Archive | April, 2016

What to learn from the Abdesalam fiasco

Surveillance should only be directed against people who are suspected of (or to commit) serious crimes.

Mass surveillance – of everyone – only creates a bigger haystack, more false positives, and hamper police and intelligence authorities in their efforts to identify real threats.

Take the Abdesalam brothers in the Paris attacks as an example…

Both were known to Belgian authorities; both were suspected to prepare “an irreversible act”. For years.

This is a case of sloppiness, lacking resources and being Belgian.

Belgium might be a dysfunctional mess, but the problem is the same in other countries. The more mass surveillance data, the more police officers gazing at computer screens – the less security and safety.

Authorities all over would need to get serious, pretty quickly. There is no room for public sector inefficiency when it comes to fighting terrorism. There is no room for incompetence and idleness.

And there are no (valid and publicly acceptable) reasons to replace human intelligence with mass surveillance of the entire population.

The Americans might do it. The Russians and Chinese also do it, for sure. But that is no reason that Europe should. This is exactly what makes our liberal democracy so special. In Europe, we trust ordinary and law-abiding people enough to keep out of their private lives.

The Paris attacks were very real, sad and terrifying. The Abdesalm brothers are very real terrorists. This reality underlines that we need other methods to protect us from danger rather than mass surveillance and data retention. We need wise and competent people, knowing what they are doing. If there are any.


• Link: Belgian police knew since 2014 that Abdeslam brothers planned ‘irreversible act’ »


Study: The surveillance state breeds fear and conformity and stifles free expression

A newly published study from Oxford’s Jon Penney provides empirical evidence for a key argument long made by privacy advocates: that the mere existence of a surveillance state breeds fear and conformity and stifles free expression. Reporting on the study, the Washington Post this morning described this phenomenon: “If we think that authorities are watching our online actions, we might stop visiting certain websites or not say certain things just to avoid seeming suspicious.”

The Intercept: New Study Shows Mass Surveillance Breeds Meekness, Fear, and Self-Censorship »


The haystack dilemma

Binney said that an analyst today can run one simple query across the NSA’s various databases, only to become immediately overloaded with information. With about four billion people — around two-thirds of the world’s population — under the NSA and partner agencies’ watchful eyes, according to his estimates, there is too much data being collected.

“That’s why they couldn’t stop the Boston bombing, or the Paris shootings, because the data was all there,” said Binney. Because the agency isn’t carefully and methodically setting its tools up for smart data collection, that leaves analysts to search for a needle in a haystack.

ZDNet: NSA is so overwhelmed with data, it’s no longer effective, says whistleblower »


A closer look at Hacking Team

Here is an interesting piece in Foreign Policy: Fear this man »

It’s about the Italian firm Hacking Team and its founder and CEO, David Vincenzetti. The article gives an interesting and chilling glimpse into the commercial side of providing governments with IT tools for surveillance – that also is being used by authoritarian regimes for oppression and disinformation.

“Privacy is very important,” Vincenzetti says on a recent February morning in Milan, pausing to sip his espresso. “But national security is much more important.”


“Snowden sped up spread of encryption by seven years”

The projected growth maturation and installation of commercially available encryption — what they had forecasted for seven years ahead, three years ago, was accelerated to now, because of the revelation of the leaks.

James Clapper, US Director of National Intelligence.

The Intercept: Spy chief complains that Edward @Snowden sped up spread of encryption by 7 years »


Data protection: EU-US standoff

The EU-US Privacy Shield is to replace the so-called safe harbour agreement about the transfer of personal data between EU and the US — after the European Court of Justice (ECJ) invalidated the latter.

As reported earlier, the privacy shield is a principal agreement that yet has to be filled with substance. Even though the European Commission and Washington claim to have struck a deal, it is far from being finalised.

Actually, things are moving the opposite way. Reuters:

Last week, the EU’s 28 data protection authorities – known as the Article 29 Working Party – published a non-binding opinion on the framework which called for more reassurances over U.S. surveillance practices and the independence of a new U.S. privacy ombudsman.

Leaving some of the regulators’ concerns unaddressed could increase the chances of the Privacy Shield being challenged in court by privacy advocates, much as its predecessor was.

This is a mess. Obviously, the EU is not strong enough to stand up to the US on data protection. And the US is not interested in respecting a strong European legal framework in this field.

Some links:
• EU data enforcers demand privacy shield fixes »
• Privacy panel trips up transatlantic data deal »
• US businesses: Start preparing for the EU’s new privacy regulation »
• U.S. reluctant to change data pact after EU watchdogs’ concerns »

Earlier posts:
• “EU-US Privacy Shield must be sent back to negotiators” »
• The EU-US Privacy Shield: EU presents a pointless proposal »
• The EU-US Privacy Shield Illusion »
• An EU-US Privacy Shield? »



Germany: Politician arrested for reciting anti-Erdogan poem at rally

“During a rally supporting comedian Jan Boehmermann, Bruno Kramm, the head of the Berlin branch of Germany’s Pirate Party, was arrested for “insulting a representative of a foreign state” by quoting a line from the comic’s satirical poem slamming Erdogan.

German police arrested Kramm while he was conducting a “literary analysis” of the German comedian’s satirical poem in front of the Turkish embassy in Berlin during a protest held under the slogan “No Power for Erdowahn, Freedom Instead of Erdogan” [Keine Macht dem Erdowahn, Freiheit statt Erdogan], the Morgenpost newspaper reported.”

• Pirate Party’s leader detained in Germany for citing poem about Erdogan »

• Berliner Piraten-Chef bei Erdogan-Demo festgenommen »


EFF vs. DoJ

The Electronic Frontier Foundation (EFF) filed a Freedom of Information (FOIA) lawsuit today against the Justice Department to shed light on whether the government has ever used secret court orders to force technology companies to decrypt their customers’ private communications, a practice that could undermine the safety and security of devices used by millions of people.

EFF Sues for Secret Court Orders Requiring Tech Companies to Decrypt Users’ Communications »


Germany, Snowden and Russia

Last Friday German magazine Focus ran an interview with the country’s two top spies — Gerhard Schindler, of the Bundesnachrichtendienstes (BND) and Hans-Georg Maaßen, of the Bundesamtes für Verfassungsschutz (BfV).

In short, they are annoyed that Edward Snowdens exposure of NSA mass surveillance puts Germany and the UK in an uncomfortable spot. They even implied that Snowden could have been acting under the influence of the Russian government.

“Leaking the secret service files is an attempt to drive a wedge between western Europe and the USA – the biggest since the Second World War,” Hans-Georg Maaßen, head of Germany’s domestic intelligence agency (Verfassungsschutz), told Focus in the double interview.

The translation above from The This has gained some attention in the media and Western military circles. So, let’s take a step back and try to look at the wider picture.

Yes, it is a problem that very little is known about mass surveillance carried out by e.g. Russia and China. But you cannot blame Snowden for this. He worked for a contractor to the NSA and leaked what he found to be unacceptable violations of civil rights. Furthermore, the NSA is an intelligence organisation in a democratic country; that should be held responsible under the rule of law. It is not a level playing field. But our western democracies are better than authoritarian and totalitarian states – and our authorities should be held accountable according to a higher standard. Especially when they spy on their own citizens.

Yes, it is a problem that Edward Snowden is stranded in Russia. But that does not make him a Russian spy or mouthpiece. The reason he is in Moscow is: 1) When he arrived there for transit, the US had revoked his passport. 2) No western democracy is willing to grant Snowden asylum. If German authorities are willing to grant him shelter and protection – he can be in Berlin pretty quickly, where a parliamentary inquiry would love to meet with him. (However, I don’t think German intelligence services are all too keen about that prospect.)

And naturally Germany and the UK are being criticized. They deserve to. German intelligence has been spying on companies, businesspeople, and political figures in Germany and allied European nations on behalf of the NSA. And they have lied about it in front of German parliamentarians. In similar ways, the British GHCQ have been acting far beyond its mandate. Both countries are close allies with the US and both countries intelligence authorities have a close cooperation with the American NSA. So, it is not the least strange that German BND has come under scrutiny. But they can blame no one but them selves.

But OK, no one can tell for sure if Snowden is a (knowing or unknowing, willing or unwilling) Russian spy. But that does not alter the fact that his revelations have huge implications for how our democratic societies are run. It is extremely important that this information has come to the public’s knowledge. To defend a free and open society, we must stick to democratic principles, rules, and legal frameworks.

The best, easiest and most decent thing would be to grant Edward Snowden asylum in Germany – and let him testify in front of relevant parliament committees. But I guess that will never happen.


• The German spies imply Snowden leaked files for Russia »
• Focus: Doppel-Interview mit Gerhard Schindler und Hans-Georg Maaßen: Kreml versucht den deutschen Bundestag zu infiltrieren – Russen treiben mit Hilfe des Whistleblowers Snowden einen Keil zwischen Westeuropa und den USA »


“Microsoft sues government for secret searches”

Microsoft filed a landmark lawsuit against the U.S. Department of Justice on Thursday, taking a stand against the way federal agents routinely search its customers’ personal information in secret.

The company accuses the federal government of adopting a widespread, unconstitutional policy of looking through Microsoft customers’ data — and forcing the company to keep quiet about it, sometimes forever.

CNN: Microsoft sues government for secret searches »