Tag Archives: EFF

The Transparent Individual

x ray brain

By integrating data you want into the visual field in front of you Google Glass is meant to break down the distinction between looking at the screen and looking at the world. When switched on, its microphones will hear what you hear, allowing Glass to, say, display on its screen the name of any song playing nearby…It could also contribute a lot to the company’s core business. Head-mounted screens would let people spend time online that would previously have been offline. They also fit with the company’s interest in developing “anticipatory search” technology—ways of delivering helpful information before users think to look for it. Glass will allow such services to work without the customer even having to reach for a phone, slipping them ever more seamlessly into the wearer’s life. A service called Google Now already scans a user’s online calendar, e-mail and browsing history as a way of providing information he has not yet thought to look for. How much more it could do if it saw through his eyes or knew whom he was talking to…

People may in time want to live on camera in ways like this, if they see advantages in doing so. But what of living on the cameras of others? “Creep shots”—furtive pictures of breasts and bottoms taken in public places—are a sleazy fact of modern life. The camera phone has joined the Chinese burn in the armamentarium of the school bully, and does far more lasting damage. As cameras connect more commonly, sometimes autonomously, to the internet, hackers have learned how to take control of them remotely, with an eye to mischief, voyeurism or blackmail.  More wearable cameras probably mean more possibilities for such abuse.

Face-recognition technology, which allows software to match portraits to people, could take things further. The technology is improving, and is already used as an unobtrusive, fairly accurate way of knowing who people are. Some schools, for example, use it to monitor attendance. It is also being built into photo-sharing sites: Facebook uses it to suggest the names with which a photo you upload might be tagged. Governments check whether faces are turning up on more than one driver’s licence per jurisdiction; police forces identify people seen near a crime scene. Documents released to the Electronic Frontier Foundation, a campaign group, show that in August 2012 the Federal Bureau of Investigation’s “Next Generation Identification” database contained almost 13m searchable images of about 7m subjects.

Face recognition is a technology, like that of drones, which could be a boon to all sorts of surveillance around the world, and may make mask-free demonstrations in repressive states a thing of the past. The potential for abuse by people other than governments is clear, too…In America, warrants to seize user data from Facebook often also request any stored photos in which the suspect has been tagged by friends (though the firm does not always comply). Warrants as broad as some of those from which the National Security Agency and others have benefited in the past could allow access to all stored photos taken in a particular place and time.

The people’s panopticon, Economist,  Nov. 16, 2013, at 27

Web Mining and Beyond: FBI against Internet Freedom

Google-Says-the-FBI-Is-Secretly-Spying-on-Some-of-Its-Customers

National Security Letters [NSLs] are written demands from the FBI that compel internet service providers, credit companies, financial institutions and others to hand over confidential records about their customers, such as subscriber information, phone numbers and e-mail addresses, websites visited and more.  NSLs are a powerful tool because they do not require court approval, and they come with a built-in gag order, preventing recipients from disclosing to anyone that they have even received an NSL. An FBI agent looking into a possible anti-terrorism case can self-issue an NSL to a credit bureau, ISP or phone company with only the sign-off of the Special Agent in Charge of their office. The FBI has to merely assert that the information is “relevant” to an investigation into international terrorism or clandestine intelligence activities.

The lack of court oversight raises the possibility for extensive abuse of NSLs under the cover of secrecy, which the gag order only exacerbates. In 2007 a Justice Department Inspector General audit found that the FBI had indeed abused its authority and misused NSLs on many occasions. After 9/11, for example, the FBI paid multimillion-dollar contracts to AT&T and Verizon requiring the companies to station employees inside the FBI and to give these employees access to the telecom databases so they could immediately service FBI requests for telephone records. The IG found that the employees let FBI agents illegally look at customer records without paperwork and even wrote NSLs for the FBI.

The first challenge to NSLs occurred around an NSL that was sent in 2005 to Library Connection, a consolidated back office system for several libraries in Connecticut. The gag order was challenged and found to be unconstitutional because it was a blanket order and was automatic. As a result of that case, the government revised the statute to allow recipients to challenge the gag order. .  Now companies can simply notify the FBI in writing that they oppose the gag order, leaving the burden on the FBI to prove in court that disclosure of an NSL would harm a national security case. The case also led to changes in Justice Department procedures. Since Feb. 2009, NSLs must include express notification to recipients that they have a right to challenge the built-in gag order that prevents them from disclosing to anyone that the government is seeking customer records.

Few recipients, however, have ever used this right to challenge the letters or gag orders.

When recipients have challenged NSLs, the proceedings have occurred mostly in secret, with court documents either sealed or redacted heavily to cover the name of the recipient and other identifying details about the case.

On March 2013  U.S. District Judge Susan Illston (California) ordered the government to stop issuing so-called NSLs across the board, in a stunning defeat for the Obama administration’s surveillance practices. She also ordered the government to cease enforcing the gag provision in any other cases. However, she stayed her order for 90 days to give the government a chance to appeal to the Ninth Circuit Court of Appeals.

“We are very pleased that the Court recognized the fatal constitutional shortcomings of the NSL statute,” said Matt Zimmerman, senior staff attorney for the Electronic Frontier Foundation, which filed a challenge to NSLs on behalf of an unknown telecom that received an NSL in 2011. “The government’s gags have truncated the public debate on these controversial surveillance tools. Our client looks forward to the day when it can publicly discuss its experience.”  The telecommunications company received the ultra-secret demand letter in 2011 from the FBI seeking information about a customer or customers. The company took the extraordinary and rare step of challenging the underlying authority of the National Security Letter, as well as the legitimacy of the gag order that came with it.

After the telecom challenged the NSL, the Justice Department took its own extraordinary measure and sued the company, arguing in court documents that the company was violating the law by challenging its authority.

In her ruling, Judge Illston agreed with EFF, saying that the NSL nondisclosure provisions “significantly infringe on speech regarding controversial government powers.”  She noted that the telecom had been “adamant about its desire to speak publicly about the fact that it received the NSL at issue to further inform the ongoing public debate” on the government’s use of the letters.  She also said that the review process for challenging an order violated the separation of powers. Because the gag order provisions cannot be separated from the rest of the statute, Illston ruled that the entire statute was unconstitutional.

Illston found that although the government made a strong argument for prohibiting the recipients of NSLs from disclosing to the target of an investigation or the public the specific information being sought by an NSL, the government did not provide compelling argument that the mere fact of disclosing that an NSL was received harmed national security interests.  A blanket prohibition on disclosure, she found, was overly broad and “creates too large a danger that speech is being unnecessarily restricted.” She noted that 97 percent of the more than 200,000 NSLs that have been issued by the government were issued with nondisclosure orders.

——

Number of NSLs Issued by FBI

2003——-39,346

2004——56,507

2005—–47,221

2006—-49,425

2007—-16,804

2008—-24,744

2009—14,788

2010—24,287

2011—16,511

(Source: DoJ reports)

She also noted that since the gag order on NSL’s is indefinite — unless a recipient files a petition with the court asking it to modify or set aside the nondisclosure order — it amount to a “permanent ban on speech absent the rare recipient who has the resources and motivation to hire counsel and affirmatively seek review by a district court.”

This case is remarkable for a number of reasons, among them the fact that a telecom challenged the NSL in the first place, and that EFF got the government to agree to release some of the documents to the public, though the telecom was not identified in them. The Wall Street Journal, however, used details left in the court records, and narrowed the likely plaintiffs down to one, a small San-Francisco-based telecom named Credo. The company’s CEO, Michael Kieschnick, didn’t confirm or deny that his company is the unidentified recipient of the NSL, but did release a statement following Illston’s ruling.

“This ruling is the most significant court victory for our constitutional rights since the dark day when George W. Bush signed the Patriot Act,” Kieschnick said. “This decision is notable for its clarity and depth. From this day forward, the U.S. government’s unconstitutional practice of using National Security Letters to obtain private information without court oversight and its denial of the First Amendment rights of National Security Letter recipients have finally been stopped by our courts.”

The case began sometime in 2011, when Credo or another telecom received the NSL from the FBI.EFF filed a challenge on behalf of the telecom.   In May that year on First Amendment grounds, asserting first that the gag order amounted to unconstitutional prior restraint and, second, that the NSL statute itself “violates the anonymous speech and associational rights of Americans” by forcing companies to hand over data about their customers.

The redacted documents don’t indicate the exact information the government was seeking from the telecom, and EFF won’t disclose the details. But by way of general explanation, Zimmerman said that the NSL statute allows the government to compel an ISP or web site to hand over information about someone who posted anonymously to a message board or to compel a phone company to hand over “calling circle” information, that is, information about who has communicated with someone by phone.

An FBI agent could give a telecom a name or a phone number, for example, and ask for the numbers and identities of anyone who has communicated with that person. “They’re asking for association information – who do you hang out with, who do you communicate with, [in order] to get information about previously unknown people.

“That’s the fatal flaw with this [law],” Zimmerman told Wired last year. “Once the FBI is able to do this snooping, to find out who Americans are communicating with and associating with, there’s no remedy that makes them whole after the fact. So there needs to be some process in place so the court has the ability ahead of time to step in on behalf of Americans

Excerpts, Kim Zetter, Federal Judge Finds National Security Letters: Unconstitutional, Bans Them, Wired,  Mar. 15, 2013