The National Security Agency (NSA) is the latest intelligence agency spying on Americans without a warrant by buying access to their data.
That revelation comes from a letter released last week from Sen. Ron Wyden (D–Ore.) to Director of National Intelligence Avril Haines. "As you know," Wyden wrote, "U.S. intelligence agencies are purchasing personal data about Americans that would require a court order if the government demanded it from communications companies."
Now, Wyden writes, the snoop in question is the NSA, which is "buying Americans' domestic internet metadata." Such information "can reveal which websites they visit and what apps they use," according to a press release from Wyden's office.
Wyden is right that Haines is likely already aware of the practice: A report from the Office of the Director of National Intelligence (ODNI) completed in January 2022 (but only declassified in June 2023) found that the intelligence community "currently acquires a significant amount of [commercially available information] for mission-related purposes," information which "can include credit histories, insurance claims, criminal records, employment histories, incomes, ethnicities, purchase histories, and interests" and "in some cases social media data."
Data brokers collect and package this data for sale. Often this information is purchased by other companies for purposes like advertising, but increasingly, government agencies are purchasing the information for their own purposes: During the COVID-19 pandemic, the Centers for Disease Control and Prevention purchased cellphone location data in order to monitor compliance with lockdown orders; the IRS paid for similar data in an effort to track criminal suspects.
"Until recently, the data broker industry and the intelligence community's (IC) purchase of data from these shady companies has existed in a legal gray area, which was in large part due to the secrecy surrounding the practice," Wyden wrote. "The secrecy around data purchases was amplified because intelligence agencies have sought to keep the American people in the dark."
Wyden says he actually learned the NSA was buying Americans' internet metadata in March 2021, but the agency "refused…to clear the unclassified information for public release" for nearly three years. "It was only after I placed a hold on the nominee to be the NSA director that this information was cleared for release." Wyden includes letters from NSA officials written in December 2023, agreeing to allow the information to be released.
In Carpenter v. United States in 2018, the Supreme Court ruled that it was a violation of the Fourth Amendment for law enforcement to access cellphone location data without a warrant. The 2022 ODNI report noted that under Carpenter, "acquisition of persistent location information (and perhaps other detailed information) concerning one person by law enforcement from communications providers is a Fourth Amendment 'search' that generally requires probable cause." But since "the same type of information on millions of Americans is openly for sale to the general public," intelligence agencies "treat the information as" publicly available and "can purchase it."
Similarly, Under Secretary of Defense for Intelligence and Security Ronald Moultrie advised Wyden that "I am not aware of any requirement in U.S. law or judicial opinion," including Carpenter, that intelligence agencies "obtain a court order in order to acquire, access, or use information, such as [commercially available information], that is equally available for purchase to foreign adversaries, U.S. companies, and private persons as it is to the U.S. Government."
That explanation is cold comfort when, as Wyden's press release noted, spy agencies can "us[e] their credit card to circumvent the Fourth Amendment." The intelligence community previously seemed to understand this, with the 2022 ODNI report noting that while it "cannot willingly blind itself to this information, it must appreciate how unfettered access to [commercially available information] increases its power in ways that may exceed our constitutional traditions or other societal expectations." The collection of such data could also "raise the risk of mission creep," as information "collected for one purpose may be reused for other purposes."
The post NSA Purchases Internet Metadata To Spy on You Without a Warrant appeared first on Reason.com.
]]>A bipartisan collection of privacy-minded lawmakers today announced the introduction of a bill that would reform and restrain the authorities of federal agencies from snooping on American citizens and collecting data without getting a warrant first.
Federal surveillance authorities under Section 702 of the Foreign Intelligence Surveillance Act (FISA) are up for congressional renewal this year. Section 702 is intended to authorize the warrantless surveillance of foreigners outside of the United States for potential threats to national security. But in truth, through various loopholes and tricks, these authorities have been used by the federal government to collect and track domestic data and communications by American citizens, without us knowing and without warrants.
We've had years of evidence that federal intelligence authorities like the National Security Agency (NSA) have been misusing their powers and a number of legislative attempts to rein them in. Today, a pack of lawmakers introduced the Government Surveillance Reform Act of 2023, intended to add several new restrictions to protect Americans from warrantless snooping and collection of data as a condition of renewing Section 702.
The law is co-sponsored in both the House and Senate by privacy- and liberty-minded lawmakers from both parties, from Sen. Ron Wyden (D–Ore.) and Rep. Zoe Lofgren (D–Calif.) on the left to Sen. Mike Lee (R–Utah) and Rep. Nancy Mace (R–S.C.) on the right, among others.
"The FISA Court and the Director of National Intelligence have confirmed that our government conducted warrantless surveillance of millions of Americans' private communications," said Lee in a prepared statement. "It is imperative that Congress enact real reforms to protect our civil liberties, including warrant requirements and statutory penalties for privacy violations, in exchange for reauthorizing Section 702. Our bipartisan Government Surveillance Reform Act stops illegal government spying and restores the Constitutional rights of all Americans."
Their bill addresses and attempts to end a host of different ways that federal authorities have attempted to make end runs around the Fourth Amendment's requirements that officials get a warrant before accessing Americans' private data or communications. Some of the important reforms include:
And there's more to the full bill, which can be read here. It is chock full of changes to surveillance authorities that some lawmakers have been trying to pass for years now, in exchange for a four-year renewal of Section 702.
As such, the bill also has support from civil rights and privacy groups from across the political spectrum, including the American Civil Liberties Union (ACLU), the Electronic Frontier Foundation, the National Association for Criminal Defense Lawyers, FreedomWorks, Restore the Fourth, the Due Process Institute, and many others.
"We have said again and again that Section 702 should not be reauthorized absent fundamental reforms, said Kia Hamadanchy, a senior policy council at the ACLU, in a prepared statement. "The Government Surveillance Reform Act meets this high standard. This legislation would address the countless abuses of Section 702 we have seen from the government, and it would ensure the protection of Americans' Fourth Amendment rights. Congress should not vote to reauthorize Section 702 without the critical reforms contained in this bill."
The post Lawmakers Try To Insert Privacy Protections Into the Feds' Snooping Powers appeared first on Reason.com.
]]>My guest today is Eli Lake, a repeat guest who for almost 30 years has been one of the country's leading national security journalists, working as a columnist for and contributor to publications such as Bloomberg Opinion, The Daily Beast, The New Republic, The New York Sun, and Commentary. His 2010 article for Reason, "The 9/14 Presidency," strongly argued for time-limiting all authorizations of the use of military force, especially those involving amorphous struggles such as the global war on terror.
In recent episodes of his podcast, The Re-Education, Lake has conducted deep dives into the dark histories of the National Security Agency, the CIA, and the FBI and how they routinely disregard constitutional limits on their activities. At a recent event in New York City, I talked with him about the fundamental tension between America playing an outsized role in world affairs and having secretive agencies that often keep Congress and voters in the dark about their operations. Can democracy and self-governance survive in such an environment?
Previous appearances:
"Eli Lake: Trump, Russiagate, and the End of FBI Credibility"
"Should Anyone Be Offended by Ye? Live with Eli Lake"
"How the United States Can—And Cannot—Help Iranian Protesters"
"The Deep State's 'Political Assassination' of Michael Flynn Was an Epic Abuse of Power"
"Bradley Manning Trial Discussion: The Verdict Approaches"
"The Reason.tv Talk Show, Episode 3"
Today's sponsor:
The post Eli Lake: Exploring the Darkest Corners of the Deep State appeared first on Reason.com.
]]>Fifteen years after Section 702 was first authorized by Congress as a tool for foreign surveillance, there's never been an accounting of how many Americans have had their electronic communications scooped up.
Even attempting to calculate such a figure "would not be feasible," Sharon Bradford Franklin, chair of the Privacy and Civil Liberties Oversight Board, an independent executive branch agency responsible for advocating on behalf of Americans' rights in national security matters, told a House committee during an April hearing.
Franklin said the extent of that so-called incidental collection matters, "because the greater the number of Americans who are directly affected, the greater the need for Congress to ensure the safeguards throughout the 702 program are sufficient." In fact, she told the committee, the very notion of "incidental" collection is a bit of a misnomer. It is illegal for intelligence agencies to use Section 702 to deliberately spy on Americans' communications, but any message sent to someone in another country is fair game.
"Thus, incidental collection is a feature of Section 702 and not a bug," Franklin concluded.
The future of this incidental-but-intentional snooping on Americans' emails, texts, and phone calls is one of the most important questions facing Congress in the second half of this year. Authorization for Section 702 of the Foreign Intelligence Surveillance Act (FISA) expires in December. While it will almost certainly be renewed in some form, the process offers a rare opportunity for Congress to change the program's rules to better protect Americans' civil liberties—and there might be bipartisan support for doing so.
When Section 702 was approved in 2008, it removed older provisions of the FISA law that required the government to obtain a warrant from the special FISA court before wiretapping communications between Americans and foreigners. Agencies must obtain permission from the FISA court before conducting any surveillance, but the court effectively rubber-stamps all requests and does not review specific targets.
As a result, "vast quantities of our communications are still searched and amassed in government databases simply because we are in touch with people abroad," explains the American Civil Liberties Union (ACLU). There are at least two National Security Agency (NSA) programs—PRISM and Upstream—that rely on Section 702 surveillance. And, again, so many data are vacuumed up that the government's official position is that it's impossible to meaningfully quantify it, as Franklin testified in April.
Sarah Taitz, a national security fellow at the ACLU, says all that supposedly incidental collection of Americans' data is a "bait-and-switch" because "the FBI routinely exploit this rich source of our information by searching those databases to find and examine the communications of individual Americans for use in domestic investigations."
We do know how often that happens, thanks to an annual report published by the Office of the Director of National Intelligence (ODNI). In 2021, for example, the FBI used its FISA powers to run more than 3.3 million queries through the Section 702 database.
The FBI reported a dramatic drop in the number of warrantless Section 702 searches in 2022. The ODNI's most recent transparency report shows that the FBI made 204,090 queries of the Section 702 database last year. The sharp decline is attributed to several policy changes implemented by the FBI during the second half of 2021 and into early 2022, including new rules limiting when investigators can access the Section 702 databases.
Even after that significant decline, however, the overall use of Section 702 for warrantless domestic spying seems to be on the rise. In 2013—the first year the government released this transparency report, in response to the outrage generated by Edward Snowden's leaks about the NSA's spy programs—there were only 89,138 targets for Section 702 collections. The most recent report shows that there were 246,073 targets in 2022.
More foreign targets of Section 702 spying likely means more "incidental" collection of Americans' communications and larger databases. The FBI's declining use of those databases is a welcome development—one that suggests reforms aimed at tightening how this information is used can be implemented without jeopardizing national security. But it is also something of a red herring, given that the extent of what's being vacuumed up by Section 702 remains unknown.
"Given the rate at which the number of Section 702 targets is growing, it's likely that the government today collects over a billion communications under Section 702 each year," writes Taitz.
There's also evidence that the FBI improperly used Section 702 databases to spy on Americans involved in the George Floyd protests, the January 6 riot, and in less high-profile situations. A Foreign Intelligence Surveillance Court report unsealed in May showed that the FBI improperly used its warrantless search powers more than 278,000 times during 2021—before the FBI's internal policies were changed.
All these numbers are somewhat head spinning. Tens of thousands of foreign targets, leading to hundreds of thousands or even millions of warrantless searches every year through the potentially billions of intercepted communications. Whether any particular target or search might be justified, the aggregate numbers point to an inescapable conclusion: that the federal government is operating a massive domestic spying regime with little oversight and no meaningful concern for Americans' constitutional rights.
And unlike in 2018—when then-President Donald Trump grouched about FISA and the "deep state" but then signed the bill reauthorizing all this anyway—there might actually be a serious attempt at reform. On Tuesday, a group of six Republican lawmakers led by Rep. Matt Gaetz (R–Fla.) and including Rep. Thomas Massie (R–Ky.) introduced a resolution calling for Congress to allow FISA to expire at the end of the year.
"The blatant misuse of warrantless surveillance powers targeting Americans' communications should not be accepted or reauthorized," said Gaetz in a statement. "We must uphold national security without sacrificing the constitutional rights of our fellow Americans." In an interview with Fox News on Tuesday, Gaetz said he hoped to work with "civil libertarian-minded progressives" on the issue.
Meanwhile, in the Senate, some Democrats have expressed opposition to a speedy reauthorization of FISA and Section 702. Sen. Dick Durbin (D–Ill.), chairman of the Senate Judiciary Committee, said in June that he would "only support the reauthorization of Section 702 if there are significant—significant—reforms. And that means, first and foremost, addressing the warrantless surveillance of Americans in violation of the Fourth Amendment."
Whether politicians as different as Gaetz, Massie, and Durbin can patch together a coalition that agrees on how to reform (or abolish) Section 702 remains to be seen. It's probably right to be skeptical.
Still, 15 years after Congress first authorized the warrantless spying program and a decade after Snowden revealed the ways in which Americans were being targeted by it, it's encouraging to see that reauthorization will not be rubber-stamped. At the very least, Congress ought to demand to know the full extent of Section 702 snooping—and their constituents ought to demand changes.
The post We Still Don't Know the Full Extent of the Government's Warrantless Electronic Spying Program appeared first on Reason.com.
]]>Warrantless domestic spying was unconstitutional in 2008 and it's still unconstitutional today. Amending the Foreign Intelligence Surveillance Act (FISA) to allow for warrantless surveillance of electronic communications "would be a breathtaking and unconstitutional expansion of the President's powers and it is wholly unnecessary to address the problems the administration has identified," then–Sen. Joe Biden stated on July 9, 2008. Section 702 of the bill "authorizes surveillance that is broader than necessary to protect national security at the expense of civil liberties," he said.
"This bill's approach would significantly expand the scope of surveillance permitted under FISA by exempting entirely from the warrant requirement any calls to or from the United States, as long as the Government is 'targeting' someone reasonably believed to be located outside the United States," Biden warned back then, asserting that he would "not give the President unchecked authority to eavesdrop on whomever he wants in exchange for the vague and hollow assurance that he will protect the civil liberties of the American people."
Flash forward 15 years, and President Joe Biden seems to have a different perspective. "Today, his own administration is defending this very same law at his request," noted Kia Hamadanchy, the American Civil Liberties Union (ACLU).
"In the 15 years since that first legal challenge, President Biden's prediction that this law would be used to repeatedly violate the civil liberties of millions of ordinary Americans has come true," Hamadanchy pointed out yesterday. "What Biden did not predict, however, is that one day he would be ordering his administration to defend this very same law."
At the end of the year, lawmakers will once again vote on whether to reauthorize Section 702 of FISA, a highly contested provision that "gives the intelligence community space to target foreign intelligence in ways that inherently and intentionally sweep in Americans' communications," as the Electronic Frontier Foundation puts it. If Congress does not reauthorize, Section 702 will expire.
Some brief history: FISA passed in 1978 to allow intelligence agencies to monitor foreign communications. In 2008, under President George W. Bush and in the midst of the war on terror, FISA was amended to include Title VII, expanding surveillance power to electronic data. Title VII allows the National Security Agency (NSA) to collect and search electronic communications—phone data, emails, social media messages, etc.—and the FBI and CIA to query the electronic data the NSA collects.
Section 702 of Title VII allows the NSA to do targeted surveillance of foreign individuals by compelling electronic communication service providers to search communications and hand over certain data to the government. The government says Section 702 targets "non-U.S. persons, located abroad, who are expected to possess, receive, or communicate foreign intelligence information." But in reality, Section 702 surveillance can capture communications by Americans if they are corresponding with foreign individuals, giving government agents a backdoor route to warrantless domestic spying.
"The law has resulted in the incidental mass collection of U.S. persons' electronic records without judicial warrants, raising numerous 4th Amendment and civil liberties concerns," as Joshua Levine and John Belton at the think tank American Action Forum put it. Rather than having to present probable cause and obtain individual court orders allowing specific communications to be searched, Section 702 gives the government cart blanche to spy on electronic communications under the banner of stopping foreign threats. This includes what's known as upstream surveillance ("a process in which telecommunication companies, such as AT&T and Verizon, allow the NSA to copy all internet traffic that passes through the provider," as Levine and Belton explain) and downstream surveillance ("utilizing tech companies, such as Google or Meta, to turn over communications that involve a specific email address or phone number" so long as it's foreign in origin).
"In practice, intelligence agencies frequently use [Section 702] as [a] domestic surveillance tool," noted Hamadanchy:
In the last year alone, the FBI conducted over 200,000 warrantless 'backdoor' searches of Americans' communications. The standard for conducting these backdoor searches is so low that, without any clear connection to national security or foreign intelligence, an FBI agent can type in an American's name, email address, or phone number, and pull up whatever communications the FBI's Section 702 surveillance has collected over the past five years." These backdoor searches allow law enforcement to access constitutionally protected communications that would otherwise be off-limits without a warrant.
Americans first learned about the extent of this mass surveillance program from whistleblower Edward Snowden in 2013. Since then, it has attracted a huge amount of opposition. But intelligence agencies and many public officials still claim it is a necessary tool in the fight against terrorism.
The last time Congress had to vote on reauthorizing Title VII was in 2018.
Now, the push to convince Congress to renew Section 702 is on, with supporters still citing Islamic terrorism as a justification.
"We must not forget the lessons learned from 911," Department of Justice National Security Division Assistant Attorney General Matt Olsen said at a June hearing on reauthorization, calling reauthorizing the "single most consequential national security decision this Congress can make."
Reauthorizing Section 702 may face a tougher battle now than it did the last time around.
These days, conservative Republicans—once among the program's biggest supporters—have come to be critical of Section 702 power.
The program "has long faced resistance by Democrats concerned that it could trample on Americans' civil liberties," noted The New York Times earlier this month. "But the law authorizing it is set to expire in December, and opposition among Republicans, who have historically championed it, has grown as the G.O.P. has stepped up its attacks on the F.B.I., taking a page from former President Donald J. Trump and his supporters."
"There's no way we're going to be for reauthorizing that in its current form — no possible way," said Ohio Republican Rep. Jim Jordan.
"You couldn't waterboard me into voting to reauthorize 702," said Florida Republican Rep. Matt Gaetz. "These 702 authorities were abused against people in Washington on January 6 and they were abused against people who were affiliated with the B.L.M. movement, and I'm equally aggrieved by both of those things."
Of course, folks on the right aren't the only ones who have come to reassess Section 702. Now in power himself, the Biden who didn't believe in its necessity under a Republican administration has changed his tune, too.
Yet Biden's initial 2008 assessment of 702 remains true, suggests Hamadanchy. "Whether a tool is convenient for the government does not answer the question as to whether that tool is constitutional. It would of course be easier for the FBI if they never had to secure a warrant for any search. But the purpose of the Fourth Amendment is not to make the government's job easier or more convenient."
A group of Montanans are suing over the state's anti-drag law. The measure (HB 359) became law in May and bans "drag story hours" in schools and libraries. It's now being challenged in federal court.
Among the plaintiffs is Adria Jawort, an indigenous transgender woman who had a scheduled talk at the Butte-Silver Bow Public Library canceled in June, despite the fact that she is not a drag performer. The library allegedly cited concerns that Jawort's talk would run afoul of the new law.
Plaintiffs also include Rachel Corcoran, a teacher who "has dressed up as fictional and historic male and female characters to connect with students, enhance learning, and build community," per the lawsuit. "While in gendered costumes, she reads to students and engages in learning activities at school. By the terms of HB 359, she is a 'drag queen' or 'drag king' participating in 'drag story hour' at such times. Thus, she faces criminal penalties, lawsuits, and revocation of her teaching certificate."
Montana's bill is "breathtakingly ambiguous and overbroad" claims the complaint filed July 7 by Jawort, Corcoran, and seven organizations. The law "prohibits drag performers from leading story hours in schools and libraries, which is an unconstitutional content- and viewpoint-based restriction on free speech," they argue:
But that's not all: the bill bans reading to a child in a library in a superhero costume, conducting classroom activities dressed as Ms. Frizzle, inviting a Disney princess impersonator into the classroom, and staging a production of Shakespeare's As You Like It. These restrictions apply regardless of a person's gender identity and sex.
Additionally, HB 359 limits First Amendment activities of artists, businesses, and entities that receive state funds. Displaying or disseminating obscene materials and performances has long been illegal in Montana. HB 359 creates new, confusing restrictions on "sexually oriented performances"—with a definition that, inter alia: allows the display of human cleavage but not prosthetic cleavage; restricts "stripping," regardless of whether nudity results; and may—this is unclear—prevent allowing minors to view "any simulation of sexual activity, . . . salacious dancing, [or] any lewd or lascivious depiction or description of human genitals." …
HB 359 is a Frankenstein's monster that manages to pull together the worst of prior versions of the bill and incorporate all of the constitutional problems in drag bans recently struck down elsewhere.
Read the full complaint here.
"Arizona has become the latest of twelve states across the country to provide contraceptives over the counter without a prescription," reports USA Today. The new Arizona law allows people to purchase certain forms of birth control at a pharmacy without first obtaining a prescription from a physician. Purchasers will still have to undergo a blood pressure test and a health screening.
Arizona joins a dozen other states and the District of Columbia in allowing some forms of birth control to be obtained without a prescription. The other states include California, Connecticut, Delaware, Illinois, Maryland, Massachusetts, Nevada, New Jersey, New Mexico, New York, Oregon, and Washington.
In Arizona, adults will be able to buy hormonal contraceptives including birth control pills, contraceptive patches, and vaginal rings without a prescription.
• Five Republican presidential candidates—with former President Donald Trump notably absent—will take part in a July 14 debate hosted by Tucker Carlson.
• New York City Mayor Eric Adams is attacking the makers of flavored vape products in a new lawsuit. "The suit accuses the distributors of violating a host of city, state and federal laws, including the federal RICO statutes which are often used to go after organized crime gangs," says CBS News.
• "Massachusetts lawmakers are weighing a near total ban on buying and selling of location data drawn from consumers' mobile devices in the state, in what would be a first-in-the-nation effort," The Wall Street Journal reports.
• In a pair of federal lawsuits, current and former detainees at California's North County Correctional Facility in Castaic "accused the Los Angeles County Sheriff's Department of violating the U.S. Constitution—specifically the 4th and 14th amendments—by allowing deputies to use excessive force," notes the Los Angeles Times. The suits say "deputies fired more than 50 canisters of tear gas at a dorm housing several dozen inmates — allegedly because two of them were mouthy and uncooperative when staff ordered them to get off the phone for the evening."
• Under new Chinese regulations, "social media companies will now be responsible for the authentication of all content posted on their platform," according to Technext. "They will also be tasked with enforcing the [Cyberspace Administration of China's] 'one account for one person, two accounts for one enterprise' policy and suspend or prohibit users who have not been granted 'profit-making permission.' The profit-making permission is the approval one gets from the Chinese government to begin monetising their content, including posting sponsored content."
The post Biden's Flip-Flop on Warrantless Surveillance appeared first on Reason.com.
]]>Ireland's Data Protection Commission announced this week that Meta Ireland, the Irish subsidiary of Facebook parent company Meta, had violated privacy provisions of the General Data Protection Regulation (GDPR), a rule that went into effect in 2018. The GDPR mandated much stricter data privacy rules in the European Union (E.U.), which caused some growing pains upon implementation.
The Irish agency determined that Meta "transfer[red] personal data" from the E.U. to the U.S. in a manner that "did not address the risks to the fundamental rights and freedoms of data subjects," i.e. Europeans who use Facebook. It fined the social media firm 1.2 billion euros ($1.3 billion USD), the E.U.'s largest penalty on record.
But the fine seems to be based less on Meta's carelessness with customer data than the U.S. intelligence community's snooping practices.
Controversy over transatlantic data transfers goes back a decade, to Edward Snowden's disclosures about U.S. National Security Agency (NSA) spying programs. Among Snowden's revelations was PRISM, a program that according to The Verge "allows [intelligence agencies] to expedite court-approved data collection requests" of tech companies. Rather than a traditional warrant from a judge which would be susceptible to open records laws, the intelligence community largely relied on classified orders from the Foreign Intelligence Surveillance Court.
Data transfers between the U.S. and Europe had generally been allowed under a "safe harbor" legal framework since 2000. But key to that agreement was an understanding that all parties involved would generally safeguard users' privacy, and in the aftermath of the Snowden disclosures, the E.U. Court of Justice threw out the agreement in 2015. The parties formed a new agreement, known as the E.U.-U.S. Privacy Shield, the following year, but in 2020, the Court invalidated that agreement as well, again citing NSA spying programs. Meta's actions at issue would have been acceptable under the Privacy Shield but were no longer allowed after it was struck down.
The new judgment contains no allegations of specific data breaches, which one would expect with a penalty of over $1 billion. The Federal Trade Commission (FTC), for example, assessed a fine of between $575 million and $700 million against credit bureau Equifax after a 2017 data breach that exposed 147 million people's personal information. The FTC also hit Facebook with a $5 billion fine in 2019 for misuse of user data for the Cambridge Analytica scandal (a saga which, in retrospect, produced much more smoke than fire).
Rather, Meta's fine came as a result of the potential breach of information that could result from U.S. intelligence agency snooping. As Mike Masnick wrote at Techdirt, Meta was penalized because "it transferred some EU user data to US servers. And, because, in theory, the NSA could then access the data. That's basically it. The real culprit here is the US being unwilling to curb the NSA's ability to demand data from US companies."
As always, Meta can handle the fine: The company reported $116.6 billion in revenues last year. But smaller companies may not have that luxury. When countries pass onerous privacy regulations just to protect their citizens' data from the intelligence community's prying eyes, that cost is borne not by the spy agencies themselves but by the small companies forced to comply.
The post European Union Fines Meta $1.3 Billion Because of NSA Spying Programs appeared first on Reason.com.
]]>Ten years after Edward Snowden revealed that intelligence agencies abuse their authority to spy on people in the United States and around the world, the whistleblower continues to cast a long shadow. Here at home, Congress is thinking of extending surveillance powers amidst debates informed by concerns about privacy. Overseas, Irish regulators just slapped Facebook parent Meta with a massive fine under a European Union law meant to address governments siphoning data acquired by private companies. Snoops and their targets alike, we're all living in a world shaped by Snowden.
Just as the 9/11 attacks supercharged the security state with new power to intercept communications, Edward Snowden fueled concerns that the snoops' authority extended much too far. The result has been an ongoing tussle between those who say they want the intelligence community to protect us, and people concerned that we need protection from the intelligence community.
"Social media giant Meta was the latest to face a big penalty Monday when Ireland's privacy watchdog fined it a record €1.2 billion euros for privacy violations under the European Union's General Data Protection Regulation (GDPR)," Politico reported this week. "The Irish decision relates to 2013 revelations from Edward Snowden, the U.S. National Security Agency contractor, that American spooks were unlawfully accessing people's personal information via the country's tech giants."
By "relates to 2013 revelations from Edward Snowden," Politico's Clothilde Goujard and Mark Scott mean the European Parliament ushered through the GDPR amid reports that alphabet agencies in English-speaking countries hoover up information collected by private companies. In 2019, Hallie Coyne wrote a paper for The Cyber Defense Review exploring "the significant impact that Snowden's leaks had on the development of the European Union's General Data Protection Regulation (GDPR)—a piece of legislation that has fundamentally changed the nature of data privacy in the EU, and the world over."
That's not to say the GDPR is good legislation. The E.U. has a wide reputation for turning every concern, no matter how justified, into an excuse for heavy-handed bureaucracy. In the current case, Ireland's Data Protection Commission itself preferred to simply order Meta to stop transferring private user data to the United States and objected that a heavy fine "would exceed the extent of powers that could be described as being 'appropriate, proportionate and necessary.'" But the Irish body was overruled by the European Data Protection Board.
The GDPR also hampers innovation with high compliance costs and penalties threatened for new technologies and services that run afoul of the bureaucracy. Undoubtedly, the regulatory gauntlet stifles entrepreneurs and favors the sort of companies, like Meta, that can afford billion-euro fines.
But if the E.U. was destined to be a rule-bound bureaucracy that favors large firms over small competitors, the specific form of its red tape was partially shaped by Snowden's legacy.
The snooping discussion in the United States is rather healthier, if no less frustrating.
"The revelation that the Federal Bureau of Investigation used a foreign-spying tool to search for information about defendants in the Jan. 6 attack on the U.S. Capitol and the 2020 George Floyd protests has set back the Biden administration's effort to win reauthorization of a law it says is a critical tool for national security, lawmakers in both parties said," The Wall Street Journal's Dustin Volz and Byron Tau reported this week. "The law, known as Section 702 of the Foreign Intelligence Surveillance Act, lets the National Security Agency intercept the communications of foreign terrorist or espionage suspects that pass through U.S. telecom and internet companies. But the tool also vacuums up data about American citizens living in the U.S., for instance when they communicate with people overseas."
Section 702 was called out by Edward Snowden for its abuse by snoops to spy on Americans. Several years later, amidst calls for reform, we learned that the National Security Agency "collected more than 150 million records about the phone calls of Americans in 2016" as Reason's Scott Shackford reported. While shocking, that represented a reduction in domestic snooping as alphabet agencies responded to pressure from the public and from some legislators.
It's difficult to know precisely the extent to which the surveillance state still stretches its power to spy on foreign targets to monitor Americans, since the Supreme Court shields much snooping behind arguments that revealing abuses would threaten national security. That's yet another invocation of the "state secrets privilege" that has long concealed misconduct and incompetence. But, as the Journal noted, we do hear enough, on occasion, to remind us of the danger.
"A newly released Foreign Intelligence Surveillance Court (FISC) opinion from April 2022 revealed that the Federal Bureau of Investigation (FBI) has continued to abuse its access to information collected under Section 702 of the Foreign Intelligence Surveillance Act (FISA), including by searching for racial justice protestors, activist groups, and political campaign donors," the Electronic Privacy Information Center specified last week about the recent reports. "The FISC detailed the FBI's 'pattern of conducting broad, suspicionless queries' of information collected under Section 702, a sweeping warrantless foreign intelligence surveillance authority."
In 2023, the surveillance community is engaged in the same misuse of the same powers that Edward Snowden pointed out in 2013. And that's why we're having familiar debates between fans of the security state and those concerned about civil liberties.
"Despite the public outcry, investigations by Congress, pronouncements by President Obama, and federal court rulings. I don't think much has changed," security expert Bruce Schneier wrote in a Snowden retrospective for the Internet Engineering Task Force. "The NSA canceled a program here and a program there, and it is now more public about defense. But I don't think it is any less aggressive about either bulk or targeted surveillance. Certainly its government authorities haven't been restricted in any way. And surveillance capitalism is still the business model of the Internet."
The Electronic Frontier Foundation's Matthew Guariglia, Cindy Cohn, and Andrew Crocker have a slightly more upbeat perspective. They celebrate the end of some abuses, while seeing room for improvement.
"Some things are undoubtedly better–under the intense scrutiny of public attention, some of the National Security Agency's most egregiously illegal programs and authorities have shuttered or been forced to end," they write. "But it's not enough—not even close. There's still much work to be done to rein in our overzealous national security state, break political gridlock, and end the extreme secrecy that insulates some of the government's most invasive tactics."
Ten years ago, Edward Snowden informed the world that the U.S. government and its allies were engaged in mass surveillance against whole populations. While the snoops themselves are now under scrutiny, we have yet to finish the hard work of addressing those privacy violations.
The post Spying Abuses Are Still a Concern, 10 Years After Edward Snowden appeared first on Reason.com.
]]>"This book is born of an anxiety I was feeling, which was this sense that we were leaving pieces of ourselves, in all these different forums, in all these different media," says today's guest, former Reason Senior Editor Kerry Howley, whose new book is Bottoms Up and the Devil Laughs: A Journey Through the Deep State.
"There's a piece of yourself in your email. You're leaving traces in Facebook Messenger and text, and the possibility [exists] that all of these could be reassembled to form an identity that looks like you but is not you," she says. Bottoms Up and the Devil Laughs "tells the story of a young whistleblower named Reality Winner to whom this truly happened. Her life was reassembled by prosecutors in a truly absurd way to suggest that she was a terrorist. And so she is kind of an illustration of that anxiety but also the reality that we're all living in."
Howley is now a staff writer at New York magazine and a multi-finalist for the National Magazine Award, the industry's highest honor, most recently for a profile of anti-abortion activist Marjorie Dannenfelser.
In a wide-ranging conversation about surveillance, privacy, and journalism in an age where nothing we say or write or post ever really goes away, Howley talks about getting inside the mindset not just of whistleblowers like Reality Winner and Daniel Hale but also the people who would lock them up and throw away the keys. We also talk about how her work at Reason and her stint at an openly censored newspaper in Myanmar continues to inform her worldview.
Today's sponsors:
The post Kerry Howley: A Journey Through the Deep State appeared first on Reason.com.
]]>The existence of a drone program was a secret. The legal justification for the drone program was a secret. It was a secret that through a program called SOMALGET the National Security Agency was recording and archiving the content of every single cell phone conversation in Afghanistan, and it remains unknown what percentage of conversations in Pakistan. It was a secret that algorithms then combed through these conversations and routed concerning ones to linguists, who gisted—paraphrased—anything that seemed important. It was not much of a secret, however, to the men on whom they eavesdropped. They knew America was listening, just as they knew that the high-pitched drones above them transmitted video data back to the States, a long-running film of their daily lives. In western Pakistan, men got high on khat over lunch and told dirty jokes while she listened.
My friend's toddler calls shadows "zero" things; the shadow of a hippo is a "zero hippo," the shadow of herself "zero me." A zero America precedes even the name, but after 2001, government in secret was unfathomably well funded. Much of it remains literally hidden: in bunkers underground or in the vast underground netherworld of dystopian Crystal City. But much is hidden by virtue of its ability to blend into a corporate landscape too dull to take in: glassy buildings you float past without processing their existence, mile-long office parks behind straight lines of spindly trees. They have names such as "National Business Park" and "L-3 Communications," names that in their intentional forgettability oppose the purpose of naming; often there is no exterior signage of any kind. Sometimes they are siloed in clusters of bland buildings, but the secret state also dispersed itself amidst extant office buildings. There are floors of D.C. buildings not listed in the lobby's directory. Government agencies few Americans had heard of spent amounts of money few could fathom; the National Geospatial-Intelligence Agency built itself a $1.8 billion facility in the bland suburb of Springfield, Virginia, that, in the literalism prevalent in so much public art and architecture, looked from above—or from a drone—like a giant eye. The head of the Army's intelligence school described all this new construction as being "on the order of the pyramids," but the pyramids are spread over a much smaller geographic area. The "alternative architecture" of secret America, as journalist Dana Priest calls it, extends from D.C. to Tampa to Indianapolis to Salt Lake City to San Antonio and beyond, in landscapes so dull as to seem staged: office parks with ghostly Starbucks and unused gyms flanked by extended-stay hotels. Each secret program established by the government was serviced by an army of contractors hawking technical skills, language skills, data entry; each CEO well aware that a seemingly limitless amount of money was available and oversight nonexistent.
The currency of zero America is the secret, but the currency is degraded. Documents are marked classified for no particular reason, because it's always safest, because they may be potentially embarrassing, because no one takes a document not marked secret seriously. Freedom of Information Act requests have unearthed a fan letter from J. Edgar Hoover to his favorite baseball player, the state of Florida's list of rejected license plates (DRUNK), an agreement between the 2012 movie Battleship and the U.S. Navy in which the Navy is promised 10 DVDs of the movie, the FBI's dictionary of Twitter slang ("L8R G8R" for later, gator). Thousands of new programs absorbed billions of dollars, generating new, mostly banal secrets, plenty of them public information easily gleaned from Google.
John Kiriakou, a CIA analyst based in Virginia, once wrote a paper about Iraqi nuclear weapons and sent it to the Department of Energy, which has its own classification system. As he pressed send, it became illegal for him to access the paper he had written; he did not have the clearance. Kiriakou wanted to tell the president, as the military was preparing to invade Iraq, that someone had had a nervous breakdown. "I knew he had had a nervous breakdown," he told me at his kitchen table in Clarendon, "because I saw the original data, but I couldn't tell anybody that he had a nervous breakdown, because it was so highly classified, so highly compartmentalized. I couldn't put it in writing, because before it gets to the president, it goes through six other people, who wouldn't be cleared for the information." The president never found out; the information hit a dead end with Kiriakou.
Once, a report had come in suggesting that a high-placed Iraqi source was unreliable and unstable. Kiriakou thought the president needed to know, and Kiriakou knew the director of the CIA was about to meet with the president. But he couldn't print out the information—it was too highly classified, there was no print option—or tell the director of the CIA's assistant, who was not cleared, so he remembered the report as best he could, ran up to the director's office, and told him. "Give me the report," the director said. "I'm not going to remember that stuff." Kiriakou said he couldn't print it out. He repeated what he knew, from his memory, three times. The director then repeated what he could remember to the president. Anyone who has played telephone can see the problem, though in this case the original information was later revealed to be false. It's hard to fact-check information when no one can see it.
"I could count on my two hands the times that I used my open telephone in those 15 years," he told me, "because everything is classified, including the classified email system. So I want to meet my wife for lunch, so I send her an email. 'You wanna meet for lunch?' And I classify in secret note form. Why? Because everything is classified. Everything. Like I would have to stop and think, should I really make this unclassified? So eh, fuck it, I'm just gonna say secret note form. That's what everybody does, for everything."
The secret state reveals itself in its need for people with security clearance to sift through emails about inviting one's wife to lunch. On clearedconnections.com, employers based in 47 states try to rustle up cleared candidates; at the time of writing, just one company, Northrop Grumman, had 2,250 job postings. In 2003, two million people had security clearance, approaching 1 percent of the population, which suggests less a security state than a caste system. Checking the backgrounds of so many Americans costs billions more. A zero state that keeps metastasizing would eventually become a world in which the majority are holding secrets from the few remaining people ineligible.
One petabyte of information is equivalent to 20 million four-drawer filing cabinets filled with text. At one intelligence agency, one petabyte of classified data accumulates every year and a half. Sifting through a petabyte of information in a year would require two million employees; around 100,000 people work in intelligence for the government. "There are billions and billions of documents, and there are like 16 people declassifying everything," says Kiriakou. "So the email about meeting my wife for lunch will never be declassified, never."
On a base in New York in 2009, the Army gave a 21-year-old soldier raw war footage from which she was supposed to write reports for the higher-ups. All day long Chelsea Manning watched acts of war take place on a screen and tried to process them. She had access to all sorts of footage taken from above, alongside the recorded voices of soldiers watching it, all in Iraq, where the mission to stop another attack had metastasized. There was a grainy black-and-white video of a Baghdad suburb, seen from a helicopter above, palm trees and low square buildings and hauntingly empty sidewalks. That day in the suburb, men had been shooting at American soldiers. When the men in the helicopter saw Iraqis with various black objects slung over their shoulders gather on a street corner, they got very excited. The Iraqi men walk casually into the frame. Two of them—though the American soldiers do not know this—are journalists stringing for Reuters. One is Saeed Chmagh, a 40-year-old driver and camera assistant with a wife and four children at home. The other, a 22-year-old celebrated photographer named Namir Noor-Eldeen. There are men in the group carrying actual weapons. The journalists carry only cameras. Manning saw what the American soldiers saw from above, and listened to them negotiate the lives of the Iraqis below.
"That's a weapon," says an American voice. "Fuckin' prick."
"Request permission to engage."
"You are free to engage," comes the response.
"All right, we'll be engaging."
"Just fuckin' once you get on 'em, open up!"
They engage. The helicopter shoots 8-inch-long exploding tubes, 10 of them in a second. They weigh—each individual round—a half pound. From the helicopter they whir: duh-duh-duh-duh-duh-duh. The visual disappears behind a cloud of dust and smoke, then resolves into a pile of bodies.
"Keep shooting, keep shooting!"
Mostly, they are still; it seems like less of a firefight than a light switch. Men on, then off. Except, that is, for Saeed, the driver, who, as the smoke resolves, is running along the side of the building.
"I got 'em!"
The Americans laugh.
"I hit him."
Saeed squirms on the ground. His legs are splayed. He's shaking. He is, one suspects, thinking of his children. There are four of his own, but he supports three more, and also the children of his sister, since her husband was killed. He talked about his kids all the time on long drives with journalists.
"Got a bunch of bodies laying there."
"Yeah we got one guy crawling around down there."
"Oh yeah look at those dead bastards."
"Nice."
"Good shootin'."
"Thank you."
"Come on, buddy," says a soldier, as if to Saeed, "All you gotta do is pick up a weapon."
Saeed never had a weapon. But should he pick up what looked like a weapon—the camera—the Americans would have permission to shoot him again.
"We have a van approaching and picking up bodies," says an American.
A van swerves into the scene. A man jumps out to help Saeed and carry his limp body into the van. What the Americans do not see, but is visible should you look for it, are two small heads peeking out the front window on the passenger's side. A little girl and a little boy watch.
"Can I shoot?" asks an American. He's talking about the van.
"Come on, let's shoot!"
Duh-duh-duh-duh-duh.
A smashed mirror flips off the van and falls to the ground. When the van comes into focus again, there's a massive hole in the windshield.
Now it is time for ground troops. A soldier runs from the van with a little girl in his arms. She is 4, and she is bleeding. There is windshield glass lodged in her eyes. The boy, 8, has shrapnel in his brain.
After silence, the voice, again, of the Americans in the helicopter.
"Well, it's their fault," one says, "for bringing their kids into a battle."
"That's right."
The view of Iraq from the sky became so familiar to the soldier that when she was transferred to a base near Baghdad, the layout was known to her. Now it was simply real; one could feel the wind that moved the trees on screen. One could hear the car bombs. But it was just a closer screen. Real and not real. The world she watched all day and the one she emerged into, safe. There's nothing remarkable, after all, about two tiny children irreparably damaged in a war zone. What is new is that she can call up the footage. The soldiers were under surveillance as they killed a man who held not a gun but a camera.
Her workplace was called a SCIF, a sensitive compartmented information facility, but was really a bunch of plywood thrown up on top of a basketball court. She sat at the free throw line, and in all the accounts I have ever read of Chelsea Manning spilling America's most shameful secrets, I have never seen it noted that it was here where it would occur to her to blow the whistle. Security was such that analysts kept passwords on sticky notes stuck to their laptops. Days on the job were long and boring and left plenty of time to dig deep, scanning the system for anything of interest, in a way not dissimilar to other 22-year-olds digging into the internet that happened to be available to them.
"I don't believe in good guys versus bad guys any more," she said, via chat, to the hacker who would eventually betray her. "Only see a plethora of states acting in self-interest, with varying ethics and moral standards, of course, but self-interest nevertheless. I mean we're better in some respects, we're much more subtle, use a lot more words and legal techniques to legitimize everything. It's better than disappearing in the middle of the night, but just because something is more subtle, doesn't make it right. I guess I'm too idealistic." She is a person emerging from adolescence, negotiating the ethical questions, as self-serious as any undergraduate taking a first course in philosophy, realizing that her parents had been wrong about everything, eager to set them straight and convinced that a straight-setting is possible. I am not mocking this moral seriousness and ambition. I miss it.
On leave in D.C. for a bit, she bought women's clothes and rode the Metro with no purpose but to be female in a public space. On the laptop brought from Iraq was classified data illegally downloaded. In the United States, she was surprised to discover how few people were discussing the bloodshed she'd spent all day watching. "There were two worlds," she later said. "The world in America, and the world I was seeing. I wanted people to see what I was seeing."
Zero America was conceived in a time when the legitimacy of the state was assured, unquestioned. But the state's infrastructure was hard and solid and the sense of legitimacy a mist already burning off. The structure would outlast the faith that built it.
Julian Assange established WikiLeaks in 2006. It was a list of links. It was "an uncensorable Wikipedia for untraceable mass document leaking." "We're going to crack the world open," Assange said. He cited Aleksandr Solzhenitsyn and compared himself to academics forced to labor in Russian camps. "True belief begins only with a jackboot at the door. True belief forms when led into the dock and referred to in the third person. True belief is when a distant voice booms 'the prisoner shall now rise' and no one else in the room stands." He released a report about the corrupt president of Kenya. A copy of the British counterinsurgency manual. A cache of emails from a speechwriter to Hugo Chávez. He couldn't get the mainstream media to cover the documents. If he had cracked the world open, no one cared to look down the chasm.
This excerpt is adapted from Bottoms Up and the Devil Laughs: A Journey Through the Deep State by permission of Alfred A. Knopf, an imprint of Penguin Random House LLC.
The post The Degraded Currency of the Shadow Government appeared first on Reason.com.
]]>Abusive government behavior has again been found to be too sensitive to national security to face legal challenges in the court system. Last week, the U.S. Supreme Court declined to review a lower court's dismissal of the Wikimedia Foundation's lawsuit against a National Security Agency surveillance program revealed a decade ago by Edward Snowden. With "state secrets privilege" barring litigation, that leaves upcoming congressional debates over renewal of the law authorizing the program as the only recourse for civil liberties advocates.
"The U.S. Supreme Court today denied the Wikimedia Foundation's petition for review of its legal challenge to the National Security Agency's (NSA) 'Upstream' surveillance program," Wikimedia announced February 21. "Under this program, the NSA systematically searches the contents of internet traffic entering and leaving the United States, including Americans' private emails, messages, and web communications. The Supreme Court's denial leaves in place a divided ruling from the U.S. Court of Appeals for the Fourth Circuit, which dismissed Wikimedia's case based on the government's assertion of the 'state secrets privilege.'"
"This decision is a blow to the rule of law," commented Alex Abdo, of the Knight First Amendment Institute at Columbia University, which worked with Wikimedia and the American Civil Liberties Union (ACLU). "The government has now succeeded in insulating from public judicial review one of the most sweeping surveillance programs ever enacted. If the courts are unwilling to hear Wikimedia's challenge, then Congress must step in to protect Americans' privacy by reining in the NSA's mass surveillance of the internet."
The "Upstream" surveillance program at issue collects "communications 'to, from, or about'" a foreign target designated under Section 702 of the Foreign Intelligence Surveillance Act, according the NSA. In the clearer language of the Electronic Frontier Foundation, "upstream surveillance involves collecting communications as they travel over the Internet backbone, and downstream surveillance (formerly PRISM) involves collection of communications from companies like Google, Facebook, and Yahoo."
As Edward Snowden revealed and the NSA conceded, this broad surveillance may be authorized against foreign targets, but frequently scoops up Americans—often deliberately. "The government is increasingly using these broad and intrusive spying powers in run-of-the-mill criminal investigations against Americans, circumventing their Fourth Amendment rights," the ACLU warned in 2020.
Wikimedia argues that the NSA's surveillance discourages people from using Wikimedia's Wikipedia to research sensitive topics for fear of attracting government attention. The organization points to a 2016 article in the Berkeley Technology Law Journal that reported "a statistically significant immediate decline in traffic for [privacy-sensitive] Wikipedia articles after June 2013, but also a change in the overall secular trend in the view count traffic, suggesting not only immediate but also long-term chilling effects resulting from the NSA/PRISM online surveillance revelations."
But in court, federal attorneys insisted that the NSA's surveillance programs are such secret-squirrel stuff that national security would suffer if the nation's snoops were compelled to explain how their activities can possibly square with constitutional protections for individual rights. The court bought it.
"In a divided ruling on Wednesday, the 4th U.S. Circuit Court of Appeals said that the lawsuit must be dismissed after the government invoked the 'state secrets privilege', which meant that a full exploration of the issue in a court would damage national security," Reuters reported in 2021. That decision was left to stand last week by the Supreme Court.
As I've pointed out before, state secrets privilege has a sketchy history, evolving from bad official behavior after a 1948 plane crash that killed several civilian observers. When the observers' widows sued in United States v. Reynolds, the government argued that information about the plane was too super-secret to be revealed in court (a complete lie concealing official negligence, by the way). The Supreme Court agreed that some things are too sensitive to reveal in legal proceedings and gave officialdom a free pass to invoke the phrase "national security" as a shield against accountability. That disturbs even some modern members of the Supreme Court.
While not entirely questioning the existence of state secrets privilege, it "is no blunderbuss and courts may not flee from the field at its mere display," Justice Neil Gorsuch wrote last year in a dissent joined by Justice Sonia Sotomayor to the majority's invocation of the privilege in United States v. Zubaydeh. "Recent history reveals that executive officials can sometimes be tempted to misuse claims of national security to shroud major abuses and even ordinary negligence from public view."
That case involved detention and torture at a black site in Poland under circumstances the government clearly found embarrassing. The Wikimedia lawsuit involves allegations of widespread domestic snooping that also reflect poorly on the powers that be. Political inconvenience is a lousy reason for preventing legal challenges to unconstitutional and criminal government conduct.
Unfortunately, the Supreme Court's decision leaves little recourse for determining the extent of domestic surveillance by the NSA and seeking its end. The spy agency says it cut back after "inadvertent compliance incidents related to queries involving U.S. person information." But that leaves the public taking the NSA at its word and wondering just what is going on behind the scenes.
Edward Snowden revealed just how far we should trust the intelligence apparatus.
The Foreign Intelligence Surveillance Act's Section 702, which authorizes the Upstream surveillance at issue in Wikimedia's litigation, is up for reauthorization this year, and the NSA very much wants to retain its broad power. It faces calls for reform from civil libertarians outside government, but also from Republicans and Democrats concerned about intrusive spying on Americans.
"While surveilling foreign targets under the Foreign Intelligence Surveillance Act (FISA), the US government collects exabytes of data pertaining to American citizens," Rep. Thomas Massie (R-Ky.) objected earlier this month. "The Constitution requires a warrant to query that vast database for Americans. End warrantless spying now."
Similarly, Sen. Ron Wyden (D-Ore.) has long called for the intelligence community to reveal how many Americans it sweeps up, and for curbs on such snooping.
With litigation against domestic spying thwarted by the invocation of "state secrets privilege," Congress, for all its many faults, may be the last line of defense.
The post SCOTUS Says Domestic Spying Is Too Secret To Be Challenged in Court appeared first on Reason.com.
]]>Former CIA Director and Secretary of State Mike Pompeo will probably run for president.
People call him a "staunch conservative."
In our extended interview, I give him a hard time about that.
"Conservative" once meant promoting limited government. But lately Republicans push new regulations and drive up America's debt by spending more.
Pompeo surprised me by agreeing that, under former President Donald Trump, Republicans spent too much. He surprised me again by saying that entitlements must be cut and that we don't need to spend more on our military. That was refreshing.
Then we talked about the border.
"Immigrants made America," I point out.
"I'm an immigrant," Pompeo responds. "My ancestors came through a legal process. This is the difference."
But today, I point out, the "legal process" for an ambitious person who wants to work is nearly impossible. "You might get in after waiting 12 years!"
"Whatever the rules…you got to enforce it," Pompeo responds.
"Shouldn't we change the rules?" I ask.
"I actually think it's time to take a break," says Pompeo. Today, people apply for asylum and then stay until their request is accepted or denied. When Pompeo was secretary of state, he says he told Mexican officials, "You're not going to have these people traveling in caravans through your country. We're sending them back to you."
President Joe Biden reversed that policy. "You can now see 4 million illegal immigrants in just 24 months," says Pompeo. "This will fundamentally change the nature of our country…drugs came across our borders. There's not much difference between a cartel leader and a jihad leader."
"Why not legalize drugs?" I ask. "Then cartel leaders wouldn't exist!"
"It's a terrible idea," Pompeo responds. "You see the decimation that we have from our drug culture today."
"That's because it's illegal!" I push back.
"It's not," responds Pompeo. "There's too much product available. Family institutions are beginning to fray in ways that are fundamentally dangerous to the United States."
His answer makes no sense. Families fray, and drugs are shipped despite our drug war. The war creates a black market that causes crime. There are no alcohol "cartels," only because we ended Prohibition.
But I won't convince Pompeo. Or you, probably.
I ask Pompeo why America needs 54,000 troops in Japan and 36,000 in Germany. "We won those wars! Now those countries should defend themselves."
Xi Jinping is the "singular greatest threat in the history of our nation," says Pompeo. If we bring all the troops home, that will "put the American people at enormous risk."
Pompeo calls Edward Snowden "a traitor" who should be executed. Snowden stole documents from the National Security Agency that showed how our government illegally spied on Americans.
I call Snowden a hero for risking his freedom and career to reveal the truth.
Pompeo says secrets Snowden revealed endangered Americans. But our spies often exaggerate their importance. For instance, the NSA claimed its mass surveillance stopped 54 terrorist attacks. Then the number dropped to seven. Then government reviews concluded that mass surveillance did not stop a single attack.
"You can't just steal American secrets," says Pompeo. "If you find something illegal, there is a process to correct it."
But people who used that process had their homes raided—their careers ended. I understand why Snowden sneaked out of the country.
Another area where Pompeo and I disagree is Trump's tariffs.
"Tariffs mainly punish the American consumer," I point out. Tariffs make goods more expensive.
"Tariffs are a very blunt instrument," acknowledges Pompeo, but they "solve a very real challenge. How is it you prevent an adversarial nation from screwing you in their trade relationships?"
The Chinese do cheat. They steal intellectual property. But tariffs haven't stopped that. The Chinese also foolishly subsidize some industries. But so do we!
Free trade benefits everyone. That's one reason I'm a libertarian.
Pompeo does want to cut government. Why isn't he a libertarian?
"I grew up libertarian," he says. "The idea of less government power being better for the American people is something that is very near and dear to my heart."
COPYRIGHT 2023 BY JFS PRODUCTIONS INC.
The post Mike Pompeo Says He 'Grew Up Libertarian' appeared first on Reason.com.
]]>The National Security Agency (NSA) is urging Congress to renew its secret surveillance authorities before they expire at the end of the year. Split control of Congress provides an excellent opportunity for lawmakers to take the time to reform these laws so that American citizens have stronger protections from unwarranted snooping that's supposed to only be used to track foreign spies and terrorists.
On Thursday, NSA Director and Army Gen. Paul Nakasone spoke at a virtual panel discussion presented by the U.S. Privacy and Civil Liberties Oversight Board to urge the renewal of "one of the U.S. government's most important intelligence authorities." He's referring to Section 702 of the Foreign Intelligence Surveillance Act (FISA). FISA authorizes the NSA to engage in secret surveillance to keep track of potential foreign threats, overseen by the Foreign Intelligence Surveillance Court, which is supposed to make sure that Americans' Fourth Amendment protections against warrantless snooping are honored.
Or that's the ideal, anyway. In reality, particularly in the wake of 9/11, the NSA has repeatedly been caught secretly collecting and tracking far more domestic data than Americans had been told. Section 215 of the USA PATRIOT ACT, passed in 2001, also fueled the secret collection of Americans' online communications and phone records. The extent of the surveillance was partly exposed by Edward Snowden's leaks in 2013, and since then there's been significant political debate over and some modest reforms of these authorities to better protect Americans' data privacy.
We also can't talk about federal surveillance authorities anymore without talking about the federal investigation surrounding President Donald Trump over whether he or his aides had been compromised by Russian interests on the campaign trail leading up to the 2016 election. We've subsequently learned that the FBI had submitted misleading warrant applications to the Foreign Intelligence Surveillance Court in order to get authorization to wiretap former aide Carter Page. Then we learned that the FBI regularly does a lousy job of properly documenting most of the warrants it submits to the Foreign Intelligence Surveillance Court when asking for permission to snoop on Americans and misuses these authorities to investigate domestic crimes, not foreign espionage.
That surveillance was different from the surveillance authorized by Section 702, but nevertheless, what happened with Page and Trump has caused a greater number of Republicans to be more critical and invested in limiting the power to snoop on Americans. There had always been a handful of Republicans concerned—Sen. Rand Paul (R–Ky.) regularly drew attention to the Fourth Amendment issues at play when Barack Obama was president and long before Trump ever decided to run. But many Republican lawmakers prior to Trump were happy cheerleaders for NSA surveillance, as were many Democrats. There was a small core of bipartisan opponents and critics, but they were typically greatly outnumbered by supporters.
Trump changed that math, and ultimately that's good for American citizens. Trump is, however, part of the reason why Section 702 is still a problem. Despite expressing anger on Twitter about FISA surveillance and the snooping of his staff, he and Republicans nevertheless approved the renewal of these Section 702 authorities in early 2018. In the process, Trump and his Republican allies rejected a bunch of proposed reforms, including one requiring warrants to access any data the NSA incidentally collects from Americans.
But by the end of Trump's term, he was less willing to support the surveillance status quo. As data collection authorities permitted by the USA Freedom Act (which replaced the surveillance authorities once granted by the USA PATRIOT ACT) were set to be renewed in 2020, Trump threatened to veto a renewal bill. Again, some reforms had been proposed but then blocked by the Senate that would have better protected Americans from secret surveillance. But once Trump made his threat, Republicans who had previously voted for renewal changed their stance, and, suddenly, it didn't have enough votes to pass at all. Those authorities ended up sunsetting.
And so, then, the current lack of trust in government and the polarized relationship between the two parties actually makes the prospect of further reforms more possible than it might have been before. Because political party control over both the House and Senate is so narrow, that bipartisan group demanding reform has more power to stop renewal if reforms don't happen. Negotiation may be necessary.
"The American people and indeed people all around the world have lost the ability to have a private conversation over digital networks," Cindy Cohn, executive director of the Electronic Frontier Foundation, said during the panel discussion. Now is a great time to amend Section 702 to make sure that Americans have the proper protections against warrantless federal surveillance.
The post A Politically Split Congress Can Perhaps Fuel Federal Surveillance Reforms appeared first on Reason.com.
]]>A year ago, the U.S. military withdrawal from Afghanistan was underway after 20 years of war. In February, we marked a year since President Joe Biden's announcement that the U.S. would no longer support "offensive operations" by the Saudi-led intervention in Yemen's civil war, and come December, we'll hit the one-year anniversary of the (most recent version of the) end of the U.S. combat mission in Iraq.
But those milestones don't tell the whole story. A year ago, I worried in a post at The Week that U.S. intervention in Afghanistan wouldn't meaningfully end when our troops left Afghan soil. Even without a residual force, "over the horizon" strikes—like the one that killed Al Qaeda leader Ayman Al-Zawahiri in July—could continue apace. But so far, it appears my worry was largely misplaced. Data from Airwars, which tracks U.S. strikes using independent reports as well as official acknowledgments, shows the Biden administration has dramatically wound down the drone war and other airstrikes, not only in Afghanistan but across the greater Middle East.
Then there's the new intelligence assessment which came out this week. It reflects the consensus of the U.S. intelligence community and indicates that Al Qaeda "has not reconstituted its presence in Afghanistan" in the 12 months since American forces left. Indeed, there are "fewer than a dozen al Qaeda 'core members'" left in Afghanistan, CNN reported. The terrorist organization that perpetrated the 9/11 attacks no longer has "a capability to launch attacks against the U.S. or its interests abroad from Afghanistan."
And though the 2024 presidential race isn't underway quite yet, it's curious to note how absent counterterrorism and its associated wars are from the nascent contest. This is not simply the short shrift that foreign policy is habitually issued for these events; former President Donald Trump, for example, talked about wars and terrorism and murdering terrorists' innocent family members regularly during his 2016 campaign. But now, as a Washington Post analysis of his recent rally themes suggests, those topics are rarely on his radar. Biden, meanwhile, has been remarkably quiet about his own achievement in decimating the drone war.
Taken together, this all feels like a significant shift. At the risk of jinxing things, it seems like we may have come to the end of the post-9/11 era of American foreign policy. My entire political life has taken place in the shadow of 9/11 and the excesses of Washington's response to the horrors of that day, so I make this suggestion with caution. Still, it seems as though we may be at the start of something new, with new challenges to address and, of course, new warnings against hubris, inhumanity, and imprudence to issue.
But the old era, if indeed on its way out, is not quite gone yet. The authorizations for use of military force (AUMFs) which initiated the wars in Iraq and Afghanistan—and were later stretched to provide implausible legal cover for a host of other military interventions Congress never directly approved—remain in force. These should be formally repealed so that Biden and future presidents alike must clear at least the hurdle of a vote in our usually feckless Congress if they want to expand the U.S. military presence in the Middle East again.
Relatedly, Biden's more stringent rules for approving drone strikes are an improvement over the loose approach of the Trump administration and the higher civilian casualty counts it helped produce. But those rules aren't law. They're executive guidance that can be immediately altered by the next president—which could well be Trump or another Republican with a similarly nonchalant mindset about bombing children and innocent civilians. While his party has a majority in both houses of Congress, Biden should seek to codify a more careful approach in actual law.
He should also more fully end Washington's forever wars and forever semi-wars, copying the complete withdrawal from Afghanistan in Iraq, Somalia, Syria, Yemen, and the many African countries with U.S. boots on the ground. Though Biden ended the combat mission in Iraq, a residual U.S. force of several thousand is still there in an advise-and-assist role; hundreds of U.S. troops are likewise still working in Somalia and Syria; and the Yemen policy shift is not as sweeping as Biden's obfuscatory rhetoric made it sound. All of these are points of small but needless risk that could lead to reescalation, and in Yemen, U.S. involvement continues to facilitate a criminal coalition intervention which has contributed considerably to the most acute humanitarian crisis on the planet.
Finally, leaving the post-9/11 era behind should include domestic policy updates, too, because the war on terror was never just limited to foreign policy. In February, we learned the CIA has conducted National Security Administration–style warrantless mass surveillance, including of Americans, in the name of fighting terror, and since then…nothing happened? We never even got all the details on what this unconstitutional spying entailed. Also overdue for serious reform (if not total abolition) is the Transportation Security Administration, which continues to be a cruel and demonstrated incompetent imposition on Americans' privacy rights. It's security theater justified by a wildly unrealistic risk assessment, and it should follow other vestiges of the post-9/11 era out the door.
The post Welcome to the Post-Post-9/11 Era appeared first on Reason.com.
]]>This week, in response to the leaked draft of an opinion by Supreme Court Justice Samuel Alito that would overturn Roe v. Wade, Vice President Kamala Harris issued a warning about the dangers posed to Americans' rights in the absence of firm protections for privacy. It was a strongly worded statement of principled support for people's rights to make personal decisions and shield their lives from state interference. Of course, as with all matters of principle, if taken seriously Harris's words have implications far beyond the specific issues at hand.
"The rights of all Americans are at risk," Harris responded to the leaked draft. "If the right to privacy is weakened, every person could face a future in which the government can potentially interfere in the personal decisions you make about your life."
"Roe ensures a woman's right to choose to have an abortion," she added. "It also, at its root, protects the fundamental right to privacy."
As a supporter of bodily autonomy and of choice on abortion, I couldn't agree more. Other people, libertarians included, come to different conclusions, but I see choice as a "subset of the venerable and longstanding right of bodily integrity," in Damon Root's words. But if the right to choose whether or not to carry a pregnancy to term is a subset of a larger right, that means the same concerns must necessarily apply in many more areas of life.
"The Centers for Disease Control and Prevention (CDC) bought access to location data harvested from tens of millions of phones in the United States to perform analysis of compliance with curfews, track patterns of people visiting K-12 schools, and specifically monitor the effectiveness of policy in the Navajo Nation," Vice reported the same day the vice president endorsed the right to privacy. The data was purchased with the COVID-19 pandemic used as a justification, but the CDC had more general uses in mind that could continue into the foreseeable future.
The CDC is hardly the first government body to track people's movements through their cellphones; the FBI, Immigration and Customs Enforcement, Border Patrol, and other federal, state, and local agencies do the same. The data they purchase is supposed to be anonymous, but it's not difficult for officials to connect cellphone movements to actual people unless those targeted take steps to shield their identities.
In broad terms regarding such tracking, but especially after pandemic-fueled debates about contact tracing, vaccine mandates, and monitoring those who haven't had the shot, it's refreshing to hear Harris concede that "If the right to privacy is weakened, every person could face a future in which the government can potentially interfere in the personal decisions you make about your life."
And why stop there?
"A new transparency report from the Office of the Director of National Intelligence (ODNI) shows that from December 1, 2020, to November 30, 2021, the FBI used its Foreign Intelligence Surveillance Act (FISA) powers to search the communications of up to 3,394,053 Americans without a warrant," Reason's Elizabeth Nolan Brown wrote just last week.
What makes the report even more mind-boggling is that it comes after years of such stories of domestic surveillance by the CIA, the FBI, and, of course, the NSA as famously revealed by Edward Snowden. All of this internal snooping has been justified by the bogeyman of the moment, whether radical-Islamist terrorists post-9/11, or "domestic extremists" in the current environment of national fracture. Inevitably, it results in violations of the civil liberties of the designated enemy of the moment.
"Infringing upon constitutionally-given freedoms in the name of national security is not limited to the Muslim Americans in the present day; rather, practices including the use of confidential informants, undercover operations, and entrapment are part of the history of surveillance operations conducted by U.S. law enforcement," Oxford University's Sara Kamali pointed out in a 2017 article for Surveillance and Society.
So, again, it's heartening that a high official reminds her colleagues that "if the right to privacy is weakened, every person could face a future in which the government can potentially interfere in the personal decisions you make about your life."
Personal decisions are, necessarily, personal and can cover extremely sensitive issues such as our taste in intoxicants and our ownership of the means of self-defense. These are both matters that, if exposed to government scrutiny, can make people targets for abusive officials.
"Like too many jurisdictions, Hawaii requires gun owners to register their firearms," I noted in 2017. "Also like an excess of other control-freaky places, the state requires medical marijuana users to register themselves with the state Department of Health.… Honolulu residents who legally complied with requirements that they enter themselves in both registries have received threatening letters signed by officials including Honolulu Police Chief Susan Ballard." The letters informed recipients that they weren't allowed to own guns so long as they used marijuana.
Under public pushback, Hawaii officials seem to have quietly softened the rules a bit, allowing cannabis users to keep existing firearms but not purchase new ones. But the whole issue would be better addressed by denying government officials knowledge of who uses marijuana, owns guns, or any other potentially sensitive topic. The situation is a demonstration of the validity of Kamala Harris's warning that "if the right to privacy is weakened, every person could face a future in which the government can potentially interfere in the personal decisions you make about your life."
And in what area of life is our privacy more regularly invaded by the state than in our finances? In order to seize a sizeable chunk for the government, the IRS forces us to disclose our wages and other income, and delves into our dealings with businesses, banks, and (when it can) each other. Even so, nosy and cash-hungry officials always want more information so they can try to take a bigger cut.
"Imagine living in a world where every one of your non-cash financial transactions—a restaurant meal, a Venmo transfer to a friend, maybe some bitcoin bought on the dips—was automatically reported to a beefed-up, audit-hungry IRS," Reason's Matt Welch cautioned last year about Biden administration proposals to further expand domestic financial surveillance.
Again, we would be so much better off if we took seriously the vice president's words about protecting the "rights of all Americans." Let's welcome her endorsement of privacy protections as a shield against government interference in our personal decisions. As we do so, let's apply those protections against the state as widely as possible.
The post Is Kamala Harris Serious About Privacy Rights? appeared first on Reason.com.
]]>After narrowly avoiding a government shutdown by passing a stopgap funding bill on Friday, Congress faces what could be a packed schedule in the final weeks of the year.
Or it could end up doing not much of anything (*fingers crossed*).
The end-of-year scramble will kick off this week with an expected House vote on the annual National Defense Authorization Act (NDAA). Though the military spending package usually sails through Congress with little more than token resistance, there are a few possible stumbling blocks popping up in the Senate, The Wall Street Journal reports.
Some Republican senators are reportedly threatening to withhold support for the package unless it includes a provision that would complicate Russia's completion of the Nord Stream 2 natural gas pipeline in the Baltic Sea as a way to deter a feared Russian invasion of Ukraine. Another group, led by Sen. Marco Rubio (R–Fla.) wants to include language that would block American imports of goods produced in forced labor camps in China's Xinjiang region, where members of the Uyghur ethnic group are being systematically repressed.
After the NDAA starter course, we'll find out if the Democrat-controlled Congress has an appetite for finally passing President Joe Biden's $2 trillion (or $4 trillion, depending on how you count) social spending plan. Negotiations over the "Build Back Better" plan have been a dominant storyline in Washington nearly the whole year, but Democrats have been unable to cobble together the necessary votes—in no small part because of defections from within their own ranks.
Sinema's ringtone "is the refrain from a song in the musical 'Hamilton' that includes the lyrics 'you don't have the votes.'" https://t.co/E9DDmaqGll
— Igor Bobic (@igorbobic) December 2, 2021
We'll also have to prepare for another showdown over the debt limit. A short-term deal struck in October to raise the debt limit—which authorizes the Treasury to borrow funds to pay for already-approved spending—expires on December 15. Politico reports that some lawmakers are considering rolling the debt limit increase into the NDAA, but that might do little more than convince Republicans to vote against the measure. Then again, most Republicans are likely to vote against the debt limit increase no matter what form it takes.
And the fight over vaccine mandates could spill over into Congress as well. Sen. Joe Manchin (D–W.Va.), a key swing vote, tells Politico that he supports Sen. Mike Braun's (R–Ind.) attempt to use the Congressional Review Act to strike down the Biden administration's vaccine mandate for private businesses. (The mandate is currently on hold per an order from the U.S. Court of Appeals for the 5th Circuit, which is reviewing the case in more detail.)
Oh, and that stopgap funding bill passed on Friday to avert a government shutdown? It lasts for just 11 weeks—so we'll be doing that all over again in mid-February.
"I am not a traitor. I am not a spy. I am somebody who only acted out of love for what this country stands for," Reality Winner told 60 Minutes on Sunday night in her first televised interview since being released from prison.
Winner, a former National Security Administration (NSA) contractor who leaked documents to The Intercept about Russia's attempt to hack into voting systems during the 2016 presidential election, was given the longest prison sentence ever applied to a civilian under the Espionage Act. In a sometimes-tearful conversation with CBS's Scott Pelley, Winner defended her decision to smuggle documents out of the NSA facility in Fort Gordon, Georgia, in 2017—a defense she did not get to offer in court—and about her physical and mental struggles during four years in prison.
"I've had four years of just trying to say: 'I'm not a terrorist,' " says Reality Winner, who was released from prison in 2021 after serving a sentence for leaking a classified document about Russian election interference. https://t.co/znMRS80mhH pic.twitter.com/hmfggcvZA8
— 60 Minutes (@60Minutes) December 6, 2021
Watch the whole interview here.
San Francisco will delay the implementation of a new Cannabis Business Tax in order to give legal pot shops a chance to compete with the black market.
The tax, applied at a rate of between 1 percent and 5 percent on gross sales (the rate rises as the volume of sales do), was supposed to go into effect in January. Instead, it will be suspended until the end of 2022. California's taxes on legal marijuana sales are already some of the highest in the country, and those taxes have made it difficult for legal sellers to supplant a robust (and untaxed) black market.
This is the kind of thing I dreamed about as a young libertarian. What a time to be alive!https://t.co/Oj0AJLkzfV
— Alex Tabarrok (@ATabarrok) December 5, 2021
• Reason's annual Webathon is ongoing! If you've enjoyed all the free content we've put out supporting free minds and free markets, please consider donating.
• Bob Dole, the World War II vet, longtime senator from Kansas, and 1996 Republican presidential nominee, died Sunday at age 98.
• "American public education is broken," writes Michael Bloomberg, the billionaire former mayor of New York City. He will donate $750 million to help expand charter schools in 20 big cities.
• More evidence that the omicron variant could be more transmissible but less dangerous: It shares genetic traits with the common cold.
• Amazon is bypassing some of the supply chain chaos by manufacturing its own containers and chartering cargo planes.
• The "good old days" weren't actually all that good—but they're still screwing with our politics.
• Inflation is becoming a global problem.
• Saturnino Orestes Armas "Minnie" Minoso Arrieta, who played major league baseball from 1946 until 1980 (yes, really) and was one of the sport's first Cuban stars, was finally elected to the hall of fame.
• Nailed it:
Public health experts' communication about the vaccine booster be like pic.twitter.com/IqzR2VGLZI
— Khoa Vu (@KhoaVuUmn) December 5, 2021
The post After Avoiding a Government Shutdown, What Will Congress Do With the Waning Days of 2021? appeared first on Reason.com.
]]>For nearly a decade, activists have been trying to get the federal government to determine how much a secretive surveillance court can keep its conclusions out of the public eye. Today the Supreme Court declined to hear the case.
Since 2013, the American Civil Liberties Union (ACLU) has been filing motions to get the federal Foreign Intelligence Surveillance Court (FISC) to release secret opinion connected to the collection of Americans' communications data. The first motions began after Edward Snowden's disclosures that the National Security Agency (NSA) was using Section 215 of the PATRIOT Act to scoop up millions of Americans' internet and phone records, without warrants and without the targets' knowledge, allegedly as part of the post-9/11 war on terrorism.
Much of what the FISC, authorized by the Foreign Intelligence Surveillance Act, does is classified, because part of its purpose is to permit the covert observation of people who may represent a threat to national security. But another part of the court's purpose is to make sure that Americans are protected from unauthorized secret surveillance. Snowden's disclosures suggested a breakdown in those protections.
The ACLU hoped to uncover the legal justification for this use of the PATRIOT Act. When Section 215 was replaced by the USA Freedom Act in 2015, the group filed a new motion under the new guidelines. And in April of this year, the ACLU, along with the Knight First Amendment Institute at Columbia University and the law firm Gibson Dunn, filed a petition to the Supreme Court asking the justices "to recognize a First Amendment right of public access to the FISC's opinions—ensuring that the opinions are released with only those redactions necessary to prevent genuine harm to national security."
In this morning's orders, the Supreme Court declined to consider the argument. The justices didn't explain why they turned it down, which is typical. But Justice Neil Gorsuch penned a notable dissent that was joined by Justice Sonia Sotomayor.
The federal government has argued that because these reports are so heavily classified, it's the sole province of the executive branch—not the judicial branch—to determine what may be released. Indeed, it has argued that the judicial branch doesn't have any role to play in this process at all (aside from FISC, which has ruled that it doesn't have the authority to consider whether reports should be released). This did not sit well with Gorsuch, who writes:
This case presents questions about the right of public access to Article III judicial proceedings of grave national importance. Maybe even more fundamentally, this case involves a governmental challenge to the power of this Court to review the work of Article III judges in a subordinate court. If these matters are not worthy of our time, what is?
The ACLU and Knight First Amendment Institute put out a joint release expressing disappointment at the court's rejection of the petition.
"The Supreme Court has left in place a system that makes informed public debate about government surveillance exceedingly difficult," writes Alex Abdo, the Knight Institute's litigation director. "Without access to the FISC's opinions, the public cannot evaluate the powers that the government's surveillance agencies are exercising in its name. The FISC shouldn't be exempt from the constitutional right of access that applies to other courts. It's past due for the Court to establish this principle."
In the meantime, we'll have to keep relying on the whistleblowers.
The post Supreme Court Rebuffs Attempt To Open Up Access to Classified FISA Court Reports appeared first on Reason.com.
]]>Well before the terrorist attacks on September 11, 2001, U.S. officials had plenty of reasons for paying close attention to Al Qaeda. In addition to the 1998 bombings at the U.S. embassies in Nairobi, Kenya, and Dar es Salaam, Tanzania, and the 2000 attack on the USS Cole, Osama bin Laden had made his hatred of the United States well-known in a series of interviews and grandiose statements going back to 1995.
Given this long history, and given the ample evidence that Al Qaeda posed a threat to Americans, Washington's failure to stop the attacks has been a source of considerable attention and consternation. As with so much in intelligence collection and analysis, the central challenge is in separating the signal from the noise.
The 9/11 Commission report identified a series of opportunities to disrupt the 9/11 attacks, laying much of the blame on a lack of coordination and communication between the CIA and FBI, with some additional criticism leveled at the National Security Agency. In particular, the report focused on 10 instances from January 2000 to August 2001 when information regarding Khalid al Mihdhar and Nawaf al Hazmi, two Saudi nationals residing in the United States, should have been shared between the CIA and FBI. Mihdhar, Hazmi, and three others hijacked and crashed American Airlines Flight 77 into the Pentagon on September 11. When the Department of Justice's Office of the Inspector General reviewed how the FBI handled intelligence before 9/11, it dedicated a chapter to information related to Mihdhar and Hazmi. According to these and other studies, a combination of bureaucratic impediments and personality clashes impeded efforts that might have complicated, or even thwarted, Al Qaeda's nefarious plans.
Lawrence Wright's The Looming Tower, for example, focuses on the turf battles between Alec Station (the CIA's Bin Laden unit headed up by the mercurial Michael Sheuer), the FBI counterterrorism guru John O'Neill, and White House advisor Richard Clarke. O'Neill had left the New York FBI office just prior to the attacks and taken a job as head of security at the World Trade Center. He was killed on 9/11, but both Scheuer and Clarke wrote books generally celebrating their role in trying to stop the attacks and faulting those who didn't listen.
Numerous other books, articles, and documentaries by more objective and disinterested observers have explored the CIA versus FBI story too. One of the first post-9/11 accounts, The Cell, even put it in the subtitle: Inside the 9/11 Plot, and Why the FBI and CIA Failed to Stop It.
Some serious and seasoned observers anticipated that the failure to share information within the sprawling national security apparatus could expose the United States to preventable dangers. In May 2001, President George W. Bush tapped Brent Scowcroft to head up a 12-member commission to assess the intelligence community and make recommendations for reform.
According to Scowcroft biographer Bartholomew Sparrow, the commissioners concluded that post–Cold War budget cuts contributed to low morale within the intelligence agencies prior to 9/11. Quoting from interviews with several commission members, Sparrow writes in The Strategist: "There was a general recognition that 'the whole concept of central intelligence had broken down. And largely because of budgetary reasons,' because the Department of Defense 'controls so much of the budget.'"
But Scowcroft also sensed that the intelligence agencies were focused on the wrong threats. "At the review board's first meeting," in July 2001, "Scowcroft said that terrorism had to be the nation's highest national security priority, but that the United States had not yet come to grips with the matter." The 9/11 Commission reached a similar conclusion. "The specific problems" associated with poor coordination and communication, the commissioners wrote, "are symptoms of the government's broader inability to adapt how it managed problems to the new challenges of the twenty-first century."
Scowcroft, the only person to have served as National Security Advisor to two different presidents, presented his recommendations to Vice President Dick Cheney in August 2001, and then returned about a month after the 9/11 attacks with a similar message. As Ron Suskind wrote in The One Percent Doctrine: "Knowing what we need to know, when we need to know it, Scowcroft said to Cheney, would mean rethinking the nature of intelligence. The intelligence function was now parceled out among a wide array of agencies, and intelligence services of the military branches." Scowcroft's conclusion: "We need a massive intelligence research library."
That isn't exactly how it played out. For one thing, the competition between the CIA and the Pentagon continued, with the latter winning many of the battles. While the intelligence agencies' budgets ballooned after 9/11, the Department of Defense grew even more. Meanwhile, the creation of a new office—the director of national intelligence—to coordinate among the various intelligence agencies engendered resistance. The post-9/11 reorganization of the various counterterrorism and homeland security agencies remains a work in progress.
Some impediments to information-sharing were there for good reason. Former CIA General Counsel Jeffrey Smith advised just after 9/11 that it would be "premature to conclude" that "rules and regulations, which have been designed to constrain the activities of an intelligence agency in a democracy…need to be thrown out just because of this one terrible intelligence failure."
He noted that Congress was already enacting new laws, and relaxing earlier restrictions to, for example, "make it easier….[to use] wiretaps to collect information," and to make that information "available to the intelligence community for foreign intelligence purposes." Smith thought these changes were appropriate, but he warned that the prior regulations "were put in place for good and valid reasons at the time. They have worked to protect the rights of American citizens, because we are still worried about an overreaching national security and law enforcement apparatus. And we're still worried about protecting American rights under the Fourth Amendment. We can move too quickly; we can move the line too far in the wrong direction, and find that we are abusing the rights of Americans."
Some now question whether the costs of U.S. counterterrorism efforts, writ large, were offset by the benefits. These include the abuses visited upon American Muslims and others. They also include the opportunity costs—how focusing on foreign terrorists, for example, may have prevented us from seeing other threats.
As we assess the counterterrorism measures instituted after 9/11, we should beware of post hoc, ergo propter hoc reasoning. Immediately after 9/11, Americans expected there to be a wave of similarly spectacular terrorism incidents. Because that didn't occur, some have concluded that those measures must be why. But that isn't necessarily the case: We may have misinterpreted 9/11 as a harbinger, when it was really just an outlier. John Mueller and Mark Stewart have suggested that the enormous effort by the CIA and FBI to find terrorists since 9/11 mostly amounted to "chasing ghosts." Mueller's running database of the known terrorist cases in the United States since 9/11 suggests that there is a fine line between diabolical and delusional; some would-be terrorists don't deserve to be taken seriously.
In short, making it easier for the feds to find a needle in a haystack may mostly reveal lots of unthreatening hay.
The post Could the CIA and FBI Have Stopped 9/11? appeared first on Reason.com.
]]>In the wake of the 9/11 attacks, the United States invaded and occupied two countries, bombed four others, helped create 21 million refugees and cause over 800,000 deaths, and spent over $6 trillion on combat and anti-terrorism measures. Republican and Democratic presidents and congressional leaders authorized sweeping new initiatives that effectively put all American citizens under surveillance.
Even as the United States has left Afghanistan, ending our longest war, many of the programs and mindsets born out of events 20 years ago are still firmly in place. In Reign of Terror, national security reporter Spencer Ackerman argues that the war on terror also profoundly destabilized American politics and helped to produce the Donald Trump presidency by stoking fears of a racialized Other. "The longer America viewed itself as under siege," he writes, "the easier it became to see enemies everywhere."
He talks with Reason's Nick Gillespie about how a coalition of libertarians and progressives can work to stop ongoing government surveillance and military interventionism underwritten by overwrought fears of Islamic terrorism.
Edited by Ian Keyser. Intro by Paul Detrick. Interview by Nick Gillespie.
Photos: Randy Taylor/ZUMAPRESS/Newscom, GORAN TOMASEVIC/REUTERS/Newscom
The post Biden Won't End the Warfare-Surveillance State appeared first on Reason.com.
]]>In less than two months after terrorists brought down the Twin Towers, Congress passed the USA PATRIOT Act, granting federal law enforcement and intelligence agencies expanded authorities to engage in surveillance to hunt down suspected terrorists.
The bill sailed through Congress. The House of Representatives voted 357-66 to pass it. Then-Rep. Ron Paul (R–Texas) was one of only three Republicans to oppose it. In the Senate, only one senator, Russ Feingold (D–Wis.), voted against it.
In a speech on the Senate floor, Feingold warned against compromising our own civil liberties as we pursued Osama bin Laden and others who might mean Americans harm. He took note of the many, many times in America's history where the government chose security over liberty and the results were not pretty:
There have been periods in our nation's history when civil liberties have taken a back seat to what appeared at the time to be the legitimate exigencies of war. Our national consciousness still bears the stain and the scars of those events: The Alien and Sedition Acts, the suspension of habeas corpus during the Civil War, the internment of Japanese-Americans, German-Americans, and Italian-Americans during World War II, the blacklisting of supposed communist sympathizers during the McCarthy era, and the surveillance and harassment of antiwar protesters, including Dr. Martin Luther King Jr., during the Vietnam War. We must not allow these pieces of our past to become prologue.
Twenty years after the Sept. 11 attacks, we can see now that Feingold's warnings were on point (as were many warnings by many civil liberties experts). The USA PATRIOT Act ultimately led to a massive federal campaign of internal domestic surveillance that, when revealed, outraged many Americans even as government officials attempted to downplay and mislead citizens about what was happening.
Edward Snowden became a household name for good reason. In 2013, Snowden, a military intelligence contractor, leaked classified documents showing how the National Security Agency (NSA) was using the authorities of the USA PATRIOT Act to collect massive reams of communication data not just from suspected terrorists but from millions of Americans as well. Government officials (when they weren't lying to Congress about the existence of the program) downplayed what the NSA was doing. President Barack Obama responded to the outrage by insisting, "Nobody was listening to your phone calls."
But what the government was doing was collecting lots and lots of information about everything else related to those calls. The term "metadata" slid into the popular lexicon. Metadata refers to all the information about a communication outside of the actual contents of it—who people call, when, and where they are when they do so. One of the lessons Americans learned about all this domestic surveillance was how easy it is—as communications technology over the past two decades turned our phones and personal devices into actual computers—for the government to keep track of your behavior even when they aren't listening to your phone calls. Did you call a clinic that provides abortions? A person with a criminal history of dealing drugs? A leader of an organization with a history of protesting government behavior? Metadata collection allowed the government to collect all of this information about citizen behavior absent any suspicion of a crime or an individualized warrant, bypassing the protections of the Fourth Amendment entirely.
One man apparently shocked by the breadth of this surveillance was Rep. Jim Sensenbrenner (R–Wis.), the man responsible for authoring the PATRIOT Act in the first place. Sensenbrenner did not intend for Section 215 of the PATRIOT Act to allow for mass, warrantless collection of records of millions of Americans. He blasted the Department of Justice under the Obama administration for interpreting it that way, pointing out that the records of every American's phone calls are assuredly not relevant to any investigation of terrorism.
But the genie is not going back into the bottle easily. Section 215 of the PATRIOT Act did finally expire, replaced by the USA Freedom Act, which formalized some of these surveillance tools but added restrictions. NSA has since said that it is no longer collecting all of this data, and, by 2020, their authority to do so formally expired. It has never been shown to assist them in catching any terrorists.
Nevertheless, fear of terrorism has been used all this time and continues to be used to try to scare the public into making it easier for the government to snoop on them. The technology used to track terrorists' location data through their phones can and is used to track citizens through the commandeering of cell tower signals. The same thing has happened with facial recognition software. So-called Department of Homeland Security "fusion centers" formed in the wake of Sept. 11 were sold to the public as information clearinghouses between the feds and local police departments that allow them to better communicate with each other about potential terrorist threats. In reality, a Senate report from 2012 found no examples where they helped uncover a potential terrorist threat. Instead, there have been examples of these centers snooping on domestic activist groups and protests.
In recent years, fears of terrorism have been used by police and lawmakers to attack encryption, particularly end-to-end encryption, which helps protect the privacy of data on your computers, phones, and tablet devices. Encryption makes it harder for hackers and criminals to access your data. It also makes it harder (if not impossible) for the government to access your info without your knowledge or permission.
When two Muslim homegrown terrorists killed 14 people in an attack in San Bernardino, California, in 2015, the FBI attempted to force Apple to disable the phone's security to access the data within. The feds did have a warrant to search the phone, but Apple declined to assist, arguing that undermining their own encrypted security system via what's known as a "back door" would create security risks for users. Eventually, the FBI was able to turn to a third party to hack into a phone, which turned out to not have any information relevant to the attack stored on it.
Nevertheless, the war on terror has been invoked repeatedly by police, prosecutors, and lawmakers as a reason why tech companies should be required to allow for these back doors to allow officials access to data. Tech companies, privacy rights advocates, and cybersecurity experts are all pretty much in agreement here: Encryption back doors are very, very bad. There is no such thing as an encryption bypass that only the "right" people can access. Any mechanism that can break through this security can fall into the hands of criminals or authoritarian governments.
And even when they don't, the lesson of the PATRIOT Act is that we really cannot trust the government to accept limits on surveillance tools unless there is a transparent public mechanism of enforcement. The same government agencies who insist they'd be careful with encryption bypasses and would seek warrants are the same government agencies who had been secretly collecting whatever data they can about our personal communications as part of the War on Terror.
Feingold warned about all of these potential dangers in his critique of the PATRIOT Act:
But under this bill, the government can compel the disclosure of the personal records of anyone—perhaps someone who worked with, or lived next door to, or went to school with, or sat on an airplane with, or has been seen in the company of, or whose phone number was called by—the target of the investigation.
And under this new provisions all business records can be compelled, including those containing sensitive personal information like medical records from hospitals or doctors, or educational records, or records of what books someone has taken out of the library. This is an enormous expansion of authority, under a law that provides only minimal judicial supervision.
Under this provision, the government can apparently go on a fishing expedition and collect information on virtually anyone. All it has to allege in order to get an order for these records from the court is that the information is sought for an investigation of international terrorism or clandestine intelligence gathering. That's it. On that minimal showing in an ex parte application to a secret court, with no showing even that the information is relevant to the investigation, the government can lawfully compel a doctor or hospital to release medical records, or a library to release circulation records. This is a truly breathtaking expansion of police power.
This speech was given on Oct. 21, 2001. And it's exactly what happened.
The post America's Post-9/11 Surveillance Authorities Were Inevitably Turned Against Its Own Citizens appeared first on Reason.com.
]]>In the wake of the 9/11 attacks, the United States invaded and occupied two countries, bombed four others, helped to create 21 million refugees and cause over 800,000 deaths, and spent over $6 trillion on combat and anti-terrorism measures.
In Reign of Terror, national security reporter Spencer Ackerman argues that the war on terror also profoundly destabilized American politics and helped to produce the Donald Trump presidency. He talks with Reason about how to stop the growth in government surveillance and military interventionism underwritten by overwrought fears of Islamic terrorism.
The post Spencer Ackerman: How 9/11 Destabilized America and Produced Trump appeared first on Reason.com.
]]>Toward the end of June, Fox News pundit Tucker Carlson made a remarkable on-air claim: He told viewers that the National Security Agency (NSA) had been reading his emails and planned to leak the contents in order to try to get his show off the air. He said a "whistleblower within the U.S. government" told him about the plan.
If the claim were true in the exact way that Carlson said it, this would be an outrageous abuse of the NSA's power. The job of the NSA is to monitor foreign intelligence to track down spies and terrorists, not snoop on American journalists.
The NSA's response was pretty lackluster and didn't exactly close the door on the possibility that there was a kernel of truth in Carlson's claims. The agency responded (which itself is unusual) that Carlson's claim that it "was monitoring [his] electronic communications and is planning to leak them in an attempt to take him off the air" was untrue and that Carlson has "never been an intelligence target of the Agency and the NSA has never had any plans to try to take his program off the air."
I've been covering the NSA and surveillance issues for Reason since Edward Snowden's leaks and through the twists and turns of the investigation surrounding then-President Donald Trump and his associates' interactions with Russian representatives. I immediately noticed the hole in this denial: Carlson does not actually have to be the "target" of the NSA for the agency to have been able to read his communications. Many of Carlson's claims could be true even if he were simply communicating with somebody else who was the target of NSA monitoring.
Sure enough, on Wednesday night, Axios reported that Carlson had been communicating with intermediaries to try and arrange for an interview with Russian President Vladimir Putin. It is therefore extremely likely that at least one or more of the people Carlson communicated with (some of whom Axios reports had direct ties to the Kremlin) were legitimate targets of NSA surveillance. And therefore, the NSA did, in fact, probably get access to whatever emails were part of this discussion.
This means that the insistence by the NSA that it didn't "target" Carlson is accurate, but it also means that Carlson's claim that the NSA had read his emails may be accurate, at least to the extent that they were emails to the actual surveillance target.
This is colloquially known as a "backdoor search," which is a way for the NSA or FBI to secretly and warrantlessly access communications by Americans in a way that normally would not be permitted. This was, in part, what happened with former National Security Adviser Michael Flynn when he was part of then-President-elect Donald Trump's transition team. Flynn wasn't the target of surveillance at the time—but Sergey Kislyak, the Russian ambassador he was talking to, was. The feds were aware of the nature of the conversations because they were snooping on Kislyak. Flynn got in trouble with the feds not for what he said but for lying about it and covering up the conversations.
It's not controversial that the NSA could have intercepted Carlson's emails to Russian intermediaries, especially if they're connected to the Kremlin. But what is potentially controversial and legitimately bad is what might have happened once somebody at the NSA saw them. Carlson's identity is supposed to be concealed, and there's a complex "masking" and "unmasking" process that's supposed to prevent government officials from knowing who is involved unless there's a legitimate government interest.
Carlson did absolutely nothing wrong as a journalist by attempting to arrange an interview with Putin. This is all activity protected by the First Amendment. Chris Wallace interviewed Putin for Fox back in 2018. In all likelihood, any email exchanges between Wallace's camp and Russian officials were intercepted by the NSA on the Russian end, just like Carlson's might have been. So why has Carlson's identity been apparently unmasked and this information leaked to Axios?
Let's be skeptical of Carlson's claims that this is an attempt to make him look bad. He says now, "The point, of course, was to paint me as a disloyal American. A Russian operative. Been called that before. A stooge of the Kremlin, a traitor doing the bidding of a foreign adversary." This simply doesn't seem to track with how the NSA has handled other journalists who have attempted to interview Putin.
We don't actually know who Axios' sources are here. And Axios reporter Jonathan Swan notes that the very people Carlson was talking to could have been responsible for distributing the communications to others. Even though Carlson says only his executive producer knew about his outreach to Putin, Carlson has no idea what those Russian intermediaries might have done with the emails. For all we know the NSA might have actually seen the contents of the email via the communications between two Russian surveillance targets.
Nevertheless, this entire affair helps shine a spotlight on the NSA's backdoor search problem. It remains far too easy for the federal government to skirt the Fourth Amendment and access Americans' communications without a warrant just because they're talking with a foreign target. A bipartisan group of privacy-minded lawmakers, including the likes of Sens. Rand Paul (R–Ky.) and Ron Wyden (D–Ore.), have been trying to close these backdoors.
Unfortunately in the past, when given the opportunity, Congress actually expanded the authority of the feds to access this backdoor search information in order to fight domestic crimes, and Trump signed these authorizations into law, even while at the same time complaining about how the NSA did him dirty with the Russian probe.
In response to Carlson's claims, House Republican Leader Rep. Kevin McCarthy (R–Calif.) announced last week that he has asked Rep. Devin Nunes (R–Calif.) as the ranking member of the House Permanent Select Committee on Intelligence to investigate the extent to which the NSA's conduct might have been politicized.
Nunes is, unfortunately, emblematic of a lot of the Republican response to the NSA's excesses since Trump was elected. Nunes has been very emphatic about calling out some bad conduct by the feds and surveillance, particularly the faulty warrants used to justify snooping on former Trump aide Carter Page. And he turned out to be correct. But historically, Nunes has been a massive cheerleader for the power of the surveillance state, voting in favor of the aforementioned expansion of domestic surveillance authorities and attacking former Rep. Justin Amash (L–Mich.), calling him "Al Qaeda's best friend in the Congress," for attempting to rein in the NSA and FBI's domestic surveillance powers.
The best outcome here would be for these former cheerleaders of the surveillance state, having seen its political abuse, to finally support some restraints. What we should all fear, though, is that this is all a populist performance and, as with Trump, they only care when they and their allies are targets, and they aren't actually interested in the possibility of reform at all.
The post Treat Tucker Carlson's NSA Snooping Claims Seriously, but Not Literally appeared first on Reason.com.
]]>Surveillance whistleblower Edward Snowden is applying for Russian citizenship in preparation for his son's birth.
Snowden and his wife, Lindsay Mills, revealed the pregnancy last week. Today, Snowden announced that he and Mills are applying for dual citizenship. He tweeted: "Lindsay and I will remain Americans, raising our son with all the values of the America we love—including the freedom to speak his mind. And I look forward to the day I can return to the States, so the whole family can be reunited."
Snowden famously took refuge in Russia, essentially forced there to escape espionage charges from the Department of Justice under President Barack Obama. Snowden pulled the curtain back to expose the vast extent of domestic digital surveillance that the National Security Agency (NSA) had implemented after the passage of the PATRIOT Act. Internet and phone records of millions of Americans were being collected, stored, and accessed without our knowledge, all on the insistence that it would help the government catch terrorists. It did not—not that such a massive end run around the Fourth Amendment would have been acceptable if it had.
Snowden's whistleblowing has led to attempts to reform some surveillance regulations to better protect Americans from unwarranted snooping by the feds. The NSA is supposed to be directing its surveillance to other countries, not to us.
But even though Snowden's leaks have proven valuable information for Americans to know, he's still being treated like a criminal. President Donald Trump flirted with pardoning Snowden, and that garnered the support of the likes of Sen. Rand Paul (R–Ky.), but on the eve of the election, there's little sign of any actual mercy coming from the embattled incumbent.
As for Democratic presidential nominee and former Vice President Joe Biden, it was under Obama's Justice Department that Snowden was charged. And Snowden told MSNBC in 2019 that, as veep, Biden threatened countries considering giving Snowden asylum, saying there would be "consequences" if they did. Rafael Correa, Ecuador's former president, said in 2013 (when Snowden leaked the NSA files to the press and fled the country) that Biden called him to ask him not to grant Snowden asylum as he had previously done for WikiLeaks' Julian Assange. There's not much evidence that a Biden administration would grant Snowden a pardon or that Biden's position that Snowden should stand trial has changed.
Snowden was granted permanent residency in Russia in late October. Due to recent changes in Russia's laws, Snowden won't have to give up citizenship as an American to become a Russian citizen. So, in the event that either Trump or Biden changes his mind and pardons Snowden, he'll still be able to return to his home country.
The post Snowden Announces Plans To Become Russian Citizen appeared first on Reason.com.
]]>Attorney General William Barr and FBI Director Christopher Wray frequently and insistently demand that social media platforms and messaging apps implement encryption backdoors that allow law enforcement to bypass user security in order to access communications. Cybersecurity experts and tech companies warn that such backdoors will inevitably compromise everybody's data and lead to hacking and intrusion by foreign governments.
It turns out the federal government already knows this because it has already happened…to the federal government. Reuters reports today that the National Security Agency (NSA), which historically has worked to have encryption backdoors secretly placed in computers by tech companies to ease foreign surveillance, saw a security system subsequently compromised, possibly by the Chinese government.
The company involved is California-based Juniper Networks, which agreed to install an encryption system component that the NSA could exploit and bypass. According to Reuters, in 2015, Juniper Networks discovered malicious code in some of its firewall products. Researchers later discovered that whoever introduced the code had turned the firewalls into their own spying tool.
While Reuters doesn't officially know who the customer was or who the hackers were, researchers told them that the client was likely a U.S. government agency. Do you recall when China was accused of hacking into the federal Office of Personnel Management (OPM) and stealing millions of records? That was also discovered in 2015, though it's not clear whether there's a relationship between these hacks.
The reason for the lack of clarity is due to NSA secrecy, according to Reuters. After the NSA got burned with its own backdoor, the agency told staffers for Sen. Ron Wyden (D–Ore.) it had put together a "lessons learned" report about what happened with new guidance on implementing backdoors. But, now the NSA says it can't find the report.
That the NSA had secretly been negotiating backdoors into some encryption systems was one of the details revealed by Edward Snowden in his whistleblowing. Wyden, a leading Democrat on the Senate Intelligence Committee (and advocate of preserving strong encryption and data privacy), has been trying to find out what sort of guidelines the NSA had developed, but he's been stonewalled.
Wyden grasps the potential threat of secret backdoors and warned Reuters, "Secret encryption back doors are a threat to national security and the safety of our families–it's only a matter of time before foreign hackers or criminals exploit them in ways that undermine American national security."
At the same time, the Justice Department is still relentlessly trying to make our encryption worse, and so have other governments, like the United Kingdom, Australia, Canada, New Zealand, India, and Japan. Earlier this month, national law enforcement leaders from all these countries signed a letter demanding that encryption be weakened, claiming that police need access to fight child sexual exploitation.
Privacy and technology experts have been warning all along that these demands would actually make everybody more vulnerable to crime for very little gain and would compromise everybody's privacy and data security.
From today's Reuters report, we now know that not only does the federal government understand the fatal flaws of encryption backdoors, but the government itself was likely a victim of hacking as a result of a backdoor. That makes it all the more shameful that people like Barr and other governments continue to demand them.
The post Need Proof That Encryption Backdoors Lead to Hacking? It Happened to Our Own Government. appeared first on Reason.com.
]]>This is the third installment in Reason's four-part documentary series titled "Cypherpunks Write Code." Watch the complete series here.
In 1977, a team of cryptographers at MIT made an astonishing discovery: a mathematical system for encrypting secret messages so powerful that it had the potential to make government spying effectively impossible.
Before the MIT team could publish a description of how this system worked, the National Security Agency (NSA) made it known that doing so could be considered a federal crime. The 1976 Arms Export Control Act (AECA) made it illegal to distribute munitions in other countries without a license, including cryptography. The penalty for violating AECA was up to 10 years in prison or a fine of up to one million dollars.
It was the beginning of the "crypto wars"—the legal and public relations battle between the intelligence community and privacy activists over the rights of citizens to use end-to-end encryption. Many of those who were involved in the crypto wars were associated with the "cypherpunk movement," a community of hackers, hobbyists, and computer scientists, which the mathematician Eric Hughes once described as "cryptography activists."
The crypto wars continue to this day: On October 11, 2020, U.S. Attorney General William P. Barr issued a joint statement with officials from six other countries that implored tech companies not to use strong end-to-end encryption in their products so that law enforcement agencies can access the communications of their customers.
The government's stance traces back to World War II, when Allied code-breakers helped secure victory by deciphering secret messages sent by the Axis powers. "And that is the origin of the regulations that said, 'This is munition, this is an item of war,'" civil liberties activist John Gilmore told Reason. "And the problem was that they didn't really take freedom of speech, freedom of inquiry, academic freedom, into account in that."
In 1977, the Institute of Electrical and Electronics Engineers, which was planning to hold a conference on cryptography at Cornell University, received a letter from an NSA employee posing as a concerned citizen, who wrote that the U.S. government considered these mathematical systems "modern weapons technologies" and that distributing them was a federal crime. The letter caused widespread alarm in the cryptography community.
In 1977, the computer scientist Mark S. Miller was a 20-year-old student at Yale. Like many future cypherpunks, he read about the breakthrough at MIT in Martin Gardner's "Mathematical Games" column published in Scientific American. The article laid out the astounding details of what"RSA," as it was called after its co-discoverers, Ron Rivest, Adi Shamir, and Leonard Adleman, made possible. Gardner omitted the technical details, but he offered his readers the opportunity to mail in a self-addressed stamped envelope to get a full description. The authors received 7,000 requests for the memo but didn't end up distributing the paper because of the NSA's threats.
"I decided quite literally that they are going to classify this over my dead body," Miller recalls. He traveled to MIT and got his hands on the unpublished paper describing how RSA worked. Then he went to "a variety of different copy shops, so I wasn't making lots of copies in any one place" and mailed them anonymously "to home and hobbyist computer organizations and magazines all across the country."
"I gave copies of the paper to some select friends of mine," Miller told Reason, "and I told them, 'if I disappear, make sure this gets out.'"
The following year, the RSA paper was published in Communications of the A.C.M. "And the world has been on a different course ever since it got published," says Miller.
But the crypto wars were just getting started. By the early 1990s, after the launch of the commercial internet and the web, RSA and public-key cryptography were no longer a rarified topic; they were privacy salvation. Internet users could use RSA to fully disguise their online activities from government spies. This sent the intelligence community once again scrambling to stop the dissemination of this powerful tool.
In 1991, a software developer named Phil Zimmermann released the first relatively easy-to-use, messaging system with end-to-end encryption, which was called Pretty Good Privacy, or PGP. So the U.S. Justice Department launched a three-year criminal investigation of Zimmermann on the grounds that by making his software accessible outside the country, he could be guilty of exporting weapons.
The NSA made the public case that Zimmermann's software would be used by child molesters and criminals. "PGP, they say, is out there to protect freedom fighters in Latvia," Stewart A. Baker, the NSA's general counsel, remarked during a panel discussion at the 1994 Conference on Computers, Freedom, and Privacy. "But the fact is, the only use that has come to the attention of law enforcement agencies is a guy who was using PGP so the police could not tell what little boys he had seduced over the 'net."
"Child pornographers, terrorists, money launderers, take your pick—these are the people who will be invoked as the bringers of death and destruction," Tim May, a former Intel physicist and co-founder of the cypherpunk movement, told Reason. "It's true" that these individuals would make use of end-to-end encryption, May conceded, "but all technologies have had bad effects. Telephones led to extortion, death threats, bomb threats, kidnapping cases. Uncontrolled publishing of books could allow satanic books to appear."
In his 1994 essay "The Cyphernomicon," May referred to terrorists, pedophiles, drug dealers, and money launderers as "The Four Horsemen of the Infocalypse." This fearmongering was the government's main playbook for how "privacy and anonymity [could] be attacked."
The cypherpunks argued that although PGP was encryption software, it was protected by the First Amendment because under the hood it was just a written series of instructions to be carried out by a machine.
The economist and entrepreneur Phil Salin was one of the first to argue this point in an influential 1991 essay titled "Freedom of Speech in Software." Salin wrote that "[r]estraint on freedom of expression of software writers is anathema in a free society and a violation of the First Amendment."
"Encryption can't be controlled whether or not it's powerful or has impacts on the government because it's free speech," says Gilmore, a co-founder of both the cypherpunk movement and the Electronic Frontier Foundation. In the 1990s, he risked going to jail in his campaign to force the government to acknowledge that regulating encryption violated the First Amendment.
"We basically had a community of a thousand people scattered around who were all trying different ideas on how to get around the government to get encryption to the masses," Gilmore recalls.
The Clinton administration noted in a 1995 background congressional briefing that "Americans have no constitutional right to choose their own method of encryption" and pushed for legislation that would require companies to build in a mechanism for law enforcement agencies to break in.
"We're in favor of strong encryption, robust encryption," then FBI Director
Louis J. Freeh said at a May 11, 1995, Senate hearing. "We just want to make sure we have a trap door and a key under some judge's authority where we can get there if somebody is planning a crime."
The cypherpunks looked for ways to undercut the government's case by pointing out the similarities between encryption software and other forms of protected speech. While under federal investigation for making his software available for download outside the U.S., to prove a point Zimmermann convinced MIT press to mirror his action in the analog world, by printing out the PGP source code, adding a binding, and shipping it to European bookstores.
"MIT was at that time like three times as old as NSA, and it's at least as large a player in the national security community," says the cryptographer Whitfield Diffie, who co-discovered the concept of public-key cryptography on which RSA is based. 'It's one thing to try to go and step on little Phil Zimmermann; it's quite another thing to go after MIT."
"The government knew if they went to court to suppress the publication of a book from a university that they would lose and they would lose in a hurry," Gilmore recalls.
"There were people who actually got encryption code tattooed on their bodies and then started asking, 'Can I go to a foreign country?,'" Gilmore says. "We printed up T-shirts that had encryption code on them and submitted them to the government office of munitions control…'Can we publish this T-shirt?' Ultimately, they never answered that query because they realized to say 'no' would be to invite a lawsuit they would lose and so the best answer was no answer at all."
In 1996, the Justice Department announced that it wouldn't pursue criminal charges against Phil Zimmermann and major legal victories came in two separate federal court decisions, which found that encryption is protected by the First Amendment.
"The crypto wars is still ongoing," says Gilmore. "What we won in the first rounds was the right to publish it and the right to put it in mass-market software, but what we didn't actually do is deploy it in mass-market software. Now there are major companies building serious encryption into their products, and we're getting a lot of pushback from the government about this."
In the early 90s, at the same time that Gilmore was fighting his legal battle for freedom of speech in software, the cypherpunks were exploring cryptography's potential in the context of collapsing political borders and the rise of liberal democracy. Part four in Reason's series, "Cypherpunks Write Code," will look at how those dreams turned to disillusionment, and the rebirth of the cypherpunk movement after the invention of bitcoin.
Written, shot, edited, narrated, and graphics by Jim Epstein; opening and closing graphics and Mark S. Miller/RSA graphics by Lex Villena; audio production by Ian Keyser; archival research by Regan Taylor; feature image by Lex Villena.
Music: "Crossing the Threshold—Ghostpocalypse" and "Darkest Child" by Kevin MacLeod is licensed under a Creative Commons Attribution license; "High Flight" by Michele Nobler licensed from Artlist; "modum" by Kai Engel used under Creative Commons.
Photos: Photo 44356598 © Konstantin Kamenetskiy—Dreamstime.com; Photo 55458936 © Jelena Ivanovic—Dreamstime.com; Photo 21952682 © Martin Haas—Dreamstime.com; Photo 143489196 © Chalermpon Poungpeth—Dreamstime.com; ID 118842101 © Andrey Golubtsov | Dreamstime.com; Freeh and Clinton, Mark Reinstein/ZUMA Press/Newscom; Freeh and Clinton, Ron Sachs—CNP/Newscom; WhatsApp Founders, Peter DaSilva/Polaris/Newscom; Bill Barr and Trump: CNP/AdMedia/Newscom; MIT, DEWITT/SIPA/Newscom; John Gilmore photos by Quinn Norton, Attribution-NonCommercial-ShareAlike 2.0 Generic; Bill Clinton in Oval Office, Robert McNeely/SIPA/Newscom; Bill Clinton, White House/SIPA/Newscom; Louis J. Freeh and Bill Clinton, Ron Sachs—CNP/Newscom; James Comey, KEVIN DIETSCH/UPI/Newscom; Bobby Inmann, Dennis Brack / DanitaDelimont.com "Danita Delimont Photography"/Newscom; John Gilmore, Paul Kitagaki Jr./ZUMA Press/Newscom; Berlin Wall, Associated Press.
The post When Encryption Was a Crime: The 1990s Battle for Free Speech in Software appeared first on Reason.com.
]]>The U.S. Court of Appeals for the 9th Circuit yesterday ruled that the National Security Agency's bulk collection of Americans' telephone records was illegal and probably unconstitutional. For Democrats who see Donald Trump as an unprecedented threat because of his disregard for the Constitution, the decision is a useful reminder that sacrificing civil liberties on the altar of national security is a bipartisan rite.
The NSA program, which was revealed by former NSA contractor Edward Snowden in 2013, indiscriminately collected telephone "metadata"—indicating who was calling whom and how long they talked—about millions of Americans for years. The program, which the USA FREEDOM Act ended in 2015, began under George W. Bush but continued during Barack Obama's administration, which concealed its existence, then speciously defended its legality and usefulness.
"The administration has now lost all credibility," The New York Times editorialized after Snowden's revelations. "Mr. Obama is proving the truism that the executive will use any power it is given and very likely abuse it."
James Clapper, the Air Force general whom Obama appointed as director of national intelligence, epitomized the administration's dishonesty by blatantly lying to a Senate committee about the NSA's data collection practices three months before the phone record database was revealed, then repeatedly lying about lying. In his latest incarnation, Clapper is a vociferous Trump critic who blames Russia for the election of a president he despises as a man "whose first instincts are to twist and distort truth to his advantage."
Further scrambling the conventional understanding of which major party is more concerned about civil liberties, Obama tried to prosecute Snowden, while Trump, who in 2013 called Snowden "a traitor" who "should be executed," last month suggested he might pardon the NSA whistleblower. Another interesting point Democrats might prefer to overlook: While questioning the constitutionality of the NSA's metadata dragnet, the 9th Circuit cites Supreme Court Justice Neil Gorsuch, a Trump nominee who is a more reliable defender of the Fourth Amendment than the judge Obama wanted to appoint.
I am not for a moment suggesting that Trump's new respect for Snowden, which is probably driven by his pique at "deep state" foes like Clapper, or his choice of Gorsuch, which was based on what he thought conservatives wanted, reflects civil libertarian principles (or any principles at all). But as this case shows, Trump's polarizing personality tends to obscure the deeper problem of powers that tempt presidents to violate our rights, regardless of their personal traits, avowed principles, or party affiliation.
The prosecution that led to the 2nd Circuit's decision involved four Somali immigrants who were convicted in 2013 of sending money to the terrorist group al-Shabab. While the ruling does not affect those convictions, it addresses the legality of the NSA's phone record database, which supposedly played a crucial role in the case.
I say "supposedly" because that is what federal officials claimed while defending the NSA's program. Then-FBI Deputy Director Sean Joyce, for example, told a congressional committee the database generated a tip that allowed the bureau to reopen its investigation of the suspected al-Shabab supporters. The 2nd Circuit rightly discounts such statements, which were part of a fact-deficient attempt to portray the program as an essential weapon against terrorism.
"The metadata collection, even if unconstitutional, did not taint the evidence introduced by the government at trial," the appeals court says. "To the extent the public statements of government officials created a contrary impression, that impression is inconsistent with the contents of the classified record." That's a polite way of saying that Obama administration officials misled the public about the program's value.
What about its legality? As the U.S. Court of Appeals for the 2nd Circuit did in 2015, the 9th Circuit makes short work of the government's argument that the program was authorized by Section 215 of the PATRIOT Act, which allowed secret court orders "requiring the production of any tangible things (including books, records, papers, documents, and other items) for an investigation…to protect against international terrorism." Such orders were supposed to be based on "a statement of facts showing that there are reasonable grounds to believe that the tangible things sought are relevant to an authorized investigation."
Using the same needle-in-a-haystack argument that was deployed by the Obama administration, the government's lawyers maintained that everyone's phone records are "relevant to an authorized investigation" because searching them might reveal useful clues. "Although admittedly a substantial portion of the telephony metadata that is collected would not relate to [terrorism suspects]," they said, "the intelligence tool that the Government hopes to use to find [investigation-related] communications—metadata analysis—requires collecting and storing large volumes of the metadata to enable later analysis." According to the government, "all of the metadata collected is thus relevant, because the success of this investigative tool depends on bulk collection."
The 2nd Circuit said "such an expansive concept of 'relevance' is unprecedented and unwarranted," and the 9th Circuit concurs. The government's interpretation "essentially reads the 'authorized investigation' language out of the statute," it says. "We hold that the telephony metadata collection program exceeded the scope of Congress's authorization."
As for the program's constitutionality, the government argued that it was covered by the third-party doctrine, which says people do not have a reasonable expectation of privacy regarding information they voluntarily divulge to others (in this case, the phone companies from which the NSA collected its metadata). The Supreme Court invented that doctrine in United States v. Miller, a 1976 case involving bank records. Three years later, the Court invoked the doctrine in Smith v. Maryland, which involved a warrantless "pen register" that police used to record the numbers dialed by a robbery suspect over the course of a few days. Although that situation is rather different from the collection of personal information about millions of people for years, the government argued that Smith shows the NSA's program was consistent with the Fourth Amendment.
"There are strong reasons to doubt that Smith applies here," the 9th Circuit says. "The distinctions between Smith and this case are legion and most probably constitutionally significant….Society may not have recognized as reasonable Smith's expectation of privacy in a few days' worth of dialed numbers but is much more likely to perceive as private several years' worth of telephony metadata collected on an ongoing, daily basis—as demonstrated by the public outcry following the revelation of the metadata collection program."
The Supreme Court in Smith drew a distinction between the "contents" of a phone call and information about numbers dialed, deeming the latter much less sensitive. But "in recent years the distinction between content and metadata 'has become increasingly untenable,'" the appeals court notes. "The amount of metadata created and collected has increased exponentially, along with the government's ability to analyze it."
The 9th Circuit emphasizes how revealing this information can be, quoting former NSA General Counsel Stewart Baker. "Metadata absolutely tells you everything about somebody's life," Baker said. "If you have enough metadata you don't really need content."
The appeals court illustrates that point with a couple of examples: "A woman calls her sister at 2:00 a.m. and talks for an hour. The record of that call reveals some of the woman's personal information, but more is revealed by access to the sister's call records, which show that the sister called the woman's husband immediately afterward. Or, a police officer calls his college roommate for the first time in years. Afterward, the roommate calls a suicide hotline."
And that's just for a start. "Metadata can be combined and analyzed to reveal far more sophisticated information than one or two individuals' phone records convey," the 9th Circuit notes before quoting a brief filed by the Brennan Center for Justice: "It is relatively simple to superimpose our metadata trails onto the trails of everyone within our social group and those of everyone within our contacts' social groups and quickly paint a picture that can be startlingly detailed."
The 9th Circuit notes that the Supreme Court expressed similar concerns in Carpenter v. United States, the 2018 case in which the justices said the third-party doctrine does not apply to cellphone location data. Furthermore, the appeals court says, "numerous commentators and two Supreme Court Justices have questioned the continuing viability of the third-party doctrine under current societal realities."
Here is where Gorsuch comes in. He dissented in Carpenter, not because he thought cops should be allowed to collect cellphone location data without a warrant but because he thought the third-party doctrine should be scrapped entirely, along with the malleable "reasonable expectation" test. Nowadays, Gorsuch noted, people routinely store sensitive information—including "private documents" that, "in other eras, we would have locked safely in a desk drawer or destroyed"—on third-party servers. According to the reasoning of Miller and Smith, he said, "police can review all of this material, on the theory that no one reasonably expects any of it will be kept private. But no one believes that, if they ever did."
The 9th Circuit did not reach a firm conclusion about the constitutionality of the NSA's program, because it was not necessary to decide whether the convictions should stand. But its observations show how readily the government invades our privacy on the flimsiest pretext, blithely dismissing constitutional concerns when they prove inconvenient. That alarming tendency cannot be corrected by switching out one politician for another.
The post NSA Ruling Reminds Us That Sacrificing Civil Liberties in the Name of National Security Is a Bipartisan Impulse appeared first on Reason.com.
]]>President Donald Trump recently floated the possibility of a pardon for whistleblower Edward Snowden, who famously informed the public that the National Security Agency (NSA) was secretly collecting and storing millions of Americans' private phone and online records.
The proposition sort of came out of nowhere—it was a response to a reporter's question—and is probably basically a reflection of Trump's willingness to make any idea a trial balloon, plus his now-permanent animosity toward America's federal intelligence agencies for investigating his campaign. Before Trump became president, he repeatedly called Snowden a traitor and even demanded his execution.
If Trump did, in fact, pardon Snowden, that would be great. But some high-level responses over the weekend might give you the impression that Trump was considering something really awful—like, I don't know, bombing a foreign country without congressional authorization, or maybe secretly snooping on citizens' online data.
Susan Rice, former national security adviser and former ambassador to the United Nations, was one of the final four possible running mates for Democratic presidential candidate Joe Biden before he ultimately chose California Sen. Kamala Harris.
After this tweet from Rice, many Democrats are probably relieved she wasn't the choice:
I. Just. Can't.
Congratulations GOP. This is who you are now. https://t.co/CAE98A7qjV
— Susan Rice (@AmbassadorRice) August 16, 2020
"This is who you are now." If only it were true that the GOP were the party opposed to warrantless surveillance! But sadly, neither major party can actually make that claim. There are a number of elected Republicans who support what Snowden did and oppose this violation of Americans' privacy, but not nearly enough to comprise the majority.
All summer long, we've seen story after story about the use of surveillance against protesters demanding police reform. The Democratic Party is most certainly going to be positioning itself this week as criminal justice reformers and in opposition to overly harsh or oppressive policing systems. How tone-deaf do you have to be to attack the Republican Party for possibly not imprisoning a surveillance whistleblower? The American Civil Liberties Union thinks Snowden should be pardoned. The New York Times editorial board called him a whistleblower and wants him to at least get clemency. But not Rice.
Rice got backup from NeverTrumper columnist Jennifer Rubin, who seems upset that the Cold War is over:
Old enough to remember when they were Cold Warriors. Now they praise a traitor and let Putin get away with targeting our troops.
— Jennifer Rubin (@JRubinBlogger) August 16, 2020
Rep. Liz Cheney (R–Wy.), daughter of the warmongering ex-veep Dick Cheney, was happy to pile on with the "traitor" nonsense:
Edward Snowden is a traitor.
He is responsible for the largest and most damaging release of classified info in US history.
He handed over US secrets to Russian and Chinese intelligence putting our troops and our nation at risk.
Pardoning him would be unconscionable.
— Liz Cheney (@Liz_Cheney) August 16, 2020
We have no good evidence that Snowden gave secrets to the Russian and Chinese governments. He gave them to journalists who revealed them to the American public. And the big revelations were about how the NSA treated American citizens.
Cheney focuses on Russia and China here, but the NSA's apologists have traditionally justified this surveillance as a much-needed way to find out who might have been coordinating with Islamic terrorists overseas. Does anybody remember intelligence officials' absurd argument that in order to find the needle in the haystack, they needed to build the haystack first? They said they needed everyone's data in order to search for the "bad guys'" data. This never had anything to do with Russia or China, even if Snowden ended up having to flee to Hong Kong and live in exile in Russia.
The NSA itself has voluntarily abandoned this surveillance. Not only was it ineffective at actually finding threats, but the spies discovered that they simply couldn't collect this information without repeatedly violating innocent Americans' privacy rights.
It's 2020, and people are marching on the streets to stop an overly powerful police state. And yet we're still seeing people calling Snowden a traitor? Really?
Bonus video: ReasonTV on the case for pardoning Snowden:
The post Susan Rice Tries To Turn Possible Snowden Pardon Into Attack on GOP appeared first on Reason.com.
]]>During an interview with the New York Post Thursday, President Donald Trump wondered aloud whether he should let surveillance whistleblower Edward Snowden return to the United States. He even went so far as to solicit responses from his staff.
Per the Post, Trump discussed it, as he discusses many things, through the filter of what happened to him. After complaining that his campaign had been surveilled, he pivoted to Snowden:
"Snowden is one of the people they talk about. They talk about numerous people, but he is certainly one of the people that they do talk about," Trump said on Thursday, before turning to his aides. "I guess the DOJ [Department of Justice] is looking to extradite him right now?…It's certainly something I could look at. Many people are on his side, I will say that. I don't know him, never met him. But many people are on his side."
The president then asked his staff: "How do you feel about that, Snowden? Haven't heard the name in a long time."
After polling the room, Trump added: "I've heard it both ways. From traitor to he's being you know persecuted. I've heard it both ways."
There's no explanation of what Trump means when he says "they" are talking about Snowden, but it's a familiar Trump tic to indicate some sort of unidentified group of people is talking about an issue whenever he's talking about it.
This isn't the first time Snowden was brought up to Trump this week. At a press briefing on Tuesday, a reporter mentioned that the Department of Justice Office of the Inspector General had found issues with the warrant applications to wiretap former Trump campaign aide Carter Page, and that part of Snowden's surveillance claims were that the Foreign Intelligence Surveillance Act (FISA) court tends to rubber-stamp warrant requests. Given that, the journalist continued, should Snowden be allowed to return to the United States without facing criminal charges?
Trump didn't directly answer the question then, turning instead to complaining that his campaign had been illegally spied upon and then pivoting to talking about how "nasty" Kamala Harris had been to Democratic presidential candidate Joe Biden. (This was the day Biden named Harris as his running mate.) He never even mentioned Snowden at all.
Prior to becoming president, Trump was very much in the "Snowden is a traitor" camp. The Post notes he had on 45 separate occasions tweeted denunciations of Snowden, who revealed that the National Security Agency (NSA) had been collecting and storing huge amounts of Americans' phone and online data records. At one point Trump called for his execution.
But that was then and this is now. Trump's idea has gained support from Snowden's usual supporters. Rep. Thomas Massie (R–Ky.), for example, tweeted this today:
.@realDonaldTrump should pardon Edward @Snowden. https://t.co/TOuw46Cb9s
— Thomas Massie (@RepThomasMassie) August 14, 2020
Don't assume that this means a pardon is on the way. Although he complains a lot about the FISA court and federal surveillance of him and his campaign staff, Trump signed a bill in 2018 that renewed and even expanded the government's ability to secretly wiretap Americans. On the other hand, his displeasure with a bill that renewed some of the PATRIOT Act's surveillance powers prompted Republicans in Congress to reverse their previous support, and it did not pass.
In related FISA court surveillance news, today former FBI lawyer Kevin Clinesmith, who had been assigned to the team handling the investigation into possible Russian ties to Trump's campaign, revealed he'll be pleading guilty to charges that he altered an email from the CIA that was used to justify the Page wiretaps. Who knows? Maybe an actual conviction of someone who broke the law while investigating people close to Trump might convince the president that Snowden was right to reveal the security state's surveillance.
The post Trump Teases Possible Edward Snowden Pardon. He Should Do It! appeared first on Reason.com.
]]>When Edward Snowden decided to reveal constitutionally dubious mass surveillance programs operated by the National Security Agency (NSA) in 2013, one of the three people he contacted was Barton Gellman, a Pulitzer Prize-winning reporter with a long history at The Washington Post. In his riveting new book, Dark Mirror, Gellman details his intense relationship with arguably the biggest whistleblower in U.S. history, the angry response of leaders of the national security community, and the ways in which the privacy of ordinary Americans remains at risk from the state.
In a wide-ranging conversation with Nick Gillespie, Gellman puts the Snowden revelations in the context of post-9/11 actions by Dick Cheney, Donald Rumsfeld, and other members of the Bush administration who ignored constitutional limits on executive power; the Obama administration's false claims to transparency; and the understandable ambivalence of major tech companies to work with a government that is simultaneously threatening and trying to protect American lives.
Gellman also comments on the reputations of President Donald Trump and former Vice President Joe Biden in the intelligence community. Former heads of intelligence services are "much less sanguine about the government accumulating this enormous machinery of surveillance" with Trump in the White House because they openly acknowledge "it is subject to horrific potential abuse," says Gellman. At the same time, he stresses that Biden, who served in the Senate for decades and for eight years under President Barack Obama, "has not been an apostle of transparency in the national security world. He was a strong backer of the prosecution of whistleblowers and leakers in the Obama administration and there were more prosecutions with charges of espionage against people who talked to journalists during the Obama administration than in all previous administrations combined, which had a chilling effect on national security reporting."
Edited by John Osterhoudt, Intro by Lex Villena.
Photo credits: "Redacted Image" ID 95960034 © David Andrews | Dreamstime.com; "Bartman Gellman" Phil McAuliffe/Polaris/Newscom; "Glenn Greenwald" Gage Skidmore;
"Laura Poitras" Laura Poitras; Eyeball ID 22934579 © Gandolfo Cannatella | Dreamstime.com; "Dick Cheney" JONATHAN ERNST/picture alliance/Consolidated/Newscom
The post How Edward Snowden Revealed the 'Dark Mirror' of the Surveillance State appeared first on Reason.com.
]]>When Rep. Devin Nunes (R–Calif.) claimed that the FBI's warrant applications to wiretap former Trump aide Carter Page had serious problems, he faced a lot of mockery and criticism. Defenders of the investigation insisted that the FBI has so many regulations and so much oversight that every T must have been crossed and every box checked before the Foreign Intelligence Surveillance Act (FISA) court would ever approve such warrants.
But an independent review by the Department of Justice's Office of Inspector General ultimately found that proper procedures had not been followed. There was a significant number of errors and omissions that should have been caught in the three warrant requests the bureau submitted to the FISA court. A later audit found that this was not an anomaly: The FBI regularly makes mistakes in its warrants targeting Americans for secret surveillance.
We've seen something similar play out this week. Richard Grenell, acting director of the Office of the Director of National Intelligence, declassified the list of officials in President Barack Obama's administration who sought to unmask Michael Flynn's identity as the feds kept tabs on his conversations with Russian Ambassador Sergei Kislyak. It turns out that a lot of Obama officials—nearly 40 of them—had requested Flynn's unmasking.
In some cases, the requests make sense. Some people have compained that James Comey, James Clapper, and John Brennan were on the list, but at the time they were, respectively, the head of the FBI, the director of national intelligence, and the head of the CIA. Of course they were going to request this information; it was part of their jobs. The fact that they have subsequently become critics of President Donald Trump doesn't change the level of authority they held under Obama.
But why did so many other people put in those requests? Why would Vice President Joe Biden (or a representative from his office) be on the list? Is this normal? Some analysts are insisting that what happened to Flynn is business as usual and that this is all legal and above-board. But as with Page, the average American doesn't have the context required to be sure that's true.
This "unmasking" is part of a very secretive process of deciding who gets to see the names of Americans on transcripts of intercepted foreign communications and raw intelligence. Thanks to an annual transparency report from the Office of the Director of National Intelligence, we know that this happens a lot. According to the latest transparency report, the National Security Agency (NSA) unmasked the names of 10,012 U.S. citizens or residents in 2019 in response to requests from another agency. In short, what happened to Flynn happens much more frequently than what happened to Page.
Many media outlets (Reason included) reported back in January 2017 that as Obama was leaving office, he issued an executive order expanding the NSA's ability to share raw intelligence with other federal agencies. Clearly the Trump administration is using these same orders. So what does this look like exactly? The audit of the Page investigation shows that the government wasn't following its own procedures when it sought surveillance warrants; what would an audit of the Flynn unmasking show? At the very least, it might explain why so many people sought his name, whether this was atypical, and whether it was part of a politically driven process.
Americans deserve more transparency on how this unmasking process works—and a better explanation of why all these people keep requesting unmasking and what happens to that information. This may well be a "routine" process, as so many officials insist, but that doesn't mean that we as citizens should accept the status quo. People insisted the Page warrants were part of a routine process, too, and it turned out that the routine itself was broken.
The post The Michael Flynn Unmasking Fight Is Another Chance for More Transparency About Secret Government Surveillance appeared first on Reason.com.
]]>Next week the Senate is poised to resurrect some federal surveillance powers that expired in the midst of the coronavirus pandemic. A handful of senators are hoping to force through reforms to better protect Americans' privacy.
In March the USA Freedom Act expired, somewhat unceremoniously, as lawmakers were unable to reach a consensus on a renewal as the pandemic began to pick up steam and overtake all public policy priorities.
The USA Freedom Act authorized (but restricted) the collection of Americans' phone and internet record metadata that the National Security Agency (NSA) had been gathering without citizen knowledge before Edward Snowden exposed it. A compromise bill, the USA Freedom Act added some buffers to how the NSA would collect the data and required more reporting of the activities of the Foreign Intelligence Surveillance Act (FISA) courts, so citizens would have a better sense of the extent that this "foreign" surveillance was in fact targeting Americans.
The NSA has since abandoned the metadata collection, which had proven ineffective at tracking down terror threats even as it violated Americans' Fourth Amendment rights. But the Act has other surveillance components (authorizing roving wiretaps, tracking so-called "lone wolf" terrorists). And even though the NSA has stopped using its metadata collection powers, President Donald Trump's administration has asked for the entire USA Freedom Act to be renewed, intact, permanently.
Fortunately, that's not going to happen: The House passed a renewal bill in March that officially killed off the records program once and for all. Now surveillance critics in the Senate, such as Rand Paul (R–Ky.), Mike Lee (R–Utah) and Ron Wyden (D–Ore.), are pushing for further reforms to the way the government targets American citizens for secret surveillance. Their demands for amendments to the House's bill stopped the bill from moving forward in March. Now the Senate plans to consider the House's bill along with these proposed amendments.
The USA Freedom Act played no role in the FBI's use of the FISA court to secretly wiretap former Trump aide Carter Page. But the discovery that the FBI played fast and loose with the truth when requesting these warrants from the FISA court, and the subsequent evidence that the FBI regularly does a terrible job of documenting its evidence when targeting any Americans for FISA surveillance, have created an opening for civil libertarians to call for stronger privacy protections.
The Hill reports:
Sen. Rand Paul (R–Ky.) will get a vote on his amendment that would bar the FISA court from issuing warrants for American citizens and instead require law enforcement agencies such as the FBI to obtain a warrant from a normal court established under Article III of the Constitution.
Sens. Mike Lee (R–Utah) and Patrick Leahy (D–Vt.) will get a vote on their amendment to require the appointment of amicus curiae, or outside advisers, with expertise in privacy and civil liberties to advise the FISA court on surveillance warrants.
Sens. Steve Daines (R–Mont.) and Ron Wyden (D–Ore.) will get a vote on an amendment to bar law enforcement from obtaining internet browsing and search history without a warrant.
These are all great amendments. Unfortunately, they will probably fail. Far too many lawmakers on both sides of the aisle are against serious surveillance reforms.
Senators like Paul are banking on Trump's outrage over what happened to Page to push these additional reforms through. Establishment Republicans and Democrats are banking on Trump only caring about how surveillance affects him and the people around him.
We'll soon find out which side is correct. My money's on the establishment, but I'll be happy to be wrong this time.
The post FISA Surveillance and Possible Reforms Are Back on the Senate's Agenda appeared first on Reason.com.
]]>By the end of the week, Congress is supposed to decide whether it will renew some federal surveillance regulations, reform them, or let them expire. Many legislators would probably prefer either to kick the can down the road with another temporary renewal or to pass a modest set of reforms. But several members of Congress are opposed to ketting the status quo continue—enough members, in fact, that we may well see reductions in the feds' power to secretly collect data about Americans without our knowledge, as well as more oversight over the secretive Foreign Intelligence Surveillance Act (FISA) Court.
The USA Freedom Act expires on Sunday. Passed after Edward Snowden exposed the ways the National Security Agency (NSA) was secretly collecting telephone and internet metadata of millions of Americans, the act both retroactively authorized the data collection and added some stricter rules to the process. Privacy and civil rights–focused lawmakers and activists have been trying since then to rein in domestic surveillance even further. Sen. Rand Paul (R–Ky.) has been using his positive relationship with President Donald Trump—and the president's anger at the surveillance of his campaign, which ultimately led to a failed impeachment attempt—to push for reforms.
The Hill reported on Sunday that Paul is, as he has been in the past, the loudest voice stopping Congress from quietly keeping things the way they are:
Paul says he won't support a short-term extension and appeared skeptical that he would back a larger deal that paired a USA Freedom extension with reforms to FISA, though he added that he could support some of the surveillance reforms if they get standalone votes, as amendments, for example.
He's also pushing for an amendment vote to prohibit FISA warrants from being used against American citizens and to prohibit information obtained in the FISA courts from being used against a U.S. citizen in domestic courts.
"I'm not for any extension. I'm for fixing it….I'll vote no on any extension," Paul said.
He's not alone among Republicans in the Senate, and he's got plenty of support from Democrats in the House as well, to require that there be changes. Rep. Doug Collins (R–Ga.) went on Fox Business yesterday to say that there weren't enough votes in the Democratic-controlled Congress to reauthorize the USA Freedom Act unless there were reforms.
Reform-minded members of Congress aren't focused entirely on the same reforms. The Democrats want to make sure that the records collecting program is officially dead. (NSA has unofficially stopped doing it, but the authorization still exists.) Paul and some other Republicans are using the problems with the warrants used to wiretap former Trump aide Carter Page to call for more independent oversight to review and advise the FISA court on warrants. Meanwhile, Attorney General William Barr and Senate Majority Leader Mitch McConnell (R–Ky.) prefer renewal without changes.
Nothing in these reforms is likely to have prevented what had happened with Page, since it's not the USA Freedom Act's authorities that were used to snoop on him. And based on the angry reaction of the FISA Court's judges when they found out the FBI had misled them in parts of the warrant application—and their decision to call for an independent reviewer—it's not clear additional oversight of the court itself would have stopped what happened with Page. The problems seemed to have originated from within the FBI itself.
But this is probably the only way to get Trump to care about restraining the use of secret surveillance on the rest of us. That is surely why Paul is hammering on about what happened to Page and Trump.
Paul's proposed reforms are probably a bridge too far to actually pass, but it's an admirable effort. Paul seems unlikely to be able to convince Congress to eliminate domestic FISA warrants entirely. But just as the USA Freedom Act was a compromise reform forced in part due to Paul's stubborn refusal to shut up about Americans' rights after Snowden's reveal, his prominent status in Trump World will guarantee that at least the broadest reforms will be considered.
But will they actually be debated? That's not so clear. There was already an aborted effort to attach reauthorization to a coronavirus emergency bill last week. With a deadline looming, there's sure to be an effort to roll reforms of some sort into other must-pass legislation. It's just not clear as yet how far those reforms will go.
The post Will We See Real Surveillance Reform This Week? appeared first on Reason.com.
]]>The U.S. government spent $100 million collecting all our phone and text records for four years and got next to nothing out of it.
Try to contain your surprise. (I'm actually shocked it's only $100 million.) This info comes from a newly declassified report from the federal Privacy and Civil Liberties Board. The report analyzes the call records program implemented by the USA Freedom Act in 2015, which formalized but also restrained the National Security Agency's secret collection of Americans' communications metadata.
Prior to the USA Freedom Act, the NSA had used the PATRIOT Act to justify collecting this data with neither the knowledge nor the consent of Americans, or even of Congress. Once Edward Snowden blew the whistle on this secret surveillance, the USA Freedom Act was hammered out as a compromise that gave the NSA much more limited access to collected metadata in order to pursue investigations using specific terms.
The USA Freedom Act sunsets in mid-March. We already know these searches haven't been all that helpful, because the NSA has abandoned them. Part of the problem was repeated situations where attempts to collect records went awry and brought in far more private information than they were allowed to look at under the law.
This new report shows that the mass collection of Americans' phone records turned out not to be a particularly good tool for tracking down terrorism. Its authors determined that the NSA wrote only 15 intelligence reports based on information from call records accessed through the law. Of those, 11 duplicated information that was already in FBI records. Two contained information that the FBI had received through other means. One led the FBI to vet an individual, but it ultimately decided not to open an investigation. So that just leaves just one case where the bureau received unique info that it decided to use to open a foreign intelligence investigation.
All that for $100 million!
A logical person would assume that letting these powers sunset would be the smartest choice. Why violate Americans' privacy rights if even the government itself acknowledges the intrusions aren't actually accomplishing anything? But logic means nothing next to institutional inertia. The government doesn't like to give up any power or program, even when it's not useful.
So now there's a big congressional fight about renewing the USA Freedom Act. In January, a bipartisan pack of privacy-minded lawmakers introduced a bill that would formally end the bulk collection of Americans' records and introduce other reforms to the secretive Foreign Intelligence Surveillance Amendment (FISA) Court to provide some more transparency and better protect Americans from unwarranted surveillance. Their bill has support of both the left-leaning tech activist group Demand Progress and the more conservative FreedomWorks.
But congressional leaders just want to push through a quick temporary renewal with some less modest fixes. Reps. Jerrold Nadler (D–N.Y.) and Adam Schiff (D–Calif.), chairs of the House Intelligence and Judiciary Committees, put together a reform bill of their own that would extend the USA Freedom Act until 2023. Nadler and Schiff's bill would end the bulk data collection program but would extend the part of Section 215 of the Patriot Act that lets the FBI secretly collect business records it deems relevant to terrorism investigations. So the feds will be able to easily collect your data when it's in the hands of a third party—and these days, that means most of your data.
Rep. Zoe Logren (D–Calif.), a strong privacy supporter who has previously teamed up with the likes of Reps. Justin Amash (I–Mich.) and Thomas Massie (R–Ky.) to try to limit the NSA and FBI's warrantless snooping powers, was not happy about this weaker bill. She has announced plans to introduce amendments. Yesterday, rather than debating the merits of the proposal, Democratic leaders cancelled the hearing, apparently worried that stronger privacy protections could kill the Schiff-Nadler bill's chances. Both FreedomWorks and Demand Progress have put out statements criticizing Schiff and Nadler for dodging the debate.
As Charlie Savage and Nicholas Fandos note at The New York Times, President Donald Trump is a wild card in this fight. Trump has railed against the FISA court and the surveillance state, due to the investigation of his presidential campaign. And some of his complaints were justified: Independent analysis have showed serious problems with how the FBI pursued its warrants to wiretap former Trump aide Carter Page, as well as a lack of openness and thoroughness with the FISA Court.
But the language the FBI used to justify snooping on Page is a completely different section of the law. And when Trump has been given opportunities to rein in federal surveillance of Americans not linked to Donald Trump, he did the exact opposite. Meanwhile, Attorney General William Barr has said he wants a "clean" reauthorization of the USA Freedom Act without any reforms at all, telling House Republicans that he can make administrative reforms to procedures. That's the worst possible outcome, because it would give Barr the power to decide—in secret—whose privacy rights are protected and whose are not. It's Congress' job, not Barr's, to put limits on the Justice Department's surveillance authorities.
Trump, this morning, showed some support for FISA reforms, but again apparently connected to the belief that changes to the USA Freedom Act have any relevance to the investigation of his campaign. They don't, but hey, if that's what helps push through changes that better protect all our privacy, I'm not going to complain.
The post The Feds' Bulk Collection of Our Data Records Has Been Expensive and Useless. But That Doesn't Mean It's Going to Stop. appeared first on Reason.com.
]]>A young woman who was arrested and convicted by the Trump administration's Department of Justice for leaking details about Russian attempts to hack American election systems is now asking President Donald Trump to commute her five-year sentence.
Reality Winner, 25, was arrested in June 2017 after the feds tracked her down as the source of a report published by The Intercept showing that hackers connected to the Russian government attempted to infiltrate an election systems company based in Florida.
The report contained classified information from the National Security Agency (NSA). Winner saw herself as a whistleblower alerting the public about the extent of Russian meddling in the 2016 election. At the time of her leak, there was much less public info about the extent of hacking attempts, and her arrest came about a year before the Department of Justice would actually indict Russian operatives with hacking into the computer networks of the Democratic National Committee and attempting to hack state election systems. Nothing Winner leaked linked Trump or anybody in Trump's campaign with these Russian efforts.
Winner was denied bail and in 2018 accepted a plea deal for five years in federal prison, the harshest sentence ever handed down to a civilian who leaked info to the media.
On Monday, Winner's legal team announced that they're asking Trump to let her out. Winner's mom says Winner is "losing hope" and is not getting any treatment for her bulimia or anorexia. In the clemency petition (posted by The Intercept and readable here), it notes that she didn't work with a foreign power or conspire against her country; her "disclosure didn't jeopardize the security or safety of human lives or strategic information"; and she didn't seek any compensation for providing the report. She only wanted to inform the public. She has so far served 33 months out of a 63-month sentence.
NBC notes that Trump had previously tweeted that he thought Winner's sentence was "so unfair," but the real purpose of that tweet was to needle then-Attorney General Jeff Sessions for failing to go after Hillary Clinton. It wasn't really an indication that Trump actually cared about what happened to Winner.
Winner is obviously not some sort of threat or danger to the public and there's no reason to keep her imprisoned. Today the White House announced four pardons or commutations:
Why not include Winner in the group? It's particularly galling to have her sitting in federal prison given that the Justice Department is unlikely to ever get its hands on the Russian government operatives charged with actually attempting the hacking.
The post Imprisoned Leaker Reality Winner Seeks Mercy From Trump appeared first on Reason.com.
]]>A bipartisan group in Congress is attempting (again) to pass legislation that would restrict the National Security Agency from abusing the PATRIOT Act and the Foreign Intelligence Surveillance Amendment (FISA) Court in order to collect and access private records of Americans.
The Safeguarding Americans' Private Records Act would formally prohibit the bulk collection of Americans' phone records, which Edward Snowden exposed and the NSA has since quietly ended. Despite years of government officials defending the practice, the mass collection of all our phone and internet records has not been shown to assist the government in fighting terrorism.
The bill would also prohibit warrantless collection of geolocation information and it would forbid the NSA and other intelligence agencies from creating "secret" interpretations of surveillance laws, which is how the NSA used Section 215 of the PATRIOT Act to justify mass domestic data collection in a way that the Act's primary sponsor, Rep. Jim Sensenbrenner (R–Wis.), says he never intended.
The bill also seeks to address some of the institutional problems with the FISA Court, recently revealed by the Justice Department Office of the Inspector General's (OIG) review of the warrant applications FBI agents submitted in order to wiretap former Donald Trump aide Carter Page. The OIG determined that the FBI made a number of errors and omitted important details in its warrant applications. (More news on this dropped today: A December letter from the FISA Court was just declassified showing that the Justice Department now believes that two of the warrant applications targeting Page are not valid due to the omissions.)
In the wake of that review, the FISA Court has demanded that the FBI make changes to its warrant application process so that the court receives all of the information it needs to approve or deny a warrant that would allow the government to secretly surveil Americans.
The FISA Court operates in secret, and potential surveillance targets do not have the ability to contest warrant applications. However, in the wake of the OIG's report on Page, the Court has appointed former DOJ attorney David Kris to advise it on potential reforms. Kris reviewed the FBI's proposed reforms and recommended an even more aggressive review process.
The Safeguarding Americans' Private Records Act would allow independent advisers like Kris ("amici curiae," in the bill's language) to access all the reports, transcripts, and pleadings submitted to the FISA Court. These advisors would theoretically thus be in a position to offer an adversarial perspective to the Court. While working at the Justice Department in the 2000s, for example, Kris dissented from President George W. Bush's use of the PATRIOT Act to collect domestic records. Under this bill, Kris and people like him could make their case directly to the FISA Court.
Finally, the bill would increase reporting requirements so that the public would have a better idea of how federal law enforcement agencies use the PATRIOT Act to conduct domestic surveillance. The bill would also empower the Office of the Inspector general to investigate whether this surveillance has been used against people who are engaged in First Amendment-protected activities, and the extent to which agencies are collecting information about people who have not been specifically targeted (known as "backdoor collection").
The bill has Democratic and Republican sponsors in both the House and Senate. In the Senate, it's sponsored by Sen. Ron Wyden (D–Ore.) and Steve Daines (R–Mont.). In the House, it's sponsored by Reps. Zoe Lofgren (D–Calif.), Warren Davidson (R–Ohio), and Pramila Jayapal (D–Wash.). It has support on the left from digital activist group Demand Progress and on the right from conservative/libertarian Tea Party activists at FreedomWorks.
"Liberty and security aren't mutually exclusive, and they aren't partisan either," Wyden said in a prepared statement. "I'm proud our bipartisan coalition is standing up for Americans' rights and commonsense reforms to protect our people against unnecessary government surveillance. This bill preserves authorities the government uses against criminals and terrorists, while putting Americans' constitutional rights front and center."
Read the bill for yourself here.
The post Lawmakers Say the FBI's Problematic Carter Page Warrants Require Congressional Surveillance Reforms appeared first on Reason.com.
]]>A federal judge in Virginia has ruled that the U.S. government has the authority to seize the proceeds of Edward Snowden's book because he failed to submit his book to the CIA and National Security Agency (NSA) for pre-publication review to analyze any classified information printed within.
The ruling, by Liam O'Grady, U.S. District Judge of the Eastern District of Virginia, is a perfect encapsulation of the letter of the law and also the bizarreness of its application. Snowden's book, Permanent Record, documents his decision to blow the whistle on the NSA's secret surveillance and mass unwarranted collection of Americans' communication data. He is currently a fugitive from the Department of Justice (DOJ), living in Russia, charged with espionage, though many Americans see him as a hero.
Snowden's former work agreements with the CIA and NSA are clear that he (and any other employee) must submit the contents of books or speeches for review. There is no exception to account for him blowing the whistle on what many Americans see as misconduct. He's still supposed to submit his book for review to the very agencies whose misbehavior he was revealing. So in response to the book's publication, the DOJ sued Snowden and his publishers, demanding the money from both the book and from Snowden's public presentations.
It seems very unlikely that Permanent Record would get a fair review from the CIA and NSA but the rules don't care. O'Grady even canceled a planned hearing for verbal arguments because he said they weren't necessary. O'Grady notes in the ruling that "there is no genuine dispute of material fact publicly disclosed the type of information and materials described above in Permanent Record and his speeches…" So, he loses and the feds will get to take the money he would have made from the book, a New York Times bestseller.
Brett Max Kaufman, a senior staff attorney with the American Civil Liberties Union who helps represent Snowden, put out a statement saying, "It's farfetched to believe that the government would have reviewed Mr. Snowden's book or anything else he submitted in good faith. For that reason, Mr. Snowden preferred to risk his future royalties than to subject his experiences to improper government censorship." He also calls for reforms to an "unfair and opaque pre-publication review system affecting millions of former government employees."
Snowden's team is considering their options.
Read the ruling here. Read an excerpt from Permanent Record here.
The post The Feds Get Permission To Seize Edward Snowden's Book Profits appeared first on Reason.com.
]]>The call records are coming home to roost for Rep. Devin Nunes (R–Calif.).
Before he became a stalwart defender of President Donald Trump, Nunes consistently fought any and all efforts to restrain the authority of the National Security Agency (NSA) to secretly, warrantlessly collect Americans' call records and metadata. He wasn't quiet about this support for domestic surveillance. When Rep. Justin Amash of Michigan (then a Republican, now an independent) tried to restrain the feds' ability to access American call records, Nunes didn't just vote against Amash's legislation; he attacked Amash loudly and publicly. In 2014, one of Amash's efforts prompted Nunes to call the congressman "Al Qaeda's best friend in the Congress." Nunes even donated $5,000 to Amash's primary opponent.
Now this surveillance apparatus that Nunes has long supported has happily provided his political opponents with information that could destroy his career. The House Permanent Select Committee on Intelligence (which Nunes used to chair, and where he is now the ranking minority member) just published its impeachment report. It shows calls between Nunes and Rudy Giuliani in 2016, as Giuliani was making the media rounds arguing that Ukrainian officials colluded to help Hillary Clinton's presidential campaign. This information will most certainly be used to argue that Nunes is not just a defender of Trump but also an active participant in Giuliani's Ukrainian push.
Nunes isn't happy about that. Last night he tweeted a Washington Examiner piece in which Minority Whip Steve Scalise (R–La.) accuses Intelligence Committee Chair Adam Schiff (D–Calif.) of "spying" on Nunes and asks, "Are there other members of Congress that he is spying on, and what justification does he have? He needs to be held accountable and explain what he's doing, going after journalists, going after members of Congress, instead of doing his job."
But there's no reason to assume that Schiff was specifically targeting Nunes, and it's unlikely that any laws were broken here. Nunes' name and calls came up in the metadata of the impeachment's investigation targets. What is happening to the California congressman right now is an easily foreseeable consequences of the surveillance system Nunes supports.
Scalise should know full well how Schiff is getting this information. He, like Nunes, has supported expanding the NSA's authority to snoop on Americans. Whenever attempts to expand this power has been brought up for a vote, Scalise has been happy to vote yes. In 2018, as House whip, Scalise circulated an email to GOP members with text from Nunes encouraging them to vote against an Amash attempt to provide stronger privacy protections for Americans.
Maybe next time Amash or somebody else in Congress brings forward a bill protecting Americans from secret unwarranted data collection, Nunes and Scalise might consider supporting it.
The post Devin Nunes Supports Secret Surveillance of Americans, Finds Himself Under Surveillance appeared first on Reason.com.
]]>At the age of 22, when I entered the American intelligence community, I didn't have any politics. Like most young people, I had solid convictions that I refused to accept weren't truly mine but rather a contradictory cluster of inherited principles. My mind was a mashup of the values I was raised with and the ideals I encountered online. It took me until my late twenties to finally understand that so much of what I believed—or what I thought I believed—was just youthful imprinting. We learn to speak by imitating the speech of the adults around us, and in the process of that learning we wind up also imitating their opinions until we've deluded ourselves into thinking that the words we're using are our own.
My parents, if not dismissive of politics in general, then certainly dismissive of politicians. This dismissal had little in common with the disaffection of nonvoters or partisan disdain. It was a certain bemused detachment particular to their class, which nobler ages have called the federal civil service or the public sector, but which our own time tends to refer to as the deep state or the shadow government. None of those epithets, however, really captures what it is: a class of career officials (perhaps one of the last functional middle classes in American life) who—unelected and unappointed—serve or work in government, either at one of the independent agencies (from the CIA and NSA to the IRS, the FCC, and so on) or at one of the executive departments (State, Treasury, Defense, Justice, and the like).
These were my parents, these were my people: a nearly 3 million-strong professional government workforce dedicated to assisting the amateurs chosen by the electorate, and appointed by the elected, in fulfilling their political duties—or, in the words of the oath, faithfully executing their offices. These civil servants, who stay in their positions even as administrations come and go, work as diligently under Republicans as under Democrats because they ultimately work for the government itself, providing core continuity and stability of rule.
These were also the people who, when their country went to war, answered the call. That's what I had done after 9/11, and I found that the patriotism my parents had taught me was easily converted into nationalist fervor. For a time, especially in my run-up to joining the Army, my sense of the world came to resemble the duality of the least sophisticated video games, where good and evil are clearly defined and unquestionable.
But once I returned from the Army and rededicated myself to computing, I gradually came to regret my martial fantasies. The more I developed my abilities, the more I matured, the more I realized that the technology of communications had a chance of succeeding where the technology of violence had failed. Democracy could never be imposed at the point of a gun, but perhaps it could be sown by the spread of silicon and fiber. In the early 2000s, the internet was still just barely out of its formative period and, to my mind at least, it offered a more authentic and complete incarnation of American ideals than even America itself. A place where everyone was equal? Check. A place dedicated to life, liberty, and the pursuit of happiness? Check, check, check. It helped that nearly all of the major founding documents of internet culture framed it in terms reminiscent of American history: here was this wild, open new frontier that belonged to anyone bold enough to settle it, swiftly becoming colonized by governments and corporate interests that were seeking to regulate it for power and profit. The large companies that were charging large fees—for hardware, software, the long-distance phone calls that you needed back then to get online, and knowledge itself, which was humanity's common inheritance and so, by all rights, should have been available for free—were irresistible contemporary avatars of the British, whose harsh taxation ignited the fervor for independence.
This revolution wasn't happening in history textbooks, but now, in my generation, and any of us could be part of it solely by dint of our abilities. This was thrilling—to participate in the founding of a new society, one based not on where we were born or how we grew up or our popularity at school but on our knowledge and technological ability. In school, I'd had to memorize the preamble to the U.S. Constitution; now its words were lodged in my memory alongside John Perry Barlow's "A Declaration of the Independence of Cyberspace," which employed the same self-evident, self-elect plural pronoun: "We are creating a world that all may enter without privilege or prejudice accorded by race, economic power, military force, or station of birth. We are creating a world where anyone, anywhere may express his or her beliefs, no matter how singular, without fear of being coerced into silence or conformity."
This technological meritocracy was certainly empowering, but it could also be humbling, as I came to understand when I first went to work in the intelligence community. The decentralization of the internet merely emphasized the decentralization of computing expertise. l might have been the top computer person in my family, or in my Beltway neighborhood, but to work for the IC meant testing my skills against everyone in the country and the world. The internet showed me the sheer quantity and variety of talent that existed, and made clear that, in order to flourish, I had to specialize.
There were a few different careers available to me as a technologist. I could have become a software developer (a programmer), writing the code that makes computers work. Alternatively, I could have become a hardware or network specialist, setting up the servers in their racks and running the wires, weaving the massive fabric that connects every computer, every device, and every file.
Computers and computer programs were interesting to me, and so were the networks that linked them together. But I was most intrigued by their total functioning at a deeper level of abstraction, not as individual components but as an overarching system.
I thought about this a lot while I was driving to and from Lindsay's house and to and from community college; car time has always been thinking time for me, and commutes are long on the crowded Beltway. To be a software developer or programmer was to run the rest stops off the exits and to make sure that all the fast-food and gas station franchises accorded with each other and with user expectations; to be a hardware specialist was to lay the infrastructure, to grade and pave the roads themselves; to be a network specialist was to be responsible for traffic control, manipulating signs and lights to safely route the time-crunched hordes to their proper destinations. To get into systems, however, was to be an urban planner, to take all of the components available and ensure their interaction to maximum effect. It was, pure and simple, like getting paid to play God, or at least a tinpot dictator.
There are two main ways to be a systems guy. One is that you take possession of the whole of an existing system and maintain it, gradually making it more efficient and fixing it when it breaks. That position is called a systems administrator, or sysadmin. The second is that you analyze a problem, such as how to store data or how to search across databases, and solve it by engineering a solution from a combination of existing components or by inventing entirely new ones. This position, the most prestigious, is called a systems engineer. I eventually would do both of these, working my way into administration and from there into engineering, oblivious throughout about how this intense engagement with the deepest levels of integration of computing technology was exerting an influence on my political convictions.
I'll try not to be too abstract here, but I want you to imagine a system. It doesn't matter what system: It can be a computer system, a legal system, or even a system of government. Remember—a system is just a bunch of parts that function together as a whole, which most people are only reminded of when something breaks. It's one of the great chastening facts of working with systems that the part of a system that malfunctions is almost never the part in which you notice the malfunction. In order to find what caused the system to collapse, you have to start from the point where you spotted the problem, and trace it logically through the system's components.
Because systems work according to instructions, or rules, such an analysis is ultimately a search for which rules failed, how, and why—an attempt to identify the specific points where the intention of a rule was not adequately expressed by its formulation or application. Did the system fail because something was not communicated, or because someone abused the system by accessing a resource they weren't allowed to, or by accessing a resource they were allowed to but using it exploitatively? Was the job of one component stopped, or impeded, by another? Did one program, or computer, or group of people take over more than their fair share of the system?
Over the course of my career, it became increasingly difficult for me to ask these questions about the technologies I was responsible for and not about my country. And it became increasingly frustrating to me that I was able to repair the former but not the latter. I ended my time in intelligence convinced that my country's operating system—its government—had decided that it functioned best when broken.
Adapted from Permanent Record, by Edward Snowden. Published by Metropolitan Books, an imprint of Henry Holt and Company. Copyright © 2019 by Edward Snowden. All rights reserved.
The post I Went to Work for the Government and I Found a Failing System appeared first on Reason.com.
]]>My copy of Edward Snowden's new autobiography, Permanent Record, arrived in the mail yesterday just hours after the Department of Justice announced that they want to seize the money I (and many others) paid for it and transfer that money to the federal government.
The Justice Department has filed a civil suit in the United States District Court for the Eastern District of Virginia accusing Snowden of breaching his non-disclosure agreement as a former CIA employee and National Security Agency (NSA) contractor by not submitting his book for pre-publication review so that government officials can make sure it didn't reveal any classified information.
Snowden is living in exile somewhere near Moscow, charged by this same Justice Department with espionage in 2013 for leaking troves of classified documents showing how the NSA had been secretly collecting massive amounts of private phone and internet communications data from millions of Americans, using a section of the post-9/11 Patriot Act as justification.
Rather remarkably, the Justice Department, despite its concerns that the CIA and NSA did not pre-review his book, is not seeking to stop the book's distribution. Instead, they want to force MacMillan Publishers, MacMillan Publishing Group, and Holtzbrinck Publishers to hand over to the government any money they earn from the book's sales and not pass along any of the proceeds to Snowden.
They're invoking a Supreme Court precedent from 1980, Snepp v. United States, that allows the government to seize royalties from former CIA and NSA employees if they publish books about agency activities without submitting their manuscripts for pre-publication review.
Mind you, there's nothing in this Justice Department lawsuit and its press release that explains what would have happened had Snowden, a fugitive, actually submitted his manuscript for review or how that would even work.
It doesn't stop there. Snowden has been giving speeches and remote interviews since 2014 about his work and his whistleblowing, and the Justice Department is going after him about that as well. The lawsuit notes that he makes money from his speeches, which he also does not submit to the CIA or FBI for pre-review (as his agreements with the agencies require).
The lawsuit seems rather comical given that Snowden is famous for leaking classified information, and Snowden's lawyer, Ben Wizner of the American Civil Liberties Union, has said in a statement that the book contains no classified information that hasn't already been published by the media.
But the lawsuit isn't supposed to make logical sense. The purpose of the lawsuit is to punish Snowden, even though they cannot get him back to the United States to put on trial. It's a bit similar to civil asset forfeiture: They aren't able to convict Snowden, so they're just going to try to take his stuff. Look at the way Assistant Attorney General Jody Hunt describes the actions of a man who became famous for informing the public that its own government was secretly collecting their private data:
"This lawsuit demonstrates that the Department of Justice does not tolerate these breaches of the public's trust. We will not permit individuals to enrich themselves, at the expense of the United States, without complying with their pre-publication review obligations."
(Emphasis mine.)
Polls show that more Americans see Snowden as a whistleblower, not as a traitor. The public's trust was breached by the NSA's secret surveillance, not Snowden, who has maintained that the reason he won't return to the United States for a trial is because he won't be allowed to make the case to a jury that his actions were justified whistleblowing for the purpose of benefiting the American public—not an attempt to aid foreign opponents of the United States, as detractors claim.
Snowden, is of course, basking in the extra attention he's getting from the lawsuit, as well he should:
Yesterday, the government sued the publisher of #PermanentRecord for—not kidding—printing it without giving the CIA and NSA a change to erase details of their classified crimes from the manuscript. Today, it is the best-selling book in the world: https://t.co/oMJLOvUjG7
— Edward Snowden (@Snowden) September 18, 2019
In the meantime, the authority for the type of domestic surveillance Snowden exposed expires this year unless Congress acts. Even though the NSA has actually abandoned this type of mass metadata collection and recommended that Congress let authorization lapse, the White House is not only asking for these authorities to be renewed, but to be made permanent.
We would not know nearly as much about the extent of unwarranted federal government snooping and the mass collection of Americans' data were it not for Snowden's whistleblowing. It's absurd and insulting—but not surprising—that the Department of Justice continues to paint him as an enemy of the American people and use that as justification to try to seize any money he makes, even from American citizens like myself who are voluntarily purchasing his book.
Below, defy the Justice Department to watch this interview of Snowden by Reason's Nick Gillespie in 2016:
The post DOJ Gives Edward Snowden's New Book Free Publicity With Lawsuit Demanding Its Proceeds appeared first on Reason.com.
]]>Yesterday evening, an amendment to restrain domestic surveillance under Section 702 of the Foreign Intelligence Surveillance Act (FISA) crashed and burned in the House, failing by a vote of 175-252. Proposed by Reps. Justin Amash (R–Mich.) and Zoe Lofgren (D–Calif.), the amendment's numerous no votes were split almost evenly among Democrats and Republicans.
The amendment was attached to a spending appropriations bill (HR 2740) and would have forbid the use of any funds to submit a surveillance request under Section 702's guidelines unless the requesting organization—the National Security Agency (NSA)—certifies that the surveillance is not "to acquire the communications of a particular, known person reasonably believed to be in the United States, any acquisition of a communication as to which no participant is a person who is targeted pursuant to the authorized acquisition, or any acquisition of a communication known to be entirely domestic."
Translation: The purpose of Section 702 of FISA is intended to authorize warrantless secret surveillance of foreign targets of interest in other countries who may be plotting against the United States. In practice, we know that the NSA has been collecting significant amounts of domestic communications of American citizens, without warrants, in violation of the Fourth Amendment. This was the surveillance that Edward Snowden helped expose, and we've been arguing over it ever since.
Despite repeatedly and loudly complaining that he and his aides had been illegally surveilled under FISA as a candidate, President Donald Trump has done nothing to actually restrain these surveillance powers. Last year, given the opportunity to rethink the limits of Section 702 when it was up for renewal, Congress and Trump instead expanded its authority to snoop on Americans.
So this year, Amash and Lofgren embarked on a new effort to stop the NSA from secretly collecting Americans' communications. Amash spoke passionately in defense of his amendment on the House floor last evening:
We can see what's wrong with Washington right here. We have Republicans for months saying "We're worried about FISA abuse. FISA's out of control!" Here we are trying to limit FISA and they're running against it. They're saying "No, we can't limit FISA!" Democrats say, "We want to hold the president in check. Executive power is out of control." We have an amendment to hold the president in check. This is our time to stand up for the American people. I'm sick of going home and telling them that neither side wanted to defend their rights.
But it was not to be. The amendment got all of 10 minutes of debate and was defeated.
Of interest: Rep. Jim Jordan (R–Ohio) and Amash have been at odds over Trump's behavior to the point that Amash has left the House Freedom Caucus they both helped found. Nevertheless Jordan showed up to declare his support for Amash's amendment, speak in favor of it, and vote for it. On the other side of the aisle, notable Democrats supporting Amash included Democratic presidential candidate Tulsi Gabbard of Hawaii and Rep. Alexandria Ocasio-Cortez of New York.
The roll call of votes can be found here.
The post House Votes Down Amash's Attempt To Stop Warrantless FISA Surveillance appeared first on Reason.com.
]]>The National Security Agency (NSA) has reportedly stopped using a tool to access and analyze Americans' phone records and recommended an end to the practice. But the White House is now considering mounting a defense of the authority in the face of the NSA's policy change.
That's the latest news from Ellen Nakashima of the Washington Post, collected through anonymous sources in President Donald Trump's administration.
Section 215 of the PATRIOT Act authorizes some secret NSA surveillance and access of people's personal records held by third parties through the authorization of the Foreign Intelligence Surveillance Courts. Edward Snowden exposed six years ago that the NSA was using this authority to collect millions of American phone records in their attempts to root out terrorism.
The unwarranted violation of our privacy caused outrage and calls for reform. Section 215 was modified by the USA Freedom Act, which allowed phone records access to continue in a more controlled and monitored fashion. Under these new rules, the NSA was forced to acknowledge that it was not entitled to millions of the records it had collected. It purged those records and then quietly stopped the collection process entirely.
In April, the Wall Street Journal reported that NSA officials decided they would recommend that the government allow its authority to access these records to end. But according to Nakashima, White House officials are preparing not only to push for Section 215 renewal, but also for the authority to be made permanent.
The Washington Post notes that the full expiration of that section of the PATRIOT Act could affect more than just phone record collection:
Following the Sept. 11, 2001, terrorist attacks, Congress expanded the law to enable agencies investigating suspected espionage and terrorism to request court permission to gather data not just from a narrow set of businesses — such as hotels, warehouses and car rental agencies — but also from any third party. And they could seek data related not just to "agents of a foreign power" but also to anyone whose information would be "relevant" to an ongoing investigation.
Allowing the law to lapse would "reset the clock back to 1998 and gut much more than the phone data aspect," said Robert Chesney, a law professor at the University of Texas at Austin. "It would set the general document collection power back to a highly narrow authority limited to a handful of industries."
Keep in mind that the federal government has all sorts of ways to engage in secret unwarranted surveillance of citizens. This authorization is only about the secret collection of records held by third parties. Resist the idea that turning back the clock here would necessarily render us vulnerable. The Post notes that under Section 215 the NSA has collected hundreds of millions of phone records for information about a handful of suspects. Last year, before the program was suspended, they had collected more than 400 million records even though they had only 11 terrorism targets.
This domestic snooping violates our privacy and has not made us safer. The White House should consider letting it go.
The post White House May Seek Renewal of Domestic Snooping Powers the NSA Has Stopped Using. It Shouldn't. appeared first on Reason.com.
]]>Almost six years after Edward Snowden revealed to the American public that the National Security Agency (NSA) was collecting millions upon millions of telephone records without warrants or cause, the agency itself is calling for an end to the practice.
Officials loudly defended the practice at the time, insisting it all was necessary to keep America safe from terrorists. After a political fight, compromise legislation known as the USA Freedom Act allowed the data collection to continue but kept the information in the hands of the telecom companies and put restrictions on NSA agents' ability to access Americans' phone metadata (essentially everything except the actual content of their conversations).
But the NSA reportedly stopped trying to access these phone records earlier in the year, and now The Wall Street Journal reports that the agency says it doesn't want the program any more. That's a big deal, as the powers granted by the USA Freedom Act are up for renewal this year.
There are a few likely reasons why this is happening. First: Though officials kept insisting that the authority to collect these records was vital to tracking down terrorism, it has yet to be credited for catching any terrorists or stopping any terrorist acts. Second: The NSA has found itself collecting massive amounts of private data that it acknowledges it's not allowed to have, forcing it to purge its records. Third: In the time since the NSA first launched this surveillance—back in 2001, when the PATRIOT Act was passed—smartphone users have shifted away from communicating through voice conversations and are more likely to use apps (particularly encrypted ones) to communicate via texting.
If the USA Freedom Act goes away, that doesn't mean that the federal government will lose all its authority to snoop on Americans. Just last year, Congress and President Donald Trump renewed and expanded the feds' powers under the Foreign Intelligence Surveillance Act to secretly surveil Americans for wholly domestic criminal matters.
Should the White House accept the NSA's recommendation here and let the USA Freedom Act expire, that makes it all the more important that we pay attention to governments' efforts across the world to force social media platforms and app makers to introduce backdoors to encryption or some other form of structural weakness that would allow government spies to access our private communications without our knowledge.
This fight is heating up now that Australia has passed expansive, intrusive legislation that essentially forces people who work at or run private communication platforms or apps to assist Australian officials in secretly bypassing encryption. Australia has an intelligence-sharing agreement with the United States, so anything it gathers could be passed along to the feds. Microsoft has warned that it may stop storing data in Australia entirely to keep officials there from forcing the company's employees to give them access to private data.
One avenue of secret, unwarranted surveillance appears to be closing. But the struggle to protect our privacy from government snoops is far from over.
The post The NSA Defended the Domestic Surveillance That Snowden Exposed. Now the Agency Wants to End It. appeared first on Reason.com.
]]>Four lawmakers with a strong record of opposing secret domestic surveillance are teaming up to try to kill the federal government's authority to collect our phone records.
Reps. Justin Amash (R–Mich.) and Zoe Lofgren (D–Calif.), joined by Sens. Rand Paul (R–Ky.) and Ron Wyden (D–Ore.), have introduced the Ending Mass Collection of Americans' Phone Records Act in both the House and the Senate.
The bill would do exactly what the name says: It would snip out a section of law that has been used to justify and authorize mass collection of Americans' phone records—the metadata (who we're calling and when), not the conversations themselves.
This all follows reports earlier this month that after years of fighting over how much domestic surveillance power the National Security Agency (NSA) should have, it has quietly stopped trying to collect and access all of these phone records.
The change came as a bit of a surprise, as this was the surveillance exposed by Edward Snowden, and he fled to Russia and remains there to avoid criminal prosecution for disclosing this secret snooping. That the NSA might have stopped attempting to access all this metadata suggests that critics were right that it not only violated Americans' privacy but was not a particularly useful tool against terrorism.
But we don't really know for certain that NSA requests for phone metadata have actually stopped. And if they have, that doesn't mean the agency can't fire it back up. This bill is intended to ensure that the spies can't change their minds.
"After falsely insisting to Congress that this illegal surveillance program is carefully overseen and critical to national security, the government admitted last year that it had to delete years of records due to legal violations, and now it's been reported that the program has actually been shuttered for six months," Amash said in a prepared statement. "Getting rid of this program will vindicate Americans' rights and begin the process of making the broader Patriot Act reforms that are going to be necessary to address the law's serious constitutional flaws."
Following Snowden's revelations, these lawmakers successfully managed to force the sunset of part of the PATRIOT Act—Section 215—that had been used to justify this mass metadata collection. It was ultimately replaced with the USA Freedom Act, which allowed the collection, but in a more limited way and with additional oversight. The USA Freedom Act is going to sunset this year unless it's renewed, and this move is clearly meant to signal that lawmakers aren't going to just sit back and let it happen without a fight. Given now that there's evidence that the NSA has deliberately abandoned the powers provided by the USA Freedom Act and stopped accessing phone records, supporters of the surveillance state are going to have a harder time making the case that the law is even needed.
Bonus link: Before Snowden, way back in 1992, the Justice Department and Drug Enforcement Adminstration embarked on a massive collection of Americans' phone records without warrants or judicial oversight—that time as part of the drug war. The man in charge: our current attorney general, William Barr.
The post Privacy-Minded Lawmakers Introduce Bill to Stop NSA from Collecting Your Phone Records appeared first on Reason.com.
]]>The USA Freedom Act may be dying not with a bang, or a fight, or a big public debate, but with a whimper. And that might be explained by a simple question: When's the last time you used your cellphone to make an actual phone call?
If you missed the news (and you might have, since as it barely made a dent in the news cycle), the National Security Agency (NSA) has reportedly abandoned a surveillance tool it fought hard to maintain after Edward Snowden exposed it. The NSA had been secretly collecting millions and millions of Americans' phone records and metadata and storing them to look for potential connections to terrorism. Or at least that's the reason we were told they were doing it—there is no evidence that collecting all this private domestic information actually helped fight terrorism at all.
When this abuse of the PATRIOT Act was exposed, intelligence officials and their lawmaker allies fought hard to keep the authority to collect all this information. A compromise was reached in 2015 with the USA Freedom Act, which allowed the NSA to request Americans' phone records from the telecom companies themselves in a more restricted fashion. They still requested millions and millions of records through this system each year. Then they discovered that they were getting records they didn't have the authority to access and had to purge the system last year.
Now an aide to a Republican congressman claims that the NSA has all but abandoned using the Freedom Act to collect phone metadata and the law might not get renewed when it expires at the end of the year. If that's true, it's a strange end to a long fight between national security state officials and privacy activists—a battle that stretched across multiple administrations.
There's a good reason to be skeptical: It's the NSA! They might have developed other ways to collect this data, and there's such a complex and secret legal framework around our surveillance systems that we can't really be certain of what's going on. But there's also a legitimate possibility here that the NSA eventually realized this surveillance wasn't really getting it the data it needed.
That should be good news, but it actually highlights the dramatic importance of another privacy fight: the one over encryption. Increasingly we're using apps and messaging systems to communicate with each other, not phone calls.
On the one hand, that means the metadata from phone calls is less useful to anybody who wants to snoop on you. But it also means that we're passing along the actual contents of the conversation through texts and other messaging tools. And that means that when somebody gets access to your phone, he gets access to the actual conversations you're having—something that wasn't the case with the Freedom Act.
That means the battle over your right to hard-to-break encryption is much more important than the fight over NSA surveillance, even if the latter got so much more attention. Encryption protects your data and messages from prying eyes, including government eyes (not just America's, but others as well).
There's been a significant law-enforcement push, both in the United States and abroad, to try to force tech companies to provide access to this information on demand. Reason has been following this fight for years now, and we've been and warning—as have just about every single technology and information company out there—that strong encryption is necessary to protect our privacy and data from criminals and other bad actors.
But many officials would apparently rather let you be victimized than give up a chance to access your private conversations. Just last week, FBI Director Christopher Wray was beating the drum that there needs to be some way to stop criminals from using encryption to hide information. But there's simply no way to develop systems to bypass encryption that cannot be abused.
At the same time Wray was lamenting encryption's role in keeping secrets from police, Facebook chief Mark Zuckerberg was talking about adding end-to-end encryption to Facebook to make it harder for third parties (including law enforcement) to snoop on private messages. It's becoming clear that encryption is going to be an extremely important mechanism to protect our data privacy as we turn more and more to messaging systems to communicate.
All of this is to say that we really, really need to be paying more attention to how Australian lawmakers may be destroying the stability of our encryption and rendering all of us (not just their own citizens) vulnerable. Australia's Parliament has, over the objections of essentially the entire tech community, passed anti-encryption legislation that grants police agencies the power to make tech companies secretly help them bypass their own security systems to gain access to private data. They can even secretly order tech companies to introduce vulnerabilities to facilitate their own access into an app or a social media platform's messaging systems.
In a recent Reason interview with outgoing libertarian Australian Sen. David Leyonhjelm (available now online here in a trimmed-down version), I asked if he felt lawmakers truly understood the can of worms they were opening with their anti-encryption bill. Leyonhjelm, who is a vocal critic of the expansion of government surveillance there, said he didn't believe that they did:
I don't think they have any idea of what they've getting into….In all fairness, also, we have a law that allows the government to access metadata. And when that was being introduced, our attorney general…was asked by the media, "What is metadata?" He did not have a clue. He did not have a clue. He was responsible for the legislation, which was quite intrusive, similar to the decryption legislation, quite intrusive. It was giving the government authority to monitor our metadata without a warrant….
Now, my view is that the people who thought monitoring metadata was a good idea probably didn't know what it was or what they could do with it. I suspect the same people are responsible for the decryption legislation. They really don't know what they are doing. They're not technically very smart and have no decent understanding of what its limitations are going to be or the principle that the government has a right to snoop on anything that you write.
Australia has an intelligence-sharing agreement with the United States, Canada, the United Kingdom, and New Zealand. If the security of private messaging systems gets compromised in Australia, there's no reason to think that the information that government collects won't get shared with other countries or that the tools used to bypass encryption won't be passed along to these allies.
It's unlikely that the NSA would abandon the use of a surveillance tool if it was effective in any way. The message being sent by the possible abandonment of the USA Freedom Act surveillance powers is that there are other methods of surveillance that might be more effective. And just as we were vocal about the abuses of the PATRIOT Act, we need to be vocal about not allowing our encryption to be compromised and our data security evaporated by secret demands to snoop on us.
The post If the Feds Have Stopped Snooping on Our Phone Records, Watch Out for the Anti-Encryption Propaganda appeared first on Reason.com.
]]>Should we be celebratory or suspicious that the federal government has apparently suspended its program of accessing Americans' phone records after years of public fighting for the authority to do so?
A quiet sort-of bombshell dropped over the weekend on the national security-focused podcast at Lawfare: The National Security Agency (NSA) appears to have given up on the mass collection and consulting of Americans' telephone metadata. That's the information about who we've been calling, how long, how frequently—pretty much everything but the contents of the calls themselves.
If true, this is quite the surprise: It has been close to six years since Edward Snowden risked arrest and prosecution, ultimately fleeing to Russia for sanctuary, all to reveal the existence of this program (and others). Following a massive public fight over how much information the NSA should be allowed to collect about Americans (its job is to track information about foreign governments and terrorists), President Barack Obama and Congress passed the USA Freedom Act, which brought the previously secret program into the sunlight, but added some restrictions (they had to request records from telecom companies rather than just grabbing them for themselves) and a touch of oversight so that the NSA didn't have just full rein to traipse through our personal data. Even that oversight wasn't enough for privacy-minded lawmakers like Rep. Justin Amash (R-Mich.) and Sen. Rand Paul (R-Ky.), who voted against its passage.
Last summer the NSA announced it was deleting millions of phone and text records it had been gathering that it wasn't supposed to have. This has been a recurring issue with the NSA's various tech surveillance efforts: Though the agency is trying to cast a wide net to keep track of potential terrorists, it's regularly getting records and data that even the NSA grasps it doesn't have the authority to collect or even look at.
But since then, according to Luke Murry, the National Security Adviser to House Minority Leader Kevin McCarthy (R-Calif.), the NSA has stopped using this data collection system entirely, and even more surprising, it's now an open question as to whether Congress will even be asked to renew the USA Freedom Act, which expires at the end of the year.
This admission should be seen as remarkable, if it's true. The New York Times notes:
The disclosure that the program has apparently been shut down for months "changes the entire landscape of the debate," said Daniel Schuman, the policy director of Demand Progress, an advocacy group that focuses on civil liberties and government accountability.
Since "the sky hasn't fallen" without the program, he said, the intelligence community must make the case that reviving it is necessary — if, indeed, the National Security Agency thinks it is worth the effort to keep trying to make it work.
The phone records program had never thwarted a terrorist attack, a fact that emerged during the post-Snowden debate.
"If there is an ongoing program, even if we all have doubts about it, that's a very different political matter than if the program has actually stopped," Mr. Schuman said. "Then the question becomes, 'Why restart it?' rather than whether to turn it off."
Now, if the USA Freedom Act quietly sunsets, note that this doesn't in any way affect the NSA's ability to snoop on foreign targets in other countries, particularly suspected terrorists. That the NSA isn't even using this program just highlights what a massive lie it was when supporters of these surveillance authorities insisted that it was vital to protecting national security that the NSA have easy access to these records.
The Wall Street Journal observes that it's not really certain as of yet whether President Donald Trump's administration will allow the authorities to sunset or seek renewal. This fight may heat up again in the fall.
After years of covering these federal surveillance issues, I'm reluctant to predict what will happen here. Recall that in the midst of accusing the federal government of illegally snooping on him and his campaign staff as part of the investigation of Russia's attempts to meddle with the 2016 election, Trump at the same time renewed and expanded a section of the Foreign Intelligence Surveillance Act Amendments that allows secret, warrantless surveillance of Americans for certain types of crimes. Trump has made it clear that his concerns about the violation of privacy rights extends only to those in his orbit. Don't expect him to go to bat for your right to keep your phone records out of the government's hands.
And to be clear, the possible end of the USA Freedom Act doesn't mean the federal government doesn't have access to all sorts of tools needed to secretly snoop on you, or that your personal data isn't being collected in any number of ways you have little control over. Reason's Elizabeth Nolan Brown noted just yesterday how surveillance authorities granted under the PATRIOT Act to allegedly fight terrorism were used to investigate prostitution rings.
The post The NSA Has Apparently Stopped the Domestic Surveillance Program Snowden Exposed appeared first on Reason.com.
]]>Reports of former U.S. intelligence officers helping the United Arab Emirates spy on journalists and government critics should inspire some serious introspection among Western government leaders who want to compromise citizen cybersecurity in the name of fighting crime and terrorism.
Reuters reported yesterday that a handful of former United States intelligence officers, including former National Security Agency (NSA) analysts, have been working for a clandestine team in the UAE to help the authoritarian government spy on its enemies and rivals. The targets included not just rival foreign government officials (like Qataris) but human rights activists critical of the government. The targets even included Americans.
"I am working for a foreign intelligence agency who is targeting U.S. persons," former NSA analyst Lori Stroud told Reuters. "I am officially the bad kind of spy." Stroud left the NSA in 2014—partly due to her role in recommending whistleblower Edward Snowden as a contractor to the NSA in 2013 and what ultimately followed—and went to work for the UAE.
She joined a program called Project Raven, which she initially thought would be defensive counterterrorism efforts intended to protect the UAE from hackers and threats. Then she very quickly learned otherwise. This was an aggressive program to infiltrate and hack the UAE's enemies.
Project Raven exploited a security flaw with iPhones that allowed them to install malware on it without the user knowing or even having to do anything. The tool, named Karma, didn't allow snooping on the calls themselves, but did allow hackers to collect photos and location information and harvest saved passwords.
It should not come as a surprise that the UAE is attempting to hack into the phones of dissidents and activists. Apple actually released an emergency update for its iPhones in 2016 because of malware tools the UAE had been using to try to breach the phone of a human rights advocate in the country.
The Reuters report provides us with another reason why voters should reject government calls to compromise cybersecurity in the name of fighting crime and terrorism.
To be specific, I'm referring to the constant insistence by government officials and law enforcement leaders that phones and online communication platforms and apps should have some sort of back door, or mechanism for the government to bypass encryption. In America, in the United Kingdom, and in Australia, we have political leaders and heads of law enforcement and intelligence operations insisting that tech companies must help them compromise security to keep criminals and terrorists from "going dark"—using encrypted communications to hide from surveillance.
Privacy experts and tech companies habitually warn these leaders that you cannot compromise cybersecurity in such a way that only the "right" people have access to the communications of only terrorists. Any key that can be used to bypass encryption is inevitably going to find its way into the wrong hands and be used against good people. These bad actors could be criminals looking to engage in identity theft or scams. Or they could be dangerous governments like the UAE looking to punish human rights activists with the help of American alumni of the NSA.
Somebody alert Australia's Parliament that their anti-encryption legislation could actually kill people.
The post Bombshell Report About Americans Helping UAE Hack Phones Is a Warning Against Compromising Encryption appeared first on Reason.com.
]]>After a suggestion from Sen. Rand Paul (R-Ky.), the White House is considering possibly revoking the security clearances of some big name officials who have been critical of President Donald Trump.
Among the names that have been floated are former CIA directors John Brennan and Michael Hayden, former National Security Adviser Susan Rice, former Director of National Intelligence James Clapper, fired FBI Director James Comey, and fired former FBI Deputy Director Andrew McCabe. Those last two no longer have national security clearances anyway, so there's been some mocking of the White House for floating those names without even checking.
No former federal official has a right to a security clearance, and the president has a significant amount of leeway to operate here. Historically, though, security clearances are revoked for misconduct, not for speech critical of an administration. But accusations of political motivations are not unheard of, and you can see some examples from previous administrations. Here's a case from President Barack Obama's State Department.
Currently, there are more than 4 million people with security clearances of various levels. The New York Times notes that the maintenance of these security clearances serves a couple of functions. First, it allows the federal government to bring in former staff to consult and advise, which happens fairly frequently. Second, the access provided by the security clearance has market value. It translates into job opportunities in the private sector with consultants and lobbyists who want to influence government policy.
It's that second part that Trump and Paul seem to be targeting. Paul says that government officials shouldn't be using their security clearances to leverage speaking fees or cable appearances.
But why not? I mean, if the market places value in these prior relationships, what exactly is the ethical problem here if the private sector is willing to pay for these ties? But let's say there is an ethical problem. Why is this push only targeting Trump critics? If this is profiteering off of political access, shouldn't it be targeting a much wider swathe of people?
There's potentially a case that, yes, too many people maintain these security clearances and it fosters a marketplace in Washington, D.C., that revolves around the capacity to influence government spending and regulations. That's the whole "swamp" that Trump and his supporters go on about. Tackling this component of the swamp would involve reducing the size and scope of our government's defense and national security apparatus, which is pretty much the opposite of what Trump is doing. Trump loves the part of the swamp where all the defense contractors live.
This proposal does not in any meaningful way tackle the larger issue of the revolving door between government employees and private lobbying and consulting firms. It is instead an extremely transparent way for the administration to attempt to punish critics with ties to the government.
And to be clear here, this group the White House is targeting will do just fine. They're powerful and known enough and have enough experience to not need their security clearances. Brennan and Hayden both said that this wouldn't affect them in any way. And nothing short of a meteor strike can puncture Comey's overinflated sense of self-regard.
It's what happens downstream we need to pay attention to. What does this threat mean for those in the FBI responsible for investigating the role Russia played in meddling with the 2016 election? What does this mean for whistleblowers or anybody connected to the government who may attempt to warn the public of misconduct? Because this is not an effort to "drain the swamp" in any real way, it's really threatening that anybody who puts out information critical of the president could lose their security clearance and thereby lose job prospects. This isn't about stopping the revolving door between government and private lobbying; it's the White House deciding who gets to spin through that door based on how they treat the president.
That's pretty nasty, and if this happens, there will be further consequences. Patrick Eddington, a policy analyst at the Cato Institute, is, like myself, no fan of men like Clapper, Brennan, and Hayden. These are men with lengthy histories supporting violations of Americans' civil liberties in the name of national security. But over at Just Security, Eddington sees the long game if Trump goes forward with this proposal:
The real losers in this are the professional civil servants elsewhere in America's vast national security bureaucracy, especially anybody working at the Justice Department. Trump's real target is the FBI agent in his mid-40s, with two kids on their way to college and a mortgage to pay, who happens to be working on the Russia investigation. Or, it could be his counterpart, a federal prosecutor who's in the middle of her career and helping to guide the investigation. Trump's crude message to the bureaucracy is clear: Do anything to embarrass or implicate me in a crime, and I'll take away your meal ticket: Your security clearance.
It's a viable threat. There's no statute, much less a constitutional provision, that prevents Trump from revoking any executive branch employee's security clearance—for any reason or no reason. And without a valid security clearance, you can't hold a job as an FBI agent, FBI intelligence analyst, or attorney in the Justice Department—because those jobs require agents and lawyers to have access to sometimes highly classified information on potential suspects, particularly but not exclusively foreign national suspects. Like known Russian intelligence operatives.
House Speaker Paul Ryan (R-Wis.) said today he thought Trump was just "trolling people" with this proposal. But is he trolling people like Clapper and Hayden or is he trolling the sort of FBI agents that Eddington mentions?
The post Rand Paul Encourages Trump to Attack Security Clearances of Government Critics appeared first on Reason.com.
]]>The National Security Agency (NSA) has announced that it is deleting millions of phone and text records it has gathered since 2015, because it is holding a bunch of records it was not supposed to have.
Such discoveries are not unusual (which itself should be more of an outrage). The NSA previously stopped an entire type of record collection and retention (communications that were "about" a person of interest to the NSA) because the agency was getting its hands on private communication data it was not authorize to receive.
In this case, Congress passed the USA Freedom Act in 2015 to better control (and potentially limit) the NSA's access to the metadata (that is, everything but the conversations' actual content) of Americans' communications. This reform was part of a backlash against the mass surveillance exposed by Edward Snowden, and the bill was passed after some privacy-minded lawmakers, such as Sens. Rand Paul (R-Ky.) and Ron Wyden (D-Ore.), forced a part of the Patriot Act to expire that was being used to justify mass amounts of domestic snooping.
Under the USA Freedom Act, the NSA no longer collects and combs through our communications metadata itself. Instead it now has to request records from telecommunications companies using strictly defined search terms. No more fishing expeditions. Allegedly.
The problem, as Charlie Savage of The New York Times uncovered, is that the telecom companies were accidentally sending too many records in response to NSA requests. And so the agency was receiving private personal information about Americans' communications data that it neither asked for nor had the right to examine:
As a result, when the agency then fed those phone numbers back to the telecoms to get the communications logs of all of the people who had been in contact with its targets, the agency also gathered some data of people unconnected to the targets. The National Security Agency had no authority to collect their information.
"If the first information was incorrect, even though on its face it looked like any other number, then when we fed that back out, by definition we'd get records back on the second hop that we did not have authority to collect," [an NSA spokesman] said.
This is a problem, and we don't know how extensive it is as yet. The NSA requested more than 500 million telecom records just last year. It is unable to determine which records it has the authorization to collect, so it is purging all of them.
Earlier today, President Donald Trump weighed in with a tweet, unfortunately making it about himself:
Wow! The NSA has deleted 685 million phone calls and text messages. Privacy violations? They blame technical irregularities. Such a disgrace. The Witch Hunt continues!
— Donald J. Trump (@realDonaldTrump) July 3, 2018
This is not about Trump and it's not about whether the FBI was appropriate or inappropriate in its surveillance and investigations of his former staff and their alleged ties to Russia. It's about you and me and the government's access to our private information and its poor management of this information. It may well be a disgrace. But it's not part of the "Witch Hunt" that Trump believes is happening.
Trumpifying this NSA surveillance situation is a problem, because the environment of political polarization will inevitably lead to a situation where politically engaged people care only about how it affects Trump. Cato Senior Fellow Julian Sanchez rightfully tweeted out a worry that the response by the media could be to claim that this isn't really a big deal since it doesn't actually connect to the president. That would mean ignoring its effects on our own privacy.
Many of the same privacy-minded lawmakers who managed to force some of the surveillance authorities of the Patriot Act to expire also opposed the USA Freedom Act. Congressmen like Justin Amash (R-Mich.), Thomas Massie (R-Ky.), and Jared Polis (D-Colo.) voted against the bill because they believed it still gave the government too much power to collect our records without warrants. Sen. Paul rejected the USA Freedom Act for the same reason. He tweeted this response to Trump today:
The NSA should immediately cease collecting American citizens' data without a warrant. Let's stand up for the Fourth Amendment! https://t.co/aCyuIK8iM2
— Senator Rand Paul (@RandPaul) July 3, 2018
Unfortunately, Trump has shown that he's perfectly fine with snooping on Americans without a warrant as long as those Americans aren't his buddies. He happily signed a bill in January renewing and expanding the government's authority to secretly spy on Americans under the Foreign Intelligence Surveillance Act Amendments.
The post NSA Purging Millions of Improperly Collected Call Records Is Important (and Not About Trump) appeared first on Reason.com.
]]>Reality Winner—the young contract employee arrested and prosecuted for espionage after leaking a secret National Security Agency (NSA) report about Russian attempts to infiltrate U.S. voting systems prior to the 2016 election—has reportedly accepted a plea deal.
Winner was arrested a year ago, the first leak prosecution under President Donald Trump. The 26-year-old woman worked as an NSA contractor near Augusta, Georgia. She is accused of leaking a top-secret report to The Intercept detailing attempts by Russian hackers to infiltrate voter registration systems.
Winner's case immediately became politicized because of her own personal beliefs and public criticisms of President Trump. But as I noted back then, there was nothing about the report Winner leaked that connected to Trump at all. It was information that Americans arguably deserved to know about attempts by foreign governments to directly interfere with election outcomes. It wasn't about silly social media campaigns or Twitter bots.
Unfortunately, the Espionage Act doesn't care why somebody leaks top secret information and the law doesn't care if a leak is arguably in the public interest. That's why Edward Snowden is hidden away in Russia. Even if many Americans believe the surveillance information that he leaked served the public's interest and right to know, he's not allowed to raise that defense in a trial.
So it goes with Winner. Her mother, Billie Winner-Davis, told the Atlanta Journal-Constitution that this played into the decision to accept a plea. Winner potentially faces a sentence of up to 10 years in federal prison and a fine of $250,000 if convicted (though she'd probably be sentenced to much less).
Winner-Davis speculated that the Espionage Act—which takes only the underlying act of leaking into account, not motive or mitigating circumstances—was too difficult to fight. Her daughter's legal team suffered one defeat after another in rulings handed down by the judge, and Epps declined to release Winner from jail while her charges were pending.
"I'm not happy about it," Winner-Davis said of the plea deal. "I still feel like the espionage charge is wrong. I feel like it's harsh. I feel like it doesn't allow a defendant to defend themselves."
Whatever happens in court next week, she said she will continue to fight to clear her daughter's name: "Regardless of what she's been charged with, she's not a traitor to this country."
Winner was denied bail this whole time, even though she's very obviously not a danger to the community. Federal judges accepted the possibility that she's a flight risk, even though she had given up her passport and agreed to be monitored, based on her previous declarations of support for both Snowden and Julian Assange.
The details of the plea won't be known until next week. Winner is just the latest of a small parade of leak-related prosecutions that started under President Barack Obama, and that the Trump administration is more than happy to continue.
The post After a Year Stuck in Jail, Reality Winner to Accept Plea Deal for Leaking NSA Report on Russian Election Meddling appeared first on Reason.com.
]]>