Privacy Groups Demand NSA Surveillance Shut-Down

The American privacy watchdog group, the Electronic Privacy Information Center (EPIC), has announced plans to file a petition to the USA’s Supreme Court to make the National Security Agency (NSA) stop gathering surveillance data on American citizens. EPIC announced their plans during a Restore the Fourth Rally urging the Supreme Courts to revoke authorisation of the spying programs run by the NSA.

“We believe the NSA’s collection of domestic communications contravenes the First and fourth Amendments of the United States Constitution, and violates several federal privacy laws, including the Privacy Act of 1974, and the Foreign Intelligence Surveillance Act of 1978 as amended,” the petition says.

The petition is a renewed response by EPIC after their earlier petition submitted on June 17th was ignored by the U.S government. With only 2000 signatures so far it is up to the American people to get behind the petition if they believe in the cause because the more people that do, the more the government is likely to listen.

Image courtesy of the People’s Cube

NSA Scandal Will Cost American Cloud Storage Industry Millions

Vice President of the European Commission, Neelie Kroes, has made some dire predictions for the American cloud storage industry according to Russia Today. Neelie Kroes believes that U.S cloud storage providers are now going to suffer steep losses of revenue thanks to revelations about the NSA’s extensive spying programs.

“If businesses or governments think they might be spied on, they will have less reason to trust cloud, and it will be cloud providers who ultimately miss out…Why would you pay someone else to hold your commercial or other secrets if you suspect or know they are being shared against your wishes?”

He then went on to say he believes the scandal could cost the U.S cloud storage industry dearly with “multi-billion euro” consequences.

“It is often American providers that will miss out, because they are often the leaders in cloud services. If European cloud customers cannot trust the United States government, then maybe they won’t trust US cloud providers either. If I am right, there are multibillion-euro consequences for American companies. If I were an American cloud provider, I would be quite frustrated with my government right now.”

With the NSA’s PRISM program giving them unprecedented access to internet data and their spying activities covering emails, phone calls and numerous other things companies do not  feel safe operating in the USA.  This is hardly surprising and we may even see an exodus of U.S cloud storage companies from the USA to other countries in an attempt to prevent loss of earnings.

Image courtesy of Adaptivity Labs

NSA Leaks Have Seen Business For Swiss Data Centers Boom

The NSA spying scandal has heightened concerns across the world about data integrity. Businesses and private individuals are queuing up in abundance to move their files and servers to Swiss Data Centers. Companies like Artmotion, Switzerland’s biggest offshore hosting company, has reported that it is seeing a rapid increase in revenues this year as people look to take advantage of data anonymity in Switzerland.

Artmotion’s secure data services are only subject to Swiss law which states that only a warrant proving criminal intent or liability is enough to allow anyone access to the data except the owners. In the USA and the EU the governments can gain access to any data, sometimes without any paperwork, and in most cases warrants issued do not have to prove any intent or liability just that the data is needed for an ongoing investigation by government authorities.

It is expected that cloud-based European and North American data hosting services will suffer at the hands of the recent NSA scandal that has left businesses and individuals worrying about who can access their data. While the dubious nature of the data Switzerland’s cloud storage hosts may be called into question, at least people know their data will be safe. Switzerland has a long history of protecting people’s privacy, money and data. The “Swiss Bank Account” is probably the most commonly held association with Switzerland.

Image courtesy of ArtMotion

UK Information Commissioner Deals Google A Privacy Policy Ultimatum

The UK’s Information Commissioner’s Office  have given Google an ultimatum on its private policy. Google has until September 20th 2013 to make several changes to its privacy policy to make it compliant with the UK data protection act.

“In particular, we believe that the updated policy does not provide sufficient information to enable UK users of Google’s services to understand how their data will be used across all of the company’s products” stated the UK’s ICO in their full report.

To amend this lack of compliance Google must:

“amend their privacy policy to make it more informative for individual service users. Failure to take the necessary action to improve the policies compliance with the Data Protection Act by 20 September will leave the company open to the possibility of formal enforcement action.”

Google has already previously stated on several occasions that it believes it complies fully with EU regulations and laws. Google has already ignored many requests from EU data agencies in the past and I wonder how different that will be in the case of the UK.

I am certainly hoping that there will be some strong disciplinary actions in place if Google do not respect to data regulations of the UK by refusing to comply with the request.

There are currently eight principles of the UK’s data protection act which are to make sure personal information is:

  • Fairly and lawfully processed
  • Processed for limited purposes
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than is necessary
  • Processed in line with your rights
  • Secure
  • Not transferred to other countries without adequate protection

Image courtesy of The Verge

Head Of U.S National Intelligence ApologisesTo Congress For Lying

While more and more data is revealed about NSA surveillance programs, senior U.S intelligence and surveillance officials are being exposed and held accountable for things said in the past. James Clapper is the head of the U.S national intelligence and during a hearing in March (well before the NSA PRISM program was compromised by Edward Snowden) he stated that the NSA was not collecting data on millions of Americans. Now with the PRISM leaks clearly proving the total opposite, James Clapper has sent a letter to the U.S congress apologising for his answer which was “clearly erroneous”

James Clapper stated that he misunderstood the question and didn’t realise they were discussing metadata not content data. Furthermore he said he could not answer the question fully due to the classified nature of the programs in question. He then stated that he answered the questions in the “least untruthful” manner possible given the constraining circumstances he was under.

Since all the leaks occurred the U.S government has now taken steps to declassify much of the information surrounding data collection and expect backtracking from a few more high ranking officials as the legal restrictions are lifted.

Image courtesy of REUTERS/Kevin Lamarque

EU Demands Full Clarification Of NSA Spying On Europe

More and more revelations over the NSA spying saga are revealed every day and most journalists who were leaked information by Edward Snowden have barely made it 10% off the way through the fifty or so slides. The latest ones revealed that the NSA had been spying on EU diplomants in Washington, New York and Brussels.

Martin Schulz, President of the European Parliament, stated that:

I am deeply worried and shocked about the allegations of US authorities spying on EU offices…If the allegations prove to be true, it would be an extremely serious matter which will have a severe impact on EU-US relations.”

Furthermore he went on to demand full clarification about the allegations from the US authorities on behalf of the European parliament. Addditionally Viviane Reding, EU Commissioner for Justice, stated that:

“Partners do not spy on each other…We cannot negotiate over a big transatlantic market if there is the slightest doubt that our partners are carrying out spying activities on the offices of our negotiators”

This would suggest that unless the USA provides accurate and truthful answers there could be huge foreign relations implications between the EU and the USA. Who knows we might even see Edward Snowden offered political asylum within Europe. A German politician (Juergen Trittin, German parliamentary leader and candidate for chancellor of the Greens) has been quoted as saying he could legally be offered political asylum and that he doesn’t need to seek political asylum in “despotic countries” – probably referring to Ecuador and Venezuela.

Image courtesy of capreform.eu

Microsoft Asks To Be Able To Disclose FISA Requests

We’ve already seen the likes of Apple, Facebook, Google and Microsoft release some data about government requests. Yet now Microsoft is taking things one step further and it says it wants permission to be able to release information about data requests made under the FISA legislation. Previously Microsoft and other companies had only been able to release information about general government requests in an aggregated figure. Allowing it to release FISA information would be a breakdown of that aggregation though the FISA data would still be aggregated to a certain extent.

Under current rules companies can only reveal FISA requests if lumped together with all other government requests including those for legal and criminal investigations.

“To promote additional transparency concerning the government’s lawful access to Microsoft’s customer data, Microsoft seeks to report aggregate information about FISA orders and FAA directives separately from all other local, state and federal law enforcement demands” Microsoft said in a motion that it submitted to the US Courts.

It is good to see Microsoft pushing on ahead to reveal the extent of FISA surveillance it has been subjected to and what’s more if Microsoft are successful we could see other big companies follow suit using the same ruling.

Image courtesy of Nethope.org

Russian Human Rights Officials Say Snowdon Deserves Political Asylum

The fallout from the PRISM scandal continues and Russian Human Rights officials are the latest political figures to have their say. The head of Russia’s top official Human Rights body, Mikhail Fedotov – pictured above, has told the press that he believes Edward Snowden deserves political asylum.

He must be granted protection regardless of national borders. And this does not apply only to Mr Snowden’s story – this applies to Wikileaks founder Julian Assange, and many other people, including journalists – Russian and foreign – who disclose secrets in order to warn the society against dangers…Because of such people we become stronger and the special and diplomatic services must become smarter and understand what can be done in the modern transparent world and what cannot

Furthermore a second member of the Russia Presidential Council for Human Rights, Kirill Kabanov, was quoted as speaking to the ITAR-TASS news agency and he had some similar sentiments to make about Edward Snowden’s predicament:

It goes without saying that Snowden acted as a Human Rights advocate but right now the US authorities are very resolute in their intention to punish him. My opinion is that we should take a very precise position – no handover”

Additionally, Russian Lower House committee member for foreign affairs, Aleksey Pushkov, defended Snowden along with Assange and Manning as new dissidents:

Assange Manning and Snowden were not spies, they did not disclose classified information for money, but did so because of their beliefs. They are new dissidents, fighters against the system

It looks as if the public and political support for Edward Snowden exists in Russia, and in a lot of other countries. It would be a most surprising turn of events if Edward Snowden was not granted political asylum. It is possible he could even get such an offer in Russia.

Image courtesy of Mail.com

NSA Boss Says He Knows Nothing About WikiLeaks

With the actions of the NSA exposed by now world-famous whistleblower Edward Snowden the NSA have been trying to calm the storm with a lot of public statements. The latest rather laughable statement is from the NSA director general Keith Alexander who has stated that he and his organisation do not know who WikiLeaks are. During an interview he was asked for his opinion on WikiLeaks and he stated that “I really don’t know who WikiLeaks are, other than this Assange person”.

If you consider how much of an offensive the U.S government has launched against WikiLeaks since they revealed several top secret documents about the American government and military it comes as quite a surprise that the NSA’s Director General would deny knowing anything about them. Several U.S government agencies are currently investigating WikiLeaks for illegal actions and the NSA is almost certainly one of them.  I wonder how long it will be before the NSA are forced to become more transparent instead of being able to continuously lie and withhold information from the public domain.

Image courtesy of Keith Alexander

UK’s Liberty Organisations Demands Investigation Into Legality Of UK Intelligence Services

The ramifications of the leaks about the NSA made by Edward Snowden have had international coverage. In the UK the organisation “Liberty”, that protects human rights and civil liberties, is the first UK organisation to place a legal proceeding based on data published by Snowden.

It was recently revealed that the British Spy organisation, the GCHQ, has been spying on not only UK citizens but most of the world’s internet under a program dubbed “Mastering The Internet [MIT]”. More broadly NSA documents reveal that the UK’s GCHQ has been working closely with the NSA sharing data in a secret program called Tempora. With the UK’s GCHQ intercepting so much data about UK and global citizens it was only a matter of time before someone demanded an investigation.

Liberty have submitted a request to the investigatory powers tribunal which defines the legal parameters of British law enforcement and intelligence agencies. Liberty have demanded that the tribunal determine whether British intelligence services have been using PRISM and/or Tempora to gather information.

Image courtesy of Liberty

One Of The Internet’s Founders Says The Internet Must Be Protected From Exploitation

Sir Tim Berners-Lee, one of founders of the internet and the first man to successful run the HTTP protocol, believes that the internet needs to be protected from governments and large corporations. This is the second warning made by Berners-Lee as he made a similar statement shortly after information about the NSA’s PRISM program was leaked. The Guardian reports that Sir Tim Berners-Lee had the following to say about the internet and its future:

“The original design of the web of 24 years ago was for a universal space, we didn’t have a particular computer in mind or browser, or language. When you make something universal, it can be used for good things or nasty things… we just have to make sure it’s not undercut by any large companies or governments trying to use it to get total control”

Furthermore he has also previously stated that “Unwarranted government surveillance is an intrusion on basic human rights that threatens the very foundations of a democratic society” something that I am sure we can all agree on. The internet should be a free resource for the entire world to be able to access without fear of privacy violations, surveillance or exploitation.

Image courtesy of Wired.co.uk

Google Given 35 Days In UK To Delete Street View WiFi Data

Back in March Google was fined just $7 million in the USA for stealing WiFi data whilst conducting its street view scanning of American cities. Now Google is facing similar problems in the UK where it is has been told by the UK’s Information Commissioner’s Office that it has just 35 days to delete any remaining data “mistakenly” collected for its Street View service. If it doesn’t successfully manage to do that then it will face fully fledged criminal proceedings by the UK government.

Unlike in the USA Google will not be facing a fine in the UK because what Google have done did not cause enough detriment to individuals to justify a fine. Despite the collection of data about unprotected WiFi networks being dubbed mistaken and accidental, a Google engineer had actually written such a task into the algorithm of the Street View cameras. Furthermore, at least two other Google employees knew about what the Street View process was harvesting and this process was happening in 30 other countries. Though Google claims such instructions were not set at corporate level and the data was not looked at or used, which the court believed.

So yet again it looks like Google will walk away with noting more than a slap on the wrists in the UK to what can be described as a huge violation of privacy at a national level. In fact while people bash the U.S government and their collaborators for the PRISM program maybe it’s about time we took a closer look at the actions of Google as they are not exactly sin-free when it comes to exploiting privacy.

Image courtesy of WikiMedia

British Spy Agency Worse Than The NSA, Monitors Huge Amounts Of Internet Traffic

 

You thought the NSA were bad right? – Tapping into the internet data of Americans in the name of fighting terrorism and national security. The NSA’s British equivalents, the GCHQ, are apparently much worse according to a report by the Guardian. The GCHQ, or Government Communication Head Quarters of the United Kingdom is able to redirect and process all the data that comes through internet fibre optic cables and this allows it to monitor most internet traffic around the world.

The GCHQ taps into 200 fibre optic cables in and around the UK and these cables link Europe, Africa, the Middle East and India to the internet, meaning the GCHQ can monitor most of the world. The GCHQ has the capability of monitoring up to 46 of the 200 cables at any one time in near real time speeds – considering each cable has a throughput of about 10 gigabits a second this is very impressive, but worrying at the same time.

And if that all wasn’t bad enough the GCHQ is reportedly expanding surveillance operations at an alarming rate and any ISPs and Telecommunications companies that do not come on-board voluntarily are forced to do so by court orders and gagged about releasing public information by court orders too. What’s more the GCHQ shares almost all of its data between the Five Eyes intelligence alliance (USA, UK, Canada, Australia and New Zealand) and everything with the NSA who actually helps the GCHQ organise their mass amounts of data.

Image courtesy of the Guardian

Facebook Bug Exposes Data Of 6 Million Users

Facebook revealed in a security update announcement that a bug had made the data of six million users vulnerable. Apparently it was possible to use Facebook’s data export tool to reveal six million email addresses and usernames.Facebook says the data was not widely leaked and the data only reached a handful of people most of which would of known a lot of people on the list of exposed data as it was based on contact data similarities.

Normally Facebook asks you to import contact data from other social networks, email or your phone and then this would be stored privately and securely from the main user data. At no stage should the data be shared with anyone and is only meant for use in a people-data matching algorithm. Yet somehow the data did get stored to some people’s accounts and Facebook was made aware of the bug in its “White Hat” program which offers up cash sums for finding bugs and exploits in the website.

“We’ve concluded that approximately 6 million Facebook users had email addresses or telephone numbers shared. There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals. This means, in almost all cases, an email address or telephone number was only exposed to one person. Additionally, no other types of personal or financial information were included and only people on Facebook – not developers or advertisers – have access to the DYI tool.”

Image courtesy of Facebook

Microsoft Follows Facebook In Releasing Government Request Data To The Public

Microsoft, Google and Facebook all joined together recently to demand more transparency about government data requests and being able to reveal details of these to their user base. Facebook recently revealed that it had to release data on some some 19,000 individuals at the legal request of the American government. Yet it was disappointed by being relatively constrained in what data it could release, it was still unable to release details on secret/spy requests that everyone really wants to know about.

Microsoft finds itself in a more or less identical situation as it has been given permission to reveal basic details about government data requests, although nothing on spy requests. Microsoft revealed it received between 6000 and 7000 criminal and national security warrants. It received a further 31,000 to 32,000 subpoenas and orders on consumer accounts. All of this took place in the last 6 months of 2012.

Essentially Microsoft has been able to clump national security with criminal warrants. National security warrants would mean anything to do with PRISM or FISA so we know that the U.S government made less than 7000 PRISM or FISA data requests to Microsoft. Obviously if you account for the criminal warrants then the PRISM/FISA requests are probably much smaller, I would hazard a guess at less than 1000, but we cannot truly know until Microsoft publish (or are allowed to publish) the details.

Microsoft’s statement read:

“This afternoon, the FBI and DOJ have given us permission to publish some additional data, and we are publishing it straight away. However, we continue to believe that what we are permitted to publish continues to fall short of what is needed to help the community understand and debate these issues. We are permitted to publish data on national security orders received (including, if any, FISA Orders and FISA Directives), but only if aggregated with law enforcement requests from all other U.S. local, state and federal law enforcement agencies; only for the six-month period of July 1, 2012 thru December 31, 2012; only if the totals are presented in bands of 1,000; and all Microsoft consumer services had to be reported together”

While Microsoft is jumping on the privacy bandwagon let us not forget that Microsoft is accused of using its Skype VoIP service to spy on its users, monitor their calls and scan their text chats. In fact this is why Skype has been so wrapped up in the PRISM program because the opportunity to voice chat spy on millions of users has clearly been very useful to the NSA.

Image courtesy of Microsoft

NSA Has Code Running In the Linux Kernel And Android

The saying “how deep does the rabbit hole go” has never been more appropriate with regards to NSA speculation as everyday people seem to pull up something new. With the USA’s National Security Agency, or NSA, in the spotlight recently over the whole PRISM saga, it seems to have made pretty big news everywhere. Now it emerges that the NSA has code running in both the Linux Kernel and in Android. Though this isn’t anything new, as it has been known since 2003, it has only just come to mainstream public attention.

The NSA had an active role in developing SELinux, that is security enhanced Linux. I am sure it won’t be long before sceptics pull the “Surveillance enhanced Linux” out of the bag.

The SELinux project was merged into the Linux Kernel back in 2003 meaning it is present in all Android and Linux distributions available today. The tool is an implementation of mandatory access controls for the Linux distribution. It is described below:

SELinux is a security enhancement to Linux which allows users and administrators more control over access control.

Access can be constrained on such variables as which users and applications can access which resources. These resources may take the form of files. Standard Linux access controls, such as file modes (-rwxr-xr-x) are modifiable by the user and the applications which the user runs. Conversely, SELinux access controls are determined by a policy loaded on the system which may not be changed by careless users or misbehaving applications.

SELinux also adds finer granularity to access controls. Instead of only being able to specify who can read, write or execute a file, for example, SELinux lets you specify who can unlink, append only, move a file and so on. SELinux allows you to specify access to many resources other than files as well, such as network resources and interprocess communication (IPC).

Not being a very Linux educated person I can’t really comment on the likelihood of SELinux being a backdoor. However, I can point out that people have speculated SELinux is an NSA backdoor to all Linux and Android devices. On the other hand other people have rubbished those claims stating that with Linux being an open source operating system there is no way such a backdoor could have existed unnoticed. Furthermore all source code for the NSA’s SELinux project is open source and available for examination.

What are your thoughts on this?

Image courtesy of Linux

Facebook Released 19,000 Users Data To Spy Requests From The American Government

A couple of days ago we told you that Facebook, Microsoft and Google were demanding permission to reveal spy requests. Today Facebook claimed a minor victory in being able to partially reveal some information about American government data requests. In the last 6 months of 2012 the U.S government made some 9000 to 10000 requests to get information for around 18000-19000 users.

Facebook had previously denied any involvement in PRISM as they were bound by law not to say anything but now they have been granted permission they were able to disclose these details. However, this data isn’t that useful to us as it is aggregated heavily. This means it is difficult to dinstinguish between the type of requests and at what level of government they occurred. Obviously a lot of people are more interested in Federal enquiries of a more “spy-like” nature.

Facebook is still currently pursuing permission to release data on how many secret requests that had to respond to. Apparently Facebook only complied with around 79% of government requests. In the grand scheme of things this data collection on 19,000 people out of Facebook’s 1.1 billion users is pretty insignificant, although in my opinion it is still 19,000 people too many given that none of the individuals were contacted for permission to have their data investigated.

What are your thoughts on Facebook’s data requests?

Image courtesy of Facebook

“StopWatching.Us” Passes 100,000 Signatures Already

We brought you the news that Mozilla and others had launched their “StopWatching.Us” campaign just a few days ago and it has already managed to achieved 100,000 signatures of support in quite a short space of time. The marks the beginning of what could be a long and draw out battle between activists in the USA and the government.

The “StopWatching.Us” campaign was launched by Mozilla and a very long list of other important individuals and organisations. As of writing the campaign currently has around 120,000 signatures – a number that is rising rapidly every hour. With just over 48 hours passed and 120,000 signatures progress is looking pretty good for the campaign but no doubt much more is needed before the political clout exists to challenge the U.S government.

The whole PRISM scandal has really put liberty back on the public agenda and the quick pace of change is largely reflective of the general outrage of a large proportion of the American population.

Currently the “StopWatching.Us” organisation is firmly pressing ahead with enlisting more support and challenging the U.S government. You can read their full letter to the U.S congress below or check out the site here.

Dear Members of Congress,

We write to express our concern about recent reports published in the Guardian and the Washington Post, and acknowledged by the Obama Administration, which reveal secret spying by the National Security Agency (NSA) on phone records and Internet activity of people in the United States.

The Washington Post and the Guardian recently published reports based on information provided by an intelligence contractor showing how the NSA and the FBI are gaining broad access to data collected by nine of the leading U.S. Internet companies and sharing this information with foreign governments. As reported, the U.S. government is extracting audio, video, photographs, e-mails, documents, and connection logs that enable analysts to track a person’s movements and contacts over time. As a result, the contents of communications of people both abroad and in the U.S. can be swept in without any suspicion of crime or association with a terrorist organization.

Leaked reports also published by the Guardian and confirmed by the Administration reveal that the NSA is also abusing a controversial section of the PATRIOT Act to collect the call records of millions of Verizon customers. The data collected by the NSA includes every call made, the time of the call, the duration of the call, and other “identifying information” for millions of Verizon customers, including entirely domestic calls, regardless of whether those customers have ever been suspected of a crime. The Wall Street Journal has reported that other major carriers, including AT&T and Sprint, are subject to similar secret orders.

This type of blanket data collection by the government strikes at bedrock American values of freedom and privacy. This dragnet surveillance violates the First and Fourth Amendments of the U.S. Constitution, which protect citizens’ right to speak and associate anonymously, guard against unreasonable searches and seizures, and protect their right to privacy.

We are calling on Congress to take immediate action to halt this surveillance and provide a full public accounting of the NSA’s and the FBI’s data collection programs. We call on Congress to immediately and publicly:

  1. Enact reform this Congress to Section 215 of the USA PATRIOT Act, the state secrets privilege, and the FISA Amendments Act to make clear that blanket surveillance of the Internet activity and phone records of any person residing in the U.S. is prohibited by law and that violations can be reviewed in adversarial proceedings before a public court;
  2. Create a special committee to investigate, report, and reveal to the public the extent of this domestic spying. This committee should create specific recommendations for legal and regulatory reform to end unconstitutional surveillance;
  3. Hold accountable those public officials who are found to be responsible for this unconstitutional surveillance.

Thank you for your attention to this matter.

Sincerely,

Image courtesy of the EFF

NSA Director Claims They Stopped Dozens Of Attacks With PRISM

General Keith Alexander is the head of the American National Security Agency. You can only imagine how much pressure he has come under recently due to the emergence of the PRISM scandal and he was recently brought before Congress to defend the PRISM program.

General Alexander stood before the U.S congress and talked about how PRISM had helped them defend against dozens of possible terrorist attacks. He went on to say that the exposure of the PRISM program has compromised national security as well as the security of other countries.

“It’s dozens of terrorist events that these have helped prevent. Both here and abroad, in disruption or contributing to the disruption of terrorist attacks,”

Furthermore he backed up the head of National Intelligence, James Clapper, by saying that the leaks in the media had jeopardised the safety of the United States and its allies.

“Great harm has already been done by opening this up. There is no doubt in my mind that we will lose capabilities as a result of this and that not only the United States but those allies that we have helped will no longer be as safe as they were two weeks ago”

What are your thoughts on his comments? To me it sounds like the U.S Government is stuck between a rock and a hard place. Does it relax surveillance programs and potentially risk being blamed for not stopping future terrorist attacks? Or does it maintain surveillance programs to combat terrorism but continue to face intense opposition and lobbying from the public against the surveillance?

Image courtesy of the EFF

Facebook, Microsoft & Google Demand Permission To Reveal Spy Requests

In the wake of being subject to bad press due to the whole “PRISM” data collection scandal, Facebook, Microsoft and Google have all been adamant to get permission to reveal details of secret FISA (foreign intelligence surveillance act) requests, according to Softpedia. This is because Facebook, Microsoft and Google want to be transparent about the fact they are being forced to give data over to the unconstitutional FISA requests. You could also argue there is in an attempt to cash in on some good press while everyone bashes the U.S government and the NSA.

While Microsoft has questioned the privacy practices of Google in the past, it is nice to see three leading “internet” based corporations leading the way against PRISM. The U.S government still maintains that all its surveillance, including but not limited to the Verizon scandal, is constitutional under the Patriot Act. Although what’s ironic is that the writer of the Patriot Act, James Sensenbreener, has claimed the U.S government is exploiting an “overbroad interpretation of the Act”.

It would certainly be interesting to see how many requests these companies have been forced to respond to, but it seems unlikely this information will ever get the go ahead unless the U.S government is put under more pressure. What are your thoughts on Facebook, Microsoft and Google demanding transparency?

Image courtesy of ComputerWorld.com

“StopWatching.Us” Demands Mozilla, the EFF and 84 Others

For those of you who have been paying attention to the news recently you will have seen the entire National Security Agency “PRISM” scandal emerge in the USA, with international rammifications. To cut a long story short, a whistleblower, Edward Snowden, leaked lots of details about the U.S governments PRISM operation that essentially allows it to spy on anyone it wants using warrant from the Patriot Act. Big companies like Facebook, Skype, Microsoft, Google and so on have reportedly been involved as the U.S government forces them to release details on people when they want them for surveillance purposes.

In the wake of this we are seeing a PIPA and SOPA-esque style retaliation from the Internet community and the latest move is the creation of the domain www.stopwatching.us. This new website/organisation has been launched by the Mozilla corporation and is designed to expose the abuses of power by the American government and all the latest news on surveillance, PRISM and other important issues. Currently it boasts 86 members such as the Electronic Frontier Foundation,  Consumer Watchdog, World Wide Web Foundation, Greenpeace USA and the Media Alliance to name but a few.

The StopWatching.Us organisation have cosigned a letter to the U.S government and congress asking for action to be taken over the NSA PRISM spy program and they also want reforms to key acts such as the Patriot Act and the FISA Amendement Act. You can get details of it here.

What are your thoughts on the whole PRISM and NSA “scandal”?

Image courtesy of the EFF

Verizon: No More Privacy For Customers

NSA or National Security Agency, is invading the privacy of millions of Americans. A top secret document seems to have been leaked and The Guardian was able to get their hands on it, and share it with us. The document can be found HERE. The document appears to have been put into effect on April 25th, and to stay active until June 19th. The information on this court order isn’t suppose to be declassified until 2038, yes you read that right, 2038

When I first read about NSA requiring Verizon to fork over tons of data I started trying to figure out what was going on, personally I do not use Verizon, and I have no idea why Verizon would be targeted for this information, apparently there is something going on that we just don’t know. Below I have ripped apart the document and have tried to understand it, and make it more understandable to you, the reader.

The F.B.I. or Federal Bureau of Investigation and the NSA are working together to find terrorists, this order has been written up in pursuance of 50 U.S.C. § 1861: US Code – Section 1861: Access to certain business records for foreign intelligence and international terrorism investigations.

United States Foreign Intelligence Surveillance Court in Washington D.C. is “Requiring the production of tangible things from Verizon business network services.”

All call detail records or “telephony metadata” created by Verizon for calls between the United States and abroad, or within the United States. This order exempts Verizon from needing to provide communications that originate and terminate in foreign countries.

Telephony metadata includes:

  • Comprehensive communications routing information.
  • Including but not limited to session identifying information (e.g., originating and terminating telephone number
  • International Mobile Subscriber Identity (IMSI) number
  • International Mobile station Equipment Identity (IMEI) number, etc.)
  • Trunk identifier
  • Telephone calling card numbers
  • And time and duration of call.

Telephony metadata does not include:

  • Substantive content of any communication, as defined by 18 U.S.C. § 2510(8): “contents”, when used with respect to any wire, oral, or electronic communication, includes any information concerning the substance, purport, or meaning of that communication;
  • Name,
  • Address
  • Financial information of a subscriber or customer.

IT IS FURTHER ORDERED that no person shall disclose to any other person that the FBI or NSA has sought or obtained tangible things under this Order, other than to: (a) those persons to whom disclosure is necessary to comply with such Order; (b) an attorney to obtain legal advice or assistance with respect to the production of things in response to the Order; or (c) other persons as permitted by the Director of the FBI or the Director’s designee. A person to whom disclosure is made pursuant to shall be subject to the nondisclosure requirements applicable to a person to whom an Order is directed in the same manner as such person. Anyone who discloses to a person described in (a), (b), or (c) that the FBI or NSA has sought or obtained tangible things pursuant to this Order shall notify such person of the nondisclosure requirements of this Order. At the request of the Director of the FBI or the designee of the Director, any person making or intending to make a disclosure under (a) or (c) above shall identify to the Director or such designee the person to whom such disclosure will be made or to whom such disclosure was made prior to the request.

IT IS FURTHER ORDERED that service of this Order shall be by a method agreed upon by the Custodian of Records of Verizon and the FBI, and if no agreement is reached, service shall be personal.

Image Courtesy of WZZM13

Texas Protects Email Privacy With New Bill

The United States government keeps trying to do more and more with cyber-security. When I hear that a new bill is coming out, I immediately think that they are trying to take away more of our privacy. Every once in awhile we get to see the government protecting the people.

Of course I am one of those meticulous people, who like to make sure I have my facts straight, and a lot of the time it is difficult to verify, but with laws, it is really easy. There is a wall of text for this bill some of which has been edited out.

Texas bill (HB 2268)

Relating to search warrants issued in this state and other states for certain customer data, communications, and other related information held in electronic storage in this state and other states by providers of electronic communications services and remote computing services.

  1. INTRODUCED Mar 4, 2013
  2. PASSED HOUSE May 7, 2013
  3. PASSED SENATE May 22, 2013

The fourth step is for the governor of the State of Texas to sign or veto the bill. If they sign the bill, it will become law, if they veto the bill it will then go back to the drawing board.

Essentially it appears to be saying that email is going to be considered property, if we throw our email in the trash, does it then become fair game? Will email service providers give us the ability to “burn” our mail? Will the “LAW” have a loophole to get at our email without the proper paperwork?

This bill has moved fairly quickly, and I do not feel that it is right how bills are passed. The United States is a democracy, where the people get to decide and vote on what they want. Passing bills without a vote by the people places more of a dictatorship, in my humble opinion. Though this seems to be an update and more for protecting the people from the old law stating that emails over 180 days are able to be obtained by the “LAW” without proper procedure.

Source

Microsoft Xbox One: Kinect On/Off Switch

We all worry about privacy, and Microsoft has addressed our issue with the Xbox One monitoring our every movement and sound with Kinect. I think it is nice that you would be able to completely control your console with your voice. When I was an Apple user, I used the MacOS feature for voice command, which was really a nice feature. Though some people might be worried about Big Brother monitoring their conversations, or even watching them with the built in webcam. How many of us actually have conversations that we feel the need to have censored from prying eyes, I post most of my innermost thoughts directly to facebook.

Microsoft responded to an email sent to kotaku.com about the concerns of the users about Kinect constant monitoring.

“It does not have to be always connected, but Xbox One does require a connection to the Internet. We’re designing Xbox One to be your all-in-one entertainment system that is connected to the cloud and always ready. We are also designing it so you can play games and watch Blu-ray movies and live TV if you lose your connection.”

For those of you who already own a Xbox 360 paired up with the current Kinect model, you know that it has sensors and a microphone built-in. You might also be aware that you are able to turn on/off sensors and the microphone by entering the settings for the device.

Microsoft has also informed us that

“We are designing the new Kinect with simple, easy methods to customize privacy settings.”

If you were worried about the new Xbox One monitoring you, perhaps this will put your mind at ease. Now all you need to worry about is a hacker accessing your Xbox and turning your Kinect on and monitoring you.

Source

Xbox One And “Always Listening” Kinect Sparks Privacy Concerns

When Microsoft launched its Xbox One last week with the next generation Kinect sensor it was revealed that the Kinect sensor would always listen to the voices of people in the room it is in. This has caused officials from both Germany and Australia to come out and make public concerns about privacy.

Microsoft claim that the new always listening sensor is revolutionary because it responds to commands such as “Xbox On” and obviously it couldn’t do that if it wasn’t always listening. Yet Tim Vines, who is the director of Australia’s Civil Liberties organization, spoke with GamesFix about the always listening feature and isn’t very pleased about it. He says the device is a major breach of privacy and Xbox need to offer a feature to turn monitoring off. He says if Microsoft doesn’t do that then consumers should buy another console.

“People should have the ability to turn off the camera or microphone, even if it limits the functionality of the machine…Of course, if Microsoft doesn’t allow that, then people should vote with their wallets and skip the next Xbox.”

According to Australian law the Microsoft Xbox One meets the regulatory standards of a surveillance device. While in Germany Federal Data Protection Commissioner, Peter Schaar, has labelled the Xbox One console from Microsoft a “twisted nightmare”.

“The Xbox One continuously records all sorts of personal information about me. My reaction rates, my learning or emotional states. These are then processed on an external server, and possibly even passed on to third parties. The fact that Microsoft could potentially spy on my living room is merely a twisted nightmare”

Microsoft has yet to publicly comment and address any of these privacy concerns. What are your thoughts on the always listening Kinect?

Image courtesy of Microsoft

Microsoft Attacks Google, Says It Does Anything To Monetise Consumer Data

Image Credit -www.junkaria.com

Microsoft has been on a bit of an offensive recently making numerous adverts that attacked Apple for its Siri Technology and Google for its apparently “rubbish” Google Docs service. Now Microsoft have gone one step further by attacking Google for being a corporation that is apparently only driven by monetising its users data, at the expense of their privacy.

The harsh words were spoken by Microsoft Bing’s Senior Director Stefan Weitz who wrote a lengthy post about Google’s I/O conference. He made it clear that the company wants to monetise everything.

“They will be paying more attention to your location, analyzing your photos and turning them into animated gifs and they’d like some credit for their innovations while rarely mentioning that all this personal data collection gives them more opportunities to show you ads”

Naturally Weitz used this as an opportunity to praise Bing and Microsoft for protecting user data properly. Quite humorously he went on to describe Google as being like someone who doesn’t wear deodorant, clearly implying that Google’s policies stink.

“You know, for some folks – the bargain they strike with Google is fine. Just like personal space in an elevator, people have varying degrees of tolerance for how close another person gets to them, and varying degrees of comfort when that person is actually a corporation not wearing deodorant,”

All this is part of Microsoft’s “Scroogled” campaign which can be found here. Microsoft is attacking Google for violating privacy, and indeed Google has some very questionable practices. In comparison to Microsoft they give away and collect a lot of information for the purposes of increasing ad and app revenues.

The battle between these two tech giants is likely to rage on for some time yet, what are your thoughts on this? Does Microsoft have a point about Google’s (lack of) data protection and privacy policies? Or is this just a bitter feud between two rival companies?

Source, Via

Microsoft Study Suggests 16% Of Internet Users Don’t Care About Privacy

Privacy has been a hot topic of debate on the internet recently,  the likes of CISPA, PIPA, SOPA, ACTA and many other proposed internet legislation have threatened to impede on user privacy. This has provoked widespread debates between internet users about what is sensible and acceptable in terms of surveillance. A recent study by Microsoft of 4000 consumers in four different countries (UK, USA, Germany and France) reflects this growing privacy trend as 84% of consumers are concerned about their online privacy. However, this still leaves 16% who aren’t concerned at all about their online privacy.

In addition only 47% of people say they take action to protect their privacy online, meaning 53% take no action at all. This would suggest that many people who are concerned about their online privacy don’t know how to take action to protect it, or simply cannot be bothered to do so.

Microsoft also said UK consumers were more likely to take protection measures for their privacy compared to America, French and German internet users:

“In the U.K., consumers are most likely to take action: 51 percent of U.K. respondents say they are taking measures to protect their online privacy, followed by 48 percent in the U.S., 46 percent in France and just 44 percent in Germany” Microsoft said.

Microsoft’s full infographic can be seen below and it makes for very interesting reading.

Are you concerned by your internet privacy? Do you take measures to try and protect it?

 

Source, Via