28 May 2014 | Digital Freedom, News and features, Politics and Society, United States
Last week saw a flurry of legislative to-and-fro on the Hill as the US House of Representatives pondered the passage of legislation aimed at ending bulk-collection by the US National Security Agency. The USA Freedom Act, or HR. 3361, was passed on Thursday in a 303-121 vote, and was hailed by The New York Times as “a rare moment of bipartisan agreement between the White House and Congress on a major national security issue”. Congressman Glenn ‘GT’ Thompson (R-Pa.) tweeted that he was the proud cosponsor of a bill “that passed uniting and strengthening America by ending eavesdropping/online monitoring.”
It was perhaps inevitable that compromise between the intelligence and judiciary committees would see various blows against the bill in terms of scope and effect. When legislators want to posture about change while asserting the status quo, ambiguity proves their steadfast friend. After all, with the term “freedom” in the bill, something was bound to give.
Students of the bill would have noted that its main author, Rep. Jim Sensenbrenner (R-Wi.), was also behind HR. 3162, known more popularly as the USA Patriot Act. Most roads in the US surveillance establishment tend to lead to that roughly drafted and applied piece of legislation, a mechanism that gave the NSA the broadest, and most ineffective of mandates, in eavesdropping.
Then came salutatory remarks made about the bill from Rep. Mike Rogers[2], who extolled its virtues on the House floor even as he attacked the Obama administration for not being firm enough in holding against advocates of surveillance reform. There is a notable signature change between commending “a responsible legislative solution to address concerns about the bulk telephone metadata program” and being “held hostage by the actions of traitors who leak classified information that puts our troops in the field at risk or those who fear-monger and spread mistruth to further their misguided agenda.”
Even as Edward Snowden’s ghost hung heavy over the Hill like a moralising Banquo, Rogers was pointing a vengeful finger in his direction. There would, after all, have been no need for the USA Freedom Act, no need for this display of lawmaking, but for the actions of the intelligence sub-contractor. Privacy advocates would again raise their eyebrows at Rogers’s remarks about the now infamous Section 215 telephone metadata program under the Patriot Act, which had been “the subject of intense, and often inaccurate, criticism. The bulk telephone metadata program is legal, overseen, and effective at saving American lives.”
Such assertions are remarkable, more so for the fact that both the Privacy and Civil Liberties Oversight Board and the internal White House review panel, found little evidence of effectiveness in the program. “Section 215 of the USA Patriot Act,” claimed the PCLOB, “does not provide an adequate basis to support this program.” Any data obtained was thin and obtained at unwarranted cost.
Critics of the bill such as Centre for Democracy and Technology President Nuala O’Connor expressed concern at the chipping moves. “This legislation was designed to prohibit bulk collection, but has been made so weak that it fails to adequately protect against mass, untargeted collection of Americans’ private information.” In O’Connor’s view, “The bill now offers only mild reform and goes against the overwhelming support for definitively ending bulk collection.”
Not so, claimed an anonymous House GOP aide. “The amended bill successfully addresses the concerns that were raised about NSA surveillance, ends bulk collections and increases transparency.” Victory in small steps would seem to have impressed the aide. “We view it as a victory for privacy, and while we would like to have had a stronger bill, we shouldn’t let the perfect being the enemy of the good.”
Various members of the House disagreed. Rep. Zoe Lofgren (D-Calif.) noted that the bill had received a severe pruning by the time it reached the House floor, having a change “that seems to open the door to bulk collection again.” Others connected with co-sponsoring initial versions of the bill, among them Rep. Jared Polis (D-Colo.) and Rep. Justin Amash (R-Mich.) also refused to vote for the compromise.
What, then, is the basis of the gripe? For one, the language “specific selection term”, which would cover what the NSA can intercept, is incorrigibly vague. The definition offers the unsatisfactory “term used to uniquely describe a person, entity or account.” What, in this sense, is an entity for the purpose of the legislation? The tip of the iceberg is already problematic enough without venturing down into the murkier depths of interpretation.
Even more troubling in the USA Freedom Act is what it leaves out. For one thing, telephony metadata is only a portion of the surveillance loot. Other collection programs are conspicuously absent, be it the already exposed PRISM program which covers online communications, Captivatedaudience, a program used to attain control of a computer’s microphone and record audio, Foggybottom – used to note a user’s browsing history on the net, and Gumfish, used to control a computer webcam. (These are the choice bits – others in the NSA arsenal persist, untrammelled.)
Section 702 of the Foreign Intelligence Surveillance Amendments (FISA) Act, the provision outlining when the NSA may collect data from American citizens in various cases and how the incorrect or inadvertent collection of data is to be handled, is left untouched. On inspection, it seems the reformist resume of the Freedom Act is rather sparse.
Ambiguities, rather than perfections, end up being the enemy of the good. Laws that are poorly drafted tend to be more than mere nuisances – they can be dangerous in cultivating complacency before the effects of power. Well as it might that the USA Freedom Act has passed, signalling a political will to deal with bulk-collection of data. But in making that signal, Congress has also made it clear that compromise is one way of doing nothing, a form of sanctified inertia.
This article was posted on May 28, 2014 at indexoncensorship.org
9 May 2014 | Digital Freedom, News and features, Politics and Society, United States
(Image: Free Barrett Brown)
Last Tuesday “hacktivist journo” Barrett Brown pled guilty in a US court after a long-running battle with the FBI. He had reported on a high-profile Anonymous hack as well as posting provocative videos on YouTube baiting FBI officials.
At the hearing, the court reduced his sentence from 105 years to eight and a half years, with lawyers saying he could serve far less time.
Both Brown’s defence team and freedom of speech activists are now worried a precedent has been set in which reporters could be prosecuted for writing stories using hacked information.
“The implications are worrisome in the extreme,” said Kevin Gallagher, director of Free Barrett Brown Ltd.
“It must be noted that Brown’s lawyers worked painstakingly to avoid setting an undesirable precedent—one that would place other journalists at risk for dealing with hackers as sources.
“Yet the dangers of this novel legal construction are clear: journalists may be prosecuted for merely speaking to hackers and having knowledge of their breaches.”
Last month US prosecutors dropped 11 of the 17 charges against Brown, who faces three separate indictments. The abandoned claims all related to a breach of private intelligance contractor Stratfor carried out by Anonymous in 2011.
The ringleader of the Anonymous hackers, Jeremy Hammond, was sentenced to 10 years in prison last November.
Brown’s case was criticised by freedom of speech campaigners because it involved him hyperlinking to stolen Stratfor data which had already been made publicly available. Concerns revolved around how one of the core tenets of the internet – link sharing, could be impacted.
“The attempt to criminalize the act of providing links broke new ground in dangerous official absurdity,” said Norman Solomon, an American journalist associated with media watchdog Fairness & Accuracy in Reporting.
No explanation was given by the FBI or prosecutors as to why the charges were suddenly dropped.
Once the gagging order was lifted it was revealed that Brown had in fact advised the Anonymous hackers to redact the data, even contacting the Stratfor CEO to tell him this.
Brown wrote in an email to Anonymous : “It occurred to me that it might be a good idea to tell Stratfor that you guys will consider making any reasonable redactions to emails that might endanger, say, activists living under dictatorships with whom they might have spoken… If they fail to cooperate, it will be on them if any claims are made about this yield endangering anyone”.
According to Gallagher one of Brown’s lawyers commented :”He was very critical of careless releases of data by hackers, but he made efforts to protect his sources; and that’s what he’s being charged for.”
The remaining charges constitute two felonies and one misdemeanour, with one charge of making an internet threat resting on aggressively presented YouTube videos that Brown posted of himself after he grew angry at the FBI’s treatment of his case. One clip was titled “Why I’m Going To Destroy FBI Agent Smith.” A description under the video called for tip-offs about the FBI agent to be sent to a specific email account. Brown pleaded guilty to the charge.
“Barrett expresses deep regret for what he did in making the threat, which he did impulsively at a time when he felt cornered and was unable to make rational decisions,” said one of the lawyers representing Brown, Ahmed Ghappour.
Brown was also prosecuted over obstructing the execution of a search warrant, and being an accessory to unauthorized access of a protected computer. He pleaded guilty to both these charges and will now face up to eight and a half years in prison.
Commenting on the final charge – Norman Solomon also told Index
“Journalists are now facing even more dangerous political terrain in the United States if they want to do real investigative reporting.”
“We should be greatly concerned that U.S. authorities have shown their determination to punish some journalists for putting together pieces of puzzles into coherent pictures.
He added, “In the context of internet journalism, a felony count against linking is akin to legal action against demonstrably thinking in unauthorized ways.”
This article was posted on 9 May 2014 at indexoncensorship.org
7 May 2014 | Digital Freedom, News and features, Politics and Society, United States
(Photo: Shutterstock)
The reforms to the intelligence community that have been advocated by US President Barack Obama are not being taken well in some circles. This is not necessarily because all members of that covert fraternity object to them. There has been, in fact, a general understanding that something had to be done in light of Edward Snowden’s revelations regarding dragnet surveillance. A fundamental feature of Obama’s reform agenda centres on a greater oversight role regarding surveillance applications assessed by the Foreign Intelligence Surveillance Court (FISC).
Former FISC Presiding Judge John Bates has given, in a fashion, support for proposals that would allow the appointment of a public advocate or lawyers acting in an amicus curiae role. Their role suggests, in spirit at least, a modest attempt to open an otherwise secret court process to scrutiny over surveillance applications, providing direction on privacy and specific legal points. “I think it could have some good elements if done correctly,” suggested the judge before a gathering at George Washington University Law School last Friday.
Reading between the lines, however, the judge is not glowing at the prospect of an increased work load, one affected without little benefit. For one, he claims that an outside advocate is, for the most part, needless in standard court deliberations (pen registers, trap-and-trace orders and individualised search warrants) under the Foreign Intelligence Surveillance Act of 1978. Furthermore, surveillance applications tended to be prosaic matters with specific individuals in mind, using such standards as probable cause that would only affect the privacy interests of an individual or set of individuals. Amicus advocates would busy the court without any benefit, they being, for the most part, unqualified to deal with the technical matters at hand.
Where such a “friend” of the court might have some bearing would be on concerns over bulk-collection of data, though the judge was again shaving much relevance over the move. Was this reform a genuine attempt to alter practice, or simply one designed to pacify “public perception”? Those on the FISC are more troubled than pleased.
Many of the concerns made by Judge Bates were outlined in his January 13 letter to Senator Dianne Feinstein, Chair of the Select Committee on Intelligence. It is worth reading carefully, given the role Bates has played as chief judicial officer over FISC matters. A vigorous, conceptual tussle between secret deliberations and transparency is undertaken, much of it fundamental over the role of the court in “oversight” matters.
If workloads were to increase, then this should be “accompanied by a commensurate increase in resources.” Adding a number of administrative subpoena-type cases in excess of 20,000 “would fundamentally transform the nature of the FISC to the detriment of its current responsibilities.” But even such an increase of work would not necessarily be remedied by the mere addition of personnel and resources. It would “prove disruptive to the Courts’ ability to perform their duties, including responsibilities under FISA and the Constitution to ensure that the privacy interests of United States citizens and others are adequately protected.”
Like it or not, Judge Bates suggests that the secrecy function of the FISC should continue. In this, the judge slips into his paternalistic voice, suggesting that publishing Court decisions for public consumption would limit rather than “enhance the public’s understanding of FISA implementation”. Unless classified information is provided with those decisions, confusion was bound to happen.
A real bruiser comes in his detailed observations over what role the public advocate would actually play in FISA proceedings. First and foremost, there will be no constructive adversarial role to speak of, as the advocate will be “unable to communicate with the target or conduct an independent investigation”. Privacy protection will not be assured by involvement of the advocate in “run-of-the-mill FISA matters” and might “undermine the Courts’ ability to receive complete and accurate information on the matters before them.”
Much of the concern stems from who has the authority over appointments. A court appointed advocate might well be more palatable for judges, but it will hardly satisfy the privacy reformists, who wish to open the FISC door to some form of public accountability. But according to Judge Bates, a “standing advocate with independent authority to intervene at will could actually be counterproductive” while a court appointee may well maximise assistance while minimising disruption. He also fears the “constitutional” implications of the move.
Some of Bates’ concerns on the public advocate may be uncalled for. They are already considered in the Leahy/Sensenbrenner and Blumenthal bills. Both make the point that the special advocate only appear in set cases, and never in those touching on individualised search warrants. They would only deal with novel matters affecting subjects of surveillance targeting persons outside the United States (FISA, s. 702) and American subjects under s. 215 of the USA PATRIOT Act.
Judge Bates’ overview suggests that some reforms to the hearing and granting of surveillance applications are not only modest but cosmetic, in so far as they hope to improve privacy protections. The impact will be to actually hamper judicial oversight, rather than improve it. The adversarial element that would improve representation would actually be absent, despite the presence of the public advocate, making the reform one of bluff rather than effect. No change, however, would have been intolerable.
Speaking to a gathering of national security lawyers organised by the American Bar Association, Judge Bates had a prediction. “My guess is nothing will happen legislatively until after the mid-term elections – if then.” There will be congressional disagreements about matters of form and substance. If care is not taken, enacted reforms may well be the bunting without the product.
This article was published on April 7, 2014 at indexoncensorship.org
1 May 2014 | Brazil, Digital Freedom, News and features, Russia, United States
“ICANN’s mission is stewardship and operational stability, not the defence of its existence or the preservation of the status quo.”
Stuart Lynn, ICANN President, Feb 2002
There has been much debate this month among internet circles about the future of the Internet Corporation for Assigned Names and Numbers (ICANN). Much of this was discussed at the NETmundial meeting in Sao Paolo, a suitable venue given Brazil’s desire to throw its weight behind reforming such bodies as ICANN. Reforms are on the cards, but no one seems to be clear what exactly these will do to the way the internet is used. Sentiments of doom and gloom mix with utopian forecasts of freedom.
The NETmundial Multistakeolder Statement doesn’t reveal much, other than paying lip service to various principles (freedom of expression and association, privacy) and charting the roughest of roadmaps for future directions on Internet governance. Aspiration, be it in terms of transparency, accountability and collaboration, is key.
ICANN was incorporated in California on September 18, 1998. Its creation was heralded as a loosening of the grip by US authorities on the operational side of the Internet, tasking a company to take over administrative duties. ICANN plays a leading role in dealing with the distribution of IP addresses and the management of the Domain Name System (DNS).
As far back as February 2002, the organisation’s president, Stuart Lynn, saw the need for reforms of the body. Reforms had to “replace ICANN’s unstable institutional foundations with an effective public-private ownership, rooted in the private sector but with the active backing and participation of national governments.” Tensions of management are fundamental – keeping an eye on “high-level elements of the Internet’s naming and address allocation systems” while avoiding intrusions that would stifle “creativity and innovation”. That tension has never been resolved.
On Mar 14, the National Telecommunications and Information Administration (NTIA), based in the US Department of Commerce, announced that its grip on ICANN would be loosened. “The timing is right to start the transition process,” claimed Assistant Secretary of Commerce for Communications and Information, Lawrence E. Strickling. “We look forward to ICANN convening stakeholders across the global Internet community to craft an appropriate transition plan.”
John M. Eger, Director of the Creative Economy Initiative at San Diego State University, was enthusiastic. “The US Government’s decision to end oversight of [ICANN] represents an opportunity for US leadership creating global ‘e-government’ systems to solve international law enforcement and terrorism problems, develop global education and environmental initiatives, and in turn, start using the Internet as a platform for advancing a new foreign-policy agenda.”
Eger’s overview is counter-intuitive – to shape internet governance, to seize the day, as it were, in such areas, one has to liberalise such bodies as ICANN and lessen the grip. Technology can be better managed and directed if the big holders release the creation. The Internet can become both a tool of open governance if the Obama administration embraces a “multistakeholder model”. “Letting go of ICANN gives the US momentum to more aggressively breathe life into the thousand[sic] of applications, which more truly internationalise its usefulness to nations, and to the world community.”
Eger’s observations are problematic on one direct level. US leadership in such areas has tended towards bullying and cajoling negotiating partners in accepting a supposedly universal premise in implementing its own specific policies. Nothing demonstrates that more acutely than the current secret Trans-Pacific Partnership Agreement talks. Ostensibly geared to accelerate trade liberalisation, the leaked chapters of the document suggest that Washington is keen to impress strict, even draconian intellectual property provisions on potential signatories. What can’t be done through Congress can be smuggled in via international treaty.
The suggested relinquishing of control by the US Department of Commerce has not been deemed a wise gesture on the part of such individuals as Sweden’s minister for foreign affairs, Carl Bildt. In relinquishing such control, internet governance would be altered, allowing other states to throw their hats in the ring. Bildt is convinced that widening such involvement on ICANN is not “the way to go.”
Bildt’s concern is paternalistic. Opening such doors will let in rather unsavoury characters keen on over-regulation. “Net freedom is as fundamental as freedom of information and freedom of speech in our societies.” Despite extolling such virtues, he has proven rather enthusiastic about dousing the flames over the NSA revelations of blanket surveillance, arguing that the Swedish FRA is, in fact, a defender of online freedoms. Visions of governance tend to vary.
Bildt also chairs the Chatham House and Centre for International Governance and Innovation Inquiry, created to examine the Snowden legacy and state censorship of the Internet. In a statement in January, the inquiry partners emphasised that “a number of authoritarian states are waging a campaign to exert greater state control over critical internet resources.” They are far from the only ones.
The short of it is that governments are compulsive meddlers. As attractive as the rhetoric of liberty and freedom might be, intrusive governance is still regarded as acceptable. The Brazilian Minister of Communications, Paulo Bernardo, considers virtual crimes and cybersecurity as vital areas of government policy. He did concede that “protocol standards and domain names registration can be perfectly controlled by the technical community.”
The language of Nikolai Nikiforov, Russian representative at NETmundial, proved more muscular. “Being subject to international laws, states act as grantors of rights and freedoms for citizens, play a role in the economy, security and stability of internet infrastructure, and undertaken measures to prevent, detect and deter illegal actions in the global network.”
Governments, it seems, just can’t let go.
This article was posted on May 1, 2014 at indexoncensorship.org
