jm + snowden   12

Law to allow snooping on social media defies European court ruling
Karlin on fire:
But there’s lots in this legislation that should scare the public far more. For example, the proposal that the legislation should allow the retention of “superfluous data” gathered in the course of an investigation, which is a direct contravention of the ECJ’s demand that surveillance must be targeted and data held must be specifically relevant, not a trawl to be stored for later perusal “just in case”.
Or the claim that interception and retention of data, and access to it, will only be in cases of the most serious crime or terrorism threats. Oh, please. This was, and remains, the supposed basis for our existing, ECJ-invalidated legislation. Yet, as last year’s Gsoc investigation into Garda leaks revealed, it turns out a number of interconnected pieces of national legislation allow at least 10 different agencies access to retained data, including Gsoc, the Competition Authority, local authorities and the Irish Medicines Board.
surveillance  ireland  whatsapp  viber  snowden  snooping  karlin-lillington  facebook  internet  data-retention 
july 2016 by jm
MPs’ private emails are routinely accessed by GCHQ
65% of parliamentary emails are routed via Dublin or the Netherlands, so liable to access via Tempora; NSA's Prism program gives access to all Microsoft Office 365 docs; and MessageLabs, the anti-spam scanning system in use, has a GCHQ backdoor program called Haruspex, allegedly.
snowden  privacy  mps  uk  politics  gchq  nsa  haruspex  messagelabs  symantec  microsoft  parliament 
june 2016 by jm
GCHQ's Spam Problem
'“Spam emails are a large proportion of emails seen in SIGINT [signals intelligence],” reads part of a dense document from the Snowden archive, published by Boing Boing on Tuesday. “GCHQ would like to reduce the impact of spam emails on data storage, processing and analysis.”' (circa 2011). Steganography, anyone? (via Tony Finch)
spam  anti-spam  gchq  funny  boing-boing  sigint  snowden  surveillance 
february 2016 by jm
Exclusive: Snowden intelligence docs reveal UK spooks' malware checklist / Boing Boing
This is an excellent essay from Cory Doctorow on mass surveillance in the post-Snowden era, and the difference between HUMINT and SIGINT. So much good stuff, including this (new to me) cite for, "Goodhart's law", on secrecy as it affects adversarial classification:
The problem with this is that once you accept this framing, and note the happy coincidence that your paymasters just happen to have found a way to spy on everyone, the conclusion is obvious: just mine all of the data, from everyone to everyone, and use an algorithm to figure out who’s guilty. The bad guys have a Modus Operandi, as anyone who’s watched a cop show knows. Find the MO, turn it into a data fingerprint, and you can just sort the firehose’s output into ”terrorist-ish” and ”unterrorist-ish.”

Once you accept this premise, then it’s equally obvious that the whole methodology has to be kept from scrutiny. If you’re depending on three ”tells” as indicators of terrorist planning, the terrorists will figure out how to plan their attacks without doing those three things.

This even has a name: Goodhart's law. "When a measure becomes a target, it ceases to be a good measure." Google started out by gauging a web page’s importance by counting the number of links they could find to it. This worked well before they told people what they were doing. Once getting a page ranked by Google became important, unscrupulous people set up dummy sites (“link-farms”) with lots of links pointing at their pages.
adversarial-classification  classification  surveillance  nsa  gchq  cory-doctorow  privacy  snooping  goodharts-law  google  anti-spam  filtering  spying  snowden 
february 2016 by jm
5 takeaways from the death of safe harbor – POLITICO
Reacting to the ruling, the [EC] stressed that data transfers between the U.S. and Europe can continue on the basis of other legal mechanisms.

A lot rides on what steps the Commission and national data protection supervisors take in response. “It is crucial for legal certainty that the EC sends a clear signal,” said Nauwelaerts.

That could involve providing a timeline for concluding an agreement with U.S. authorities, together with a commitment from national data protection authorities not to block data transfers while negotiations are on-going, he explained.
safe-harbor  data  privacy  eu  ec  snowden  law  us 
october 2015 by jm
EU court adviser: data-share deal with U.S. is invalid | Reuters
The Safe Harbor agreement does not do enough to protect EU citizen's private information when it reached the United States, Yves Bot, Advocate General at the European Court of Justice (ECJ), said. While his opinions are not binding, they tend to be followed by the court's judges, who are currently considering a complaint about the system in the wake of revelations from ex-National Security Agency contractor Edward Snowden of mass U.S. government surveillance.
safe-harbor  law  eu  ec  ecj  snowden  surveillance  privacy  us  data  max-schrems 
september 2015 by jm
IAB Statement on Internet Confidentiality
Newly designed protocols should prefer encryption to cleartext operation. There may be exceptions to this default, but it is important to recognize that protocols do not operate in isolation.  Information leaked by one protocol can be made part of a more substantial body of information by cross-correlation of traffic observation.  There are protocols which may as a result require encryption on the Internet even when it would not be a requirement for that protocol operating in isolation.

We recommend that encryption be deployed throughout the protocol stack since there is not a single place within the stack where all kinds of communication can be protected.


Wow. so much for IPSec
ipsec  iab  ietf  snowden  surveillance  crypto  protocols  internet 
november 2014 by jm
Enemies of the Internet 2014: entities at the heart of censorship and surveillance | Enemies of the Internet
The mass surveillance methods employed in [the UK, USA, and India], many of them exposed by NSA whistleblower Edward Snowden, are all the more intolerable because they will be used and indeed are already being used by authoritarians countries such as Iran, China, Turkmenistan, Saudi Arabia and Bahrain to justify their own violations of freedom of information. How will so-called democratic countries will able to press for the protection of journalists if they adopt the very practices they are criticizing authoritarian regimes for?


This is utterly jaw-dropping -- throughout the world, real-time mass-monitoring infrastructure is silently being dropped into place. France and India are particularly pervasive
journalism  censorship  internet  france  india  privacy  data-protection  surveillance  spying  law  snowden  authoritarianism 
march 2014 by jm
Latest Snowden leak: GCHQ spying on Wikileaks users
“How could targeting an entire website’s user base be necessary or proportionate?” says Gus Hosein, executive director of the London-based human rights group Privacy International. “These are innocent people who are turned into suspects based on their reading habits. Surely becoming a target of a state’s intelligence and security apparatus should require more than a mere click on a link.” The agency’s covert targeting of WikiLeaks, Hosein adds, call into question the entire legal rationale underpinning the state’s system of surveillance. “We may be tempted to see GCHQ as a rogue agency, ungoverned in its use of unprecedented powers generated by new technologies,” he says. “But GCHQ’s actions are authorized by [government] ministers. The fact that ministers are ordering the monitoring of political interests of Internet users shows a systemic failure in the rule of law."
gchq  wikileaks  snowden  privacy  spying  surveillance  politics 
february 2014 by jm
Even the NSA is finding it hard to cope with spam
3 new Snowden leaks, covering acquisition of Yahoo address books, buddy lists, and email account activity, and how spammer activity required intervention to avoid losing useful data in the noise
spam  spammers  nsa  snowden  leaks  anti-spam  yahoo  im  mail 
october 2013 by jm
The US fears back-door routes into the net because it's building them too | Technology | The Observer
one of the most obvious inferences from the Snowden revelations published by the Guardian, New York Times and ProPublica recently is that the NSA has indeed been up to the business of inserting covert back doors in networking and other computing kit.

The reports say that, in addition to undermining all of the mainstream cryptographic software used to protect online commerce, the NSA has been "collaborating with technology companies in the United States and abroad to build entry points into their products". These reports have, needless to say, been strenuously denied by the companies, such as Cisco, that make this networking kit. Perhaps the NSA omitted to tell DARPA what it was up to? In the meantime, I hear that some governments have decided that their embassies should no longer use electronic communications at all, and are returning to employing couriers who travel the world handcuffed to locked dispatch cases. We're back to the future, again.
politics  backdoors  snowden  snooping  networking  cisco  nsa  gchq 
october 2013 by jm

Copy this bookmark:



description:


tags: