Capitalist Lion Tamer’s Techdirt Profile


About Capitalist Lion TamerTechdirt Insider

List of blogs started with enthusiasm, which now mostly lie dormant:

[reserved for future use]

[recently retired]

[various side projects]

Posted on Techdirt - 21 October 2016 @ 3:21am

FBI Director: We Need More Data On Police Shootings So Law Enforcement Can 'Change The Narrative'

from the it's-not-about-accountability,-it's-about-control dept

FBI Director James Comey didn't dig into his bag of "Ferguson Effect" rhetorical devices during his comments to a law enforcement conference on Sunday, but he came close. Under that theory, the possibility of being held accountable by citizens and their recording devices has apparently been holding officers back from enforcing laws, making arrests, or otherwise earning their paychecks.

The problem now is a lack of data, Comey claims. Law enforcement has lost control of the narrative, he stated, as if a one-sided portrayal of every police use of excessive/deadly force was somehow beneficial to the nation.

Dramatic videos of deadly law enforcement encounters and the absence of reliable data about how often police use force contribute to a regrettable narrative that "biased police are killing black men at epidemic rates," FBI Director James Comey said Sunday.

That story line has formed amid a lack of comprehensive, national data about how many citizens are killed or injured at the hands of police officers.

Thanks to the DOJ and FBI's active disinterest in collecting this data (until just recently), the "narrative" is no longer law enforcement's to control. Comey at least admits the FBI -- which was charged with collecting this data but somehow believed voluntary reporting would result in a comprehensive dataset -- is partly to blame.

We do not know whether number of black, brown or white people being shot by police is up because we have not collected data.

The problem with Comey's comments is that he apparently believes data on excessive force and killings by police officers will be ultimately exculpatory.

We need to show people what American law enforcement is really like, because if they see what we see, the chasm will close.

But the data collected by the public of its own initiative shows exactly what Comey claims it doesn't: that law enforcement officers are killing black men at "epidemic rates." Worse, Comey believes data collected and disseminated well after the fact will somehow be able to defuse immediate reactions to released video of officers killing or abusing citizens.

Videos of fatal police encounters that capture the public's attention and are shared broadly across the internet can fuel the perception that "something terrible is being done by the police," even if the data aren't there to back it up.

Given the audience, Comey probably didn't feel comfortable pitching the truth: that policing in America is every bit as bad as it's portrayed to be. Comey thinks data will give law enforcement control over the narrative, but that seems to be his only concern. The culture of American policing needs to change before the data start matching law enforcement's narrative.

Almost without fail, DOJ investigations of law enforcement agencies find two things: routine use of excessive force and biased policing. These aren't anomalies or "bad apples." This is how policing in America works.

As for the narrative, law enforcement still largely controls it. The corpse of the recently killed is barely on the way to the city morgue before law enforcement officials are dumping criminal records and officers' "feared for their safety" claims into the hands of reporters. No amount of pointing to stats is going to change the fact that far too many interactions are needlessly escalated by responding officers, or that biased police tactics are generating far too many interactions in the first place.

While it's good to know the FBI is finally going to push for better data collection on police use of force, the fact that it did nothing for nearly two decades counts against any goodwill it might hope to generate by finally doing its job. Unfortunately for those hoping this might lead to better policing, Jim Comey has made it clear it's really about controlling the narrative and pushing the American public to view law enforcement the way Comey feels they should be viewed: as good people in tough jobs who rarely, if ever, screw up. We'll just have to see what sort of spin is applied when Comey realizes the numbers aren't going to add up to his preconceptions.

77 Comments | Leave a Comment..

Posted on Techdirt - 20 October 2016 @ 2:35pm

Former CIA Employee Sues Agency Over Its Refusal To Provide Documents In Electronic Form

from the exemption-(f)-u dept

The CIA is still causing problems for Jeffrey Scudder. Scudder used to work for the CIA. He was forced out of the agency after making a FOIA request for "historical documents of long-dormant conflicts and operations" while still employed there. Perhaps the agency thought only citizens outside of the agency should be making FOIA requests. Or maybe it thought Scudder was engaged in a particularly labyrinthine plot to exfiltrate declassified documents out of the agency. Whatever its thought process, it resulted in an FBI raid of Scudder's house, the seizure of his electronics, and the end of his career.

Unfortunately for the CIA, this has given Scudder more time to file FOIA requests and sue the agency when it responds in increasingly ridiculous ways. Scudder has already tangled with the CIA over its refusal to join the 20th century (never mind the current one) when turning over responsive documents. His last major request to the agency asked for "softcopy" -- i.e., not paper -- copies of 419 articles from the CIA's "Studies in Intelligence."

The CIA told him it had no way of providing him documents in the format he asked for. Instead, it claimed it only had one way to comply with the request: the stupidest, most circuitous way.

The defendant [CIA] avers that if it were ordered to honor the plaintiff's [FOIA] request [for soft copy records], it would have to print the existing electronic documents to paper and then rescan them into electronic documents so that they may be reproduced and released on removable media..."

Scudder called this an "administrative gimmick" -- something meant to discourage requesters and generate extra FOIA fees. The judge presiding over the case was less kind. She called it "Rube Goldbergian" while pointing out that FOIA law does allow requests to be turned down if they're too burdensome, but that's not an invitation to agencies to turn normal requests into overly burdensome ones by adding several layers of administrative busywork.

It's this case that's cited in Scudder's latest lawsuit against the CIA -- again hoping to force the agency to deliver documents digitally, rather than via a method lying somewhere between the hellish bureaucratic redundancy of Terry Gilliam's "Brazil" and a shoddy steampunk plot point. (To be fair, it could be institutional. The Defense Department itself once turned down a request from MuckRock because it couldn't find any money in its budget to repair/replace the single fax machine it used to receive FOIA requests.) From the filing [PDF] (via The FOIA Project)

Mr. Scudder, joined by three esteemed members of the academic community, now seeks through this new FOIA litigation to resolve once and for all whether CIA’s electronic production policy inextricably conflicts with the agency’s obligations under FOIA. A new FOIA request – outlined below – seeking electronic copies of historical CIA records is ripe for adjudication by this Court. Through this litigation, Mr. Scudder and his colleagues seek to bring CIA’s refusal to adhere to the letter – to say nothing of the spirit – of FOIA to an end.

This is pretty much more of the same for Scudder v. CIA, only this time Scudder brought colleagues: Ken Osgood, Hugh Wilford, and Mark Stout. He's also getting out ahead of the CIA's eventual denials and obtuse claims of technical ineptitude. He's forcing the issue by forcing the CIA to respond well ahead of its usual lackadaisical FOIA response schedule. Even better, he's brought another federal judge's not-at-all-impressed opinion of the CIA's reluctance to familiarize itself with peedee effs and ceedee romms… in 2016.

Hopefully, the court will prevent the CIA from continuing to blow taxpayer dollars on reams of paper, black toner cartridges, and snail mail postage.

Read More | 5 Comments | Leave a Comment..

Posted on Techdirt - 20 October 2016 @ 3:06am

Local Superior Court Judge Says DEA's Wiretap Warrant Factory Perfectly Legal

from the Judge-Malloy's-Wiretap-Warrant-Laundry-Service dept

Over the past several years, the DEA has run hundreds of wiretap warrants through a single county judge's court after getting them approved by whoever happened to be in the local district attorney's office when agents need one signed. The latter part of this process runs contrary to statutes enacted specifically to prevent abuse of wiretap warrants by the federal agencies.

The approval process, which had been streamlined to eliminate any possible roadblocks to the DEA's deployment of wiretaps all over the country, was considered by the DOJ to be far enough outside legal boundaries as to make the warrants questionable, if not legally "toxic."

The district attorney who was supposed to personally approve these wiretap warrants never did. Former Riverside County district attorney Paul Zellerbach delegated this task to anyone but himself. Because of this, some of the warrants have been challenged in court, leading to the DOJ stepping in to salvage wiretaps its lawyers had previously instructed DEA agents to keep out of federal courts.

Not much of this seems to matter now, as another Riverside County judge has just declared the DEA's wiretap warrants to be perfectly valid.

Superior Court Judge John Molloy ruled that the district attorney was allowed to delegate the responsibility of approving wiretap applications to his second-in-command.

Except that's not really what happened. Zellerbach, who managed to obtain a warrant of his own by failing to show up for court, never designated any particular person to approve the warrants. As Brett Kelman and Brad Heath reported earlier, Zellerbach himself stated that he delegated this task to "lower level lawyers," rather than a specific person -- contrary to statutes directly stemming from the federal government's previous abuse of wiretap warrants to surveil civil rights leaders during the 1960s.

Federal law bars the government from seeking court approval for a wiretap unless a top prosecutor has personally signed off on that request.

Zellerbach claimed he had no time to personally approve these wiretap requests. And he probably didn't, what with the DEA funneling several hundred of these through his office and into the hands of county judge Helios Hernandez (who singlehandedly approved five times as many wiretap warrants as any other judge in the nation).

Judge Molloy, however, likely views this abuse of the system as good police work.

Molloy, a former prosecutor who used to work with wiretap applications, ruled that Zellerbach’s practice of letting his number-two prosecutor sign off on them did not violate state or federal wiretap laws.

Molloy also said that because Zellerbach was away at an education conference in another Southern California town when the specific wiretap defense lawyers were challenging was approved, he would have been allowed to delegate it anyway.

Zellerbach's second-in-command testified in court that he usually handled wiretap requests, paying no mind to the federal limitation that Zellerbach be actually absent before he had permission to do so.

Under Zellerbach, that person was Van Wagenen. However, on Friday, Van Wagenen testified that he didn’t actually check if Zellerbach was available before he signed hundreds of applications.

“The protocol was that I was to sign the application instead of Mr. Zellerbach,” Van Wagenen said.

“On any occasion?” asked defense attorney Jan Ronis.

“If I was available and in the office, yes,” Van Wagenen answered.

Judge Molloy revisited the questioning minutes later.

‘Did you ever ask Paul Zellerbach to review a wiretap application?” Molloy asked.

“I did not,” Van Wagenen said.

"This is fine" ruled the judge, and at least one warrant -- if not dozens of others obtained in the same jurisdiction (which would be a significant percentage of the DEA's wiretap warrants) -- has been given a post facto veneer of lawfulness. This takes some weight off the DOJ's legal team, which had previously advised the DEA to steer clear of federal prosecutions stemming from questionable warrants. Now, it can just let the highest level local judge's blessing do its work for it.

3 Comments | Leave a Comment..

Posted on Techdirt - 19 October 2016 @ 5:15pm

Documents Show Chicago PD Secretly Using Forfeiture Funds To Buy Surveillance Equipment

from the no-accountability,-no-oversight dept

The Chicago Reader has put together a massive, must-read investigation into the Chicago Police Department's secret budget. The Chicago PD has -- for years now -- used the spoils of its asset forfeiture program to obtain surveillance equipment like Stingrays. This discretionary spending is done off the city's books, allowing the CPD to avoid anything that might prevent it from acquiring surveillance tech -- like meddling city legislators… or the public itself.

Since 2009, the year CPD began keeping electronic records of its forfeiture accounts, the department has brought in nearly $72 million in cash and assets through civil forfeiture, keeping nearly $47 million for itself and sending on almost $18 million to the Cook County state's attorney's office and almost $7.2 million to the Illinois State Police, according to our analysis of CPD records.

The Chicago Police Department doesn't disclose its forfeiture income or expenditures to the public, and doesn't account for it in its official budget. Instead, CPD's Bureau of Organized Crime, the division tasked with drug- and gang-related investigations, oversees the forfeiture fund in what amounts to a secret budget—an off-the-books stream of income used to supplement the bureau's public budget.

The Reader found that CPD uses civil forfeiture funds to finance many of the day-to-day operations of its narcotics unit and to secretly purchase controversial surveillance equipment without public scrutiny or City Council oversight.

It sounds like a lot of money -- $72 million in civil forfeiture funds -- and it is. But it's not like this money comes from a few large busts that have seriously affected the city's drug trade. That may be the rationale for the PD's convictionless seizing of property and cash (just like "terrorism" is often cited when acquiring surveillance tech ultimately destined for plain vanilla law enforcement use). But in reality, the forfeiture's rarely do anything more than financially cripple a large number of individuals who have little to anything to do with drug trafficking. The Chicago Reader reports that the median seizure in Illinois is only $530 -- hardly an amount one associates with criminal empires. In fact, the normal cash seizure probably sounds more like the following than a breathtaking dismantling of a local drug-running crew.

Ellie Mae Swansey, a 72-year-old retiree living on a fixed income, had her 2001 PT Cruiser seized two years ago when Chicago police arrested her son for drug manufacturing. The costs of simply beginning the long, circuitous, extremely-frustrating battle to reclaim her vehicle were prohibitive.

In order to have a chance at getting their property returned, claimants must put down a bond toward their asset when first submitting the official paperwork. This means that Swansey had to pay $140 (10 percent of her car's value) just to start the process. Then, to appear in court, she had to pay an additional $177 fee.

To Swansey, who lives on a $655-per-month social security check, these costs are substantial. Successful claimants will have 90 percent of their bond returned; unsuccessful claimants get nothing back.

The extensive investigation, compiled from dozens of FOIA request (more on than in a bit), notes that 90% of the seized funds spent by the CPD went to expected, above-board expenses: vehicles, cellphones, etc. But the rest of it went other places, obscured by redactions and withheld documents. Payments to cellphone forensics companies like CellBrite were uncovered, as were purchases of a license plate reader installed near the CPD's infamous Homan Square detention center black site, and $417,000-worth of cell tower spoofers.

The Chicago PD will continue to roll over retirees like Swansey because the laws governing forfeiture in Illinois have completely corrupted the incentives. It's not about law enforcement or crime prevention. It's about autonomy, power, and a steady flow of spendable cash.

When a government agency is allowed to handle the forfeiture proceeds it brings in—as is the case with both CPD and the Cook County state's attorney's office—it controls both "the sword and the purse," like an army that is also its own taxing authority. This is according to Lee McGrath, legislative counsel for the Institute for Justice, which seeks to reform civil asset forfeiture laws across the country.

And for what? What has been the end result of this massive amount of supposedly drug-focused seizures and spending?

[T]he prices of many drugs have decreased and purity has increased since the [drug] war began.

The second part of this story is just as interesting. It details how the Chicago Reader managed to get its hands on this stash of documents. It began with a FOIA request for Stingray documents from the Chicago PD. In between the redactions, the PD accidentally gave up its quasi-"black budget" account numbers.

On October 13, 2014, Christopher Kennedy, from CPD's Gang Investigations Division, wrote to Nicholas Roti, then chief of the department's Bureau of Organized Crime:

"Because this equipment will be used for [REDACTED] investigations in to [sic] [word missing] [I] recommend that it be paid for with both 1505 and 1505ML funds in equal amounts," he wrote.

Several requests later, Lucy Parson Lab (government transparency activists) and the Chicago Reader confirmed that these accounts were tied to asset forfeiture. Moving on from there, however, required some outside assistance. The Reader was going to be asking for a lot of documents and it would have been easy for the Chicago PD to deny such a request from a single entity as "unduly burdensome."

But several public records requesters, each using their own name? Not as easy.

To get over this hurdle, Lucy Parsons Labs launched a collaboration with MuckRock, a FOIA and transparency website, asking ordinary users to send FOIA requests on our behalf.

Lucy Parsons Labs drafted a sample FOIA request for users to download and submit. We also managed the responses from CPD—MuckRock's platform automatically followed up with CPD when the department was late responding to a request. Once checks came back from CPD, Lucy Parsons members collected the data in a centralized location and classified each purchase as being either part of routine police activities or as part of broader surveillance efforts. Eleven of our 13 community requesters used the MuckRock FOIA platform to submit and manage their requests.

This is how you beat a system predisposed to telling you "no." A "burdensome" request split 20 ways is no longer a burden. Sure, the Chicago PD might have experienced a bit more of a crunch fulfilling these, but it couldn't use the law to deny releasing documents it almost certainly would have preferred to keep under wraps.

14 Comments | Leave a Comment..

Posted on Techdirt - 19 October 2016 @ 3:00pm

FBI, CBP Join Forces To Turn Airports Into Informant Recruiting Centers

from the which-do-you-prefer?-a.)-spying-for-us-or-b.)-being-arrested? dept

The FBI and CBP have been using the nation's borders as recruiting stations for informants. This phrasing makes it sound a lot more voluntary than it actually is. The Intercept has obtained documents showing how these two agencies work together to pressure foreign visitors into basically becoming spies for the United States.

The FBI gives CBP a list of countries of origin to watch out for among passengers, sometimes specifying other characteristics, such as travel history or age. It also briefs CPB officers on its intelligence requirements. The CBP sifts through its data to provide the bureau with a list of incoming travelers of potential interest. The FBI can then ask CBP to flag people for extra screening, questioning, and follow-up visits. According to the documents, the FBI uses the border questioning as a pretext to approach people it wants to turn informant and inserts itself into the immigration process by instructing agents on how to offer an “immigration relief dangle.”

These documents confirm what was alleged in a lawsuit filed by Rahinah Ibrahim two years ago. Her filing pointed out that the FBI has used threats in the past to secure cooperation, like revoking traveling privileges or trying to prosecute immigrants for minor crimes. Ibrahim's lawsuit had another allegation: the secret "no fly" list is also being used as a coercive tool, with agents threatening to add travelers' names to the list if they refused to go to work as informants.

The documents obtained here note that the joint recruiting efforts have expanded far past the nation's border. Some form exists in every airport in the nation. Travel to and from certain countries is flagged for extra scrutiny. The CBP collects extensive data on everything crossing US borders -- people or products -- and turns this over to the FBI with any potential targets pre-flagged. It also provides the FBI with a list of passengers expected to arrive from "countries of interest" at the nation's airports within the next 72 hours.

The CBP is supposedly in the border-securing business and the FBI in the law enforcement business, but these directives turn them both into intelligence agencies. This has made both agencies far more interested in recruitment and data harvesting than their original directives. The documents show that the CBP tends to grab the most data, starting with basic traveler information. There is no predetermined endpoint to the CBP's investigative work. Secondary screenings at borders could run from a few minutes to several hours, depending on how much the CBP wants to harvest.

The CBP materials indicate that as part of secondary inspections, CBP can search “pocket litter,” documents, and cellphones. The April 2012 presentation promises a “full cell dump, including #s, text messages, pictures, etc.” at certain airports.

Everything is passed on to the Joint Terrorism Task Force, which then starts the uglier work of pushing certain travelers into becoming informants, using both carrots, sticks and, in some cases, visits to their homes. Immigration revocation threats are common. So is the promise of benefits. But in both cases, the FBI -- working with CBP info -- is using motivations it can't actually offer or revoke.

When potential informants are not U.S. citizens, they may be particularly vulnerable to pressure from the FBI. Indeed, the bureau is counting on people thinking that FBI involvement in immigration decisions is normal, the documents indicate. In reality, FBI agents are expressly forbidden from promising immigration benefits to potential informants or threatening deportation.

The agency apparently believes deceiving foreign citizens during the recruitment process causes zero damage.

“If subject is deemed ‘recruitable,’” the slides state, then a “series of overt interviews set into motion.” If the person is “not recruitable,” then “NO HARM. Subject believes that the interview is part of the immigration process.”

This is why these recruitment efforts work. The FBI is counting on the ignorance of visiting travelers to help it turn visitors into informants. A suspicionless detention in which several invasive questions are asked is considered to be "no harm," and the FBI will just move on to the next suggestion from CBP. And even if they think this might have been out of the ordinary, what are they going to do? Complain to another person in uniform and hope that the implied threats of deportation are bogus?

15 Comments | Leave a Comment..

Posted on Techdirt - 19 October 2016 @ 1:34pm

Intelligence Contractors Being Paid Millions To Surf The Web, Sext With Teens, Have Affairs With Co-Workers

from the your-tax-dollars-fucking-around dept

Let's review some Intelligence Community terminology, shall we? [All expanded definitions courtesy of Vice News and Jason Leopold's FOIA tenacity.]

"Collect [It] All [These Paychecks You Haven't Earned]"

The Intelligence Community Inspector General (IC IG) Investigations Division (INV) identified [redacted] is an employee of CENTRA* Technology, working on ODNI contract [redacted] The data analysis indicated that [redacted] was not likely present at her assigned worksite for the full period in which she billed the contract. [redacted] 1 June 2012 to 29 July [redacted] billed the government for 630 hours for which she was not present at her worksite.

*Jason Leopold points out CENTRA was contracted to review CIA torture documents. Or NOT review them, as appears to be the case here.

Total cost to taxpayers for [redacted] not being at work? Almost $30,000.

Finding: [redacted] falsely charged approximately 306 hours from 1 June 12 to 29 July 2013. She had a billing rate of $89.14 per hour during this time frame. The total amount of mischarging is approximately $27,301.

"Haystacks [of Single Women]"

In the administrative hearing held on 30 March 2012, [redacted] admitted that while at work he used his AIN connection to purchase non-official plane tickets, send instant messages to friends, and check online dating services. According to [redacted] he accessed these online dating and social accounts to view images of scantily clad or naked women. [Redacted] noted that while on the AlN he used MySpace and Meebo as his means of e-mailing and instant messaging his friends and acknowledged that some of these conversations lasted all day. [Redacted] also explained that 95% of his time spent on the internet was for personal use.

Total tab run up by Lazyass P. Horndog* - $974,000 over six years, with an admitted 95% of that being tax dollars down the drain.

"Incidental Collection [of Money in Exchange for not Doing a Damn Thing]"

Finding: [Redacted] submitted false time cards for approximately 220 hours which he did not work, from 15 FEB 12 until 31 JUL 12. [Redacted's] hourly rate charged to the government was approximately $125 per hour; the total loss to the government for this time frame is approximately $27,500. During the IC IG interview with on 18 October 2012, he admitted that he falsely recorded his time since 2005. Mr. [Redacted] previously worked on the same contract at a facility without [redacted]; therefore the IC IG has no record of his time at work prior to 15 Feb 2012. Mr. [Redacted] charged approximately 8.8 hours per week which he did not work over 25 weeks from 1 January 2005 through 15 Feb 2012. An average of 8.8 hours per week from January 2005 through 15 February 2012, equates to approximately 3,282.4 hours which is an estimated loss of $410,300 (without accounting for rate adjustments).

"Minimization Procedures [for Open Browser Tabs on Government Computers]"

In May 2013. the IC IG Investigations Division obtained additional AIN records of sexual chat. We found that [redacted] began using AIN for sex chat in May 2010 and continued on a near daily basis until his removal ODNI facilities on July 18, 2013, under the direction of agency security officials.

[Redacted] often engaged in as many as 20 exchanges per day seeking sex partners. The majority of [redacted's] sex chat included attempts to establish after work sexual encounters, descriptions of desired sex acts and graphic descriptions of his genitalia.

"Targeted Communications"

Upon discovery of information that [redacted] attempted to establish a sexual relationship with a possible minor residing in northern Virginia, this office referred the matter to the FBI, specifically the Northern Virginia Internet Crimes Against Children (ICAC) task force.

There's way too much fraud, misconduct, and criminal activity in these reports to fully cover here. The 264 pages [PDF] released to Leopold and Vice as the result of an FOIA lawsuit detail extramarital affairs involving supervisors and subordinates, unapproved telecommuting by contractors handling sensitive documents, and page after page of attendance fraud.

Multiple cases are included, most involving hundreds of hours and tens of thousands of dollars of unearned wages. The intelligence community has the big budget and all the manpower it wants, but it apparently doesn't have enough actual work to keep them all busy. Contractors have charged taxpayers for hours they never worked, running personal errands, moonlighting as university instructors, and tending their Farmville crops.

This is the direct result of the community's "collect it all" attitude. If some is good, more is better, and while budgets and staffing expand exponentially, lots and lots of tax dollars are spent paying contractors who aren't doing anything and plenty of other contractors engaged in IC busywork that contributes nothing to the nation's security and safety.

Read More | 15 Comments | Leave a Comment..

Posted on Techdirt - 19 October 2016 @ 8:24am

Appeals Court Affirms NSA Surveillance Can Be Used To Investigate Domestic Criminal Suspects

from the spooks-in-the-federal-cop-shop dept

The Seventh Circuit Court of Appeals confirms what's already known about the NSA's domestic surveillance: it's not just for terrorism.

The NSA collections -- done in the FBI's name -- are supposed to only gather info related to international terrorism. But that requirement has been phased out. The NSA "tips" a certain amount of data to the FBI for its own use and it has been shown in the past to do the same for the DEA, which it then instructs to obscure the origin of its info.

An opinion [PDF] just released by the Appeals Court, says basically the same thing: although the NSA's surveillance is supposed to be used to sniff out terrorists, there's nothing in the law that prevents it from using its collections to go after criminals.

Gregory Turner was convicted of conspiring with Prince Asiel Ben Israel (both US persons) to provide aid to Zimbabwean "Specially Designated Nationals" -- in this case a group working to block the institution of more democratic processes and procedures in that country.

Turner moved to suppress the evidence, claiming that the government's use of a FISA order to obtain information on his activities violated the NSAs foreign intelligence directives. But the court finds the directive does not limit FISA warrants to terrorism only. The government only needs to "reasonably believe" a target is an "agent of a foreign power."

The government informed Turner it had gathered evidence using FISA-authorized surveillance. Then it refused to turn over information to him with regards to its activities. From the redacted, terribly-reproduced decision:

On February 27, 2014, Turner filed a motion for disclosure of FISA materials and motion to suppress evidence obtained or derived from FISA. The government responded to these motions with a classified brief and a sealed appendix submitted ex parte to the district court and redacted, unclassified version served to Turner. Additionally, the government filed a "Declaration and Claim of Privilege" by the Attorney General that declared, "it would harm the national security of the United States to disclose or hold an adversarial hearing with regards to the FISA materials…"

Both motions by Turner were denied. These denials have been upheld by the Appeals Court. Turner claimed the government failed to meet its probable cause requirements for the FISA warrant and also violated his First Amendment rights with its surveillance.

Much of the court's reasoning is redacted but it does have this to say about Turner's assertions.

Turner contends that "FISA appears to require the communications subject to surveillance of a United States person must related directly to activities involving international terrorism as defined in FISA." Turner misstates the law. FISA is not limited to activities involving international terrorism. FISA authorizes surveillance and searches based on probable cause that the target is an "agent of foreign power," which relates to "any person" engaged in certain activities… on behalf of a foreign power, including "clandestine intelligence gathering activities" and "enter[ing] the United States under a false or fraudulent identity… or while in the United States… assum[ing] a false or fraudulent identity." These activities are listed in addition to "international terrorism."

Not only that, but the laws governing FISA-ordered activities were loosened in 2008 to encompass all sorts of criminal activity not related to foreign powers or international terrorism.

FISA, as amended in 2008, "eliminated any justification for the FISA court to balance the relative weight the government places on criminal prosecution as compared to other counterintelligence responses." [...] [T]he amended FISA statute "does not oblige the government to demonstrate to the FISA court that its primary purpose in conducting electronic surveillance is not criminal prosecution."

As for Turner's First Amendment claims, the court finds the activities he engaged in were not covered under the First Amendment, no matter how "right" Turner may have believed undermining the installation of a democratic government was. As the court sees it, the government established Turner was an "agent of a foreign power," something that strips away protections normally afforded to political activity. Or maybe just political activity the US government doesn't approve of.

Either way, it's very clear FISA court orders can be used to engage in domestic surveillance purely to investigate criminal activity, something the NSA hasn't exactly been forthcoming about. As long as a foreign power is somehow involved, the NSA and the FBI are interchangeable surveillance pieces, even though one of them is assumed to be mostly uninvolved in domestic surveillance of US persons.

Read More | 24 Comments | Leave a Comment..

Posted on Techdirt - 19 October 2016 @ 3:15am

Pam Geller Doubles Down On Claims That Facebook Removing Her Posts Is Section 230-Enabled 'Government Censorship'

from the when-in-doubt,-press-repeat dept

Pam Geller has decided there's nothing like grabbing more shovels when you're already in a hole. [And that means it's time for notable "leftist publication" Techdirt to crank out another "little hit piece" filled with "hyperbole and nonsense," apparently...]

Geller doesn't like the way she's been treated by Facebook, YouTube, and Twitter and has decided the problem is Section 230 of the CDA. So, she's suing the DOJ for "enforcing" the immunity the government has granted to websites to shield them from being held responsible for user-generated content.

The DOJ responded to her lawsuit by pointing out that the DOJ doesn't ENFORCE anything. It's a defense service providers can raise when entities come after them for content posted by their users. In Geller's mind, Section 230 gives service providers the "right" to arbitrarily remove content. She's wrong, of course. It does no such thing. Instead, Section 230 prevents service providers from being held civilly liable for making "good faith" efforts to remove objectionable content. The rest of what Geller's complaining about can be traced back to each provider's terms of service and their individual translations of what that means in terms of Geller's often-inflammatory content.

Geller continues to insist this is about suing Facebook, even though Facebook isn't a named party. And her response to the DOJ's motion to dismiss strongly suggests she feels she can't directly sue any service provider for taking down her content because of Section 230. This is also incorrect. She may have almost no chance of winning the suit, but nothing in Section 230 prevents service providers from being sued for allegedly discriminatory behavior. From Geller's opposition motion [PDF] (h/t Adam Steinbaugh):

By way of § 230, the Government is empowering this type of discrimination and censorship. By its own terms, § 230 permits Facebook, Twitter, and YouTube “to restrict access to or availability of material that [they] consider[] to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable.”

This is where Geller misreads "permits" as "orders." Section 230 does not place any content-based restrictions on speech. Instead, it immunizes service providers from civil liability for good faith content removal. Geller calls this immunization "government-sanctioned discrimination and censorship of speech" -- somehow finding a defense mechanism to be an avenue of attack. (She repeats her laughable assertion that Section 230 is a "heckler's veto" multiple times in the filing.)

From there, Geller theorizes that Section 230 would prevent Facebook, et al from being sued for violating California's anti-discrimination statutes. This theory is incorrect as well.

The pertinent part of Section 230 reads:

Nothing in this section shall be construed to prevent any State from enforcing any State law that is consistent with this section. No cause of action may be brought and no liability may be imposed under any State or local law that is inconsistent with this section.

This law immunizes Facebook from being held liable for, say, Pam Geller's controversial content -- even if a state law says otherwise. What it doesn't do is immunize Facebook from liability for violating California discrimination laws, which is where Geller has a somewhat more cognizable claim. Unfortunately for her, she's chosen to name the wrong defendants and file in the wrong jurisdiction. Continuing to misconstrue a defense as an attack, Geller insists that she has standing to sue the federal government for content removal performed by a private company.

The very reason why Facebook, Twitter, and YouTube are able to engage in their discriminatory practices with impunity is § 230. See Klayman v. Zuckerberg, 753 F.3d 1354 (D.C. Cir. 2014) (concluding that § 230 foreclosed tort liability predicated on Facebook’s decision to allow or to remove content). In other words, the Government has sanctioned these discriminatory practices by placing them above the law. Consequently, the traceability element is satisfied.

If there's anything "traceable" here, it's the California location of the entities she mentions in her lawsuit (YouTube, Facebook, Twitter) but has not named as defendants. California law is the angle she should be using to attack these companies for their allegedly "discriminatory" removal of her postings, but she has filed in federal court and named the DOJ as the defendant.

Geller notes that California law prohibits the sort of discriminatory behavior she's alleging:

Section 51 of the California Civil Code provides, in relevant part, All persons within the jurisdiction of this state are free and equal, and no matter what their sex, race, color, religion, ancestry, national origin, disability, medical condition, genetic information, marital status, or sexual orientation are entitled to the full and equal accommodations, advantages, facilities, privileges, or services in all business establishments of every kind whatsoever.

If her allegations are true and these service providers are discriminating against her, Section 230 would not immunize them against these claims. But even if she were to raise claims solely under this law, she would likely not succeed.

The law only requires company provide "access." It does not demand they allow anyone to do whatever they want once they're granted access. Under this law, Facebook can't deny Geller an account simply because it doesn't like her religious views, but it is under no obligation to allow her to post whatever she wants. The DOJ, in its motion to dismiss, addressed this point as well (even though it was under no obligation to make California's arguments for it).

Nor is it clear how California law can require a private social media company to publish Plaintiffs’ speech, see Compl. ¶¶ 46-61, or how such a state-law requirement would be consistent with the First Amendment, which arguably protects a social media company’s editorial control or judgment from government regulation that would require publication of a certain message.

If Geller were able to prove she was denied access based on her religious beliefs (and a temporary ban doesn't cut it, legally-speaking), Section 230 would not stand in the way of the civil suit Geller doesn't appear to actually want to file. All Section 230 immunizes against is holding Facebook civilly liable for content users like Pam Geller have posted. And Geller's main complaint is that Facebook keeps taking her posts down, not allowing them to stay up.

At best, Geller's extremely misguided lawsuit may eventually boil down to litigation directly implicating California's anti-discrimination law and how that is actually applied to service providers located in California, but with users all over the world. It may also result in a somewhat indirect challenge of that law's Constitutionality. But what it won't do is make the federal government responsible for Facebook's actions. And Geller, whose popularity and following largely relies on inflammatory speech, is only shooting herself in the foot by attacking Section 230. If this immunization were not provided to social media platforms, it's highly unlikely she'd have anything more than a self-hosted personal blog for a soapbox.

The final irony is that Geller is no doubt opposed to anti-discrimination laws like California's that force private businesses to cater to customers they'd rather not -- perhaps even in opposition to their own religious beliefs. (See also: same sex marriage/wedding cakes.) But she wants the government to step in and act as arbiters of private companies' terms of service and prevent the sort of discrimination she claims is taking place.

Read More | 36 Comments | Leave a Comment..

Posted on Techdirt - 18 October 2016 @ 2:30pm

Reputation Management Company Linked To Bogus Libel Lawsuits Now Hyping Its Anti-Cyberbullying Skills

from the loutish-abuse-of-the-legal-system-notwithstanding dept

Fake lawsuits featuring fake plaintiffs filed against fake defendants and hustled past judges to secure court orders demanding delisting by search engines: that's the new face of reputation management, apparently.

Paul Alan Levy, along with newly-acquired partner Eugene Volokh, have managed to track down the possible perpetrator behind a couple dozen bogus lawsuits filed in recent months. Richart Ruddie and his company, Profile Defenders, appear to be engaging in some illegal activity in order to provide clients with the services they've promised them.

Ruddie has refused to comment on the lawsuits or answer questions posed by Levy and Volokh. Instead, he has opted to fight speech with more speech [lol] by issuing a very self-serving press release.

Here's what Profile Defenders has to say about itself -- not in response to any questions, but rather to buff some of the tarnish off its dented armor. It's not just about "protecting the rich." [No. Really.] It's about saving clients from cyberbullying. (h/t Paul Alan Levy)

Reputation management companies like Profile Defenders protect the innocent from the action of cyberbullies who prey on people.


Fortunately, reputation management companies like Profile Defenders have arrived, and in the war between reputation companies vs cyber bullies they give the innocent a chance to tell their story on the Internet. Co-founder of Profile Defenders, Richart Ruddie, is glad that people are given a second chance after being defamed by cyber bullies that act like new age mobsters trying to destroy good people through cyber bullying.

I assume Levy, Volokh, and others who have covered this slowly-unravelling debacle are the "new age monsters" attempting to destroy "good people" --"good people" who apparently have no problem filing bogus lawsuits and forging signatures, all the while charging thousands of dollars to drag down their clients' reputations along with their own.

Then there's this, helpfully pointed out by a commenter (and victim of one of PD's bogus lawsuits) on Levy's post. Ruddie's personal blog contains a post with some enlightening thoughts about journalism.

Writers and journalists typically use their powers for evil and to hurt good people.

And what sort of people are the "good people" hurt by "evil" journalists? Richart Ruddie is, according to Richart Ruddie.

Had one of the nicest compliments this past weekend. A new friend said "Chart do you know why I like you?"

"At the end of the day you're just a genuine person Richart Ruddie"

You're not looking for anything from anybody, you are just here to be happy and have a good time and if you can facilitate others to be happy as well then you do your part to ensure all others around you are happy.

Yep. Genuine as fuck. More from Levy:

[I] expect that Ruddie will prove a slippery character – the home page of his “Profile Defenders” web site provides a New York City street address that appears to be phony (a letter I sent him at that address demanding that he preserve relevant documents came back undeliverable), and both the Linked In and Google profiles of Profile Defenders show a Washington, D.C. address that does not exist. Moreover, Florida’s records reveal that Ruddie maintains a stable of many different LLC’s. It may take the investigative resources of a federal or state grand jury or of the Federal Trade Commission to track him and his assets down, and bring him to justice.

Volokh and Levy have uncovered plenty of damning evidence strongly suggesting Ruddie's company is now in the business of filing bogus lawsuits simply because (a) there's very little chance any judge will examine these cases closely (and when a judge does, the suit is refiled in another court) and (b) it's one of the only methods proven to result in delistings of negative reviews hosted by non-parties to the lawsuits. As Levy notes, it may be almost impossible to blow this wide open, much less get Ruddie to answer any questions about these lawsuits on the record. But the reputational damage his company is now causing indirectly to its clients may result in lawsuits Ruddie can't ignore, filed by aggrieved customers who paid thousands of dollars just to see themselves swept into Profile Defender's destructive vortex.

13 Comments | Leave a Comment..

Posted on Techdirt - 18 October 2016 @ 10:39am

FBI Facial Recognition Expert Helps Denver PD Arrest Wrong Man Twice For The Same Crime

from the all-hail-our-future-biometric-overlords dept

Never let it be said law enforcement won't get their man. Even if it's the wrong man. And even if they do it twice.

This was Denver native Steven Talley's first experience with the local PD.

It was just after sundown when a man knocked on Steve Talley’s door in south Denver. The man claimed to have hit Talley’s silver Jeep Cherokee and asked him to assess the damage. So Talley, wearing boxers and a tank top, went outside to take a look.

Seconds later, he was knocked to the pavement outside his house. Flash bang grenades detonated, temporarily blinding and deafening him. Three men dressed in black jackets, goggles, and helmets repeatedly hit him with batons and the butts of their guns. He remembers one of the men telling him, “So you like to fuck with my brothers in blue!” while another stood on his face and cracked two of his teeth. “You’ve got the wrong guy,” he remembers shouting. “You guys are crazy.”

Talley was driven to a Denver detention center, where he was booked for two bank robberies — the first on May 14 and the second on September 5, 2014, 10 days before his arrest — and for assaulting an officer during the second robbery.

Surveillance camera footage from the robbed banks had been circulated. Acquaintances and Talley's estranged ex-wife asserted that the man shown was Talley. Using these statements, the Denver PD moved forward with its particularly brutal arrest, one that left Talley with multiple injuries.

In the months that followed, a series of medical exams revealed that Talley had sustained several injuries on the night of his arrest, including a broken sternum, several broken teeth, four ruptured disks, blood clots in his right leg, nerve damage in his right ankle, and a possibly fractured penis.

Talley was held for two months until recordings made by his employer showed he was at his desk on sales calls during the time the May robbery took place. He was released and charges were dropped. But investigators still didn't have the right suspect in custody. So they turned the footage over to the FBI, which put one of its facial recognition experts on the case.

The detective assigned to Talley’s case, Jeffery Hart, had requested that an FBI facial examiner manually compare stills from the banks’ grainy surveillance videos to several pictures of Talley — a tall, broad-shouldered white man with short blond hair, mild blue eyes, and a square jaw.

The FBI analysis concluded that Talley’s face did not match the May robber’s, but that he and the September robber shared multiple corresponding characteristics, including the shape of the head, chin, jaw line, mole marks, and ear features. “The questioned individual depicted” in the September images, the report concluded, “appears to be Talley.”

"Appears." That was enough to justify putting Talley through this whole nightmarish experience again. Talley was arrested again, under the new law enforcement theory that the robberies had been committed by two different men, both of whom resembled Talley enough to have him arrested twice.

This time, the case fell apart almost immediately.

The FBI’s facial analysis was further called into question in court, when the prosecution’s star witness directly contradicted its conclusions. When Bonita Shipp — the sole witness to the September 5 robbery, who had previously identified Talley based on Hart’s photographic line-up — took the stand, she testified that Talley was not the same man who threatened her and robbed her station.

According to the internal bank form tellers fill out after each robbery, Shipp originally described the suspect as 6 feet, 175 pounds, with a slender build. But the man who stood before her, she noted, did not fit this description. Talley stood just under 6 feet 4 inches and weighed between 230 and 250 pounds. He did not, in her opinion, appear to be a slender man.

[I]n the cross-examination with the prosecutor, Shipp said that she had not previously told anybody about the robber’s hands. “When he reached his hands over the counter,” she told the DA, “I could see through his surgical gloves, and I could — he had like marks on his hands.”

The markings were moles and freckles, which she believed she would recognize if presented again with the robber’s hands. At the hearing, Talley offered to show Shipp his hands, and she examined them. “It’s not him,” she told the courtroom. “It’s not the guy who robbed me.” The prosecutor, Shipp recalled, went slack-jawed.

The reliance on facial recognition proved much more fallible than was asserted in court. The similarity between the faces -- as determined by the FBI's expert -- was based on little more than what one forensic scientist called "voodoo witchcraft."

No threshold currently exists for the number of points of similarity necessary to constitute a match. Even when agencies like the FBI do institute classification guidelines, subjective comparisons have been shown to differ greatly from examiner to examiner. And the appearance of differences, or similarities, between faces can often depend on photographic conditions outside of the examiner’s control, such as perspective, lighting, image quality, and camera angle.

And yet, the FBI and many other law enforcement agencies believe facial recognition software -- utilizing massive databases -- will do a better job than their own experts, which aren't exactly setting the forensic science world on fire. If anything, the move to software will only guarantee replicable errors, rather than a significant decrease in false positives. And whatever the software decides will still need to be translated by a human and presented by an expert in court, where claims of "certainty" have long been overstated.

Talley's case is one of the more dramatic outcomes of reliance on forensic techniques too inconclusive to truly be called "science." The continued push towards more reliance on experts' subjectivity and massive biometric databases ensures Talley's case won't remain an anomaly. In this incident, the only thing that's been proven is that law enforcement has the means and methods to arrest the wrong guy twice for the same crime.

67 Comments | Leave a Comment..

Posted on Techdirt - 18 October 2016 @ 9:40am

How Pharmaceutical Companies Are Keeping Americans From Doing Something The Government Says They Can Do

from the taking-options-away dept

The EFF's series on "shadow regulation" continues, this time exploring how American pharmaceutical companies are keeping affordable medication out of the hands of Americans. The examination goes beyond what's already common knowledge: that patents and regulatory capture have created a skewed marketplace that ensures healthy profit margins, rather than healthy Americans.

But what's not generally known is that the pharmaceutical companies have "partnered" with internet intermediaries to lock Americans out of purchasing options specifically approved by the FDA. To hear big pharmaceutical companies tell it, purchasing drugs from other countries (where the price is generally lower) is extremely dangerous, if not completely illegal. But that's simply not true.

[D]iscretionary guidelines developed by the Food and Drug Administration (FDA) and enforced by the CBP allow American consumers to import a 90-day supply of some prescription medications for personal use, including by bringing them across border checkpoints in personal luggage, or by mailing them from overseas. In the latter case, a large market exists for pharmacies registered in other countries such as Canada, Australia and Turkey, that will accept online orders and mail genuine pharmaceuticals to American consumers at cheaper than local prices.

Multiple industry groups -- most of them using the word "safe" in their names to insinuate that purchasing drugs anywhere but where they want you to is inherently "dangerous" -- have blacklisted certain foreign sellers and have pushed for internet service providers to enforce the blacklists.

The Alliance for Safe Online Pharmacies (ASOP) and Center for Safe Internet Pharmacies (CSIP) are two of these groups. Both groups feature a lot of overlapping membership but having two separate organizations gives this the appearance of more membership diversification than there actually is. While there's nothing inherently bad about wanting to ensure Americans purchase legitimate medications from foreign vendors, the blacklists cover more than just questionable sellers.

Two registers of online pharmacy websites are approved by both the ASOP and the CSIP. These are run respectively by LegitScript, and by the National Association of Boards of Pharmacy (NABP) under the name Verified Internet Pharmacy Practice Sites (VIPPS). A third, independent register is run by the eponymous, which the ASOP and the CSIP do not recognize. This is because while all three exclude sellers of fake and counterfeit drugs from their approved lists, only the U.S. pharmaceutical industry-run registers LegitScript and VIPPS also exclude overseas online pharmacies that supply genuine drugs to Americans under the FDA's personal use policy.

The shadow regulation keeps American purchasers away from legitimate sellers with lower prices. Going forward, ICANN's domain name registration is going to further prevent Americans from accessing more affordable drugs. These groups have pressured ICANN into using the same skewed blacklist when approving .pharmacy domains. While there are still other top-level domains available that may also help bring customers to legitimate vendors these groups want to lock out of the market, that too may change in the coming months. The National Association of Boards of Pharmacy (NABP) wants ICANN to police the web for it and, hopefully, to shut down domains owned by foreign medical vendors it doesn't like.

If it can't force ICANN to bend to its will, it will use tools it already has in place: pressuring online payments providers and ad services to cut off support for any seller it hasn't whitelisted.

This all helps ensure the industry can sell you drugs at the price it wants, rather than the price the market defines. Somehow, the exact same medicine produced by the exact same company should cost more simply because an American pharm tech put it into a bottle and printed a label, rather than someone who lives outside US borders.

12 Comments | Leave a Comment..

Posted on Techdirt - 18 October 2016 @ 8:24am

Granted Warrant Allowed Feds To Force Everyone At Searched Residence To Unlock Devices With Their Fingerprints

from the hello-dystopia dept

Thomas Fox-Brewster of Forbes has dug up an unsealed memorandum in support of a federal search warrant demanding… all the fingerprints of every occupant in the searched residence.

FORBES found a court filing, dated May 9 2016, in which the Department of Justice sought to search a Lancaster, California, property. But there was a more remarkable aspect of the search, as pointed out in the memorandum: “authorization to depress the fingerprints and thumbprints of every person who is located at the SUBJECT PREMISES during the execution of the search and who is reasonably believed by law enforcement to be the user of a fingerprint sensor-enabled device that is located at the SUBJECT PREMISES and falls within the scope of the warrant.” The warrant was not available to the public, nor were other documents related to the case.

The memorandum goes on to point out that simply demanding fingerprints implicates neither the Fourth nor Fifth Amendments. But the additional permissions sought certainly do.

“While the government does not know ahead of time the identity of every digital device or fingerprint (or indeed, every other piece of evidence) that it will find in the search, it has demonstrated probable cause that evidence may exist at the search location, and needs the ability to gain access to those devices and maintain that access to search them. For that reason, the warrant authorizes the seizure of ‘passwords, encryption keys, and other access devices that may be necessary to access the device,’” the document read.

Not only are the devices being seized, but so are any passwords, which does carry some implications, but not necessarily at the point of seizure. It's the refusal to turn over passwords or encryption keys in the face of a court order that can result in contempt charges, and it's still less-than-settled that access information has no testimonial value.

But even the seizure of these devices in hopes of searching them later (but securing fingerprints to unlock them first) is a Fourth Amendment problem if they're accessed in nearly any way during the unlocking process. One court found, post-Riley, that simply opening a flip phone constituted a search. In that context, forcing a finger onto the phone and viewing the screen's contents could be considered a search -- and a warrantless one at that.

Of course, the government cited plenty of cases to back up its seizure, detention of residents, and its taking of fingerprints -- most of them at least 30 years old.

It also cited Holt v. United States, a 1910 case, and United States v. Dionisio, a 1973 case, though it did point to more recent cases, including Virginia v. Baust, where the defendant was compelled to provide his fingerprint to unlock a device (though Baust did provide his biometric data, it failed to open the iPhone; after 48 hours of not using Touch ID or a reboot Apple asks for the code to be re-entered.).

As for the Fourth, the feds said protections against unreasonable searches did not stand up when “the taking of fingerprints is supported by reasonable suspicion,” citing 1985′s Hayes v. Florida. Other cases, dated well before the advent of smartphones, were used to justify any brief detention that would arise from forcing someone to open their device with a fingerprint.

This is the reality of what the government is seeking: law enforcement officers detaining suspects and non-suspects alike and forcing them to apply their fingers to all locked devices on the premises. If this is the new normal for warrant service, it's time for the courts to step up and be a bit more aggressive in holding the government to particularity requirements.

Read More | 33 Comments | Leave a Comment..

Posted on Techdirt - 17 October 2016 @ 2:26pm

Government Seeks Do-Over On Win For Microsoft And Its Overseas Data

from the please-please-please-let-me-get-what-I-want dept

The DOJ wants the Second Circuit Court of Appeals to revisit the decision it handed down in July -- the one that's preventing it from forcing Microsoft to hand over data stored on its servers in Ireland. The DOJ hoped the court would read the Stored Communications Act as applying to the location of the company served with the data request, rather than the actual location of the data. The Appeals Court disagreed with the lower court's finding -- one that dragged in the Patriot Act for some reason -- pointing out that the purpose of the SCA was to protect the privacy of communications, not to facilitate the government in obtaining them.

The government has filed a petition [PDF] for a rehearing of the case, obviously in hopes of a reversal. Jennifer Daskal of Just Security has posted several reasons why the DOJ's desired interpretation of the Stored Communications Act is dangerous, along with other problems arising from this decision.

To begin with, the decision raises new logistical issues, both for the government and the private companies served with these warrants.

According to the government, companies like Google and Yahoo! now need to ascertain the location of sought-after data “at the moment the warrant is served.” If the content is stored abroad, it is now “beyond the reach of a Section 2703 warrant, even when the account owner resides in the United States and the crime under investigation is entirely domestic.”

The court's interpretation of the SCA theoretically means Google will never again have to turn over requested emails to law enforcement.

Moreover, in the case of Google, this data is also outside the reach of a MLA request “because only Google’s US-based employees can access customer email accounts, regardless of where they are stored.” (p.6) In other words, US law enforcement cannot access the data because it is outside the reach of the US warrant authority. And foreign governments cannot because they lack jurisdiction over the US-based employees that control the data. No law enforcement official can access it anywhere.

That being said, Daskal points out that the government also feels that just because it has a warrant, it should be able to demand the production of communications wherever, whenever. This flat assertion that warrants trump privacy in every case is every bit as one-sided as the DOJ's theory that Google now has the option to rebuff warrants at its sole discretion.

The DOJ's fears aren't entirely unfeasible. Companies that sell their communications tools with privacy-heavy sales pitches could simply offshore their data storage to put it out of reach of SCA-citing warrants, turning the 2nd Circuit's ruling into a middle finger to US law enforcement.

If this is going to be fixed in any sort of way that doesn't turn this into a one-sided victory for service providers or the government, it's probably going to need to be through legislation. The court's revisitation of the issue (courts have generally been favorable to rehearing requests from the US government) may come to that very conclusion.

Indeed, the DOJ has already begun pushing for a legislative solution, albeit one that heavily favors the government. The DOJ wants existing Mutual Legal Assistance Treaties (MLATs) modified so the FBI, etc. can continue to compel the production of communications stored overseas without tripping over reluctant US service providers or statutory limitations built into the SCA.

As Daskal notes, Congress is better off addressing this issue sooner rather than later. Should the court reverse its decision and allow the FBI to demand communications from foreign data centers using nothing more than a warrant issued by a local magistrate, other countries far less concerned about US privacy protections will be sure to utilize the same tactics.

Yet I continue to have concerns about the result of a governmental win: the government gets free rein to compel any US-based provider to disclose any user’s data, without any constraint based on things like the location or nationality of the target. This is a rule that will be watched, and likely mimicked, by others.

Consider the broader implications: The United States would (or at least should) be concerned if foreign governments unilaterally demanded the unilateral production of US citizens and residents data. And in fact current US law prohibits US-based providers from responding to those demands—requiring that the foreign governments instead employ the MLA process and ultimately obtain a US warrant based on the US standard of probable cause. Foreign government also have an interest in controlling access to their residents data. Those interests ought to be taken into account.

Unfortunately, Congress doesn't really have a great track record when it comes to legislative fixes for tech issues. We have a more technologically-adept set of legislators than we've ever had previously, but there are still many who won't see the forest of implications for the law enforcement trees. But the situation may become much, much worse if left unattended.

Read More | 20 Comments | Leave a Comment..

Posted on Techdirt - 17 October 2016 @ 11:46am

FBI Lifts Gag Order On NSL Issued To Google... Which Doesn't Have Much To Say About It

from the THIS-JUST-IN:-mumblemumble...gag-order...mumble dept

The government's embrace of transparency -- an uncomfortable hug forced on it like a drunken uncle at a wedding reception by the passage of the USA Freedom Act -- has paid off for a local computer concern. Google is now able to speak in non-specifics about one (1) National Security Letter it has received.

The national security letter issued to Google was mentioned without fanfare in Google’s latest bi-annual transparency report, which includes information on government requests for data the company received from around the world in the first half of 2016.

Google received the secret subpoena in first half of 2015, according to the report.

Here's the original wording from the report, which follows actual specifics about new countries Google can add to the list of entities demanding user info from it (Algeria, Belarus, Cayman Islands, El Salvador, Fiji, and Saudi Arabia):

[P]ursuant to the USA Freedom Act, the FBI lifted a gag restriction on an NSL issued in the second half of 2015.

The law requires the FBI to "periodically" review its NSL-related gag orders to see whether the restriction still needs to be in effect. Theoretically, the gag order should be lifted three years after the NSL is issued or the investigation concludes, whichever comes first. Theoretically. I guess we'll see if the gag order floodgates begin opening in 2019.

In addition to finally being able to barely talk about it, Google was also able to move the transparency dial forward exactly one click.

To reflect this, we have updated the range of NSLs received in that period — July to December 2015 — from 0-499 to 1-499.

What Google hasn't done is publish the request itself, something both Yahoo and Signal did once given the green light by the feds. It cited no reasons for withholding the contents. However, it may be unable to fully publish the letter, despite the lifting of the gag order, as The Intercept's Jenna McLaughlin points out.

It’s… unclear why Google wouldn’t immediately publish the document — unless the gag is only partially lifted, or the company is involved in ongoing litigation to challenge the order, neither of which were cited as reasons for holding it back.

In other news, Google saw an increase in FISA-ordered requests for user info, bumping it up by about 5,000 total accounts as compared to the previous reporting period.

Hopefully, Google's ungagged-but-still-secret NSL won't stay secret for much longer. It would be troubling if this were to become Google's standard policy -- the announcement of gag order removals but with no further details forthcoming. Not much "transparency" in the Transparency Report, unfortunately… not if that's how it's going to be handled.

True, much of the opacity is still the government's fault: the not-at-all-useful "banding" that makes NSL numbers impossible to parse (1-499 could mean one NSL… or almost 500 in one reporting period), the gag orders that remain in place forever, etc. But private companies shouldn't take their cues from naturally-secretive government agencies. They're pretty much all we have to provide us with an outside, somewhat unrestricted measure of the government's surveillance efforts.

12 Comments | Leave a Comment..

Posted on Techdirt - 17 October 2016 @ 10:44am

UK Tribunal Says Spy Agencies Illegally Collected Communications Data In Bulk For More Than A Decade

from the 17-years-of-bulk-rogering dept

A big ruling has been handed down by the UK's Investigatory Powers Tribunal, stating that intelligence agencies' (GCHQ, MI5, MI6) bulk data collection has been illegal since its inception.

The ruling said the regime governing the collection of bulk communications data – the who, where, when and what of personal phone and web communications – failed to comply with article 8 protecting the right to privacy of the European convention of human rights (ECHR) between 1998, when it started, and 4 November 2015, when it was made public.

It said the holding of bulk personal datasets (BPD) – which might include medical and tax records, individual biographical details, commercial and financial activities, communications and travel data – also failed to comply with article 8 for the decade it was in operation until its public avowal in March 2015.

This ruling comes at a particularly opportune time -- just as the UK government is putting the finishing touches on another investigatory powers bill: the so-called Snooper's Charter. But not necessarily because this will deter GCHQ from further bulk data collections. In fact, the ruling may give pro-surveillance politicians a better idea of how to make future collections stand up to legal challenges.

On the other hand, the tribunal's examination of the case uncovered some interesting statements by agency insiders who rather presciently noted the press would have a field day if information about the programs were ever made public. (The statement also shows the agency was prepared to head off backlash by questioning the media's truthiness.)

The IPT ruling included the disclosure from an unpublished 2010 MI5 policy statement that the “bulk personal datasets” include material on the nation’s personal financial activities. “The fact that the service holds bulk financial, albeit anonymised, data is assessed to be a high corporate risk, since there is no public expectation that the service will hold or have access to this data in bulk. Were it to become widely known that the service held this data, the media response would most likely be unfavourable and probably inaccurate,” it says.

The ruling is the end result of Privacy International's multiple legal challenges to British spying powers. Even though this is a win for PI, the charity also notes that no ruling was made on how the illegally-obtained datasets should be disposed of… or if they even will be.

The UK government responded to the ruling showing it had "overseen" more than a decade's-worth of illegal data collection with a cheerily tone deaf, "Things are so much better now!"

"The powers available to the security and intelligence agencies play a vital role in protecting the UK and its citizens. We are therefore pleased the tribunal has confirmed the current lawfulness of the existing bulk communications data and bulk personal dataset regimes.

Through the investigatory powers bill, the government is committed to providing greater transparency and stronger safeguards for all of the bulk powers available to the agencies."

It's not the stuff that's gone on for years. That's apparently not important. No, UK citizens need to keep their eyes on the prize: the ten months or so of legal spying UK intelligence agencies have been engaged in, as well as the eventual codification of other possibly-illegal surveillance programs.

7 Comments | Leave a Comment..

Posted on Techdirt - 17 October 2016 @ 8:30am

Two More Courts Find In Favor Of The FBI And Its NIT Warrant; No Suppression Granted

from the malware-deployment-is-a-go dept

Two more rulings on suppression motions in FBI Playpen cases have been handed down. (h/t Riana Pfefferkorn) The ruling [PDF] in Tennessee agrees with the defendant that the FBI's NIT warrant exceeded Rule 41 jurisdiction limits. The following quotes are from the more substantive "Report and Recommendation" [PDF] by the magistrate judge, which has been adopted by the court overseeing the criminal trial.

The undersigned agrees with the majority of courts to analyze the Virginia search warrant that it violates Rule 41(b) because the magistrate judge in the Eastern District of Virginia lacked authority to issue a search warrant to search property located outside of her district.

Defendant’s computer was never located in the Eastern District of Virginia. See Fed. R. Crim. P. 41(b)(1) & (2). Moreover, the FBI was not investigating a crime of terrorism in the Eastern District of Virginia, nor was it attempting to seize property located in a United States territory or foreign state. See Fed. R. Crim. P. 41(b)(3) & (5). The Government argues that Rule 41(b)(4) is persuasive because the NIT is analogous to a tracking device, which was installed on the Defendant’s computer when his electronic transmission “touched down” in the Eastern District of Virginia, where Playpen was hosted. However, as observed by the Western District of Washington, applying Rule 41(b)(4) to the Virginia warrant “stretches the rule too far…"

That being said, the court decides suppression is not the right remedy for this violation:

In balancing the present facts and circumstances, the magistrate judge first correctly concluded that suppressing the evidence in this case would not meaningfully deter future law enforcement misconduct. The defendant’s objections that officers acted deliberately, recklessly, or with gross negligence, and that it should have been apparent to law enforcement that the Virginia magistrate lacked authority to sign the warrant, are simply unsupported by the record.


To the extent that there was error in this investigation, such error “rests with the issuing magistrate, not the police officer, and ‘punish[ing] the errors of judges’ is not the office of the exclusionary rule.”

Interestingly (and a bit infuriatingly), the court grants good faith to the FBI for its apparent inability to fully comprehend the "intricacies of the jurisdictions of federal magistrates." This gives the FBI credit for pretending to misunderstand the very statutes it's in the process of trying to change. The FBI -- and the DOJ above it -- very much want the jurisdictional limitations of Rule 41 removed precisely for cases like these: where a search and seizure is performed on remote computers located far outside the jurisdiction where the warrant was issued.

The Nebraska decision [PDF] is much, much worse. First, the court finds there's no expectation of privacy in an IP address, even if the defendant has taken affirmative steps to obscure it.

With or without Tor, Defendant was sharing his IP address with others—total strangers, to potentially include law enforcement officers—with the hope and belief that the users of the first “node” computer would keep his IP address secret. While Defendant’s choice to use Tor may be evidence of his “actual, (subjective) expectation of privacy” in his IP address, using Tor does not elevate that expectation to “one that society is prepared to recognize as ‘reasonable.’”

Not only that, but the court rules the NIT is not a search (nor a "tracking device," as the government argued in the Tennessee case), even though it had to extract this information from the user's computer.

But deploying the NIT to reveal the IP address was not a computer search. Defendant’s IP address is not a “physical component” of the computer or a file residing on his computer like electronic documents or pictures. Rather, the IP address is assigned to a user by the ISP and typically is “maintained on the internet modem that connects an internet device to the internet.” Thus, the NIT essentially compelled Defendant’s computer to produce its IP address (similar to a return address on an envelope) when the NIT instructed the computer to send other information identified in the Virginia Warrant. And the NIT was deployed only after Defendant sought out and visited the Playpen website. “The FBI did not come looking for Defendant. Instead it waited until he came to them and engaged in illicit activity by downloading content from Playpen.”

And here we have another reason why digital-to-analog so often fails. Comparing the compelled production of an IP address to a return address on an envelope is a non-starter because utilizing the postal service does not require the use of a return address, whereas an internet connection almost always requires an IP address.

Worse, the opinion cites Virginia judge Henry Morgan Jr.'s decision in another Playpen case -- where he asserted the FBI could hack computers with invalid warrants because, hey, computers get hacked all the time.

See also Matish, --- F. Supp. 3d ---, 2016 WL 3545776 at *22-24 (holding that with the prevalence of computer hacking and the “compromise of unprecedented amounts of data previously thought to be private,” all individuals have a diminished expectation of privacy once they log onto the internet.)

The court also finds that the FBI's NIT reach didn't exceed Rule 41 geographical limitations. Instead, the defendant made a virtual "trip" to the warrant's jurisdiction to access content stored on the seized server.

Finally, even if the defendant had raised a Fourth Amendment challenge the court found valid, the good faith exception would have prevailed. As in the Tennessee decision, the court finds the FBI held up its side of the deal by providing the magistrate with an affidavit full of technical language and specifics about the search method to be deployed.

This appears to be the broader finding across the large number of Playpen/NIT cases. The FBI's warrant may be invalid but either there's no expectation of privacy in the information obtained or the good faith exception prevents suppression of the obtained evidence.

The first is less problematic than the latter. While some users may undertake efforts to obscure their IP addresses, their expectation of privacy is no more "reasonable" than that of those who don't. Either the info has an expectation of privacy or it doesn't. The legal justifications used by judges, however, haven't been all that great, with the worst being that having your anonymity stripped and your information absconded with is just the price of doing business on the internet -- whether it's a criminal or law enforcement performing the actions apparently matters very little.

The latter part -- the reliance on the FBI's good faith -- is more of an issue. The FBI clearly knew its NIT would travel far beyond the jurisdiction the warrant was issued in. It apparently felt that it benefited heavily from good faith rulings as it made little attempt to obscure this fact from the magistrate judge it presented its affidavit to. But it still withheld some information, including the fact that it would actually be delivering a malware package that would "phone home" once it reached its destination. Just because the search sort of originated at a seized server in Virginia does not excuse seizures performed all over the nation utilizing a single, jurisdictionally-limited warrant.

Read More | 16 Comments | Leave a Comment..

Posted on Techdirt - 17 October 2016 @ 3:28am

ACLU Dumps Docs On Social Media Monitoring Firm Geofeedia; Social Media Platforms Respond By Dumping Geofeedia

from the if-access-is-the-only-thing-you're-selling,-what-happens-when-it's-gone? dept

Surveilling citizens engaged in First Amendment-protected activity? That's just how Geofeedia rolls.

Records obtained by the ACLU show the private company pitched its "firehose" connection to Facebook, Twitter, and Instagram as a way to monitor the situation in Ferguson (during the 2014 protests) and "stay one step ahead of the rioters."

Geofeedia itself didn't do anything illegal. It simply provided a one-stop shop for social media monitoring of public posts. It's the way it was pitched that was a problem. Rather than sell it as a way to keep law enforcement informed of criminal activity, its sales team highlighted its usefulness in monitoring protestors and other First Amendment activity.

The documents the ACLU obtained show the company paid these three social media services for "firehose" attachments -- beefed-up API calls that allowed Geofeedia to access more public posts faster than law enforcement could do on its own.

Instagram had provided Geofeedia access to the Instagram API, a stream of public Instagram user posts. This data feed included any location data associated with the posts by users. Instagram terminated this access on September 19, 2016.

Facebook had provided Geofeedia with access to a data feed called the Topic Feed API, which is supposed to be a tool for media companies and brand purposes, and which allowed Geofeedia to obtain a ranked feed of public posts from Facebook that mention a specific topic, including hashtags, events, or specific places. Facebook terminated this access on September 19, 2016.

Twitter did not provide access to its “Firehose,” but has an agreement, via a subsidiary, to provide Geofeedia with searchable access to its database of public tweets.

Of all of these companies, only Twitter took proactive steps to prevent API calls from being used for proxy surveillance.

In February, Twitter added additional contract terms to try to further safeguard against surveillance. But our records show that as recently as July 11th, Geofeedia was still touting its product as a tool to monitor protests. After learning of this, Twitter sent Geofeedia a cease and desist letter.

Well, it's all over now. It's not just Twitter demanding Geofeedia stop turning its service into an extension of law enforcement's worst urges. It's everyone. The ACLU dumped its documents and, shortly after, the companies dumped Geofeedia.

After reviewing the report, Facebook cutoff Geofeedia’s access to commercially available data from its social platform and from Instagram, which it owns.

On Tuesday, Twitter said they were also cutting off the Chicago social media company’s access.

So much for the business model. Twitter cited its long-standing policy of preventing its service from being used as a surveillance tool -- a policy it exercised earlier this year when cutting off Dataminr's access to its APIs for selling its collected communications to US intelligence agencies.

Facebook simply stated that Geofeedia's API use was "unauthorized," something it probably should have realized well before the ACLU shamed it into cutting off the company's access.

Geofeedia, meanwhile, has stated it will meet with all "stakeholders," which apparently means Twitter, Facebook, and various government agencies. Users of these services haven't been invited to do anything more than vote with their digital feet.

For all the call-and-response, the underlying fact is that Geofeedia didn't have access to anything any individual user didn't. It may have had more of it faster and a front end that made surveillance/monitoring easier, but it wasn't gathering tweets or posts from private accounts or otherwise accessing anything not already viewable by the public.

But its sales tactics were a bit concerning. The company pretty much encouraged law enforcement agencies to engage in some very questionable monitoring.

Using Geofeedia’s analytics and search capabilities and following the recommendations in their marketing materials, law enforcement in places like Oakland, Denver, and Seattle could easily target neighborhoods where people of color live, monitor hashtags used by activists and allies, or target activist groups as “overt threats.” We know for a fact that in Oakland and Baltimore, law enforcement has used Geofeedia to monitor protests.

Geofeedia claims to be interested in protecting the civil liberties of Americans, while at the same time nudging law enforcement agencies towards undermining those protections. Because of that, it's now probably looking at handing out some refunds, seeing as its all-seeing-APIs have been cut off and all it can really offer at this point is part-owner positions in a fast-growing pariahship.

20 Comments | Leave a Comment..

Posted on Techdirt - 14 October 2016 @ 4:25pm

Researchers Ask Court To Unseal Documents Related To Technical Assistance Requests And Electronic Surveillance Warrants

from the great-unsealing-continues dept

This has the makings of a movement along the lines of the highly-unofficial "Magistrates Revolt." More efforts are being made more frequently to push federal courts out of their default secrecy mode. The government prefers to do a lot of its work under the cover of judicial darkness, asking for dockets and documents to be sealed in a large percentage of its criminal cases.

Just in the last month, we've seen the ACLU petition the court to unseal dockets related to the FBI's takedown of Freedom Hosting using a Tor exploit and Judge Beryl Howell grant FOIA enthusiast Jason Leopold's request to have a large number of 2012 pen register cases unsealed.

Now, we have researchers Jennifer Granick and Riana Pfefferkorn petitioning [PDF] the Northern District of California court to unseal documents related to "technical assistance" cases -- like the one involving the DOJ's attempted use of an All Writs Order to force Apple to crack open a phone for it.

Petitioners Jennifer Granick and Riana Pfefferkorn, researchers at the Stanford Center for Internet and Society proceeding pro se, file this Petition to unseal court records. We file this Petition so that the public may better understand how government agents are using legal authorities to compel companies to assist them in decrypting or otherwise accessing private data subject to surveillance orders. Petitioners hereby seek the docketing of surveillance orders issued by this Court; the unsealing of those dockets; and the unsealing of the underlying Court records in surveillance cases relating to technical-assistance orders issued by this Court to communications service providers, smartphone manufacturers, or other third parties…

This district should contain a great number of documents fitting this description, seeing as it also contains a great number of service providers and third party tech companies.

More specifically, the researchers are looking to gain access to documents in cases where the government has used the following list of statutes to compel cooperation:

  • the Wiretap Act, 18 U.S.C. §§ 2510-2522;
  • the Stored Communications Act (or “SCA”), 18 U.S.C. §§ 2701-2712;
  • the Pen Register Act (or “Pen/Trap Act”), 18 U.S.C. §§ 3121-3127; and/or
  • the All Writs Act (or “AWA”), 28 U.S.C. § 1651

Not only that, but Granick and Pfefferkorn are asking the court to shift away from the default secrecy that has made this petition necessary.

[Petitioners request that] the Court revise its practices going forward, such that the Clerk’s office will assign case numbers to, docket, and enter into CM/ECF all applications and orders for search warrants, surveillance, and technical assistance; the Court will undertake a periodic review (e.g., annually or biannually) of sealed dockets, warrants, surveillance orders, and technical-assistance orders; and after such review, the Court will unseal those records for which there is no longer any need for continued sealing.

The researchers point out that secrecy in court records is a First Amendment issue: these documents were meant to be accessible by the general public. They also note that they aren't asking for anything related to ongoing investigations or information that might compromise future investigations -- like names of law enforcement personnel or other potential criminal investigation targets. All they're asking is that the court stop granting the government permission to seal complete dockets so often and to perform periodic reviews of sealed cases to see whether the imposed secrecy is still warranted.

As it stands now, this large number of sealed documents prevents the public from knowing how law enforcement agencies and courts are interpreting (often outdated) tech-related laws. It's preventing researchers like these two from gaining any insight on the government's electronic surveillance efforts and it's locking defense lawyers out of possibly precedential rulings that may affect current or future clients.

Read More | 2 Comments | Leave a Comment..

Posted on Techdirt - 14 October 2016 @ 2:32pm

Appeal Court Revives Lawyer's Lawsuit Against The NSA's Email Dragnet

from the tossed-back-for-another-look dept

Another lawsuit against the NSA has been revived. Previously dismissed by a district court for lack of standing, attorney Elliott Schuchardt's suit against the NSA for its domestic surveillance has been remanded back to the court that tossed it.

Like several other surveillance lawsuits, Schuchardt's springs from the Snowden leaks. Unlike some of the others, it doesn't focus on the NSA's phone metadata collection -- the subject of the first Snowden leak. Instead, his challenges the constitutionality of the NSA's Section 702 collection. With this program, the NSA apparently collects not just metadata on electronic communications, but also the content.

The Appeals Court found the leaks themselves provide enough evidence to make Schuchardt's allegations plausible -- or at least strong enough to survive the government's motion to dismiss. From the opinion [PDF]:

Based on the record he had compiled, Schuchardt’s second amended complaint alleged that because the Government was “intercepting, monitoring and storing the content of all or substantially all of the e-mail sent by American citizens,” his own online communications had been seized in the dragnet. App. 82, 95–99 (emphasis added). In particular, Schuchardt asserted that he was “a consumer of various types of electronic communication, storage, and internet services,” including “the e-mail services provided by Google and Yahoo; the internet search services of Google; the cloud storage services provided by Google and Dropbox; [and] the e-mail and instant message services provided by Facebook.” App. 95–96. Then, relying on the operational details of PRISM made public by the Washington Post and Guardian, he alleged that: (1) the Government “had obtained direct access to the servers” of the companies providing him with these services; (2) the Government was “unlawfully intercepting, accessing, monitoring and/or storing [his] private communications . . . made or stored through such services”; and (3) the Government was “collecting such information in order to ‘data mine’ the nation’s e-mail database.”

The government responded to the cited leaks by citing the PCLOB's report on its PRISM program. First, the government claimed Section 702 only authorized the collection of communications by people outside of the US. Pointing to the oversight report, the government also claimed PRISM wasn't a dragnet, but rather a targeted program.

Based on its review, the PCLOB determined that “[i]n PRISM collection, the government . . . sends selectors—such as an email address—to a United Statesbased electronic communications service provider,” who is then by law “compelled to give the communications sent to or from that selector to the government.” PCLOB Report at 33. Far from being the dragnet that Schuchardt had alleged, therefore, “PRISM collection under Section 702 may be targeted only at non-U.S. persons located abroad who possess or are likely to receive foreign-intelligence information.”

In reviving the suit, the Appeals Court isn't deciding whether the government assertions about the PRISM program are correct, but rather whether Schuchardt's allegations are sufficient to further explore the issue in court.

The Government strenuously disputes the plausibility of Schuchardt’s assertion that PRISM collects “all or substantially all of the e-mail sent by American citizens,” and we address that dispute in detail below. But putting aside for the moment the question of whether Schuchardt’s allegations concerning PRISM are entitled to a presumption of truth, the consequences that he identifies as flowing from the Government’s alleged dragnet are undoubtedly personal to him insofar as he has a constitutional right to maintain the privacy of his personal communications, online or otherwise.

So, the finding is encouraging, if very limited. The court notes that the order encompasses only a very small part of Schuchardt's allegations.

Our decision today is narrow: we hold only that Schuchardt’s second amended complaint pleaded his standing to sue for a violation of his Fourth Amendment right to be free from unreasonable searches and seizures. This does not mean that he has standing to sue, as the Government remains free upon remand to make a factual jurisdictional challenge to Schuchardt’s pleading.

More encouraging is the time spent by the court examining the submitted documents -- leaks provided to the Washington Post and The Guardian -- which point to the possibility that PRISM is more dragnet than targeted collection program, even though the government claims otherwise.

None of this guarantees Schuchardt or anyone else will learn anything new about the NSA's Section 702 collections. The Appeals Court reminds the lower court that the plaintiff is not automatically entitled to discovery in this case, considering its subject matter, and invites the government to use its favorite excuse to make sure its collection techniques stay under wraps.

Finally, nothing in our opinion should be construed to preclude the Government from raising any applicable privileges barring discovery—including the state secrets doctrine—or to suggest how the District Court should rule on any privilege the Government may choose to assert.

It's not incredibly encouraging, but at least the court didn't decide the attorney had no standing to sue. That's the problem with secret surveillance lawsuits. There's zero chance any individual will be able to prove their communications have been swept up by the NSA, but most courts aren't even willing grant plaintiffs the possibility of further exploring even plausible claims of constitutional injury.

Read More | 10 Comments | Leave a Comment..

Posted on Techdirt - 13 October 2016 @ 4:06pm

Judge Tears Apart Law Enforcement's Ridiculous Assertions About 'Suspicious' Behavior

from the now-we-just-need-a-few-hundred-more-judges-like-him dept

This opinion -- written by Texas appeals court judge Brian Quinn -- is a breath of fresh air for those of us who have watched as courts have continually deferred to law enforcement officers and their declarations that nearly everything drivers do -- or DON'T do -- is "suspicious."

It's also a slap in the face of those same law enforcement officers -- the ones who use their "experience and training" to find nearly any action, or lack thereof, to be supportive of a warrantless search.

As Scott Greenfield points out, Judge Quinn does something few judges are willing to do: be honest.

In a remarkable decision, Chief Justice Brian Quinn of the Texas Court of Appeals, Seventh District at Amarillo, does something that could destroy the very foundation of the criminal justice system. He’s intellectually honest.

The opinion deserves to be quoted from at length, which is exactly what I'm going to do. Judge Quinn skewers both the supposed indicia of "suspicious" behavior as well as officers' routinely unchallenged assertions that such stretches of the imagination are based on years of "training and experience."

The opening of the opinion [PDF] is fantastic, a wonderful taste of the more thorough examination (and debunking) of the officer's claims that follows. (Internal citations omitted and linebreaks added for readability.)

A logical reasoning sequence based upon some “training and experience” — because drug traffickers have been seen breathing, then breathing is an indicia of drug trafficking. Because they normally have two hands, then having two hands is an indicia of drug smuggling. Silly — maybe, but one can wonder if that is the direction we are heading. Whether it be driving a clean vehicle, or looking at a peace officer, or looking away from a peace officer, or a young person driving a newer vehicle, or someone driving in a car with meal wrappers, or someone driving carefully, or driving on an interstate, most anything can be considered as indicia of drug trafficking to law enforcement personnel.

Maybe this is because drug smugglers just happen to be human beings and being such, they tend to engage in the same innocuous acts in which law abiding citizens engage. See Gonzalez-Galindo v. State, 306 S.W.3d at 896 (observing that “[c]riminals come in all makes and colors. Some have hair, some do not. Some are men, some are not. Some drive cars, some do not. Some wear suits, some do not. Some have baseball caps, some do not. Some want attention, some do not. Some have nice cars, some do not. Some eat spaghetti, some do not. And, sometimes, some even engage in innocent activity.”).

The defendant was pulled over for driving three miles above the speed limit. When approached on the passenger side of the vehicle by the deputy, the defendant opted to open the door. Starting with nothing, the officer quickly built a case for drug trafficking in his mind.

He approached the passenger side of the stopped vehicle. Instead of lowering the car window, though, appellant opened the passenger door. That was suspicious to the officer because in his “training and experience” drug smugglers have lined car doors with drugs which act impedes a window’s operation. Once the door was open, the deputy smelled cigarette smoke and a strong scent of cologne; so too did he see the car’s ashtray full of cigarette butts. Those circumstances added to his suspicion because from his “training and experience” he knew that drug smugglers have used odors to mask the scent of drugs. Soon he discovered that the vehicle happened to be a rental with “no smoking” decals affixed to it, and appellant apparently was returning from some unknown casino to Miami, Florida. The deputy recalled from his “training and experience” that drug smugglers rent vehicles to transport their contraband. So, the presence of a rented vehicle heightened his suspicion that his detainee may be engaging in criminal activity. Also noted by the deputy was appellant’s “severe” nervousness and failure to calm down after being told that he would only be receiving a warning ticket.

A drug dog on the scene was deployed and several pounds of marijuana were uncovered in the resulting search. But that doesn't matter now because Judge Quinn isn't buying the excuses that elevated a traffic stop into a warrantless vehicle search. As Quinn sees it, simply relying on (unproven) "experience" isn't enough to justify a search simply because some indicators might fit profiles of those arrested in the past.

In other words, unusual behavior may fit the profile of someone who engages in a particular kind of crime. But what elevates it to the level of reasonable suspicion is not that it fits a profile but that it is unusual and the officer can explain why it is suspicious in the particular scenario before him. Id. That is, the officer must explain why the activities are unusual and, therefore, meaningful in the specific case under assessment. To reiterate what we said in Gonzalez-Gilando, just because that bald guy committed a crime while wearing a suit and after eating spaghetti does not mean that other bald guys who wear suits while eating spaghetti are about to engage in crime too.

Certainly, the deputy must be given some credit for his asserted "training and experience," Quinn acknowledges:

Smoking in a car while driving despite the presence of “no smoking” stickers, wearing cologne, driving a rental car, driving with windows rolled up, opening a car door, not rolling down a car window, travelling to casinos, and driving to Miami, Florida are activities committed by people who have no relationship to criminal activity. Alone, none of them implicitly or explicitly connote criminal activity. Nor to the reasonable, common man would they connote such activity if they occurred all together. Yet, the test is not what the common man thinks but what the reasonably prudent officer would perceive under the same circumstances. And, that requires us to view the situation through the prism of the detaining officer’s knowledge and experience.

But how much credit, especially if the only thing backing up claims of "experience" is the deputy's assertion itself?

[A]side from the deputy simply invoking his “knowledge, training and expertise,” the State did little to illustrate of what it consisted or how it was garnered.

Quinn examines the state's sole witness and his claims of "experience."

To one trained and experienced in the fields of law enforcement, smuggling, human behavior, and drug interdiction, each of the aforementioned indicia have special significance, opined by the deputy here. Yet, what of the deputy’s training and experience and knowledge — what does the record say about it. Our answer is, not much.

The state apparently wants circular reasoning to do its job for it.

We were left to accept as suspicious what the deputy said was suspicious merely because he said it was suspicious given his unexplained level of “knowledge, training, and experience.”

Every one of the supposed indicators of "suspicion" are probed by the court and discarded. First, Quinn notes that people are more likely to be nervous when speaking to law enforcement officers than not, especially if the questions turn to suggestions of criminal behavior. As to the cigarettes and cologne being nothing more than masking agents to conceal drug odors?

People smoke cigarettes in cars while driving. Indeed, that act is so common manufacturers designed cigarette ashtrays into their vehicles. So too is wearing fragrances a commonplace event. If this were not so then seldom would we be accosted by the myriad aromas wafting through the air at the entrances of many department stores. And, if both the overpowering scent of cologne and the presence of cigarette smoke could mysteriously dissipate upon entry into a car, many of us would not have been bothered as a child by that parent who happened to strike up his Pall Mall after dousing himself with Aqua Velva in the morning. Yet, those common activities became unusual and indicative of drug smuggling when performed on an Interstate highway, according to the deputy.

The same goes for the "suspicious" behavior that is renting a vehicle.

We accept the likelihood that people who have rented cars have also possessed drugs within them at one time or another. But, so too do we accept the likelihood that people have rented cars without engaging in such criminal conduct. The deputy was not asked to explain whether, from his “knowledge, training or experience,” he could opine if one scenario happened more than the other or if the former occurred to such an extent so as to provide rational basis from which to infer some significant nexus between rental cars and drugs.

The court notes that there was one suspicion the deputy could have cleared up immediately but, for some reason, chose not to: that the driver did not roll down the window because the door panels were filled with drugs. But rather than check the window himself or ask the driver to do it for him, the deputy opted to leave this mystery unsolved and engage in some logical gymnastics.

What we have here is a mere leap from the fact that appellant opened the car door to the assumption that the car windows do not work because the doors are stuffed with drugs. There may be other reasons why someone opens a door rather than a window. One of those reasons may well be a circumstance also mentioned by the deputy. To him, appellant seemed “confused” when the deputy opted to approach the passenger-side door as opposed to the driver-side door. Nor can we ignore the deputy’s own testimony regarding the number of times he had encountered drugs being hidden within the doors of a car driven on the Interstate. Again, that number was just “a few.” Such limited experience makes a leap from 1) opens door to 2) drugs in door little more than a hunch.

The caveat, of course, is that this opinion means little more than Judge Quinn won't be as easily swayed by assertions of "expertise." Many, many other courts will continue to treat such law enforcement proclamations as unimpeachable. The other problem is that Quinn's opinion simply demands law enforcement officers do a bit more CV-buffing before testifying in court, as Scott Greenfield points out.

Chief Justice Brian Quinn’s opinion reflects intellectual honesty. The upshot is that the legal system will still believe any nonsensical lie told by a cop on the stand if the prosecution fleshes it out with enough background fluff to satisfy the demand of creating the appearance of expertise.

More courts need to be willing to challenge such questionable connective tissue between observed (but often normal) behavior and suspicionless stops and searches. Most won't. And haven't. And that's why we're in the situation Judge Quinn describes in the opening paragraph of his opinion: where breathing and having two hands are next on the list of criminal activity indicia.

Read More | 46 Comments | Leave a Comment..

More posts from Capitalist Lion Tamer >>