Quotulatiousness

April 2, 2014

People are less inclined to shop or bank online after NSA surveillance reports

Filed under: Business, Government, Technology — Tags: , , , , , — Nicholas @ 08:46

Among the side-effects of government surveillance revelations, ordinary people are deciding to be a bit less involved in online activities, according to a new Harris Poll:

Online banking and shopping in America are being negatively impacted by ongoing revelations about the National Security Agency’s digital surveillance activities. That is the clear implication of a recent ESET-commissioned Harris poll which asked more than 2,000 U.S. adults ages 18 and older whether or not, given the news about the NSA’s activities, they have changed their approach to online activity.

Almost half of respondents (47%) said that they have changed their online behavior and think more carefully about where they go, what they say, and what they do online.

When it comes to specific Internet activities, such as email or online banking, this change in behavior translates into a worrying trend for the online economy: over one quarter of respondents (26%) said that, based on what they have learned about secret government surveillance, they are now doing less banking online and less online shopping. This shift in behavior is not good news for companies that rely on sustained or increased use of the Internet for their business model.

[…]

Whether or not we have seen the full extent of the public’s reaction to state-sponsored mass surveillance is hard to predict, but based on this survey and the one we did last year, I would say that, if the NSA revelations continue – and I am sure they will – and if government reassurances fail to impress the public, then it is possible that the trends in behavior we are seeing right now will continue. For example, I do not see many people finding reassurance in President Obama’s recently announced plan to transfer the storage of millions of telephone records from the government to private phone companies. As we will document in our next installment of survey findings, data gathering by companies is even more of a privacy concern for some Americans than government surveillance.

And in case anyone is tempted to think that this is a narrow issue of concern only to news junkies and security geeks, let me be clear: according to this latest survey, 85% of adult Americans are now at least somewhat familiar with the news about secret government surveillance of private citizens’ phone calls, emails, online activity, and so on.

March 29, 2014

Surveillance of Canadian telecommunications channels

Filed under: Cancon, Government, Law, Media — Tags: , , , , , — Nicholas @ 00:01

The University of Toronto’s Munk School of Global Affairs looks at how the Canadian security establishment operates:

The issue of lawful access has repeatedly arisen on the Canadian federal agenda. Every time that the legislation has been introduced Canadians have opposed the notion of authorities gaining warrantless access to subscriber data, to the point where the most recent version of the lawful access legislation dropped this provision. It would seem, however, that the real motivation for dropping the provision may follow from the facts on the ground: Canadian authorities already routinely and massively collect subscriber data without significant pushback by Canada’s service providers. And whereas the prior iteration of the lawful access legislation (i.e. C–30) would have required authorities to report on their access to this data the current iteration of the legislation (i.e. C–13) lacks this accountability safeguard.

In March 2014, MP Charmaine Borg received responses from federal agencies (.pdf) concerning the agencies’ requests for subscriber-related information from telecommunications service providers (TSPs). Those responses demonstrate extensive and unaccountable federal government surveillance of Canadians. I begin this post by discussing the political significance of MP Borg’s questions and then proceed to granularly identify major findings from the federal agencies’ respective responses. After providing these empirical details and discussing their significance, I conclude by arguing that the ‘subscriber information loophole’ urgently needs to be closed and that federal agencies must be made accountable to their masters, the Canadian public.

[…]

The government’s responses to MP Borg’s questions were returned on March 24, 2014. In what follows I identify the major findings from these responses. I first discuss the Communications Security Establishment Canada (CSEC), Canadian Security Intelligence Service (CSIS), Royal Canadian Mounted Police (RCMP), and Canadian Border Service Agency (CBSA). These agencies provided particularly valuable information in response to MP Borg’s questions. I then move to discuss some of the ‘minor findings’ related to the Canadian Revenue Agency (CRA), Competition Bureau, Statistics Canada, and the Transportation Safety Board (TSB).

March 23, 2014

Isn’t it Ironic: Government Surveillance Version (with Remy)

Filed under: Government, Humour, Liberty, Media — Tags: , , , — Nicholas @ 00:01

Published on 20 Mar 2014

Remy updates the Alanis Morissette hit for a certain senior senator from California.

Approximately 2 minutes.

Written by Remy. Video and animation by Meredith Bragg. Music performed, produced, recorded, mixed and mastered by Ben Karlstrom.

For full text, links, downloadable versions and more, go to: http://reason.com/reasontv/2014/03/20/remy-isnt-it-ironic.

Lyrics:
A Senator lady
Got the news one day
The country’s being spied on
by the NSA

So she went out defending
on each TV set
but when she found out she’d been snooped on
she got all upset

And isn’t it ironic?
I mean, don’t you think?

It’s like you’re at Chris Brown’s
and there’s punch in the fridge
or if The Bachelor
passed a geography quiz

Learning Ted Kennedy
happened to be good at bridge.
And who would have thought?
It figures.

Senator, this may surprise you
and the irony bites
but Congresspeople ain’t the only ones
with 4th Amendment rights

It’s like a minimalist
who does their laundry
with All
or if Woody Allen liked to watch
Kids in the Hall

it’s like FDR
got locked in a Honda Accord
a cheap healthcare plan
that you just can’t afford

If Oscar Pistorius
really hated The Doors
and who would have thought?
It figures.

I heard the government
is sneaking up on you.
Life has a funny, funny way
of calling you out
calling you out.

March 13, 2014

It’s amazing how much data can be derived from “mere” metadata

Filed under: Liberty, Media, Technology — Tags: , , , , — Nicholas @ 08:25

Two Stanford grad students conducted a research project to find out what kind of actual data can be derived from mobile phone metadata:

Two Stanford computer science students were able to acquire detailed information about people’s lives just from telephone metadata — the phone number of the caller and recipient, the particular serial number of the phones involved, the time and duration of calls and possibly the location of each person when the call occurred.

The researchers did not do any illegal snooping — they worked with the phone records of 546 volunteers, matching phone numbers against the public Yelp and Google Places directories to see who was being called.

From the phone numbers, it was possible to determine that 57 percent of the volunteers made at least one medical call. Forty percent made a call related to financial services.

The volunteers called 33,688 unique numbers; 6,107 of those numbers, or 18 percent, were isolated to a particular identity.

[…]

They crowdsourced the data using an Android application and conducted an analysis of individual calls made by the volunteers to sensitive numbers, connecting the patterns of calls to emphasize the detail available in telephone metadata, Mayer said.

“A pattern of calls will, of course, reveal more than individual call records,” he said. “In our analysis, we identified a number of patterns that were highly indicative of sensitive activities or traits.”

For example, one participant called several local neurology groups, a specialty pharmacy, a rare-condition management service, and a pharmaceutical hotline used for multiple sclerosis.

Another contacted a home improvement store, locksmiths, a hydroponics dealer and a head shop.

The researchers initially shared the same hypothesis as their computer science colleagues, Mayer said. They did not anticipate finding much evidence one way or the other.

“We were wrong. Phone metadata is unambiguously sensitive, even over a small sample and short time window. We were able to infer medical conditions, firearm ownership and more, using solely phone metadata,” he said.

March 12, 2014

Senator Dianne Feinstein versus the CIA

Filed under: Government, Law, USA — Tags: , , , , , — Nicholas @ 10:52

In Mother Jones, David Corn shows the state of play between the Central Intelligence Agency and the senate committee that is responsible for oversight of the CIA:

Sen. Dianne Feinstein (D-Calif.), the chair of the Senate intelligence committee, took to the Senate floor and accused the CIA of spying on committee investigators tasked with probing the agency’s past use of harsh interrogation techniques (a.k.a. torture) and detention. Feinstein was responding to recent media stories reporting that the CIA had accessed computers used by intelligence committee staffers working on the committee’s investigation. The computers were set up by the CIA in a locked room in a secure facility separate from its headquarters, and CIA documents relevant to the inquiry were placed on these computers for the Senate investigators. But, it turns out, the Senate sleuths had also uncovered an internal CIA memo reviewing the interrogation program that had not been turned over by the agency. This document was far more critical of the interrogation program than the CIA’s official rebuttal to a still-classified, 6,300-page Senate intelligence committee report that slams it, and the CIA wanted to find out how the Senate investigators had gotten their mitts on this damaging memo.

The CIA’s infiltration of the Senate’s torture probe was a possible constitutional violation and perhaps a criminal one, too. The agency’s inspector general and the Justice Department have begun inquiries. And as the story recently broke, CIA sources — no names, please — told reporters that the real issue was whether the Senate investigators had hacked the CIA to obtain the internal review. Readers of the few newspaper stories on all this did not have to peer too far between the lines to discern a classic Washington battle was under way between Langley and Capitol Hill.

[…]

So here we have the person assigned the duty of guaranteeing that the intelligence establishment functions effectively and appropriately, and she cannot get information about how the CIA meddled in one of her own investigations. This is a serious breakdown. And by the way, Feinstein has still not succeeded in forcing the CIA to declassify her committee’s massive report on the interrogation and detention program.

Here is how she summed up the current state of play:

    If the Senate can declassify this report, we will be able to ensure that an un-American, brutal program of detention and interrogation will never again be considered or permitted. But, Mr. President, the recent actions that I have just laid out make this a defining moment for the oversight of our intelligence committee. How Congress and how this will be resolved will show whether the intelligence committee can be effective in monitoring and investigating our nation’s intelligence activities or whether our work can be thwarted by those we oversee.

What Feinstein didn’t say — but it’s surely implied — is that without effective monitoring, secret government cannot be justified in a democracy. This is indeed a defining moment. It’s a big deal for President Barack Obama, who, as is often noted in these situations, once upon a time taught constitutional law. Feinstein has ripped open a scab to reveal a deep wound that has been festering for decades. The president needs to respond in a way that demonstrates he is serious about making the system work and restoring faith in the oversight of the intelligence establishment. This is more than a spies-versus-pols DC turf battle. It is a constitutional crisis.

March 11, 2014

Surveillance game – Nothing to Hide

Filed under: Gaming, Government, USA — Tags: , , — Nicholas @ 10:50

If you’re not worried about the government (or other governments) watching your every move — because you’ve “got nothing to hide” — you might be interested in this game:

The tongue-in-cheek game Nothing to Hide was born out of creator Nicky Case’s dedication to privacy rights. Using the game, he intends to chip away at confidence in National Security Agency (NSA) procedures and give advocates something to think about.

The “anti-stealth” framework is an “inversion” of more familiar stealth-based video games. In the Panopticon-inspired environment, players must control behavior to please monitoring powers. Rather than avoid surveillance equipment, players actively work to remain in sight of yellow, triangle cyclops-eyed cameras. If a player walks outside the view of the camera, he or she risks death by summary, trial-free execution — because clearly he or she is a criminal with something to hide.

The name Nothing to Hide is, of course, taken from a common blasé reaction to state surveillance: “Well, I’ve got nothing to hide.” The game confronts this attitude by drawing attention to the unpleasantness of being constantly monitored. Players are thrust into a dystopian environment devoid of privacy. Digital posters with creepy comments like “Smile for the camera” and “Thank you for participating in your own surveillance” cover the walls.

March 10, 2014

When we do it, it’s “intelligence gathering”, when they do it, it’s “cyberwar”

Filed under: China, Technology, USA — Tags: , , , , — Nicholas @ 10:48

Bruce Schneier on the odd linguistic tic of how we describe an act depending on who the actor is:

Back when we first started getting reports of the Chinese breaking into U.S. computer networks for espionage purposes, we described it in some very strong language. We called the Chinese actions cyberattacks. We sometimes even invoked the word cyberwar, and declared that a cyber-attack was an act of war.

When Edward Snowden revealed that the NSA has been doing exactly the same thing as the Chinese to computer networks around the world, we used much more moderate language to describe U.S. actions: words like espionage, or intelligence gathering, or spying. We stressed that it’s a peacetime activity, and that everyone does it.

The reality is somewhere in the middle, and the problem is that our intuitions are based on history.

Electronic espionage is different today than it was in the pre-Internet days of the Cold War. Eavesdropping isn’t passive anymore. It’s not the electronic equivalent of sitting close to someone and overhearing a conversation. It’s not passively monitoring a communications circuit. It’s more likely to involve actively breaking into an adversary’s computer network — be it Chinese, Brazilian, or Belgian — and installing malicious software designed to take over that network.

In other words, it’s hacking. Cyber-espionage is a form of cyber-attack. It’s an offensive action. It violates the sovereignty of another country, and we’re doing it with far too little consideration of its diplomatic and geopolitical costs.

February 11, 2014

Michael Geist on what Canadians can do about mass surveillance

Filed under: Cancon, Government, Liberty, Technology — Tags: , , — Nicholas @ 12:21

A post at Michael Geist’s website advises Canadians about their options to protest the government’s role in internet surveillance:

… we know that U.S. law provides fewer protections to personal information of non-U.S. citizens, suggesting that Canadian data residing in cloud-based servers in the U.S. are particularly vulnerable. Meanwhile, the Canadian legal rules remain largely shrouded in secrecy, with officials maintaining that programs fall within the law despite the obvious privacy interests in metadata and statutory restrictions on domestic surveillance.

[…]

Today is the day that Canadians can send a message that this official is wrong. The Day We Fight Back Against Mass Surveillance is a global effort to galvanize people around the world to speak out against ubiquitous surveillance. Canadians can learn more here, but the key ask is to contact your Member of Parliament. If you are concerned with widespread surveillance in Canada, take a couple of moments to send an email or letter (no stamp required) to your MP and let them know how you feel (alternatively, you can fill out the form at this site). In addition, you can sign onto a global petition supported by hundreds of groups around the world.

I’ve written about the need for changes here and many others — including Interim Privacy Commissioner Chantal Bernier, Kent Roach, Wesley Wark, Ron Diebert, David Fraser, Ontario Privacy Commissioner Ann Cavoukian and Avner Levin, Craig Forcese, and Lisa Austin — have highlighted other potential changes. There are no shortage of ideas for reform. What we need now are Canadians to speak out to demand an open review and reform of Canadian surveillance law and policy.

Rand Paul on the Fourth Amendment

Filed under: Government, Liberty, USA — Tags: , , , , — Nicholas @ 12:06

February 3, 2014

If you object to anything the government does, Cass Sunstein says you’re paranoid

Filed under: Government, Liberty, USA — Tags: , , , , , — Nicholas @ 09:03

Justin Raimondo on the former head of the White House Office of Information and Regulatory Affairs and his “with us or against us” views of dissent. Any dissent:

Taking up where Princeton University historian and Clintonista Sean Wilentz left off, Sunstein avers:

    “It can be found on the political right, in familiar objections to gun control, progressive taxation, environmental protection and health-care reform. It can also be found on the left, in familiar objections to religious displays at public institutions and to efforts to reduce the risk of terrorism.”

In short, any objection to the Obama administration’s agenda is indicative of “paranoia” on both sides of the political spectrum. While it would be tempting to write this off as mere partisan bombast, this isn’t the case with Sunstein, an ideologue whose faith in the beneficence of government action underlies all his public pronouncements. If government sees some benefit to state-sponsored displays of religiosity, well then what’s your problem? And as for the Surveillance State – it’s just a program to “reduce the risk of terrorism,” and has absolutely nothing to do with industrial espionage, compiling dossiers on innocent Americans, and tapping Angela Merkel’s phone.

[…]

So how do you spot these libertarian subversives who deserve to be “cognitively infiltrated” and quite possibly suppressed? According to Professor Sunstein, they share five characteristics:

    “The first is a wildly exaggerated sense of risks – a belief that if government is engaging in certain action (such as surveillance or gun control), it will inevitably use its authority so as to jeopardize civil liberties and perhaps democracy itself. In practice, of course, the risk might be real. But paranoid libertarians are convinced of its reality whether or not they have good reason for their conviction.”

What would be a “good reason,” in Sunstein’s view? He doesn’t say, conveniently enough, but what about secrecy? Shouldn’t our suspicions be aroused by the fact that the NSA started spying on us behind our backs? Not even the author of the Patriot Act knew it was being utilized by this administration – and its predecessor – to justify scooping up all telephonic and Internet data generated within our borders and far beyond. Why was it all done in the dark, with even the court proceedings “legalizing” this anti-constitutional coup kept secret? The answer is clearly because such brazen chicanery could never stand the light of day.

And surely Sunstein’s argument can be turned around and aimed at its author: isn’t his proposal that the US government hire paid snoops to “cognitively infiltrate” so-called conspiracy theorists on the Internet (and elsewhere) using a hammer to kill a flea? In his infamous paper, he cites polls showing a good proportion of the people of New York believe the 9/11 attacks were the work of the US government, but even if this somewhat dubious statistic reflects reality what is the risk of failing to confront it with government action? Does Sunstein expect 9/11 “truthers” to take over the state of New York anytime soon? Who’s paranoid now?

January 31, 2014

The maple-flavoured NSA used airport Wi-Fi to track travellers

Filed under: Cancon, Government, Technology — Tags: , , , — Nicholas @ 09:17

With so much talk about the NSA and GCHQ using every electronic means at their disposal, it was inevitable that some of the documents being released by Edward Snowden would implicate Canadian intelligence in similar activities:

A top secret document retrieved by U.S. whistleblower Edward Snowden and obtained by CBC News shows that Canada’s electronic spy agency used information from the free internet service at a major Canadian airport to track the wireless devices of thousands of ordinary airline passengers for days after they left the terminal.

After reviewing the document, one of Canada’s foremost authorities on cyber-security says the clandestine operation by the Communications Security Establishment Canada (CSEC) was almost certainly illegal.

Ronald Deibert told CBC News: “I can’t see any circumstance in which this would not be unlawful, under current Canadian law, under our Charter, under CSEC’s mandates.”

The spy agency is supposed to be collecting primarily foreign intelligence by intercepting overseas phone and internet traffic, and is prohibited by law from targeting Canadians or anyone in Canada without a judicial warrant.

As CSEC chief John Forster recently stated: “I can tell you that we do not target Canadians at home or abroad in our foreign intelligence activities, nor do we target anyone in Canada.

“In fact, it’s prohibited by law. Protecting the privacy of Canadians is our most important principle.”

But security experts who have been apprised of the document point out the airline passengers in a Canadian airport were clearly in Canada.

CSEC said in a written statement to CBC News that it is “mandated to collect foreign signals intelligence to protect Canada and Canadians. And in order to fulfill that key foreign intelligence role for the country, CSEC is legally authorized to collect and analyze metadata.”

Metadata reveals a trove of information including, for example, the location and telephone numbers of all calls a person makes and receives — but not the content of the call, which would legally be considered a private communication and cannot be intercepted without a warrant.

“No Canadian communications were (or are) targeted, collected or used,” the agency says.

In the case of the airport tracking operation, the metadata apparently identified travelers’ wireless devices, but not the content of calls made or emails sent from them.

January 25, 2014

QotD: The US Constitution

Filed under: Humour, Liberty, Quotations — Tags: , , — Nicholas @ 11:31

SEEN ON FACEBOOK: “Maybe we should start emailing each other copies of the Constitution, so we can know that the government has read it.”

Glenn Reynolds, Instapundit, 2014-01-24.

January 15, 2014

President Obama’s speech shows his fear of “a backlash from national security agencies”

Filed under: Government, Liberty, USA — Tags: , , , , — Nicholas @ 09:38

Is the national security “tail” wagging the national “dog”?

President Obama will issue new guidelines on Friday to curtail government surveillance, but will not embrace the most far-reaching proposals of his own advisers and will ask Congress to help decide some of the toughest issues, according to people briefed on his thinking.

Mr. Obama plans to increase limits on access to bulk telephone data, call for privacy safeguards for foreigners and propose the creation of a public advocate to represent privacy concerns at a secret intelligence court. But he will not endorse leaving bulk data in the custody of telecommunications firms, nor will he require court permission for all so-called national security letters seeking business records.

The emerging approach, described by current and former government officials who insisted on anonymity in advance of Mr. Obama’s widely anticipated speech, suggested a president trying to straddle a difficult line in hopes of placating foreign leaders and advocates of civil liberties without a backlash from national security agencies. The result seems to be a speech that leaves in place many current programs, but embraces the spirit of reform and keeps the door open to changes later.

Emphasis mine.

The NSA’s rise to being the “centerpiece of the entire intelligence system”

Filed under: Government, Technology, USA — Tags: , , , — Nicholas @ 09:06

In Wired, Felix Salmon explains that “Quants don’t know everything”:

By now, nearly everyone from the president of the United States on down has admit­ted that the National Security Agency went too far. Documents leaked by Edward Snowden, the rogue NSA contractor who has since gained asylum in Rus­sia, paint a picture of an organization with access to seemingly every word typed or spoken on any electronic device, anywhere in the world. And when news of the NSA’s reach became public — as it was surely bound to do at some point — the entire US intelli­gence apparatus was thrust into what The New York Times recently called a “crisis of purpose and legitimacy.”

It was a crisis many years in the making. Over the course of three decades, the NSA slowly transformed itself from the nation’s junior spy agency to the centerpiece of the entire intelligence system. As the amount of data in the world doubled, and doubled again, and again, the NSA kept up with it — even as America’s human intelligence capability, as typified by old-fashioned CIA spies in the field, struggled to do anything useful with the unprecedented quantities of signals intelligence they had access to. Trained agency linguists capable of parsing massive quantities of Arabic- and Farsi-language intercepts don’t scale up nearly as easily as data centers do.

That, however, wasn’t the computer geeks’ problem. Once it was clear that the NSA could do something, it seemed inarguable that the agency should do it — even after the bounds of information overload (billions of records added to bulging databases every day) or basic decency (spying on allied heads of state, for example) had long since been surpassed. The value of every marginal gigabyte of high tech signals intelligence was, at least in theory, quantifiable. The downside — the inability to prioritize essential intelligence and act on it; the damage to America’s democratic legitimacy — was not. As a result, during the past couple of decades spycraft went from being a pursuit driven by human judgment calls to one driven by technical capability.

January 11, 2014

February 11th 2014 is The Day We Fight Back Against Mass Surveillance

Filed under: Government, Liberty, Media — Tags: , , , , — Nicholas @ 10:49

It may be only a token gesture, but mark 11 February on your calendar:

DEAR USERS OF THE INTERNET,

In January 2012 we defeated the SOPA and PIPA censorship legislation with the largest Internet protest in history. A year ago this month one of that movement’s leaders, Aaron Swartz, tragically passed away.

Today we face a different threat, one that undermines the Internet, and the notion that any of us live in a genuinely free society: mass surveillance.

If Aaron were alive, he’d be on the front lines, fighting against a world in which governments observe, collect, and analyze our every digital action.

Now, on the eve of the anniversary of Aaron’s passing, and in celebration of the win against SOPA and PIPA that he helped make possible, we are announcing a day of protest against mass surveillance, to take place this February 11th.

[…]

Anti-surveillance banner preview

We’re creating embeddable banners and widgets that you’ll be able to add to your site to encourage visitors to participate in the day of action. The photo above is just a draft — the final design is yet to come.

« Newer PostsOlder Posts »

Powered by WordPress