Archive | US

ISPs to be dragged into the War on Terror?

Sunday, interior ministers from EU member states, EU Commissioner for Migration and Home Affairs Dimitris Avramopoulos, U.S. Attorney General Eric H. Holder Jr., U.S. Deputy Secretary of Homeland Security Alejandro Mayorkas, the minister of Public Safety of Canada Steven Blaney and European Counter-Terrorism Coordinator Gilles de Kerchove all met in Paris.

Their mission was to come up with a response to the Paris terror attacks.

“We reaffirm our unfailing attachment to the freedom of expression, to human rights, to pluralism, to democracy, to tolerance and to the rule of law: They are the foundation of our democracies and are at the heart of the European Union.”

OK. Thanks…

“We are concerned at the increasingly frequent use of the Internet to fuel hatred and violence and signal our determination to ensure that the Internet is not abused to this end, while safeguarding that it remains, in scrupulous observance of fundamental freedoms, a forum for free expression, in full respect of the law. With this in mind, the partnership of the major Internet providers is essential to create the conditions of a swift reporting of material that aims to incite hatred and terror and the condition of its removing, where appropriate/possible.”

Somehow, all the reassurances about fundamental rights–in this context–makes me a bit uneasy. From working in the European Parliament, I have learned that when something is wrapped up in this kind of language you should be on your guard.

What it all boils down to is to involve Internet service providers more in removing jihadist sites. It seems.

It’s unclear in what way this changes anything from today. If a site is illegal, normally it will be removed. Is the idea to cut out the judicial process from the operation? Or what?

Some of the wordings shows similarities to what has been discussed when it comes to copyright infringements. And in that setting, the purpose has been to make ISPs responsible for policing the net.

So, are they trying to make ISPs responsible for tracking down and censoring jihadist sites?

We don’t know. Yet.

The EU officials will continue their talks at the “informal” Justice and Home Affairs Council (JHA) in Riga on January 29. And it will be on the agenda at the next EU summit. Then, in February all the people from the Paris meeting will come together again, in the U.S..

Be vigilant. Before you know it ISPs might find themselves between a rock and a hard place. In the front line of the War on Terror.

/ HAX

DW: Data sharing, tighter EU outer border, urged at Paris talks »
Joint statement from the Paris meeting (PDF) »

2

Report suggest: NSA mass surveillance is a waste of resources (and will make us less safe)

We already know that–this far–NSA mass surveillance has led to no convictions of any actual terrorists in a U.S. court of law.

Now, an New America Foundation study (PDF) shows that the vast majority of terrorist investigations in the U.S. are initiated by information from other sources than NSA.

Only 1.8 per cent of terrorist investigations in the U.S. are initiated after “NSA Bulk Collection under Section 215”. 4.4 per cent after “NSA Surveillance Targeting Non-U.S. Persons under Section 702”. And 1.3 per cent after “NSA Surveillance under an Unknown Authority”.

Most investigations are conducted after tips from community and families, informants or traditional human intelligence and police work.

The report states…

“Surveillance of American phone metadata has had no discernible impact on preventing acts of terrorism and only the most marginal of impacts on preventing terroristrelated activity, such as fundraising for a terrorist group.”

Obvious to all, this do not correspond with the picture the U.S. administration is trying to sell to the public.

And it confirms that more information from mass surveillance (a bigger haystack) only will make a system already under information overload to work even worse…

“Finally, the overall problem for U.S. counterterrorism officials is not that they need vaster amounts of information from the bulk surveillance programs, but that they don’t sufficiently understand or widely share the information they already possess that was derived from conventional law enforcement and intelligence techniques.”

So it seems that shifting resources from traditional (human) intelligence and law enforcement work to automated mass surveillance might make us all less safe from terrorists.

But then again, this is not about terrorism. It’s about power and control.

/ HAX

Link: Do NSA’s Bulk Surveillance Programs Stop Terrorists? (PDF) »

3

Caspar Bowden @ 31c3: The Cloud Conspiracy

https://youtu.be/ijr0E6Lw4Nk

This is a very central talk at the 31c3 conference. Caspar Bowden gives us a thorough lecture on why US software and cloud services cannot be trusted, when it comes to NSA mass surveillance. He also tells the absolutely frustrating story about how he tried to make the EU (and civil society) understand the risks pre-Snowden. | Youtube »

3

EU to sell out data protection in new trade agreement?

Free Trade is a good thing. But–as I have written earlier–international trade agreements seems to be about everything but free trade.

The latest example is the Trade in Services Agreement (TISA). This agreement is to be signed by the EU, the US and many others. Among other things, it covers E-commerce. So far, so good.

The problem is that TISA (as most other international trade agreements) surpass some pretty important local rules. In this case, it might throw out European data protection rules.

The EU is in the process of setting up a new data protection framework. This rises questions like: Who owns your personal data? Is it you? Or do you have nothing to say about the matter?

In this context it is alarming that the EU is about to enter an international agreement stating that “No Party may prevent a service supplier of another Party from transferring, accessing, processing or storing information, including personal information, within or outside the Party’s territory, where such activity is carried out in connection with the conduct of the service supplier’s business.”

The EU and the US have had an agreement (the Safe Harbour agreement) stating that American companies must handle data about european customers in accordance with European data protection rules. As it has turned out, this agreement has been almost totally ignored by the US.

And now, the TISA agreement seems to sidestep European data protection all together.

While some members of the European Parliament (like German Pirate Party MEP Julia Reda) is trying to ensure a strong European data protection package–the usual suspects (most MEP:s from traditional parties) are prepared to sell out.

/ HAX

0

16 December: Sentencing in the Barrett Brown Case

Today–Tuesday December 16–a Dallas federal court will deliver its sentence in the Barrett Brown case. It all started with copy-pasting a link.

Writer, journalist and hacktivist Barrett Brown was the leading force in Project PM–a journalistic project scrutinizing private intelligence and security firms running outsourced contracts for the US Government.

The material came from a data dump retrieved by hackers said to belong to the Anonymous network. Even though Brown did not take part in this operation himself, he had access to the site where the information was stored.

His problems started when he copy-pasted a link to this site to Project PM. As the data dump contained all sorts of information (e.g. credit card information) it was possible for the authorities to go after him. From the Free Barret Brown website

“Having previously been raided by the FBI on March 6, 2012 and not arrested or charged, on September 12, 2012 Barrett Brown was again raided and this time arrested by the Federal Bureau of Investigation while he was online participating in a Tinychat session. He was subsequently denied bail and detained without charge and adequate medical treatment for over two weeks while in the custody of US Marshals. In the first week of October 2012, he was finally indicted on three counts, related to alleged activities or postings on popular websites such as Twitter and YouTube.”

“On December 4, 2012 Barrett was indicted by a federal grand jury on twelve additional counts related to data from the Stratfor breach. Despite his lack of direct involvement in the operation and stated opposition to it, he faces these charges simply for allegedly pasting a hyperlink online. On January 23rd, 2013 he was indicted a third time on two more counts, relating to the March 2012 FBI raid(s) on his apartment and his mother’s house.”

After that, everything was blown out of proportion. The Daily Beast reports…

“The government’s actions in this case have been extreme. Prosecutors in the Northern District of Texas have written that Brown, along with the activist group Anonymous, sought to overthrow the U.S. government. They tried to seize funds that were raised for his legal defense. They obtained a gag order against the defendant and his lawyers restricting what they could say about the case for several months. They sought to identify contributors to a website where Brown and others dissected leaks and researched shady links between intelligence contractors and governments. Perhaps most egregious of all, they pursued a case against Brown’s mother, who was forced to plead guilty to a misdemeanor related to a separate FBI raid on her home, resulting in six months probation and a $1,000 fine.”

This far into the case, Brown faced a life time prison sentence and accepted a plea agreement.

Dallas Morning News describes what happened next…

“But the U.S. attorney’s office asked Lindsay to drop those charges in March. The charges, which were dismissed, accused Brown of trafficking in stolen data and aggravated identity theft.”

“The most serious charge remaining against Brown was the one involving threats to the FBI agents. Brown made some of the expletive-laced threats in a YouTube video he posted in which he said he would shoot any federal agents who came for him. Brown also said in a video that he would ruin one FBI agent’s life and look into his kids.”

Today we will know the outcome of this affair. Prosecutors seek a 8.5 year prison sentence. And the defence is going for time served.

Governments (not only the US Government) outsourcing intelligence and security operations to private companies is a problem–as it withdraws information about what is going on from democratic oversight.

The Barrett Brown case also is a matter of freedom of the press.

In the wake of the Snowden files exposing NSA mass surveillance, one should be extra vigilant. From the Project PM we already have had a glimpse of what is going on. For instance private US intelligence contractors have been involved in secret operations to discredit and damage Wikileaks and its editor in chief Julian Assange.

On a tragic side note–renowned US national security journalist Michael Hastings was about to dig deeper into the Project PM material (and the Barrett Brown case)–when he reportedly found himself being investigated by the FBI. Unfortunately Hastings died when his car exploded in a single car crash in Los Angeles, in the early morning hours of June 18, 2013.

This really is an intriguing and disturbing affair.

Free Barrett Brown | Project PM | Barrett Brown on Wikipedia

/ HAX
(proud contributor to the Barret Brown defense fund)

Some additional links:
Peter Ludlow: Barrett Brown case smacks of oppression »
Sentencing Looms for Barrett Brown, Advocate for “Anonymous” »
Why everyone should care about journalist Barrett Brown’s sentencing today »
Journalist Barrett Brown Faces Sentencing on Tuesday After Two Years Behind Bars »

Update: Barrett Brown sentencing delayed until January 22, 2015 »

Update 2: The Intercept–The Latest Twist in the Bizarre Prosecution of Barrett Brown »

1

The new dissidents

NSA whistleblower Edward Snowden is stuck in Russia, only being able to reach out to the world by video link. The same goes for Wikileaks Julian Assange, in limbo at Ecuadors embassy in London. Journalist and web activist Barret Brown spends his time in custody, waiting to be sentenced after looking too close into outsourcing of US national security matters.

This is in a way better for the US government than just throwing people in jail.

If you compare this to the case of whistleblower Chelsea Manning–her 35 year prison sentence for exposing the truth is clearly a stain on US reputation.

It’s more convenient for government to corner trouble makers elsewhere in the world or to constrain their actions with seemingly endless legal proceedings. It might not silence them–but it will hamper their work seriously. And you can (normally) do this without enraging human rights activists, hacktivists, the media and the general public too much.

It all bears a chilling resemblance to the way the Soviets treated many of their dissidents during the Cold War.

/ HAX

1

How to fight the dark forces of Government

There is this article in The Boston Globe that has been nagging my mind for a few days now: Vote all you want. The secret government won’t change. »

Despite the dramatic headline, this is not about conspiracy theories. It’s about Tufts University political scientist (and former legal counsel to the Senate Foreign Relations Committee and a consultant to various congressional committees, as well as to the State Department) Michael J. Glennon and his book National Security and Double Government.

The core issue is the Obama u-turn on national security.

“But six years into his administration, the Obama version of national security looks almost indistinguishable from the one he inherited. Guantanamo Bay remains open. The NSA has, if anything, become more aggressive in monitoring Americans. Drone strikes have escalated. Most recently it was reported that the same president who won a Nobel Prize in part for promoting nuclear disarmament is spending up to $1 trillion modernizing and revitalizing America’s nuclear weapons.”

The thing, according to Glennon, is that politicians are generalists–in the hands of their own administration and its experts. And these experts have many reasons to exaggerate threats.

That sounds like a plausible and reasonable analysis. Even though the word “generalists” might be overly polite.

Now, looking at Europe and the EU we have the same set of experts as in the US–in the Commission, in the Council and to some extent in the European Parliament.

And we have the issue of lobbyism. (Even though public attention is directed towards lobbyists in the Parliament, the real issue ought to be lobbyism directed towards the Commission and its staff.)

Then we have something that few people know about: The European Commission has some 250 different committees with around 7,000 “contributors”. And at least 1,000 (maybe up to 3,000) specialist groups with more than 40,000 “experts”. All of these with an agenda. And this is where EU policy is crafted out.

This is why it is almost impossible to get something done when it comes to e.g. data protection, mass surveillance or copyright reform in the Parliament. The power doesn’t lie with the elected politicians.

So, are we screwed? Is democracy just an illusion? In many cases, the answer seems to be yes. But Glennon gives us a glimmer of hope…

“The ultimate problem is the pervasive political ignorance on the part of the American people. And indifference to the threat that is emerging from these concealed institutions. That is where the energy for reform has to come from: the American people. Not from government. Government is very much the problem here. The people have to take the bull by the horns. And that’s a very difficult thing to do, because the ignorance is in many ways rational. There is very little profit to be had in learning about, and being active about, problems that you can’t affect, policies that you can’t change.”

From an European perspective we know that public opinion did put an end to the ACTA agreement (restricting the openness and freedom of the Internet). We also know that such occurrences are very rare. And that they depend on huge efforts from activists, civil society and the media. But–it can be done.

This is the first lesson in fighting the political apparatus: Know thy enemy.

/ HAX

2

Mass surveillance is bad for business

The quote of the day comes from Microsoft General Counsel Brad Smith at the Silicon Valley panel discussion on NSA surveillance, organized by Senator Ron Wyden (D – Oregon).

“If you’re a consumer or a company, you own your email, your text messages, your photos and all the content that you create. Even when you put your content in our data centers or on devices that we make, you still own it and you are entitled to the legal protection under our Constitution and our laws. We will not rebuild trust until our government recognizes that fundamental principle.”

Money talks. Mass surveillance erodes customers confidence in the tech industry. Business is lost when customers shy away from US Internet based services.

And it’s not just about business. Google’s Eric Schmidt warned about a fragmented, balkanized Internet. Wired sums it up…

“The cost will be huge in terms of shared knowledge, discoveries, and science. It will also be expensive, since the cost of running data centers in every country where they have customers may be too much for some firms to handle.”

The Civil Rights movement, Internet activists and the tech industry–now they all seems to stand together against US Government, its’ security bureaucracy and the security industry.

This might be the tipping point in our fight for a free and open Internet.

Some links: Wired » | CNet » | WP » | PC World » | The Register »

/ HAX

1

TTIP might kill EU copyright reform

There is an obvious need for copyright reform. It is necessary in order to keep culture alive, dynamic and vigorous. And it is necessary if we want to keep the Internet free and open. (Read more about these specific issues here. »)

The EU is trying to get to grips with copyright in order to have a single, up to date set of rules for the entire European market. At the same time copyright holders, like the music- and film industry, would like to hold on to present rules–created to protect an old, pre-digital business model.

At the moment, the copyright industry puts its hope to the EU-US trade agreement (TTIP), being negotiated right now. The negotiations are secret. But we know that TTIP will contain a chapter on “intellectual property”. This might be yet another attempt to curb the freedom of the internet, in order to clamp down on illegal file sharing and other digital IP infringements. But if it is, chances are that TTIP will meet the same fate as the fallen ACTA agreement.

But it doesn’t have to be that obvious.

TTIP can also build on present copyright legislation in such a way that it will be more or less impossible to change these laws in the future, without breaking this binding trade agreement.

In fact, there is a highly controversial instrument in TTIP that might be used to kill all attempts to reform copyright legislation in the future. This is the article on investor-state dispute settlement (ISDS).

The idea behind ISDS is that a company in the US can take the EU or e.g. Denmark to court–if there are to be any new laws that might reduce that companys present (or future) profits. Well not take to court, actually. It’s more like a semi-private settlement institute, that can fine countries for billions of dollars in damages.

Now, imagine if the EU would like to reform copyright. European politicians might want to shorten the absurdly long protection time to, let’s say, 50 years. (If they could extend it, they should also be able to shorten it. Especially as copyright is an “asset” not found in nature, but a brainchild of politicians.) They might want to make exceptions for non-commercial sampling. They might want to make out of print classical literature or orphan works available to the public in digital form. They might want to step down the hunt for non-commercial file sharing. Or they might require that to receive copyright protection, the works in question must be registered.

This is the kind of things that ISDS is designed to stop. Either the EU would have to drop the reforms–or pay billions in damage.

(To add to the absurdity of this: In the example above only American companies would receive damage, not domestic European ones.)

So, yes: The TTIP might be used to kill an EU copyright reform. And Europe urgently need such a reform.

I might repeat myself, but I suggest that if the EU and the US would like to have this trade agreement approved–they should drop the IP chapter and ISDS. It might also be a good idea to open up the negotiations to democratic oversight, as these agreements have more or less the same effect as law.

/ HAX

Also read: EFF–EU-US Trade Negotiations Continue Shutting out the Public—When Will They Learn? »

1