Archive | January, 2015

Cameron on surveillance: Collect it all!

Monday, British PM David Cameron passed yet another red line. Now, he wants the security services not only to collect all metadata about peoples telecommunications–but also the content.

The Guardian reports…

Speaking in Nottingham, he said the intelligence agencies need more access to both communications data – records of phonecalls and online exchanges between individuals – and the contents of communications. This is compatible with a “modern, liberal democracy”, he said.

No, Mr Cameron. In a liberal democracy you do not snoop on ordinary peoples communications. In a liberal democracy you trust the people.

In a liberal democracy the state is there to serve the citizens. Not the other way around.

The whole point of a liberal democracy is that you judge people based on their actions. Treating everybody as a suspect, as a potential wrongdoer is not the liberal way to go–it is the ultimate collectivism.

In a liberal democracy you respect the individual as a free citizen. You do not treat her as a serf.

/ HAX

The Guardian » | The Telegraph » | BBC »

Update: UK government could ban encrypted communications with new surveillance powers »

Update 2: Cory Doctorow – What David Cameron just proposed would endanger every Briton and destroy the IT industry »

1

ISPs to be dragged into the War on Terror?

Sunday, interior ministers from EU member states, EU Commissioner for Migration and Home Affairs Dimitris Avramopoulos, U.S. Attorney General Eric H. Holder Jr., U.S. Deputy Secretary of Homeland Security Alejandro Mayorkas, the minister of Public Safety of Canada Steven Blaney and European Counter-Terrorism Coordinator Gilles de Kerchove all met in Paris.

Their mission was to come up with a response to the Paris terror attacks.

“We reaffirm our unfailing attachment to the freedom of expression, to human rights, to pluralism, to democracy, to tolerance and to the rule of law: They are the foundation of our democracies and are at the heart of the European Union.”

OK. Thanks…

“We are concerned at the increasingly frequent use of the Internet to fuel hatred and violence and signal our determination to ensure that the Internet is not abused to this end, while safeguarding that it remains, in scrupulous observance of fundamental freedoms, a forum for free expression, in full respect of the law. With this in mind, the partnership of the major Internet providers is essential to create the conditions of a swift reporting of material that aims to incite hatred and terror and the condition of its removing, where appropriate/possible.”

Somehow, all the reassurances about fundamental rights–in this context–makes me a bit uneasy. From working in the European Parliament, I have learned that when something is wrapped up in this kind of language you should be on your guard.

What it all boils down to is to involve Internet service providers more in removing jihadist sites. It seems.

It’s unclear in what way this changes anything from today. If a site is illegal, normally it will be removed. Is the idea to cut out the judicial process from the operation? Or what?

Some of the wordings shows similarities to what has been discussed when it comes to copyright infringements. And in that setting, the purpose has been to make ISPs responsible for policing the net.

So, are they trying to make ISPs responsible for tracking down and censoring jihadist sites?

We don’t know. Yet.

The EU officials will continue their talks at the “informal” Justice and Home Affairs Council (JHA) in Riga on January 29. And it will be on the agenda at the next EU summit. Then, in February all the people from the Paris meeting will come together again, in the U.S..

Be vigilant. Before you know it ISPs might find themselves between a rock and a hard place. In the front line of the War on Terror.

/ HAX

DW: Data sharing, tighter EU outer border, urged at Paris talks »
Joint statement from the Paris meeting (PDF) »

2

Report suggest: NSA mass surveillance is a waste of resources (and will make us less safe)

We already know that–this far–NSA mass surveillance has led to no convictions of any actual terrorists in a U.S. court of law.

Now, an New America Foundation study (PDF) shows that the vast majority of terrorist investigations in the U.S. are initiated by information from other sources than NSA.

Only 1.8 per cent of terrorist investigations in the U.S. are initiated after “NSA Bulk Collection under Section 215”. 4.4 per cent after “NSA Surveillance Targeting Non-U.S. Persons under Section 702”. And 1.3 per cent after “NSA Surveillance under an Unknown Authority”.

Most investigations are conducted after tips from community and families, informants or traditional human intelligence and police work.

The report states…

“Surveillance of American phone metadata has had no discernible impact on preventing acts of terrorism and only the most marginal of impacts on preventing terroristrelated activity, such as fundraising for a terrorist group.”

Obvious to all, this do not correspond with the picture the U.S. administration is trying to sell to the public.

And it confirms that more information from mass surveillance (a bigger haystack) only will make a system already under information overload to work even worse…

“Finally, the overall problem for U.S. counterterrorism officials is not that they need vaster amounts of information from the bulk surveillance programs, but that they don’t sufficiently understand or widely share the information they already possess that was derived from conventional law enforcement and intelligence techniques.”

So it seems that shifting resources from traditional (human) intelligence and law enforcement work to automated mass surveillance might make us all less safe from terrorists.

But then again, this is not about terrorism. It’s about power and control.

/ HAX

Link: Do NSA’s Bulk Surveillance Programs Stop Terrorists? (PDF) »

3

What Snowden exposed was already known. But nobody cared.

In the blog post below, you can see a video from the 31c3 conference with Caspar Bowden. In the second part of his speech, he describes how he warned about specific mass surveillance issues long before Edward Snowden came along.

The Snowden files do, in essence, confirm everything Bowden warned us about.

The thing is–at the time, nobody cared.

The European Commission and the European Parliament was informed. But people didn’t take in the information. The information lay open for the media. But no journalists bothered. Bowden explained his findings for various net activist and civil rights groups–but nothing happened.

And I must admit that prior to the Snowden revelations, I my self had no idea that this information existed–even though I used to work in the European Parliament. I’m very interested in these issues, but I didn’t know what I didn’t know.

This points to an information and communication problem. Most of what’s going on is out there. You just have to know what to look for. And whom to listen to.

An important component in internet and civil rights activism is to simply take what’s already out there and make it understandable, to serve it up in digestible pieces. And to listen to the real experts, to find the golden nuggets in their extensive research material.

To hack politics to win, you must know. And you must be right. That is within reach–because politicians and bureaucrats often doesn’t care enough to do their homework.

/ HAX

0

Caspar Bowden @ 31c3: The Cloud Conspiracy

https://youtu.be/ijr0E6Lw4Nk

This is a very central talk at the 31c3 conference. Caspar Bowden gives us a thorough lecture on why US software and cloud services cannot be trusted, when it comes to NSA mass surveillance. He also tells the absolutely frustrating story about how he tried to make the EU (and civil society) understand the risks pre-Snowden. | Youtube »

3