Ron Wyden Wants To Know Why The DEA Still Has On-Demand Access To Trillions Of Phone Records

(Mis)Uses of Technology

from the collect-it-all-because-why-not dept

For decades, the government has used the Third Party Doctrine to obtain massive amounts of phone records without a warrant.

Even prior to the creation of the Third Party Doctrine by the Supreme Court in 1979, government agencies were obtaining phone records using pen register requests that provided them with info on numbers called and the length of the calls. This method, however, required the government to supply some information of its own: specifically, a targeted source phone number phone companies could use to search for call metadata.

Then the NSA got involved. Leveraging the doctrine erected decades earlier, the NSA used its foreign surveillance authority to force Verizon to hand over every single phone record generated by users of its business services. No targeting necessary.

This mass collection was exposed by the initial Snowden leak. The FISA court order published by multiple news outlets showed the government was able to engage in bulk surveillance via a single FISA request. This one targeted Verizon’s business services, but nothing about what was published suggested this was the only cell service provider responding to these blanket orders.

At the same time Snowden was airing the government’s dirty surveillance laundry, the DEA was inadvertently exposing its delicates. A particularly spectacular unforced error by the DEA saw it handing over information on its secret “Hemisphere” program in response to records requests seeking something else entirely. The information contained in this accidentally exposed presentation not only showed AT&T had employees “embedded” in the DEA to provide more instantaneous responses to phone records requests, but also that DEA agents and experts were being instructed to engage in parallel construction to hide the origin of phones records obtained with this program that were being used as evidence in court.

The DEA’s ability to obtain phone records in bulk was confirmed several months later by none other than the DEA, which released another set of Hemisphere documents to records requesters. Perhaps figuring there was no longer any reason to pretend this program didn’t exist, the DEA was more forthcoming the second time around.

These revelations soon were buried by months of steady NSA leaks from Snowden and others. The Hemisphere program, however, never went away. Although it did receive attention from legislators and privacy advocates once it was exposed, the feds never officially ended this collection. AT&T was the only private company named in the documents, but there was never any official denial from other cell service providers that they, too, weren’t working with the DEA to provide real-time and bulk access to phone records.

Hemisphere is dead in name only. That’s only one of the revelations in this recent report from Dell Cameron and Dhruv Mehrota for Wired.

A little-known surveillance program tracks more than a trillion domestic phone records within the United States each year, according to a letter WIRED obtained that was sent by US senator Ron Wyden to the Department of Justice (DOJ) on Sunday, challenging the program’s legality.

According to the letter, a surveillance program now known as Data Analytical Services (DAS) has for more than a decade allowed federal, state, and local law enforcement agencies to mine the details of Americans’ calls, analyzing the phone records of countless people who are not suspected of any crime, including victims. Using a technique known as chain analysis, the program targets not only those in direct phone contact with a criminal suspect but anyone with whom those individuals have been in contact as well.

DAS is nothing more than a rebrand of Hemisphere — a program that underwent periodic suspensions by various presidential administrations following its exposure by journalists and public records requesters. As Cameron and Mehrota note, the first suspension followed its first exposure, delivered by Barrack Obama in 2013. Since then, the leaders of the free world have been flipping the on-off switch randomly.

[W]hile discretionary funding was withheld over the following three years, a White House memo obtained by WIRED shows that individual law enforcement organizations across the US were permitted to continue contracting with AT&T directly in order to maintain access to its data-mining service. Funding resumed under former president Donald Trump but was halted again in 2021, according to the White House memo. Last year, under president Joe Biden, the funding resumed once more, the memo says.

If there’s anything that reaches across the massive partisan divide, it’s the willingness to allow domestic law enforcement agencies to engage in domestic surveillance with minimal oversight. As pointed out above, even while the DEA was (intermittently) denied funding to engage in this phone records collection, state and local law enforcement agencies were still allowed to convert AT&T into a proxy surveillance agency.

Ron Wyden’s letter addresses information uncovered by Distributed Denial of Secrets, a collective of transparency activists that has routinely been subjected to social media bans and criticism from government officials for daring to obtain information through any means necessary and making this information available to the general public.

Just as disturbing is the fact that this program survives, despite the NSA itself choosing to end its own call records program (under Section 215 authority) because it was (1) too difficult to avoid surveilling Americans and (2) because it wasn’t all that useful.

But what the NSA has abandoned, the DEA has kept alive, using federal funding and agreements with AT&T forged by the Office of National Drug Control Policy. AT&T, for its part, has once again refused to comment on this cozy relationship with federal drug warriors, offering up nothing more than the obvious acknowledgment that it’s obliged to comply with federal subpoenas. Of course that’s true, but it doesn’t explain why AT&T was the proactive partner in this alliance, much less why it still — despite years of records requests and law enforcement leaks — appears to be the only cell service provider willing to crawl into (em)bed with the DEA to provide instantaneous access to cell records that it pretends are only subject to subpoenas.

Its statements also fail to explain why it does things it’s not required to do when it appears the only beneficiary of these actions would be the DEA and its law enforcement partners.

There is no law requiring AT&T to store decades’ worth of Americans’ call records for law enforcement purposes. 

The only explanation is that AT&T considers this a feature, rather than a deliberately ignored bug. The evidence on the record shows AT&T would rather court cops than protect customers.

Documents reviewed by WIRED show that AT&T officials have attended law enforcement conferences in Texas as recently as 2018 to train police officials on how best to utilize AT&T’s voluntary, albeit revenue-generating, assistance.

The money isn’t the motive. Or, at least, it shouldn’t be, not at these prices. While AT&T is compensated for hooking up with drug warriors, the Wired report says the Office of National Drug Control Policy has contributed only $6.1 million to the program over the last decade. There are other sources of funding, of course, but it’s unclear how much of this makes its way to AT&T directly or indirectly. Sure, it’s pure profit when you’re already retaining these records for years at a time, but AT&T still has to pay analysts, liaisons, and (hopefully) a handful of lawyers — something that would appear to make the rebranded Hemisphere a loss leader, rather than a true contributor to the company’s bottom line.

It’s great that Ron Wyden is again demanding answers from the DOJ and DEA about this domestic surveillance effort, but it’s far less heartening to see that multiple presidential administrations have never been willing to shut this program down completely, despite it being something most Americans would never support. Trillions of phone records that aren’t even a subpoena away from government scrutiny isn’t the sort of thing residents of the United States expect to be happening, much less believe should be happening. The government should need more than the voluntary obeisance of one of the nation’s largest cell service providers to engage in this surveillance. But because it has this — and the periodic support of those holding the highest office in the land — phone records are still just a government plaything, something capable of putting people several degrees removed from suspected criminals under the government’s drug war microscope.

Filed Under: das, data analytical services, dea, doj, hemisphere, phone records, ron wyden, third party doctrine

Sports Illustrated The Latest To Bare Its Entire Ass Thanks To Laziness, Greed, And Half-Cooked ‘AI’

Journalism

from the I'm-sorry-I-can't-do-that,-Dave dept

The rushed integration of half-baked “AI” (aka not at all sentient language learning models) into journalism has been a gargantuan mess. Execs at companies like Red Ventures (CNET) and G/O Media (Gizmodo) have made it very clear they see LLMs primarily as a way to attack labor and cut corners, resulting in soulless and low quality product, oodles of plagiarism, and no shortage of employee ill will.

Enter Sports Illustrated, which appears to have been caught (like Gannett) creating fake journalists with fake bios in the hopes nobody would notice. Futurism first noticed the practice, which involves using fake people with AI-generated headshots to write what smells like automated copy. And, as we’ve seen repeatedly, the resulting product isn’t very good, either:

“The AI authors’ writing often sounds like it was written by an alien; one Ortiz article, for instance, warns that volleyball ‘can be a little tricky to get into, especially without an actual ball to practice with.'”

Initially when Futurism asked Sports Illustrated owner The Arena Group about the practice, they just deleted all the AI-generated content and refused to comment, which speaks for itself. Only once the story gained media traction did the company shift course and (just like Gannet did) try to blame the whole thing on one of their third-party vendors:

“Today, an article was published alleging that Sports Illustrated published AI-generated articles. According to our initial investigation, this is not accurate. The articles in question were product reviews and were licensed content from an external, third-party company, AdVon Commerce. A number of AdVon’s e-commerce articles ran on certain Arena websites. We continually monitor our partners and were in the midst of a review when these allegations were raised. AdVon has assured us that all of the articles in question were written and edited by humans.“

The Arena Group’s “investigation” doesn’t sound like much of one. They’re trying to claim they had no idea they’d hired a third party company (the same company that helped Gannett do the exact same thing with a history of doing exactly this) to produce AI-generated content by AI-generated people. Poorly. Employees that actually work at Sports Illustrated tell Futurism the claim is laughable.

So many of the executives at major media giants genuinely view AI as a way to create an automated ad-engagement machine that effectively shits money for pennies on the dollar. Just a giant, automated ouroboros that throws billions in ad engagement dollars their way without concerns about any of the pesky stuff like product quality, audience interest, public welfare, or folks eager to be paid a living wage.

There’s no interest in journalism or even editorial ethics here; Sports Illustrated not only created fake people with fake headshots and fake bylines, they constantly rotated new fake reporters in and out without any transparency with readers or staff. There’s a lack of ethics and competency that’s a problem before language learning models even enter the frame.

There certainly are innovative, helpful uses for AI in journalism. The problem is the least competent people imaginable have failed upward into positions of power at most media orgs. And if they have their way, what’s left of the already-shaky art of journalism is going to become a homogenized, soulless, engagement machine that will make our current lopsided signal to noise ratio look downright adorable.

Filed Under: ai, automation, hedge funds, journalism, llm, media, plagiarism, signal to noise ratio, sports illustrated
Companies: advon commerce, arena group

Settlement Handed To 11-Year-Old Autistic Student Who Was Locked in A Cop Car For Hours, Hit With $25,000 Bail

Legal Issues

from the loss-handed-to-school's-biggest-bullies dept

The problem with putting cops in schools isn’t necessarily that there are never things that happen in schools that require a law enforcement response. (Unfortunately, a lot of those things are school shootings, which cops aren’t all that capable of responding to.)

The problem is that school administrators tend to think that because they have cops (often referred to as “school resource officers”) on tap, nearly any disciplinary problem should be turned over to them, rather than handled by school personnel and/or the student’s parents.

This reduces school discipline to the sort of math cops understand: binary. If no one asks for a cop, it’s not a crime. If someone does ask for a cop — no matter what infraction has occurred — it’s obviously criminal activity.

This turns students into criminals. And it turns SROs back into cops, who use the same techniques they deploy against suspected adult criminals on children. A little restraint by school cops would go a long way. Unfortunately, most of them would read that previous sentence to be a blessing of physical restraint methods more suited to volatile, violent criminals, rather than minors who minds and bodies are far from fully developed.

But, because schools have decided they must have cops in the building, they end up tacitly blessing things like this, as recounted in an autistic student’s lawsuit [PDF] against their school and the school’s cops in a case brought by the ACLU:

On August 29, 2019, officers in police uniforms entered Sagewood Middle School and aggressively handcuffed A.V., an eleven-year-old child with autism. They dragged the handcuffed child through the hallways of his school, placed him in a patrol car, and left him there for hours, while, still handcuffed, he banged his head repeatedly against the plexiglass of the patrol car and cried in pain.

The alleged crime? Responding to another student writing on him with markers (A.V. is hyper-sensitive to touch due to his autism) by poking the student with a pencil. The school did, at least, contact one A.V.’s parents. But apparently not because the school felt the legal guardian should have any say in this particularly brutal disciplinary process.

A.V.’s stepfather rushed to the school and asked to see A.V., but the officers would not allow him to see A.V. A.V’s stepfather asked the officers to take A.V. to get medical attention, but they refused.

Instead, after A.V. was left handcuffed and banging his head for hours, an officer drove A.V. to a juvenile detention center and placed A.V. in custody on charges of assault, harassment, and resisting arrest. A.V. remained in custody until his parents were able to post a $25,000 bond. The charges against him have since been dropped.

The lawsuit followed, naming both the school district and the SROs employed by the district — one of which continued to demonstrate his willingness to bully young students with disabilities.

The officers involved in this traumatic handcuffing and arrest of A.V. were School Resource Officers (“SROs”). They are Douglas County Sheriff’s deputies who are jointly employed by the Douglas County School District. They had been specifically assigned to middle schools for the first time that year without adequate training on interacting with students with disabilities.

No SRO was disciplined due to the incident, and in fact, one of the SROs, SRO Nicholson, was commended for his handling of the situation. He was deemed to have completed the SRO field training program and recommended to be moved to solo status just a few days after the incident. Only a few months after handcuffing A.V, SRO Nicholson repeated his behavior: he handcuffed a twelve-year-old child with disabilities after that child became escalated. As with A.V., he left that child handcuffed for hours.

The lawsuit was filed in March 2021. Of course, every government entity and employee (including the involved school resource officers) asked for immunity. Immunity was denied to some of them in a February 2022 ruling [PDF], which said the facts needed to be more fully developed before the court would consider the officers’ attempt to exit the lawsuit:

To be sure, the Complaint sets forth allegations suggesting that Plaintiff had committed a battery against another student, which could give rise to probable cause supporting Plaintiff’s arrest. However, assuming the truth of Plaintiff’s well-pleaded factual allegations and viewing them in the light most favorable to the Plaintiff, Plaintiff’s plausible allegations also raise the possibility that Defendants only decided to arrest Plaintiff after misperceiving his subsequent lawful conduct, which was the result of the disability. (See ¶ 40 (“SRO Nicholson responded by instead proposing that he ask [Plaintiff] to come talk to him in the SRO office and said: ‘if he wants to come, that’s fine; if he doesn’t, that’s fine too.’”); ¶ 44 (“Nicholson continued to ask [Plaintiff] if he would come talk in the SRO office. [Plaintiff] stared blankly and occasionally shook his head no in response.”); ¶ 45 (“Then, despite the fact that [Plaintiff] was sitting quietly and that there was no emergency requiring immediate intervention, SRO Nicholson and
Peterson abruptly approached [Plaintiff] in a threatening manner and aggressively handcuffed him.”).)

Accordingly, the Court denies this portion of the DCSO Defendants’ Motion to Dismiss. Among other things, this will allow the parties additional time to develop the factual record through discovery on the issue of what prompted the SROs to arrest Plaintiff.

The sued officers claimed (repeatedly) that this was wrong. The court was required to grant them deference, rather than (as the court is required to do during motions to dismiss) grant deference to allegations raised by the plaintiff. And that was all they did for weeks on end: claim qualified immunity law required the court to give more credit to their (unsupported at this point) claims any officer in their position would not have known that tossing an autistic 11-year-old into a cop car for hours over a pencil-poking might have violated the student’s rights.

And the officers weren’t entirely wrong! That’s the sad thing. The Supreme Court has constantly told lower courts the first thing to consider is whether or not there’s any way to allow cops to escape taking responsibility for their actions. If this means glossing over apparent rights violations, so be it.

But it’s not the only option courts have. It’s just the one the Supreme Court would prefer they deploy. It didn’t happen here, much to the dismay of the officers. And this refusal to play by the rules this court set dismayed the court, which issued an order reaffirming its desire to hear more facts before considering qualified immunity arguments as well as this irritated (and lengthy!) note on the docket about the officers’ refusal to abide by the court’s orders by insisting any discovery (at this point, just depositions from the officers) until after it had ruled in favor of their qualified immunity requests.

The court wasn’t interested in engaging in the Catch-22 the school resource officers were attempting to deploy. Either the officers could offer sworn depositions to add to the factual record before raising the immunity defense or they could kindly get the hell out of this courtroom:

ORDER: In their Motions for Protective Orders 158, 159, 160, Defendants express a sense of deja vu at once again briefing the question of whether they are entitled to a stay of discovery. This Court knows the feeling. The Court finds itself, once again, addressing the same flawed arguments regarding qualified immunity. Defendants’ Motions do not bring anything new to the conversation, and they continue to ignore this Court’s repeated invitation to present any particularized argument as to why discovery would be burdensome or inappropriate.

To be sure, in Rome v. Romero, which Defendants seek to distinguish, Judge Krieger was presented with specific requests for production-some of which she found to be properly propounded on the individuals and others she concluded were not. In her evaluation, she noted that in cases where, as here, the parties present differing versions of the underlying events, some discovery on individual defendants is appropriate. She then concluded that other of the proposed requests were more appropriately made on the institutional defendants. With respect to any future discovery, Judge Krieger noted the individual defendants should be protected against any requests seeking information other than that relating to disputed factual issues regarding the actual events giving rise to the qualified immunity defense.

But other than contending they should not have to sit for their depositions, Defendants have not identified any line of questioning that would fall outside of those parameters identified in Rome. Particularly, they have never addressed the glaring issue that they are the primary witnesses in this matter upon whose actions this lawsuit is based, and therefore, would be subject to discovery no matter what the ultimate questions on qualified immunity are determined to be.

Defendants declaration that qualified immunity no longer has any meaning is overwrought; the Court has never held as such. Instead, the Court has only held the mere and basic assertion of qualified immunity without more is insufficient in this case to justify a stay. Because that assertion is all Defendants have ever offered the Court, including at present, the Motions for Protective Orders are DENIED.

I love it. The court says if the officers want to argue no officer in their position would know the sort of behavior being sued over fell on the wrong side of the Constitution, they should at least be willing to present their side of the story in a deposition. But these officers apparently didn’t want to do that. Instead, they presented their GET OUT OF LAWSUIT FREE! cards to the judge and thought that would be sufficient. When the court said it wasn’t, they apparently decided the best course of action was to continue to refuse to defend themselves against these allegations until the court… I don’t know… gave up and decided to give them what they actually wanted: immunity.

With no immunity to be had, a settlement has now arrived. And that’s kind of a shame. The school district was excused from the lawsuit but the county apparently felt allowing these officers to walk away from the lawsuit was the best use of county residents’ tax dollars.

After more than two years in court, the ACLU announced Wednesday that all of the parties named in the suit agreed to a settlement offer.

“Pursuant to the settlement, the defendants have agreed to require advanced training for any SROs assigned to the Douglas County School District, to include training created by the disability rights community that will improve interactions between law enforcement and students with disabilities,” said the ACLU.

“The defendants will also ensure that all SROs review the Behavioral Improvement Plans (a written improvement plan to help students who struggle with behavior issues in class) specific to each student and comply with those plans when interacting with the student.  Important reporting requirements will also ensure that the SROs are complying with de-escalation techniques consistent with students’ plans,” the ACLU stated. 

While it is good to see the SROs will now receive more training on the handling of students with behavioral disabilities, the accompanying statement from the district makes a point to note the involved officers continue to “deny any wrongdoing.” If these officers were so sure they were in the right, they shouldn’t have been so worried about being deposed. Their actions in this lawsuit contradict their insistence on being perceived as innocent. But now it’s not their problem. Their “innocence” has been purchased with tax dollars supplied by people like A.V.’s stepfather, who helps fund a school overseen by a county that figures it’s better to throw money at a plaintiff than subject any government employee to actual accountability.

Filed Under: discipline, douglas county, police, qualified immunity, school police, school resource officers, sros

Main Chinese Social Media Platforms Now Require Top Influencers To Display Their Real Names Online

Free Speech

from the we-know-who-you-are dept

Back in 2015, Techdirt wrote about one of China’s many attempts to control the online world, in this case by requiring everyone to use real names when they register for online services. As that post noted, the fact that the Chinese authorities had announced similar initiatives several times since 2003 suggests that implementing the policy was proving hard. Twenty years after those first attempts to root out anonymity online, China is still trying to tighten its grip. A post on the Rest of the World site reports:

On October 31, Weibo, as well as several other major Chinese social media platforms including WeChat, Douyin, Zhihu, Xiaohongshu, and Kuaishou, announced that they now required popular users’ legal names to be made visible to the public. Weibo stated in a public post that the new rule would first apply to all users with over 1 million followers, then to those with over 500,000.

As that indicates, there’s a new wrinkle in the fight against anonymity: real names are only required for top influencers on the main social media sites. That’s obviously much easier to police than trying to force hundreds of millions of users to comply. Here’s why the Chinese government is concentrating on the smaller group:

Min Jiang, a professor of communication studies at the University of North Carolina at Charlotte, told Rest of World the real-name rule would limit the influence of key opinion leaders, who still wield a lot of power on the Chinese internet. “Outspoken individuals have been conditioned to navigate the red line with ingenuity and creativity, steering public opinions even under heavy censorship,” she said.

The new targeted approach seems to be working. Several high-profile influencers who use pseudonyms online have announced that they will give up posting altogether. Others are actively “purging” their fans to get the total below the one million threshold for the new policy:

Tianjin Stock King, who posts finance content, removed over 6 million followers overnight, cutting his following from 7 million to just over 900,000. Ken, another Weibo “Big V,” told Rest of World he used the extension Cyber Zombie Cleaner to remove about 20,000 followers over the past month. The software, developed by software engineer Xiao Gu, enables users to remove inactive followers in large numbers, and has accumulated over 100,000 views on China’s code-sharing forum, CSDN.

Interestingly, the Rest of the World post says that it is not government repression that those with big followings fear under the new rules. Previous policies regulating anonymity already require Weibo users to register with their real name, and to show their IP location next to their user name. But mandating real names online means that influencers will be subject to the scrutiny of other users, who will be able to compare a person’s online activity with their offline identity. Conveniently for the Chinese authorities, that will make it more difficult to express controversial opinions. One group who are likely to be particularly affected by this requirement are influencers working at state-affiliated organizations, who may be accused of disloyalty or lack of patriotism once their identity is known to the wider public.

Follow me @glynmoody on Mastodon.

Filed Under: anonymity, china, influencers, purging, real names, social media
Companies: douyin, kuaishou, tiktok, weibo, xiaohongshu, zhihu

Elon Musk’s Latest Round Of Bigoted Tweets Likely Cost ExTwitter $75 Million Over The Rest Of 2023

Failures

from the that's-a-costly-mouth dept

We keep pointing out just how incredible it is that Elon Musk is personally responsible for the destruction of so much of ExTwitter’s business model. Even if you believe that the company was too bloated, or that it’s business model needed to change, as you look at how the company is flailing, it can be tied back almost entirely to Elon Musk being a stupid, ignorant bigot on the platform that he bought.

The product decisions, the renaming, all of that has some impact, but the reason that advertisers keep bailing is because of Elon Musk’s awfulness. We noted that back in April. Incredibly, the details highlighting that came out in an email thread created by… Linda Yaccarino, now CEO-in-name-only of ExTwitter, who was about to interview Elon Musk at an event for various advertisers. She wanted to know what advertisers were thinking about advertising on the site, and many pointed out that Musk himself was the problem, way more than the platform.

They were frightened that Musk would say something stupid, hateful, or bigoted next to their ads, and they told Yaccarino that — and a month later she decided to go work for Elon.

One of the biggest barriers to spending more, advertisers say, is Musk’s own behavior on Twitter.

And, once again, we’re seeing that play out. While Musk keeps trying to blame more advertisers fleeing on Media Matters, the reality is that it was his own embrace of an antisemitic trope that resulted in more advertisers pulling their ads.

Once again, this was a costly decision. The NY Times got its hands on an internal presentation, showing that ExTwitter sales people believe that Musk’s actions a few weeks ago likely cost the company $75 million in ad revenue over the final month and a half of the year (often the biggest advertising season).

Internal documents viewed by The New York Times this week show that the company is in a more difficult position than previously known and that concerns about Mr. Musk and the platform have spread far beyond companies including IBM, Apple and Disney, which paused their advertising campaigns on X last week. The documents list more than 200 ad units of companies from the likes of Airbnb, Amazon, Coca-Cola and Microsoft, many of which have halted or are considering pausing their ads on the social network.

The documents come from X’s sales team and are meant to track the impact of all the advertising lapses this month, including those by companies that have already paused and others that may be at risk of doing so. They list how much ad revenue X employees fear the company could lose through the end of the year if advertisers do not return.

A few months ago, Yaccarino said that ExTwitter was on a path to profitability by Q1 of next year, and that seems increasingly difficult to believe given the way that her boss keeps driving away millions of dollars in ad revenue.

It’s not entirely clear how much ad revenue ExTwitter still makes, but reports suggest that ad revenue has been consistently down about 60% (and drops lower every time Musk does something stupid and bigoted). In 2021, the last year we have full data, Twitter generated $4.5 billion in ad revenue. Cut that by 60% and we’re talking about $1.8 billion.

So if we do some very, very rough back-of-the-envelope math here, at $1.8 billion, that’s about $150 million per month. So, the final month and half would be in the range of $225 million expected. Perhaps more, given the advertising season. Taking away $75 million of that is… pretty significant.

Again, almost none of this is due to product decisions, but due to Elon Musk’s inability to shut up, and his near total credulity in believing every two bit nonsense peddler and bigot he’s ever come across.

Filed Under: advertising, brand safety, elon musk, linda yaccarino
Companies: twitter, x

NYPD Moves Towards Encrypting Radio Transmissions After Years Of Decrying Encryption Use By The General Public

(Mis)Uses of Technology

from the our-security-trumps-your-security dept

New York City residents will, once again, be asked to foot the bill for NYPD efforts that solely benefit the nation’s largest police department. It’s not enough that they’ve been asked to spend hundreds of millions of dollars every year to bail out officers hit with civil rights lawsuits. It’s not enough that they’ve been asked to foot the bill for the NYPD’s repeated refusal to comply with public records laws.

Now, they’re being asked to pay for even more opacity, this time taking the form of full encryption of police/dispatch radio transmissions.

The NYPD is set to fully encrypt its radio broadcasts by the end of next year as part of a nearly $400 million planned system upgrade — setting off alarm among local politicians and press advocates.

[…]

The NYPD’s massive network of radio communications is expected to go dark by the end of 2024 as the department switches from an analog to a digital network, according to Chief of Information Technology Robert Beltran.

This will effectively cut one form of public oversight out of the loop. Journalists and others keeping an eye on police activity will no longer be able to perform this public service. Instead, the NYPD will spend $400 million in public funds to ensure only cops know what cops are up to.

A decade ago, the NYPD was actually encouraging people to keep their smartphones updated to ensure they could avail themselves of device and communication encryption offerings. Not long after that, the tune changed, led by Police Commissioner Bill Bratton and Manhattan DA Cyrus Vance.

Bill Bratton, following the lead of then-FBI Director James Comey, said device encryption “did a terrible disservice to the public” by making it more difficult for police to obtain data and communications from seized phones. Bratton also claimed the move towards default device encryption (as well as end-to-end encryption for communications) was nothing more than mercenary behavior by device manufacturers that served nothing more than their bottom line.

Cyrus Vance engaged in his own brand of encryption demonization, claiming (without supporting facts) the NYPD was sitting on dozens of uncrackable devices, insinuating that all the phones he tossed on the press conference table were loaded with evidence crucial to ongoing investigations and prosecutions. “Warrant-proof” was the term deployed by DA Vance, a term frequently deployed by consecutive FBI directors as they complained about the public being allowed to secure their devices and communications.

But encryption is apparently ok if it’s the PD using it. That’s the takeaway from this planned deployment, which NYPD officials claim is crucial to ensuring officer safety. That it helps prevent the public from keeping an eye on cops is just an added bonus — one that is deliberately ignored when police officials discuss the encryption rollout. According to the NYPD, the fact that the NYPD communicates anything at all through social media accounts and press releases is far more than the public deserves.

Beltran said the switch was necessary to protect cops and the personal details of crime victims, arguing during the hearing that the police department can be trusted to get important information out to the public in a timely manner.

“The department provides information to reporters many times a day every day. We also have hundreds of digital media officers assigned to precincts that are also updating information on social media in real time,” he said.

Yes, the city’s journalists and citizens should be thrilled to be blessed by fully vetted PR releases, rather than being allowed to draw their own conclusions from radio transmissions and activity witnessed at crime scenes — ones they’re able to locate thanks to previously unencrypted transmissions.

Somewhat ironically, one of the most notable victims of this shift to encryption is the controversial crime-reporting app, Citizen. This app — and its developers — have courted controversy in the past by encouraging users to act as ambulance chasers and rush to crime scenes to provide other users with footage and speculation. The company that courted voyeurs and vigilantes is now a bit nonplussed that this shift to encryption will render its product mostly useless.

“We have spent six years building up this network and saving a tremendous amount of lives and this threatens all of this progress,” said Andrew Frame, CEO of Citizen, adding that many New Yorkers rely on the app to stay safe.

I can believe the “six years building up this network.” The claim that Citizen has “saved” lots of lives is completely ridiculous. The app was never about improving public safety. It was always about filling crime scenes with rubberneckers and encouraging people’s worst impulses.

That’s not to say the NYPD has completely cut the public out of the loop. It claims it might let a few chosen partners (journalists, Citizen) engage in virtual ride-alongs via limited feed access, but it won’t make that decision until long after the heat has died down.

The NYPD hasn’t ruled out allowing the press or companies like Citizen to tune in, said Beltran, while noting that such a plan — which could include granting delayed access to the feeds — is under a departmental review that won’t be completed until after the entire network is encrypted.

In other words, the NYPD will go dark first. Then it will engage in the much longer process of determining who’s allowed to listen in — a process that I imagine will involve months or years of discussion, followed by months or years of inaction NYPD officials will claim is actually “implementation.”

The NYPD is “going dark,” something it claims is necessary to keep it safe and secure. But it’s not willing to extend the same courtesy to the people it serves. And it certainly won’t be bothered by the extra layer of opacity it provides. The taxpayers lose. Again. And they’re expected to pay for this privilege.

Filed Under: encryption, nypd, transparency

Daily Deal: The Complete 2024 CompTIA Certification Training Super Bundle by IDUNOVA

Deals

from the good-deals-on-cool-stuff dept

The Complete 2024 CompTIA Certification Training Super Bundle by IDUNOVA has 15 courses to help you prepare for various CompTIA certification exams. Courses cover everything from the fundamentals to cloud essentials to cybersecurity. The bundle is on sale for $80.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

Filed Under: daily deal

Meta Joins Google In Turning Its Back On The Open Web, And Embracing Unconstitutional Mandates That Pretend To ‘Protect The Children’

Policy

from the keep-pulling-up-the-ladder dept

A month ago we wrote about Google effectively “pulling up the ladder” on the open internet by embracing age verification mandates as part of a regulatory approach to child safety. As we pointed out at the time, this is bizarre and stupid for a variety of reasons, but also not too surprising.

It’s bizarre because mandates like that have recently been found unconstitutional by multiple courts. It’s stupid because there’s little evidence that age verification does anything useful, and lots of evidence that it’s actually dangerous, because in verifying ages, services need to collect a lot of personal data which is then put at risk.

It’s not surprising because the big tech companies are now facing real competition for the first time in a while, and have learned that regulatory mandates may become their only useful moat against upstart competitors.

As we noted in that original article, while Google had been somewhat better than others, Meta had already shown a willingness to throw the open internet under the bus to appease regulators. It turned the political tide on FOSTA by supporting it wholeheartedly. It has loudly embraced support for reforming Section 230, which would give Meta a huge leg up on competitors who could no longer rely on 230’s protections.

So it should be little surprise that Meta has now come out with a similar statement to Google’s, embracing mandates on parental controls. As with FOSTA, which Sheryl Sandberg wrote about in highly emotional language, Meta’s embrace of these mandates came from the company’s “Global Head of Safety,” Antigone Davis, and again uses emotional appeals.

My daughter was 12 years old when we gave her her first phone. It wasn’t an easy decision, and I agonized over whether it was the right time. As a former teacher, advisor to a state attorney general, and now an executive at Meta — I’ve dedicated my career to protecting children online. You’d think I would be confident of the right rules and guardrails to put in place for my daughter, but I worried all the same.

If you’re focused on child safety, maybe you could start by not using your child as a prop in your political ploy?

And, look, if Meta wants to use age verification or set up parental controls, it should go for it. After all, the latest less-redacted version of the lawsuit dozens of states filed against Meta shows that the company “routinely documented” how those under 13 were using Instagram, despite being banned under the company’s terms. So, it’s a bit rich for Meta to now say that there needs to be government mandates for such technology. Why not just implement it themselves?

Again, the reality here is that Meta seems focused on pulling up that open internet ladder, and you can see it in the details of this new announcement. First of all, the demand for a mandate would mean that other, much smaller competitors would also have to implement the expensive and ineffective technology that Meta never did, limiting their ability to grow.

But even more nefarious is that Meta’s embrace of these mandates also seeks to make sure that the major part of the burden doesn’t fall on Meta, but on Apple and Google. Because it suggests the age verification and parental controls should take place in the app stores.

Parents should approve their teen’s app downloads, and we support federal legislation that requires app stores to get parents’ approval whenever their teens under 16 download apps. With this solution, when a teen wants to download an app, app stores would be required to notify their parents, much like when parents are notified if their teen attempts to make a purchase. Parents can decide if they want to approve the download. They can also verify the age of their teen when setting up their phone, negating the need for everyone to verify their age multiple times across multiple apps. 

Of course, as we keep pointing out, for many kids, parents are the problem. How would this kind of system work when there is an LGBTQ child searching for information or communities where they can express themselves or learn, and they have parents who are not open minded about such things?

This is a proposal that would harm many kids. Over and over again the research shows that one of the most important parts of the internet in kids’ lives is that they can use it to find their communities and better explore their own identities.

Yes, there’s a role for parents, teaching kids how to be safe, and when to know to ask for help. But that should never mean that parents (especially of teenagers) spy on every little thing that a kid does.

Yet that’s what Meta’s proposal is suggesting.

Teaching kids to be good digital citizens means teaching them about the dangers online, how to recognize them and keep themselves safe. Meta’s proposal is inserting Google and Apple as gatekeepers and taking agency away from kids, making them less prepared for the adult world that they’ll have to deal with eventually.

It’s fundamentally an approach that undermines helping kids grow into adults, all while pretending to “protect” the kids. Protect them from real life? Protect them by making sure their parents spy on every app they use? It’s a horrible plan, and a cynical one from a company that has embraced a cynical, political approach to everything.

Yes, Meta is getting hit from all sides about child safety claims, much of it driven by moral panics. So I get the decision to come out with some sort of plan to claim to politicians that “we’re doing something, and we’re not against regulations.” But this plan is bad, it’s dangerous, it’s cynical, and it appears designed to be anti-competitive at the same time.

Filed Under: age verification, antigone davis, app stores, parental controls, protect the children
Companies: meta

FCC Moves Slowly To Update Definition Of Broadband To Something Still Pathetic

Broadband

from the keeping-the-bar-at-ankle-height dept

For decades, the FCC has maintained an arguably pathetic definition of “broadband,” allowing the telecom industry to under-deliver substandard access. And despite some new rhetoric from the agency under Biden, that doesn’t appear to be changing anytime soon.

Broadband was originally defined as any 200 kbps connection. In 2010, that pathetic definition was changed to a slightly less pathetic definition: 4 Mbps downstream, 1 Mbps upstream. In 2015, it was changed again to a slightly more reasonable but still pathetic 25 Mbps downstream, 3 Mbps upstream, where it resides today.

For eight years straight everybody from consumer groups to the GAO told the FCC that the sluggish 25/3 definition didn’t reflect modern standards, and let the telecom industry get away with providing substandard service. The Trump FCC’s response: to propose lowering the definition even further.

Recently the Biden FCC proposed finally updating the definition of broadband to something more modern. A recent Notice of Inquiry (NOI) issued by the agency indicates they’re looking at 100 Mbps downstream, and 20 Mbps upstream as the new standard:

“we seek comment on the appropriate standards for evaluating the physical deployment of fixed and mobile broadband service, including proposing to increase our benchmark for fixed broadband download speed to 100 megabits per second (Mbps) and the upload speed to 20 Mbps.”

They’re just pushing the idea and seeking public comment. An actual update of the definition of broadband is still some distance away.

Originally, Senators had prodded the FCC to impose a cleaner, symmetrical 100 Mbps (upstream and downstream) standard definition of broadband. But after lobbying from cable and wireless companies that can’t consistently deliver 100 Mbps upstream, the definition was weakened to help companies pretend their services are more cutting edge than they actually are.

The FCC’s NOI asks if the agency should maybe consider imposing a speed standard of 1 Gbps downstream, 500 Mbps upstream, but industry watchers like Doug Dawson correctly note that it’s hard to take the agency seriously on that front:

“Setting a future theoretical speed goal is a feel-good exercise to make it sound like FCC policy will somehow influence the forward march of technology upgrades. This is exactly the sort of thing that talking-head policy folks do when they create 5-year and 10-year broadband plans.”

Big ISPs have of course fought any effort to improve U.S. broadband speed metrics every step of the way. Keeping the definition of broadband set at ankle height helps obfuscate the industry’s ongoing failure to deliver next-generation broadband in a timely basis despite billions in subsidies, tax breaks, and regulatory favors that were all supposed to help deliver uniform broadband access.

It works in concert with the FCC’s historically shitty broadband maps to obfuscate market failure, limited competition, and the perils of concentrated monopoly power. Better data and higher standards would highlight widespread market failure prompting calls to hold concentrated telecom power accountable, and we certainly wouldn’t want that.

When it comes to telecom policy, the GOP operates in absolute synchronized lockstep with widely disliked companies like AT&T and Comcast. The lion’s share of Democrats, in contrast, like to put on a good show that they care about the consumers in this equation, but the vast majority of proposals they push still wind up being long overdue and largely decorative.

Filed Under: broadband, digital divide, gigabit, high speed internet, telecom