The Canadian government has passed a controversial anti-terrorism Bill, designed to extend the powers of the country’s spy agencies.
The Bill was passed 183 votes to 93 yesterday and was introduced following the first terror attack on Canadian soil last October, in which a gunman attacked the country’s parliament, shot a soldier on cermonial guard duty and was subsequently killed himself.
The legislation will give Canada’s spooks the ability to operate overseas and make preventative arrests.
It says the Canadian Security Intelligence Service will be able to take within and outside Canada “measures to reduce threats to the security of Canada, including measures that are authorised by the Federal Court”.
It will also enact the Security of Canada Information Sharing Act, which enhances the government information disclosure powers.
Stephen Blaney, minister of Public Safety and Emergency Preparedness, said:
“[Since] October 22, we have crafted measures that are specifically designed to face the international jihadi threat that our country is facing.”
Category: Spying
NSA domestic dragnet NOT authorised by Patriot Act, rules US Appeals Court
The NSA’s bulk collection of Americans’ phone call records may be illegal, a US federal appeals court has ruled.
The US Second Circuit Court of Appeal unanimously ruled that the NSA’s bulk telephone metadata1program was not authorised by section 215 of the Patriot Act, voiding an earlier ruling by a lower court. The US District Court for the Southern District of New York dismissed a legal challenge to the NSA dragnet surveillance program. Judge Vernon S Broderick ruled that section 215 of the Patriot Act was a statutory scheme that precludes judicial review.
The decision by three judges on appeal overturns that decision and re-opens the case against the NSA that it acted contrary to either the Fourth or First Amendments to the US Constitution. Lawyers are still to argue on these points properly. Attorneys for the ACLU (American Civil Liberties Union) have however succeeded in re-instating the case and in deprecating the Patriot Act as a trump card in justifying surveillance, as the ruling by the judges explains.
Stop the war between privacy and security – EU data watchdog
Security and privacy are not mutually exclusive says Europe’s privacy watchdog – and people should stop saying they are.
The European Data Protection Supervisor (EDPS), Giovanni Buttarelli, told a Brussels conference he was concerned that “the objective of cyber-security may be misused to justify measures which weaken protection of [data protection] rights.”
“Cyber-security must not become an excuse for disproportionate processing of personal data. Let’s not forget that when the European Court of Justice (ECJ) last year found the Data Retention Directive to be invalid, one of the reasons was concern about the inadequacy of the data security provisions in the directive,” he continued.
Although some commentators interpreted the ECJ ruling to mean that data must be stored within national borders, Buttarelli disagreed.
“Physical location is not the determining factor in security. Rather, it is degree of control, accountability and responsibility which data controllers demonstrate when processing personal information. They must take full responsibility for all the measures they implement, regardless of the technology they use. Responsibility must not vanish in the clouds,” said the newly appointed EDPS.
Negotiations on a new Data Protection Regulation are currently underway and Buttarelli says that accountability should not be sacrificed in the inevitable compromise.
“One tool for reinforcing accountability is the introduction of a general data breach notification obligation, which will force controllers take the necessary organisational and procedural measures,” he said, pinning his colours to at least one legislative mast.
Media Sues to Get Letters from Top Officials in Support of Petraeus
A coalition of news organizations that includes The Intercept filed a suit today demanding the release of information about the sentencing of former CIA director and retired general David Petraeus, who last week pleaded guilty to mishandling classified materials.
Petraeus, who admitted to giving secret information to his former mistress and biographer, Paula Broadwell, was sentenced on a misdemeanor charge to two years probation and was fined $100,000.
More than 30 people, including high-level government and military officials, reportedly filed letters of support for Petraeus ahead of his sentencing. “The letters paint a portrait of a man considered among the finest military leaders of his generation who also has committed a grave but very uncharacteristic error in judgment,” U.S. Magistrate Judge David Keesler said at the sentencing.
But those letters, and the sentencing memorandum filed by Petraeus’s lawyers, remain under seal in a federal court in the Western District of North Carolina. The Intercept’s parent company, First Look Media, is joining The New York Times, Bloomberg, the Associated Press, The Washington Post and other media in suing to have them released. (Here’s the motion and a memo laying out the news organization’s arguments.)
“Given the attention the case has received, we think it’s important for the public to see the arguments that Petraeus made for leniency, and the people who wrote letters in support of him,” said Hannah Bloch-Wehba, a fellow with the Reporters Committee for Freedom of the Press, which is coordinating the lawsuit. Bloch-Wehba said that in other leak cases, sentencing memoranda have been public, but that thanks to a rule particular to the North Carolina court, Petraeus’s escaped scrutiny.
Petraeus’s monetary punishment — which was more than double what his lawyers and prosecutors had agreed on but still amounts to less than he reportedly charges for speaking engagements — stands in contrast to the stiff penalties sought for other recent leakers. The Intercept has noted that the Justice Department appears to have a “two-tier justice system” for punishing leakers, wherein senior officials accused of mishandling classified information have tended to get off with far lighter consequences than lower-level leakers.
Indeed, last week the government asked for 19 to 24 years for former CIA agent Jeffrey Sterling, who was convicted in January of giving classified information about the CIA’s efforts against Iran’s nuclear program to New York Times reporter James Risen. Sterling’s lawyers have pointed to the Petraeus deal in asking for leniency, saying the court “cannot turn a blind eye to the positions the government has taken in similar cases.”
Senior Police Officer Suggests Companies Allowing People To Use Strong Crypto Are ‘Friendly To Terrorists’
Last November, we ran through the list of senior law enforcement officers on both sides of the Atlantic who all came out with suspiciously similar whines about how strong crypto was turning the internet into a “dark and ungoverned” place. Judging by this story in Reuters, others want to join the choir:
Some technology and communication firms are helping militants avoid detection by developing systems that are “friendly to terrorists”, Britain’s top anti-terrorism police officer said on Tuesday.
That remark comes from Assistant Commissioner Mark Rowley, who is the UK’s National Policing Lead for Counter-Terrorism, replacing Cressida Dick. Here’s the problem according to Rowley:
“Some of the acceleration of technology, whether it’s communications or other spheres, can be set up in different ways,” Rowley told a conference in London.
“It can be set up in a way which is friendly to terrorists and helps them … and creates challenges for law enforcement and intelligence agencies. Or it can be set up in a way which doesn’t do that.”
“Set up in a way which is friendly to terrorists and helps them” obviously means using strong crypto; “set up in a way which doesn’t do that” therefore means with compromised crypto. Like his colleagues, Rowley too blames the current mistrust between the intelligence agencies and computer companies on Edward Snowden:
“Snowden has created an environment where some technology companies are less comfortable working with law reinforcement and intelligence agencies and the bad guys are better informed,” Rowley told Reuters after his speech.
Well, no, actually. That “environment” has been created by the NSA and GCHQ working together to break into the main online services, and undermine key aspects of digital technology, with no thought for the collateral damage that ruining internet security might cause for the world. Rowley is also quoted as saying:
“We all love the benefit of the internet and all the rest of it, but we need [technology companies’] support in making sure that they’re doing everything possible to stop their technology being exploited by terrorists. I’m saying that needs to be front and centre of their thinking and for some it is and some it isn’t.”
The technology is not being “exploited” by terrorists, it’s being used by them, just as they use telephones or microwaves or washing machines. That’s what those devices are there for. The idea that trying to make broken internet technologies should be “front and center” of technology companies’ thinking bespeaks a complete contempt for their users.
This constant refrain about how awful strong crypto is, and how we must break it, is simply the intelligence services implicitly admitting that they find the idea of doing their job in a free society, where people are able to keep some messages private, too hard, so they would be really grateful if technology companies could just fall in line and make life easier by destroying privacy for everyone.
The big boys made us do it: US used German spooks to snoop on EU defence industry
Germany’s BND spy agency spied on European politicians and enterprises at the behest of the NSA for over a decade.
Der Spiegel reports (in German) that for years the NSA sent its counterparts at the BND (Bundesnachrichtendienst – Germany’s Federal Intelligence Service) thousands of so-called selectors – IP addresses, emails, and mobile phone numbers – it wanted targeted for online surveillance.
German cyberspies fed this data into their own surveillance systems. The reports generated were evaluated at BND headquarters before intelligence was passed back to the NSA.
In practical terms, it seems that the BND have been tapping the Internet Exchange Point DE-CIX in Frankfurt, since at least 2009.
Results from the bulk tap of this Internet exchange were then passed over, in part at least, to the Americans as part of a collaborative agreement involving intel agencies.
The selectors included referred to European politicians and European aerospace and defence firms, including the European Aeronautic Defence and Space Company (EADS) and Eurocopter.
BND workers picked up on this anomalous targeting – which had nothing to do with a bilateral US-Germany agreement signed in 2002 to pool efforts in combating global terrorism – and have been complaining about it since at least 2008.
Yet it was only when the Edward Snowden revelations began in 2013 that German spy bosses began questioning the practice, which fits more closely with the profile of economic espionage.
An estimated 800,000 selectors were passed from the NSA to the BND in total over the years. A post-Snowden internal probe concluded that at least 2,000 of these various spying requests were contrary to either German or wider EU interests.
The BND helped the NSA with spying on European ministers and enterprises, without anyone in the German parliament being aware of this.
BND bosses didn’t pass on their findings to the Chancellor’s Office instead acting only to ask the NSA not to filter out requests that potentially ran contrary to German and Western European political and economic interests.
“Safe Spaces” And The Mote In America’s Eye
My three kids are sarcastic and irreverent. This isn’t a shock to anyone who knows me. Their mouthiness can be irritating, but usually I manage to remember that I don’t set much of an example of rhetorical decorum.
Maybe I should start giving the same consideration to other people’s kids.
For some time I’ve been mean to university students who feel entitled to a “safe space” — by which they seem to mean a space where they are insulated from ideas they don’t like.
I call these young people out for valuing illusory and subjective safety over liberty. I accuse them of accepting that speech is “harmful” without logic or proof. I mock them for not grasping that universities are supposed to be places of open inquiry. I condemn them for not being critical about the difference between nasty speech and nasty actions, and for thinking they have a right not to be offended. I belittle them for abandoning fundamental American values.
But recently a question occurred to me: where, exactly, do I think these young people should have learned the values that I expect them to uphold?
Today’s college students came of age in the years after 9/11. What did we teach them about the balance between liberty and safety in that time?We should have taught them not to give up essential liberty for a little safety. Instead, we taught them that the government needs the power to send flying robots to kill anyone on the face of the earth without review and without telling us why. The government, we’re told, needs to do that for our safety. We also taught them that the government also needs the power to detain people indefinitely without judicial review, again in the name of safety. We taught them that to ensure our safety the government needs the records of what books we read and who we talk to. With that as a model, it seems like small potatoes to say that safety requires disinviting Bill Maher from a university commencement, because he’s something of a dick.
We should have taught them that it’s noble to speak out for liberty. We didn’t. We taught them that concern with liberty is suspicious. They grew up in an America where police say that talking about civil liberties suggests involvement in criminal behavior and that criticizing law enforcement priorities provides a good reason to investigate you. They grew up in an America were the FBI monitors protestors and activists in the name of safety. They grew up in an America where questioning the War on Drugs is called unpatriotic.
We should have taught them that it’s shameful to oppose liberty and work to undermine it. We didn’t. They grew up in a world where a man can advise the government to disregard our liberties and waffle on whether the state can crush the testicles of children to torture information of of their parents, only to be rewarded by a prestigious position at a top law school.
We should have taught them to think critically when someone says that “safety” requires action. We didn’t. We taught them to submit to groping by TSA agents recruited via pizza boxes who single us out based on transparently bogus junk science. We taught them that even if you demand policy changes based on junk science that is demonstrably deadly, you can still be taken seriously if your politics are right.
We should have taught them that our subjective reaction to someone’s expression isn’t grounds to suppress that expression. We didn’t. They probably didn’t learn that lesson from the freakouts over mosques at ground zero or in Georgia or in Tennessee. They probably didn’t learn it from calls to deport Piers Morgan for anti-gun advocacy or by the steady stream of officials suggesting that dissent is treason or from their government asserting a right to “balance” the value of speech against its harm. They didn’t learn it from state legislators punishing universities based on disagreement with curriculum.
We should have taught them to be suspicious of claims that speech is harmful in a way the law should address. We didn’t. We taught them that making satirical videos about police is criminal “cyberstalking” and that stupid jokes by teens justify imprisonment and that four-letter words are crimes (or should be) and that swearing at cops online is “disorderly conduct” and that singing a rude song to imaginary children justifies prosecution.
We should have taught them to be suspicious of rote invocation of airhorn words like “racism” and “sexism” and “trauma” and “unsafe,” especially when those terms are used to limit liberty. We sure as hell didn’t do that. We taught them that jailing grandmas for buying two boxes of cold medication is justified because think of the children. We have taught them that cops can cops can rape and torture people because drugs are bad. We teach them that “terrorism” is an existential threat, a magic word that can be invoked to justify anything. Rather than teaching them to question catchphrases, we teach them to respond to them in Pavlovian fashion.
We should have taught them to question authority. Instead we taught them to submit to it without question if they didn’t want to get shot or tased.Instead, we are teaching them, even now, that climbing a tree outside our view, or visiting a park unattended (as many of us did when children) is a matter requiring state intervention. This is not a Yakov Smirnoff joke: in Russia, complete strangers will approach you on the street to scold you if you’re wearing your scarf the wrong way. “You’ll catch cold!” We are becoming the Russia our grandparents warned us about: not a Stalinist tyranny, but a tyranny of concern. For our own safety, of course.
Sure, occasionally we manage to assert that free speech trumps feelings or that speculative safety doesn’t trump liberty. But those few messages are drowned out by the drumbeat of safety, safety, safety.
Should we expect universities to teach them to value liberty or question safety? Please. Universities think that free speech is something to be confined to tiny corners of campus to protect students from the trauma of being handed a copy of the constitution. Universities are places were administrators censor Game of Thrones t-shirts and Firefly posters then censor the posters complaining about censorship, all in the name of “safety.” Universities are places where enraged educators cut down free speech walls and attack protestors and tell students to destroy displays they don’t like. Sending people to American universities to learn to respect liberty is like sending them to a brothel to learn chastity.
Today’s young people are responsible for their own actions. They are bound, like all of us, by this truth: the government saying something is right doesn’t make it right. But it’s not fair to ignore our culture’s role in shaping the values that lead to an appetite for “safe spaces.”
I’m not going to stop calling out university students who assert that they have a right not to be offended, or who claim that they are entitled to spaces safe from ideas they don’t like.
But I hope that some of them will call me out — call all of us out — in return now and then.
New Zealand Plotted Hack on China With NSA
New Zealand spies teamed with National Security Agency hackers to break into a data link in the country’s largest city, Auckland, as part of a secret plan to eavesdrop on Chinese diplomats, documents reveal.
The covert operation, reported Saturday by New Zealand’s Herald on Sunday in collaboration with The Intercept, highlights the contrast between New Zealand’s public and secret approaches to its relationship with China, its largest and most important trading partner.
The hacking project suggests that New Zealand’s electronic surveillance agency, Government Communications Security Bureau, or GCSB, may have violated international treaties that prohibit the interception of diplomatic communications.
New Zealand has signed both the 1961 Vienna Convention on Diplomatic Relations and the 1963 Vienna Convention on Consular Relations, international treaties that protect the “inviolability” of diplomatic correspondance. The country’s prime minister, John Key, said in a recent speech on security that New Zealand had an obligation to support the rule of law internationally, and was “known for its integrity, reliability and independence.”
Last year, Key said that New Zealand’s relationship with China, worth an estimated $15 billion in annual two-way trade, had “never been stronger.” The relationship was not just about “purely trading,” he said, “it is so much broader and much deeper than that.”
In 2013, Key described a meeting with top Chinese officials in Beijing as “extremely warm” and told of how he was viewed as a “real friend” by the country’s premier, Li Keqiang.
At the same time, as minister in charge of the GCSB, Key was overseeing spying against China – which included the top-secret planned operation in Auckland, aimed at the Chinese consulate.
The hacking project is outlined in documents obtained by The Intercept from NSA whistleblower Edward Snowden.
Government May Now Tell You Why You’re On “No Fly” List, But Not Always
Since the “no fly” list was formalized in 2001, the only way to know if the U.S. government would allow you to get on a plane was to show up at the airport and try to board a flight. The government would generally neither confirm nor deny that you were on the list, let alone tell you why.
On April 14, the government announced a new procedure for blacklisted travelers to try to clear themselves. Passengers who are denied boarding can lodge a complaint with the Department of Homeland Security, which will provide confirmation of their “No Fly List status,” and an unclassified summary of the reason why — unless providing that information would go against “national security and law enforcement interests.” The passengers can then appeal their status.
The notice of the new procedures came in court filings in several cases where plaintiffs have challenged their inclusion on the list.
Hina Shamsi, director of the American Civil Liberties Union’s National Security Project, called the new procedures “grossly inadequate” and said her organization is already challenging them in court. The ACLU is representing 13 U.S. citizens who sued over the no fly list in 2010.
Last year a federal judge found that the government’s old redress process — which never confirmed or denied anyone’s status — was unconstitutional. The government’s response was the new procedures, which Shamsi says still doesn’t go far enough.
“One of our clients was provided a single cryptic sentence saying he had traveled to a particular country in a particular year. There are incomplete reasons, no evidence provided, and no hearing at which our clients can present their own evidence and cross-examine the government’s witnesses,” she said.
“The inadequate process the government provided to our clients is what it’s now formalizing for everyone else,” she added.
Gadeir Abbas, an attorney for Gulet Mohamed, a U.S. citizen who in 2011 was barred from flying home to Virginia from Kuwait, called the new redress process “entirely one-sided.”
Lawyer representing whistle blowers finds malware on drive supplied by cops
An Arkansas lawyer representing current and former police officers in a contentious whistle-blower lawsuit is crying foul after finding three distinct pieces of malware on an external hard drive supplied by police department officials.
The hard drive was provided last year by the Fort Smith Police Department to North Little Rock attorney Matt Campbell in response to a discovery demand filed in the case. Campbell is representing three current or former police officers in a court action, which was filed under Arkansas’ Whistle-Blower Act. The lawsuit alleges former Fort Smith police officer Don Paul Bales and two other plaintiffs were illegally investigated after reporting wrongful termination and overtime pay practices in the department.
According to court documents filed last week in the case, Campbell provided police officials with an external hard drive for them to load with e-mail and other data responding to his discovery request. When he got it back, he found something he didn’t request. In a subfolder titled D:\Bales Court Order, a computer security consultant for Campbell allegedly found three well-known trojans