Glenn Greenwald and his colleagues at The Intercept has just released an extensive report on the NSA use of XKEYSCORE. And here’s a video on the same topic:
See the related Guardian article for more details.
As I have said previously, it’s all a farce and now becoming a circus… And consider the timing, what kind of message is this for France given the recent WikiLeaks’ Espionnage Élysée exposé of NSA spying on not only 3 French Presidents but also French companies?
See the New York Times article below.
Surveillance Court Rules That N.S.A. Can Resume Bulk Data Collection
By CHARLIE SAVAGEJUNE 30, 2015
WASHINGTON — The Foreign Intelligence Surveillance Court ruled late Monday that the National Security Agency may temporarily resume its once-secret program that systematically collects records of Americans’ domestic phone calls in bulk.
But the American Civil Liberties Union said Tuesday that it would ask the United States Court of Appeals for the Second Circuit, which had ruled that the surveillance program was illegal, to issue an injunction to halt the program, setting up a potential conflict between the two courts.
The program lapsed on June 1, when a law on which it was based, Section 215 of the USA Patriot Act, expired. Congress revived that provision on June 2 with a bill called the USA Freedom Act, which said the provision could not be used for bulk collection after six months.
The six-month period was intended to give intelligence agencies time to move to a new system in which the phone records — which include information like phone numbers and the duration of calls but not the contents of conversations — would stay in the hands of phone companies. Under those rules, the agency would still be able to gain access to the records to analyze links between callers and suspected terrorists.
But, complicating matters, in May the Court of Appeals for the Second Circuit, in New York, ruled in a lawsuit brought by the A.C.L.U. that Section 215 of the Patriot Act could not legitimately be interpreted as permitting bulk collection at all.
Congress did not include language in the Freedom Act contradicting the Second Circuit ruling or authorizing bulk collection even for the six-month transition. As a result, it was unclear whether the program had a lawful basis to resume in the interim.
After President Obama signed the Freedom Act on June 2, his administration applied to restart the program for six months. But a conservative and libertarian advocacy group, FreedomWorks, filed a motion in the surveillance court saying it had no legal authority to permit the program to resume, even for the interim period.
In a 26-page opinion made public on Tuesday, Judge Michael W. Mosman of the surveillance court rejected the challenge by FreedomWorks, which was represented by a former Virginia attorney general, Ken Cuccinelli, a Republican. And Judge Mosman said the Second Circuit was wrong, too.
“Second Circuit rulings are not binding” on the surveillance court, he wrote, “and this court respectfully disagrees with that court’s analysis, especially in view of the intervening enactment of the USA Freedom Act.”
When the Second Circuit issued its ruling that the program was illegal, it did not issue any injunction ordering the program halted, saying it would be prudent to see what Congress did as Section 215 neared its June 1 expiration. Jameel Jaffer, an A.C.L.U. lawyer, said on Tuesday that the group would now ask for one.
“Neither the statute nor the Constitution permits the government to subject millions of innocent people to this kind of intrusive surveillance,” Mr. Jaffer said. “We intend to ask the court to prohibit the surveillance and to order the N.S.A. to purge the records it’s already collected.”
Continue reading the main story
Continue reading the main story
The bulk phone records program traces back to October 2001, when the Bush administration secretly authorized the N.S.A. to collect records of Americans’ domestic phone calls in bulk as part of a broader set of post-Sept. 11 counterterrorism efforts.
The program began on the basis of presidential power alone. In 2006, the Bush administration persuaded the surveillance court to begin blessing it under of Section 215 of the Patriot Act, which says the government may collect records that are “relevant” to a national security investigation.
The program was declassified in June 2013 after its existence was disclosed by the former intelligence contractor Edward J. Snowden.
It remains unclear whether the Second Circuit still considers the surveillance program to be illegal during this six-month transition period. The basis for its ruling in May was that Congress had never intended for Section 215 to authorize bulk collection.
In his ruling, Judge Mosman said that because Congress knew how the surveillance court was interpreting Section 215 when it passed the Freedom Act, lawmakers implicitly authorized bulk collection to resume for the transition period.
“Congress could have prohibited bulk data collection” effective immediately, he wrote. “Instead, after lengthy public debate, and with crystal-clear knowledge of the fact of ongoing bulk collection of call detail records,” it chose to allow a 180-day transitional period during which such collection could continue, he wrote.
The surveillance court is subject to review by its own appeals panel, the Foreign Intelligence Surveillance Court of Review. Both the Second Circuit and the surveillance review court are in turn subject to the Supreme Court, which resolves conflicts between appeals courts.
Wyn Hornbuckle, a Justice Department spokesman, said in a written statement that the Obama administration agreed with Judge Mosman.
Since the program was made public, plaintiffs have filed several lawsuits before regular courts, which hear arguments from each side before issuing rulings, unlike the surveillance court’s usual practice, which is to hear only from the government. Judge Mosman’s disagreement with the Second Circuit is the second time that the surveillance court has rejected a contrary ruling about the program by a judge in the regular court system.
In a lawsuit challenging the program that was brought by the conservative legal advocate Larry Klayman, Judge Richard J. Leon of Federal District Court in the District of Columbia ruled in December 2013 that the program most likely violated the Fourth Amendment, which prohibits unreasonable searches and seizures.
But in March 2014, Judge Rosemary M. Collyer, a Federal District Court judge who also sits on the secret surveillance court, rejected Judge Leon’s reasoning and permitted the program to keep going. The Obama administration has appealed Judge Leon’s decision to the Court of Appeals for the District of Columbia.
The Freedom Act also contains a provision saying that whenever the surveillance court addresses a novel and significant legal issue, it must either appoint an outside “friend of the court” who can offer arguments contrary to what the government is saying, or explain why appointing one is not appropriate.
The first test of that reform came last month when another judge on the court, F. Dennis Saylor IV, addressed a separate issue raised by the passage of the Freedom Act. Judge Saylor acknowledged that it was novel and significant, but declined to appoint an outside advocate, saying the answer to the legal question was “sufficiently clear” to him without hearing from one.
A version of this article appears in print on July 1, 2015, on page A19 of the New York edition with the headline: Surveillance Court Rules That N.S.A. Can Resume Bulk Data Collection.
(Above) photo credit: Focus
Assume this is no surprise to many? Following the recent WikiLeaks’ Espionnage Élysée exposé about the NSA spying on 3 French presidents, new WikiLeaks documents revealed how “the US has had a decade- long policy of economic espionage against France, including the interception of all French corporate contracts and negotiations valued at more than $200 million”.
“That covers not only all of France’s major companies, from BNP Paribas, AXA and Credit Agricole to Peugeot and Renault, Total and Orange, but it also affects the major French farming associations,” according to WikiLeaks founder Julian Assange.
“Central within the cache of documents are two long-term spying orders (“collection requirements”) which define the kinds of intelligence the NSA is tasked with collecting in its surveillance operations against France. The documents make clear that the NSA has been tasked with obtaining intelligence on all aspects of the French economy, from government policy, diplomacy, banking and participation in international bodies to infrastructural development, business practices and trade activities,” according to WikiLeaks.
Here’s a related story from Techcrunch:
New WikiLeaks Documents Reveal NSA Spied On Top French Companies
by Romain Dillet (@romaindillet)
Following last week’s eavesdropping reports, WikiLeaks shared new documents with Libération and Mediapart. This time, the new documents reveal that the NSA was spying on France’s best performing companies for economic intelligence purposes.
In addition to eavesdropping French Economy Ministers François Baroin and Pierre Moscovici between 2004 and 2012, the NSA gathered as much data as possible on big French companies. In particular, the agency wanted to know more about the companies that signed expensive export contracts for industrial goods, such as nuclear power plants, planes, high speed trains, etc.
According to an economic espionage order, the NSA intercepted all French corporate contracts and negotiations valued at more than $200 million in many different industries, such as telecommunications, electrical generation, gas, oil, nuclear and renewable energy, and environmental and healthcare technologies.
A second economic espionage order called “France: Economic Developments” shows that information was then shared with other U.S. agencies and secretaries, including the Secretary of Energy, the Secretary of Commerce, the Federal Reserve and the Secretary of Treasury. Eventually, this data could have been used to help sign export deals.
According to France’s IT security agency Anssi, the NSA could have spied on at least a hundred French companies, including most public CAC40 companies. Airbus filed a complaint for intelligence gathering earlier today.
The second document also states that the NSA could share this information with its closest allies — the U.K., Canada, New Zealand and Australia. It’s unclear whether the NSA is still actively spying on French companies. Today’s news is particularly interesting as it proves that the NSA is not only a geopolitical intelligence agency. It also plays an important role when it comes to economic intelligence.
See the following CNN article for more details.
(Above) Photo credit: The Intercept
French Justice Minister Says Snowden and Assange Could Be Offered Asylum
By Jenna McLaughlin @JennaMC_Laugh
French Justice Minister Christiane Taubira thinks National Security Agency whistleblower Edward Snowden and WikiLeaks founder Julian Assange might be allowed to settle in France.
If France decides to offer them asylum, she would “absolutely not be surprised,” she told French news channel BFMTV on Thursday (translated from the French). She said it would be a “symbolic gesture.”
Taubira was asked about the NSA’s sweeping surveillance of three French presidents, disclosed by WikiLeaks this week, and called it an “unspeakable practice.”
Her comments echoed those in an editorial in France’s leftist newspaper Libération Thursday morning, which said giving Snowden asylum would be a “single gesture” that would send “a clear and useful message to Washington,” in response to the “contempt” the U.S. showed by spying on France’s president.
Snowden, who faces criminal espionage charges in the U.S., has found himself stranded in Moscow with temporary asylum as he awaits responses from two dozen countries where he’d like to live; and Assange is trapped inside the Ecuadorian Embassy in London to avoid extradition to Sweden. (See correction below.)
Taubira, the chief of France’s Ministry of Justice, holds the equivalent position of the attorney general in the United States. She has been described in the press as a “maverick,” targeting issues such as poverty and same-sex marriage, often inspiring anger among French right-wingers.
Taubira doesn’t actually have the power to offer asylum herself, however. She said in the interview that such a decision would be up to the French president, prime minister and foreign minister. And Taubira just last week threatened to quit her job unless French President François Hollande implemented her juvenile justice reforms.
Correction: Due to an editing error, an earlier version of this article improperly described the state of Assange’s case in Sweden and his reason for avoiding extradition. He has refused to go to Sweden, where he faces accusations of sexual assault, because he fears he could then be extradited to the United States.
(This post is from our blog: Unofficial Sources.)
Check out the related news here.
by Josh Constine (@joshconstine)
Edward Snowden says we should support Apple’s newly emphasized commitment to privacy rather than a business model driven by personal data collection, whether or not Tim Cook is being genuine. Snowden spoke over video conference during the Challenge.rs conference in Barcelona today.
I asked Snowden his thoughts on Cook’s recent acceptance speech for an Electronic Privacy Information Center award, saying:
“CEO Tim Cook recently took a stand on privacy and Apple’s business, saying “some of the most prominent and successful companies have built their businesses by lulling their customers into complacency about their personal information. They’re gobbling up everything they can learn about you and trying to monetize it. We think that’s wrong. And it’s not the kind of company that Apple wants to be.”
Do you think Cook’s perspective genuine and honest, and how do you think it will play out long-term with regards to it hurting or helping Apple’s business, or whether Apple will keep this promise to privacy?”
“I think in the current situation, it doesn’t matter if he’s being honest or dishonest. What really matters is that he’s obviously got a commercial incentive to differentiate himself from competitors like Google. But if he does that, if he directs Apple’s business model to be different, to say “we’re not in the business of collecting and selling information. We’re in the business of creating and selling devices that are superior”, then that’s a good thing for privacy. That’s a good thing for customers.
And we should support vendors who are willing to innovate. Who are willing to take positions like that, and go “You know, just because it’s popular to collect everybody’s information and resell it..to advertisers and whatever, it’s going to serve our reputation, it’s going to serve our relationship with our customers, and it’s going to serve society better. If instead we just align ourselves with our customers and what they really want, if we can outcompete people on the value of our products without needing to subsidize that by information that we’ve basically stolen from our customers, that’s absolutely something that should be supported. And regardless of whether it’s honest or dishonest, for the moment, now, that’s something we should support, that’s something we should incentivize, and it’s actually something we should emulate.
And if that position comes to be reversed in the future, I think that should be a much bigger hammer that comes against Apple because then that’s a betrayal of trust, that’s a betrayal of a promise to its customers. But I would like to think that based on the leadership that Tim Cook has shown on this position so far, he’s spoken very passionately about private issues, that we’re going to see that continue and he’ll keep those promises.
It’s reasonable to wonder how much of Cook’s chest-beating on privacy is philosophy and how much is marketing. Since the iCloud celebrity photo hack last year, we’ve written about how Apple needs to be more transparent about security and privacy. Snowden seems to agree it could benefit the company as well as society.
Apple’s steps in that direction through press releases and public appearances by Cook have been positively received. They resonate especially well with the public in contrast to other tech giants like Google and Facebook that are aggressively collecting private personal data, and the widespread security breaches of big brands.
Yet while people frequently say privacy is important to them, their unwillingness to stray from products that rely on mining their data seems to suggest otherwise. We’re just at the start of the age of personalized computing, and those that embrace it may get an advantage in the market.
Apple is experimenting with ways to personalize with privacy in mind. Its new Proactive update to Siri scans your email to remind you about events, but only does this on your device rather than copying your data to its servers for processing. To keep up while remaining true to its ideals, Apple will need more creative solutions like this to deliver convenience without being creepy.
Google Faces French Ultimatum Over Right to Be Forgotten
by Stephanie Bodoni
June 12, 2015 — 5:22 PM HKT
Updated on June 12, 2015 — 11:24 PM HKT
Google Inc. risks French fines after being handed a 15-day ultimatum to extend the so-called right to be forgotten to all its websites, including those outside the European Union.
France’s data protection regulator, CNIL, ordered the world’s most-used search engine to proceed with delistings of links across its network, irrespective of the domain name, according to a statement on Friday. CNIL said it received “hundreds of complaints following Google’s refusals.”
The order comes more than a year after a ruling by the EU’s highest court created a right to be forgotten, allowing people to seek the deletion of links on search engines if the information was outdated or irrelevant. The ruling created a furor, with Mountain View, California-based Google appointing a special panel to advise it on implementing the law. The panel opposed applying the ruling beyond EU domains.
If Google “doesn’t comply with the formal notice within the 15 days,” Isabelle Falque-Pierrotin, the president of CNIL “will be in position to nominate a rapporteur to draft a report recommending to the CNIL Select Committee to impose a sanction to the company,” the watchdog said.
“We’ve been working hard to strike the right balance in implementing the European court’s ruling, cooperating closely with data protection authorities,” Al Verney, a spokesman for Google in Brussels, said in an e-mailed statement. “The ruling focused on services directed to European users, and that’s the approach we are taking in complying with it.”
EU data protection chiefs, currently headed by Falque-Pierrotin, last year already urged Google to also remove links, when needed, from .com sites.
Google Chairman Eric Schmidt has argued that the EU court’s ruling in May 2014 — in which it ordered search links tied to individuals cut when those people contend the material is irrelevant or outdated — didn’t need to be extended to the U.S. site.
“It is easy circumventing the right to be forgotten by using the domain Google.com,” said Johannes Caspar, the Hamburg data protection commissioner. “Google should be compliant with the decision and fill the protection gap quickly.”
Google has removed 342,161, or 41.3 percent, of links that it has “fully processed,” according to a report on its website.
The U.K.’s Information Commissioner’s Office said in a statement that its experience with removal requests “suggests that, for the most part, Google are getting the balance right between the protection of the individual’s privacy and the interest of internet users.”
The right-to-be-forgotten rules add to separate demands for curbs on Google’s market power being considered by lawmakers this week. EU antitrust regulators in April escalated their four-year-old probe into Google, sending the company a statement of objections accusing the Internet giant of abusing its dominance of the search-engine market.
The same day, the EU also started a new investigation into Google’s Android mobile-phone software.
The latest news on Snowden’s encrypted files being decoded by Russian and Chinese spies would surely do no good for the former NSA contractor but conspiracy theorists would certainly question not just the validity of these claims but the timing – consider recent attempts to restore NSA surveillance and let’s not forget how closely the the NSA works with its British counterparts GCHQ, or MI6 for that matter.
(Above) photo credit: MARC VALLÉE
Check out the NYT article below.
Hackers May Have Obtained Names of Chinese With Ties to U.S. Government
By DAVID E. SANGER and JULIE HIRSCHFELD DAVISJUNE 10, 2015
WASHINGTON — Investigators say that the Chinese hackers who attacked the databases of the Office of Personnel Management may have obtained the names of Chinese relatives, friends and frequent associates of American diplomats and other government officials, information that Beijing could use for blackmail or retaliation.
Federal employees who handle national security information are required to list some or all of their foreign contacts, depending on the agency, to receive high-level clearances. Investigators say that the hackers obtained many of the lists, and they are trying to determine how many of those thousands of names were compromised.
In classified briefings to members of Congress in recent days, intelligence officials have described what appears to be a systematic Chinese effort to build databases that explain the inner workings of the United States government. The information includes friends and relatives, around the world, of diplomats, of White House officials and of officials from government agencies, like nuclear experts and trade negotiators.
“They are pumping this through their databases just as the N.S.A. pumps telephone data through their databases,” said James Lewis, a cyberexpert at the Center for Strategic and International Studies. “It gives the Chinese the ability to exploit who is listed as a foreign contact. And if you are a Chinese person who didn’t report your contacts or relationships with an American, you may have a problem.”
Officials have conceded in the briefings that most of the compromised data was not encrypted, though they have argued that the attacks were so sophisticated and well hidden that encryption might have done little good.
The first attack, which began at the end of 2013 and was disclosed in the middle of last year, was aimed at the databases used by investigators who conduct security reviews. The investigators worked for a contracting firm on behalf of the Office of Personnel Management, and the firm was fired in August.
The broader attack on the personnel office’s main databases followed in December. That attack, announced last week, involved the records of more than four million current and former federal employees, most of whom have no security clearances.
White House and personnel office officials have provided few details about the latest breach. But the Department of Homeland Security has been telling outside experts and members of Congress that it regards the detection of the attack as a success, because it made use of new “signatures” of foreign hackers, based on characteristics of computer code, to find the attack.
In a statement, the personnel office said Wednesday that “it was because of these new enhancements to our IT systems that O.P.M. was able to identify these intrusions.” But the detection happened in April, five months after the attack began.
The list of relatives and “close or continuous contacts” is a standard part of the forms and interviews required of American officials every five years for top-secret and other high-level clearances, and government officials consider the lists to be especially delicate.
In 2010, when The New York Times was preparing to publish articles based on 250,000 secret State Department cables obtained by WikiLeaks, the newspaper complied with a request by the department to redact the names of any Chinese citizens who were described in the cables as providing information to American Embassy officials. Officials cited fear of retaliation by the Chinese authorities.
Officials say they do not know how much of the compromised data was exposed to the Chinese hackers. While State Department employees, especially new ones, are required to list all their foreign friends, diplomats have so many foreign contacts that they are not expected to list them all.
But other government officials are frequently asked to do so, especially in interviews with investigators. The notes from those interviews, conducted by a spinoff of the personnel office called the United States Investigative Service, were obtained by hackers in the earlier episode last year.
Intelligence agencies use a different system, so the contacts of operatives like those in the C.I.A. were not in the databases.
But the standard form that anyone with a national security job fills out includes information about spouses, divorces and even distant foreign relatives, as well as the names of current or past foreign girlfriends and boyfriends, bankruptcies, debts and other financial information. And it appears that the hackers reached, and presumably downloaded, images of those forms.
“I can’t say whether this was more damaging than WikiLeaks; it’s different in nature,” said Representative Adam B. Schiff, a California Democrat who is a member of the House Intelligence Committee, which was briefed by intelligence officials, the Department of Homeland Security and the personnel office on Tuesday. Mr. Schiff, who declined to speak about the specifics of the briefing, added, “But it is certainly one of the most damaging losses I can think of.”
Investigators were surprised to find that the personnel office, which had already been so heavily criticized for lax security that its inspector general wanted parts of the system shut down, did not encrypt any of the most sensitive data.
The damage was not limited to information about China, though that presumably would have been of most interest to the hackers. They are likely to be particularly interested in the contacts of Energy Department officials who work on nuclear weapons or nuclear intelligence, Commerce Department or trade officials working on delicate issues like the negotiations over the Trans-Pacific Partnership, and, of course, White House officials.
In a conference call with reporters on Wednesday, Senator Angus King, an independent from Maine on both the Intelligence Committee and the Armed Services Committee, called for the United States to retaliate for these kinds of losses. “Nation-states need to know that if they attack us this way, something bad is going to happen to their cyberinfrastructure,” he said.
But Mr. King said he could not say if the attacks on the personnel office were state-sponsored, adding, “I have to be careful; I can’t confirm the identity of the entity behind the attack.” The Obama administration has not formally named China, but there has been no effort to hide the attribution in the classified hearings.
The scope of the breach is remarkable, experts say, because the personnel office apparently learned little from earlier government data breaches like the WikiLeaks case and the surveillance revelations by Edward J. Snowden, both of which involved unencrypted data.
President Obama has said he regards the threat of cyberintrusions as a persistent challenge in a world in which both state and nonstate actors “are sending everything they’ve got at trying to breach these systems.”
The problem “is going to accelerate, and that means that we have to be as nimble, as aggressive and as well resourced as those who are trying to break into these systems,” he said at a news conference this week.
The White House has stopped short of blaming Katherine Archuleta, the director of the personnel office, for the breach, emphasizing that securing government computer systems is a challenging task.
Correction: June 10, 2015
An earlier version of a photo caption with this article misstated the name of the federal office building where employees handle national security information are required to list their foreign contacts. It is the Office of Personnel Management building, not Office of Personal Management.
Matt Apuzzo contributed reporting.
The legendary former NSA crypto-mathematician and whistleblower William Binney:
You may have read and heard about the latest cyberattacks on the US government (see video above) over the weekend? Reckon you can’t help wondering how coincidental this “incident” was, judging by the following Guardian article. Nice strategy, Congress??
Now the question is: how long has this been going on and is this a “Plan B” in the aftermath of the recent NSA Surveillance stand-down?
Find out more from the Guardian.
(Above) Photo credit: http://glenngreenwald.net/
Check out the following Guardian article:
Charges against Edward Snowden stand, despite telephone surveillance ban
The former NSA contractor revealed the banned surveillance programme, but an Obama administration spokesman says they will not review his charges
The White House refused to reconsider its legal pursuit of Edward Snowden on Monday, while it sought to take credit for outlawing the bulk telephone surveillance programme he revealed.
Obama administration spokesman Josh Earnest rejected the argument that the imminent passage of legislation banning the practice meant it was time to take a fresh look at the charges against the former National Security Agency contractor.
“The fact is that Mr Snowden committed very serious crimes, and the US government and the Department of Justice believe that he should face them,” Earnest told the Guardian at the daily White House press briefing.
“That’s why we believe that Mr Snowden should return to the United States, where he will face due process and have the opportunity to make that case in a court of law.”
Earnest refused to comment on whether Snowden could be allowed to employ a whistleblower defence if he choose to return voluntarily, something his supporters have argued is impossible under current Espionage Act charges.
“Obviously this is something that the Department of Justice would handle if they are having [those conversations],” said Earnest. “The thing I would put out is that there exists mechanisms for whistleblowers to raise concerns about sensitive national security programmes.”
“Releasing details of sensitive national security programmes on the internet for everyone, including our adversaries to see, is inconsistent with those protocols that are established for protecting whistleblowers,” he added.
But the White House placed itself firmly on the side of NSA reform, when asked if the president was “taking ownership” of the USA Freedom Act, which is expected to pass Congress later this week.
“To the extent that we’re talking about the president’s legacy, I would suspect [it] would be a logical conclusion from some historians that the president ended some of these programmes,” replied Earnest.
“This is consistent with the reforms that the president advocated a year and a half ago. And these are reforms that required the president and his team to expend significant amounts of political capital to achieve over the objection of Republicans.”
The administration also avoided four separate opportunities to warn that the temporary loss of separate Patriot Act surveillance provisions that expired alongside bulk collection on Sunday night had put the safety of Americans at risk, as some have claimed.
“All I can do is I can illustrate to you very clearly that there are tools that had previously been available to our national security professionals that are not available today because the Senate didn’t do their job,” said Earnest.
“As a result, there are programmes and tools that our national security professionals themselves say are important to their work that are not available to them right now, as we speak.”
Asked four times by reporters whether that meant Americans were markedly less safe as a result of the standoff in the Senate, the White House spokesman repeatedly said it was up to these national security staff, not him, to say.