Capitalist Lion Tamer’s Techdirt Profile


About Capitalist Lion TamerTechdirt Insider

List of blogs started with enthusiasm, which now mostly lie dormant:

[reserved for future use]

[recently retired]

[various side projects]

Posted on Techdirt - 22 September 2017 @ 3:50pm

Company CEO Pleads Guilty After Forging Judge's Signatures On Bogus Court Orders Sent To Google

from the SEO-suicide dept

Earlier this spring, a jewelry company CEO earned himself a federal indictment for his bespoke reputation management efforts. Realizing it was extremely difficult to erase negative reviews from the net, National Sapphire Company boss Michael Arnstein took one such reviewer to court. He was awarded an injunction after the defendant no-showed, resulting in the delisting of 54 URLs.

But the negative reviews kept coming. Rather than hire a lawyer and bring more defamation suits, Arnstein opted for the initially less-costly option: mocking up delisting orders and forging a judge's signature. This apparently worked well enough Arnstein felt comfortable sharing his fraudulent tactics with others. This swaggering, inculpatory statement was included in the federal complaint.

"No bullshit: if I could do it all over again I would have found another court order injunction for removal of links (probably something that can be found online pretty easily) made changes in photoshop to show the links that I wanted removed and then sent to '' as a pdf — showing the court order docket number, the judges [sic] signature — but with the new links put in," Arnstein wrote in a July 2014 email, according to his criminal complaint. "Google isn't checking this stuff; that's the bottom line b/c I spent $30,000 fuckin thousand dollars and nearly 2 fuckin years to do what legit could have been done for about 6 hours of searching and photoshop by a guy for $200., all in ONE DAY".

The DOJ -- aided greatly by Arnstein generating plenty of evidence against himself -- pulled the trigger on a federal indictment. And, thanks to several other cases of rep management firms defrauding courts, Google is indeed "checking this stuff," limiting the effectiveness of impersonating judges and/or sliding bogus paperwork past them.

Arnstein has now pled guilty to a conspiracy charge, the DOJ reports.

ARNSTEIN, 40, of Kailua, Hawaii, pled guilty to one count of conspiracy to forge a judicial signature, which carries a maximum sentence of five years in prison. The maximum potential sentence is prescribed by Congress and is provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.

And one more bit of schadenfreude:

Acting Manhattan U.S. Attorney Joon H. Kim said: "As he admitted today, Michael Arnstein exploited the authority of the federal judiciary in a blatantly criminal scheme. By forging court orders and the signature of a U.S. District Judge, Arnstein was able to effectively erase websites critical of Arnstein's business from its search results. Now Arnstein awaits sentencing in the same court he impersonated."

Some sympathy is warranted for those hoping to battle negative reviews. Even illegitimate negative reviews can be close to impossible to remove from the web. But if the system seems unfair, it has to be. Making it easier to remove bogus reviews would just make it easier for companies/individuals who've earned every acidic word in their negative reviews to scrub the web of bad things.

The internet may be a well-oiled hate machine, but it's also a handy source of reference for customers who want to emerge unscathed from interactions with providers of goods and services. Easy delistings would turn the web into a cheery place where every company appears to exceed expectations, even as they screw their customers over.

32 Comments | Leave a Comment..

Posted on Techdirt - 22 September 2017 @ 1:33pm

More Government Agencies Filing Lawsuits Against Public Records Requesters

from the Exhibit-A:-photo-of-extended-middle-finger dept

Gritted-teeth lip service to freedom of information laws continues in the public sector. If stonewalling and/or outrageous fee demands aren't enough to dissuade requesters from seeking documents, more and more government agencies are deploying Plan C.

Government bodies are increasingly turning the tables on citizens who seek public records that might be embarrassing or legally sensitive. Instead of granting or denying their requests, a growing number of school districts, municipalities and state agencies have filed lawsuits against people making the requests — taxpayers, government watchdogs and journalists who must then pursue the records in court at their own expense.

The lawsuits generally ask judges to rule that the records being sought do not have to be divulged. They name the requesters as defendants but do not seek damage awards.

All well and good no damages are being sought, but what happens to the requesters-turned-defendants? The records they originally sought might have been had for little to nothing, in terms of out-of-pocket expenses. But now, thanks to the actions of government agencies, they're obliged to rack up expenses fighting the lawsuit, or otherwise cede the battle to the government and never get their hands on the requested records.

Those deploying this tactic say there's nothing wrong with proactive lawsuits against records requesters. According to these entities, the courts can make the best determination whether requested records are eligible for release.

But they're wrong.

Records requesters have the option to sue when records are denied and the court can make the determination then. This leaves the power in the hands of the people, who can choose whether or not they want to make the time/money investment of filing a public records lawsuit. If they succeed, the government can be forced to pay their legal fees.

Skipping this step puts the burden solely on the requesters. They have to front their own legal costs and, because the government is the moving party, they have zero chance of recouping legal fees even if the court finds in favor of the records requesters.

If nothing else, the tactic greatly increases the delay between the request and the delivery of records. In newsworthy cases, the preemptive lawsuit option can least put some time and distance between government misconduct and records revealing the misdeeds. It's nothing more than a low-risk cheap shot that that makes a mockery of public records laws.

Fortunately, the AP reports, changes are being made to public records laws to prevent the government from engaging in these transparency-thwarting efforts.

In Michigan, the state House voted 108-0 earlier this year in favor of a bill that would make it illegal for agencies to sue public records requesters. The proposal came in response to a county’s lawsuit against a local newspaper that had sought the personnel files of two employees running for sheriff. A judge dismissed the lawsuit, saying the county had to approve or deny the request.

The documents, ultimately released days before the election, showed that one of the candidates had been disciplined for carrying on an affair while on-duty in 2011. That candidate lost.

But there are only a couple of exceptions to the rule. And the bill in Michigan has yet to be signed into law. For the most part, the government only risks some reputational damage when suing records requesters. Most don't have much to spare, but are more than willing to part with it if it means keeping the public in the dark.

12 Comments | Leave a Comment..

Posted on Techdirt - 22 September 2017 @ 11:56am

Turkish President Claims Jailed Journalists Are Actually Terrorists

from the wobbles-so-much-you-can't-even-call-it-'spin' dept

Turkish president Recep Erdogan is at it again. Not content to merely be viewed as a megalomaniacal, ring-coveting authoritarian, Erdogan is using his time in mixed company to assure the world he's angling for the title of "tyrant."

Erdogan's long history of abusing laws to shut critics up has been covered extensively here. He's gone from a comical but dangerous politician to the leading abuser of his own constituents in record time. When not attempting to push foreign countries to play by his censorship rules, Erdogan is locking up dissidents and journalists at an alarming rate.

Of course, they're not journalists… at least not when Erdogan's telling the story. While speaking at the Bloomberg Global Business Forum in New York City, the Turkish president had this to say about the journalists in his country's jails.

You have been misled, Erdogan told Bloomberg News editor-in-chief John Micklethwait, who interviewed him on stage. "The ones who have been sentenced, who have been imprisoned, are not journalists. Most of them are terrorists."

Define "terrorist." In the wrong hands/minds, the word "terrorist" could be used to describe anyone threatening to the party in power, even if nothing more dangerous than words or thoughts have been deployed. I have no doubt Erdogan believes journalists are terrorists, even if they've never done anything more than criticize him and his policies.

But Erdogan at least went into a little more detail about this claim. He explained the vast amount of terrorism participated in by the terrornalists he's tossed in his jails.

"Many have been involved in burglaries and some have been caught red handed as they were trying to empty ATM machines."

Odd. That sounds more like normal criminal activity. It does not sound like terrorism. I realize terrorists need to fund their activities, but this doesn't sound like terrorist acts. This sounds like bog standard theft.

So, these journalists Erdogan calls "terrorists" (because of their alleged burglaries) remain in jail. There's at least 150 still imprisoned, according to the Quartz article. But that's not the limit of Erdogan's abuse of the press. Erdogan shut down hundreds of media outlets in an initial assault on the press, following it up with mass arrests. A few thousand journalist were swept up by Erdogan's post-coup-attempt purge, most of whom ended up with no place to work and no press credentials to use.

After this, Erdogan went on to make many more counterfactual statements, including claiming he doesn't take proactive steps to stifle criticism and spinning the beatings handed out by his bodyguards during his visit to the White House as an all-out assault by crazed anti-Turkey Americans while US law enforcement officers stood idly by.

These are all hallmarks of a sociopathic authoritarian -- the type of person who always believes they're right even when the rest of the world agrees they're wrong. His sweeping away of facts with provably untrue statements shows he really doesn't care if anyone believes him, but will still do everything in his power to make sure those that don't believe can't be heard.

23 Comments | Leave a Comment..

Posted on Techdirt - 22 September 2017 @ 10:36am

Report Details The NSA's Decade-Long Abuse Of Its Surveillance Powers

from the good-old-fashioned-American-sticktoitiveness! dept

As more documents are released -- whether due to FOIA lawsuits or the Intelligence Community's begrudging attempts at transparency -- more evidence continues to pile up indicating the NSA has always abused/misused its collection programs.

A report written for Demand Progress by foremost NSA wonk Marcy Wheeler compiles a 12-year run of NSA overcollection and underreporting. These findings are summarized (lol) in a couple-thousand-word piece Wheeler wrote for Motherboard. Either route you take, you'll see the NSA has been given a long leash by its overseers. The end result of this mostly hands-off approach speaks for itself. From the Demand Progress white paper [PDF]:

For almost 12 years, both under Section 702 and other programs before it, NSA was always engaging in or retaining some kind of electronic surveillance the FISC would go on to deem unauthorized, and NSA would only fix the problem when threatened with criminal sanctions.

The FISA Court may often appear to be a rubber stamp, but it's often constrained by a lack of information. The NSA goes to court facing no adversaries, so the assertions it makes about lawful collection and careful use of surveillance powers are rarely challenged. When they are, it's only because the problem has become too big for the NSA to ignore and, generally, too big to hide from the court.

When the FISA Court finally has enough info to take on improper surveillance, years of unconstitutional collection have already occurred. Section 702 powers have never not been abused by the NSA, as the court belatedly noticed in 2011.

After reviewing the government's plan for MCTs [multiple communication transactions], Judge John Bates explained that “[u]nder the totality of the circumstances, then, the Court is unable to find that the government’s proposed application of NSA’s targeting and minimization procedures to MCTs is consistent with the requirements of the Fourth Amendment.”

That came three years after these powers had been granted with the 2008 FISA Amendments Act. Judge Bates' decision did almost nothing to push the NSA towards more constitutional collection efforts.

The government failed to keep those promises, and for over five more years, the government conducted queries on upstream collection in violation of procedures Judge Bates approved in response to the 2011 disclosures. After the new violations were revealed in late 2016, FISC Judge Rosemary Collyer called those queries “a very serious Fourth Amendment issue,” and she later scolded the government for “the extent of non-compliance with ‘important safeguards for interests protected by the Fourth Amendment.

The FISA Court's rulings made it clear the NSA had been overcollecting in one form or another since 2004. Despite this, the NSA took its time purging the unlawful collections from its databases. In addition to these violations, the FISA Court has found five years of repeated violations in the NSA's bulk internet metadata program, along with unconstitutional phone record collection efforts that swept up domestic records it was never supposed to have, thanks to flaws in the NSA's de-tasking procedures. That overcollection apparently spanned five years, from 2008-2013.

The recently retired "about" collection was another problematic collection, almost guaranteed to net purely domestic communications with its keyword searches and lack of targeting. The shutdown was likely spurred by the FISA Court's refusal to approve the NSA's 2015 Section 702 requests. It may also have been a mercy killing meant to prevent oversight members like Ron Wyden from ever obtaining an answer on domestic communications swept up by the program.

But that shutdown doesn't prevent "upstream" collection of communications travelling along internet backbones in foreign countries, far beyond the reach of Section 702's limitations. Upstream collections will continue to snag domestic communications and the NSA seemingly has no way (or little interest) in preventing analysts from accessing these.

The report is a harrowing read that makes it explicitly clear the NSA's oversight is mostly nonexistent. It relies heavily on self-reporting by the NSA, which tends to guarantee surveillance violations will only be brought to the court's attention after years of misuse by the agency. The same goes for its Congressional oversight, which has zero power to compel more timely -- and complete -- reporting.

Beyond its surveillance issues, the NSA is also involved in other Constitutional violations.

When Congress passed the FISA Amendments Act in 2008, it required the government to follow the same notice provisions as used under traditional FISA. If prosecutors want to use “any information obtained or derived from” Section 702 in a trial, they must tell the defendant. Yet when the government pointed to attacks prevented using Section 702 in the wake of the Edward Snowden leaks, defendants in those cases had not received the required notice. For example, the defendant in the most celebrated case involving an attack thwarted using Section 702, Najibullah Zazi, did not receive notice until July 2015, over five years after he pled guilty.

The government only started giving such notices after it emerged that Solicitor General Don Verrilli falsely informed the Supreme Court that such defendants get notice, when in fact DOJ had a policy that ensured no defendant received notice of Section 702 surveillance for nearly five years.

Going hand-in-hand with these violations are the FBI's access to privileged communications -- harvested by the NSA -- despite having policies in place meant to prevent this very behavior.

Another persistent violation involves FBI’s failure to abide by its own minimization procedures requiring that the communications for targets who have been federally indicted be reviewed and, if pertaining to the charged matter, sequestered. This means that agents may have access to attorney-client communications collected using Section 702 at the same time the government is criminally prosecuting the target of the surveillance.

To think things are better now is to ignore how the NSA has acted over the past decade-plus. The National Intelligence Director is playing nice with (limited) transparency, but underlying flaws in the NSA's collection and minimization procedures are likely still causing multiple violations. Thanks to the secretive nature of its work and its rather lax oversight, violations happening today likely won't be revealed for years to come. And this report only covers what's known about the NSA's Section 702 collections. There are other authorities we know almost nothing about, like Executive Order 12333, which may allow the NSA to continue its Fourth Amendment violations but without having to fear after-the-fact reprisal from the FISA court.

Read More | 16 Comments | Leave a Comment..

Posted on Techdirt - 21 September 2017 @ 1:38pm

Released Snowden Doc Shows NSA Thwarting Electronic Dead Drops By Using Email Metadata

from the 'just-metadata'-strikes-again dept

The latest batch of Snowden docs published at The Intercept cover a lot of ground. The internal informational sheets from the Signals Intelligence Directorate include info on a host of surveillance programs that haven't been revealed by previous document dumps. Nor do they discuss the programs in full. As such, some of the information is limited.

One of those published last week mentions the NSA's targeting of internet cafes in Iraq and other Middle Eastern countries using a program called MASTERSHAKE. Using MASTERSHAKE, analysts were apparently able to drill down location info to which target was sitting in which chair at the cafes under surveillance.

Further down the page [PDF], past this brief mention of a program discussed more fully elsewhere, there's another interesting tidbit. Apparently, the NSA can suss out electronic dead drops using harvested metadata. (h/t Electrospaces)

[REDACTED] will be briefing on THERAPYCHEATER. This is a system that uses metadata analysis to detect and exploit the communication patterns of targets about whom the SIGINT system has no specific a priori knowledge. By identifying suspicious patterns in the access to draft folders of webmail accounts, THERAPYCHEATER will identify email addresses potentially being used in a form of covert communication known as a cyber dead drop. There are numerous examples in both SIGINT and collateral of terrorists using cyber dead drops to communicate operational information and plans.

Apparently, the tried-and-true surveillance workaround is no longer a secure option. One way to avoid surveillance of communications was to simply not communicate. Composing drafts in a shared email account was one to talk to others without risking interception.

As the paragraph states, this draft folder metadata is used to acquire new surveillance targets, based almost solely on the analyst's impression of account activity. Presumably from here, the NSA can move on to seeking access to the actual account to see what's hiding inside that's never been sent. Or, at the very least, keep an eye on traffic to and from the email account.

This was written in 2005 so access to email account metadata may be more limited, thanks to routine encryption. However, the metadata here refers to activity taking place within an account, suggesting the NSA does (or at least did) have access to certain types of account activity, rather than simply gathering metadata related to web-traversing communications.

Read More | 15 Comments | Leave a Comment..

Posted on Techdirt - 21 September 2017 @ 12:05pm

WhatsApp Reportedly Rejected UK Government Demand For Encryption Backdoor

from the under-pressure dept

The UK government has apparently already asked WhatsApp to provide it with an encryption backdoor, according to Sky News. The app developers were told they needed to come up with a way to give law enforcement access to message content but WhatsApp politely declined the probably not-all-that-polite "request."

That doesn't mean WhatsApp doesn't have anything it can give the government when it comes asking.

Sky News understands that WhatsApp co-operates with law enforcement to provide the metadata it does hold - the name of an account, when it was created, the last seen date, the IP address and associated email address.

WhatsApp says it "appreciates the work that law enforcement agencies do to keep people safe around the world. We are prepared to carefully review, validate and respond to law enforcement requests based on applicable law and policy".

But it does point out it can't give law enforcement what it doesn't actually have.

[T]he company argues that it can't provide data that WhatsApp itself does not collect in the first place, including the contents of a message.

Encryption didn't seem to be much of an issue in many recent terrorist attacks, but its use is undoubtedly on the rise. It's unclear what the government showed or told Sky News, but this assertion seems dubious at best.

Sky News understands that 80% of investigations into terrorism and serious crime are now impacted by encryption.

As is the case over here, law enforcement officials are arguing WhatsApp and other encrypted message services should sacrifice user security for the good of the government. While cybersecurity experts continue to point out the nonexistence of backdoored-but-secure unicorns, intelligence officials continue to assert it can be done. All that needs to happen is for messaging services to make their products a little bit less safe.

UK intelligence officials believe a compromise could be possible - pointing out that cybersecurity isn't binary and that services offer different levels of cybersecurity to deal with different levels of threats.

WhatsApp is unlikely to budge on its backdoor rejection, leaving it with the real possibility of exiting the UK market if the government turns its requests into encryption-targeting law. And, as the UK goes, so goes Australia. The Australian government has been echoing the anti-encryption rumbling of Theresa May and other officials, indicating it too would like encrypted services to not be quite so encrypted.

It's not as though UK law enforcement/intelligence services don't have lawful options if WhatsApp refuses to budge. As cryptography expert Riana Pfefferkorn points out, there's more that can be done, even if it won't be as easy as firing off a warrant.

Riana Pfefferkorn, a cryptography policy fellow at Stanford University, said she sees a legal battle coming if the UK continues to force the issue, but she doesn't necessarily think the UK wants that fight.

If courts determine that the Investigatory Powers Act is too broad, the public defeat in their fight against encryption would be a lot for the UK to overcome. Instead, Pfefferkorn said the government might just try hacking for the information they want, a power that the IP Act also allows.

"There are other avenues they can take to try to achieve the same end," she said.

For now, WhatsApp message content is still out of reach of everyone but users engaged in conversation. Metadata and lawful hacking are still in play, even though most officials prefer an easier route. If pressure continues to mount, WhatsApp may exit markets rather than compromise its users. As much as intelligence officials may believe cybersecurity to be something other than "binary," the companies they're applying pressure to really only have two choices: give in to the government or exit market left. Neither are palatable options.

13 Comments | Leave a Comment..

Posted on Techdirt - 20 September 2017 @ 3:46pm

Bogus Lawsuit-Slinging Rep Management Firm Sued By Pissed Consumer

from the if-you-can't-do-it-right,-why-not-do-it-fraudulently? dept

Solvera -- a reputation management firm allegedly engaging in legal fraud to delist criticism -- is facing multiple legal problems as a result of its highly-questionable services. In late August, the Texas Attorney General filed a complaint against the company, alleging it defrauded courts by filing bogus defamation lawsuits on behalf of possibly-unaware clients, utilizing duped lawyers with bogus statements from fake defendants.

This sort of behavior has been uncovered in recent months through investigations by Paul Alan Levy of Public Citizen and lawprof/blogger Eugene Volokh. It has also been revealed through independent research by Pissed Consumer, an obvious target of these unsavory (and illegal) reputation management tactics.

Pissed Consumer is also going against Solvera. It has sued the company in Contra Costa County, California -- Solvera's backyard -- along with a number of other firms in the reputation management business and the companies they've created to act as plaintiffs in bogus defamation lawsuits.

It's pretty much identical to the lawsuit Pissed Consumer filed last year against a number of defendants, including the lawyers whose name appeared on the bogus paperwork: Mark Lapham and Owen Mascott. The previous lawsuit referenced Nevada Corporate Headquarters -- the apparent origin point of some of these bogus lawsuits -- but the latest adds Solvera as a defendant.

It also places much of the alleged blame on the embattled rep management firm. From the filing [PDF]:

Plaintiff is informed and believes and based thereon alleges that Defendant Solvera Group, Inc. (“Solvera”) is a California corporation incorporated under the laws of California, and orchestrated some or all of these schemes of fake litigation to remove consumer reviews.

The allegations are repeated numerous times, thanks to the long list of defendants. But here's one rundown of the rep management scam, apparently involving Solvera and the two California lawyers.

Plaintiff is informed and believes and based thereon alleges that Defendant Solvera or Doe Corporation, operating as a reputation management company, conceived of the plan and organized the cooperation of Hair Solutions, Radonich, and Owen T. Mascott to bring the plan to fruition.

Since September 2010, at least 949 individuals have posted complaints about Keranique on Additionally, numerous comments have been posted by third parties in response to those complaints. The majority of the comments have been negative.

Plaintiff is informed and believes and based thereon alleges that at the bequest of Defendant Solvera or Doe Corporation and with the full cooperation of Defendant Radonich, Mr. Mascott filed a complaint on behalf of Hair Solutions against Radonich for defamation.

In the underlying action the conspirators sought only injunctive relief. Specifically, the complaint requested an injunction that Radonich be “ordered to take all action, including but not limited to, requesting removal from the Internet search engines including Google, Yahoo!, and Bing of all defamatory, disparaging, libelous, and false statements about Plaintiff that Defendant has posted on the Internet.”

Mr. Mascott filed the Complaint on January 7, 2016. On information and belief, at all relevant times Mascott knew that Radonich was not the author of the statements at issue in the Radonich Case, and thus was not a proper defendant in that case.

Shortly thereafter, on January 13, 2016, Mascott filed a Stipulation for Final Judgment and Permanent Injunction with the Superior Court, containing a jurat from Radonich dated January 9, 2016. (See Exhibit 5.) On information and belief, Mascott coordinated with Radonich as Radonich’s attorney in acquiring this stipulation, such that he simultaneously represented both parties in the Radonich Case.

Having obtained a stipulated injunction from the Court, the conspirators then approached various search engines including, on information and belief, Google, Yahoo!, and Bing and requested that those search engines deindex the pages of Pissed Consumer. Instead of limiting the deindexing to the pages that contained statements Radonich claimed to have posted, the request to deindex included all web pages with entries about Keranique.

By engaging in this scheme, Defendant Conspirators obtained a court order under false pretenses and used the court order to persuade popular search engines to deindex every statement about Keranique, including the First Amendment protected statements of opinion and true fact posted by other individuals who were not a party to the underlying action.

And on it goes for several pages, detailing reputation management companies creating sham companies and bogus defendants -- with the apparent assistance of cooperative lawyers -- to delist content for paying clients. Whether or not clients actually knew this was happening remains to be seen, but the Texas AG's complaint claims Solvera lied to both its customers and the lawyers it used about the lawsuits it was filing. However, the two lawyers named here appear to have been complicit in the scheme, although they may never have been used directly by Solvera.

Needless to say, Google has stepped up its rejections of questionable court orders targeting protected speech. The increased scrutiny makes this fraudulent scheme less of a sure thing for shady reputation management companies. In Solvera's case, nuking criticism with fraudulently-obtained court orders was apparently big business, with its owner claiming to charge $50,000-$100,000 for this delisting service. (He's also a fan of Right to Be Forgotten, which makes cosmic sense but not business sense.) Hopefully, Solvera socked some of that cash away. It's got a lot of people to answer to.

Read More | 9 Comments | Leave a Comment..

Posted on Techdirt - 20 September 2017 @ 11:55am

NSA Employees Routinely Undermined 'Non-Attributable' Web Access With Personal Web Use

from the ONE-OF-US dept

Another large batch of Snowden docs have been released by The Intercept. The new documents are part of the site's "SID (Signals Intelligence Directorate) Today" collection, a sort of interoffice newsletter featuring discussions of intelligence-gathering efforts the agency has engaged in, as well as more mundane office business.

The one discussed in this Intercept post details some careless opsec by Intelligence Community (IC) employees. Like anyone in any office anywhere, IC employees use their office computers to send personal email, shop online, and fritter away the downtime with some web surfing.

That's where they're running into problems. This SID Today document [PDF] deals with the IC's personal use of company computers -- namely, the "attribution" problem that develops when outside websites are accessed using IP addresses that can be traced back to the NSA and other IC components.

The IC uses a system called AIRGAP to provide internet access for IC employees while supposedly still preventing outsiders from tracing IP addresses back to sensitive locations. Set up in 1998 by "one of the world's largest internet providers," the system was supposed to provide non-attributable access to the outside internet world.

Unfortunately, as is detailed by the SID Today doc, the execution of AIRGAP was lacking.

One early concern about the firewall was that it funneled all internet traffic through a single IP address, meaning that if any activity on the address was revealed to be associated with U.S. spies, a broad swath of other activity could then be attributed to other U.S. spies. More IP addresses were subsequently added, but “occasionally we find that the ISP reverts to one address, or does not effectively rotate those assigned,” Speight wrote.

Speight added that the “greater security concern” was the very intelligence agents the system was designed to protect. “Despite rules and warnings to the contrary, all too frequently users will use AIRGAP for registering on web sites or for services, logging into other sites and services and even ordering personal items from on-line vendors,” Speight wrote in a classified passage. “By doing so, these users reveal information about themselves and, potentially, other users on the network. So much for ‘non-attribution.'”

It's the sort of simple carelessness that's almost unavoidable in large organizations. The NSA's effort to distance itself from its employees' internet use was thwarted by the ISP's funnel and IC employee sloppiness. As The Intercept points out, this mirrors some of the brainlessness exhibited by Russian hackers, who used a system designed to obscure their origin, but constantly undermined that protection by using the same system to log in to personal social media accounts.

The difference between the two is AIRGAP was just there to open a portal out of the IC's closed system. The Russian's system was designed to obscure the source of attacks. But the personal use of the IC's firewall/AIRGAP is still a violation of internal policy, as the document points out.

Rather than work towards preventing the unpreventable (personal web use), the IC set up another system -- OUTPARKS -- which provided more than 200 random IP addresses, all of which would be registered to an ISP, rather than the IC itself. Confusingly, the new system -- put in place in 2005 -- is also referred to as AIRGAP, primarily because IC employees are creatures of habit and referred to OUTPARKS as AIRGAP despite it being an entirely new, NSA-owned operation.

Ultimately, the document shows NSA employees are just like the rest of us: periodically bored and prone to using work computers for personal reasons.

Read More | 14 Comments | Leave a Comment..

Posted on Techdirt - 20 September 2017 @ 10:47am

Alt-Right Twitter App Developers Sue Google After Gab.Ai App Is Kicked Out Of The Play Store

from the symbolic-acts-of-litigation dept

Google's decision to boot a controversial social media app from its Play store has resulted in a lawsuit. And it's a very strange lawsuit -- one that attempts to turn inconsistent moderation efforts into anti-trust allegations against Google.

Some background information is necessary. Some of this can be gleaned from the complaint [PDF], which was put together by Marc Randazza (of First Amendment fame), Ron Coleman (key to the Slants' Supreme Court trademark win), and Jordan Rushie (who has participated in/fought against copyright trolling efforts). Given the litigation credentials behind the filing, it's surprising there's not more to the complaint.

But first, the background: is the plaintiff in this suit. Gab sprung to life as a Twitter alternative, built in response to a perceived crackdown on alt-right accounts. It's not as though the accusations are false. Twitter has frequently applied its moderation standards unequally, resulting in bans and shadowbans of alt-right accounts. As the lawsuit points out, Twitter removed alt-right figurehead Milo Yiannopoulos verified checkmark -- not because Milo wasn't who he said he was, but because it apparently didn't like him or his millions of followers. Six months later, Twitter banned him for good, citing his harassment of actress Leslie Jones.

So, much like Voat became a Reddit for people who thought Reddit censored too much speech, Gab became Twitter for those who felt Twitter censored too much speech. Gab became a mostly-free alternative Twitter, supported by subscribers, and heavily-populated by alt-right Twitter users.

Gab claims to embrace free speech. It engages in very little moderation of users' content, only culling certain content like child porn, posting of private information, threats, spam, and use of the platform to sell illegal goods. It does not police "hate speech" like Facebook, Twitter, and Google do. It's the last part that bothers Google. Or at least that's the stated reason for Google's ban of Gab from its app store.

But this wasn't Gab's first app store ban. Apple blocked it twice, first citing pornographic content as the reason. (Obviously, Twitter allows pornographic posts and yet remains available in the iOS app store...) Gab added porn-blocking by default but was rejected again by Apple, with the company pointing to its rules on hate speech.

Pretty much the same thing happened with Google. Google claimed Gab did not include a "sufficient level of moderation" and did not act to remove content "encouraging violence and hate against groups of people."

Gab's response to Google's ban pointed out it shouldn't need to police speech that isn't actually unlawful just to stay in Google's app store graces. Roughly a month after Google's decision, Gab has sued. What should probably have been left to public shaming of Google for belatedly distancing itself from Gab's social media construct has now become a plea for federal intercession.

The lawsuit runs down the history of Gab, as well as Twitter's shutdown of prominent alt-right/white supremacist accounts. The antitrust action appears to be limited to Google's partnership with Twitter. Google now has access to Twitter's "firehose" -- all public posts from all Twitter users in real time. This allows Google to return tweets in its search results.

Apparently, this partnership -- combined with Google's domination of Android app services -- is evidence of Google's anticompetitive behavior. The problem with the argument is Google's unwieldy application of its app store policies doesn't appear to be Google attempting to eliminate a competitor. Gab doesn't directly compete with Google+. If anything, it's a Twitter competitor. Google's only interest in Twitter is better search results. Kicking Gab out of the app store doesn't remove its web presence, nor does it prevent Gab users from downloading the app directly from Gab itself.

Much is made of the danger of sideloading apps. And it's true sideloading poses greater risks to Android users, especially if they're careless with their sources. While this behavior is somewhat discouraged by the Android system during phone setup, the option to sideload can be turned on and off as needed to allow the installation of apps not included in Google's Play store.

The lawsuit makes better points about removal from the Play store having deleterious financial effects on Gab, including the loss of ad placements in Google store and targeted ad campaigns utilizing Google's tools to find new app users.

Included in the filing are several reasons why Gab's removal is inconsistent with Google's own app policies. But that doesn't turn this into an anticompetitive act on Google's part. The end result may be indistinguishable but there are plenty of innocuous reasons for the app's removal that have nothing to do with Google killing Gab to protect its partnership with Twitter.

But that's pretty much what the filing hopes the judge will find. Google's history of anticompetitive behavior is detailed in the lawsuit, as well as its forays into patent enforcement. Twitter's inconsistent application of its policies to shut down alt-right accounts is also detailed, providing evidence of nothing, considering Twitter isn't party to this lawsuit.

Hidden in all of this are two paragraphs on Section 230 which misconstrue protections afforded to entities like Gab.

Even if it were possible for a social media platform to censor "defamatory and mean-spirited content" generated by 250,000 users, a level of content censorship by a social media platform that extended to "defamatory" and "mean-spirited" content place at risk that service's status as a protected Internet Service Provider, as opposed to a publisher or speaker, under 47 U.S. Code § 230, also known as Section 230 of the Communications Decency Act ("CDA").

Unlike an Internet Service Provider, a publisher or speaker is not granted the "safe harbor" benefits of Section 230, and may be held liable for defamation or other torts or other liability arising from content published on a platform it owns or manages.

This assertion greatly misconstrues how Section 230 protections work. This would be worth noting in any case, but especially so since it involves Marc Randazza, who has penned screeds pointing out the opposite: moderation efforts by ISPs do not undermine Section 230 protections.

I do delete comments from time to time. If I notice them and they are “excessively violent” or “harassing” or “otherwise objectionable,” I delete them. Why? First, its my blog, so my fucking rules. You have a right to express yourself, but not necessarily here. Second, I have absolutely no doubt in my mind that I can delete one comment and leave 100 filthy, objectionable, harassing, defamatory, nasty, and brutish comments and still not be liable.

Section 230 has been a wonderful thing. It has allowed the Internet to grow, and allowed services like Facebook, Craigslist,,, and any number of other fun websites to exist. It allows me to have a comments section on each post, without worrying about whether I’ll be liable for something posted there. It does foster free speech online. So hooray Section 230.

And the relevant part of Section 230, being brushed aside here to portray Gab's lack of moderation as somehow being essential to its 230 protections:

No provider or user of an interactive computer service shall be held liable on account of—

(A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers to be obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable, whether or not such material is constitutionally protected

Indeed, it's this very part of CDA 230 that likely will help Google get this lawsuit tossed. Under widely established precedents concerning CDA 230, Google is free to moderate its platform -- in this case, the Android Play Store -- however it likes, without increasing its own liability. To misrepresent CDA 230 by saying that moderation takes away CDA 230 protections... and then ignoring that those same protections probably prevent this lawsuit is just strange.

This is a bizarre lawsuit, to say the least. It almost looks like a proxy salvo in the ongoing war between the "Alt-Right" and the "Establishment Left," which is no longer political parties in power but West Coast tech companies shutting down speech they don't like.

The problem is, Google can legally police speech however it wants. It pays the price in goodwill and public perception, but arbitrary enforcement of app store policies isn't the same thing as antitrust violations, even if the end result is the death of apps and platforms.

At the end of it, we're left with a lawsuit that serves mostly to cater to its base: pissed off Gab users. That's fine, if that's all you want from your legal representation. Google's booting of the Gab app isn't any more correct than this resulting lawsuit. It's a move that caters to its base: progressives who feel speech they don't like shouldn't be allowed anywhere.

Google's motivations for the shutdown are probably as simplistic as they are inexcusable: Google simply didn't want to be known as the place where people could go to get the Gab app. Apple's earlier rejection relegated it to the Android ghetto and Google is engaging in broken windows policing. It's ugly all over and it does nothing to reconcile diametrically-opposed thinking, but it's not anticompetitive. It's just stupid.

Read More | 132 Comments | Leave a Comment..

Posted on Techdirt - 20 September 2017 @ 6:41am

The NSA's Weird Interest In File Sharing Programs

from the National-Sharing-Agency dept

Another large Snowden document dump from The Intercept uncovers many more off-brand uses of NSA surveillance tools. The pile of documents come from the NSA's "SID (Signals Intelligence Directorate) Today" files, of which there are apparently thousands of available pages. The documents released late last week show that if it happened online, the NSA was looking at it.

According to documents provided by NSA whistleblower Edward Snowden, the spy agency formed a research group dedicated to studying peer-to-peer, or P2P, internet traffic. NSA didn’t care about violations of copyright law, according to a 2005 article on one of the agency’s internal news sites, SIDtoday. It was trying to determine if it could find valuable intelligence by monitoring such activity.

But it appears the NSA found very little worth observing.

“By searching our collection databases, it is clear that many targets are using popular file sharing applications,” a researcher from NSA’s File-Sharing Analysis and Vulnerability Assessment Pod wrote in a SIDtoday article. “But if they are merely sharing the latest release of their favorite pop star, this traffic is of dubious value (no offense to Britney Spears intended).”

The info in the SID Today publication [PDF] is a bit dated, as it shows BitTorrent trailing applications like eDonkey and KaZaa. Even though it was mostly popular albums traversing the internet pipes, the NSA still formed a File-sharing Analysis and Vulnerability Assessment (FAVA) "pod" to poke away at the infrastructure and search the shared files for data of national security interest. To do this, it had to strip away the layers of protection lying between the NSA and the contents of the files.

As many of these applications, such as KaZaA for example, encrypt their traffic, we first had to decrypt the traffic before we could begin to parse the messages. We have developed the capability to decrypt and decode both KaZaA and eDonkey traffic to determine which files are being shared, and what queries are being performed.

Breaking the encryption allowed the NSA to peer into users' computers via their shared folders, as well as harvest email addresses, country codes, user names, and lists of recent searches.

Even so, there was little actual intelligence to be gathered from the most popular file sharing applications of a decade ago. But that laid the groundwork for further examination of file sharing for national security reasons. A program called GRIMPLATE tracked BitTorrent use by Defense Dept. employees, checking to see if any of the swarms travelling in and out of the DoD's safe spaces was "malicious" -- a definition that presumably covers DoD employee exfiltration of sensitive files as well as possibly-harmful programs being downloaded to DoD computers.

Over in the UK, GCHQ was taking much more proactive steps toward turning torrent traffic into both a weapon and a source of intel.

The page describes DIRTY RAT, a GCHQ web application used by analysts that at the time had “the capability to identify users sharing/downloading files of interest on the eMule (Kademlia) and BitTorrent networks. … For example, we can report on who (IP address and user ID) is sharing files with ‘jihad’ in the filename on eMule. If there is a new publication of an extremist magazine then we can report who is sharing that unique file on the eMule and BitTorrent networks.”

The RAT was also tasked with gathering info to be shared with law enforcement. Child porn is name-checked in the document, as are the London Metro Police and FBI. But GCHQ wasn't interested in merely collecting info on users sharing illicit content. It also wanted to use the sharing platforms for malware delivery.

A tool called PLAGUE RAT “has the capability to alter the search results of eMule and deliver tailored content to a target,” the wiki article states. “This capability has been tested successfully on the Internet against ourselves and testing against a real target is being pursued.”

File sharing hasn't gone away, so it's indisputable both agencies are still eyeballing BitTorrent traffic. Considering a number of exfiltrated docs/software have been shared via the service, there are probably files of national security interest circulating along with movies, music, and games.

Read More | 27 Comments | Leave a Comment..

Posted on Techdirt - 18 September 2017 @ 1:28pm

Arizona Motel 6 Branches Start Handing Out ICE To Unsuspecting Customers

from the KNOCK-N-TALK-Room-Service™ dept

Motel 6 sure seems to love handing over guest info to law enforcement. A couple of years ago, a Rhode Island branch decided to start faxing its guest list to local police every night -- something the PD had never asked it to do. This pleased the mayor, who proudly noted he knew everyone who was staying at the motel every night. Backlash followed and the police chief announced he would no longer accept Motel 6's guest list faxes.

Two years later, Motel 6 branches in Arizona are doing pretty much the same thing. This time, however, the info appears to be going straight to Immigration and Customs Enforcement. Free ICE in motel rooms never goes out of style. An undocumented motel guest detained under suspicious circumstances led to local journalists digging into public records.

A Phoenix New Times review of court records found that between February and August, ICE agents made at least 20 arrests at Motel 6s, showing up roughly every two weeks. (Since many of the documents we reviewed contained only vague details about where ICE encountered an individual, the actual number is likely even higher.)

All took place at one of two Motel 6 locations: 4130 North Black Canyon Highway or 1530 North 52nd Drive. Both are in predominantly Latino neighborhoods. New Times was unable to find records indicating that ICE conducted arrests at other local motels during this same time period.

So far, nothing all that conclusive. Some things can be inferred from the New Times' investigation of public records, but there's nothing specifically noting ICE agents are working from motel guest lists. However, nothing in the records indicates how ICE is locating these undocumented motel guests. The only thing stated in the documents is agents were "following up on tips."

The New Times decided to go right to the source -- motel employees -- and got some very straightforward answers.

“We send a report every morning to ICE — all the names of everybody that comes in,” one front-desk clerk explained. “Every morning at about 5 o’clock, we do the audit and we push a button and it sends it to ICE.”


[F]ront desk staff at multiple Motel 6 locations in the Valley said that they regularly share guest information with local police.

“I don’t know how it works, but if you check in and you have a warrant, you’re going to get picked up,” one young woman explained.

ICE has refused to comment on the veracity of these employees' claims, saying doing so would compromise investigative techniques. However, if this is what's happening, it's neither "investigative" nor much of a "technique." It's just someone running a list against DHS/ICE databases and hoping for a hit. The motel is doing all the legwork, and there's precious little of that being done.

Even if you consider the employees' statements to be unreliable hearsay, there's the corporate response to the New Times story, which makes it explicitly clear sending guest lists to ICE was exactly what was happening:

Regarding your media story on the Phoenix-area location, this was implemented at the local level without the knowledge of senior management. When we became aware of it last week, it was discontinued. We are currently further investigating and will provide more information shortly.

This is better but far from completely comforting. ICE can't demand any motel hand over guest lists in perpetuity, but there's nothing in the law (or even on-point Supreme Court decisions) that forbids agents from popping in and checking out lists in person. The same goes for local law enforcement, which may take its own look-see and pass that on to the feds if anything catches their eye. Motel 6's corporate rollback of an extremely localized unofficial policy may return a little privacy to its guests, but the law and the courts see very little that's protected in information turned over to third parties.

39 Comments | Leave a Comment..

Posted on Techdirt - 18 September 2017 @ 9:32am

EFF, ACLU Sue Government Over Warrantless Electronic Searches At The Border

from the still-in-US-territory,-but-none-of-your-rights-apply dept

If all goes well, we might have the US border join the rest of the United States in recognizing citizens' Fourth Amendment rights. The Supreme Court's Riley decision made it clear law enforcement needed to obtain warrants before searching people's cellphones. Unfortunately, the so-called "border exception" -- upheld by at least one court -- says securing the border is more important than recognizing people's rights.

The EFF and ACLU -- along with the 10 US citizens and one permanent resident they're representing -- are suing DHS, CBP, and ICE for violating the Constitutional rights of the plaintiffs by warrantlessly searching their devices. Not only did the government search their devices, but in some cases, held onto the devices for weeks. One plaintiff's phone is still in the hands of the CBP, having originally been taken from the plaintiff in January.

The filing [PDF] provides details of the plaintiffs' interaction with government agents at US borders. All plaintiffs were taken to secondary screening where they were coerced into handing over their devices and, in some cases, passwords. This is all being done with zero articulable suspicion or probable cause. Agents imply devices will be returned sooner if those they've detained are compliant. But even complicity can result in citizens having to leave their devices in the hands of the government.

Even when travelers comply with officers’ demands to unlock their devices or provide their device passwords, officers sometimes confiscate the devices anyway. For example, even though Ms. Alasaad provided the password to her phone, and CBP officers had already searched Mr. Alasaad’s unlocked phone, officers still confiscated both of the couple’s phones. CBP kept both phones for approximately 15 days.

These lengthy device confiscations cause significant harm. Many travelers, including Plaintiffs, rely on their electronic devices for their work and livelihoods, as well as for communicating with family members. Losing access to electronic devices and the information they contain for extended periods of time can disrupt travelers’ personal and professional lives. Confiscation of electronic devices is especially harmful to those who need, but do not have or cannot afford, replacement devices, and those who need but did not back up stored data.

As a result, the plaintiffs have spent thousands of dollars replacing devices the government kept without offering a legitimate law enforcement/national security reason for doing so. As the lawsuit points out, this type of behavior is unconstitutional.

When CBP and ICE officers confiscate electronic devices pursuant to their policies and practices for the purpose of searching those devices’ content, such confiscations violate the Fourth Amendment in at least three distinct ways:

a. First, these confiscations are not justified at their inception when they are affected absent probable cause.

b. Second, these confiscations are excessive in scope, because officers confiscate not just the locked devices they are unable to search at the port of entry, but also the unlocked devices they are able to search and that they sometimes have already searched.

c. Third, these confiscations are excessive in duration where the duration of confiscation of locked devices is unreasonable in relation to the time actually needed to search the devices.

In addition to the Fourth Amendment violations, there are also concerns about the First. A few of those participating in this lawsuit are journalists. CBP officers not only searched their phones, but questioned them directly about sources and subjects.

Even the plaintiffs who aren't journalists have valid First Amendment complaints. If the government's going to demand access to writings, photos, videos, and other forms of expression stored on electronic devices, this limits future expressive acts. People whose devices have been seized and searched are less likely to give the government as much to dig through the second time around. This means less writing, fewer photos, and steering clear of any artistic creation the government might somehow misconstrue as threatening, criminal, or simply critical of rote government abuse.

As the plaintiffs point out, these searches aren't Constitutional, but they are allowed by DHS and CBP policies -- which state agents may search and seize phones without reasonable suspicion. To that end, the lawsuit asks the court to find the policies officially unconstitutional and ban the government from searching devices at the border without a warrant.

It's a long shot, given the judicial branch's general deference to all things national security-related. But it will be nice to see the government explain how the Supreme Court's Riley decision somehow doesn't apply to American citizens just because they're entering or leaving the country.

Read More | 26 Comments | Leave a Comment..

Posted on Techdirt - 18 September 2017 @ 3:26am

Government Drops Facebook Search Warrant Gag Order At Eleventh Hour

from the preventative-action dept

Facebook has won its challenge against a warrant gag order. Unfortunately, it's more of a case of the government forfeiting than the social media giant raising a successful challenge.

Details from the case are limited, but the warrant appears to target protesters arrested during Trump's inauguration. Nearly eight months after having the gag orders challenged, the government has decided to let Facebook inform users affected by the government's demand for 90 days of Facebook activity from three accounts. But there's no victory here for Facebook, because it appears the government is merely seeking to avoid losing the case and having gag order-unfriendly precedent established in a district where it does a whole lot of secretive work.

Here are the details, from Zoe Tillman at Buzzfeed.

According to court papers filed jointly by Facebook and the US attorney's office in Washington on Wednesday, prosecutors determined that the underlying investigation that prompted the search warrants — the details of which are under seal — had "progressed ... to the point where the [nondisclosure orders] are no longer needed."

The announcement came less than 24 hours before an appeals court in Washington, DC, was set to hear arguments in the case. According to the joint filing, a lower court judge vacated the nondisclosure orders at the government's request, making Facebook's appeal of those orders moot. The lawyers asked the District of Columbia Court of Appeals to dismiss the case, and the court granted that request on Wednesday afternoon.

This leaves the government's case intact and mostly buried. The now-lifted gag order wasn't indefinite: it allowed Facebook to notify users 30 days after info was handed over to the government. But so far, no info has been handed over, which means the clock hasn't budged on eventual disclosure. Now Facebook can inform the users affected, but the government's removal of the gag order suggests disclosure never posed any real risk to the government's investigation.

The government probably sensed things wouldn't go completely its way after the DC Appeals Court asked other interested parties to submit briefs on the issue. Multiple tech companies have challenged government search warrants and gag orders in last few years, resulting in a handful of small wins on the civil liberties front. Faced with this shift in judicial behavior, the government ditched this case just before public arguments were set to begin.

The lack of a positive precedential rulings hurts, but there's no shortage of gag order challenges to be had. As Facebook's own data shows, more than half the requests it receives from US law enforcement come with gag orders attached. The FBI's liberal use of National Security Letters adds to that percentage, but statutorily-limited reporting makes it impossible to tell how often the feds demand info and vows of silence simultaneously.

5 Comments | Leave a Comment..

Posted on Techdirt - 14 September 2017 @ 7:20pm

Vermont State Police Rewrite Press Rules To Withhold As Much Information As Possible

from the close-to-the-vest dept

Various authority figures have attempted to define journalism, usually excluding their critics. A recent post here covered a police chief who decided he could determine a journalist's credibility based almost solely on their web presence. Trimming down the definition of "journalist" allows government officials to limit their accountability by treating only certain outlets as credible.

So, we already have government authorities attempting to define what is or isn't a "real" news outlet. Jonathan Peters of the Columbia Journalism Review reports a government authority is attempting to define what is or isn't news. In this case, it's the Vermont State Police.

It recently revised a “Press Release and Public Information Policy” that provides guidance for police officers regarding how, what, and when information should be given to the press and public. The revisions came in July, and local journalists aren’t happy.

“The policy leaves it up to individual state troopers to determine what is news and what isn’t,” Michael Donoghue, the executive director of the Vermont Press Association, tells CJR. “Crimes, including sexual assaults, armed robberies, arsons, burglaries, embezzlements, drugs, and more are not required to be disclosed. Vermonters want to know if they are safe in their homes and out on the streets.

The new policy [PDF] prefers ambiguity to clarity and transparency. Worse, it allows officers and police officials to make subjective calls on newsworthiness, which is obviously going to make policing the police that much more difficult. This part is particularly problematic, as it restricts dissemination of information to that which is subjectively defined as "significant public interest."

Press releases will be issued as soon as practicable for significant incidents of public interest, including, but not limited to arrests, citations, road closures, hazardous scenes and motor vehicle crashes.

Beyond that, VSP will withhold all info that "could identify" victims of crimes. This would include those who are on the receiving end of criminal activity by law enforcement officers. As Peters points out, this may nod to privacy, but does very little for public safety. (Not to mention accountability…) This would allow officers to withhold information that might be actually useful to the public, like the areas where repeated criminal activity is being observed.

Even as it places more limits on dissemination, the State Police is playing up its supposed "consultation" with local journalists when revising its policy. That's as much of a sham as the new policy.

While the police say they consulted the press (the state public-safety head wrote in a July letter-to-the-editor that the police “met with and had several discussions with and solicited input from” local journalists), the press association didn’t receive a final draft of the revisions before they were implemented.

Donoghue says the formal consultation amounted to one meeting with two officials. Another press association leader then asked to meet with the public-safety head, who hadn’t attended the meeting except to offer a brief welcome. That request wasn’t granted, and there was no follow-up meeting involving the press.

When asked directly about the changes (and their tendency to make dissemination of information even less likely), the Police spokesman offered up some talking points, but little in the way of clarity. He told Waterman the policy tries to strike a balance between the public's right to know and individual privacy and the integrity of criminal investigations. The spokesman also pointed to the department's 14 press releases a day as evidence that it's all over this transparency thing. But, as is pointed out by the policy's critics, 14 releases a day isn't much when there are more than 300 officers on staff. The VSP issues press releases for things like driving with a suspended license and other misdemeanors. If this minutia is supposed to be evidence of transparency, what are the other 300 officers doing with their time?

The faux consultation and the broad language attempt to disguise the self-interested policy rewriting. Law enforcement agencies are rarely paragons of transparency. The new rules the State Police wrote itself with almost zero consultation will only serve to keep more information out of the public's hands.

Read More | 13 Comments | Leave a Comment..

Posted on Techdirt - 14 September 2017 @ 2:13pm

House Passes Amendment Rolling Back Jeff Sessions' Civil Asset Forfeiture Expansion

from the LOAD-LAST-SAVE? dept

Trump's pick for attorney general unsurprisingly holds the same ideals as his boss. He also holds the same misconceptions and misplaced nostalgia for tough-on-crime policing that went out of vogue as soon as it became apparent it wasn't doing anything but filling up prisons.

Attorney General Jeff Sessions has been going hot and heavy on a 1980s-esque law enforcement policy revival. He booted the DOJ off the civil rights beat, telling states and cities to solve their own police misconduct problems -- something they were clearly unwilling to do on their own, hence the DOJ's intercession. He told cops they're getting back their access to war gear, rolling back the Obama administration's minimal 1033 program reforms.

He's been touting tougher policing and tougher sentencing, using a false narrative of a country under siege by drug dealers and criminal border-jumpers. In a time of historic lows -- both in violent criminal activity and violence towards police officers -- AG Sessions is acting like a street corner preacher, promising an impending apocalypse to anyone who will listen.

Sessions is also peeling away federal reforms to asset forfeiture. He's opened the federal safety valve for civil forfeitures, allowing local PDs to dodge state laws limiting the amount of property they can take from uncharged citizens.

Given the makeup of Congress, one would assume Sessions' ongoing effort to raise US law enforcement to "a law unto itself" level would ride on rails, at least up until midterm elections. Instead, Sessions is facing a literal House divided -- not against itself exactly -- but against him.

In a stunning move, the House of Representatives on Tuesday approved an amendment to the Make America Secure and Prosperous Appropriations Act that will roll back Attorney General Jeff Sessions’s expansion of asset forfeiture.

Amendment number 126 was sponsored by a bipartisan group of nine members, led by Michigan Republican Rep. Justin Amash. He was joined by Democratic Reps. Ro Khanna of California; Washington state’s Pramila Jayapal, a rising progressive star; and Hawaii’s Tulsi Gabbard.

If this passes the Senate untouched, the amendment will roll things back to 2015 -- once again prohibiting federal adoption of local forfeitures. It would make state and local agencies play by the rules set for them by their legislatures, rather than allow them to bypass protections put in place to discourage abuse of programs loaded with the most perverted of incentives.

58 Comments | Leave a Comment..

Posted on Techdirt - 14 September 2017 @ 12:09pm

ATF Ran Illegal Mixed-Money Slush Fund For Years With Zero Oversight, Auditing, Or Punishment

from the no-one's-more-above-the-law-then-law-enforcement dept

The ATF isn't restrained by oversight. It's hardly restrained at all. It's made a business of fake stash house sting operations, where downtrodden suckers looking for cash are persuaded to rob a ficitonal stash house of its fictional drugs. The problem is the government then bases its charges on the amount of nonexistent drugs sting victims were told the fake stash house contained. In no sting operation was the "amount" of drugs lower than 5 kilograms -- the amount needed to trigger a 20-year minimum sentence.

Why is the ATF involved? Because every sting operation involves fictional armed guards, necessitating the use of illegally-obtained weapons by sting victims. Bang. More charges with lengthy minimum sentences.

When not pushing people into fake robberies, the ATF regulates alcohol, tobacco, and firearms. (Also explosives, but it makes the well-known acronym more than a bit clumsy.) To facilitate maximum price gouging by state governments, the ATF tries to break up untaxed cigarette sales.

It's this simple work that has propelled an accountability-free explosion in the ATF, most of it traced back to a single office in Bristol, Virginia, fronted by a quasi-legitimate tobacco distributor. From there, an appalling amount of illegal activity was participated in by ATF agents and officials.

Matt Apuzzo has put together an amazing story for the New York Times, sourced from interviews and public records requests -- one that will cause your jaw to drop lower the further you scroll down the page. As Apuzzo puts it, the operation began as a way to bust black-market cigarette sales. It ended up as something much more sinister: an ATF slush fund that mixed public and private money with zero oversight or statutory authority. If any agent needed anything -- from vending machines with cameras in them to credit cards for unquestioned expenses -- they went to Bristol. It was done in the government's name, but plenty of agents personally profited from the operation.

The spending was not limited to investigative expenses. Two informants made $6 million each. One agent steered hundreds of thousands of dollars in real estate, electronics and money to his church and his children’s sports teams, records show.

Federal law prohibits mixing government and private money. The A.T.F. now acknowledges it can point to no legal justification for the scheme. But far from reining in the spending, records show that supervisors at headquarters encouraged it by steering agents from around the country to Bristol.

As the money mixed, the spending increased. ATF officials in Washington sent agents to Bristol to obtain equipment, supplies, and spending money in order to bypass red tape. So many vehicles were requisitioned through Bristol the office had to set up its own leasing company. Hotel bills and gas alone ran nearly $25,000 a month. And yet, the DOJ never looked into the ATF operation or its incredible amount of spending. With public and private funds overlapping, it would have been a nightmare to audit. How much of a nightmare, no one knows… because no one ever tried. Unbelievably, the "accounting" for the ATF's oversight-less, mixed cash operation was left to a single bookkeeper using Quickbooks on her own computer.

As part of the sting, two informants helped pad the ATF's secret account by purchasing cigarettes directly from US Tobacco at $3 a carton and selling them back to the ATF for $17 a carton. Rather than this being a losing proposition for the ATF, the difference in prices allowed the ATF to dump another half-million into its secret Bristol account.

The ATF office was basically housing gangsters with hearts of ill-gotten gold at this point.

[ATF agent Thomas] Lesnak said he set the prices, allowing his informants “customary and reasonable” profits. Mr. Carpenter and Mr. Small were paid $6 million apiece in less than two years, according to court documents. Such huge sums would normally require special approval. But since the money came from the secret account, the A.T.F. officially paid them nothing.

Those around Mr. Lesnak benefited, too. The old tobacco warehouse — a $410,000 repurposed candy factory — was given to his church, property records show. A half-million dollars from the secret account was donated to local law enforcement agencies. Thousands more went to Mr. Lesnak’s children’s school. Mr. Lesnak handed out Blu-ray players and Xboxes to his son’s baseball teammates, one player recalled. The donations, Mr. Small said, were made at Mr. Lesnak’s insistence.

To keep his warehouse workers happy, records show, Mr. Lesnak handed out envelopes of cash — $500 to $700 a month, tax free. On an office casino trip, Ms. Davis testified, he provided money for gambling. Employees were given DVD players, televisions or freezers that arrived in the warehouse, records show.

The ATF's operation finally ran into trouble when US Tobacco began taking an interest in purchases tied to the agency. Concerned it was being used to facilitate something resembling a criminal operation (but run by law enforcement personnel), US Tobacco began looking into activities at its Bristol warehouse. This led to one of the greatest moments of combined irony and schadenfreude in human existence.

The operation ran until Stuart Thompson, a bookish Manhattan native, took over as chief financial officer at U.S. Tobacco. He repeatedly pressed the warehouse manager to explain the unusual supply of Palermos. No market existed for that many cigarettes, he said.

On March 8, 2013, the warehouse manager called Mr. Thompson. “He started telling me that A.T.F. was doing operations in our warehouse,” Mr. Thompson recalled.

Company lawyers descended on the warehouse, seizing everything. A tobacco company had just raided the A.T.F.

Despite all of this, no one involved has been prosecuted. The DOJ still hasn't attempted to audit the funds the ATF worked with, even while declaring the operation to be highly problematic. Everyone involved walked away unscathed. Even Agent Lesnak, who spearheaded the operation and set up the mixed-money slush fund, never received so much as an oral reprimand. I suppose the DOJ felt the 100 or so arrests resulting from the operation outweighed the illegal activity that went on for years under its nose.

The whole story is worth reading. It shows the ATF has the DEA's mentality: nothing matters but the job. Any and all illegal operations are forgiven in advance (and often in arrears) because doing the government's version of God' work involves breaking laws like omelet eggs and keeping oversight as far away as possible from day-to-day activities.

35 Comments | Leave a Comment..

Posted on Techdirt - 13 September 2017 @ 3:55pm

Critic-Raiding Sheriff Settles With Bloggers Who Sued Him Over His Unconstitutional Actions

from the fun-things-happen-when-immunity-is-denied dept

Now that Terre Bonne Parish sheriff Jerry Larpenter has had his immunity stripped by a federal court, it appears he's ready to pay up to keep the damages from mounting. Sheriff Larpenter abused a terrible law -- Louisiana's still-on-the-books-for-some-reason criminal defamation law -- to harass a critic of his. On the way to getting slapped by the court, Larpenter went judge-shopping (bringing his warrant to an off-duty judge) for someone willing to sign his unconstitutional warrant -- a judge who later found the warrant with his signature on it to be perfectly legal.

The state court of appeals shot down Larpenter's warrant. The inevitable civil suit that followed found Larpenter being de-immunized in successive decisions, leaving him to actually bear some responsibility for his act of censorship.

Elizabeth Nolan Brown reports Larpenter is now making nice with Jennifer and Wayne Anderson, the couple targeted by the sheriff for their criticism. The Andersons had their home raided by Larpenter's deputies, who seized every electronic device they could find, including the Andersons' childrens' laptop.

Larpenter has reached a settlement in the civil suit filed against him by Jennifer and Wayne Anderson, whose home was raided by Larpenter's deputies in 2016 after Jennifer blogged critically about the sheriff.

"I think the sheriff's finally learned that he can't bully people and violate people's constitutional rights," Wayne, a Houma police officer, told local station WWLTV. "In our case, he stepped on the wrong people's constitutional rights because we knew our rights. Hopefully, he thinks twice the next time he gets his feelings hurt."

If Larpenter is going to think twice, it will be because a federal court -- in no uncertain terms -- told him he travelled far outside Constitutional confines and the boundaries of his job to harass a critic. The decision opened with this memorable line:

Some qualified immunity cases are hard. This case is not one of them.

It went on from there to explain there was no legal precedent that offered cover for his actions, pointing out no reasonable law enforcement officer could possibly believe abusing a statute already found unconstitutional could possibly be Constitutional.

The Andersons have already received $50,000 from Terre Bonne Parish for its participation in this debacle. The amount of Larpenter's settlement is still undisclosed.

Despite all of this, there's been no action taken by Terre Bonne Parish to punish Sheriff Larpenter for his actions. This will hopefully be corrected. $50,000 has already been transferred from the parish to the Andersons for his 1st and 4th Amendment violations, and it's unclear who will actually be paying for the most recent settlement. Someone who thinks they can use the powers granted to them by constituents to engage in foolhardy witch hunts against critics can't be trusted to impartially handle the job of law and order.

13 Comments | Leave a Comment..

Posted on Techdirt - 13 September 2017 @ 1:28pm

Saying Someone Might Do Something Illegal With Cash Isn't Enough For Gov't To Seize It, Court Rules

from the by-any-means-unnecessary dept

The government loves taking people's money. It likes it so much it gets pretty weird about it. Even considering all we've covered here on the subject of forfeiture, the legal theory deployed by the government in this case is astounding. From the Ninth Circuit Court of Appeals decision [PDF]:

The panel reversed the district court's judgment of civil forfeiture of $11,500 under 21 U.S.C. § 881(a)(6) from claimant Charles Guerrero, and remanded for a new trial.

When Guerrero, through a friend, tried to post the $11,500 as bail for his wife, the government seized the cash. At trial, the government alleged two theories: that the money was proceeds from the claimant's drug deals, and that the claimant used or intended to use the money to facilitate drug transactions.

Charles Guerrero and his wife were no angels. But neither were they high-level drug dealers. Both apparently had crippling heroin addictions and engaged in a small amount of dealing to ensure the incoming flow of heroin.

But that's not enough to excuse the government nabbing bail money under the theory it probably came from drug dealing or -- more spuriously -- that it might have been used to purchase drugs if it hadn't been spent on bail.

Guerrero had his friend take the cash to pay the bail because Guerrero had no valid ID. Guerrero claims he had about $14,000 in cash in his home obtained from insurance settlements and the sale of a vehicle. The government made its own claims, based on the discovery of drugs in the vehicle Guerrero was sitting in, along with a dog that said, "Yes. That is drug money."

While Charles waited outside, Wood went to the MCDC’s bail window and told an officer he was there to post the cash to free Rosalie. Jail officials ran Wood’s records and discovered that he had a criminal history. Coupled with the fact that Wood was attempting to bail out a repeat drug offender with a wad of cash, this prompted jail officials to call Agent Guy Gino of the federal Department of Homeland Security. Agent Gino went to the MCDC, asked Wood a few questions regarding the origin of the $11,500, and requested permission to have a drug sniffing dog smell the currency. Wood agreed.

The dog (Nikko) alerted to a drug odor on the money. Agent Gino asked Wood if Nikko could sniff his car. Again, Wood agreed. On the way to the car, the group encountered Charles, who was waiting for Woods to come out of the jail. Charles objected to law enforcement searching the car but Wood nonetheless permitted Nikko to do so. Nikko alerted to a black bag in the vehicle—which, the officers later discovered, belonged to Charles—containing 3.6 grams of heroin. Officers also found an additional $2,971 in cash on Charles. Agent Gino arrested Charles and seized the drugs, the $2,971 found on Charles, and the $11,500 Wood had tried to post as bail.

The government seized it all. Guerrero challenged the seizure. The jury at the lower level let the government keep it. Guerrero appealed and the Ninth Circuit Court reversed on the issue of the $11,500. On remand, the government restated its assertions about the $11,500, claiming the Guerrero's had no proof the money had been obtained legally. Failing that, the government claimed the money -- even if obtained legitimately -- would only be used to purchase more controlled substances. Heads, I win. Tails, you lose. But not this time.

The Appeals Court will send this case back to the lower court a second time. As it noted during its first pass, there were genuine questions about the origin/destination of the $11,500, but it needed far more than the government's speculative assertions to make this call. Unfortunately, the lower court dismissed Guerrero's argument that the jury's split verdict allowed the government to punish him for thinking, rather than for what he actually did. The district court basically gave the government an unearned win, stating the money's origin was clean but its intended use wasn't.

This makes a mockery of due process, even more so than civil forfeiture already does. If someone socks away some cash intending to purchase drugs at some point, but then attempts to pay bills with it instead, the government could theoretically seize the cash before the bills are paid based on the person's arrest history, apparent drug dependency, etc. Given free reign, no one's money is safe, least of all those with criminal pasts.

Unsurprisingly, the court finds this theory of future "guilt" a violation the Eighth Amendment. Americans are supposed to be free of cruel and unusual punishments. Taking money from people because they might use it to commit a legal act in the future is cruel and unusual, especially when no actions have been taken indicating the cash is headed for an illegal destination. As the concurring opinion points out, the $11,500 was in process of being handed over to pay bail, making any illegal future use of that $11,500 impossible.

The court points out the law simply cannot be read the way government would like it to be. To do so would make any amount of cash seizable from anyone, simply because cash and the possibility for bad things to be done with it are both things that will always exist.

On its face... § 881(a)(6) contains no limiting principle and appears to apply whenever anyone, at any point in time, so much as thinks about using money to purchase drugs. One need not look any further than this case to realize how far the literal language of § 881(a)(6) could reach. The only evidence from which the jury could have concluded that the Guerreros intended to use the $11,500 for drugs shows that the couple were heavy heroin addicts who bought and sold drugs regularly. The government offered no specifics. Although it should surprise no one that an addict might think of spending whatever money he has to sustain his addiction, the Guerreros, so far as the evidence indicates, did not act on any such thoughts with respect to the $11,500. 4 In fact, at the time Agent Gino seized their money, the Guerreros had entrusted it to Virgil Wood, who was standing at a bail window in the MCDC asking to bail out Rosalie. Was there some possibility that, prior to Wood walking in the MCDC, the Guerreros intended to use the money for drug transactions? Of course. And is there a likelihood that if the Guerreros got the bail money back they would have used some part of it in the future for drugs? Again, it seems reasonable to answer “of course.” Does § 881(a)(6) reach either back in time to unrealized intentions or forward in time to speculative, inchoate plans? We think not.

Because the government's assertions came before the jury instructions, the forfeiture is being overturned on a procedural issue, rather than the governing statute being innately unconstitutional. The government will get a third chance to take $11,500 from the Guerreros, unfortunately. But it won't be able to argue quite as vehemently that a drug user's cash will only be spent on drugs.

Read More | 32 Comments | Leave a Comment..

Posted on Techdirt - 13 September 2017 @ 10:47am

Texas Attorney General Issues Complaint Against Reputation Management Company For Bogus Lawsuits

from the dominoes dept

Still more evidence continues to be uncovered linking shady reputation management companies to fraudulent defamation lawsuits. This tactic has only recently been exposed, thanks mainly to the efforts of Eugene Volokh and Paul Alan Levy. (Pissed Consumer spotted some questionable lawsuit activity as well, shortly before the Volokh/Levy deluge.)

So far, one victim of this fraudulent behavior has obtained a settlement from one of these reputation management firms. It's likely more such judgments are on the way as more details linking firms to bogus lawsuits are dug up. One judge has already passed on info to the US Attorney's office. Now, Eugene Volokh is reporting the Texas attorney general's office has filed a civil complaint against a company called Solvera that, up until recently, performed illegitimate Google takedown services for customers paying upwards of $10,000, using nothing more than bogus libel lawsuits filed by nonexistent companies against fake defendants.

The civil complaint [PDF] details the bogus inner workings of the lawsuits filed by shell companies set up by Solvera. (Also, shell defendants.)

Solvera Defendants next contract with attorneys, including in Harris County, Texas, to file defamation lawsuits on behalf of their customers. At this point, both the consumer and the attorney are misled. Specifically, Solvera Defendants fail to obtain authorization from, or even notify, its customers before contracting with attorneys to file lawsuits as part of their services. Businesses are surprised to learn, after the fact, that a company with a very similar name to their legal name has been named as the plaintiff in a lawsuit.

Second, the attorney has been told by Solvera Defendants that they have already identified and contacted the alleged defamation defendant, the individual who purportedly posted the negative information on the Internet, and the parties have already reached a settlement. Solvera Defendants have already drafted the lawsuit, and send it along with the URL De-Index Agreement to the attorney. Local attorneys are thereby misled, because Solvera Defendants misrepresent that their customer has in fact authorized a lawsuit, when in actuality it is a fictitious business entity. This entity has then granted power of attorney to the local lawyer.

Solvera Defendants make this misrepresentation by sending those attorneys a different version of the URL De-Index Agreement than the one that was signed by the customer. This version of the De-Index Agreement includes provisions stating that the consumer has agreed to be represented by the local attorney by granting a power of attorney, provisions that are not present in the original De-Index Agreement.

Moreover, these local attorneys are further misled because Solvera Defendants fail to actually identify and contact the original poster of the content the consumer had believed was defamatory. Instead, a California blogger has made an additional posting to the original purportedly defamatory content, and has agreed to be "defendant" in the defamation lawsuit.

Identifying the person consumers believe originally posted negative information would be nearly impossible to accomplish from the often anonymous complaints posted on the internet. So, Solvera Defendants have a local California associate sign an affidavit, in which he/she falsely states that he/she is a resident of the Court's jurisdiction, including Harris County, and further falsely states that he/she engaged in all of the conduct alleged in the lawsuit, which extends to more than just the comment that they had additionally provided. This is evidenced by the fact that invariably the affidavit is notarized in California despite the alleged defamation defendant's supposed local residence, in Harris County.

A bogus lawsuit is filed in a Texas court, purportedly from a company located outside of the state, featuring a defendant allegedly located in Texas but willing to take a road trip to California to get their confession notarized by a lawyer there. A judgment is secured against the defendant, which is passed along to Google for delisting as supposedly defamatory content. This all goes on without Solvera's customers knowing this is happening. Not only that, but the lawyers contracted to file the legal paperwork apparently have no idea they're participating in Solvera's fraud on the court.

If this complaint sticks, Solvera will be blocked from filing more bogus lawsuits and (importantly) from attempting to deep-six any still pending in Texas courts. If the court finds for the state, Solvera will also be required to repay every customer they defrauded, along with $20,000 per violation of the Texas Deceptive Trade Practices Act. Hopefully, most of this will stick and serve as a pricey deterrent to others hoping to turn a profit by lying to the courts.

Read More | 10 Comments | Leave a Comment..

Posted on Techdirt - 13 September 2017 @ 3:35am

AG Sessions, DOJ Ask Congressional Leaders For A Clean, Forever Re-Authorization Of Section 702

from the also:-mandate-that-people-like-us dept

The DOJ and Attorney General Jeff Sessions have offered up their official plea for a clean reauthorization of Section 702 surveillance powers. These are due to expire at the end of the year, but so far there's been no concerted effort to subject it to greater restrictions -- at least nothing as cohesive as the opposition to Section 215 renewal that began shortly after the Snowden leaks started.

Unlike Section 215 phone records collections, the Section 702 collections at least appear to be somewhat useful in harvesting communications relevant to national security efforts. But these collections should be subjected to even greater scrutiny because of what they contain: communications. While the NSA may have ended its supremely vague "about" email collection program (which harvested emails talking about targets/keywords, along with those to and from actual targets), it appears to only have done so because it couldn't make it stop harvesting US persons' communications.

But none of that is mentioned in the Attorney General's letter to Congressional leaders. Instead, the request asks not only for a "clean" reauthorization, but a "forever" one as well.

We are writing to urge that the Congress promptly reauthorize, in clean and permanent form, Title VII of the Foreign Intelligence Surveillance Act (FISA), enacted by the FISA Amendments Act of 2008 (FAA), which is set to sunset at the end of this year.

Title VII of FISA allows the Intelligence Community, under a robust regime of oversight by all three branches of Government, to collect vital information about international terrorists, cyber actors, individuals and entities engaged in the proliferation of weapons of mass destruction and other important foreign intelligence targets located outside the United States. Reauthorizing this critical authority is the top legislative priority of the Department of Justice and the Intelligence Community. As publicly reported by the Privacy and Civil Liberties Oversight Board, information collected under one particular section of FAA, Section 702, produces significant foreign intelligence that is vital to protect the nation against international terrorism and other threats.

Whether or not the collections produce useful intel is beside the point. Congress very definitely should not remove the periodic renewal period for surveillance powers. Doing so would subject the powers to even less oversight. A periodic review period allows Congress to take recent events into account when determining how much surveillance power the government should have going forward. It also permits examination by fresh sets of eyes, some of which won't have been fully assimilated into the "national security above all else" way of thinking.

The reasons Congress shouldn't grant a clean, in-perpetuity re-auth are the very reasons Sessions wants Congress to never examine Section 702 collections again. The DOJ refers to a "comprehensive regime of oversight" in its letter, but that phrase greatly overstates the quality of surveillance oversight that's been provided over the past 15 years.

Given the administration's view -- along with the views of most of the party in power -- Sessions may get what he wants. If nothing else, he's relatively assured of walking away with a clean reauthorization -- barring the leak of any damning NATSEC documents between now and the end of the year. It may turn out the only reform effort put in place will be the NSA's voluntary ditching of the "about" collection.

10 Comments | Leave a Comment..

More posts from Capitalist Lion Tamer >>