The latest reporting on the Snowden docs by The Guardian shows that the UK's surveillance operation GCHQ was apparently well aware that its activities were almost certainly open to a "legal challenge" and therefore they were committed to keeping them secret to avoid such a challenge. Note that this is quite different than the official excuse always given about being worried about public disclosure putting national security at risk by revealing "sources and methods." Instead, here it seems clear that the secrecy was for the very reason that many of us suspected: they were pretty sure they're breaking the law, or at least coming so close that it was something the courts would eventually have to decide... but only if the info got out. And, it wasn't just them. They realized that the telcos willingness in passing on info likely opened up other legal challenges as well.
GCHQ lobbied furiously to keep secret the fact that telecoms firms had gone "well beyond" what they were legally required to do to help intelligence agencies' mass interception of communications, both in the UK and overseas.
GCHQ feared a legal challenge under the right to privacy in the Human Rights Act if evidence of its surveillance methods became admissible in court.
GCHQ assisted the Home Office in lining up sympathetic people to help with "press handling", including the Liberal Democrat peer and former intelligence services commissioner Lord Carlile, who this week criticised the Guardian for its coverage of mass surveillance by GCHQ and America's National Security Agency.
Amazingly, they seem to admit that the fear of a public debate/legal challenge was the key reason they fought (and won) a battle to keep such evidence out of trials. That is, even though they could have gone with the old favorite of "national security," instead, they finally admitted reality:
Our main concern is that references to agency practices (ie the scale of interception and deletion) could lead to damaging public debate which might lead to legal challenges against the current regime.
That other point mentioned above, about telcos going "above and beyond" in voluntarily handing over access is also pretty big, considering that the telcos in question had tried the "we're just complying with the law" excuse in the past. But, evidently, they were lying.
The revelations of voluntary co-operation with some telecoms companies appear to contrast markedly with statements made by large telecoms firms in the wake of the first Tempora stories. They stressed that they were simply complying with the law of the countries in which they operated.
In reality, numerous telecoms companies were doing much more than that, as disclosed in a secret document prepared in 2009 by a joint working group of GCHQ, MI5 and MI6.
Later in the report, a GCHQ memo notes that telcos "feared damage to their brands" if the extent of their over-cooperation was revealed. You know how they could have dealt with that? By not going so far above and beyond the law. But, once again, it seems like the telcos have been incredibly willing to screw over their own customers' privacy at every opportunity.
One of the ironies of European outrage over the global surveillance conducted by the NSA and GCHQ is that in the EU, communications metadata must be kept by law anyway, although not many people there realize it. That's a consequence of the Data Retention Directive, passed in 2006, which:
requires operators to retain certain categories of data (for identifying users and details of phone calls made and emails sent, excluding the content of those communications) for a period between six months and two years and to make them available, on request, to law enforcement authorities for the purposes of investigating, detecting and prosecuting serious crime and terrorism.
Notice the standard invocation of terrorism and serious crime as a justification for this kind of intrusive data gathering -- the implication being that such highly-personal information would only ever be used for the most heinous of crimes. In particular, it goes without saying that there is no question of it being accessed for anything more trivial -- like this, say:
Some Dutch telecommunications and Internet providers have exploited European Union laws mandating the retention of communications data to fight crime, using the retained data for unauthorised marketing purposes.
Of course, the news will come as no surprise to the many people who warned that exactly this kind of thing would happen if such stores of high-value data were created. But it does at least act as a useful reminder that whatever the protestations that privacy-destroying databases will only ever be used for the most serious crimes, there is always the risk of function creep or -- as in the Netherlands -- outright abuse. The only effective way to stop it is not to retain such personal information in the first place.
The Washington Post is out with the latest revelations from the Snowden leaks and it shows that the NSA relies on foreign telcos and "allied" intelligence agencies to scoop up data on email contact lists and instant messaging buddy lists to help build its giant database of connections. Remember a few weeks ago how it was reported that the NSA was basically building a secret shadow social network? It seems like this might be one of the ways it's able to tell who your friends are.
There are a variety of important points here. First off, this information is not coming directly from the tech companies (which, again, suggests that earlier claims that the NSA had direct access to all their servers was mistaken). Rather they're picking this information up off the backbone connections in foreign countries. It also explains why they get so much data from Yahoo -- because, for no good reason at all, Yahoo hasn't forced encryption on its webmail users until... the news of this started to come out.
And here's the big problem: because all of this information is collected overseas, rather than at home, it's not subject to "oversight" (and I use that term loosely) by the FISA court or Congress. Those two only cover oversight for domestic intelligence. The fact that the NSA can scoop up all this data overseas is just a bonus.
Also, while the program is ostensibly targeted at "metadata" concerning connections between individuals, the fact that it collects "inboxes" and "buddy lists" appears to reveal content at times. With buddy lists, it can often collect content that was sent while one participant was offline (where a server holds the message until the recipient is back online), and with inboxes, they often display the beginning of messages, which the NSA collects.
Separately, because this is allowing them to gather so much data, it apparently overwhelmed the NSA's datacenters. At times, this is because they get inundated with... spam. For example, one of the documents revealed show that a target they had been following in Iran had his Yahoo email address hacked for spamming, and that presented a problem:
In fall 2011, according to an NSA presentation, the Yahoo account of an Iranian target was “hacked by an unknown actor,” who used it to send spam. The Iranian had “a number of Yahoo groups in his/her contact list, some with many hundreds or thousands of members.”
The cascading effects of repeated spam messages, compounded by the automatic addition of the Iranian’s contacts to other people’s address books, led to a massive spike in the volume of traffic collected by the Australian intelligence service on the NSA’s behalf.
After nine days of data-bombing, the Iranian’s contact book and contact books for several people within it were “emergency detasked.”
Because of this mess, the NSA has tried to stop collecting certain types of information, doing "emergency detasks" of certain collections. This, yet again, shows how ridiculous Keith Alexander's "collect it all" mantra is. When you collect it all, you get inundated with a ton of bogus data, and the information presented here seems to support that.
Over the past several months, the Obama Administration has defended the government's far-reaching data collection efforts, arguing that only criminals and terrorists need worry. The nation's leading internet and telecommunications companies have said they are committed to the sanctity of their customers' privacy.
I have some very personal reasons to doubt those assurances.
In 2004, my telephone records as well as those of another New York Times reporter and two reporters from the Washington Post, were obtained by federal agents assigned to investigate a leak of classified information. What happened next says a lot about what happens when the government's privacy protections collide with the day-to-day realities of global surveillance.
The story begins in 2003 when I wrote an article about the killing of two American teachers in West Papua, a remote region of Indonesia where Freeport-McMoRan operates one of the world's largest copper and gold mines. The Indonesian government and Freeport blamed the killings on a separatist group, the Free Papua Movement, which had been fighting a low-level guerrilla war for several decades.
I opened my article with this sentence: "Bush Administration officials have determined that Indonesian soldiers carried out a deadly ambush that killed two American teachers."
I also reported that two FBI agents had travelled to Indonesia to assist in the inquiry and quoted a "senior administration official" as saying there "was no question there was a military involvement.''
The story prompted a leak investigation. The FBI sought to obtain my phone records and those of Jane Perlez, the Times bureau chief in Indonesia and my wife. They also went after the records of the Washington Post reporters in Indonesia who had published the first reports about the Indonesian government's involvement in the killings.
As part of its investigation, the FBI asked for help from what is described in a subsequent government report as an "on-site communications service" provider. The report, by the Department of Justice's Inspector General, offers only the vaguest description of this key player, calling it "Company A.''
"We do not identify the specific companies because the identities of the specific providers who were under contract with the FBI for specific services are classified,'' the report explained.
Whoever they were, Company A had some impressive powers. Through some means – the report is silent on how – Company A obtained records of calls made on Indonesian cell phones and landlines by the Times and Post reporters. The records showed whom we called, when and for how long -- what has now become famous as "metadata."
Under DOJ rules, the FBI investigators were required to ask the Attorney General to approve a grand jury subpoena before requesting records of reporters' calls. But that's not what happened.
Instead, the bureau sent Company A what is known as an "exigent letter'' asking for the metadata.
A heavily redacted version of the DOJ report, released in 2010, noted that exigent letters are supposed to be used in extreme circumstances where there is no time to ask a judge to issue a subpoena. The report found nothing "exigent'' in an investigation of several three-year-old newspaper stories.
The need for an exigent letter suggests two things about Company A. First, that it was an American firm subject to American laws. Second, that it had come to possess my records through lawful means and needed legal justification to turn them over to the government.
The report disclosed that the agents' use of the exigent letter was choreographed by the company and the bureau. It said the FBI agent drafting the letter received "guidance" from "a Company A analyst.'' According to the report, lawyers for Company A and the bureau worked together to develop the approach.
Not surprisingly, "Company A" quickly responded to the letter it helped write. In fact, it was particularly generous, supplying the FBI with records covering a 22-month period, even though the bureau's investigation was limited to a seven-month period. Altogether, "Company A" gave the FBI metadata on 1,627 calls by me and the other reporters.
Only three calls were within the seven-month window of phone conversations investigators had decided to review.
It doesn't end there.
The DOJ report asserts that "the FBI made no investigative use of the reporters' telephone records." But I don't believe that is accurate.
In 2007, I heard rumblings that the leak investigation was focusing on a diplomat named Steve Mull, who was the deputy chief of mission in Indonesia at the time of the killings. I had known Mull when he was a political officer in Poland and I was posted there in the early 1990s. He is a person of great integrity and a dedicated public servant.
The DOJ asked to interview me. Of course, I would not agree to help law enforcement officials identify my anonymous sources. But I was troubled because I felt an honorable public servant had been forced to spend money on lawyers to fend off a charge that was untrue. After considerable internal debate, I decided to talk to the DOJ for the limited purpose of clearing Mull.
It was not a decision I could make unilaterally. The Times also had a stake in this. If I allowed myself to be interviewed, how could the Times say no the next time the government wanted to question a Times reporter about a leak?
The Times lawyer handling this was George Freeman, a journalist's lawyer, a man Times reporters liked having in their corner. George and the DOJ lawyers began to negotiate over my interview. Eventually, we agreed that I would speak on two conditions: one, that they could not ask me for the name of my source; and two, if they asked me if it was ‘X,' and I said no, they could not then start going through other names.
Freeman and I sat across a table from two DOJ lawyers. I'm a lawyer, and prided myself on being able to answer their questions with ease, never having to turn to Freeman for advice.
Until that is, one of the lawyers took a sheaf of papers that were just off to his right, and began asking me about phone calls I made to Mull. One call was for 19 minutes, the DOJ lawyer said, giving me the date and time. I asked for a break to consult with Freeman.
We came back, and answered questions about the phone calls. I said that I couldn't remember what these calls were about – it had been more than four years earlier – but that Mull had not given me any information about the killings. Per our agreement, the DOJ lawyers did not ask further questions about my sources, and the interview ended.
I didn't know how the DOJ had gotten my phone records, but assumed the Indonesian government had provided them. Then, about a year later, I received a letter from the FBI's general counsel, Valerie Caproni who wrote that my phone records had been taken from "certain databases" under the authority of an "exigent letter,'' (a term I had never heard).
Caproni sent similar letters to Perlez, to the Washington Post reporters, and to the executive editors of the Post and the Times, Leonard Downie and Bill Keller, respectively. In addition, FBI Director Robert Mueller called Downie and Keller, according to the report.
Caproni wrote that the records had not been seen by anyone other than the agent requesting them and that they had been expunged from all databases.
I'm uneasy because the DOJ report makes clear that the FBI is still concealing some aspect of this incident. After describing Caproni's letters, the report says: "However, the FBI did not disclose to the reporters or their editors that [BLACKED OUT]." The thick black lines obliterate what appear to be several sentences.
If you were to ask senior intelligence officials whether I should wonder about those deletions, they'd probably say no.
I'm not so sure.
The government learned extensive details about my personal and professional life. Most of those calls were about other stories I was writing. Some were undoubtedly to arrange my golf game with the Australian ambassador. Is he now under suspicion? The report says the data has been destroyed and that only two analysts ever looked at it.
But who is this 'Company A" that willingly cooperated with the government? Why was it working hand in glove with the FBI? And what did the FBI director not tell the editors of the Times and the Washington Post when he called them acknowledging the government had improperly obtained reporter's records?
We already covered the latest Guardian report on the NSA and GCHQ's attempts to compromise Tor. While those have failed to directly break Tor, they were more successful effectively exploiting vulnerabilities in Firefox to target certain Tor users. Bruce Schneier has a more focused article on how those attacks worked, and as a part of that, detailed how the NSA and GCHQ are effectively able to do man-in-the-middle attacks on giant websites, something that is really only possible because of the major telcos letting the NSA put servers directly off the backbone. As we noted last month, buried in one of the earlier Snowden leaks was the news that the GCHQ and NSA were likely running man-in-the-middle attacks on Google. The latest leaks show why those work. As Schneier explains:
To trick targets into visiting a FoxAcid server, the NSA relies on its secret partnerships with US telecoms companies. As part of the Turmoil system, the NSA places secret servers, codenamed Quantum, at key places on the internet backbone. This placement ensures that they can react faster than other websites can. By exploiting that speed difference, these servers can impersonate a visited website to the target before the legitimate website can respond, thereby tricking the target's browser to visit a Foxacid server.
In the academic literature, these are called "man-on-the-middle" attacks, and have been known to the commercial and academic security communities. More specifically, they are examples of "man-on-the-side" attacks.
They are hard for any organization other than the NSA to reliably execute, because they require the attacker to have a privileged position on the internet backbone, and exploit a "race condition" between the NSA server and the legitimate website. This top-secret NSA diagram, made public last month, shows a Quantum server impersonating Google in this type of attack.
The NSA uses these fast Quantum servers to execute a packet injection attack, which surreptitiously redirects the target to the FoxAcid server. An article in the German magazine Spiegel, based on additional top secret Snowden documents, mentions an NSA developed attack technology with the name of QuantumInsert that performs redirection attacks. Another top-secret Tor presentation provided by Snowden mentions QuantumCookie to force cookies onto target browsers, and another Quantum program to "degrade/deny/disrupt Tor access".
Schneier also notes that this is basically the same technique the Chinese have used for their Great Firewall. In other words, the complicit nature of the telcos in basically giving the NSA and GCHQ incredibly privileged access to the backbone is part of what allows them to conduct those kinds of man-in-the-middle attacks. It still amazes me that there isn't more outrage over the role of the major telcos in all of this.
The other interesting thing about the FoxAcid servers is that it's basically a system that gives the NSA a rotating menu of ways to exploit a visitor who gets hooked on one of their servers. It also notes that the NSA is pretty careful about how it uses various exploits, such that "low-value exploits" are used against more technically sophisticated targets, recognizing that they're more likely to be discovered, and thus burned. They save the "most valuable exploits" for less technically savvy targets, and also the most important targets. This is hardly surprising, but interesting to see the level with which they plan these things out.
It's widely known that the NSA has taps connected to the various telco networks, thanks in large part to AT&T employee Mark Klein who blew the whistle on AT&T's secret NSA room in San Francisco. What was unclear was exactly what kind of access the NSA had. Various groups like the EFF and CDT have both been asking the administration to finally come clean, in the name of transparency, if they're tapping backbone networks to snarf up internet communications like email. So far, the administration has declined to elaborate. Back in August, when the FISA court declassified its ruling about NSA violations, the third footnote, though heavily redacted, did briefly discuss this "upstream" capability:
In short, "upstream" capabilities are tapping the backbone itself, via the willing assistance of the telcos (who still have remained mostly silent on all of this) as opposed to "downstream" collection, which requires going to the internet companies directly. The internet companies have been much more resistant to government attempts to get access to their accounts. And thus, it's a big question as to what exactly the NSA can collect via its taps on the internet backbone, and the NSA and its defenders have tried to remain silent on this point, as you can see from the redactions above.
However, as Kevin Bankston notes, during Thursday's Senate Intelligence Committee hearing, Dianne Feinstein more or less admitted that they get emails via "upstream" collection methods. As you can see in the following clip, Feinstein interrupts a discussion to read a prepared "rebuttal" to a point being made, and in doing so clearly says that the NSA can get emails via upstream collections:
Upstream collection... occurs when NSA obtains internet communications, such as e-mails, from certain US companies that operate the Internet background, i.e., the companies that own and operate the domestic telecommunications lines over which internet traffic flows.
She clearly means "backbone" rather than "background." She's discussing this in an attempt to defend the NSA's "accidental" collection of information it shouldn't have had. But that point is not that important. Instead, the important point is that she's now admitted what most people suspected, but which the administration has totally avoided admitting for many, many years since the revelations made by Mark Klein.
So, despite years of trying to deny that the NSA can collect email and other communications directly from the backbone (rather than from the internet companies themselves), Feinstein appears to have finally let the cat out of the bag, perhaps without realizing it.
A further delve into the latest NSA surveillance bombshell from the WSJ highlights the ridiculousness of the claims that there were "no violations" by the NSA over the years. We've been aware for a while that the FISC ruled a certain NSA program unconstitutional, but the details had been kept secret. It only came out that something was found unconstitutional a year ago, through the efforts of Senator Ron Wyden. Since then, people have been digging for more. The DOJ finally has agreed to release a redacted version of the FISC ruling after fighting it for a while, but as we wait, some more details have been coming out. Last week's Washington Post story about abuses claimed that this particular program wasn't reported to the FISC for "many months."
For example, a recent Snowden document showed that the surveillance court ruled that the NSA had set up an unconstitutional collection effort. Officials say it was an unintentional mistake made in 2008 when it set filters on programs like these that monitor Internet traffic; NSA uncovered the inappropriate filtering in 2011 and reported it.
No biggie. The NSA just illegally collected information that clearly violated the 4th Amendment (even the rubberstamp FISC says so!) for three years. But there's no abuse. No sir. No problems at all.
Marcy Wheeler, however, puts two and two together, and notes that the "start" of this admitted unconstitutional spying was in 2008 -- which is exactly when the telcos received immunity from all such cases involving warrantless wiretapping. And, so, she points out the administration and various NSA defenders may actually be using an incredibly twisted level of reasoning to claim that this program that violated the 4th Amendment doesn't count as a "violation" because since the telcos have immunity, there's no one to "prosecute" for breaking the law. Under this twisted interpretation, the government grants telcos retroactive immunity on such surveillance, and can then use that immunity to pretend that everything it does is legal since the telcos can't be prosecuted. If that turns out to be true, it's downright evil.
And, you wonder why the key part of CISPA was to basically extend blanket immunity on privacy violations between not just telcos and the government, but basically all tech companies. The more immunity the government grants, the more "legal" all its actions become. It's sickening.
The book came out in January, and around March, there was suddenly a bunch of one star reviews that started appearing that all had tell-tale signs of being fake. I spent an evening comparing the then 31 one-star reviews to the then 41 5-star reviews, noting some oddities in the one-star reviews. For example, almost none of the one-star reviewers had ever reviewed another product on Amazon, while nearly all of the 5-star reviewers had a bunch of other reviews. Most of the 1-star reviews felt the need to mention their profession and that they lived in a "rural" area for no clear reason at all. Almost none were "verified purchases" or used Amazon's Real Names program. I concluded that there was fairly strong and compelling evidence that these were astroturf reviews -- fake reviews put forth by the telco industry, their friends or lobbyists to try to drag down the star ratings of the book.
I never thought that defenders of the telcos would respond to the claims. After all, there are times when it really is best to shut up. However, it would seem that some cannot resist. Richard Bennett -- a long time apologist for the telcos' position on nearly everything -- has decided to step to the plate with an alternative theory for those obviously fake one-star reviews, and followed it up with a series of mocking tweets directed at me, claiming that I am a "poor journalist" for never even considering his alternate theory and suggesting that I would never "dare" to discuss it.
So, in the interest of "fairness," I thought I'd present the two competing theories side by side, and let the readers decide which one makes more sense. For some background, Bennett has been a long time denier of any problems with US broadband, insisting that it's been highly competitive and super fast and innovative for years and years. He works for ITIF, which was among those who fought hardest against net neutrality rules and was the "think tank" behind the original plan that turned into SOPA. When the MPAA was desperately seeking tech experts who would support SOPA, the only ones they turned up all had connections to ITIF (and weren't particularly experts on technology anyway). That gives you a hint of ITIF's standard operating procedures. More recently, Bennett co-authored a report claiming that US broadband was highly competitive and working wonderfully -- a report that was discredited thoroughly and repeatedly by a variety of experts, making it a bit of a laughing stock.
But... he's sure he knows where those one-star reviews came from. You see, as we mentioned in our original post, Bennett was among the short list of "named" reviewers of the book. As I noted, nearly all of the named reviewers were well known in DC telco policy circles, working for think tanks, like ITIF, that had a long history of repeating AT&T's talking points. I have no problem with that, because he was clearly named there, and didn't try to hide anything, and his one-star review was well written and gave a full explanation of his position. That's fine. So, here's his alternative theory, followed by my theory:
All of those obviously faked one-star reviews -- which he admits are clearly faked -- weren't actually done by telco lobbyist/astroturfers, but rather they were done by Free Press or their supporters, an organization that has been a big supporter of Crawford's book and the view that the telcos are abusing their power and providing us substandard broadband. But, you ask (and I did!), why would an organization like Free Press who supports Crawford's work litter her Amazon book page with one-star reviews? According to Bennett, the answer is obvious to someone of his great intellect (a rarefied club to which I do not belong): it was to do two things (1) bury his own absolutely brilliant critique of Crawford's work so that potential buyers would not read it and (2) so that six months later, a complete stooge like me would come along, find the fake reviews that were really written by Free Press (again, supporters of the book) and write an article blaming those reviews on telco lobbyists.
Because this is a slightly complex strategy, let me repeat it, just to be clear: Bennett is claiming that Free Press -- an organization that supports Crawford's book -- purposely sabotaged the reviews on the book's page, piling up about 25 obviously bogus one-star reviews solely to demote his own one-star review, and at the same time lead "gullible" people such as myself to pin the blame on telco shills.
His evidence for this is that his own brilliant review has many "unhelpful" votes and just a few "helpful" votes, and that could only have happened because Free Press set up this complex string of dominoes, knowing that one day I would tip them over, getting the story on Reddit and having lots of people on Reddit vote down his unimpeachable critique of Crawford's duplicitous book. Or, he believes, Free Press is so frightened by the intellectual might and persuasive power of his review, that it unleashed an unruly and uninformed mob of its followers armed with blatant misinformation, to click that his review was "unhelpful."
Or, you know, my theory: most of those one-star reviews were from telco astroturfing groups designed to pull down the star rating on the book.
I will in admit that, as Bennett suggests, I had not considered his alternative scenario, in part because I am simply not as smart as Bennett, but also (perhaps in larger part) because it sounds like the most ridiculous and convoluted strategy I've ever heard of, involving both a massive overvalued view of the important persuasive power of his own review, as well as a truly epic confusion about Amazon reviews and the process under which they work and how potential buyers view them. But, I will concede, his version is not impossible. Just completely nutty.
For what it's worth, since my original post did end up on the front page of Reddit, and got a ton of traffic, a bunch of folks added their own 5-star reviews (and one absolutely hilarious one-star parody review), which have since shifted the numbers so that there are many, many more five-star reviews on the book, many of which admit that they haven't read the book but are trying to counter the astroturf reviews. As I noted in my original story, I don't think this is particularly helpful, and Bennett now uses those reviews to argue that there is some sort of equivalence between the clearly faked astroturf reviews and the "faked" 5-star reviews.
So, there we go. Since Bennett claims that I am too gullible and stupid to see the truth, I will leave it up to the readers here to suss out which of the two theories is more plausible. Theory one, in which supporters of the book purposely sabotaged the ratings, driving down the overall star rating, just to bury Bennett's own brilliant review and get it buried with "unhelpful" votes, or the apparently facile explanation that the bogus one-star reviews came from telco astroturfers. And, of course, for Bennett's theory to be accurate, it would mean that people don't really care so much about the overall star ratings on a product as they do about how many "helpful/unhelpful" votes there are on each review -- and therefore loading up the book page with one-star reviews, just to drive people to vote Bennett's single review as "unhelpful" was the strategy. But, perhaps I'm wrong in my assumption that most people focus mainly on the star ratings, and Bennett in his vast store of knowledge has ferreted out the real plot from those nefarious consumer advocates at Free Press.
The U.S. government is quietly pressuring telecommunications providers to install eavesdropping technology deep inside companies' internal networks to facilitate surveillance efforts.
FBI officials have been sparring with carriers, a process that has on occasion included threats of contempt of court, in a bid to deploy government-provided software capable of intercepting and analyzing entire communications streams. The FBI's legal position during these discussions is that the software's real-time interception of metadata is authorized under the Patriot Act.
Attempts by the FBI to install what it internally refers to as "port reader" software, which have not been previously disclosed, were described to CNET in interviews over the last few weeks. One former government official said the software used to be known internally as the "harvesting program."
Isn't that great? Carriers don't know what effects the FBI's new toy will have on their systems and are perhaps even a little concerned that they're violating their customers' last remnants of privacy by allowing this, but turning down this "opportunity" means facing contempt charges. The situation presents only unappealing choices.
The FBI quickly responded with a statement declaring its actions to be "playing by the rules," as well as expressing its pure desire to help telecoms and service providers become better corporate citizens.
"Pen Register and Trap and Trace orders grant law enforcement the authority to collect dialing, routing, addressing, or signaling information associated with a target's communications. This information includes source and destination IP addresses and port numbers. In circumstances where a provider is unable to comply with a court order utilizing its own technical solution(s), law enforcement may offer to provide technical assistance to meet the obligation of the court order."
The FBI statement specifies "pen register" and "trap and trace," but the port readers gather far more information than the limited data available to those processes.
Federal law says law enforcement may acquire only "dialing, routing, addressing, or signaling information" without obtaining a wiretap. That clearly covers, for instance, the Internet Protocol address of a Web site that a targeted user is visiting. The industry-created CALEA standard also permits law enforcement to acquire timestamp information and other data.
But the FBI has configured its port reader to intercept all metadata -- including packet size, port label, and IPv6 flow data -- that exceeds what the law permits, according to one industry source.
Knowing that the FBI is harvesting much more than basic metadata calls into question the recent court decision declaring warrantless cell phone location tracking constitutional. According to the majority's argument, metadata created by phone usage is nothing more than a "business record." something that is freely available to law enforcement and intelligence agencies because it carries with it no reasonable expectation of privacy.
At what point is that "expectation" reestablished? If the court's argument holds for location data, it will likely hold for any sort of metadata created, no matter how specific it is. The same warrantless process is being used by the FBI to capture metadata on internet usage, email and phone information -- all without being challenged for privacy violations.
There's every indication that the FBI has had more metadata than pen registers/trap and trace were ever intended to harvest for quite some time now. Late last year, hackers broke into an FBI laptop which contained a .csv file full of iPhone users' data.
[The csv file contained] a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc.
Why an agent had the data of 12 million iPhone users stored on his laptop is inexplicable. According to the narrative, any "inadvertent" data gets swept into storage where it can only be "asked questions." This file dump shows the FBI isn't necessarily discarding or segregating "irrelevant" information, a problem that is only worsened by each additional form of "metadata" it scoops up.
At a bare minimum, the outdated laws applying to the limits of pen registers and trap and trace need to be updated, as does the general argument that phone users' interaction with their providers (via calls, internet usage, etc.) create nothing more than "business records." Continuing to ignore the fact that these agencies are abusing outdated laws to scoop up massive amounts of metadata on non-targeted users will only ensure this problem will get worse in the future.
The very first of the Ed Snowden leaks was a FISA court order to Verizon, ordering it to hand over information on every single phone call, on an "ongoing, daily basis." That order expired on July 19, 2013. Today. It quickly came out that the FISA court has been approving nearly identical orders every 90 days for about seven years, though the defenders of the program like to use that "it's only for 90 days" excuse to suggest there's "oversight." Still, given that the existence of this effort is now actually public, plenty of people are wondering whether or not the FISA court issued the expected followup. Of course, no one who knows wants to say anything.
The Obama administration is refusing to say whether it will seek to renew a court order that permits the National Security Agency's bulk collection of phone records on millions of Verizon customers when it expires at the end of this week.
Officials declined to discuss what action they intend to take about the order at the center of the current surveillance scandal, which formally expires at 5pm Friday.
That's because it's almost certain that it's already been renewed and rubber stamped by the FISA court. The White House told Guardian reporters to ask the Justice Department. Guess where that went:
The White House referred queries to the Justice Department. "We have no announcement at this time," said Justice Department spokesman Brian Fallon. The NSA and office of the Director of National Intelligence did not respond to questions.
A spokesman for the Fisa court, Sheldon Snook, said the court "respectfully declines to comment".
In other words: please, please, go away and can we hope this story dies down by the time the next 90-day window rolls around?
Thankfully, some members of Congress have told the White House not to seek a renewal, but it seems unlikely that the White House will do anything, other than keep on sucking up all that data.