only be active when the iPhone is in diagnostic mode. In a blog post, chpwn confirms that, based on his initial testing, Apple has added some form of Carrier IQ software to all versions of iOS, including iOS 5. However, the good news is that it does not appear to actually send any information so long as a setting called DiagnosticsAllowed is set to off, which is the default. Finally, the local logs on iOS seem to store much less information than what has been seen on Android, limited to some call activity and location (if enabled), but not any text from the web browser, SMS, or anywhere else. We’ll let you know when more details arise.

Update 2: From All Things D, comes this statement from Apple:

We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so.

Update 3: And now, the lawsuits begin.

Related articles

How evil is Facebook?

Posted on by
2

Facebook has violated the privacy rights of its users (in ways designed to make more money for Facebook) repeatedly. The violations have been so bad that Facebook has agreed with the Federal Trade Commission to respect privacy rights of its users and to hire an external privacy monitor to verify compliance for a full twenty years.

The order, announced by the Federal Trade Commission in Washington, stems largely from changes that Facebook made to the way it handled its users’ information in December 2009. The commission contended that Facebook, without warning its users or seeking consent, made public information that users had deemed to be private on their Facebook pages.

The order also said that Facebook, which has more than 800 million users worldwide, in some cases had allowed advertisers to glean personally identifiable information when a Facebook user clicked on an advertisement on his or her Facebook page. The company has long maintained that it does not share personal data with advertisers.

And the order said that Facebook had shared user information with outside application developers, contrary to representations made to its users. And even after a Facebook user deleted an account, according to the F.T.C., the company still allowed access to photos and videos.

Is this a service you want to use?

Related articles

Privacy victory

Posted on by
Reply

A US District Court Judge in Texas has ruled that obtaining cellphone records without a warrant is unconstitutional. In her ruling, Judge Lynn N. Hughes states:

The records would show the date, time, called number, and location of the telephone when the call was made.  These data are constitutionally protected from this intrusion.

An Internet for the 1%

Posted on by
Reply

Lauren Weinstein, in a post to the Privacy Forum mailing list, details the means, methods and goals of a complete extra-judicial regulation of the heretofore free operation of the Internet. His post is a warning and points to real danger. Read the full post, but here is an excerpt:

… with the fullness of time, the phone companies, cable companies, governments, and politicians galore came to most intensely pay attention to the Internet, as did the entertainment industry behemoths and a broad range of other “intellectual property” interests.

Their individual concerns actually vary widely at the detailed level, but in a broader context their goals are very much singular in focus.

They want to control the Internet.  They want to control it utterly, completely, in every technologically possible detail (and it seems in various technically impossible ways as well).

The freedom of communications with which the Internet has empowered ordinary people — especially one-to-many communications that historically have been limited to governments and media empires themselves — is viewed as an existential threat to order, control, and profits — that is, to historical centers of power.

Outside of the “traditional” aspects of government control over their citizenries, another key element of the new attempts to control the Net are desperate longings by some parties to turn back the technological clock to a time when music, movies, and other works could not so easily be duplicated and disseminated in “authorized” fashions. …

In their efforts to control people and protect profits, governments and associated industries (often in league with powerful Internet Service Providers — ISPs — who in some respects are admittedly caught in the middle), seem willing to impose draconian, ultimately fascist censorship, identification, and other controls on the Internet and its users, even extending into the basic hardware in our homes and offices.

I’ve invoked fascism in this analysis , and I do not do so lightly.

If you care about free speech, free access to data, and the ability of individuals to speak broadly about any topics they wish, you should read his essay and take action now.

PROTECT IP Act Breaks The Internet from Fight for the Future on Vimeo.

Related articles

Be careful what you ask for

Posted on by

Hasan M. Elahi has a fascinating op-ed in today’s New York Times. He describes how in 2002, despite being an American citizen, he was stopped in Detroit upon entering the country and grilled for hours by Federal agents who believed he might be involved in terrorist activity. The Feds followed up with lie detector tests, numerous interviews and other activities.

In response Elahi, decided to log virtually all his activities, travel, and small details of his life, and then continuiusly forward the information to the FBI. He also posted all the information, in an unorganized fashion to his website. He suggests that this might be the best response to government spying. He just might be right.

Excerpt:

On my Web site, I compiled various databases that show the airports I’ve been in, food I’ve eaten at home, food I’ve eaten on the road, random hotel beds I’ve slept in, various parking lots off Interstate 80 that I parked in, empty train stations I saw, as well as very specific information like photos of the tacos I ate in Mexico City between July 5 and 7, and the toilets I used.

These images seem empty, and could be anywhere, but they’re not; they are extremely specific records of my exact travels to particular places. There are 46,000 images on my site. I trust that the F.B.I. has seen all of them. Agents know where I’ve bought my duck-flavored paste, or kimchi, laundry detergent and chitlins; because I told them everything….

PEOPLE who visit my site — and my server logs indicate repeat visits from the Department of Homeland Security, the C.I.A., the National Reconnaissance Office and the Executive Office of the President — don’t find my information organized clearly. In fact, the interface I use is deliberately user-unfriendly. A lot of work is required to thread together the thousands of available points of information. By putting everything about me out there, I am simultaneously telling everything and nothing about my life. Despite the barrage of information about me that is publicly available, I live a surprisingly private and anonymous life.

 

TSA takes note (updated x2)

Posted on by

Some TSA worker, while going through a passenger’s suitcase, noticed a small sex toy. And he left a note.

This is beyond stupid, but it demonstrates, once again, the security theater that is the TSA.

Oh, and by the way, the TSA missed a loaded gun in checked baggage at LAX.  Good to know that sex toys are “dealt” with, but firearms are ignored.

Updated: I am sure you will be happy to note that the TSA worker who wrote the note has been “removed from screening,” according to Blogger Bob at the TSA. Thank goodness he didn’t lose his job over this.

Update 2: The screener has now been fired.

Secret laws, secret memos

Posted on by

Laws in the United States should not be secret. Laws should be subject to judicial review. Operational details of military actions need not be disclosed but the law and rules governing the military, the Department of Justice or any other part of the government should be publicly open.

Neither is occurring under Barack Obama, any more than under George W. Bush.

The Obama administration’s secret legal memorandum that opened the door to the killing of Anwar al-Awlaki, the American-born radical Muslim cleric hiding in Yemen, found that it would be lawful only if it were not feasible to take him alive, according to people who have read the document.

The secret document provided the justification for acting despite an executive order banning assassinations, a federal law against murder, protections in the Bill of Rights and various strictures of the international laws of war, according to people familiar with the analysis.

It is important to note that, not only is this memorandum kept secret, it wasn’t even completed until months after Obama had ordered al-Awlaki killed.

This isn’t American justice.

And the secrecy isn’t limited to international settings. From today’s Wall Street Journal:

The U.S. government has obtained a controversial type of secret court order to force Google Inc. and small Internet provider Sonic.net Inc. to turn over information from the email accounts of WikiLeaks volunteer Jacob Appelbaum, according to documents reviewed by The Wall Street Journal.

Sonic said it fought the government’s order and lost, and was forced to turn over information. Challenging the order was “rather expensive, but we felt it was the right thing to do,” said Sonic’s chief executive, Dane Jasper. The government’s request included the email addresses of people Mr. Appelbaum corresponded with the past two years, but not the full emails.

Both Google and Sonic pressed for the right to inform Mr. Appelbaum of the secret court orders, according to people familiar with the investigation. Google declined to comment. Mr. Appelbaum, 28 years old, hasn’t been charged with wrongdoing.

The court clashes in the WikiLeaks case provide a rare public window into the growing debate over a federal law that lets the government secretly obtain information from people’s email and cellphones without a search warrant. Several court decisions have questioned whether the law, the Electronic Communications Privacy Act, violates the U.S. Constitution’s Fourth Amendment protections against unreasonable searches and seizures.

And note, that the government was seeking to forbid the ISP and Google from even telling the individual that the government was seeking his information. This is like something from the Soviet Union, not our “democracy.”  More the second story from Boing Boing.

Related articles