Monitoring NSA in de VS en erbuiten, deel 9

quote:

DA says Apple, Google software helps terrorists

Manhattan DA Cyrus Vance Jr. sounded a battle cry Sunday, calling on law-enforcement agencies to battle Apple and Google over software that makes it impossible for authorities to “decrypt” cellphones seized in criminal investigations.

The recently rolled-out “upgrades” haven’t attracted much general attention, which means police must start pressing elected officials to roll back the terrorist-friendly software, he said.
“Apple has created a phone that is dark, that cannot be accessed by law enforcement even when a court has authorized us to look at its contents,” Vance warned on “The Cats Roundtable” show on WNYM/970 AM.

“That’s going to be the terrorists’ communication device of choice.”

Google is also introducing software for its Android phones that police and prosecutors will be unable to trace.

Combined, the tech giants make up about 96 percent of the world cellphone market.

When it was launched Sept. 17, the Apple mobile operating system, iOS 8, drew criticism from several top law-enforcement officials, including US Attorney General Eric Holder and NYPD Commissioner Bill Bratton.

“It does a terrible disservice to the public, ultimately, and to law enforcement, initially,” Bratton said at the time.

“For them to consciously, for profit and gain, to thwart those legal constitutional efforts, shame on them.”

Apple and Google have defended their products, admitting consumer demand was a key consideration.

With older operating systems, the companies could “unlock” cellphone data at the request of law enforcement. With the new ones, only the phone owner can.

“For all devices running iOS 8.0 and later versions, Apple will not perform iOS data extractions in response to government search warrants because the files to be extracted are protected by an encryption key that is tied to the user’s passcode, which Apple does not possess,” the company states on its Web site.

Vance said Apple and Google are playing with people’s safety.

“It’s going to affect our ability to protect New Yorkers,” he told the show’s host, former mayoral candidate John Catsimatidis.

“It’s also going to have national-security implications because a device that cannot be accessed by judicial warrant can be used by homegrown violent extremists and terrorists to communicate with each other.”

Vance urged law-enforcement leaders to lobby politicians.

“We need to get their [elected officials’] support to hold hearings on this issue,” Vance said.

quote:

White House releases report on NSA surveillance six years later

Basics of programme had been declassified, but report includes new details about the secrecy surrounding the collection of Americans’ emails and calls

With debate gearing up over the coming expiration of the Patriot Act surveillance law, the Obama administration on Saturday unveiled a six-year-old report examining the once-secret programme to collect information on Americans’ calls and emails.

The Office of the Director of National Intelligence (ODNI) publicly released the redacted report following a Freedom of Information Act lawsuit by the New York Times. The basics of the National Security Agency (NSA) programme already had been declassified, but the lengthy report includes some new details about the secrecy surrounding it.

After the programme was disclosed in 2013 by the former NSA contractor Edward Snowden, President Barack Obama and many lawmakers called for legislation to end that collection, but a bill to do so failed last year. Proponents had hoped that the expiration of the Patriot Act provisions would force consideration of such a measure.

A bipartisan group of House members has been working on such legislation, dubbed the USA Freedom Act. White House press secretary Josh Earnest said on Friday that Obama is pleased efforts are restarting in the House.

“Hopefully, the next place where Democrats and Republicans will turn their attention and try to work together is on this issue of putting in place important reforms to the Patriot Act,” Earnest said.

If no legislation is passed, the Patriot Act provisions will expire. That would affect not only the NSA surveillance but other programmes used by the FBI to investigate domestic crimes, which puts considerable pressure on lawmakers to pass some sort of extension.

President George W Bush authorised the “President’s Surveillance Program” (PSP) in the aftermath of the terrorist attacks on 11 September 2001. The review was completed in July 2009 by inspectors general from the Justice Department, Pentagon, CIA, NSA and ODNI.

They found that while many senior intelligence officials believe the programme filled a gap by increasing access to international communications, others, including FBI agents, CIA analysts and managers, “had difficulty evaluating the precise contribution of the PSP to counterterrorism efforts because it was most often viewed as one source among many available analytic and intelligence-gathering tools in these efforts”.

Critics of the phone records programme, which allows the NSA to hunt for communications between terrorists abroad and US residents, argue it has not proven to be an effective counterterrorism tool. They also say an intelligence agency has no business possessing the deeply personal records of Americans. Many favour a system under which the NSA can obtain court orders to query records held by the phone companies.

The Patriot Act expires on 1 June, and Senate Republicans have introduced a bill that would allow continued collection of call records of nearly every American. The legislation would reauthorise sections of the Patriot Act, including the provision under which the NSA requires phone companies to turn over the “to and from” records of most domestic landline calls.

quote:

Duitsers bespioneerden buurlanden voor Amerikanen, Merkel in verlegenheid

De Duitse geheime dienst heeft jarenlang in opdracht van de Amerikanen Europese buurlanden bespioneerd. Volgens een onderzoek dat is uitgevoerd in opdracht van de Duitse regering werden vanuit het Beierse Bad Aibling data, e-mails en telefoongegevens verzameld van onder meer de Franse wapenindustrie, hoge ambtenaren van het Franse ministerie van Buitenlandse Zaken en het presidentieel paleis en leden van de Europese Commissie.

De Duitse regering is door het onderzoek, dat gisteren uitlekte in de Süddeutsche Zeitung en via de tv-zenders NDR en WDR, ernstig in verlegenheid gebracht. Eind 2013 reageerde Duitsland nog woedend op het bericht dat de Amerikaanse veiligheidsdienst NSA onder andere de telefoon van bondskanselier Angela Merkel afluisterde.

Haar woordvoerder zei destijds dat er “een diep verschil van mening bestaat tussen Duitsland en de VS over de balans tussen veiligheid en inbreuk op burgerrechten”.

Illegale wapentransporten

De Verenigde Staten wilden volgens het uitgelekte onderzoek informatie over illegale wapenexporten. Daarom werden ook bedrijven in de gaten gehouden. Het zou in de meeste gevallen niet zijn gegaan om bedrijfsspionage.

De Frankfurter Allgemeine Zeitung, die de affaire relativeert, wijst op een lijst met e-mail- en IP-adressen die de Duitsers van de Amerikanen kregen, maar weigerden te onderzoeken.

Twee weken geleden zei minister van Binnenlandse Zaken Thomas de Maizière in antwoord op vragen in de Bondsdag dat er geen sprake is geweest van bedrijfsspionage. De oppositiepartij Die Linke concludeert nu dat De Maizière heeft gelogen en eist zijn aftreden.

De minister, die door boulevardkrant Bild al als Pinocchio met een lange neus wordt afgebeeld, noemde de beschuldigingen “niet waar”, maar kon weinig zeggen omdat het ging om “geheime” dan wel “uiterst geheime” informatie. “Het is daarom voor mij onmogelijk om openlijk op de verwijten en vragen te reageren”, zei De Maizière, die tussen 2005 en 2009 in Merkels Kanzleramt verantwoordelijk was voor de geheime diensten.

De voorzitter van de parlementaire onderzoekscommissie, Patrick Sensburg, een partijgenoot van De Maizière, vindt het veel te vroeg om over “aftreden” te spreken. Wel vraagt hij om inzage in de volledige lijst met zoektermen die de NSA aan zijn Duitse collega’s voorlegde.

quote:

AIVD-baas Bertholee: een schoothond van de NSA? Bullshit!

quote:

Rob Bertholee, baas van de Nederlandse Inlichtingenen veiligheidsdienst (AIVD), noemt het verwijt van klokkenluider Edward Snowden dat zijn dienst een schoothond van haar Amerikaanse evenknie is “absolute bullshit”. Tevens vindt hij dat de Nederlandse journalistiek teveel achter Snowden aan loopt.

Bertholee gaat vandaag voor het eerst publiekelijk in op de kritiek van Snowden op de AIVD.

quote:

"Ik zie iemand die vastzit in Moskou, geen kant uitkan en door de Amerikanen wordt beschouwd als een vijand van de staat. Dan denk ik: hoe komt zo iemand aan zoveel kennis en een schijnbaar diepgaande analyse over wat er in Nederland gebeurt?"

quote:

Aanpassing Patriot Act lijkt zekerheid

quote:

De omstreden Amerikaanse Patriot Act gaat waarschijnlijk aangepast worden. Volgens New York Times is er een meerderheid in de senaat voor het inperken van onbeperkt afluisteren door de inlichtingendienst NSA. Een congrescommissie heeft een voorstel aangenomen om de aanpassing van de Patriot Act mogelijk te maken en een meerderheid van republikeinen en democraten in de senaat zou die aanpassing steunen.

quote:

Why the U.S. should but won’t partner with hactivists Anonymous

For a barbaric movement grounded in early Islamic apocalyptic prophecies, what is perhaps most striking about the rapid rise of the Islamic State has been its use of modern technology. Leveraging the open nature and global reach of platforms such as Twitter, Facebook and YouTube, Islamic State has used social media to recruit young would-be jihadis, to build a global network of sympathetic followers, and to intimidate Western audiences with its brutality.

The scale of this digital propaganda network is vast. A recent study by the Brookings Institution found that in late 2014 there were at least 46,000 Twitter accounts used by Islamic State supporters, with an average of 1,000 followers each.

But why has the United States, which has at its disposal vast cyberwar capabilities, an ever-expanding surveillance state and significant leverage over, and goodwill of, the American companies that are hosting this content, proved unable to quiet the online reach of this network of insurgents?

One answer is that the open nature of the Internet, combined with the constraints that democratic states face engaging effectively within it, has limited the capability of the United States to fight back. And this tells us a tremendous amount about the shifting nature of power in the digital age.

In the absence of effective state action against the Islamic State online, Anonymous has taken up the digital war. Already this ad hoc network of hackers and activists has downed scores of Web pages and hacked into dozens of Twitter accounts that allegedly belong to Islamic State members. Much like in the early days of the Arab Spring, where hackers provided online assistance and offered protection to activists, Anonymous is stepping in where the state has limited capacity.

This has recently led to calls for the United States to partner with Anonymous to launch cyberattacks against the Islamic State, and even paying hactivists in bitcoin. This sounds audacious, but plausible. Western governments have long collaborated with unsavory actors with the aim of larger strategic goals — as it is said, the enemy of my enemy is my friend.

In theory, such a partnership could allow the Defense and State departments to overcome the constraints of their slow-moving, hierarchical, command-and-control systems. It could allow them to act more like a nimble startup than a legacy industrial corporation.

And it could be effective — we know that Anonymous hackers have been successful taking on a wide range of both established and emerging powers. In practice, however, there is substantial risk. As the failure of the clandestine USAID program to build a fake version of Twitter in Cuba to foster dissent demonstrates, states often stumble when they step into the murky world of online power.

But I would suggest there are other, more fundamental reasons, why the U.S. will never partner with Anonymous. This is because, at its core, Anonymous is different than the other perceived bad actors that government is more than willing to collaborate with. Anonymous represents a new form of decentralized power that challenges the very foundations of the state system.

First, the power structures that Anonymous embodies represent a fundamental threat to state dominance in the international system. The challenges that the state system were designed to solve — a lack of structure, instability, decentralized governance, loose and evolving ties — are precisely what makes groups like Anonymous powerful.

Legitimizing the type of decentralized, collaborative and anonymous power that Anonymous represents, therefore poses a threat to the hierarchical and state-led international system that the nation state depends on. This new form of power scares governments — so much so that they are willing to exert significant control over the network itself. As was revealed in the Snowden National Security Agency documents, the government wanted to collect it all, process it all, exploit it all, partner it all, sniff it all, know it all.

Second, over the course of modern history, we have placed tremendous power in the state. Whether it be through the justice system, the social welfare state or the military, government has been the primary enabler of collective action in our society. In exchange, we have put in place systems of accountability and laws to hold this power to account. For states seeking to fight new online powers, these norms of behavior make functioning effectively online at best difficult, and at worst counter to the expectations and laws governing their activities.

Third, the state is ultimately faced with a paradox — that the very attributes of the Internet that enable the Islamic State also enable the free enterprise and expression that make it arguably the most liberating technology in human history. The very real risk governments face is that in seeking to stop perceived nefarious actors online, they will also shut down the positive ones. Efforts by the NSA to break encryption, for example, won’t just help it fight illegal crypto-currencies, or Islamic State fighters using secure networking tools, but would also threaten the security of the online commerce sector. These efforts risk breaking the Internet.

For the U.S. government, partnering with Anonymous and legitimizing its structure is simply a bridge too far. And this limitation represents a crisis for state power in the digital age: One that curtails its ability to fight the online propaganda of a barbaric jihadist movement taking to Twitter to build its caliphate.

_{Taylor Owen is an assistant professor of digital media and global affairs at the University of British Columbia. He is the author of “Disruptive Power: The Crisis of the State in the Digital Age,” Oxford University Press, 2015. To comment, submit your letter to the editor at www.sfgate.com/submissions.}

quote:

Deprecating Non-Secure HTTP


Today we are announcing our intent to phase out non-secure HTTP.

There’s pretty broad agreement that HTTPS is the way forward for the web. In recent months, there have been statements from IETF, IAB (even the other IAB), W3C, and the US Government calling for universal use of encryption by Internet applications, which in the case of the web means HTTPS.

After a robust discussion on our community mailing list, Mozilla is committing to focus new development efforts on the secure web, and start removing capabilities from the non-secure web. There are two broad elements of this plan:

Setting a date after which all new features will be available only to secure websites
Gradually phasing out access to browser features for non-secure websites, especially features that pose risks to users’ security and privacy.

For the first of these steps, the community will need to agree on a date, and a definition for what features are considered “new”. For example, one definition of “new” could be “features that cannot be polyfilled”. That would allow things like CSS and other rendering features to still be used by insecure websites, since the page can draw effects on its own (e.g., using <canvas>). But it would still restrict qualitatively new features, such as access to new hardware capabilities.

The second element of the plan will need to be driven by trade-offs between security and web compatibility. Removing features from the non-secure web will likely cause some sites to break. So we will have to monitor the degree of breakage and balance it with the security benefit. We’re also already considering softer limitations that can be placed on features when used by non-secure sites. For example, Firefox already prevents persistent permissions for camera and microphone access when invoked from a non-secure website. There have also been some proposals to limit the scope of non-secure cookies.

It should be noted that this plan still allows for usage of the “http” URI scheme in legacy content. With HSTS and the upgrade-insecure-requests CSP attribute, the “http” scheme can be automatically translated to “https” by the browser, and thus run securely.

Since the goal of this effort is to send a message to the web developer community that they need to be secure, our work here will be most effective if coordinated across the web community. We expect to be making some proposals to the W3C WebAppSec Working Group soon.

Thanks to the many people who participated in the mailing list discussion of this proposal. Let’s get the web secured!

Richard Barnes, Firefox Security Lead

Update (2015-05-01): Since there are some common threads in the comments, we’ve put together a FAQ document with thoughts on free certificates, self-signed certificates, and more.

Bron: blog.mozilla.org

quote:

No factual basis for suggesting Snowden GCSB docs 'fabricated' - PM office

The Prime Minister's office has said it has no factual basis for suggesting Edward Snowden documents which exposed GCSB secrets were "fabricated".

But it has also said some of those with access to the Snowden documents - apparently including journalist Glenn Greenwald - "have a track record of misrepresenting, misinterpreting and misunderstanding information".

The "fabrication" claim has been part of the Prime Minister's standard response to revelations of activities carried out by New Zealand's electronic eavesdropping agency.

Details of the GCSB's work have included spying on international diplomats in support of Trade Minister Tim Groser's bid to lead the World Trade Organisation, feeding information to Bangaladeshi security forces facing murder and torture allegations and sending "full take" communications data from the Pacific to the National Security Agency.

The stories - in a reporting partnership with journalist Nicky Hager and the Greenwald-founded news site The Intercept - showed New Zealand had a job-sharing role in international intelligence gathering for the Five Eyes group of nations, which also includes Australia, Canada, the United Kingdom and the US.

The Five Eyes intelligence gathering group is led by the US, with the other countries holding "second party" status.

Other nations outside the group are the "third party" or less partners.

The Herald sought any information held by the Prime Minister which informed him or his office over the alleged "fabrication".

The Prime Minister's chief of staff Wayne Eagleson said "no information has been identified". He said the PM's office had to refuse the request because the "information requested does not exist or cannot be found".

Asked for the basis of the claim, a spokeswoman for the Prime Minister said: "Given these documents were stolen and these people have a track record of misrepresenting, misinterpreting and misunderstanding information, as shown in the Moment of Truth, we can't discount that some of what is being put forward may be fabricated."

The high profile Moment of Truth event saw Greenwald make claims Snowden documents showed a cable tapping operation was underway to access all New Zealanders' communications. Documents presented as proof showed the operation was planned but there was nothing proving it went ahead.

The government said there was a plan but it had never gone ahead.

OIA request responses from the PM's office and the GCSB show response to the Snowden stories was scripted from the outset. In only a few circumstances to it deviate regardless of the issue raised.

Large chunks of communications were withheld with officials saying it would place at risk the "security and defence of New Zealand".

The only information released which appeared to shed light on the claims from the Snowden files was a summary of comments by a former GCSB advisor.

In an email from one unnamed official to another, it summarised comments by Dr Damien Rogers on TVNZ's Q&A. According to the summary, Dr Roger's had rejected claims of "mass surveillance" on the Pacific in favour of the terms "widespread, systematic monitoring".

The official commented on the description saying it was "not helpful and untrue".

Overview

What was the issue?
Top secret GCSB and NSA documents detailed the way the agencies operated.

How did the Prime Minister respond?
John Key refused to comment on "stolen" information which could be fabricated.

Was there a basis for the suggestion they were forgeries?
The PM's office has confirmed there was no basis to the claim.

Has any Snowden document been shown to be "fabricated"?
No, not in any of the countries in which there has been extensive reporting.

quote:

'Met hulp van NSA verijdelde aanslagen België bestonden niet'

Generaal-majoor Eddy Testelmans van de Belgische militaire inlichtingendienst SGR is de fout ingegaan met een uitspraak over verijdelde aanslagen. Testelmans beweerde in 2013 dat er drie aanslagen in België waren verijdeld dankzij informatie van de Amerikaanse geheime dienst NSA. Dat blijkt niet het geval, meldde de Belgische krant De Tijd vandaag.

'Als de NSA die info niet had doorgespeeld, hadden wij het niet geweten', zei Testelmans in 2013 in een interview met het magazine MO*. 'De details mag ik niet geven. Wel kan ik zeggen dat België waarschijnlijk voor zware incidenten behoed is gebleven.'

Testelmans baseerde zich daarbij op vertrouwelijke nota's die hij had gekregen van de NSA-top. Diezelfde informatie werd destijds ook gebruikt door de NSA om zich voor de Amerikaanse regering te verdedigen na de onthullingen van Snowden. Volgens De Tijd was het ook het doel van Testelmans om het werk van de Amerikaanse inlichtingendienst te verdedigen.

In een vertrouwelijk rapport van de toezichthouder voor de geheime diensten staat er een 'groot vertrouwen' is tussen de NSA en ADIV. Mogelijk heeft de NSA de inlichtingenchef daarom niet tegengesproken.

quote:

Angela Merkel under pressure to reveal all about US spying agreement

German chancellor’s reputation could be at stake as scandal grows over intelligence agency’s surveillance of European businesses and officials on behalf of NSA

Angela Merkel’s reputation as an unassailable chancellor is under threat amid mounting pressure for her to reveal how much she knew about a German-supported US spying operation on European companies and officials.

The onus on her government to deliver answers over the spying scandal has only increased with the Austrian government’s announcement that it has filed a legal complaint against an unnamed party over “covert intelligence to the detriment of Austria”.

EADS, now Airbus, one of the companies known to have been spied on by the BND – Germany’s foreign intelligence agency – is also taking legal action, saying it will file a complaint with prosecutors in Germany.

The BND stands accused of spying on behalf of America’s NSA on European companies such as EADS, as well as the French presidency and the EU commission. There are also suspicions that German government workers and journalists were spied on.

The Social Democrats (SPD), Merkel’s government partners, along with Germany’s federal public prosecutor, Harald Range, are demanding the release of a list of “selectors” – 40,000 search terms used in the spying operations – the results of which were passed on to the NSA.

“The list must be published and only then is clarification possible,” said Christine Lambrecht, parliamentary head of the SPD faction. Merkel has so far refused to allow its release. Her spokesman, Steffen Seibert, said she would make a decision on whether or not to do so only “once consultations with the American partners are completed”.

Thomas de Maizière, the interior minister and a close Merkel confidante, is under even more pressure than the chancellor over allegations he lied about what he knew of BND/NSA cooperation. On Wednesday he answered questions on the affair to a parliamentary committee investigating the row, but only in camera and in a bug-proof room. Among other alleged shortcomings over the affair, he stands accused of failing to act when the BND informed him of the espionage activities in 2008 when he was Merkel’s chief of staff. He has repeatedly been portrayed in the tabloid media with a Pinocchio nose.

Responding to journalists during a break in the proceedings, he once again vehemently denied the allegations. “As chief of staff in 2008, I learned nothing about search terms used by the US for the purposes of economic espionage in Germany,” he said. But he acknowledged knowing about American efforts to intensify the intelligence swapping, calling it “problematic cooperation”, and said the requests had been turned down by the BND.

On Wednesday evening the committee is due to question the incumbent chief of staff, Peter Altmaier.

The former BND chief, Gerhard Schindler, is due to speak before the separate NSA parliamentary committee – set up to investigate the activities of the US agency as revealed by Edward Snowden – on Thursday.

While Merkel appeared to have remained relatively unscathed by the scandal until now, an opinion poll showed that most Germans believed the trustworthiness of the three-times chancellor was now seriously at stake. 62% of Germans said her credibility was in doubt, according to the poll, carried out by the Insa institute, while 18% said it was not.

Merkel told Radio Bremen in an interview that she was prepared to speak out over the allegations to a parliamentary committee. “I will testify there and justify myself to them where it is required,” she told the broadcaster.

Sigmar Gabriel, the deputy chancellor and economy minister, who is also the leader of the SPD, upped the ante still further by relaying a conversation he had with Merkel in which he asked her twice if the government had evidence of economic espionage, and she said no. He added that if it emerged Germany had been involved in helping the NSA spy on companies, it would greatly strain relations between business and the government and “put a large burden on the trust the economy has in government behaviour”.

The scandal has already strained relations within Merkel’s grand coalition, with many observers commenting that Gabriel was seeing the affair as a chance to make political gains. Political observers were lining up to remark that the crisis is the single most critical of Merkel’s decade in government and could even lead to her and her government’s downfall.

But the scandal has its roots much further back than Merkel’s own government, harking to a time when Europe was gripped by the cold war. Both the US and the UK, as victors of the second world war who had Germany under close supervision, ran spying networks from Germany, most notably from Bad Aibling in Bavaria, the biggest listening station outside the US and Britain. Officially, the US withdrew its operations in 2004. But unofficially it stayed there under an agreement in which Germany agreed to hand over its intelligence findings in return for the highly sophisticated technology the US was able to provide. The events of 9/11 and the revelations that three of the pilots had lived in Germany undetected only served to increase the pressure the US was able to put on Germany that its presence was necessary.

Bad Aibling, officially now solely a BND listening facility, was the post used by the NSA in the current scandal.

The affair has underlined just how dependent Germany still is on the US and to a lesser extent the UK, on issues of intelligence and defence. Their desire for still-closer cooperation culminated in Operation Monkey Shoulder (named after a blend of three different types of malt whiskys) involving the BND, NSA and MI6, Spiegel recently revealed.

With such a background, the German government has to appear to be criticising the US at the same time as underlining the importance of cooperation.

Merkel, who appeared to be hugely at odds with the US government when it was revealed in 2013 that the NSA’s mass intelligence operation included tapping her mobile phone, has so far responded in a characteristically vague and flat manner. While acknowledging that allies should not spy on each other, she has stressed that spying’s most important role is to prevent terrorist attacks.

“The government will do everything to guarantee the ability of the intelligence services,” she said on Monday. “Taking terrorist threats into account, that ability is only possible in cooperation with other agencies. That very much includes the NSA, as well as others.”

Commenting on the crisis, Spiegel magazine called it the “biggest challenge that the ‘Merkel Regime’ has had to face”, and potentially the “turning point of her chancellorship”.

“She enjoys such trust because many Germans feel she looks after the country’s needs and their own very well. But the scandal … could cause the foundations of her power to crumble,” the magazine said.

quote:

Appeals Court Rules NSA Phone Program Not Authorized by Patriot Act

ACLU lawsuit argued the data collection should be stopped because it violates Americans’ privacy rights

quote:

A federal appeals court ruled Thursday the National Security Agency's controversial collection of millions of Americans' phone records isn't authorized by the Patriot Act, as the Bush and Obama administrations have long maintained.

quote:

NSA’s Bulk Collection of Phone Records Is Illegal, Appeals Court Says

quote:

A federal appeals court panel ruled on Thursday that the NSA’s bulk collection of metadata of phone calls to and from Americans is not authorized by Section 215 of the USA Patriot Act, throwing out the government’s legal justification for the surveillance program exposed by NSA whistleblower Edward Snowden nearly two years ago.

Judge Gerard E. Lynch, writing the opinion for the three-judge panel of the Second Circuit Court of Appeals in New York, described as “unprecedented and unwarranted” the government’s argument that the all-encompassing collection of phone records was allowed because it was “relevant” to an authorized investigation.

The case was brought by the American Civil Liberties Union, and ACLU attorney Alex Abdo told The Intercept, “This ruling should make clear, once and for all, that the NSA’s bulk collection of Americans’ phone records is unlawful. And it should cast into doubt the unknown number of other mass surveillance operations of the NSA that rely on a similarly flawed interpretation of the law.”

As Lynch wrote in the court’s opinion: “To obtain a § 215 order, the government must provide the FISC [Foreign Intelligence Surveillance Court] with ‘a statement of facts showing that there are reasonable grounds to believe that the tangible things sought are relevant to an authorized investigation (other than a threat assessment)’. ”

quote:

Of Snowden and the NSA, only one has acted unlawfully – and it’s not Snowden | World news | The Guardian

With the NSA’s bulk surveillance ruled illegal, the debate on the Patriot Act should be reinvigorated – with Edward Snowden free to join in

With the NSA’s bulk surveillance ruled illegal, the debate on the Patriot Act should be reinvigorated – with Edward Snowden free to join in

On 6 June 2013, the Guardian published a secret US court order against the phone company Verizon, ordering it on an “ongoing, daily basis” to hand over the call records of its millions of US customers to the NSA – just one of numerous orders enabling the government’s highly secret domestic mass surveillance program. Just days later the world learned the identity of the whistleblower who made the order public: Edward Snowden.

Now, almost two years later, a US court has vindicated Snowden’s decision, ruling that the bulk surveillance program went beyond what the law underpinning it allowed: the US government used section 215 of the Patriot Act to justify the program. A US court of appeals has ruled the law does not allow for a program so broad. In short, one of the NSA’s most famous and controversial surveillance programs has no legal basis.

Of Snowden and the NSA, only one has so far been found to have acted unlawfully – and it’s not Snowden. That surely must change the nature of the debate on civil liberties being had in America, and it should do so in a number of ways.

The first is the surprisingly thorny question of what to do with Snowden himself. The whistleblower is in his second year of exile, living in asylum in Russia, as he would surely face criminal prosecution should he return. The nature of the punishment – and pre-trial mistreatment – meted out to Chelsea Manning shows his fears are well founded.

But now the courts have ruled that Snowden’s flagship revelation, the very first and foremost of the programs he disclosed, has no legal basis, who now might challenge his status as a whistleblower?

Certainly not Judge Sack, who in his concurring opinion alongside today’s rulings acknowledged Snowden’s revelations led to this litigation, and likened his disclosures to Daniel Ellsberg’s famous “Pentagon Papers” leak.

If the US government seeks to jail someone who has shown its own security services acting unlawfully, its international reputation will deservedly take a beating. If the US wants moral authority to talk to other governments about whistleblowers and civil liberty, it needs to be brave: it needs to offer Snowden amnesty.

The other actions for the US executive and for Congress are broader. The court of appeals judges very deliberately chose not to consider the constitutionality of NSA bulk surveillance programs, as such questions are currently before Congress with the ongoing debate on how to reform the Patriot Act.

Congress should allow this ruling to reinvigorate that debate, and in a sense the ruling forces it to do so. If Congress want a law that allows phone surveillance on the scale of the NSA’s existing programs, it will have to explicitly create that: gone is the option of trying to push through something near the status quo with a fringe of reform.

For domestic bulk surveillance to continue and be legal, Congress must explicitly vote for it – and then, in time, the judicial branch will consider the constitutional case in earnest.

If Congress sincerely wishes to curb it, it now has substantial backing from the judicial branch to push forward and do that. Reformers finally have the jolt in the arm they needed to prevent the positive impact of Snowden’s revelations dribbling away.

The president could also use this ruling as an opportunity to consider his stance. The line endlessly aired by the administration and its officials is that all surveillance is legal. That line is no longer valid. Rather than just seeking a new script – or as is almost certain, merely appealing against the decision – this could be a great opportunity for some introspection. These surveillance programs are wildly expensive and have very few proven results. Why not look at which ones the US really needs, and whether old-fashioned targeted surveillance might not keep us all as safe (or safer), and freer too?

The final debate is one that is unlikely to happen, but should: the US needs to start considering the privacy and freedom of foreigners as well as its own citizens. The US public is rightly concerned about its government spying on them. But citizens of countries around the world, many of them US allies, are also rightly concerned about the US government spying on them.

Considering Americans and foreigners alike in these conversations would be a great moral stance – but pragmatically, it should also help Americans. If the US doesn’t care about the privacy of other countries, it shouldn’t expect foreign governments to care about US citizens. There’s something in this for everyone.

These are the debates we could be having, and should be having. The judiciary has spoken. The legislature is deliberating. The public is debating. And all of it is enabled thanks to information provided by Edward Snowden.

He should be free to join the conversation, in person.
Bron: www.theguardian.com

quote:

Secret Manuals Show the Spyware Sold to Despots and Cops Worldwide

quote:

When Apple and Google unveiled new encryption schemes last month, law enforcement officials complained that they wouldn’t be able to unlock evidence on criminals’ digital devices. What they didn’t say is that there are already methods to bypass encryption, thanks to off-the-shelf digital implants readily available to the smallest national agencies and the largest city police forces — easy-to-use software that takes over and monitors digital devices in real time, according to documents obtained by The Intercept.

We’re publishing in full, for the first time, manuals explaining the prominent commercial implant software “Remote Control System,” manufactured by the Italian company Hacking Team. Despite FBI director James Comey’s dire warnings about the impact of widespread data scrambling — “criminals and terrorists would like nothing more,” he declared — Hacking Team explicitly promises on its website that its software can “defeat encryption.”

quote:

Revealed: FBI violated its own rules while spying on Keystone XL opponents

quote:

The FBI breached its own internal rules when it spied on campaigners against the Keystone XL pipeline, failing to get approval before it cultivated informants and opened files on individuals protesting against the construction of the pipeline in Texas, documents reveal.

Internal agency documents show for the first time how FBI agents have been closely monitoring anti-Keystone activists, in violation of guidelines designed to prevent the agency from becoming unduly involved in sensitive political issues.

The hugely contentious Keystone XL pipeline, which is awaiting approval from the Obama administration, would transport tar sands oil from Canada to the Texas Gulf coast.

It has been strongly opposed for years by a coalition of environmental groups, including some involved in nonviolent civil disobedience who have been monitored by federal law enforcement agencies.

The documents reveal that one FBI investigation, run from its Houston field office, amounted to “substantial non-compliance” of Department of Justice rules that govern how the agency should handle sensitive matters.

One FBI memo, which set out the rationale for investigating campaigners in the Houston area, touted the economic advantages of the pipeline while labelling its opponents “environmental extremists”.

quote:

AIVD-baas had gelijk: Edward Snowden verdient tegenspel

Onderzoek waarom die ex-NSA’er vanuit Moskou enkel Amerikaanse vrienden tegen elkaar uitspeelt, betoogt ex-AIVD’er Kees Jan Dellebeke.

Geeft de Nederlandse geheime dienst de Amerikaanse inlichtingendiensten onbeperkte toegang tot eigen informatie? „Dat is echt absolute bullshit”, zei Rob Bertholee, directeur AIVD, op 1 mei in NRC. De interviewers hadden hem beweringen voorgelegd van Edward Snowden, de Amerikaan die in 2013 een berg documenten van zijn werkgever NSA openbaarde, de grootste inlichtingendienst van de VS. Bertholee heeft gelijk, maar in de publieke opinie werd het hem niet in dank afgenomen dat hij de naar Moskou gevluchte NSA’er afserveerde. Het leidde zelfs tot Kamervragen. „Deelt u de strategie van de AIVD om klokkenluider Snowden te isoleren en te stigmatiseren?”, vroeg Ronald van Raak (SP) aan de minister van Binnenlandse Zaken.

Als ex-AIVD’er sloeg ik de ophef met verbazing gade. Wonderlijk dat zoveel intelligente mensen blindelings geloven in de ‘goede bedoelingen’ van Snowden. Bertholee spoorde de journalistiek juist aan Snowden kritischer te onderzoeken en tegenspel te bieden. Natuurlijk, de AIVD beschikt over meer bronnen en is daarmee in het voordeel van journalisten en politici. Denk aan analyses van buitenlandse inlichtingendiensten over Snowden. De dienst wordt daarover regelmatig bijgepraat. Bertholees Ruslandspecialisten zullen zich ongetwijfeld verdiept hebben in de mogelijke rol die Poetins geheime dienst FSB in de affaire speelde.

Bertholee staat overigens niet alleen in zijn kritiek op de met Snowden dwepende pers. In universiteitskringen wordt de kritiekloze en hijgerige berichtgeving over Snowdens uitlatingen evenmin gewaardeerd. Zij vragen zich af waarom Snowden als geestelijk leider aanbeden wordt. Hij wordt aangehoord en geloofd: tegengas blijft uit, waarschijnlijk uit angst dat hij een interview zal weigeren.

quote:

#Anonymous Sweden hacks the #NSA, mentions of hack wiped from #Facebook, #LinkedIn

quote:

DⒶʀKᙡiNɢ ಠ_ರೃ , a Swede associated with Anonymous, has claimed a new, and rather relentless, hack of the US National Security Agency’s email server. Nothing so mundane as username/password combinations, the Pastebin of the hack lists the methodology and blow-by-blow of what worked, what didn’t, and what the hacker thinks of the NSA security (hint: not much). Turns out, the NSA doesn’t even maintain its own email server: they’ve outsourced that to Qwest.

quote:

Pirate Party activist and Cryptosphere contributor Raymond Johansen shared the original tweet to Facebook when the Paste had 327 views. The tweet contains a live link to the Pastebin, of course.

Within eight minutes, he reports, the Pastebin had been taken down. “THEN they read me laughing at them for even trying.” Someone posted a link to the Google cache of the missing paste in the comments on Facebook, at which point the paste apparently re-materialized. “Within a minute of that the original paste is back up AGAIN – the NSA realizing I am making them look like class fulz. THAT moment is the single most ROFL inducing PSML unavoidable moment of my life. It is Anonspeak for “we know we fckd lets unfck ourself” – all the while actually doublefcking themselves – royally.”

The paste may have been tampered with in the interim, says Johansen. “The [second] paste we saw, maybe 12 hours old, had strange garbage on the end. IMO it has been tinkered with and I myself will not visit that pastebin – because OpSec.”

“AnonIntelGroup posted ‘Bring the Lulz back!’ a week ago. ‘Mission accompli!’ – I would say.”

Within three hours of that, however, Johansen noticed that the Facebook post itself was missing from his timeline, missing from his Timeline Review, and had been removed from all the groups and pages to which he had shared it. Gone, too, were the comments. He then made a new post, explaining the elision, which was screenshotted and linked above. The Cryptosphere was able to confirm independently via email updates that the original post existed, and was subsequently scrubbed by Facebook.

quote:

Angela Merkel under pressure to reveal extent of German help for US spying | World news | The Guardian

German chancellor called on to divulge a list of targets, including the IP addresses of individual computers, tracked on behalf of the NSA

German chancellor called on to divulge a list of targets, including the IP addresses of individual computers, tracked on behalf of the NSA

The German chancellor, Angela Merkel, is coming under increasing pressure to divulge a list of targets, including the IP addresses of individual computers, that German intelligence tracked on behalf of the US National Security Agency (NSA).

Critics have accused Merkel’s staff of giving the BND foreign intelligence agency the green light to help the NSA spy on European firms and officials.

The scandal has strained relations between Merkel’s conservative Christian Democratic Union and its junior coalition partner, the Social Democrats, whose leader, Sigmar Gabriel, has publicly challenged her over the affair.

Gabriel told the German newspaper Bild am Sonntag that parliament needed to see the list, which contains names, search terms and IP addresses. The government has said it must consult the US before revealing the list, whose contents are thought crucial to establishing whether the BND was at fault in helping the NSA.

Gabriel, who is also Germany’s vice-chancellor, said: “Imagine if there were suspicions that the NSA had helped the BND to spy on American firms. Congress wouldn’t hesitate for a second before looking into the documents.”
Bron: www.theguardian.com

quote:

AIVD onderzoekt mogelijke spionage door Duitse inlichtingendienst | De afluisterpraktijken van de NSA

Minister Ronald Plasterk van Binnenlandse Zaken laat de inlichtingen- en veiligheidsdienst AIVD uitzoeken wat er waar is van beschuldigingen dat Duitse en Amerikaanse inlichtingendiensten onder meer internetverkeer richting Nederland hebben afgetapt. Plasterk zei dat vandaag in de marge van het vragenuur in de Tweede Kamer.
[/b]

De Oostenrijkse politicus Peter Pilz meldde de spionage door de Duitse dienst BND en de Amerikaanse NSA maandag aan het Duitse tijdschrift Der Spiegel. Behalve Nederlands internetverkeer zouden die diensten ook gegevens in Oostenrijk en Frankrijk hebben onderschept.

Mocht Pilz meer informatie hebben, dan wil de AIVD die graag inzien, zei Plasterk. Zodra de minister meer weet, zal hij de Tweede Kamer informeren. Hij noemde het 'in algemene zin onacceptabel' dat er in Nederland door buitenlandse diensten wordt gespioneerd.

Bron: Volkskrant

quote:

[quote]NSA neusde nog veel meer rond in Europa dan gedacht

De interesse van de Amerikaanse inlichtingendienst NSA in Europese bedrijven blijkt veel groter te zijn geweest dan tot nog toe werd aangenomen. Niet alleen bedrijven in de defensiesector zoals EADS en Eurocopter werden bespioneerd, ook andere firma's werden in de gaten gehouden.

Volgens het tijdschrift Der Spiegel is bij de Duitse inlichtingendienst BND, die hand-en-spandiensten verleent aan de NSA, een nieuwe lijst met zoektermen opgedoken waaruit de interesse valt op te maken. Op de lijst staan 459.000 zoektermen die in ieder geval in de periode 2005 - 2008 werden gebruikt.

Door het stof

De baas van de BND, Gerhard Schindler, ging gisteren door het stof. Hij gaf toe dat de door de NSA ingediende zoektermen waarmee door de BND verzamelde informatie wordt doorzocht, onvoldoende door zijn dienst tegen het licht zijn gehouden.

De nieuwe lijst brengt de Duitse inlichtingendienst echter ook op een ander punt in verlegenheid. Het zorgvuldig gecultiveerde beeld dat afluisterstation Bad Aibling zelfstandig opereerde zonder medeweten van het hoofdkantoor is niet langer houdbaar, schrijft Der Spiegel. De lijst komt van het hoofdkantoor in Pullach van de afdeling G10 die er juist op moet toezien dat Duitsers verschoond blijven van onwettige spionagepraktijken.

quote:

Security services' powers to be extended in wide-ranging surveillance bill | UK news | The Guardian


Surprise extension of bill’s scope beyond legislation to modernise law on tracking communications data was agreed only this week

The government is to introduce an investigatory powers bill that is far more wide-ranging than expected, including an extension of the powers of the security services in response to the surveillance disclosures by the NSA whistleblower Edward Snowden.

The legislation will include not only the expected snooper’s charter, enabling the tracking of everyone’s web and social media use, but also moves to strengthen the security services’ warranted powers for the bulk interception of the content of communications.

The surprise extension of the scope of the bill beyond legislation to “modernise the law” on tracking communications data was agreed within government only this week. It appears that David Cameron has decided to take advantage of his unexpected majority in the Commons to respond to Snowden’s disclosures by extending the powers of the security services.

The Home Office says the investigatory powers bill will “better equip law enforcement and intelligence agencies to meet their key operational requirements, and address the gap in these agencies’ ability to build intelligence and evidence where subjects of interest, suspects and vulnerable people have communicated online.”

Ministers promise to provide for “appropriate oversight arrangements and safeguards”, but there is no immediate detail on how the complex web of intelligence and surveillance commissioners and parliamentary oversight might be strengthened.

The government also promises that the legislation will respond to issues raised by David Anderson QC, the official reviewer of counter-terrorism legislation, in his assessment of bulk surveillance powers used by the police and security services under the Regulation of Investigatory Powers Act 2000.

Anderson delivered his report to Downing Street on 6 May, the day before the general election, and it is expected to be published in the next few days. Anderson has said his review considered the safeguards to privacy, issues of transparency and oversight as well as the powers needed to meet the challenge of changing technologies. He has said it was a “substantial piece of work” and included him travelling to Berlin, California, Washington DC, Brussels and Ottawa.

“The report won’t please everyone [indeed it may not please anybody]. But if it succeeds in informing the public and parliamentary debate on the future of the law from an independent perspective, it will have done its job,” he said on his blog.

Jim Killock, executive director of the Open Rights Group, said: “The government is signalling that it wants to press ahead with increased powers of data collection and retention for the police and GCHQ, spying on everyone, whether suspected of a crime or not.

“This is the return of the snooper’s charter, even as the ability to collect and retain data gets less and less workable. We should expect attacks on encryption, which protects all our security. Data collection will create vast and unnecessary expense.”

Renate Samson, chief executive of Big Brother Watch, said: “Whilst the title may have changed from a communications data bill to an investigatory powers bill, it will be interesting to see whether the content has radically changed.

“We have yet to see real evidence that there is a gap in the capability of law enforcement or the agencies’ ability to gain access to our communications data.”

The extended scope of the bill may follow some of the recommendations of the intelligence and security committee (ISC), which suggested in March that the entire existing surveillance legal framework should be replaced by a single new act of parliament.

The MPs and peers suggested that the new legislation should list every intrusive capability available to the security services and specify their purpose, authorisation procedure and what safeguards and oversight procedures exist for their use. This presumably extends to the kind of GCHQ bulk data collection programmes such as Temp0ra and Prism disclosed by Snowden.

The ISC said the introduction of the new communications data legislation was “critical”, but added that a new category of data called “communications data plus” should be established. It said this would acknowledge that some forms of communications data could reveal private information about a person’s habits, preferences or lifestyle choices, such as websites visited. “Such data is more intrusive and therefore should attract greater safeguards.” they recommended.

The other four Home Office bills are largely as trailed. The extremism bill will include powers to “strengthen the role of Ofcom so that tough measures can be taken against channels that broadcast extremist content”. This is despite warnings from Sajid Javid, the business secretary, that the initial proposals threatened free speech.

The bill also includes the introduction of employment checks enabling companies to find out whether an individual is an extremist so they can be barred from working with children. This is alongside already announced proposals for banning orders, extremism disruption orders and closure orders to be used against premises that are used to support extremism.

The immigration bill will create a new enforcement agency to tackle the worst cases of exploitation as well creating an offence of illegal working and enabling wages to be seized as proceeds of crime. Ministers promise to consult on the introduction of a visa levy on businesses that recruit overseas labour to fund extra apprenticeships for British and EU workers.

The five bills mean that the home secretary, Theresa May, will be one of the busiest cabinet ministers in parliament. Her policing and criminal justice bill will implement her mental health reforms, end the use of police bail for months or even years without judicial check, and introduce sanctions on professionals including social workers who fail to report or take action on child abuse.

Ministers have been silent on the sentencing aspects of this bill but the Conservative manifesto promised the introduction of short, sharp custodial sentences for persistent offenders. The new justice secretary, Michael Gove, may be looking again at this proposal.

The psychoactive substances bill or legislation to introduce a blanket ban on legal highs is to be introduced this week. It will criminalise the trade in legal highs with prison sentences of up to seven years but will not make personal possession a criminal offence. The legislation will distinguish between everyday psychoactive substances such as alcohol, tobacco, caffeine and some medicinal products and new designer drugs that imitate more traditional illegal substances.
Bron: www.theguardian.com