Capitalist Lion Tamer’s Techdirt Profile

capitalisliontamer

About Capitalist Lion TamerTechdirt Insider

List of blogs started with enthusiasm, which now mostly lie dormant:

[reserved for future use]
http://5k500k.wordpress.com

[recently retired]
http://capitalistliontamer.wordpress.com

[various side projects]
http://cliftonltanager.wordpress.com/
http://bl0wbybl0w.wordpress.com/
http://thepenismadeoutofspam.wordpress.com/



Posted on Techdirt - 24 May 2018 @ 3:39pm

Report On Milwaukee PD Body Cams Show Fewer Complaints, Fewer Stops, But No Reduction In Use Of Force

from the better-than-nothing,-but-how-much-better? dept

The Milwaukee PD is (or was) staring down the barrel of a DOJ consent decree for its unconstitutional policing (mainly stop-and-frisk) and routine deployment of excessive force. This is among the many concerns brought to light last year by the DOJ's draft report on the department.

The Milwaukee Police Department fails the community and its own officers by not communicating clearly, making too many traffic stops and applying inconsistent standards when disciplining officers, according to a draft of a federal report obtained by the Milwaukee Journal Sentinel.

The draft report offers a particularly damning critique of Chief Edward Flynn's reliance on data, a signature component of his strategy since he took over the department in 2008. Federal evaluators found this approach is having a damaging, if unintended, effect on police-community relations.

“MPD’s attention to crime data has distracted the department from the primary tenet of modern policing: trust between law enforcement agencies and the people they protect and serve,” the draft report states.

The DOJ also found officers had no idea what community policing entailed, suggesting it only applied to other officers officially designated as community liaisons. The DOJ highlighted the disconnection between the MPD's statements and actions on community policing using this depressing anecdote.

[T]he Milwaukee Police Department doesn’t have a strategic plan for community policing or a set of guidelines regarding it, the draft report says. And department-wide training on how to implement the strategy has not been offered in years.

Federal evaluators highlighted one example of an attempt at community engagement that fell flat.

Officers held a roll-call, or shift change, outside a Milwaukee school. The stated purpose was to let kids know officers wanted them to have a safe summer. The problem? There were no kids in sight, not even student leaders.

The evaluators noted the event may even have sent the wrong message: That the students on summer break were a problem, and the police planned to deal with them.

This draft may never coalesce into an official report. AG Jeff Sessions' full-blooded support for law enforcement includes allowing them to be a law unto themselves by killing off DOJ investigations of misbehaving police forces. What's in the draft report is damning, but it will probably remain a draft in perpetuity.

The PD's responsiveness to community unhappiness did at least result in one change: a pilot program equipping officers with body cameras. Unfortunately, the cameras appear to have done little to address one community complaint.

Milwaukee police officers with body cameras made fewer stops and were less likely receive a citizen complaint, a new study has found.

But when it comes to use of force — the primary reason residents clamored for officers to use the cameras — it didn't matter if officers had the cameras or not. They used force at roughly the same rates.

The PD claims this report [PDF] vindicates officers and the department itself, at least in terms of accusations of excessive force deployment. According to the PD, the conclusions make it clear officers have applied force in accordance with policy. But that's stretching the findings a bit much. It could also mean the deterrent effect one assumes the cameras would have simply hasn't materialized. Officers may feel footage is at least as likely to clear them as damn them and are willing to roll the dice.

And the dice come pre-loaded: officers are given weeks or months to make statements when accused of deploying excessive force. And while statements from witnesses are recorded, those made by officers are not, allowing them to retcon narratives if body cam footage refuses to align with the official narrative. The body cam footage may be a new twist, but the internal investigation process has been an issue for a long time. It, too, receives criticism in the DOJ's draft report.

When it comes to officer-involved shootings, the cases reviewed by the Justice Department were inconsistent and the documentation was inadequate.

In both non-fatal shootings and other uses of force, information about officers’ training, prior use of force, complaints and discipline were not included in internal affairs files.

That information also does not seem to have an effect on whether officers are promoted.

One number that did drop in the wake of camera deployment is street stops. Officers wearing cameras performed far fewer stops than officers without them. This suggests the stop-and-frisk program the PD is currently being sued over tends to make the Constitution an afterthought. Documentation of unconstitutional stops isn't going to help the PD emerge victorious in this lawsuit and the simplest solution is to leave those stops to officers without cameras.

It's not all negative, however. As noted above, officers with cameras received 50% fewer complaints, suggesting the presence of another "witness" causes both parties to treat each other with a little more respect. Camera use can result in de-escalation, which is something rarely willfully practiced by officers.

But we can't read too much into that either. The drop in complaints is tracked by a drop in stops, which may suggest the cameras aren't "civilizing" interactions so much as fewer of them are taking place.

Body cams are band-aids, at best. They can never be a panacea, but they're far from useless. Things do change when law enforcement operates under additional scrutiny. But they don't change as quickly or dramatically as proponents of cameras hope they will. A seismic cultural shift is needed in most departments and body cameras will only incrementally increase the speed in which bad apples are expunged from the barrel. But the barrel will still be filled with slightly-less-rotten apples. That being said, cameras should be a requirement as should the presumption that missing footage weighs against a cop's statements. Just because they're not working as well as many of us thought they would doesn't mean it's without its merits.

Read More | 5 Comments | Leave a Comment..

Posted on Techdirt - 24 May 2018 @ 6:22am

DHS Fusion Center Gets Request For Documents On Extremists, Decides To Hand Over Mind Control Docs Instead

from the here's-the-thing-you-didn't-ask-for-but-will-probably-enjoy-reading dept

Once you release a document to a public records requesters, it's a public record, whether you meant to release it or not. The person handling FOIA requests for the Washington State Fusion Center (a DHS/local law enforcement collaboration known more for its failures than successes) sent Curtis Waltman something unexpected back in April. Waltman asked the Fusion Center for records pertaining to Antifa and white supremacy groups. He did get those records. But he also got something titled "EM effects on human body.zip."

Instead of intel and assessments on local Antifa/white supremacists, Waltman found things like this:

And this:

The files did not appear to have been generated by any government agency, but rather collected from other sources who thought there might be some way the government could control minds using electronic stimulation or "remote brain mapping." Why the Fusion Center had them on hand remains a mystery, as does their attachment to a FOIA request containing nothing about electronic mind manipulation.

This inadvertent disclosure has led to more requests for the same documents. Only this time, requesters -- like Joshua Eaton of ThinkProgress -- are asking specifically for government mind control files. It appears the Fusion Center first thought about withholding some mind control docs, but somewhere along the line decided it couldn't pretend the documents that weren't supposed to be released hadn't actually been released.

An email chain in the release [PDF] to Eaton contains an apology from the staffer who accidentally sent Waltman the mind control files.

Good afternoon Gretchen,

First of all I want to apologize the same way I apologize with my supervisor Lt Boyle and [redacted] I do not like to give excuses but I really sent this without intention when it was not responsive. I sent the original email to [redacted] with the attachments. I will try not make more mistakes…. Now, because of my error MuckRock sent another PDR. Sorry again for the situation and have great afternoon…

Gretchen (the Public Records Officer for the Washington State Police) tells the staffer not to worry about it. Apparently, sending the wrong files to requesters happens frequently, but otherwise, everyone is doing a great job, including the person who sent mind control files with a batch of extremist docs.

But that apology and forgiveness is preceded by the same staffer asking for another review of documents she already released to another requester, possibly in hopes of denying this release.

Erik,

[redacted] told me if you could review this. Mudrock is claiming that DHS did created this. I think I was not supposed to release this but it was public.

Can you help me what can I tell my Public Disclosure coordinator?

Sorry for the inconvenience

No response from Erik is included in the document so one assumes the release went ahead without his additional input. Now this requester has a copy of this email chain, something pulled from an internet "mind control forum," and, inexplicably, the KKK documents released to Waltman in response to his FOIA request.

So, if you're looking to obtain public records but don't particularly care what records you receive, it appears the Washington State Fusion Center is a great place to try your luck.

Read More | 31 Comments | Leave a Comment..

Posted on Techdirt - 23 May 2018 @ 7:40pm

Michigan Takes On The NSA With New Law, But Probably Won't Have Much Of An Impact

from the quite-possible-The-Man-will-survive-this-sticking-to dept

In the months following the appearance of the Snowden leaks, several state legislatures attempted stiff arm snooping feds by introducing bills prohibiting collect-it-all programs from being deployed against Americans by the NSA. Most targeted the NSA's warrantless collection of metadata, creating a warrant requirement for the collection of data within the state's borders.

Others were a bit more creative, forbidding state law enforcement from participating in federal surveillance efforts or, in the case of Utah, where a new NSA data center was being built, forbidding the state's water supply from being used in data collection efforts (to cool the agency's many, many servers).

In Michigan, one of these laws is actually being enacted. As the Washington Examiner reports, the effective date of the Fourth Amendment Rights Protection Act is nearly five years to the day from the first Snowden leak.

Former National Security Agency contractor Edward Snowden marks five years in exile next month. And 11 days after the anniversary of his initial public surveillance disclosure, the first state will implement a law that arguably cuts the NSA off from local water and electricity.

There isn't a known NSA facility in Michigan, but the law's author says it sends a clear message with a ban on state and local officials, including law enforcement and public utilities, cooperating with federal agencies that allegedly collect personal data without legal process.

"It hangs up a sign on Michigan's door saying, 'No violation of the Fourth Amendment, look elsewhere'," said state Rep. Martin Howrylak, a Republican. "Democrats as well as Republicans would certainly stand very strong in our position on what this law means."

Michigan's Fourth Amendment Rights Protection Act takes effect June 17 after passing with a single "no" vote in the legislature.

The bill was originally introduced last spring, but received wholehearted support for both sides of the state legislature, passing unanimously in the Senate and receiving only a single "no" vote in the House. The bill received the governor's signature in March.

Since there are no known collections operating out of Michigan at this time, the law has limited utility. It will mostly serve as a deterrent, suggesting the NSA and others look elsewhere for real estate when opening new data centers. It could also serve to block metadata collections from telco providers located in the state, but those targeted by the NSA are headquartered elsewhere, beyond the reach of this law.

The wording of the law suggests it won't do much to prevent federal surveillance activities. Even though it does mention the use of warrants, it does not actually make them a requirement.

This state or a political subdivision of this state shall not assist, participate with, or provide material support or resources to a federal agency to enable it to collect or to facilitate in the collection or use of a person's electronic data or metadata, unless 1 or more of the following circumstances apply:

(a) The person has given informed consent.

(b) The action is pursuant to a warrant that is based upon probable cause and particularly describes the person, place, or thing to be searched or seized.

(c) The action is in accordance with a legally recognized exception to warrant requirements.

(d) The action will not infringe on any reasonable expectation of privacy the person may have.

(e) This state or a political subdivision of this state collected the electronic data or metadata legally.

The language doesn't suggest the surveillance exposed by the first Snowden leak (cellphone metadata) would be affected, even with the new law in place. The "expectation of privacy" surrounding third party records -- which almost all metadata is -- is nonexistent. There is some judicial discussion about cell site location info currently underway, but call data -- like that exposed by the first Snowden leak -- is still considered a third party record, something federal agencies can collect without a warrant and without troubling a "reasonable expectation of privacy."

At best, the law would encourage local agencies to check with their legal teams before pursuing partnerships with federal agencies. It may also result in the use of warrants in cases where warrants aren't usually thought to be needed. It's more of a symbolic victory against federal incursion than a solid protector of residents' Fourth Amendment rights. It may limit federal surveillance in the state simply because it makes local cooperation merely a possibility, rather than a foregone conclusion.

It may not be the best anti-surveillance bill, but it does at least show anti-mass surveillance sentiment still lives and breathes in some local legislatures five years after the Snowden leaks made their debut.

6 Comments | Leave a Comment..

Posted on Techdirt - 23 May 2018 @ 11:55am

The Attorney General Thinks Police Having To Follow The Constitution Leads To Violent Crime Increases

from the it's-not-just-him-unfortunately dept

Attorney General Jeff Sessions is an old-school law and order man. He wants asset forfeiture returned to its former glory -- no longer questioned by all and sundry for its ability to enrich law enforcement agencies without making much of a dent in criminal activity. He wants drug sellers jailed for as long as possible, suggesting the last time he read a policy paper was sometime during the mid-1980s. And he thinks people questioning law enforcement efforts should be ashamed of themselves, what with the dangers faced occasionally by officers whose workplace can't even crack the Top 10 Deadliest Jobs in America list.

Sessions goes where he's wanted when he speaks, ensuring he'll receive applause and accolades, rather than a bunch of "wtfs?" when he delivers bullshit like this:

I believe one of my highest duties is to call attention to your successes, and to encourage our fellow citizens to support you in your difficult and dangerous work.

But what has made times difficult recently for law enforcement is that—by the end of the previous administration—many of you came to believe that some of the political leadership of this country had abandoned you. Some radicals and politicians began to unfairly malign and blame police as a whole for the crimes and unacceptable deeds of a few. Amazing— their message seemed to be that the police were the problem, not the criminals. They wanted the ACLU to determine police policies, and that was enforced by a federal court order. They said police were violent while homicides in America increased by a total of 20% in 2015 and 2016, the largest jump since 1968. Law Professor Paul Cassell and economics Professor Richard Fowles established that in Chicago, homicide jumped 58% after the ACLU settlement ended proven and constitutional policing.

This was delivered to the National Association of Police Organizations -- a union of police unions -- so there was no one present to question the veracity of this statement, nor push back against its loaded, implicit assertions. No one would expect any more (or any less!) of an organization of organizations which are largely responsible for the general state of disrepair that passes for policing these days.

Law enforcement has never been abandoned. Even when the criticism rains down from the federal government, it's always hedged with phrases implying the problem is a few officers, rather than the culture itself. If all it takes is an incremental increase in accountability to make officers feel "abandoned," they're far too sensitive to be holding positions of public power.

Second, Sessions shows he doesn't care about police misconduct or public accountability by maligning those who demand accountability as "radicals." This suggests Sessions is more interested in a docile nation than upholding his duties as Attorney General, which (used to) include investigating and prosecuting officers who abuse their power.

Finally, his portrayal of the rise in violence in Chicago as the direct result of a consent decree is both dishonest and ugly. The consent decree dealt with the Chicago PD's stop-and-frisk tactics. The PD agreed to revamp its policies after a 2015 report by the ACLU found the program disproportionately targeted black residents. In other words, Sessions is claiming requiring cops to behave Constitutionally results in increased criminal activity.

That would be bad enough on its own, but there's not one single thing Sessions can point at to back up this claim -- not even the report itself. Correlation isn't causation and there's ample evidence a consent decree that requires Constitutional policing does not lead to increased crime. We have apples-to-apples comparisons that disprove this ridiculous theory.

The NYPD was forced to drastically alter its stop-and-frisk program for the same reasons (targeting minorities). Crime went down, despite then-mayor Michael Bloomberg's promise of a criminal apocalypse. That's only one example. Salvador Rizzo of the Washington Post has several more.

Philadelphia has been working under a settlement agreement on stop-and-frisk practices like Chicago’s since 2011, and its homicide rate fell for several years afterward before rising again in 2016 and 2017 (albeit at much lower rates than in Chicago).

Seattle has been under a consent decree that includes stop-and-frisk provisions since 2012, and its yearly homicide rate has been mostly steady, hovering between 19 and 27, in the following years.

In Newark, N.J., a consent decree imposing requirements for stop-and-frisk practices, among other provisions, was adopted in 2016. The city reported 72 homicides in 2017, a 25 percent drop, although nonfatal shootings increased.

“The consent decree was signed and the monitor appointed in the spring and summer of 2016, and Newark continues to have the lowest crime in 50 years since then,” said Paul J. Fishman, the former U.S. attorney for New Jersey, who implemented the consent decree.

Sessions is correct in terms of quoting the report's findings. But the findings cannot possibly be correct. Even if the stats are right, the rationale is wrong. Fewer police stops may lead to increased crime, but connecting the two is far from a foregone conclusion. And yet, there it is, in a still-unreleased report that provides ammo for supporters of unconstitutional policing.

Even the authors of the report find it difficult to make this conclusion stick. To do so means throwing out other contradictory evidence, which is exactly what appears to have happened.

Cassell and Fowles called New York City an “anomaly” and wrote that it had a much lower rate of homicides committed with firearms than Chicago, “a small number of guns and gun crimes (relative to Chicago and many other cities),” and a police force that is about 25 percent larger than Chicago’s on a per-capita basis.

The other "anomalies" (Philadelphia, Seattle, Newark, etc.) were ignored. The DOJ itself -- which Sessions heads -- did not arrive at this conclusion either. Its report on increased violence suggests a few factors, none of which are the consent decree governing police stops.

“Over the year-plus since release of that video, and while we have been conducting this investigation, Chicago experienced a surge in shootings and homicides,” the DOJ report says. “The reasons for this spike are broadly debated and inarguably complex. But on two points there is little debate. First, for decades, certain neighborhoods on Chicago’s South and West Sides have been disproportionately ravaged by gun violence. Those same neighborhoods have borne the brunt of the recent surge of violence. And second, for Chicago to find solutions — short- and long-term — for making those neighborhoods safe, it is imperative that the City rebuild trust between CPD and the people it serves, particularly in these communities.”

While Chicago may be grabbing headlines with its high number of homicides, several other US cities have experienced higher spikes in the violent crime rate -- Ft. Worth, Houston, Memphis, and Baltimore have seen far more significant increases than Chicago's. But no one is claiming these spikes are due to ACLU meddling, consent decrees, or the actions of "radicals" opposed to abusive policing. Nope, it's just AG Sessions cherry-picking a single report with anomalous "findings" -- one that refers to data that doesn't agree with its theory as "anomalous." Speaking in front of cops makes it that much easier to peddle bullshit. But that doesn't change the fact it's still bullshit, no matter how much uncritical applause is offered in return.

38 Comments | Leave a Comment..

Posted on Techdirt - 23 May 2018 @ 9:40am

Facebook Moderation Ramps Up In Germany And Everything Keeps Getting Worse For Its Users

from the bad-laws-and-worse-outcomes dept

Germany's new hate speech law -- and its intersection with social media platforms -- has been a disaster. Subjecting platforms to millions of Euros in fines for each violation, the push to cleanse the (German) internet of hate speech has resulted in plenty of predictive content policing. When not nuking legal criticism or satire mocking intolerant speech, the new law is creating a moderating nightmare for Facebook and other social media services.

The German wing of Facebook's moderation employs 1,200 moderators who forward anything borderline to Facebook's legal team, who then forward close calls they can't make to another outsourced team of lawyers well-versed in German law. That's a lot of money spent to avoid 50 million euro fines, but likely necessary given the law's demand illegal content be removed within 24 hours. Facebook may have to the money to do this, but other platforms simply don't have the resources. Compliance will result in Germans being given fewer services to choose from, all in the name of "protecting" Germans from hateful speech.

But is the law really serving the German people? Or is it a legislative feel-good effort of marginal utility with the possibility of collecting massive fines the ribbon on top? Linda Kinstler's long article on Facebook's proactive moderation efforts in Germany suggests the general public doesn't need these extra protections as much as the government seems to think they do.

Freedom-of-information disclosures published by the digital-rights website Netzpolitik revealed that no fines have yet been levied for systematic failures to delete posts, and the government has only received 311 requests from citizens requesting that content be removed (25,000 requests were expected)—both revelations suggest social-media companies are at least doing an effective job implementing the law.

Sure, this may suggest companies are staying ahead of the curve when it comes to moderation. It also suggests citizens find "illegal" content far less offensive than their government does. It may also suggest the legislation was completely unnecessary, since companies have been actively nuking content the government doesn't actually find illegal.

The law is serving an additional purpose -- one also unrelated to the sensibilities of German constituents. Political parties have turned the law into a rallying cry, claiming the government is merely trying to censor unpopular views. These claims are being made even as those making them turn to German speech laws to bury criticism of them and their views. Compounding irony with the omnipresent hypocrisy, a speech law enacted to safeguard the nation's influx of immigrants has become a weapon deployed by Germany's far-right political wing -- one staunchly opposed to the free flow of foreigners across Germany's borders.

It certainly hasn't made the average Germany citizen feel any more empowered. Facebook will delete accounts after too many violations, even if the violations are tied to a law the company tends to over-enforce.

“I’m far from being a fan of the far right, but a lot of them are afraid that their postings are deleted because of their beliefs, not because of what they say,” said Jeorg Heidrich, a German internet lawyer and a longtime opponent of the regulation. He said that the NetzDG incentivizes social-media companies to “delete in doubt”—to remove any content that seems like it might be illegal—and he is one of many who have observed a general “chilling” of speech online and offline in Germany. “The NetzDG is on people’s minds,” he said. “Generally, people are more careful what to think, what to write. Lots of people are afraid of losing their accounts.”

As it stands now, the law offers nothing to those on the receiving end of over-moderation. It was put into place with no takedown challenge mechanism other than suing Facebook directly. This is beyond the reach of average citizens, ensuring only a small percentage of users will be able to (possibly) save their accounts from deletion, even if the content removed doesn't necessarily violate German law.

The law is broken and needs to be fixed. Without this, the indirect repression of speech and other collateral damage will continue. Facebook can't fix this for the government. All it can do is rely on a team of moderators to get to questionable content before the German government does. This doesn't leave room for nuance or even consistency. Because Facebook stays ahead of the German speech law, Facebook is the law, as far as most of its German users are concerned. Violating Facebook's internal guidelines is no different than violating German law, even when the two disagree. Either way, users are one step closer to account deletion and the sanitizing of the internet for German consumption has blunted the effectiveness of the world's primary communication tool.

20 Comments | Leave a Comment..

Posted on Techdirt - 23 May 2018 @ 3:36am

FBI Admits It's Been Using A Highly-Inflated Number Of Locked Devices To Push Its 'Going Dark' Narrative

from the seriously-fuck-these-guys dept

Call it a lie. Call it a misrepresentation. Call it a convenient error. Call it what you want. Just don't call it a fact. Devlin Barrett at the Washington Post delivers a bombshell: the thousands of phones the FBI supposedly just can't crack despite a wealth of tech solutions at its disposal? It's nowhere near as many as consecutive FBI directors have claimed.

The FBI has repeatedly provided grossly inflated statistics to Congress and the public about the extent of problems posed by encrypted cellphones, claiming investigators were locked out of nearly 7,800 devices connected to crimes last year when the correct number was much smaller, probably between 1,000 and 2,000, The Washington Post has learned.

This number aligns more with reality than the frequent claims the number of locked phones was nearing 8,000 devices. In 2016, the FBI reported it was only locked out of around 880 devices. Less than two years later, it was stating it had 7,800 impregnable devices in its possession.

This exponential increase followed the FBI's failure to convince a court Apple should be ordered to break a phone's encryption whenever the government wanted access. This courtroom demand was predicated on a deliberately backburnered quest to find a tech solution from a third party, as a recently-released Inspector General's report revealed.

So, we know the FBI can't be trusted to tell the whole story when quizzed about its "going dark" assertions. Now, we know the FBI can't be trusted to count physical devices accurately.

The FBI first became aware of the miscount about a month ago and still does not have an accurate count of how many encrypted phones they received as part of criminal investigations last year, officials said. Last week, one internal estimate put the correct number of locked phones at 1,200, though officials expect that number to change as they launch a new audit, which could take weeks to complete, according to people familiar with the work.

“The FBI’s initial assessment is that programming errors resulted in significant over-counting of mobile devices reported,’’ the FBI said in a statement Tuesday. The bureau said the problem stemmed from the use of three distinct databases that led to repeated counting of phones. Tests of the methodology conducted in April 2016 failed to detect the flaw, according to people familiar with the work.

The FBI's count was inflated by bad software and sloppy record keeping. But it had no incentive to fix it. Even if the error was never detected by the methodology test, someone should have asked how the FBI's stash of locked phones suddenly exploded from less than 900 to nearly 8,000 in 18 months. But, given the IG's findings about its slow-walked search for outside tech solutions in the Apple court battle, any red flags were probably ignored in favor of pushing the most dramatic "going dark" narrative possible. Why ask why? Just go with the more jaw-dropping number, even if there's no physical evidence to back the claim.

This discovery was likely prompted by FOIA requests and demands for answers from Congress. Without this outside pressure, the FBI had no motivation to double check its math. Now that it must answer to both Congressional oversight and tenacious members of the public, it has finally decided to audit its locked phone stash.

AG Sessions has also played a part in expanding the "going dark" narrative. He had this to say earlier this month, painting a picture of thousands of latent threats stored in FBI evidence lockers.

Last year, the FBI was unable to access investigation-related content on more than 7,700 devices — even though they had the legal authority to do so. Each of those devices was tied to a threat to the American people.

Except they're obviously not. Most of the devices don't even exist. Therefore, most of the threats don't exist. And this statement can't be definitively made about the number of actual devices the FBI has on hand because the FBI has yet to provide any info whatsoever about these devices or their relation to ongoing or stalled investigations. We don't know how many are tied to "threats to the American people" and how many are tied to bog standard investigatory work, like drug busts or white collar crime or any number of other non-threatening criminal activities the Bureau investigates.

The "going dark" narrative is a house of cards erected on a loose bedding of bullshit. It always has been. Now the FBI is slowly being forced to admit it has nothing to offer but shadow play in which a small pile of phones is stacked carefully to portray a towering, monstrous threat to the American public. At best, the FBI handled its precious cargo of anti-encryption warriors extremely carelessly. At worst, it looked at the incongruous leap in locked device numbers and figured it better served the "going dark" narrative than an accurate count would.

39 Comments | Leave a Comment..

Posted on Techdirt - 22 May 2018 @ 12:00pm

ACLU Obtains Documents Showing Amazon Is Handing Out Cheap Facial Recognition Tech To Law Enforcement

from the Prime-membership-not-required dept

More bad news on the privacy front, thanks to one of America's largest corporations. Documents obtained by the ACLU show Amazon is arming law enforcement agencies with cheap facial recognition tech, allowing them to compare any footage obtained from a variety of sources to uploaded mugshot databases.

The company has developed a powerful and dangerous new facial recognition system and is actively helping governments deploy it. Amazon calls the service “Rekognition.”

Marketing materials and documents obtained by ACLU affiliates in three states reveal a product that can be readily used to violate civil liberties and civil rights. Powered by artificial intelligence, Rekognition can identify, track, and analyze people in real time and recognize up to 100 people in a single image. It can quickly scan information it collects against databases featuring tens of millions of faces, according to Amazon.

It's already been deployed to several areas around the country, with Amazon acting as the government's best friend a la AT&T historic proactive cooperation with NSA surveillance efforts. The documents [PDF] obtained by the ACLU show Amazon has been congratulated by local law enforcement officials for a "first-of-its-kind public-private partnership," thanks to its deployment efforts. On top of providing deployment assistance, Amazon also offers troubleshooting and "best practices" for officers using the tech. It has even offered free consulting to agencies expressing an interest in Rekognition.

These efforts aren't surprising in and of themselves, although Amazon's complicity in erecting a law enforcement surveillance structure certainly is. Amazon is looking to capture an underserved market, and the more proactive it is, the more market it will secure before competitors arrive. To further cement its position in the marketplace, Amazon is limiting what law enforcement agencies can say about these public-private partnerships.

In the records, Amazon also solicits feedback and ideas for “potential enhancements” to Rekognition’s capabilities for governments. Washington County even signed a non-disclosure agreement created by Amazon to get “insight into the Rekognition roadmap” and provide additional feedback about the product. The county later cited this NDA to justify withholding documents in response to the ACLU’s public records request.

Documents also suggest Amazon is looking to partner with body camera manufacturers to add its facial recognition tech. This is something body camera manufacturers are already considering, and licensing an established product is far easier than building one from the ground up.

The system is powerful and can apparently pull faces from real-time footage to compare to databases. It also allows agencies to track individuals. It puts passive cameras on surveillance steroids, giving any person who strolls past a government camera a chance to be mistaken for a wanted suspect. To date, facial recognition software has managed to generate high numbers of false positives, while only producing a handful of valid arrests.

These efforts have been deployed with zero input from the largest stakeholder in any government operation: the general public.

Because of Rekognition’s capacity for abuse, we asked Washington County and Orlando for any records showing that their communities had been provided an opportunity to discuss the service before its acquisition. We also asked them about rules governing how the powerful surveillance system could be used and ensuring rights would be protected. Neither locality identified such records.

It may be the NDAs discourage public discussion, but more likely the agencies acquiring the tech knew the public wouldn't be pleased with having their faces photographed, tracked, stored indefinitely, and compared to pictures stored in law enforcement databases. And if public agencies are unwilling to discuss these programs with the public, they're far less likely to create internal policies governing use of the tech. Amazon's push to secure a sizable portion of this market is only making things worse, and its use of NDAs is going to further distance these public agencies from being accountable to the people they serve.

34 Comments | Leave a Comment..

Posted on Techdirt - 22 May 2018 @ 3:23am

Courts Says CIA Can Dump Classified Info To Members Of The Public And Still Deny They've Been Publicly Released

from the NATSEC-math dept

Journalist Adam Johnson's FOIA lawsuit against the CIA has been brought to a halt. Johnson sued the CIA for refusing to release classified documents it had previously voluntarily "leaked" to selected journalists. The CIA argued the documents were still classified and not subject to FOIA requests. Johnson argued the CIA had already released the documents to the public when it decided to release this classified info to journalists.

Back in February, it appeared the court was on Johnson's side. Responding to the government's motion to dismiss, the court pointed out the CIA couldn't waive FOIA exemptions when dumping docs to journalists and then seek to use them when other journalists asked for the same info.

There is absolutely no statutory provision that authorizes limited disclosure of otherwise classified information to anyone, including "trusted reporters," for any purpose, including the protection of CIA sources and methods that might otherwise be outed. The fact that the reporters might not have printed what was disclosed to them has no logical or legal impact on the waiver analysis, because the only fact relevant to waiver analysis is: Did the CIA do something that worked a waiver of a right it otherwise had? The answer: CIA voluntarily disclosed what it had no obligation to disclose (and, indeed, had a statutory obligation not to disclose).

After another round of submissions by the plaintiff and the government, the judge has reached a final decision [PDF]. What once looked like a win for the FOIA requester has been turned into judicial support for selective disclosure. The CIA can waive and reinstate FOIA exemptions as often as it wants, so long as it only dumps documents to "trustworthy" journalists who won't make the waiver permanent by publishing them in full. (h/t Chris Geidner)

I fail to see why the fact that the information exists in electronic form on some private organization's server, which server can theoretically be hacked by an unauthorized user, should be treated any differently. If the only way that information can be seen by the general public is by stealing it from an authorized recipient, logic dictates that the information is not available to the general public- it is not "in the public domain." Plaintiff and Amici make a good deal out of the fact that the newspapers' servers are not secure servers, but I do not believe that the security level of a sending or receiving server makes the slightest difference to the analysis.

So Plaintiff fails because he is unable to demonstrate that the information he seeks resides today in the public domain; assuming, for purposes of argument, that the CIA' s decision to email the information to the reporters placed it there.

There is another reason why one cannot conclude that these particular emails are in the public domain. Even if there were a copy of the emails in the files of Mr. Shane or Mr. Ignatius or Ms. Gorman, or even if the reporter-recipients could still readily call up the full text on their computers, there is no evidence in the record that any member of the public could walk into the offices of the Times or the WaPo or the WSJ and demand to see a copy. For that matter, there is no evidence that anyone could obtain the information via service of a subpoena on the reporter-recipients. This court would be shocked if the three eminent news organizations whose employees received these emails did not fight tooth and nail against any effort to make them public; and as I understand matters, the law is on their side. If that were not so, Johnson would not be asking the CIA to disclose the redacted information; he would be suing the New York Times, the Washington Post and the Wall Street Journal.

The court notes the judicial system has bent over backwards to insulate national security agencies from FOIA requesters and these agencies' own careless handling of classified material. Agencies that regularly participate in selective leaking can still keep leaked documents out of FOIA requesters' hands so long as the leak recipients haven't published the documents in full. In this case, Johnson had redacted copies of the emails sent to journalists and was seeking to have the redactions stripped away. He had already cleared the high hurdle of knowing exactly what documents had been leaked to journalists. But despite clearing a nearly impossible hurdle, the court, while sympathetic, notes judicial precedent allows the CIA to have it both ways: release info to members of the public while claiming the information was never released publicly.

When grappling with the possibility of waiver via selective and limited disclosure of classified information, courts clearly outlined a way for Government officials dealing with national security and foreign affairs material to have their cake and eat it, too. They could make disclosures to third parties when the Director deemed it necessary to protect intelligence sources and methods, and they could do so without waiving their right to invoke relevant FOIA exemptions, as long as they did so in a way that created no permanent record outside the confines of the agency of exactly what was disclosed (exactly meaning, literally, "in haec verba "). In that way, the courts could never be entirely sure that whatever "public" record did exist (the notes taken by the people who were briefly shown the records at issue in Muslim Advocates, for example) was the "specific information" that had been disclosed previously. This bit of sophistry allowed the courts deny FOIA requests on the basis discussed in Wilson v. CIA, 5 86 F .3d 171, 186 (2d Cir. 2009).

It all comes down to one thing: the journalists who received the CIA's leaks never published the documents in full. Because of this -- despite there being copies of unredacted classified info residing on certain newsroom servers -- the CIA can claim this was not a public release and keep its redactions in place. The court's refusal to hold the government to a higher standard when it invokes national security claims has resulted in this illogical conclusion: what's been made public is not public info if certain caveats apply. To celebrate this ridiculous victory for government opacity, the journalists who received these documents should publish them in full. As the court notes, they'd be well within their legal rights to do so. But that would mean they wouldn't be trusted with selective leaks in the future, so it's unlikely these members of the public will undo the damage done by 40 years of NATSEC jurisprudence.

Read More | 16 Comments | Leave a Comment..

Posted on Free Speech - 18 May 2018 @ 7:39pm

Turkish President Visits UK To Remind Everyone He Still Wants To Punish Critical Speech

from the UK-speech-laws-really-don't-need-to-be-any-worse dept

I'm not sure why any nation with at least a passing respect for civil liberties would continue treating Turkish president Recep Tayyip Erdogan as a world leader worth discussing ideas with. Erdogan rolled into the United States with his entourage of thugs and thought he could have critics beaten and unfriendly journalists tossed from press conferences. He continually petitions other countries to punish their own citizens for insulting him.

Back at home, Erdogan is jailing journalists by the hundreds, claiming they're terrorists. A failed coup set off the latest wave of censorial thuggery, with Erdogan bolstering his terrorist claims by pointing to criminal acts like… robbing ATMs. A massive backlog of "insulting the president" cases sit in the country's court system -- a system that's certainly aware it's not supposed to act as a check against executive power.

And yet, world leaders continue to act as though Erdogan is an equal, rather than an overachieving street thug with an amazingly fragile ego. UK Prime Minister Theresa May, hoping to strike a trade deal with Turkey, invited Erdogan to not only discuss a possible deal, but speak publicly.

May tried to keep Erdogan from being Erdogan

May said that while it was right that those who sought to overthrow a democratically elected government were brought to justice, “it is also important that in the defence of democracy… Turkey does not lose sight of the values it is seeking to defend”.

May added: “That is why today I have underlined to President Erdoğan that we want to see democratic values and international human rights obligations upheld.”

But Erdogan was always going to be Erdogan:

At a press conference in Downing Street alongside May, Erdoğan made no reference to May’s remarks about human rights, but instead urged her to do more to extradite Turkish exiles from the Gulenist or Kurdish movements, saying that if she did not act act against terrorists, it would come back to bite her.

And went on to make it clear that by "terrorists," he also meant journalists who may or may not have been caught engaging in burglary, but otherwise can be assumed to be political targets jailed to ensure silence.

You can't keep treating an overgrown child like an adult. No one should be doing business with Turkey until it cleans up its civil rights violation record. And that's not going to happen as long as Erdogan is president. Gently nudging him towards not being a completely evil asshole obviously doesn't work. All it does is make the government's hosting his off-the-cuff remarks on censorship and jailing journalists look like enablers of oppression.

28 Comments | Leave a Comment..

Posted on Techdirt - 18 May 2018 @ 12:09pm

ICE Drops Extreme Vetting Software Plan After Discovering No One Could Possibly Deliver What It Wants

from the we-have-seen-the-future-and-we-are-disappoint dept

It appears the concept of "extreme vetting" at our borders has been backburnered. The Washington Post is reporting ICE has scrapped plans to acquire software capable of strip-mining immigrants' social media accounts and converting this info into a RATE MY DANGEROUSNESS number. However, it does not appear the concept is being done away with entirely.

Immigration and Customs Enforcement officials told tech-industry contractors last summer they wanted a system for their “Extreme Vetting Initiative” that could automatically mine Facebook, Twitter and the broader Internet to determine whether a visitor might commit criminal or terrorist acts or was a “positively contributing member of society.”

But ICE quietly dropped the machine-learning requirement from its request in recent months, opting instead to hire a contractor that can provide training, management and human personnel who can do the job. Federal documents say the contract is expected to cost more than $100 million and be awarded by the end of the year.

No more one-click snooping on entrants. Instead, this job will be farmed out to vendors who will probably never accidentally leak the large amount of personal data they're collecting for the government. This isn't a case of ICE/DHS realizing this isn't just intrusive but unnecessary and quite possibly useless. Instead, this is a case of ICE not liking what vendors had to offer on the software front.

An ICE official briefed on the decision-making process said the agency found there was no “out-of-the-box” software that could deliver the quality of monitoring the agency wanted.

For the time being, it won't be AIs and algos doing the vetting. Instead, it will be a government contractor doing the work, presumably using some live humans. What ICE was seeking was a mythical piece of software. It wanted a rigorous vetting system that predetermines the risk levels of immigrants at a touch of a button -- all without troubling civil liberties and/or conflicting with numerous other databases ICE controls or has access to.

There's no doubt the government can acquire something that harvests massive amounts of data. The problem is making that data useful, something even our most experienced data harvesters in the NSA frequently have trouble doing. But ICE wanted it to be more than a database of past social media behavior. It wanted the program to hand it a thumbs up/down rating on visa applicants, something that's not really advisable, if even actually possible. And there doesn't appear to be anything that fits the description.

“Have they realized only that it doesn’t exist now, which is important in its own right, or have they also recognized that this really was an idea that was built on a complete fantasy?” said Rachel Levinson-Waldman, senior counsel at the Brennan Center for Justice, a left-leaning policy institute. “That you can somehow take these hugely disparate sources of information, in lots of different languages, and make a prediction about what somebody’s value and worth is?”

Content moderation, but for humans. That hasn't worked well anywhere. It usually leads to profiling, false positives, and wastes of the government's human resources, which are far more limited than its data-hauling capabilities. Extreme vetting isn't going away. It's just going be far more iterative than ICE would like, however. Visions of "Minority Report" (and for actual minorities!) have been dashed by the cold water of tech reality. Concerns about mass violations of privacy and civil liberties had nothing to do with this partial reversal of course.

27 Comments | Leave a Comment..

Posted on Free Speech - 18 May 2018 @ 9:33am

DOJ Still Wants To Lock People Up For Protesting The Government, Or Even Just Talking About It

from the thoughtcrime dept

The government is still trying to land a conviction from its mass arrest of participants in last year's Inauguration Day protests in Washington, DC. So far, it has nothing to show for its efforts but a far-too-casual disregard for civil liberties.

The prosecutions began with the government's breathtaking demand for the personal info of all 1 million+ visitors to the Disrupt J20 website. From there, things did not improve. The government's prosecutors accused protest participants of "hiding behind the First Amendment" while attempting to strip away First Amendment protections. One of those charged by the government with rioting was journalist Alexi Wood, who had filmed the protests and had the footage to show he wasn't a participant in violent or destructive acts.

The government compounded its unconstitutional behavior in court when its lawyer (Jennifer Kerkhoff) tried to downplay the significance of a foundational part of our justice system -- that the accusers must prove "beyond a reasonable doubt" the accused committed a crime.

Kerkhoff: The defense has talked to you a little bit about reasonable doubt. You're going to get an instruction from the Judge. And you can tell it's clearly written by a bunch of lawyers. It doesn't mean a whole lot. But look at the last line.

The Court: So wait...

Kerkhoff: I apologize.

The Court: I know she didn't mean to say what she just said. But --

Kerkhoff:: It means a lot.

The Court: I just need to say, ladies and gentlemen, you will be instructed on reasonable doubt. You must follow each and every word of my instructions on reasonable doubt.

Kerkhoff: Yes.

The Court: Ms. Kerkhoff did not mean to trivialize any portion of it, and it's just as important that you understand --

Kerkhoff: I apologize.

The Court: -- that every word of the reasonable doubt instructions, like all the rest of my instructions, are very important.

Kerkhoff: It's an important instruction.

After these horrendous actions and the acquittal of its first batch of J20 prosecutees, the DOJ is finally going to attempt something a bit more targeted.

After a DC Superior Court jury acquitted the first group, prosecutors announced they were dropping charges against 129 remaining defendants, saying they would focus on defendants who allegedly engaged in "identifiable acts of destruction, violence, or other assaultive conduct," who planned violence, or who participated in "black bloc" tactics to aid the property destruction that day.

Unfortunately, that still leaves a whole lot of defendants. The prosecutions began with more than 200 people charged. Only about a quarter of the original defendants are still awaiting their day in court.

[...]58 defendants remain charged and will face a judge and jury in at least nine more trials; jury selection for the next of these is scheduled to begin Monday.

The government is still giving itself plenty of leeway, though. It's not simply interested in jailing those who actually committed property destruction during the J20 protests, but anyone it thinks it can pin a conspiracy to riot charge on.

The "conspiracy" angle is only going to do more damage to First Amendment rights. Simply having contact with someone charged with property damage/rioting could net defendants jail time. This is an effective way to deter future dissent, as it casts a chill on participating in protests against the government simply because the possibility of some participants engaging in criminal activity will always exist.

Denver civil rights attorney Jason Flores-Williams was a legal observer at the demonstration, but was disqualified from representing arrested protesters because the court saw this as a conflict of interest. In his view the prosecution means to send an even more pernicious message, which is that protest of the sort that the defendants engaged in is prohibited full stop.

[...]

"The important aspect here is that they're going after fundamental associative rights. They implant the idea in the minds of the citizenry that even to discuss dissent or even 'like' a dissenting comment on Facebook can lead to prosecution. When that happens, democracy dies.”

It's highly unlikely the last 58 defendants all engaged in property damage or destruction. That means a lot of the government's targets will be facing nothing more than conspiracy charges. If the government succeeds in convincing a jury simply discussing participation in a protest that ultimately resulted in destructive acts from a small subset of participants is a criminal act in and of itself, the First Amendment is going to suffer. Given the history of these prosecutions, it's clear the government either isn't aware of the damage it's doing or, more likely, does not care.

74 Comments | Leave a Comment..

Posted on Techdirt - 18 May 2018 @ 3:23am

UK Gov't To Allow Citizens To Head To Nearest Newsstand To Buy Porn... Licenses

from the so-much-progress dept

The UK government's continuing efforts to save the country's children from the evils of internet porn are increasingly ridiculous. Filtering efforts applied by ISPs have managed to seal off access to plenty of non-porn sites while still remaining insanely easy to circumvent. The government -- with a straight face -- suggested there was nothing not normal about internet customers turning over personal information to ISPs in exchange for the permission to view porn. It's as if building a database of the nation's porn aficionados was the government's original intent.

Since nothing about this was working about the way the porn filter's architects (one of whom was arrested on child porn charges) imagined, the UK government decided the same non-functioning tech could be put to work filtering out "terrorist content." Bad ideas have repeatedly been supplanted by worse ones, and now it appears UK citizens may be able to opt out of ISP porn-related data harvesting by [squints at press report] buying a porn license from their local newsjobber.

High street newsagents are to sell so-called “porn passes” that will allow adults to visit over-18 websites anonymously.

The 16-digit cards will allow browsers to avoid giving personal details online when asked to prove their age.

Instead, they would show shopkeepers a passport or driving licence when buying the pass.

Trench coats are coming back! Somewhat of an ironic turn of events, given how much government effort was expended trying to limit the amount of public porn consumption by shutting down theaters and heavily regulating distribution of pornography. Instead of heading to porn shops in shady areas of town, porn consumers will be headed to newspaper kiosks to publicly announce their desire to consume porn in the privacy of their own homes.

I would imagine this will be regulated as well, with the government needing occasional access to porn license buyer lists to verify that newsagents are properly vetting porn license purchasers. Fortunately, the privacy-minded porn fan will now be providing personal info to someone other than their ISP. Unfortunately, they will be providing this to people in their neighborhood, possibly in front of their neighbors.

There is, however, a chance the purchase of a porn license may be treated as no different than a purchase of a pornographic publication: age verification only and no retention of records needed. Given the UK government's incessant push for a sanitized web, it seems unlikely this will be the case. Once you've gotten into the business of controlling access to legal content, the tendency is to continue expansion, rather than treat this as simply as a voluntary exchange between buyer and seller with only very limited government interest.

55 Comments | Leave a Comment..

Posted on Techdirt - 17 May 2018 @ 2:20pm

Judge Allows Fourth Amendment Challenge Of Warrantless Device Searches At The Border To Continue

from the uphill-battling dept

A federal judge has allowed the ACLU, EFF, and the several plaintiffs they represent to continue their Fourth Amendment lawsuit against DHS, ICE, and CBP. The plaintiffs are challenging the Constitutionality of border device searches -- something that has skyrocketed in recent years. As it stands now, these agencies believe nothing stronger than reasonable suspicion is needed to perform highly-intrusive searches. In many cases, not even suspicion is needed, thanks to the "border search" exception to the Fourth Amendment courts have carved out for the government.

Policies for agencies performing border device searches are pretty much identical. All allow searches and seizures of devices without individualized suspicion. This warrantless, suspicionless search may also result in the device being confiscated for weeks or months while a forensic search is undertaken -- again, supposedly without violating travelers' rights. CBP's policy was altered this year, requiring forensic searches and the mirroring of devices to at least reach the level of reasonable suspicion. Better than ICE's policy, but still nothing approaching a warrant.

The government sought to have the lawsuit dismissed, claiming the plaintiffs had no standing to assert violations, much less seek injunctive relief on the theory they would likely be subjected to intrusive device searches the next time they traveled.

The court disagrees with all the government's arguments. The government claimed the number of device searches -- although steadily increasing -- is still a small percentage of the overall whole. The court points out it doesn't really matter what the percentage is. It's whether or not CBP and ICE perform these searches routinely. From the decision [PDF]:

Defendants contend that Plaintiffs have also failed to satisfy the “substantial risk” inquiry. Plaintiffs allege that CBP data demonstrates that it is on track to conduct approximately 30,000 searches this fiscal year. Defendants point out, however, that those searches only amounted to 0.008% of the approximately 189.6 million travelers who arrived at U.S. borders during this period. Defendants argue that this future search probability—which they characterize as a “slight chance” of search—is not sufficient to establish standing here.

There is no numerical threshold, however, at which likelihood of harm becomes a “substantial risk” of harm. See Kerin v. Titeflex Corp., 770 F.3d 978, 983 (1st Cir. 2014) (noting that “a small probability of a great harm may be sufficient”). Although 0.008% may be a small percentage of total travelers, the searches still occur at an average of approximately 2500 searches per month. In SBA List, the Supreme Court supported its conclusion that there was a substantial likelihood of future harm with the explanation that proceedings enforcing the statute in question were “not a rare occurrence,” with twenty to eighty such cases occurring per year. Against this backdrop, 30,000 searches per year is not a “rare occurrence,” even if it makes up a small percentage of total travelers.

The government also argued allegations of future harm were too vague to support a lawsuit. The court finds this argument unbelievable, given the history of the plaintiffs' interactions with border agents and the agencies' border search practices.

Defendants also argue that Plaintiffs’ allegations of future harm are impermissibly “vague” and speculative. They point to Reddy for the proposition that in the First Circuit, “‘[s]peculation’ that a government actor ‘might in the future take some other and additional action detrimental to’ Plaintiffs, is ‘not an adequate substitute for a claim of specific present objective harm or a threat of specific future harm.’” In Reddy, however, the First Circuit held that the plaintiffs’ assertions of standing were speculative as to a New Hampshire buffer zone statute, emphasizing that the statute had not yet been enforced. Here, by contrast, Plaintiffs challenge policies that are in place and are being actively enforced.

[...]

Plaintiffs’ alleged future injury does not depend upon defendants’ future illegal conduct untethered to a pattern of past practice, cf. Los Angeles v. Lyons, 461 U.S. 95, 102 (1983) (concluding that plaintiff subject to illegal arrest procedure made no showing that he was likely to be arrested and subjected to illegal procedure again), but rather upon recurring conduct authorized by official policies. That is, Plaintiffs’ subjection to prior searches further bolsters their allegations of likely future searches.

The heart of the matter is the border search exception. It's what allows CBP and ICE to bypass the Supreme Court's Riley decision and its institution of a warrant requirement for device searches. The government seizes a single phrase from the Supreme Court ruling: "search incident to arrest." Its argument attempts to divorce border device searches from the Supreme Court's finding that searching cellphones was more analogous to searching houses than searching pants pockets or suitcases. The court doesn't agree with the government's distinction.

As an initial matter, the Court is not persuaded that Riley’s reasoning is irrelevant here simply because Riley’s holding was limited to the search incident to arrest exception, see Riley, 134 S. Ct. at 2495. Judicially recognized exceptions to the warrant requirement do not exist in isolation; rather, they are all part of Fourth Amendment jurisprudence, justified because, ordinarily, the circumstances surrounding the search and the nature of the search have been deemed “reasonable.”

[...]

Here, the First Circuit has not yet spoken on what level of suspicion is required to justify a cell phone or other electronic device search at the border. The First Circuit has, however, acknowledged the significant privacy interests implicated in a cell phone search, explaining that the information on these devices is “the kind of information one would previously have stored in one’s home and that would have been off-limits to officers performing a search incident to arrest.”

The court then goes on to say that merely raising the standard for invasive device searches to "reasonable suspicion" may not be enough.

[T]he Supreme Court rejected the reasonable suspicion standard when it came to cell phones because it “would prove no practical limit at all when it comes to cell phone searches.” Digital device searches at the border, perhaps even when supported by reasonable suspicion, raise the same concerns.

This is encouraging, even if all that's happened at this point is the case surviving the government's motion to dismiss. It provides plenty of insight into the court's thinking, and shows how much of it is at odds with the government's assertions. This has the potential to restore some Fourth Amendment protections at our nation's borders for the first time in years.

Read More | 62 Comments | Leave a Comment..

Posted on Techdirt - 17 May 2018 @ 12:13pm

New Malaysian Prime Minister Who Promised To Kill 'Fake News' Law Decides It Might Be Useful Now That He's In Power

from the twist-everyone-saw-coming dept

The "fake news" law erected in Malaysia was put in place to do one thing: allow the government to increase its control of journalists. Top-level corruption needed to be buried, and a "fake news" law seemed like a handy way to do it. The law made one thing clear: the government alone would decide what news was fake. The most likely target appeared to be reporting about the mysterious appearance of $700 million in Prime Minister Najib Razak's personal bank account.

The law claimed its first victim shortly after being enacted. A Danish citizen visiting Malaysia was arrested and charged after he posted a YouTube video allegedly misrepresenting the time it took for emergency services to respond to the shooting of a Hamas engineering expert. The man will now spend a month in jail after being unable to pay the $2,500 fine handed down by the court.

It once looked like the law might be headed for a swift derailment. Mahathir Mohamad promised he would abolish the law entirely if elected Prime Minister. The BBC reports only part of the previous sentence has come to pass.

Malaysia's new Prime Minister Mahathir Mohamad has said he will redefine a controversial anti-fake news law introduced by his predecessor.

The legislation, brought in just before last week's election, was criticised as undermining freedom of speech.

Having obtained power, Mahathir now seems unwilling to use it to fulfill his campaign promise. This seems especially odd considering Mahathir was investigated for "spreading fake news" during his election run after he claimed his campaign plane had been tampered with. You would think someone targeted by a bogus law erected to suppress dissent and silence critics of the ruling party would want a law like this abolished, rather than merely "redefined." But I guess Mahathir would like to have a law to abuse himself, now that he's the one facing criticism and greater scrutiny from Malaysian journalists.

The justification for this campaign promise flip-flop comes from a place of highly-conditional love for the concept of free speech.

[T]he new prime minister said on Sunday: "Even though we support freedom of press and freedom of speech, there are limits."

"Free speech, but…" The favored terminology of people who want to protect speech they like and suppress everything they don't. And Malaysian citizens are right back where they started after the regime change: subject to a "fake news" law that allows the government alone to determine what coverage is real and what should be punished with fines and jail sentences.

27 Comments | Leave a Comment..

Posted on Techdirt - 17 May 2018 @ 3:15am

EFF Asks FBI, DOJ To Turn Over Details On Thousands Of Locked Phones The FBI Seems Uninterested In Cracking

from the tearing-new-FOIA-holes-in-the-FBI's-narrative dept

The FBI's growing number of uncracked phones remains a mystery. The agency claims it has nearly 8,000 phones in its possession which it can't get into, despite multiple vendors offering services that can allegedly crack any iPhone and countless Android devices.

The push for mandated backdoors and/or weakened encryption continues, with successive FBI heads (James Comey, Chris Wray) declaring public safety is being threatened by the agency's locked phone stockpile. This push seems doubly insincere given a recent Inspector General's report, which revealed agency officials slow-walked the search for a third-party solution to unlock a phone belonging to the San Bernardino shooter.

Legislators have taken notice of the FBI's disingenuous push for a legislative mandate. Back in April, a group of lawmakers sent a letter to the FBI asking what it was actually doing to access the contents of its growing collection of locked phones and why it insisted there were no other options when it was apparent vendors were offering phone-cracking solutions.

The EFF has questions as well. It has sent a FOIA request [PDF] to the FBI and DOJ asking for details on the FBI's locked phone stash.

[W]e have submitted a FOIA request to the FBI, as well as the Offices of the Inspector General and Information Policy at DoJ. Among other things, we are asking the FBI to tell the public how they arrived at that 7,775 devices figure, when and how the FBI discovered that some outside entity was capable of hacking the San Bernardino iPhone, and what the FBI was telling Congress about its capabilities to hack into cellphones.

The FBI is in no hurry to make this information public, so it will probably take a lawsuit to get its response rolling. It still has yet to answer the questions posed to it by Congress, even as it continues to push its "going dark" narrative anywhere Director Chris Wray is given the opportunity to speak.

The ever-growing number of locked phones is a true mystery, considering the number saw exponential growth -- swelling from under 1,000 phones in 2016 to nearly 8,000 phones only two years later. This happened without exponential growth in deployed encryption, but also closely tracks with the rise of James Comey's "going dark" theory and the aftermath of the FBI's failed attempt to secure a favorable precedential decision in the San Bernardino shooter case.

Whatever is revealed should answer a few questions. Unfortunately, the answer may end up being that the FBI truly isn't interested in anything more than solutions mandated by the government.

Read More | 18 Comments | Leave a Comment..

Posted on Techdirt - 16 May 2018 @ 10:52am

Congressional Members Decide It's Time To Make Assaulting A Police Officer A Federal Hate Crime

from the knock-it-off-with-this-stupid-shit dept

It's apparently time for a legislative update to The War on Cops. Apropos of nothing, legislators from both sides of Congress have flung some more "cops are more equal than others" legislation into the ring. Senators Orrin Hatch and Heidi Heitkamp have joined their House counterparts in attempting to make any crime against a police officers a hate crime. From Hatch's press release:

Protect and Serve Act of 2018:

The legislation adds a new section to Chapter 7 of Title 18 that:

Makes it a federal crime to knowingly cause bodily injury to any person, or attempt to do so, because of the actual or perceived status of the person as a law enforcement officer;

Prescribes a penalty of up to 10 years imprisonment for a violation, or up to a life sentence in cases that result in death or involve kidnapping;

Requires that the offense have a federal nexus;

Requires certification by the Attorney General that a state has waived jurisdiction or that federal prosecution is in the public interest and necessary to secure substantial justice; and

Requires the Attorney General to issue guidelines for determining whether a crime was committed because of the actual or perceived status of person as a law enforcement officer.

Why do we need this law? We don't. But don't let that stop the bill's sponsors from arguing otherwise.

“In rural and urban areas alike, law enforcement officers face heightened risk every time they put on their uniforms,” Heitkamp said.

They actually face historically low risks, with last year's death stats being even lower than the year before. But let's not let actual death totals get in the way of increasing penalties for anyone who has the misfortune of dealing with cops. It doesn't just cover murder -- even though "targeted killings" are the main talking point. It covers any bodily injury, which makes it perfect for stacking charges on arrestees. Anything from an aborted fist swing to an accidental bump can be turned into an assault charge and this law gives federal prosecutors the chance to escalate the side effects of resisting arrest into a federal prison sentence. And it's a great way to keep abused citizens from filing complaints, as Radley Balko explains:

What harm could come of this bill? An assault on a police officer charge is often used a cudgel — it’s a way of dissuading legitimate victims of police brutality from filing complaints. If such an assault charge could soon come with an additional federal charge punishable by up to 10 years in prison, that cudgel grows by about 10 sizes. It gets awfully persuasive.

Lest there's any doubt this bill is a "hate crime" bill, the press release makes it crystal clear.

Since May 2016, several states have enacted laws that make attacking police because of their occupation a hate crime. The Protect and Serve Act takes a similar approach and is modeled after the federal hate crime statute, 18 U.S.C. § 249.

It's true. Several stupid state legislatures have decided to elevate some of the most powerful public servants in their jurisdictions to the status of "protected victim." Never mind the reason most hate crime laws are enacted is to bring more power to the powerless -- a (clumsy) way to address criminal acts predicated on hatred of someone's race or sexual orientation. Police officers are neither a race nor a sexual orientation. There is no conscription involved in a law enforcement career. It's strictly voluntary, unlike the personal traits involved in most hate crime laws.

It's not as though there's a lack of aggressive prosecution when officers are killed or injured. There's never a shortage of charges to be brought or a dearth of zeal to see this criminal act punished. Many states already provide sentencing enhancements if the crime victim is a police officer. This bill simply gives the federal government the option to swoop in and punish certain criminals more harshly, ignoring any lack of "Blue Lives Matter" state statute.

It's a stupid legislative proposition built on the ridiculous delusion that there's a War on Cops being waged day in and day out when it's really a lot of isolated incidents scattered across an ever-moving timeline. Being a cop in America is safe. Officers do not suffer for a lack of physical or legal protections. They are some of the most-protected individuals in this nation. A law like this is more than redundant and needlessly punitive. It's an implicit message sent to all Americans, telling them their public servants -- at least these ones -- are better and more deserving of protection than they are.

66 Comments | Leave a Comment..

Posted on Techdirt - 16 May 2018 @ 3:23am

Ad Software Dev Doesn't Like Being Called Out For Privacy Violations ; Sends Threatening Letter To Researchers Who Exposed It

from the fixing-it-in-post dept

The Children's Online Privacy Protection Act (COPPA), passed in 1998, governs the sort of data that can be collected from children under the age of 13. That's why kids have to age themselves prematurely to create accounts on some social media networks. It's a law kids under the age of 13 subvert every day, but it's in place to protect kids from online services and restricts information collected by apps and online services that cater to children.

Unfortunately, there are a lot of app developers ignoring this law. A recently-published research paper shows a host of violations and questionable practices that smartphone/tablet app developers are engaged in. Serge Egelman, one of the paper's co-authors, notes that thousands of apps are violating this law every day. In just one example, an advertising SDK (software development kit) made by ironSource is harvesting personal data from 466 child-directed apps.

It's not as though this is a simple oversight. In an earlier blog post detailing COPPA violations, Egelman points out Android developers must take a series of affirmative steps to market apps directed at children. There's a long list of stipulations that must be met before Google will allow apps to become part of its Designed For Families program.

Apps using ironSource's SDK are being marketed to kids, making the presence of a targeted advertising tool not merely questionable, but possibly illegal. As Egelman's blog post notes, it certainly violates ironSource's own terms of service. This is taken from its privacy policy, as archived late last year.

The Services are not directed to children under the age of 13 and children under the age of 13 should not use any portion of the Services. ironSource also does not knowingly collect or maintain personal information collected online from children under the age of 13, to the extent prohibited by the Children’s Online Privacy Protection Act.

"Services" is explained further in the Privacy Policy.

This Privacy Policy (the “Privacy Policy”) describes how ironSource Ltd. and its subsidiaries (collectively “ironSource” or “we”, “us”, “our”) uses end users [sic] (“you” or “your”) information when you view ads served by platforms and services operated by ironSource Mobile Ltd. on third party websites or mobile apps (the “Services”).

This would appear to indicate children under the age of 13 should not see ads served by ironSource. The easiest way to do that would be not to use the targeted ad SDK, as Egelman points out. But the research shows the opposite occurs repeatedly, with developers adding ironSource's ad software to their apps before shoving into the "Family" section of the Play Store.

This research paper -- and the attendant blog posts -- weren't published until this year. Shortly after publication, ironSource apparently chose to express its irritation with being named and shamed as an accomplice in COPPA violations. But the story is stranger than it first appears. IronSource apparently obtained a leaked copy of the report prior to its official publication. The angry letter it sent Egelman's research partner, Irwin Reyes, claims their report is "inaccurate and misleading." But if it is, it's only because ironSource performed a legalese switcheroo after receiving the leaked paper.

To our surprise, between first receiving a leaked draft of our paper in February and sending this letter in April—presumably while they waited for the paper to appear online, for plausible deniability, so that they would not have to explain how they came into possession of a stolen draft—ironSource updated their privacy policy to remove the clause about children not using their services. The current policy, dated March 4, 2018 (i.e., after they were aware of the paper), now simply says that they have no knowledge of receiving data from children.

The letter involves ironSource blundering far across the line between clever and stupid.

Ms. Litay, who claims to be a lawyer, claims that our paper is incorrect because it cites a clause that was removed after the paper was written! This requires significant mental gymnastics (or a significant amount of chutzpah and the misguided belief that the recipients of her letter do not know that the web is archival).

Even with the hastily-applied patch job, ironSource's COPPA "compliance" deserves scare quotes. ironSource is claiming it has "no knowledge" of personal data being collected from children under the age of 13. But this can't possibly be true, even with its reworded privacy policy.

Looking at just our dataset for all the apps transmitting personal information to ironSource, several developers’ names include words like “child,” “baby,” or “kids.”

Behind all of this is a company displeased its questionable and possibly illegal business practices have become the subject of an unflattering research paper. The letter [PDF] ends with a veiled lawsuit threat, claiming the researchers fully-substantiated claims "may result in substantial financial damage" to ironSource.

Egelman's response [PDF] pulls no punches. It calls out ironSource for its lie about its privacy policy's wording.

IronSource’s privacy policy (or rather, the privacy policy of Supersonic, ironSource’s subsidiary), at the time that we accessed it (September of 2017, as documented in the article and since deleted from ironSource’s website), stated the following:

"The Services are not directed to children under the age of 13 and children under the age of 13 should not use any portion of the Services."

Your allegations appear to be based upon your interpretation of the term “Services,” which you claim is defined as being those services that ironSource offers to app developers, and presumably not what is collected from end-users. That is, your letter is claiming that these statements mean that you do not allow developers under 13 to sign up on your website to use your SDK, and not that the SDK should only be used in non-child-directed apps. This may be a reasonable interpretation of the privacy policy and terms of service as they are currently written.

But that's not how they were written before the paper was published -- and before ironSource obtained a copy. Before then, the terms of service stated children under 13 should not use "this portion" of the services, referring to ironSource's targeted ad SDK. If the SDK was bundled with apps targeting kids, information was harvested by the SDK in violation of federal law.

As to the thinly-veiled legal threat closing out ironSource's ridiculous C&D, Egelman says, "Bring it on."

As you know, the verbatim quotation in our paper of Supersonic’s privacy policy as it existed at the time the paper was written, and our reasonable interpretation of that privacy policy are protected speech. You can appreciate, I hope, our concern about your implied threat of a commercial defamation lawsuit, and our perspective that any such action would be a Strategic Lawsuit Against Public Participation (SLAPP), prohibited by California’s anti-SLAPP statute (Ca. Code of Civ. Proc., §§425.16 et seq.). Your concern about ironSource’s financial interests and reputation is not likely to be well served by unfounded threats to academic researchers acting in the public interest.

Rather than let the research paper filter its way into the collection consciousness with possibly minimal reputational damage, ironSource has chosen to draw more attention to it by attempting to silence its authors. Now, it looks like a company that threatens critics when not violating federal privacy laws. Retconning its privacy policies before calling researchers liars is just prime stupidity. The internet is forever. So is ironSource's self-inflicted damage.

Read More | 22 Comments | Leave a Comment..

Posted on Techdirt - 15 May 2018 @ 1:22pm

Bill Introduced To Prevent Government Agencies From Demanding Encryption Backdoors

from the pushing-back-from-the-top-down dept

The FBI continues its push for a solution to its "going dark" problem. Joined by the DOJ, agency head Christopher Wray has suggested the only way forward is a legislative or judicial fix, gesturing vaguely to the thousands of locked phones the FBI has gathered. It's a disingenuous push, considering the tools available to the agency to crack locked devices and obtain the apparently juicy evidence hidden inside.

The FBI hasn't been honest in its efforts or its portrayal of the problem. Questions put to the FBI about its internal efforts to crack locked devices are still unanswered. The only "new" development isn't all that new: Ray Ozzie's "key escrow" proposal may tweak a few details but it's not that far removed in intent from the Clipper Chip that kicked off the first Crypto War. It's nothing more than another way to make device security worse, with the only beneficiary being the government.

The FBI's disingenuousness has not gone unnoticed. Efforts have been made over the last half-decade to push legislators towards mandating government access, but no one has been willing to give the FBI what it wants if it means making encryption less useful. A new bill [PDF], introduced by Zoe Lofgren, Thomas Massie, Ted Poe, Jerry Nadler, Ted Lieu, and Matt Gaetz would codify this resistance to government-mandated backdoors.

The two-page bill has sweeping safeguards that uphold security both for developers and users. As the bill says, “no agency may mandate or request that a manufacturer, developer, or seller of covered products design or alter the security functions in its product or service to allow the surveillance of any user of such product or service, or to allow the physical search of such product, by any agency.”

This bill would protect companies that make encrypted mobile phones, tablets, desktop and laptop computers, as well as developers of popular software for sending end-to-end encrypted messages, including Signal and WhatsApp, from being forced to alter their products in a way that would weaken the encryption. The bill also forbids the government from seeking a court order that would mandate such alterations. The lone exception is for wiretapping standards required under the 1994 Communications for Law Enforcement Act (CALEA), which itself specifically permits providers to offer end-to-end encryption of their services.

The Secure Data Act shouldn't be needed but the FBI and DOJ have forced the hand of legislators. Rather than take multiple hints dropped by the previous administration, the agencies have only increased the volume of their anti-encryption rhetoric in recent months. Maybe the agencies felt they'd have the ear of the current administration and Congressional majority, but investigations involving the president and his staff have pretty much killed any "law and order" leanings the party normally retains. This bill may see widespread bipartisan support simply because it appears to be sticking it to the Deep State. Whatever. We'll take it. Hopefully, this makes a short and direct trip to the Oval Office for a signature.

Read More | 15 Comments | Leave a Comment..

Posted on Techdirt - 15 May 2018 @ 10:44am

UK Cops Threaten Facebook Users With Arrest After They Mock Department's Tiny Drug Bust

from the small-minds-with-smaller-ideas dept

Thickness of skin appears to be inversely proportional to the amount of power one has. This has been shown again and again. It often makes high-powered "victims" appears as though the only reason they entered public service was to punish the public for its lack of respect. The lesson never learned is that abuse of power never results in a respect net gain.

Because this lesson is seemingly impossible to learn, we get things like this. The West Yorkshire Police proudly announced the smallest of drug busts on its Facebook page.

***Cannabis Seized***

PCSO 687 Ian Campbell and PCSO 882 Ben Hughes attended Walton colliery nature park and seized a small quantity of Cannabis from a young man who was parked up alone.

Walton Colliery nature park will be firmly on our patrol plan in the future to prevent this behaviour.

For this, it was mocked. And rightfully so! Who cares if you busted some dude with his personal stash of weed? Good for you, I guess, but the general public is mostly of the opinion this should be legal and seldom finds enforcement of laws it doesn't agree with grounds for commendation. This should have come as no surprise to the West Yorkshire Police.

Instead of doing nothing, the Police did this. (h/t Alex Griswold)

Unfortunately we have had to ban a number of people from using this page today. I would like to remind everyone that this is a Police page and whatever your thoughts on one of my officers seizing drugs in the community, being insulting, abusive or offensive can and will result in a prosecution under the Malicious Communications Act 1988.

We will not overlook the significant harm that illegal drugs cause to our communities. We know from experience that this can progress from using what are perceived to be recreational drugs to more addictive and harmful substances and the resulting criminality used to fund their continued use.

Please use this page with respect or you will be banned and maybe even prosecuted

Police Inspector Martin Moizer.

First off, the Police did not "have" to ban anybody from the page. The mockery could have laid beside the accolades as an object lesson about interacting with the public re: pitifully small drug busts announced with the same gravity as the apprehension of an armed robbery suspect. ("firmly in our patrol plan" lol)

Second, fuck you. That law isn't there to protect the powerful from the powerless. But when you craft a law that can be used this way, it guarantees it WILL be used this way. And the law doesn't say what the law enforcement officer says it does (SHOCKER). It actually says this act is illegal:

Offence of sending letters etc. with intent to cause distress or anxiety.

If any officers were distressed or anxious because locals dragged them a bit for peacocking their tiny pot bust, they're in the wrong field of work. Facebook commenters pale in comparison to the invective routinely hurled at officers during the course of the day, often delivered in person by someone on the receiving end of an arrest. And that's even less anxiety-raising or distressing than the sticks-and-stones equivalents (knives, mostly) suspects might bring to bear against officers of the law. "Words may never hurt me," say the police, as they seek to use others people's words to hurt them.

Finally, there's the idiotic claim about gateway drug use, one that has been repeatedly found false. Busting people for smoking weed in a park isn't going to do anything to stop the trafficking of harder drugs or the "resulting criminality" involved in their distribution. Not only is the West Yorkshire Police willing to abuse a law to silence critics, it also wants everyone to believe they reside in a magical dystopia where minor pot busts in a nature park somehow accomplishes something of value to society as a whole.

64 Comments | Leave a Comment..

Posted on Techdirt - 15 May 2018 @ 9:35am

FBI's Bust Of Black Open Carry Advocate Predicated On An InfoWars Video Ends In Dismissed Indictment

from the making-its-terrorism-investigations-look-solidly-grounded dept

The FBI's throwback to its Martin Luther King Jr.-watching heyday has reached the first stop on its way to its eventual nadir. Deciding backlash against violence perpetrated by law enforcement officers had resulted in too many frightening African Americans organizing, the agency decided to place "Black Identity Extremists" under surveillance, claiming this made-up group would "likely" engage in violence against police officers.

So far, the agency has yet to secure a prosecution under this theory of extreme blackness. But it has managed to severely disrupt the life of at least one black male.

Rakem Balogun thought he was dreaming when armed agents in tactical gear stormed his apartment. Startled awake by a large crash and officers screaming commands, he soon realized his nightmare was real, and he and his 15-year-old son were forced outside of their Dallas home, wearing only underwear.

Handcuffed and shaking in the cold wind, Balogun thought a misunderstanding must have led the FBI to his door on 12 December 2017. The father of three said he was shocked to later learn that agents investigating “domestic terrorism” had been monitoring him for years and were arresting him that day in part because of his Facebook posts criticizing police.

"Domestic terrorism" is one of the narratives the FBI trotted out during this abortive investigation and prosecution. The facts leading to Balogun's arrest are almost literally unbelievable. His surveillance is believed to be part of the FBI's recent "Black Identity Extremists" focus. Balogun (born Christopher Daniels) is a black open-carry advocate residing in Texas, where this practice is legal. He attended a protest in Austin, Texas -- one featuring black open carry advocates like himself. Apparently, the FBI decided it needed to play to edges of reality to build a case against the activist.

Daniels, a founding member of both Guerilla Mainframe and the Huey P. Newton Gun Club, groups that promote weapons training, fitness, and community service among African Americans, first came under FBI scrutiny in 2015 when he appeared in videos participating in an open-carry rally against police brutality. Footage of the demonstration aired by the right-wing conspiracy website InfoWars showed demonstrators chanting “oink oink bang bang” and “the only good pig is a pig that’s dead.”

The InfoWars video drew the FBI’s attention to Daniels’ social media accounts, according to court documents, where he published what they deemed to be comments advocating for “violence toward law enforcement.”

The FBI admitted the comments it reviewed did not actually advocate for violence against police officers, nor did they contain threats from Daniels himself. But what was the agent supposed to do? Stop looking for reasons to fulfill the FBI's "BIE" fantasy?

Nope, instead the FBI raided Balogun's house to arrest him for possession of a handgun, supposedly because it violated restrictions placed on Balogun following a misdemeanor domestic assault conviction in 2007. This bullshit charge doesn't explain why it took the FBI two years from the viewing of the video (a goddamn InfoWars video, at that) to make its move.

The court tossed the indictment -- two years and one InfoWars video in the making -- because the alleged criminal act wasn't actually a real criminal act.

The indictment was dismissed May 1, when a district court in Texas determined “domestic assault” as codified by Tennessee law does not fit the federal definition of domestic violence that would prohibit him from owning a firearm. Daniels was ultimately released from custody two days later.

But that was two days after Daniels spent six months in jail for a charge the FBI offered up because it couldn't find what it was really looking for: a "Black Identity Extremist" calling for violence against cops. The government couldn't get what it wanted, but rather than call the investigation to a halt, it kept digging around in the federal and state rule books to find anything to use against Balogun. "Rule of law" is a joke -- and so is every government official echoing this empty phrase as the FBI pursues bullshit investigations and handcrafts terrorism suspects for easy prosecutions.

58 Comments | Leave a Comment..

More posts from Capitalist Lion Tamer >>