jm + surveillance   131

'I've Got Nothing to Hide' and Other Misunderstandings of Privacy by Daniel J. Solove :: SSRN
In this short essay, written for a symposium in the San Diego Law Review, Professor Daniel Solove examines the nothing to hide argument. When asked about government surveillance and data mining, many people respond by declaring: "I've got nothing to hide." According to the nothing to hide argument, there is no threat to privacy unless the government uncovers unlawful activity, in which case a person has no legitimate justification to claim that it remain private. The nothing to hide argument and its variants are quite prevalent, and thus are worth addressing. In this essay, Solove critiques the nothing to hide argument and exposes its faulty underpinnings.


Via Fred Logue
law  philosophy  privacy  security  essay  papers  daniel-solove  surveillance  snooping 
28 days ago by jm
Build a Better Monster: Morality, Machine Learning, and Mass Surveillance

We built the commercial internet by mastering techniques of persuasion and surveillance that we’ve extended to billions of people, including essentially the entire population of the Western democracies. But admitting that this tool of social control might be conducive to authoritarianism is not something we’re ready to face. After all, we're good people. We like freedom. How could we have built tools that subvert it?

As Upton Sinclair said, “It is difficult to get a man to understand something, when his salary depends on his not understanding it.”

I contend that there are structural reasons to worry about the role of the tech industry in American political life, and that we have only a brief window of time in which to fix this.
advertising  facebook  google  internet  politics  surveillance  democracy  maciej-ceglowski  talks  morality  machine-learning 
9 weeks ago by jm
UN privacy watchdog says 'little or no evidence' that mass surveillance works | ZDNet
The United Nations' special rapporteur on privacy has lambasted a spate of new surveillance laws across Europe and the US, saying that there is "little or no evidence" that mass monitoring of communications works. In a report published this week, Prof. Joseph Cannataci, the first privacy watchdog to take up the post, said he was neither convinced of the effectiveness or the proportionality "of some of the extremely privacy-intrusive measures that have been introduced by new surveillance laws."

He also said that bulk records collection, such as call and email metadata, runs the risk of "being hacked by hostile governments or organized crime."

Cannataci singled out recently-passed laws in France, Germany, the UK and the US, all of which have pushed through new legislation in the wake of the threat from the so-called Islamic State. He said that the passed laws amount to "gesture-politics," which in his words, "have seen politicians who wish to be seen to be doing something about security, legislating privacy-intrusive powers into being -- or legalize existing practices -- without in any way demonstrating that this is either a proportionate or indeed an effective way to tackle terrorism." A rise in public support of increased surveillance powers is "predicated on the psychology of fear," he said, referring to the perceived threat of terrorism.
surveillance  law  privacy  un  joseph-cannataci  watchdogs  terrorism  fear  fud 
march 2017 by jm
In praise of cash
'The battle to protect cash is one full of ambiguities - it feels somewhat
like trying to protect good ol' normal capitalism from a Minority Report
surveillance-capitalism'
cash  payment  contactless  surveillance  banking  banks  credit-cards 
march 2017 by jm
Minor Infractions — Real Life
When our son turned 12, we gave him a phone and allowed him to use social media, with a condition: He had no right to privacy. We would periodically and without warning read his texts and go through his messenger app. We would follow him on Facebook, Instagram and Twitter (though we wouldn’t comment or tag him — we’re not monsters). We wouldn’t ambush him about what we read and we wouldn’t attempt to embarrass him. Anything that wasn’t dangerous or illegal, we would ignore.


Food for thought. But not yet!
surveillance  family  kids  privacy  online  social-media  teenagers 
february 2017 by jm
What Vizio was doing behind the TV screen | Federal Trade Commission
This is awful:
Starting in 2014, Vizio made TVs that automatically tracked what consumers were watching and transmitted that data back to its servers. Vizio even retrofitted older models by installing its tracking software remotely. All of this, the FTC and AG allege, was done without clearly telling consumers or getting their consent.

What did Vizio know about what was going on in the privacy of consumers’ homes? On a second-by-second basis, Vizio collected a selection of pixels on the screen that it matched to a database of TV, movie, and commercial content. What’s more, Vizio identified viewing data from cable or broadband service providers, set-top boxes, streaming devices, DVD players, and over-the-air broadcasts. Add it all up and Vizio captured as many as 100 billion data points each day from millions of TVs.

Vizio then turned that mountain of data into cash by selling consumers’ viewing histories to advertisers and others. And let’s be clear: We’re not talking about summary information about national viewing trends. According to the complaint, Vizio got personal. The company provided consumers’ IP addresses to data aggregators, who then matched the address with an individual consumer or household. Vizio’s contracts with third parties prohibited the re-identification of consumers and households by name, but allowed a host of other personal details – for example, sex, age, income, marital status, household size, education, and home ownership.  And Vizio permitted these companies to track and target its consumers across devices.

That’s what Vizio was up to behind the screen, but what was the company telling consumers? Not much, according to the complaint.

Vizio put its tracking functionality behind a setting called “Smart Interactivity.”  But the FTC and New Jersey AG say that the generic way the company described that feature – for example, “enables program offers and suggestions” – didn’t give consumers the necessary heads-up to know that Vizio was tracking their TV’s every flicker. (Oh, and the “Smart Interactivity” feature didn’t even provide the promised “program offers and suggestions.”)
privacy  ftc  surveillance  tv  vizio  ads  advertising  smart-tvs 
february 2017 by jm
IPBill ICRs are the perfect material for 21st-century blackmail
ICRs are the perfect material for blackmail, which makes them valuable in a way that traditional telephone records are not. And where potentially large sums of money are involved, corruption is sure to follow. Even if ICR databases are secured with the best available technology, they are still vulnerable to subversion by individuals whose jobs give them ready access.
This is no theoretical risk. Just one day ago, it emerged that corrupt insiders at offshore call centres used by Australian telecoms were offering to sell phone records, home addresses, and other private details of customers. Significantly, the price requested was more if the target was an Australian "VIP, politician, police [or] celebrity."
blackmail  privacy  uk-politics  uk  snooping  surveillance  icrs  australia  phone-records 
november 2016 by jm
Stealth Cell Tower
'an antagonistic GSM base station [disguised] in the form of an innocuous office printer. It brings the covert design practice of disguising cellular infrastructure as other things - like trees and lamp-posts - indoors, while mimicking technology used by police and intelligence agencies to surveil mobile phone users.'
gsm  hardware  art  privacy  surveillance  hacks  printers  mobile-phones 
november 2016 by jm
Remarks at the SASE Panel On The Moral Economy of Tech
Excellent talk. I love this analogy for ML applied to real-world data which affects people:
Treating the world as software promotes fantasies of control. And the best kind of control is control without responsibility. Our unique position as authors of software used by millions gives us power, but we don't accept that this should make us accountable. We're programmers—who else is going to write the software that runs the world? To put it plainly, we are surprised that people seem to get mad at us for trying to help. Fortunately we are smart people and have found a way out of this predicament. Instead of relying on algorithms, which we can be accused of manipulating for our benefit, we have turned to machine learning, an ingenious way of disclaiming responsibility for anything. Machine learning is like money laundering for bias. It's a clean, mathematical apparatus that gives the status quo the aura of logical inevitability. The numbers don't lie.


Particularly apposite today given Y Combinator's revelation that they use an AI bot to help 'sift admission applications', and don't know what criteria it's using: https://twitter.com/aprjoy/status/783032128653107200
culture  ethics  privacy  technology  surveillance  ml  machine-learning  bias  algorithms  software  control 
october 2016 by jm
Snooping powers saw 13 people wrongly held on child sex charges in the UK
Sorry, Daily Mail article --
Blunders in the use of controversial snooping powers meant 13 people were wrongly arrested last year on suspicion of being paedophiles. Another four individuals had their homes searched by detectives following errors in attempts to access communications data, a watchdog revealed yesterday.

Other mistakes also included people unconnected to an investigation being visited by police and delayed welfare checks on vulnerable people including children whose lives were at risk, said the Interception of Communications Commissioner. [....] A large proportion of the errors involved an internet address which was wrongly linked to an individual.

Of the 23 serious mistakes, 14 were human errors and the other nine ‘technical system errors’.
surveillance  ip-addresses  privacy  uk  daily-mail  snooping  interception  errors 
september 2016 by jm
Law to allow snooping on social media defies European court ruling
Karlin on fire:
But there’s lots in this legislation that should scare the public far more. For example, the proposal that the legislation should allow the retention of “superfluous data” gathered in the course of an investigation, which is a direct contravention of the ECJ’s demand that surveillance must be targeted and data held must be specifically relevant, not a trawl to be stored for later perusal “just in case”.
Or the claim that interception and retention of data, and access to it, will only be in cases of the most serious crime or terrorism threats. Oh, please. This was, and remains, the supposed basis for our existing, ECJ-invalidated legislation. Yet, as last year’s Gsoc investigation into Garda leaks revealed, it turns out a number of interconnected pieces of national legislation allow at least 10 different agencies access to retained data, including Gsoc, the Competition Authority, local authorities and the Irish Medicines Board.
surveillance  ireland  whatsapp  viber  snowden  snooping  karlin-lillington  facebook  internet  data-retention 
july 2016 by jm
Self-driving cars: overlooking data privacy is a car crash waiting to happen
Interesting point -- self-driving cars are likely to be awash in telemetry data, "phoned home"
self-driving  cars  vehicles  law  data  privacy  data-privacy  surveillance 
july 2016 by jm
Cops Use Stingray To Almost Track Down Suspected Fast Food Thief
Law enforcement spokespeople will often point to the handful of homicide or kidnapping investigations successfully closed with the assistance of cell site simulators, but they'll gloss over the hundreds of mundane deployments performed by officers who will use anything that makes their job easier -- even if it's a tool that's Constitutionally dubious.

Don't forget, when a cell site simulator is deployed, it gathers cell phone info from everyone in the surrounding area, including those whose chicken wings have been lawfully purchased. And all of this data goes... somewhere and is held onto for as long as the agency feels like it, because most agencies don't seem to have Stingray data retention policies in place until after they've been FOIA'ed/questioned by curious legislators.

Regular policework -- which seemed to function just fine without cell tracking devices -- now apparently can't be done without thousands of dollars of military equipment. And it's not just about the chicken wing thieves law enforcement can't locate. It's about the murder suspects who are caught but who walk away when the surveillance device wipes its feet on the Fourth Amendment as it serves up questionable, post-facto search warrants and pen register orders.
stingrays  mobile  surveillance  imsi-catchers  data-retention  privacy  chicken-wings  fast-food 
june 2016 by jm
Ireland goes Big Brother as police upgrade snooping abilities - The Register
The Garda Síochána has proposed to expand its surveillance on Irish citizens by swelling the amount of data it collects on them through an increase in its CCTV and ANPR set-ups, and will also introduce facial and body-in-a-crowd biometrics technologies. [...] The use of Automated Facial Recognition (AFR) technology is fairly troubled in the UK, with the independent biometrics commissioner warning the government that it was risking inviting a legal challenge back in March. It is no less of an issue in Ireland, where the Data Protection Commissioner (DPC) audited Facebook in 2011 and 2012, and scolded the Zuckerborg over its use of facial recognition technology.
afr  facial-recognition  minority-report  surveillance  ireland  gardai  cctv  anpr  biometrics  privacy 
june 2016 by jm
Not 'Going Dark': 15 Out Of 15 Most Recent EU Terrorists Were Known To The Authorities In Multiple Ways | Techdirt
Comprehensive surveillance appears as seemingly inexpensive because it is a solution that scales thanks to technology: troubleshooting at the press of a button. Directly linked with the aim of saving more and more, just as with the State in general. But classic investigative work, which is proven to work, is expensive and labor intensive. This leads to a failure by the authorities because of a faith in technology that is driven by economics.
tech  surveillance  techdirt  terrorism  brussels  crypto  going-dark 
april 2016 by jm
Mass surveillance silences minority opinions, according to study - The Washington Post
This is excellent research, spot on.
Elizabeth Stoycheff, lead researcher of the study and assistant professor at Wayne State University, is disturbed by her findings. “So many people I've talked with say they don't care about online surveillance because they don't break any laws and don't have anything to hide. And I find these rationales deeply troubling,” she said.

She said that participants who shared the “nothing to hide” belief, those who tended to support mass surveillance as necessary for national security, were the most likely to silence their minority opinions.

“The fact that the 'nothing to hide' individuals experience a significant chilling effect speaks to how online privacy is much bigger than the mere lawfulness of one's actions. It's about a fundamental human right to have control over one's self-presentation and image, in private, and now, in search histories and metadata,” she said.
culture  privacy  psychology  surveillance  mass-surveillance  via:snowden  nothing-to-hide  spiral-of-silence  fear 
march 2016 by jm
Microsoft warns of risks to Irish operation in US search warrant case

“Our concern is that if we lose the case more countries across Europe or elsewhere are going to be concerned about having their data in Ireland, ” Mr Smith said, after testifying before the House judiciary committee.
Asked what would happen to its Irish unit if the company loses the case or doesn’t convince Congress to pass updated legislation governing cross-border data held by American companies, the Microsoft executive said: “We’ll certainly face a new set of risks that we don’t face today.”
He added that the issue could be resolved by an executive order by the White House or through international negotiations between the Irish Government or the European Union and the US.
microsoft  data  privacy  us-politics  surveillance  usa 
february 2016 by jm
The NSA’s SKYNET program may be killing thousands of innocent people
Death by Random Forest: this project is a horrible misapplication of machine learning. Truly appalling, when a false positive means death:

The NSA evaluates the SKYNET program using a subset of 100,000 randomly selected people (identified by their MSIDN/MSI pairs of their mobile phones), and a a known group of seven terrorists. The NSA then trained the learning algorithm by feeding it six of the terrorists and tasking SKYNET to find the seventh. This data provides the percentages for false positives in the slide above.

"First, there are very few 'known terrorists' to use to train and test the model," Ball said. "If they are using the same records to train the model as they are using to test the model, their assessment of the fit is completely bullshit. The usual practice is to hold some of the data out of the training process so that the test includes records the model has never seen before. Without this step, their classification fit assessment is ridiculously optimistic."

The reason is that the 100,000 citizens were selected at random, while the seven terrorists are from a known cluster. Under the random selection of a tiny subset of less than 0.1 percent of the total population, the density of the social graph of the citizens is massively reduced, while the "terrorist" cluster remains strongly interconnected. Scientifically-sound statistical analysis would have required the NSA to mix the terrorists into the population set before random selection of a subset—but this is not practical due to their tiny number.

This may sound like a mere academic problem, but, Ball said, is in fact highly damaging to the quality of the results, and thus ultimately to the accuracy of the classification and assassination of people as "terrorists." A quality evaluation is especially important in this case, as the random forest method is known to overfit its training sets, producing results that are overly optimistic. The NSA's analysis thus does not provide a good indicator of the quality of the method.
terrorism  surveillance  nsa  security  ai  machine-learning  random-forests  horror  false-positives  classification  statistics 
february 2016 by jm
GCHQ's Spam Problem
'“Spam emails are a large proportion of emails seen in SIGINT [signals intelligence],” reads part of a dense document from the Snowden archive, published by Boing Boing on Tuesday. “GCHQ would like to reduce the impact of spam emails on data storage, processing and analysis.”' (circa 2011). Steganography, anyone? (via Tony Finch)
spam  anti-spam  gchq  funny  boing-boing  sigint  snowden  surveillance 
february 2016 by jm
Exclusive: Snowden intelligence docs reveal UK spooks' malware checklist / Boing Boing
This is an excellent essay from Cory Doctorow on mass surveillance in the post-Snowden era, and the difference between HUMINT and SIGINT. So much good stuff, including this (new to me) cite for, "Goodhart's law", on secrecy as it affects adversarial classification:
The problem with this is that once you accept this framing, and note the happy coincidence that your paymasters just happen to have found a way to spy on everyone, the conclusion is obvious: just mine all of the data, from everyone to everyone, and use an algorithm to figure out who’s guilty. The bad guys have a Modus Operandi, as anyone who’s watched a cop show knows. Find the MO, turn it into a data fingerprint, and you can just sort the firehose’s output into ”terrorist-ish” and ”unterrorist-ish.”

Once you accept this premise, then it’s equally obvious that the whole methodology has to be kept from scrutiny. If you’re depending on three ”tells” as indicators of terrorist planning, the terrorists will figure out how to plan their attacks without doing those three things.

This even has a name: Goodhart's law. "When a measure becomes a target, it ceases to be a good measure." Google started out by gauging a web page’s importance by counting the number of links they could find to it. This worked well before they told people what they were doing. Once getting a page ranked by Google became important, unscrupulous people set up dummy sites (“link-farms”) with lots of links pointing at their pages.
adversarial-classification  classification  surveillance  nsa  gchq  cory-doctorow  privacy  snooping  goodharts-law  google  anti-spam  filtering  spying  snowden 
february 2016 by jm
Why is Safe Harbour II such a challenge? - EDRi
The only possible deal that is immediately available is where the European Commission agrees a politically expeditious but legally untenable deal, creating a time bomb rather than a durable deal, to the benefit of no one. In absence of reforms before an agreement, individuals’ fundamental rights would remain under threat.
edri  law  eu  ec  ecj  surveillance  snooping  us-politics  safe-harbor 
february 2016 by jm
Journalists, this GSOC story isn’t all about you, you know
Karlin Lillington in the Irish Times, going through journos for a shortcut:
All the hand-wringing from journalists, unions and media companies – even politicians and ministers – over the GSOC’s accessing of journalist’s call records? Oh, please. What wilful ignorance, mixed with blatant hypocrisy. Where have you all been for the past decade and a half, as successive Irish governments and ministers for justice supported and then rammed through legislation for mandatory call data retention for one of the longest periods in the world, with some of the weakest legal constraints and oversight?
karlin-lillington  privacy  data-protection  dri  law  journalists  gsoc  surveillance  data-retention 
january 2016 by jm
How Stingrays were unmasked
'THE DRAGNET: How a man accused of million-dollar fraud uncovered a never before seen, secret surveillance device'
stingrays  crime  fraud  surveillance  mobile  police  imsi-catchers 
january 2016 by jm
Big Brother is born. And we find out 15 years too late to stop him - The Register
During the passage of RIPA, and in many debates since 2000, Parliament was asked to consider and require data retention by telephone companies, claiming that the information was vital to fighting crime and terrorism. But Prime Minister Tony Blair and successive Home Secretaries David Blunkett and Jack Straw never revealed to Parliament that at the same time, the government was constantly siphoning up and storing all telephone call records at NTAC.

As a result, MPs and peers spent months arguing about a pretence, and in ignorance of the cost and human rights implications of what successive governments were doing in secret.
ripa  big-brother  surveillance  preston  uk  gchq  mi5  law  snooping 
december 2015 by jm
The Moral Failure of Computer Scientists - The Atlantic
Phillip Rogaway, a professor of CS at UC Davis, contends that computer scientists should stand up against the construction of surveillance states built using their work:
Waddell: In your paper, you compare the debate over nuclear science in the 1950s to the current debate over cryptography. Nuclear weapons are one of the most obvious threats to humanity today — do you think surveillance presents a similar type of danger?

Rogaway: I do. It’s of a different nature, obviously. The threat is more indirect and more subtle. So with nuclear warfare, there was this visually compelling and frightening risk of going up in a mushroom cloud. And with the transition to a state of total surveillance, what we have is just the slow forfeiture of democracy.
ethics  cryptography  crypto  surveillance  politics  phillip-rogaway  morals  speaking-out  government 
december 2015 by jm
Lisa Jones, girlfriend of undercover policeman Mark Kennedy: ‘I thought I knew him better than anyone’ | UK news | The Guardian
She thought they were a normal couple until she found a passport in a glovebox – and then her world shattered. Now she is finally getting compensation and a police apology for that surreal, state-sponsored deception. But she still lies awake and wonders: did he ever really love me?


I can't believe this was going on in the 2000s!
surveillance  police  uk  undercover  scandals  policing  environmentalism  greens 
november 2015 by jm
Floating car data
Floating car data (FCD), also known as floating cellular data, is a method to determine the traffic speed on the road network. It is based on the collection of localization data, speed, direction of travel and time information from mobile phones in vehicles that are being driven. These data are the essential source for traffic information and for most intelligent transportation systems (ITS). This means that every vehicle with an active mobile phone acts as a sensor for the road network. Based on these data, traffic congestion can be identified, travel times can be calculated, and traffic reports can be rapidly generated. In contrast to traffic cameras, number plate recognition systems, and induction loops embedded in the roadway, no additional hardware on the road network is necessary.
surveillance  cars  driving  mobile-phones  phones  travel  gsm  monitoring  anpr  alpr  traffic 
november 2015 by jm
Did you know that Dublin Airport is recording your phone's data? - Newstalk
Ugh. Queue tracking using secret MAC address tracking in Dublin Airport:
"I think the fundamental issue is one of consent. Dublin Airport have been tracking individual MAC addresses since 2012 and there doesn't appear to be anywhere in the airport where they warn passengers that this is this occurring. "If they have to signpost CCTV, then mobile phone tracking should at a very minimum be sign-posted for passengers," he continues.


And how long are MAC addresses retained for, I wonder?
mac-addresses  dublin-airport  travel  privacy  surveillance  tracking  wifi  phones  cctv  consent 
november 2015 by jm
Red lines and no-go zones - the coming surveillance debate
The Anderson Report to the House of Lords in the UK on RIPA introduces a concept of a "red line":
"Firm limits must also be written into the law: not merely safeguards, but red lines that may not be crossed." …   
"Some might find comfort in a world in which our every interaction and movement could be recorded, viewed in real time and indefinitely retained for possible future use by the authorities. Crime fighting, security, safety or public health justifications are never hard to find." [13.19] 

The Report then gives examples, such as a perpetual video feed from every room in every house, the police undertaking to view the record only on receipt of a complaint; blanket drone-based surveillance; licensed service providers, required as a condition of the licence to retain within the jurisdiction a complete plain-text version of every communication to be made available to the authorities on request; a constant data feed from vehicles, domestic appliances and health-monitoring personal devices; fitting of facial recognition software to every CCTV camera and the insertion of a location-tracking chip under every individual's skin.

It goes on:
"The impact of such powers on the innocent could be mitigated by the usual apparatus of safeguards, regulators and Codes of Practice. But a country constructed on such a basis would surely be intolerable to many of its inhabitants. A state that enjoyed all those powers would be truly totalitarian, even if the authorities had the best interests of its people at heart." [13.20] …  

"The crucial objection is that of principle. Such a society would have gone beyond Bentham's Panopticon (whose inmates did not know they were being watched) into a world where constant surveillance was a certainty and quiescence the inevitable result. There must surely come a point (though it comes at different places for different people) where the escalation of intrusive powers becomes too high a price to pay for a safer and more law abiding environment." [13.21]
panopticon  jeremy-bentham  law  uk  dripa  ripa  surveillance  spying  police  drones  facial-recognition  future  tracking  cctv  crime 
november 2015 by jm
London garden bridge users to have mobile phone signals tracked
If it goes ahead, people’s progress across the structure would be tracked by monitors detecting the Wi-Fi signals from their phones, which show up the device’s Mac address, or unique identifying code. The Garden Bridge Trust says it will not store any of this data and is only tracking phones to count numbers and prevent overcrowding.

london  surveillance  mobile-phones  mac-trackers  tracking 
november 2015 by jm
Tech companies like Facebook not above the law, says Max Schrems
“Big companies didn’t only rely on safe harbour: they also rely on binding corporate rules and standard contractual clauses. But it’s interesting that the court decided the case on fundamental rights grounds: so it doesn’t matter remotely what ground you transfer on, if that process is still illegal under 7 and 8 of charter, it can’t be done.”


Also:
“Ireland has no interest in doing its job, and will continue not to, forever. Clearly it’s an investment issue – but overall the policy is: we don’t regulate companies here. The cost of challenging any of this in the courts is prohibitive. And the people don’t seem to care.”


:(
ireland  guardian  max-schrems  privacy  surveillance  safe-harbor  eu  us  nsa  dpc  data-protection 
october 2015 by jm
net.wars: Unsafe harbor
Wendy Grossman on where the Safe Harbor decision is leading.
One clause would require European companies to tell their relevant data protection authorities if they are being compelled to turn over data - even if they have been forbidden to disclose this under US law. Sounds nice, but doesn't mobilize the rock or soften the hard place, since companies will still have to pick a law to violate. I imagine the internal discussions there revolving around two questions: which violation is less likely to land the CEO in jail and which set of fines can we afford?


(via Simon McGarr)
safe-harbor  privacy  law  us  eu  surveillance  wendy-grossman  via:tupp_ed 
october 2015 by jm
ECJ ruling on Irish privacy case has huge significance
The only current way to comply with EU law, the judgment indicates, is to keep EU data within the EU. Whether those data can be safely managed within facilities run by US companies will not be determined until the US rules on an ongoing Microsoft case.
Microsoft stands in contempt of court right now for refusing to hand over to US authorities, emails held in its Irish data centre. This case will surely go to the Supreme Court and will be an extremely important determination for the cloud business, and any company or individual using data centre storage. If Microsoft loses, US multinationals will be left scrambling to somehow, legally firewall off their EU-based data centres from US government reach.


(cough, Amazon)
aws  hosting  eu  privacy  surveillance  gchq  nsa  microsoft  ireland 
october 2015 by jm
The Surveillance Elephant in the Room…
Very perceptive post on the next steps for safe harbor, post-Schrems.
And behind that elephant there are other elephants: if US surveillance and surveillance law is a problem, then what about UK surveillance? Is GCHQ any less intrusive than the NSA? It does not seem so – and this puts even more pressure on the current reviews of UK surveillance law taking place. If, as many predict, the forthcoming Investigatory Powers Bill will be even more intrusive and extensive than current UK surveillance laws this will put the UK in a position that could rapidly become untenable. If the UK decides to leave the EU, will that mean that the UK is not considered a safe place for European data? Right now that seems the only logical conclusion – but the ramifications for UK businesses could be huge.

[....] What happens next, therefore, is hard to foresee. What cannot be done, however, is to ignore the elephant in the room. The issue of surveillance has to be taken on. The conflict between that surveillance and fundamental human rights is not a merely semantic one, or one for lawyers and academics, it’s a real one. In the words of historian and philosopher Quentin Skinner “the current situation seems to me untenable in a democratic society.” The conflict over Safe Harbor is in many ways just a symptom of that far bigger problem. The biggest elephant of all.
ec  cjeu  surveillance  safe-harbor  schrems  privacy  europe  us  uk  gchq  nsa 
october 2015 by jm
Daragh O'Brien on the CJEU judgement on Safe Harbor
Many organisations I've spoken to have had the cunning plan of adopting model contract clauses as their fall back position to replace their reliance on Safe Harbor. [....] The best that can be said for Model Clauses is that they haven't been struck down by the CJEU. Yet.
model-clauses  cjeu  eu  europe  safe-harbor  us  nsa  surveillance  privacy  law 
october 2015 by jm
Schneier on Automatic Face Recognition and Surveillance
When we talk about surveillance, we tend to concentrate on the problems of data collection: CCTV cameras, tagged photos, purchasing habits, our writings on sites like Facebook and Twitter. We think much less about data analysis. But effective and pervasive surveillance is just as much about analysis. It's sustained by a combination of cheap and ubiquitous cameras, tagged photo databases, commercial databases of our actions that reveal our habits and personalities, and ­-- most of all ­-- fast and accurate face recognition software.

Don't expect to have access to this technology for yourself anytime soon. This is not facial recognition for all. It's just for those who can either demand or pay for access to the required technologies ­-- most importantly, the tagged photo databases. And while we can easily imagine how this might be misused in a totalitarian country, there are dangers in free societies as well. Without meaningful regulation, we're moving into a world where governments and corporations will be able to identify people both in real time and backwards in time, remotely and in secret, without consent or recourse.

Despite protests from industry, we need to regulate this budding industry. We need limitations on how our images can be collected without our knowledge or consent, and on how they can be used. The technologies aren't going away, and we can't uninvent these capabilities. But we can ensure that they're used ethically and responsibly, and not just as a mechanism to increase police and corporate power over us.
privacy  regulation  surveillance  bruce-schneier  faces  face-recognition  machine-learning  ai  cctv  photos 
october 2015 by jm
From Radio to Porn, British Spies Track Web Users’ Online Identities
Inside KARMA POLICE, GCHQ's mass-surveillance operation aimed to record the browsing habits of "every visible user on the internet", including UK-to-UK internal traffic. more details on the other GCHQ mass surveillance projects at https://theintercept.com/gchq-appendix/
surveillance  gchq  security  privacy  law  uk  ireland  karma-police  snooping 
september 2015 by jm
What Happens Next Will Amaze You
Maciej Ceglowski's latest talk, on ads, the web, Silicon Valley and government:
'I went to school with Bill. He's a nice guy. But making him immortal is not going to make life better for anyone in my city. It will just exacerbate the rent crisis.'
talks  slides  funny  ads  advertising  internet  web  privacy  surveillance  maciej  silicon-valley 
september 2015 by jm
EU court adviser: data-share deal with U.S. is invalid | Reuters
The Safe Harbor agreement does not do enough to protect EU citizen's private information when it reached the United States, Yves Bot, Advocate General at the European Court of Justice (ECJ), said. While his opinions are not binding, they tend to be followed by the court's judges, who are currently considering a complaint about the system in the wake of revelations from ex-National Security Agency contractor Edward Snowden of mass U.S. government surveillance.
safe-harbor  law  eu  ec  ecj  snowden  surveillance  privacy  us  data  max-schrems 
september 2015 by jm
The Violence of Algorithms: Why Big Data Is Only as Smart as Those Who Generate It
The modern state system is built on a bargain between governments and citizens. States provide collective social goods, and in turn, via a system of norms, institutions, regulations, and ethics to hold this power accountable, citizens give states legitimacy. This bargain created order and stability out of what was an increasingly chaotic global system. If algorithms represent a new ungoverned space, a hidden and potentially ever-evolving unknowable public good, then they are an affront to our democratic system, one that requires transparency and accountability in order to function. A node of power that exists outside of these bounds is a threat to the notion of collective governance itself. This, at its core, is a profoundly undemocratic notion—one that states will have to engage with seriously if they are going to remain relevant and legitimate to their digital citizenry who give them their power.
palantir  algorithms  big-data  government  democracy  transparency  accountability  analytics  surveillance  war  privacy  protest  rights 
june 2015 by jm
How the NSA Converts Spoken Words Into Searchable Text - The Intercept
This hits the nail on the head, IMO:
To Phillip Rogaway, a professor of computer science at the University of California, Davis, keyword-search is probably the “least of our problems.” In an email to The Intercept, Rogaway warned that “When the NSA identifies someone as ‘interesting’ based on contemporary NLP methods, it might be that there is no human-understandable explanation as to why beyond: ‘his corpus of discourse resembles those of others whom we thought interesting'; or the conceptual opposite: ‘his discourse looks or sounds different from most people’s.' If the algorithms NSA computers use to identify threats are too complex for humans to understand, it will be impossible to understand the contours of the surveillance apparatus by which one is judged.  All that people will be able to do is to try your best to behave just like everyone else.”
privacy  security  gchq  nsa  surveillance  machine-learning  liberty  future  speech  nlp  pattern-analysis  cs 
may 2015 by jm
EU-US data pact skewered in court hearing
A lawyer for the European Commission told an EU judge on Tuesday (24 March) he should close his Facebook page if he wants to stop the US snooping on him, in what amounts to an admission that Safe Harbour, an EU-US data protection pact, doesn’t work.
safe-harbour  privacy  data-protection  ecj  eu  ec  surveillance  facebook  nsa  gchq 
march 2015 by jm
Meet the man whose utopian vision for the Internet conquered, and then warped, Silicon Valley - The Washington Post
Thought-provoking article looking back to John Perry Barlow's "A Declaration of the Independence of Cyberspace", published in 1996:
Barlow once wrote that “trusting the government with your privacy is like having a Peeping Tom install your window blinds.” But the Barlovian focus on government overreach leaves its author and other libertarians blind to the same encroachments on our autonomy from the private sector. The bold and romantic techno-utopian ideals of “A Declaration” no longer need to be fought for, because they’re already gone.
john-perry-barlow  1990s  history  cyberspace  internet  surveillance  privacy  data-protection  libertarianism  utopian  manifestos 
march 2015 by jm
The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle
Holy shit. Gemalto totally rooted.
With [Gemalto's] stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.

[...] According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ secret access. We “believe we have their entire network,” the slide’s author boasted about the operation against Gemalto.
encryption  security  crypto  nsa  gchq  gemalto  smartcards  sim-cards  privacy  surveillance  spying 
february 2015 by jm
Police have asked Dropcam for video from people's home cameras -- Fusion
“Like any responsible father, Hugh Morrison had installed cameras in every room in the flat,” is the opening line of Intrusion, a 2012 novel set in the near future. Originally installed so that Hugh and his wife can keep an eye on their kids, the Internet-connected cameras wind up being used later in the novel by police who tap into the feeds to monitor the couple chatting on their couch when they are suspected of anti-societal behavior. As with so many sci-fi scenarios, the novel’s vision was prophetic. People are increasingly putting small Internet-connected cameras into their homes. And law enforcement officials are using the cameras to collect evidence about them.
privacy  dropcam  cameras  surveillance  law-enforcement 
february 2015 by jm
Superfish: A History Of Malware Complaints And International Surveillance - Forbes
Superfish, founded and led by former Intel employee and ex-surveillance boffin Adi Pinhas, has been criticised by users the world over since its inception in 2006.
superfish  lenovo  privacy  surveillance  ads  java  windows  mac  firefox  pups  ssl  tls  ad-injection  komodia 
february 2015 by jm
How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last
'"Equation Group" ran the most advanced hacking operation ever uncovered.' Mad stuff. The security industry totally failed here
nsa  privacy  security  surveillance  hacking  keyloggers  malware 
february 2015 by jm
Sign up for Privacy International's anti-surveillance campaign
Have you ever made a phone call, sent an email, or, you know, used the internet? Of course you have!

Chances are, at some point over the past decade, your communications were swept up by the U.S. National Security Agency. The NSA then shares information with the UK Government's intelligence agency GCHQ by default. A recent court ruling found that this sharing was unlawful. But no one could find out if their records were collected and then illegally shared between these two agencies… until now!

Because of our recent victory against the UK intelligence agency in court, now anyone in the world — yes, ANYONE, including you — can find out if GCHQ illegally received information about you from the NSA. Join our campaign by entering your details below to find out if GCHQ illegally spied on you, and confirm via the email we send you. We'll then go to court demanding that they finally come clean on unlawful surveillance.
gchq  nsa  spying  surveillance  internet  phone  uk  law  campaign  privacy-international 
february 2015 by jm
UK-US surveillance regime was unlawful ‘for seven years’ | UK news | The Guardian
The regime that governs the sharing between Britain and the US of electronic communications intercepted in bulk was unlawful until last year, a secretive UK tribunal has ruled.

The Investigatory Powers Tribunal (IPT) declared on Friday that regulations covering access by Britain’s GCHQ to emails and phone records intercepted by the US National Security Agency (NSA) breached human rights law.
gchq  surveillance  uk  nsa  law  tribunals 
february 2015 by jm
Coining "Dysguria"
“dysaguria” is the perfect noun, and “dysagurian” is the perfect adjective, to describe the eponymous company in Dave Eggers’ The Circle. It’s not in the same league as Orwell, or Huxley, or Bradbury, or Burgess. But it does raise very important questions about what could possibly go wrong if one company controlled all the world’s information. In the novel, the company operates according to the motto “all that happens must be known”; and one of its bosses, Eamon Bailey, encourages everywoman employee Mae Holland to live an always-on (clear, transparent) life according the maxims “secrets are lies”, “sharing is caring”, and “privacy is theft”. Eggers’s debts to dystopian fiction are apparent. But, whereas writers like Orwell, Huxley, Bradbury, and Burgess were concerned with totalitarian states, Eggers is concerned with a totalitarian company. However, the noun “dystopia” and the adjective “dystopian” – perfect though they are for the terror of military/security authoritarianism in 1984, or Brave new World, or Farenheit 451, or A Clockwork Orange – do not to my mind encapsulate the nightmare of industrial/corporate tyranny in The Circle. On the other hand, “dysaguria” as a noun and “dysagurian” as an adjective, in my view really do capture the essence of that “frightening company”.
dysaguria  dystopia  future  sf  authoritarianism  surveillance  the-circle  google  facebook 
february 2015 by jm
EFF’s Game Plan for Ending Global Mass Surveillance
For years, we’ve been working on a strategy to end mass surveillance of digital communications of innocent people worldwide. Today we’re laying out the plan, so you can understand how all the pieces fit together—that is, how U.S. advocacy and policy efforts connect to the international fight and vice versa. Decide for yourself where you can get involved to make the biggest difference.

This plan isn’t for the next two weeks or three months. It’s a multi-year battle that may need to be revised many times as we better understand the tools and authorities of entities engaged in mass surveillance and as more disclosures by whistleblowers help shine light on surveillance abuses.
eff  privacy  nsa  surveillance  gchq  law  policy  us-politics 
january 2015 by jm
Debunking The Dangerous “If You Have Nothing To Hide, You Have Nothing To Fear”
A great resource bookmark from Falkvinge.
There are at least four good reasons to reject this argument solidly and uncompromisingly: The rules may change, it’s not you who determine if you’re guilty, laws must be broken for society to progress, and privacy is a basic human need.
nsa  politics  privacy  security  surveillance  gchq  rick-falkvinge  society 
january 2015 by jm
How to Catch a Terrorist - The New Yorker
This is spot on --
By flooding the system with false positives, big-data approaches to counterterrorism might actually make it harder to identify real terrorists before they act. Two years before the Boston Marathon bombing, Tamerlan Tsarnaev, the older of the two brothers alleged to have committed the attack, was assessed by the city’s Joint Terrorism Task Force. They determined that he was not a threat. This was one of about a thousand assessments that the Boston J.T.T.F. conducted that year, a number that had nearly doubled in the previous two years, according to the Boston F.B.I. As of 2013, the Justice Department has trained nearly three hundred thousand law-enforcement officers in how to file “suspicious-activity reports.” In 2010, a central database held about three thousand of these reports; by 2012 it had grown to almost twenty-eight thousand. “The bigger haystack makes it harder to find the needle,” Sensenbrenner told me. Thomas Drake, a former N.S.A. executive and whistle-blower who has become one of the agency’s most vocal critics, told me, “If you target everything, there’s no target.”
terrorism  false-positives  filtering  detection  jttf  nsa  fbi  surveillance  gchq 
january 2015 by jm
Surveillance of social media not way to fight terrorism – Minister
Blanket surveillance of social media is not the solution to combating terrorism and the rights of the individual to privacy must be protected, Data Protection Minister Dara Murphy said on Monday. [He] said Ireland and the European Union must protect the privacy rights of individuals on social media. “Freedom of expression, freedom of movement, and the protection of privacy are core tenets of the European Union, which must be upheld.”
dara-murphy  data-protection  privacy  surveillance  europe  eu  ireland  social-media 
january 2015 by jm
Amazing comment from a random sysadmin who's been targeted by the NSA
'Here's a story for you.
I'm not a party to any of this. I've done nothing wrong, I've never been suspected of doing anything wrong, and I don't know anyone who has done anything wrong. I don't even mean that in the sense of "I pissed off the wrong people but technically haven't been charged." I mean that I am a vanilla, average, 9-5 working man of no interest to anybody. My geographical location is an accident of my birth. Even still, I wasn't accidentally born in a high-conflict area, and my government is not at war. I'm a sysadmin at a legitimate ISP and my job is to keep the internet up and running smoothly.
This agency has stalked me in my personal life, undermined my ability to trust my friends attempting to connect with me on LinkedIn, and infected my family's computer. They did this because they wanted to bypass legal channels and spy on a customer who pays for services from my employer. Wait, no, they wanted the ability to potentially spy on future customers. Actually, that is still not accurate - they wanted to spy on everybody in case there was a potentially bad person interacting with a customer.
After seeing their complete disregard for anybody else, their immense resources, and their extremely sophisticated exploits and backdoors - knowing they will stop at nothing, and knowing that I was personally targeted - I'll be damned if I can ever trust any electronic device I own ever again.
You all rationalize this by telling me that it "isn't surprising", and that I don't live in the [USA,UK] and therefore I have no rights.
I just have one question.
Are you people even human?'
nsa  via:ioerror  privacy  spying  surveillance  linkedin  sysadmins  gchq  security 
january 2015 by jm
Ever liked a film on Facebook? You’ve given the security services a key to your soul
The researchers started with 86,000 subjects who had filled out the 100-question personality profile – and this, of course, was done as another app on Facebook – and whose personality scores had been matched by algorithms with their Facebook likes. They then found 17,000 who were willing to have a friend or family member take the personality test on their behalf, trying to predict the answers they would give.

The results, from most humans, were stunningly inaccurate. Friends, family and co-workers were all less able to predict how someone would fill out a personality test than the algorithms that had been primed with the subject’s Facebook likes. With only 10 likes to work on, the computer was more accurate than a work colleague would be. With 150 likes, it described the subject’s personality better than a parent or sibling could. And with 300 likes to work on, it was more accurate than a spouse.
likes  facebook  privacy  prism  surveillance  profiling  personality 
january 2015 by jm
Global Chilling: The Impact of Mass Surveillance on International Writers | PEN American Center
The report’s revelations, based on a survey of nearly 800 writers worldwide, are alarming. Concern about surveillance is now nearly as high among writers living in democracies (75%) as among those living in non-democracies (80%). The levels of self-censorship reported by writers living in democratic countries are approaching the levels reported by writers living in authoritarian or semi-democratic countries.
surveillance  chilling-effects  pen  censorship  fear 
january 2015 by jm
Hague reassures MPs on Office 365 data storage as Microsoft ordered to hand over email data

William Hague, the leader of the House of Commons, has responded to concerns raised by an MP about the security of parliamentary data stored on Microsoft’s Cloud-based servers in Europe.

“The relevant servers are situated in the Republic of Ireland and the Netherlands, both being territories covered by the EC Data Protection Directive," William Hague wrote in a letter to John Hemming, MP for Birmingham Yardley. "Any access by US authorities to such data would have to be by way of mutual legal assistance arrangements with those countries.” [...]

John Hemming MP told Computer Weekly Hague’s reassurances carried little weight in the face of aggressive legal action by the US government. 

“The Microsoft case makes it clear that, in the end, the fact that Microsoft is a US company legally trumps the European Data Protection Directive [...] and where [the letter says] the US authorities could not exercise a right of search and seizure on an extraterritorial basis, well, they are doing that, in America, today.”


Sounds like they didn't think that through...
mail  privacy  parliament  office-365  microsoft  mlat  surveillance 
january 2015 by jm
Why Ireland must protect privacy of Irish emails and internet usage from surveillance
It’s now over a year since Edward Snowden went public with evidence of mass surveillance and extensive abuses by the NSA, GCHQ and other intelligence agencies. In other countries these revelations prompted parliamentary inquiries, diplomatic representations and legislation. In Ireland the only response was a promise [..] to help extradite Mr Snowden should he land here.
ireland  politics  edward-snowden  extradition  privacy  nsa  gchq  spying  surveillance  tj-mcintyre 
december 2014 by jm
Operation Socialist: How GCHQ Spies Hacked Belgium’s Largest Telco
Chilling.
GCHQ maintains a huge repository named MUTANT BROTH that stores billions of these intercepted cookies, which it uses to correlate with IP addresses to determine the identity of a person. GCHQ refers to cookies internally as “target detection identifiers.”
privacy  gchq  surveillance  belgacom  regin  uk  spying  belgium  isps  cookies  malware 
december 2014 by jm
"Looks like Chicago PD had a stingray out at the Eric Garner protest last night"
Your tax dollars at work: Spying on people just because they demand that the government's agents stop killing black people. [...] Anonymous has released a video featuring what appear to be Chicago police radio transmissions revealing police wiretapping of organizers' phones at the protests last night the day after Thanksgiving, perhaps using a stingray. The transmissions pointing to real-time wiretapping involve the local DHS-funded spy 'fusion' center.
imsi-catcher  stingray  surveillance  eric-garner  protests  privacy  us-politics  anonymous  chicago  police  wiretapping  dhs 
december 2014 by jm
State sanctions foreign phone and email tapping
Well, this stinks.
Foreign law enforcement agencies will be allowed to tap Irish phone calls and intercept emails under a statutory instrument signed into law by Minister for Justice Frances Fitzgerald.
Companies that object or refuse to comply with an intercept order could be brought before a private “in camera” court.
The legislation, which took effect on Monday, was signed into law without fanfare on November 26th, the day after documents emerged in a German newspaper indicating the British spy agency General Communications Headquarters (GCHQ) had directly tapped undersea communications cables between Ireland and Britain for years.
ireland  law  gchq  surveillance  mlats  phone-tapping 
december 2014 by jm
Richard Tynan on Twitter: "GCHQ Tapping Eircom owned cable"
Cable listed as owned by Eircom and Cable and Wireless (now Vodafone?)
vodafone  cables  tapping  surveillance  eircom  internet  uk 
november 2014 by jm
FBI's "Suicide Letter" to Dr. Martin Luther King, Jr., and the Dangers of Unchecked Surveillance
The entire letter could have been taken from a page of GCHQ’s Joint Threat Research and Intelligence Group (JTRIG)—though perhaps as an email or series of tweets. The British spying agency GCHQ is one of the NSA’s closest partners. The mission of JTRIG, a unit within GCHQ, is to “destroy, deny, degrade [and] disrupt enemies by discrediting them.” And there’s little reason to believe the NSA and FBI aren’t using such tactics.

The implications of these types of strategies in the digital age are chilling. Imagine Facebook chats, porn viewing history, emails, and more made public to discredit a leader who threatens the status quo, or used to blackmail a reluctant target into becoming an FBI informant. These are not far-fetched ideas. They are the reality of what happens when the surveillance state is allowed to grow out of control, and the full King letter, as well as current intelligence community practices illustrate that reality richly.
fbi  surveillance  mlk  history  blackmail  snooping  gchq  nsa 
november 2014 by jm
IAB Statement on Internet Confidentiality
Newly designed protocols should prefer encryption to cleartext operation. There may be exceptions to this default, but it is important to recognize that protocols do not operate in isolation.  Information leaked by one protocol can be made part of a more substantial body of information by cross-correlation of traffic observation.  There are protocols which may as a result require encryption on the Internet even when it would not be a requirement for that protocol operating in isolation.

We recommend that encryption be deployed throughout the protocol stack since there is not a single place within the stack where all kinds of communication can be protected.


Wow. so much for IPSec
ipsec  iab  ietf  snowden  surveillance  crypto  protocols  internet 
november 2014 by jm
Yes, Isis exploits technology. But that’s no reason to compromise our privacy | Technology | The Observer
From the very beginning, Isis fanatics have been up to speed on [social media]. Which raises an interesting question: how come that GCHQ and the other intelligence agencies failed to notice the rise of the Isis menace until it was upon us? Were they so busy hoovering metadata and tapping submarine cables and “mastering the internet” (as the code name of one of their projects puts it) that they didn’t have time to see what every impressionable Muslim 14-year-old in the world with an internet connection could see?
gchq  guardian  encryption  nsa  isis  technology  social-media  snooping  surveillance 
november 2014 by jm
UK police to investigate alleged Bahraini hacking of exiles’ computers
Criminal complaints have been filed in the UK against Gamma "acting as an accessory to Bahrain's illegal targeting of activists" using the FinFisher spyware
finfisher  spyware  malware  gamma  bahrain  law  surveillance  privacy  germany  hacking 
october 2014 by jm
"CryptoPhone" claims to detect IMSI catchers in operation
To show what the CryptoPhone can do that less expensive competitors cannot, he points me to a map that he and his customers have created, indicating 17 different phony cell towers known as “interceptors,” detected by the CryptoPhone 500 around the United States during the month of July alone.  Interceptors look to a typical phone like an ordinary tower.  Once the phone connects with the interceptor, a variety of “over-the-air” attacks become possible, from eavesdropping on calls and texts to pushing spyware to the device.

“Interceptor use in the U.S. is much higher than people had anticipated,” Goldsmith says.  “One of our customers took a road trip from Florida to North Carolina and he found 8 different interceptors on that trip.  We even found one at South Point Casino in Las Vegas.”
imsi-catchers  security  cryptophone  phones  mobile  3g  4g  eavesdropping  surveillance 
august 2014 by jm
Six things we know from the latest FinFisher documents | Privacy International
The publishing of materials from a support server belonging to surveillance-industry giant Gamma International has provided a trove of information for technologists, security researchers and activists. This has given the world a direct insight into a tight-knit industry, which demands secrecy for themselves and their clients, but ultimately assists in the violation human rights of ordinary people without care or reproach. Now for the first time, there is solid confirmation of Gamma's activities from inside the company's own files, despite their denials, on their clients and support provided to a range of governments.
finfisher  gamma-international  privacy  surveillance  iphone  android  rootkits  wiretapping  germany  privacy-international  spying  bahrain  turkmenistan  arab-spring  egypt  phones  mobile 
august 2014 by jm
The Internet's Original Sin - The Atlantic
Ethan Zuckerberg: 'It's not too late to ditch the ad-based business model and build a better web.'
advertising  business  internet  ads  business-models  the-atlantic  ethan-zuckerberg  via:anildash  web  privacy  surveillance  google 
august 2014 by jm
'Identifying Back Doors, Attack Points and Surveillance Mechanisms in iOS Devices'
lots of scary stuff in this presentation from this year's Hackers On Planet Earth conf. I'm mainly interested to find out that Jonathan "D-Spam" Zdziarski was also a jailbreak dev-team member until around iOS 4 ;)
d-spam  jonathan-zdziarski  security  apple  ios  iphone  surveillance  bugging 
july 2014 by jm
Obama administration says the world’s servers are ours | Ars Technica
In its briefs filed last week, the US government said that content stored online doesn't enjoy the same type of Fourth Amendment protections as data stored in the physical world. The government cited (PDF) the Stored Communications Act (SCA), a President Ronald Reagan-era regulation.


Michael McDowell has filed a declaration in support of MS' position (attached to that article a couple of paras down) suggesting that the MLAT between the US and Ireland is the correct avenue.
privacy  eu  us-politics  microsoft  michael-mcdowell  law  surveillance  servers  sca  internet 
july 2014 by jm
NSA: Linux Journal is an "extremist forum" and its readers get flagged for extra surveillance
DasErste.de has published the relevant XKEYSCORE source code, and if you look closely at the rule definitions, you will see linuxjournal.com/content/linux* listed alongside Tails and Tor. According to an article on DasErste.de, the NSA considers Linux Journal an "extremist forum". This means that merely looking for any Linux content on Linux Journal, not just content about anonymizing software or encryption, is considered suspicious and means your Internet traffic may be stored indefinitely.


This is, sadly, entirely predictable -- that's what happens when you optimize the system for over-sampling, with poor oversight.
false-positives  linuxjournal  linux  terrorism  tor  tails  nsa  surveillance  snooping  xkeyscore  selectors  oversight 
july 2014 by jm
Irish parliament pressing ahead with increased access to retained telecoms data
While much of the new bill is concerned with the dissolution of the Competition Authority and the National Consumer Agency and the formation of a new merged Competition and Consumer Protection Commission (CCPC) the new bill also proposed to extend the powers of the new CCPC to help it investigate serious anticompetitive behaviour.

Strikingly the new bill proposes to give members of the CCPC the power to access data retained under the Communications (Retention of Data) Act 2011. As readers will recall this act implements Directive 2006/24/EC which obliges telecommunications companies to archive traffic and location data for a period of up to two years to facilitate the investigation of serious crime.

Ireland chose to implement the maximum two year retention period and provided access to An Garda Siochana, The Defence Forces and the Revenue Commissioners. The current reform of Irish competition law now proposes to extend data access powers to the members of the CCPC for the purposes of investigating cartel offences.
data-retention  privacy  surveillance  competition  ccpc  ireland  law  dri 
july 2014 by jm
You Are Not a Digital Native: Privacy in the Age of the Internet
an open letter from Cory Doctorow to teen readers re privacy.

'The problem with being a “digital native” is that it transforms all of your screw-ups into revealed deep truths about how humans are supposed to use the Internet. So if you make mistakes with your Internet privacy, not only do the companies who set the stage for those mistakes (and profited from them) get off Scot-free, but everyone else who raises privacy concerns is dismissed out of hand. After all, if the “digital natives” supposedly don’t care about their privacy, then anyone who does is a laughable, dinosauric idiot, who isn’t Down With the Kids.'
children  privacy  kids  teens  digital-natives  surveillance  cory-doctorow  danah-boyd 
may 2014 by jm
SpideyApp
an Android-based stingray (IMSI catcher) detector that uses machine learning to detect the presence of stingray devices which can be used to eavesdrop on cellular communication.


In pre-launch right now. Via EthanZ via Antoin
imsi-catcher  stingray  surveillance  via:ethanz  snooping  spying  privacy  mobile 
may 2014 by jm
BBC News - Microsoft 'must release' data held on Dublin server
Messy. I can't see this lasting beyond an appeal.
Law enforcement efforts would be seriously impeded and the burden on the government would be substantial if they had to co-ordinate with foreign governments to obtain this sort of information from internet service providers such as Microsoft and Google, Judge Francis said. In a blog post, Microsoft's deputy general counsel, David Howard, said: "A US prosecutor cannot obtain a US warrant to search someone's home located in another country, just as another country's prosecutor cannot obtain a court order in her home country to conduct a search in the United States. "We think the same rules should apply in the online world, but the government disagrees."
microsoft  regions  law  us-law  privacy  google  cloud  international-law  surveillance 
april 2014 by jm
Eyes Over Compton: How Police Spied on a Whole City
The law-enforcement pervasive-surveillance CCTV PVR.
In a secret test of mass surveillance technology, the Los Angeles County Sheriff's Department sent a civilian aircraft* over Compton, California, capturing high-resolution video of everything that happened inside that 10-square-mile municipality. Compton residents weren't told about the spying, which happened in 2012. "We literally watched all of Compton during the times that we were flying, so we could zoom in anywhere within the city of Compton and follow cars and see people," Ross McNutt of Persistence Surveillance Systems told the Center for Investigative Reporting, which unearthed and did the first reporting on this important story. The technology he's trying to sell to police departments all over America can stay aloft for up to six hours. Like Google Earth, it enables police to zoom in on certain areas. And like TiVo, it permits them to rewind, so that they can look back and see what happened anywhere they weren't watching in real time. 


(via New Aesthetic)
pvr  cctv  law-enforcement  police  compton  los-angeles  law  surveillance  future 
april 2014 by jm
« earlier      
per page:    204080120160

related tags

3g  4g  1990s  absurd  accountability  ad-injection  ads  adversarial-classification  advertising  afr  ags  ai  airport  algorithms  alpr  amazon  amesys  analytics  android  andy-greenberg  anonymity  anonymous  anpr  anti-spam  apple  arab-spring  art  australia  authoritarianism  aws  backdoors  backups  bahrain  banking  banks  belgacom  belgium  bias  big-brother  big-data  biometrics  bittorrent  blackmail  boing-boing  browsers  bruce-schneier  brussels  bugging  bull-sa  business  business-models  cables  cameras  campaign  cars  cash  ccpc  cctv  cellxion  censorship  charlie-stross  chicago  chicken-wings  children  chilling-effects  china  chris-andrews  cia  civil-liberties  cjeu  classification  cloud  cloud-computing  competition  compton  consent  contactless  control  cookies  copyfight  copyright  cory-doctorow  credit-cards  crime  cryptanalysis  crypto  cryptography  cryptophone  cs  culture  cyberspace  d-spam  daily-mail  danah-boyd  daniel-solove  dara-murphy  dark-mail  data  data-privacy  data-protection  data-retention  david-miranda  democracy  detection  dhs  dianne-feinstein  digital-natives  digital-rights  diplomacy  dns  downloading  dpc  dpi  dri  dripa  driving  drones  dropcam  dual_ec_drbg  dublin  dublin-airport  dysaguria  dystopia  dystopian  east-germany  eavesdropping  ec  ecj  ecuador  edri  edward-snowden  eff  egypt  eircom  elliptic-curves  email  embassies  encryption  end-to-end  environmentalism  ep  ep-3e  epic  eric-garner  errors  essay  ethan-zuckerberg  ethics  ethiopia  eu  europe  expert-systems  extradition  face-recognition  facebook  faces  facial-recognition  fail  false-positives  family  fast-food  fbi  fear  fianna-fail  filesharing  filtering  finfisher  firefox  firewalls  fisaaa  forbes  france  fraud  freedom  ftc  fud  funny  future  gadhafi  games  gamma  gamma-international  gardai  gchq  gcsb  gemalto  geolocation  geotargeting  germany  glenn-greenwald  gmail  going-dark  goodharts-law  google  government  greens  groklaw  gsm  gsoc  gsocgate  guardian  gubu  hacking  hacks  hadopi  hardware  haystack  history  horror  hosting  hrw  http  https  human-rights  human-rights-watch  iab  icloud  icrs  ietf  imei  imsi  imsi-catcher  imsi-catchers  india  infection  intelligence  interception  international-law  internet  interviewing  ios  ip-addresses  iphone  ipsec  ireland  irish  irony  isis  isps  jan-phillip-albrecht  java  javascript  jeremy-bentham  jgc  john-lanchester  john-perry-barlow  jonathan-zdziarski  joseph-cannataci  journalism  journalists  jttf  julian-assange  karlin-lillington  karma-police  key-lengths  keyloggers  kids  kim-dotcom  kolab  komodia  lavabit  law  law-enforcement  leaks  legal  lenovo  libertarianism  liberty  libya  likes  linkedin  linux  linuxjournal  lobbying  london  long-reads  los-angeles  mac  mac-addresses  mac-trackers  machine-learning  maciej  maciej-ceglowski  mail  malware  manifestos  mass-surveillance  massive-interception  masturbation  matt-blaze  max-schrems  megaupload  mi5  michael-hayden  michael-mcdowell  microsoft  mike-hearn  minority-report  ml  mlat  mlats  mlk  mmog  mobile  mobile-phones  model-clauses  monitoring  morality  morals  muscular  networking  new-yorker  new-zealand  nlp  nothing-to-hide  nsa  off-the-shelf  office-365  online  open-source  opendns  org  oversight  packets  palantir  panopticon  papers  parliament  pattern-analysis  payment  pen  personality  pgp  phillip-rogaway  philosophy  phone  phone-records  phone-tapping  phones  photos  piracy  pki  police  police-state  policing  policy  politics  porn  preston  printers  prism  privacy  privacy-international  probable-cause  profiling  protest  protests  protocols  proxying  psychology  public  public-safety  pups  pvr  random-forests  regin  regions  regulation  replication  reporters  rick-falkvinge  rights  ripa  rootkits  rsa  safe-harbor  safe-harbour  sca  scandals  schrems  security  selectors  self-driving  servers  sf  sigint  silent-circle  silicon-valley  sim-cards  slides  smart-tvs  smartcards  smartphones  sms  smtp  sniffing  snooping  snowden  social-media  society  software  spam  speaking-out  speech  spies  spiral-of-silence  spy-planes  spying  spyware  ssh  ssl  standards  state  state-control  statistics  stingray  stingrays  superfish  surveillance  swift  sysadmins  tails  talks  tao  tapping  targeting  tech  techdirt  technology  teenagers  teens  telecoms  telephones  tempest  terrorism  text-messaging  the-atlantic  the-circle  the-intercept  tj-mcintyre  tjmcintyre  tls  tom-matzzie  tor  totalitarianism  tracking  traffic  trains  transparency  travel  tribunals  tsa  tunisia  turbine  turkey  turkmenistan  tv  twitter  udp  uganda  uk  uk-politics  ukraine  un  undercover  us  us-law  us-politics  usa  user-agent  utopian  vehicles  via:anildash  via:ethanz  via:ioerror  via:jgc  via:pjakma  via:snowden  via:tjmcintyre  via:tupp_ed  viber  viviane-reding  vizio  vodafone  war  warcraft  watchdogs  web  webcams  wendy-grossman  whatsapp  wifi  wikileaks  windows  wired  wiretapping  x-ray  xkeyscore  yahoo 

Copy this bookmark:



description:


tags: