Which ISPs Hand Private Surfing Info Over To Secretive Private Group Who Monitors It For The Feds?

from the feeling-safe? dept

So this is just bizarre. I saw a Wired report about a talk by a guy named Chet Uber, who claimed he helped connect Adrian Lamo to the feds in order to turn in Bradley Manning (the Army intelligence analyst accused of leaking content to Wikileaks), but Uber's little talk raised a number of other issues unrelated to Manning/Lamo. Specifically, towards the end of this Forbes piece about Uber and his organization, Project Vigilant comes a little shocker about how the firm spies on internet traffic for the US government:
According to Uber, one of Project Vigilant's manifold methods for gathering intelligence includes collecting information from a dozen regional U.S. Internet service providers (ISPs). Uber declined to name those ISPs, but said that because the companies included a provision allowing them to share users' Internet activities with third parties in their end user license agreements (EULAs), Vigilant was able to legally gather data from those Internet carriers and use it to craft reports for federal agencies. A Vigilant press release says that the organization tracks more than 250 million IP addresses a day and can "develop portfolios on any name, screen name or IP address."

"We don't do anything illegal," says Uber. "If an ISP has a EULA to let us monitor traffic, we can work with them. If they don't, we can't."

And whether that massive data gathering violates privacy? The organization says it never looks at personally identifying information, though just how it defines that information isn't clear, nor is how it scrubs its data mining for sensitive details.
Uh... what? Given the uproar and then Congressional smackdown to ISPs that tried to monitor such information for advertising purposes, that doesn't seem right at all. Sneaking a clause into an EULA saying that it's handing all your info over to a private party who will monitor it for the feds (maybe) and whoever else they want doesn't really seem aboveboard or legal despite the claims. It's also highly unlikely that it "never looks at personally identifying information." Nearly everyone who's ever claimed that has been proven wrong later.

The whole thing seems really sketchy, and as Glenn Greenwald notes, it appears to be an attempt to skirt the law:
There are serious obstacles that impede the Government's ability to create these electronic dossiers themselves. It requires both huge resources and expertise. Various statutes enacted in the mid-1970s -- such as the Privacy Act of 1974 -- impose transparency requirements and other forms of accountability on programs whereby the Government collects data on citizens. And the fact that much of the data about you ends up in the hands of private corporations can create further obstacles, because the tools which the Government has to compel private companies to turn over this information is limited (the fact that the FBI is sometimes unable to obtain your "transactional" Internet data without a court order -- i.e., whom you email, who emails you, what Google searches you enter, and what websites you visit --is what has caused the Obama administration to demand that Congress amend the Patriot Act to vest them with the power to obtain all of that with no judicial supervision).

But the emergence of a private market that sells this data to the Government (or, in the case of Project Vigilance, is funded in order to hand it over voluntarily) has eliminated those obstacles. As a result, the Government is able to circumvent the legal and logistical restrictions on maintaining vast dossiers on citizens, and is doing exactly that. While advertisers really only care about your online profile (IP address) in order to assess what you do and who you are, the Government wants your online activities linked to your actual name and other identifying information.
So, since Uber and Project Vigilant won't say who these 12 ISPs are, can anyone help us out? What are the 12 ISPs out there who, via sneaky language in their EULAs are simply handing over your private data to some company to sell to the US government?

Filed Under: government, isps, monitoring
Companies: project vigilant


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Ross Wolf, 3 Aug 2010 @ 3:59pm

    The FBI recently asked for the power to obtain without warrants, Citizens’ “electronic communication transactional records” including email addresses they used to send communications. If the FBI’s request for warrant-less Internet surveillance is granted, Citizens to avoid federal conspiracy charges will have to report to police (every email) they receive that might allude to anything illegal.

    FBI’s request for no warrant Internet surveillance can’t be viewed separately: if pending bills in Congress pass, the FBI can then use its warrant-less Internet surveillance to arrest and indefinitely detain Americans on mere suspicion not evidence, based on their Internet Activity. Private information the FBI derives from warrant-less searches of emails and Internet Activity—could potentially be used by U.S. Government to blackmail, target anyone though government harassment, prosecution or civil asset forfeiture because he or she disagreed with government.

    Will lawful Internet Activity, be used by Government to detain/arrest Americans without probable cause? On March 4, 2010, Sen. McCain introduced The “Enemy Belligerent Interrogation, Detention, and Prosecution Act of 2010.” McCain’s bill would eliminate several Constitutional protections allowing Government to arbitrarily pick up Americans on mere suspicion—with no probable cause. Under McCain’s bill, your political opinions and statements made on web postings and in emails against U.S. Government and others could be used by authorities to deem you a “hostile” “Enemy Belligerent” to cause your arrest and indefinite detention. U.S. activists and individuals under McCain’s bill would be extremely vulnerable to detention or prosecution, if (charged with suspicion) of “intentionally providing support to hostilities or an Act of Terrorism”, for example American activists can’t control what other activists might do illegally—they network by email domestically and overseas. The Government under McCain’s bill would need only allege an individual kept in military detention, is an Unprivileged Enemy Belligerent suspected of; having engaged in hostilities against the United States; its coalition partners; or Civilians or (has) purposefully and materially supported hostilities against the United States; its coalition partners or U.S. civilians. Detained Americans can be denied legal counsel.

    Alarmingly the Obama Government recently employed a vendor to search Internet social networking sites to collect information about Americans that could potentially be used by this government to injure Americans, for example, if you apply for a federal job, your name might be crossed referenced by the Obama Government with comments you made at Websites against Obama; or if you make application at a bank for a loan the Government has control since the financial crisis, could your Internet comment(s) prevent you getting that loan? Obama’s monitoring of the Internet sites can too easily be used by Government to intimidate, coerce and extort Corporations and Citizens from speaking out.

    See McCain’s 12-page Senate bill S.3081 The “Enemy Belligerent Interrogation, Detention, and Prosecution Act of 2010 at: assets.theatlantic.com/static/mt/assets/politics/ARM10090.pdf

    Obama gave a speech in May 2010 that asked Congress to pass legislation to give the President power, to detain any person in the U.S. that government deems a “combatant” or likely to engage in a violent act in the future. President Obama wants the power to incarcerate U.S. Citizens not on evidence, but for what they might do. Obama wants the power to override the U.S. Constitution, to detain indefinitely any American based on conjecture her or she might do something violent in the future. If Obama’s proposal to detain Americans without probable cause is approved, and FBI is granted warrant-less searches of the Internet, it is foreseeable Government could use anyone’s Internet activity including emails to claim an individual or lawful organization might do something violent in the future to order their indefinite detainment. See: Obama Sound-Video asking for power to detain people without probable cause at:
    http://www.brasschecktv.com/page/630.html

    What the recent Washington Post Report, (Secret America) did not mention: in the U.S., government-private contractors and their operatives work so close with U.S. law enforcement, exchanging information to arrest Americans and or share in the forfeiture of their assets, they appear to have merged with police. Similarly in 1933 Hitler merged his private police the Gestapo with German national security. Before the Gestapo was consolidated with the German Government, the Gestapo arrested Citizens and confiscated private property with no legal authority. However U.S. Government has already granted that power to private U.S. contractors. In 1939 all German Police agencies including the Gestapo were put under the control of the "Reich Main Security Office” the equivalent of U.S. Homeland Security.

    Can History repeat itself? Should there be a radical change of U.S. Government, history shows law enforcement is generally not replaced; that police will work for—e.g. a fascist U.S. Government; communist or other despot government—against the interests of Citizens. Note: The German police first worked for a democracy before Hitler; then worked for the Nazi Fascists; then joined the Soviet Union’s East German Police (Stasi) believed to be the world most oppressive police force until the German Wall came down. Consequently it should be expected U.S. Government security contractors and private mercenary corporations would work for a despot U.S. Government.

    If FBI warrant-less Internet Spying is approved, it is problematic the FBI will share its spying with law enforcement, government contractors and private individuals that have security clearances to facilitate the arrest and forfeiture of Americans’ property—-to keep part of the bounty. Police too easily can take an innocent person’s hastily written email, Internet fax, phone call or web activity out of context to allege a crime or violation was committed to cause an arrest or confiscation of someone’s property. There are over 200 U.S. laws and violations mentioned in the Civil Asset Forfeiture Reform Act of 2000 and the Patriot Act that can subject property to civil asset forfeiture. Under federal civil asset forfeiture laws, a person or business need not be charged with a crime for government to forfeit their property.

    Rep. Henry Hyde’s bill HR 1658 passed, the “Civil Asset Forfeiture Reform Act of 2000” and effectively eliminated the “statue of limitations” for Government Civil Asset Forfeiture. The statute now runs five years from when police allege they “learned” that an asset became subject to forfeiture. With such a weak statute of limitations and the low standard of civil proof needed for government to forfeit property “A preponderance of Evidence”, it is problematic law enforcement and private government contractors will want access to FBI, NSA and other government Internet surveillance, including wiretaps perhaps illegal to arrest Americans and to seize their homes, assets and businesses under Title 18USC and other laws.

    Of obvious concern, what happens to fair justice in America if police and government contractors become dependent on “Asset Forfeiture” to pay their salaries and operating costs?

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.