Check out the reading list by the folks at The Intercept. Surprise Glenn Greenwald’s “No Place to Hide” is not in the list.
Check out The Daily Dot article below:
Windows 10 can share your Wi-Fi password with your Facebook friends
By Mike Wehner
Jul 3, 2015, 12:28pm CT
If you’ve been using the internet for any considerable amount of time you already know that your password is really never absolutely secure. From hacking incidents to other security breaches, it’s impossible to know that your secret code is indeed always secret, and now Microsoft’s soon to be released Windows 10 is making one of your passwords even less secure by gifting it to your Facebook friends.
Microsoft’s Wi-Fi Sense feature—already in operation on Windows Phones and coming to Windows 10 upon its debut later this year—is aimed at making it easier to share your connection with your friends. To that end, it allows users to effortlessly use each other’s Wi-Fi connections by allowing them to use your password.
The password itself is encrypted and shared automatically once you opt-in, and the list of people who can use it includes your Outlook mail contacts, Skype contacts, and even your Facebook friends.
The idea here is that if you’re at a friends house and you both have Wi-Fi Sense, you can join their network without having to ask for their password. Ideally, such a system will save you from using your wireless data plan as much as possible, thereby saving you a few bucks.
However, there are likely plenty of people on your Facebook or email contact lists that you wouldn’t want browsing from your own internet connection, and that’s where the potential for trouble comes in. Not surprisingly, Microsoft’s own FAQ about Wi-Fi Sense is filled with warnings about connecting to unfamiliar hotspots, as well as sharing your connection with those you don’t trust.
The documentation also notes that you cannot pick and choose individual contacts with which to share your connection. Instead, you’ll only be able to toggle huge groups on or off, like everyone from your Skype list or your entire Facebook friends roster. So, if you don’t trust absolutely everyone you know on Facebook, Skype, or Outlook, it’s probably a good idea to leave this would-be handy little feature unused.
Check out this article from The Star:
Secret deal between Canada’s spies and border guards raises concerns
A memorandum of understanding between the two agencies allowed info sharing, joint operations without political oversight.
By: Alex Boutilier Ottawa Bureau Reporter, Published on Thu Jul 02 2015
OTTAWA—A secret deal between Canada’s spies and border guards proposed more information sharing and joint operations without the need for political sign-off, the Star has learned.
A 2014 deal between the Canadian Security Intelligence Service and the Canada Border Services Agency proposed the two agencies be allowed to share information and resources without the prior approval of their political masters.
“The Framework (Memorandum of Understanding) will also authorize (CSIS) to enter into more specific arrangements with CBSA, as required, without the necessity to seek your approval each time,” wrote CSIS director Michel Coulombe in a memo explaining the deal to Public Safety Minister Steven Blaney.
Blaney’s office won’t say whether or not the deal has been approved.
The deal, obtained under access to information law, would permit the two agencies to share “investigative techniques, the provision of equipment, the sharing of information, resources or personnel” to assist one another to meet shared objectives.
CSIS is allowed to enter into agreements with other departments and agencies, including foreign partners, and routinely does. But the rules governing the spy agency state that CSIS needs the express permission from the public safety minister to do so.
But Coulombe explicitly stated that, under the new deal, Blaney’s approval would not be required for further co-operation between the two agencies. Both would otherwise have to follow their respective mandates, the deal states.
The Star requested an interview with Blaney, and provided a detailed list of questions. That interview request was denied. Blaney’s office would not say if the minister approved the deal, and did not respond to the Star’s questions.
Jeremy Laurin, a spokesperson for the minister, instead provided a written statement referencing the threat of “jihadi terrorists” and the necessity for national security agencies to work together.
“In today’s global threat environment, national security is a team effort — which means that CSIS works with many domestic partners,” Laurin wrote. “CBSA is one of those partners.”
It’s not clear when the deal itself was drafted — the documents themselves are undated, but were released in a batch of briefing notes written last summer. That means the proposal would have crossed Blaney’s desk well before the Conservatives introduced controversial new terror laws that drastically expanded the agency’s mandate.
Bill C-51 allows CSIS to “disrupt” real or perceived threats to national security, rather than passing the intelligence they gather to an enforcement agency. The legislation, which recently became law, also greatly expands government agencies’ ability to share information deemed relevant to national security.
While the scope of the information sharing provisions alarmed security researchers and privacy experts, the majority Conservatives said they were necessary to ensure Canadians were kept safe. But The Canadian Press reported Wednesday that CSIS had told senior bureaucrats that improvements to their access to information could be achieved within the existing law.
Wesley Wark, a security researcher at the University of Ottawa, said it’s not uncommon for agencies to have formal agreements governing joint operations. But this deal in particular, Wark said, appears to diminish political accountability.
“It also shows a tendency on (the) part of the Harper government to allow for an erosion of ministerial accountability,” Wark wrote after reviewing the documents. “And it reminds us of one of the big holes in the fabric of accountability for security and intelligence — namely the absence of independent, external review of CBSA.”
Craig Forcese, also a University of Ottawa professor and vocal critic of Bill C-51, said the “stovepipe” nature of Canada’s intelligence review bodies is a major concern with these type of agreements.
The Security Intelligence Review Committee, for instance, can review actions taken by CSIS after the fact. But the committee has no ability to “follow the thread” of an operation when CSIS partners with another agency like CBSA, the RCMP, or Canada’s electronic spying agency, the Communications Security Establishment.
“If I had set out to intentionally design a system of accountability likely to break, it would look a lot like our current system of stovepiped review,” Forcese said.
“Add to that CBSA has no review body of its own — and, as best I know, is the only agency with a law enforcement or intelligence mandate in the country without some form of external, independent review or oversight.”
The Star requested the text of CSIS’s memorandums of understanding with other agencies. The agency declined to provide them, or to list which agencies it co-operates with, saying that the agency operates within its mandate, ministerial direction, and internal policy.
CSIS is permitted to enter into partnerships, both domestic and international, under Section 17 of the CSIS Act. The act requires the agency to get the go-ahead from the public safety minister beforehand.
If the CSIS-CBSA deal was accepted, the two agencies could co-operate without bothering to get approval from politicians.
The Conservatives’ controversial terror law allows for the free flow of information between 17 domestic law enforcement agencies and departments. Canada’s privacy commissioner has called the provision excessive.
Check out this Daily Mail article for more details.
(Above) Photo credit: Hacked.com
Do you still have faith in cyber-security firms – recall the recent story about the Hacking Team?
Consider this: A Cyber-security firm known as Tiversa scams potential and ex-clients into memberships by hacking into their servers as a scare tactic to increase profits for Tiversa. Tiversa was brought before the Washington D.C. courthouse in May to explain their scam.
“As more details emerge, it is becoming increasingly clear that representatives of the German government at best looked away as the Americans violated the law, and at worst supported them…”
“Journalists, who scrutinize and criticize those who govern, are an elementary part of the “checks and balances” — an American invention — aimed at ensuring both transparency and accountability. When it comes to intelligence issues, however, it appears this system has been out of balance for some time…”
“Everything the government said was a lie. As far back as 2013, the German government was in a position to suspect, if not to know outright, the obscene extent to which the United States was spying on an ally…”
See original Spiegel story below.
An Attack on Press Freedom: SPIEGEL Targeted by US Intelligence
By SPIEGEL Staff
Revelations from WikiLeaks published this week show how boundlessly and comprehensively American intelligence services spied on the German government. It has now emerged that the US also conducted surveillance against SPIEGEL.
Walks during working hours aren’t the kind of pastime one would normally expect from a leading official in the German Chancellery. Especially not from the head of Department Six, the official inside Angela Merkel’s office responsible for coordinating Germany’s intelligence services.
Walks during working hours aren’t the kind of pastime one would normally expect from a leading official in the German Chancellery. Especially not from the head of Department Six, the official inside Angela Merkel’s office responsible for coordinating Germany’s intelligence services.
But in the summer of 2011, Günter Heiss found himself stretching his legs for professional reasons. The CIA’s station chief in Berlin had requested a private conversation with Heiss. And he didn’t want to meet in an office or follow standard protocol. Instead, he opted for the kind of clandestine meeting you might see in a spy film.
Officially, the CIA man was accredited as a counsellor with the US Embassy, located next to Berlin’s historic Brandenburg Gate. Married to a European, he had already been stationed in Germany once before and knew how to communicate with German officials. At times he could be demanding and overbearing, but he could also be polite and courteous. During this summer walk he also had something tangible to offer Heiss.
The CIA staffer revealed that a high-ranking Chancellery official allegedly maintained close contacts with the media and was sharing official information with reporters with SPIEGEL.
The American provided the name of the staffer: Hans Josef Vorbeck, Heiss’ deputy in Department Six. The information must have made it clear to Heiss that the US was spying on the German government as well as the press that reports on it.
The central Berlin stroll remained a secret for almost four years. The Chancellery quietly transferred Vorbeck, who had until then been responsible for counterterrorism, to another, less important department responsible dealing with the history of the BND federal intelligence agency. Other than that, though, it did nothing.
Making a Farce of Rule of Law
Officials in the Chancellery weren’t interested in how the CIA had obtained its alleged information. They didn’t care to find out how, and to which degree, they were being spied on by the United States. Nor were they interested in learning about the degree to which SPIEGEL was being snooped on by the Americans. Chancellery officials didn’t contact any of the people in question. They didn’t contact members of the Bundestag federal parliament sitting on the Parliamentary Control Panel, the group responsible for oversight of the intelligence services. They didn’t inform members of the Office for the Protection of the Constitution, the agency responsible for counterintelligence in Germany, either. And they didn’t contact a single public prosecutor. Angela Merkel’s office, it turns out, simply made a farce of the rule of law.
As a target of the surveillance, SPIEGEL has requested more information from the Chancellery. At the same time, the magazine filed a complaint on Friday with the Federal Public Prosecutor due to suspicion of intelligence agency activity.
Because now, in the course of the proceedings of the parliamentary investigative committee probing the NSA’s activities in Germany in the wake of revelations leaked by whistleblower Edward Snowden, details about the event that took place in the summer of 2011 are gradually leaking to the public. At the beginning of May, the mass-circulation tabloid Bild am Sonntag reported on a Chancellery official who had been sidelined “in the wake of evidence of alleged betrayal of secrets through US secret services.”
Research conducted by SPIEGEL has determined the existence of CIA and NSA files filled with a large number of memos pertaining to the work of the German newsmagazine. And three different government sources in Berlin and Washington have independently confirmed that the CIA station chief in Berlin was referring specifically to Vorbeck’s contacts with SPIEGEL.
An Operation Justified by Security Interests?
Obama administration sources with knowledge of the operation said that it was justified by American security interests. The sources said US intelligence services had determined the existence of intensive contacts between SPIEGEL reporters and the German government and decided to intervene because those communications were viewed as damaging to the United States’ interests. The fact that the CIA and NSA were prepared to reveal an ongoing surveillance operation to the Chancellery underlines the importance they attached to the leaks, say sources in Washington. The NSA, the sources say, were aware that the German government would know from then on that the US was spying in Berlin.
As more details emerge, it is becoming increasingly clear that representatives of the German government at best looked away as the Americans violated the law, and at worst supported them.
Just last Thursday, Günter Heiss and his former supervisor, Merkel’s former Chief of Staff Ronald Pofalla, were questioned by the parliamentary investigative committee and attempted to explain the egregious activity. Heiss confirmed that tips had been given, but claimed they hadn’t been “concrete enough” for measures to be taken. When asked if he had been familiar with the issue, Pofalla answered, “Of course.” He said that anything else he provided had to be “in context,” at which point a representative of the Chancellery chimed in and pointed out that could only take place in a meeting behind closed doors.
In that sense, the meeting of the investigative committee once again shed light on the extent to which the balance of power has shifted between the government and the Fourth Estate. Journalists, who scrutinize and criticize those who govern, are an elementary part of the “checks and balances” — an American invention — aimed at ensuring both transparency and accountability. When it comes to intelligence issues, however, it appears this system has been out of balance for some time.
When SPIEGEL first reported in Summer 2013 about the extent of NSA’s spying on Germany, German politicians first expressed shock and then a certain amount of indignation before quickly sliding back into their persona as a loyal ally. After only a short time and a complete lack of willingness on the part of the Americans to explain their actions, Pofalla declared that the “allegations are off the table.”
But a number of reports published in recent months prove that, whether out of fear, outrage or an alleged lack of knowledge, it was all untrue. Everything the government said was a lie. As far back as 2013, the German government was in a position to suspect, if not to know outright, the obscene extent to which the United States was spying on an ally. If there hadn’t already been sufficient evidence of the depth of the Americans’ interest in what was happening in Berlin, Wednesday’s revelations by WikiLeaks, in cooperation with Süddeutsche Zeitung, filled in the gaps.
SPIEGEL’s reporting has long been a thorn in the side of the US administration. In addition to its reporting on a number of other scandals, the magazine exposed the kidnapping of Murat Kurnaz, a man of Turkish origin raised in Bremen, Germany, and his rendition to Guantanamo. It exposed the story of Mohammed Haydar Zammar, who was taken to Syria, where he was tortured. The reports triggered the launch of a parliamentary investigative committee in Berlin to look also into the CIA’s practices.
When SPIEGEL reported extensively on the events surrounding the arrest of three Islamist terrorists in the so-called “Sauerland cell” in Germany, as well as the roles played by the CIA and the NSA in foiling the group, the US government complained several times about the magazine. In December 2007, US intelligence coordinator Mike McConnell personally raised the issue during a visit to Berlin. And when SPIEGEL reported during the summer of 2009, under the headline “Codename Domino,” that a group of al-Qaida supporters was believed to be heading for Europe, officials at the CIA seethed. The sourcing included a number of security agencies and even a piece of information supplied by the Americans. At the time, the station chief for Germany’s BND intelligence service stationed in Washington was summoned to CIA headquarters in Langley, Virginia.
The situation escalated in August 2010 after SPIEGEL, together with WikiLeaks, the Guardian and the New York Times, began exposing classified US Army reports from Afghanistan. That was followed three months later with the publication of the Iraq war logs based on US Army reports. And in November of that year, WikiLeaks, SPIEGEL and several international media reported how the US government thinks internally about the rest of the world on the basis of classified State Department cables. Pentagon officials at the time declared that WikiLeaks had “blood on its hands.” The Justice Department opened an investigation and seized data from Twitter accounts, e-mail exchanges and personal data from activists connected with the whistleblowing platform. The government then set up a Task Force with the involvement of the CIA and NSA.
Not even six months later, the CIA station chief requested to go on the walk in which he informed the intelligence coordinator about Vorbeck and harshly criticized SPIEGEL.
Not long later, a small circle inside the Chancellery began discussing how the CIA may have got ahold of the information. Essentially, two possibilities were conceivable: either through an informant or through surveillance of communications. But how likely is it that the CIA had managed to recruit a source in the Chancellery or on the editorial staff of SPIEGEL?
The more likely answer, members of the circle concluded, was that the information must have been the product of “SigInt,” signals intelligence — in other words, wiretapped communications. It seems fitting that during the summer of 2013, just prior to the scandal surrounding Edward Snowden and the documents he exposed pertaining to NSA spying, German government employees warned several SPIEGEL journalists that the Americans were eavesdropping on them.
At the end of June 2011, Heiss then flew to Washington. During a visit to CIA headquarters in Langley, the issue of the alleged contact with SPIEGEL was raised again. Chancellery staff noted the suspicion in a classified internal memo that explicitly names SPIEGEL.
One of the great ironies of the story is that contact with the media was one of Vorbeck’s job responsibilities. He often took part in background discussions with journalists and even represented the Chancellery at public events. “I had contact with journalists and made no secret about it,” Vorbeck told SPIEGEL. “I even received them in my office in the Chancellery. That was a known fact.” He has since hired a lawyer.
It remains unclear just who US intelligence originally had in its scopes. The question is also unlikely to be answered by the parliamentary investigative committee, because the US appears to have withheld this information from the Chancellery. Theoretically, at least, there are three possibilities: The Chancellery — at least in the person of Hans Josef Vorbeck. SPIEGEL journalists. Or blanket surveillance of Berlin’s entire government quarter. The NSA is capable of any of the three options. And it is important to note that each of these acts would represent a violation of German law.
So far, the Chancellery has barricaded itself behind the argument that the origin of the information had been too vague and abstract to act on. In addition, the tip had been given in confidentiality, meaning that neither Vorbeck nor SPIEGEL could be informed. But both are weak arguments, given that the CIA station chief’s allegations were directed precisely at SPIEGEL and Vorbeck and that the intelligence coordinator’s deputy would ultimately be sidelined as a result.
And even if you follow the logic that the tip wasn’t concrete enough, there is still one committee to whom the case should have been presented under German law: the Bundestag’s Parliamentary Control Panel, whose proceedings are classified and which is responsible for oversight of Germany’s intelligence services. The nine members of parliament on the panel are required to be informed about all intelligence events of “considerable importance.”
Members of parliament on the panel did indeed express considerable interest in the Vorbeck case. They learned in fall 2011 of his transfer, and wanted to know why “a reliable coordinator in the fight against terrorism would be shifted to a post like that, one who had delivered excellent work on the issue,” as then chairman of the panel, Social Demoratic Party politician Thomas Oppermann, criticized at the time.
But no word was mentioned about the reasons behind the transfer during a Nov. 9, 2011 meeting of the panel. Not a single word about the walk taken by the CIA chief of station. Not a word about the business trip to Washington taken by Günter Heiss afterward. And not a word about Vorbeck’s alleged contacts with SPIEGEL. Instead, the parliamentarians were told a myth — that the move had been made necessary by cutbacks. And also because he was needed to work on an historical appraisal of Germany’s foreign intelligence agency, the BND.
Officials in the Chancellery had decided to deceive parliament about the issue. And for a long time, it looked as though they would get away with it.
The appropriate way of dealing with the CIA’s incrimination would have been to transfer the case to the justice system. Public prosecutors would have been forced to follow up with two investigations: One to find out whether the CIA’s allegations against Vorbeck had been true — both to determine whether government secrets had been breached and out of the obligation to assist a longtime civil servant. It also would have had to probe suspicions that a foreign intelligence agency conducted espionage in the heart of the German capital.
That could, and should, have been the case. Instead, the Chancellery decided to go down the path of deception, scheming with an ally, all the while interpreting words like friendship and partnership in a highly arbitrary and scrupulous way.
Günter Heiss, who received the tip from the CIA station chief, is an experienced civil servant. In his earlier years, Heiss studied music. He would go on as a music instructor to teach a young Ursula von der Leyen (who is Germany’s defense minister today) how to play the piano. But then Heiss, a tall, slightly lanky man, switched professions and instead pursued a career in intelligence that would lead him to the top post in the Lower Saxony state branch of the Office for the Protection of the Constitution. Even back then, the Christian Democrat was already covering up the camera on his laptop screen with tape. At the very least “they” shouldn’t be able to see him, he said at the time, elaborating that the “they” he was referring to should not be interpreted as being the US intelligence services, but rather the other spies – “the Chinese” and, “in any case, the Russians.” For conservatives like Heiss, America, after all, is friendly territory.
‘Spying Among Friends Not Acceptable’
If there was suspicion in the summer of 2011 that the NSA was spying on a staff member at the Chancellery, it should have set off alarm bells within the German security apparatus. Both the Office for the Protection of the Constitution, which is responsible for counter-intelligence, and the Federal Office for Information Security should have been informed so that they could intervene. There also should have been discussions between the government ministers and the chancellor in order to raise government awareness about the issue. And, going by the maxim the chancellor would formulate two years later, Merkel should have had a word with the Americans along the lines of “Spying among friends is not acceptable.”
And against the media.
If it is true that a foreign intelligence agency spied on journalists as they conducted their reporting in Germany and then informed the Chancellery about it, then these actions would place a huge question mark over the notion of a free press in this country. Germany’s highest court ruled in 2007 that press freedom is a “constituent part of a free and democratic order.” The court held that reporting can no longer be considered free if it entails a risk that journalists will be spied on during their reporting and that the federal government will be informed of the people they speak to.
“Freedom of the press also offers protection from the intrusion of the state in the confidentiality of the editorial process as well as the relationship of confidentiality between the media and its informants,” the court wrote in its ruling. Freedom of the press also provides special protection to the “the secrecy of sources of information and the relationship of confidentiality between the press, including broadcasters, and the source.”
But Karlsruhe isn’t Washington. And freedom of the press is not a value that gives American intelligence agencies pause. On the contrary, the Obama administration has gained a reputation for adamantly pursuing uncomfortable journalistic sources. It hasn’t even shied away from targeting American media giants.
In spring 2013, it became known that the US Department of Justice mandated the monitoring of 100 telephone numbers belonging to the news agency Associated Press. Based on the connections that had been tapped, AP was able to determine that the government likely was interested in determining the identity of an important informant. The source had revealed to AP reporters details of a CIA operation pertaining to an alleged plot to blow up a commercial jet.
The head of AP wasn’t the only one who found the mass surveillance of his employees to be an “unconstitutional act.” Even Republican Senators like John Boehner sharply criticized the government, pointing to press freedoms guaranteed by the Bill of Rights. “The First Amendment is first for a reason,” he said.
But the Justice Department is unimpressed by such formulations. New York Times reporter James Risen, a two-time Pulitzer Prize winner, was threatened with imprisonment for contempt of court in an effort to get him to turn over his sources — which he categorically refused to do for seven years. Ultimately, public pressure became too intense, leading Obama’s long-time Attorney General Eric Holder to announce last October that Risen would not be forced to testify.
The Justice Department was even more aggressive in its pursuit of James Rosen, the Washington bureau chief for TV broadcaster Fox. In May 2013, it was revealed that his telephone was bugged, his emails were read and his visits to the State Department were monitored. To obtain the necessary warrants, the Justice Department had labeled Rosen a “criminal co-conspirator.”
The strategy of criminalizing journalism has become something of a bad habit under Obama’s leadership, with his government pursuing non-traditional media, such as the whistleblower platform WikiLeaks, with particular aggression.
Bradley Manning, who supplied WikiLeaks with perhaps its most important data dump, was placed in solitary confinement and tormented with torture-like methods, as the United Nations noted critically. Manning is currently undergoing a gender transition and now calls herself Chelsea. In 2013, a military court sentenced Manning, who, among other things, publicized war crimes committed by the US in Iraq, to 35 years in prison.
In addition, a criminal investigation has been underway for at least the last five years into the platform’s operators, first and foremost its founder Julian Assange. For the past several years, a grand jury in Alexandria, Virginia has been working to determine if charges should be brought against the organization.
The proceedings are hidden from the public, but the grand jury’s existence became apparent once it began to subpoena witnesses with connections to WikiLeaks and when the Justice Department sought to confiscate data belonging to people who worked with Assange. The US government, for example, demanded that Twitter hand over data pertaining to several people, including the Icelandic parliamentarian Brigitta Jonsdottir, who had worked with WikiLeaks on the production of a video. The short documentary is an exemplary piece of investigative journalism, showing how a group of civilians, including employees of the news agency Reuters, were shot and killed in Baghdad by an American Apache helicopter.
Computer security expert Jacob Appelbaum, who occasionally freelances for SPIEGEL, was also affected at the time. Furthermore, just last week he received material from Google showing that the company too had been forced by the US government to hand over information about him – for the time period from November 2009 until today. The order would seem to indicate that investigators were particularly interested in Appelbaum’s role in the publication of diplomatic dispatches by WikiLeaks.
Director of National Intelligence James Clapper has referred to journalists who worked with material provided by Edward Snowden has his “accomplices.” In the US, there are efforts underway to pass a law pertaining to so-called “media leaks.” Australia already passed one last year. Pursuant to the law, anyone who reveals details about secret service operations may be punished, including journalists.
Worries over ‘Grave Loss of Trust’
The German government isn’t too far from such positions either. That has become clear with its handling of the strictly classified list of “selectors,” which is held in the Chancellery. The list includes search terms that Germany’s foreign intelligence agency, the BND, used when monitoring telecommunications data on behalf of the NSA. The parliamentary investigative committee looking into NSA activity in Germany has thus far been denied access to the list. The Chancellery is concerned that allowing the committee to review the list could result in uncomfortable information making its way into the public.
That’s something Berlin would like to prevent. Despite an unending series of indignities visited upon Germany by US intelligence agencies, the German government continues to believe that it has a “special” relationship with its partners in America — and is apparently afraid of nothing so much as losing this partnership.
That, at least, seems to be the message of a five-page secret letter sent by Chancellery Chief of Staff Peter Altmaier, of Merkel’s Christian Democrats, to various parliamentary bodies charged with oversight. In the June 17 missive, Altmaier warns of a “grave loss of trust” should German lawmakers be given access to the list of NSA spying targets. Opposition parliamentarians have interpreted the letter as a “declaration of servility” to the US.
Altmaier refers in the letter to a declaration issued by the BND on April 30. It notes that the spying targets passed on by the NSA since 2005 include “European political personalities, agencies in EU member states, especially ministries and EU institutions, and representations of certain companies.” On the basis of this declaration, Altmaier writes, “the investigative committee can undertake its own analysis, even without knowing the individual selectors.”
Committee members have their doubts. They suspect that the BND already knew at the end of April what WikiLeaks has now released — with its revelations that the German Economics Ministry, Finance Ministry and Agriculture Ministry were all under the gaze of the NSA, among other targets. That would mean that the formulation in the BND declaration of April 30 was intentionally misleading. The Left Party and the Greens now intend to gain direct access to the selector list by way of a complaint to Germany’s Constitutional Court.
The government in Berlin would like to prevent exactly that. The fact that the US and German intelligence agencies shared selectors is “not a matter of course. Rather, it is a procedure that requires, and indicates, a special degree of trust,” Almaier writes. Should the government simply hand over the lists, Washington would see that as a “profound violation of confidentiality requirements.” One could expect, he writes, that the “US side would significantly restrict its cooperation on security issues, because it would no longer see its German partners as sufficiently trustworthy.”
Altmaier’s letter neglects to mention the myriad NSA violations committed against German interests, German citizens and German media.
It was much worse than previously reported: more than 21 million people were “swept up in a colossal breach of government computer systems that was far more damaging than initially thought”. Find out more from the New York Times.
Find out more from The Intercept article below:
Leaked Documents Show FBI, DEA and U.S. Army Buying Italian Spyware
By Cora Currier and Morgan Marquis-Boire @coracurrier@headhntr
The FBI, Drug Enforcement Administration and U.S. Army have all bought controversial software that allows users to take remote control of suspects’ computers, recording their calls, emails, keystrokes and even activating their cameras, according to internal documents hacked from the software’s Italian manufacturer.
The company, Hacking Team, has also been aggressively marketing the software to other U.S. law enforcement and intelligence agencies, demonstrating their products to district attorneys in New York, San Bernardino, California, and Maricopa, Arizona; and multi-agency task forces like the Metropolitan Bureau of Investigation in Florida and California’s Regional Enforcement Allied Computer Team. The company was also in conversation with various other agencies, including the CIA, the Pentagon’s Criminal Investigative Service, the New York Police Department, and Immigrations and Customs Enforcement.
The revelations come from hundreds of gigabytes of company information, including emails and financial records, which were released online Sunday night and analyzed by The Intercept. Milan-based Hacking Team is one of a handful of companies that sell off-the-shelf spyware for hundreds of thousands of euros — a price point accessible to smaller countries and large police forces. Hacking Team has drawn fire from human rights and privacy activists who contend that the company’s aggressive malware, known as Remote Control System, or RCS, is being sold to countries that deploy it against activists, political opponents and journalists.
Even in the U.S., where the software would presumably be used only with a judge’s approval, the tactic is still controversial. Just last month, Sen. Chuck Grassley, R-Iowa, wrote to the director of the FBI asking for “more specific information about the FBI’s current use of spyware,” in order for the Senate Judiciary Committee to evaluate “serious privacy concerns.”
The leaked emails show that the FBI has been using Hacking Team’s software since 2011, apparently for the secretive Remote Operations Unit. It’s long been reported that the FBI has deployed malware in investigations, but details on the agency’s efforts are thin, with the tactic only surfacing rarely in court cases — such as one instance last year when the FBI spoofed an Associated Press article to get a target to click on a link. The FBI reportedly develops its own malware and also buys pre-packaged products, but the relationship with Hacking Team has not been previously confirmed.
Hacking Team’s spokesperson, Eric Rabe, said in a statement that “we do not disclose the names or locations of our clients” and “we cannot comment on the validity of documents purportedly from our company.”
The director of the Metropolitan Bureau of Investigation in Florida told The Intercept that it “does not have plans to purchase any product from Hacking Team.” The Manhattan District Attorney’s office said, “It would be an overstatement to say that our office is planning to purchase this type of software. This company is one of several in the industry whom we’ve requested meetings with in order to keep pace with rapid technological advancements in the private sector.”
The CIA declined to comment, and ICE said it “does not discuss law enforcement tools and techniques.” (The Intercept will update this story if other agencies named in the documents respond to requests for comment.)
The leaked emails show that U.S. agencies worried about the legality and perception of Hacking Team’s tools.
Hacking Team refers to its U.S. clients by code names. The FBI unit is “Phoebe” (initially “f-client,” but one employee complained “it sounds like an antivirus),” the DEA is “Katie,” and the CIA, which appears to have sampled, but not bought Remote Control System, is “Marianne.”
In 2011, a representative of the DEA’s Office of Investigative Technology told Hacking Team that its budget request for Remote Control System had been denied because it was considered “too controversial,” according to an email. “We are working on the foreign angle,” the DEA said, according to Hacking Team’s U.S. account manager.
“I imagine Katie [DEA] is referring to the fact that they as the DEA could buy RCS for other countries (Colombia) where it’s less problematic to use it,” an employee replied in Italian.
The purchase did go through in 2012, and it appears to have been used mainly in conjunction with Colombian law enforcement. As one email explained, “Katie will be administrator of the system, while the locals will be collecting the data. They are saying if this works out, they will bring it to other countries around the world. Already they are speaking of El Salvador and Chile.”
Robotec, a company that manages Hacking Team’s sales to several Latin American countries, also mentions clients in Colombia using DEA funding.
Local police in the U.S. also had their worries. Florida law enforcement told Hacking Team this year that the software could create legal problems without the ability to have “‘minimization’ of the calls and messages — (ie. deleting portions which are not relevant to the search.)”
In 2013, San Bernardino’s district attorney wanted to go to a judge to obtain a warrant targeting a “known bad guy” even for a trial run of the software. “If the systems [sic] proves itself in this live trial, and the judge is convinced of both its value and proper protection of privacy, they would then move into the purchase phase,” one of Hacking Team’s U.S. business partners, from the security giant SS8, explained.
“One of the concerns of this segment is that the HT product is ‘too powerful,’” Fred D’Alessio, who sits on the board of SS8 and is identified on LinkedIn as a senior advisor to Hacking Team, wrote about local agencies. “They have also said, their biggest challenge is ‘getting the lawyers and the District Attorneys to agree on what they can do legally.”
Hacking Team’s FBI contacts worried that the spread of Hacking Team software around the country could cause word to get out (as has happened with technology like Stingrays, the devices that police use to track cell phone location.) “If San Bernardino gets exposed, they might also expose Phoebe,” Hacking Team’s U.S. point man, Alex Velasco, wrote in September 2013.
The FBI’s use of Hacking Team’s software also informs the public debate about the growing use of encryption to protect Internet communications. FBI and other top U.S. law enforcement officials have been calling for a law that would provide for a “backdoor” into commercial encryption technologies — something privacy advocates and many cybersecurity researchers see as a undermining Internet security.
Hacking Team claims that its software offers a way around encryption, obviating the need for a backdoor. Vincenzetti regularly sends out articles about the encryption debate to his email list with a plug for Remote Control System. Last February, he wrote that law enforcement and security agencies could use “technologies to ACCESS THE DATA they need IN CLEARTEXT, BEFORE it gets encrypted by the device and sent to the network and AFTER it is received from the network and decrypted by the device itself. Actually THIS IS precisely WHAT WE DO.”
The push into the local district attorney market, for which the company considered San Bernardino a pilot, appears to have been facilitated by SS8, a massive California-based security company that markets to law enforcement agencies in the United States and abroad. (Rabe denied that SS8 is working with Hacking Team, despite emails between the companies.) The local market could be lucrative: a budget for the district attorney in New York that Hacking Team proposed in April totaled $760,000 in upfront license fees, and another $382,000 in services and maintenance.
“As with so many other surveillance technologies that were originally created for the military and intelligence community, they eventually trickle down to local law enforcement who start using them without seeking the approval of legislators — and, in many cases, keeping the courts in the dark too,” said Christopher Soghoian, principal technologist of the American Civil Liberties Union.
The DEA, FBI and Army bought Hacking Team’s software through a company called Cicom, which for several years served as a middleman for Hacking Team’s U.S. business. The DEA and Army contracts to buy Remote Control System through Cicom were first revealed by the advocacy group Privacy International this spring. Reporters noted that Cicom shared the same corporate address in the United States as Hacking Team, but when asked about the connection by Ars Technica, Hacking Team’s U.S. spokesperson Eric Rabe said, “I cannot confirm any relationship between the company Cicom and Hacking Team.”
Alex Velasco, Cicom’s general manager, has in fact been a consultant under contract to represent Hacking Team to clients in North America since 2012, company emails show. The relationship ended in March, after Hacking Team accused Velasco of scheming to market competing products, according to an internal investigation commissioned by Hacking Team. Velasco declined to comment to The Intercept on the allegations, because he is in legal proceedings with Hacking Team.
Hacking Team was also in talks in 2014 with the FBI’s National Domestic Communications Assistance Center, a secretive unit formed in 2012 and focused on interception technologies. Velasco claims in an email that the group came to them after Citizen Lab, a research group at the University of Toronto focused on Internet technology and human rights, published a highly critical report on Hacking Team’s global sales. “If anything good came out of the Citizen lab articles is that it brought them to contact us to see if it was true,” he wrote. “Thank you Citizen Lab!!”
It’s not clear from Hacking Team emails what Army component bought an RCS system in 2011, but it was based at Fort Meade and apparently sat unused for years. According to a 2013 email from Velasco, “they purchased a system right before they got their budget cut…They were never given permission to pull an internet line to their office to install the system. (ridiculous but true!)”
Hacking Team was in the midst of negotiations for a new FBI contract from Cicom after Velasco’s firing, but the agency decided to go with another vendor due to budget timing issues, according to an email from Phillipe Vinci, Hacking Team’s vice president for business development. Besides, the product was “seen as a ‘nice to have’ by FBI,” but “they confessed they were using it for low level types of investigations. For critical operations, they were using another platform,” wrote Vinci. He said the FBI wanted more ability to go after users of Tor, the anonymizing web browser; those users accounted for 60 percent of its targets.
But Hacking Team appeared determined to continue its conquest of the U.S. market.
“There will be a process to have ‘HT Usa Inc.’ accredited,” wrote operations manager Daniele Milan. He pledged to stay in touch with the FBI, marketing new features, and identifying problems “to resolve for them (in exchange for $$$).”
While Hacking Team’s emails reveal the company to be stringent about selling only to governments, the company officials appear to worry less about how its technology is used once it gets to those customers. Responding to concerns raised by the district attorney of New York in 2013, Hacking Team’s chief operating officer Giancarlo Russo wrote that “all the consideration regarding the ‘legal framework’ cannot be addressed by us.”
Instead, he was more concerned about local customers’ ability to use the product effectively. “If you buy a Ferrari… they can teach you how to drive. They cannot grant you will be the winner of the race,” he wrote to his colleagues in English. “If Beretta sell you a gun, the most peculiar and sophisticated one, they can teach how to use it. They can not grant you are going to shoot your target properly on the field.”
–– Sheelagh McNeill contributed research to this report.
Check out the Reuters article below:
Russian parliament approves Internet privacy bill
Technology | Fri Jul 3, 2015 11:04am EDT
Russia’s parliament gave its final approval on Friday to a law that would require Internet search engines to remove users’ personal information from their results.
The bill, passed by the State Duma lower house in its third reading, seeks to emulate European Union rules on the “right to be forgotten”, under which search engines must take down certain results that appear under a search of a person’s name.
Under the new Russian legislation, Internet users will have the right to request the removal of information that is incorrect or “no longer relevant because of subsequent events or actions”, TASS news agency reported.
The regulation, which now needs to be signed into law by President Vladimir Putin, has been criticized by Russian web companies who are concerned about balancing rights to personal privacy against the freedom of information.
“We believe that control over dissemination of information should not restrict free access to public data. It should not upset the balance of personal and public interests,” said Russia’s biggest search engine Yandex.
After discussing the draft with search engine providers, the Duma approved some minor changes to the bill, Yandex added.
Users will now need to provide specific references to the web pages they wanted deleting and web companies will have 10 days to comply with the request.
TASS reported that search engines would also not be required to remove information about an applicant’s criminal record.
“Yandex and other Internet companies have criticized this legislation from the moment we heard about,” Yandex said in a statement. “Unfortunately, many important changes, from our point of view, have not been implemented.”
Google in Russia was not immediately available for comment.
(Reporting by Jack Stubbs and Maria Kiselyova; Editing by Alison Williams)
To celebrate the US Independence Day on 4 July, WikiLeaks, together with The Intercept, released its latest disclosure “Bugging Brazil“, “a top secret US National Security Agency target list of 29 key Brazilian government phone numbers that were selected for intensive interception”.
“The US targeted not only those closest to the President, but waged an economic espionage campaign against Brazil, spying on those responsible for managing Brazil’s economy, including the head of its Central Bank. The US also extensively targetted Brazil’s diplomacy, targeting the phones of its Foreign Minister and its ambassadors to Germany, France, the EU, the US and Geneva as well as its military chiefs,” according to WikiLeaks.
“Our publication today shows the US has a long way to go to prove its dragnet surveillance on ‘friendly’ governments is over. The US has not just being targetting President Rouseff but the key figures she talks to every day. Even if US assurances of ceasing its targetting of President Rousseff could be trusted, which they cannot, it is fanciful to imagine that President Rousseff can run Brazil by talking to herself all day. If President Rousseff wants to see more US investment in Brazil on the back of her recent trip as she claims, how can she assure Brazilian companies that their US counterparts will not have an advantage provided by this surveillance, until she can really guarantee the spying has stopped – not just on her, but on all Brazilian issues,” said WikiLeaks Editor-in-Chief Julian Assange.
Check out the full list of NSA high priority targets for Brazil here.
See the related Guardian article for more details.
As I have said previously, it’s all a farce and now becoming a circus… And consider the timing, what kind of message is this for France given the recent WikiLeaks’ Espionnage Élysée exposé of NSA spying on not only 3 French Presidents but also French companies?
See the New York Times article below.
Surveillance Court Rules That N.S.A. Can Resume Bulk Data Collection
By CHARLIE SAVAGEJUNE 30, 2015
WASHINGTON — The Foreign Intelligence Surveillance Court ruled late Monday that the National Security Agency may temporarily resume its once-secret program that systematically collects records of Americans’ domestic phone calls in bulk.
But the American Civil Liberties Union said Tuesday that it would ask the United States Court of Appeals for the Second Circuit, which had ruled that the surveillance program was illegal, to issue an injunction to halt the program, setting up a potential conflict between the two courts.
The program lapsed on June 1, when a law on which it was based, Section 215 of the USA Patriot Act, expired. Congress revived that provision on June 2 with a bill called the USA Freedom Act, which said the provision could not be used for bulk collection after six months.
The six-month period was intended to give intelligence agencies time to move to a new system in which the phone records — which include information like phone numbers and the duration of calls but not the contents of conversations — would stay in the hands of phone companies. Under those rules, the agency would still be able to gain access to the records to analyze links between callers and suspected terrorists.
But, complicating matters, in May the Court of Appeals for the Second Circuit, in New York, ruled in a lawsuit brought by the A.C.L.U. that Section 215 of the Patriot Act could not legitimately be interpreted as permitting bulk collection at all.
Congress did not include language in the Freedom Act contradicting the Second Circuit ruling or authorizing bulk collection even for the six-month transition. As a result, it was unclear whether the program had a lawful basis to resume in the interim.
After President Obama signed the Freedom Act on June 2, his administration applied to restart the program for six months. But a conservative and libertarian advocacy group, FreedomWorks, filed a motion in the surveillance court saying it had no legal authority to permit the program to resume, even for the interim period.
In a 26-page opinion made public on Tuesday, Judge Michael W. Mosman of the surveillance court rejected the challenge by FreedomWorks, which was represented by a former Virginia attorney general, Ken Cuccinelli, a Republican. And Judge Mosman said the Second Circuit was wrong, too.
“Second Circuit rulings are not binding” on the surveillance court, he wrote, “and this court respectfully disagrees with that court’s analysis, especially in view of the intervening enactment of the USA Freedom Act.”
When the Second Circuit issued its ruling that the program was illegal, it did not issue any injunction ordering the program halted, saying it would be prudent to see what Congress did as Section 215 neared its June 1 expiration. Jameel Jaffer, an A.C.L.U. lawyer, said on Tuesday that the group would now ask for one.
“Neither the statute nor the Constitution permits the government to subject millions of innocent people to this kind of intrusive surveillance,” Mr. Jaffer said. “We intend to ask the court to prohibit the surveillance and to order the N.S.A. to purge the records it’s already collected.”
Continue reading the main story
Continue reading the main story
The bulk phone records program traces back to October 2001, when the Bush administration secretly authorized the N.S.A. to collect records of Americans’ domestic phone calls in bulk as part of a broader set of post-Sept. 11 counterterrorism efforts.
The program began on the basis of presidential power alone. In 2006, the Bush administration persuaded the surveillance court to begin blessing it under of Section 215 of the Patriot Act, which says the government may collect records that are “relevant” to a national security investigation.
The program was declassified in June 2013 after its existence was disclosed by the former intelligence contractor Edward J. Snowden.
It remains unclear whether the Second Circuit still considers the surveillance program to be illegal during this six-month transition period. The basis for its ruling in May was that Congress had never intended for Section 215 to authorize bulk collection.
In his ruling, Judge Mosman said that because Congress knew how the surveillance court was interpreting Section 215 when it passed the Freedom Act, lawmakers implicitly authorized bulk collection to resume for the transition period.
“Congress could have prohibited bulk data collection” effective immediately, he wrote. “Instead, after lengthy public debate, and with crystal-clear knowledge of the fact of ongoing bulk collection of call detail records,” it chose to allow a 180-day transitional period during which such collection could continue, he wrote.
The surveillance court is subject to review by its own appeals panel, the Foreign Intelligence Surveillance Court of Review. Both the Second Circuit and the surveillance review court are in turn subject to the Supreme Court, which resolves conflicts between appeals courts.
Wyn Hornbuckle, a Justice Department spokesman, said in a written statement that the Obama administration agreed with Judge Mosman.
Since the program was made public, plaintiffs have filed several lawsuits before regular courts, which hear arguments from each side before issuing rulings, unlike the surveillance court’s usual practice, which is to hear only from the government. Judge Mosman’s disagreement with the Second Circuit is the second time that the surveillance court has rejected a contrary ruling about the program by a judge in the regular court system.
In a lawsuit challenging the program that was brought by the conservative legal advocate Larry Klayman, Judge Richard J. Leon of Federal District Court in the District of Columbia ruled in December 2013 that the program most likely violated the Fourth Amendment, which prohibits unreasonable searches and seizures.
But in March 2014, Judge Rosemary M. Collyer, a Federal District Court judge who also sits on the secret surveillance court, rejected Judge Leon’s reasoning and permitted the program to keep going. The Obama administration has appealed Judge Leon’s decision to the Court of Appeals for the District of Columbia.
The Freedom Act also contains a provision saying that whenever the surveillance court addresses a novel and significant legal issue, it must either appoint an outside “friend of the court” who can offer arguments contrary to what the government is saying, or explain why appointing one is not appropriate.
The first test of that reform came last month when another judge on the court, F. Dennis Saylor IV, addressed a separate issue raised by the passage of the Freedom Act. Judge Saylor acknowledged that it was novel and significant, but declined to appoint an outside advocate, saying the answer to the legal question was “sufficiently clear” to him without hearing from one.
A version of this article appears in print on July 1, 2015, on page A19 of the New York edition with the headline: Surveillance Court Rules That N.S.A. Can Resume Bulk Data Collection.
(Above) photo credit: Focus
Assume this is no surprise to many? Following the recent WikiLeaks’ Espionnage Élysée exposé about the NSA spying on 3 French presidents, new WikiLeaks documents revealed how “the US has had a decade- long policy of economic espionage against France, including the interception of all French corporate contracts and negotiations valued at more than $200 million”.
“That covers not only all of France’s major companies, from BNP Paribas, AXA and Credit Agricole to Peugeot and Renault, Total and Orange, but it also affects the major French farming associations,” according to WikiLeaks founder Julian Assange.
“Central within the cache of documents are two long-term spying orders (“collection requirements”) which define the kinds of intelligence the NSA is tasked with collecting in its surveillance operations against France. The documents make clear that the NSA has been tasked with obtaining intelligence on all aspects of the French economy, from government policy, diplomacy, banking and participation in international bodies to infrastructural development, business practices and trade activities,” according to WikiLeaks.
Here’s a related story from Techcrunch:
New WikiLeaks Documents Reveal NSA Spied On Top French Companies
by Romain Dillet (@romaindillet)
Following last week’s eavesdropping reports, WikiLeaks shared new documents with Libération and Mediapart. This time, the new documents reveal that the NSA was spying on France’s best performing companies for economic intelligence purposes.
In addition to eavesdropping French Economy Ministers François Baroin and Pierre Moscovici between 2004 and 2012, the NSA gathered as much data as possible on big French companies. In particular, the agency wanted to know more about the companies that signed expensive export contracts for industrial goods, such as nuclear power plants, planes, high speed trains, etc.
According to an economic espionage order, the NSA intercepted all French corporate contracts and negotiations valued at more than $200 million in many different industries, such as telecommunications, electrical generation, gas, oil, nuclear and renewable energy, and environmental and healthcare technologies.
A second economic espionage order called “France: Economic Developments” shows that information was then shared with other U.S. agencies and secretaries, including the Secretary of Energy, the Secretary of Commerce, the Federal Reserve and the Secretary of Treasury. Eventually, this data could have been used to help sign export deals.
According to France’s IT security agency Anssi, the NSA could have spied on at least a hundred French companies, including most public CAC40 companies. Airbus filed a complaint for intelligence gathering earlier today.
The second document also states that the NSA could share this information with its closest allies — the U.K., Canada, New Zealand and Australia. It’s unclear whether the NSA is still actively spying on French companies. Today’s news is particularly interesting as it proves that the NSA is not only a geopolitical intelligence agency. It also plays an important role when it comes to economic intelligence.
See the following CNN article for more details.