How Big Pharma’s Shadow Regulation Censors the Internet


Americans pay by far the highest prices in the world for most prescription drugs, and of course big pharma would like to keep it that way.

Source: How Big Pharma’s Shadow Regulation Censors the Internet

Yahoo’s CISO resigned in 2015 over secret e-mail search tool ordered by feds | Ars Technica


Reuters: Yahoo “complied with a classified US government directive.”

Presuming that the report is correct, it would represent essentially the digital equivalent of a general warrant—which is forbidden by the Fourth Amendment

Source: Yahoo’s CISO resigned in 2015 over secret e-mail search tool ordered by feds | Ars Technica

You Can’t Read the TPP, But These Huge Corporations Can

The Senate today is holding a key procedural vote that would allow the Trans-Pacific Partnership to be “fast-tracked.”

So who can read the text of the TPP? Not you, it’s classified. Even members of Congress can only look at it one section at a time in the Capitol’s basement, without most of their staff or the ability to keep notes.

But there’s an exception: if you’re part of one of 28 U.S. government-appointed trade advisory committees providing advice to the U.S. negotiators. The committees with the most access to what’s going on in the negotiations are 16 “Industry Trade Advisory Committees,” whose members include AT&T, General Electric, Apple, Dow Chemical, Nike, Walmart and the American Petroleum Institute.

The TPP is an international trade agreement currently being negotiated between the US and 11 other countries, including Japan, Australia, Chile, Singapore and Malaysia. Among other things, it could could strengthen copyright laws, limit efforts at food safety reform and allow domestic policies to be contested by corporations in an international court. Its impact is expected to be sweeping, yet venues for public input hardly exist.

Industry Trade Advisory Committees, or ITACs, are cousins to Federal Advisory Committees like the National Petroleum Council that I wrote about recently. However, ITACs are functionally exempt from many of the transparency rules that generally govern Federal Advisory Committees, and their communications are largely shielded from FOIA in order to protect “third party commercial and/or financial information from disclosure.” And even if for some reason they wanted to tell someone what they’re doing, members must sign non-disclosure agreements so they can’t “compromise” government negotiating goals. Finally, they also escape requirements to balance their industry members with representatives from public interest groups.

The result is that the Energy and Energy Services committee includes the National Mining Association and America’s Natural Gas Alliance but only one representative from a company dedicated to less-polluting wind and solar energy.

The Information and Communications Technologies, Services, and Electronic Commerce committee includes representatives from Verizon and AT&T Services Inc. (a subsidiary of AT&T), which domestically are still pushing hard against new net neutrality rules that stop internet providers from creating more expensive online fast-lanes.

And the Intellectual Property Rights committee includes the Recording Industry Association of America, the Pharmaceutical Research and Manufacturers of America, Apple, Johnson and Johnson and Yahoo, rather than groups like the Electronic Frontier Foundation, which shares the industry’s expertise in intellectual property policy but has an agenda less aligned with business.

Link (The Intercept)

NSA Director: If I Say ‘Legal Framework’ Enough, Will It Convince You Security People To Shut Up About Our Plan To Backdoor Encryption?

Admiral Mike Rogers, the NSA Director, has barely been on the job for a year, and so far he’d mostly avoided making the same kinds of absolutely ridiculous statements that his predecessor General Keith Alexander was known for. Rogers had, at the very least, appeared slightly more thoughtful in his discussions about the surveillance state and his own role in it. However, Rogers ran into a bit of trouble at New America’s big cybersecurity event on Monday — in that there were actual cybersecurity folks in the audience and they weren’t accepting any of Rogers’ bullshit answers. The most notable exchange was clearly between Rogers and Alex Stamos, Yahoo’s chief security officer, and a well known privacy/cybersecurity advocate.

Alex Stamos (AS): “Thank you, Admiral. My name is Alex Stamos, I’m the CISO for Yahoo!. … So it sounds like you agree with Director Comey that we should be building defects into the encryption in our products so that the US government can decrypt…

Mike Rogers (MR): That would be your characterization. [laughing]

AS: No, I think Bruce Schneier and Ed Felton and all of the best public cryptographers in the world would agree that you can’t really build backdoors in crypto. That it’s like drilling a hole in the windshield.

MR: I’ve got a lot of world-class cryptographers at the National Security Agency.

AS: I’ve talked to some of those folks and some of them agree too, but…

MR: Oh, we agree that we don’t accept each others’ premise. [laughing]

AS: We’ll agree to disagree on that. So, if we’re going to build defects/backdoors or golden master keys for the US government, do you believe we should do so — we have about 1.3 billion users around the world — should we do for the Chinese government, the Russian government, the Saudi Arabian government, the Israeli government, the French government? Which of those countries should we give backdoors to?

MR: So, I’m not gonna… I mean, the way you framed the question isn’t designed to elicit a response.

AS: Well, do you believe we should build backdoors for other countries?

MR: My position is — hey look, I think that we’re lying that this isn’t technically feasible. Now, it needs to be done within a framework. I’m the first to acknowledge that. You don’t want the FBI and you don’t want the NSA unilaterally deciding, so, what are we going to access and what are we not going to access? That shouldn’t be for us. I just believe that this is achievable. We’ll have to work our way through it. And I’m the first to acknowledge there are international implications. I think we can work our way through this.

AS: So you do believe then, that we should build those for other countries if they pass laws?

MR: I think we can work our way through this.

AS: I’m sure the Chinese and Russians are going to have the same opinion.

MR: I said I think we can work through this.

AS: Okay, nice to meet you. Thanks.

[laughter]

MR: Thank you for asking the question. I mean, there are going to be some areas where we’re going to have different perspectives. That doesn’t bother me at all. One of the reasons why, quite frankly, I believe in doing things like this is that when I do that, I say, “Look, there are no restrictions on questions. You can ask me anything.” Because we have got to be willing as a nation to have a dialogue. This simplistic characterization of one-side-is-good and one-side-is-bad is a terrible place for us to be as a nation. We have got to come to grips with some really hard, fundamental questions. I’m watching risk and threat do this, while trust has done that. No matter what your view on the issue is, or issues, my only counter would be that that’s a terrible place for us to be as a country. We’ve got to figure out how we’re going to change that.

[Moderator Jim Sciutto]: For the less technologically knowledgeable, which would describe only me in this room today, just so we’re clear: You’re saying it’s your position that in encryption programs, there should be a backdoor to allow, within a legal framework approved by the Congress or some civilian body, the ability to go in a backdoor?

MR: So “backdoor” is not the context I would use. When I hear the phrase “backdoor,” I think, “well, this is kind of shady. Why would you want to go in the backdoor? It would be very public.” Again, my view is: We can create a legal framework for how we do this. It isn’t something we have to hide, per se. You don’t want us unilaterally making that decision, but I think we can do this.

Link (Techdirt)

Internet Industry Now Considers The Intelligence Community An Adversary, Not A Partner

In an interview last month, Timothy D. Cook, Apple’s chief executive, said the N.S.A. “would have to cart us out in a box” before the company would provide the government a back door to its products. Apple recently began encrypting phones and tablets using a scheme that would force the government to go directly to the user for their information. And intelligence agencies are bracing for another wave of encryption.

In fact, it seems noteworthy that this whole issue of increasing encryption by the tech companies to keep everyone out has been left off the official summit schedule. As the NY Times notes, Silicon Valley seems to be pretty much completely fed up with the intelligence community after multiple Snowden revelations revealed just how far the NSA had gone in trying to “collect it all” — including hacking into the foreign data centers of Google and Yahoo. And, on top of that, the NSA’s efforts to buy up zero day vulnerabilities before companies can find out and patch them:

“What has struck me is the enormous degree of hostility between Silicon Valley and the government,” said Herb Lin, who spent 20 years working on cyberissues at the National Academy of Sciences before moving to Stanford several months ago. “The relationship has been poisoned, and it’s not going to recover anytime soon.”

Link (Techdirt)

Magistrate Judge Shoots Down Government’s Attempt To Gag Yahoo Indefinitely Over Grand Jury Subpoenas

California judge Paul Grewal continues to hold up his end of the “Magistrates’ Revolt.” Grewal was the magistrate who shot down the government’s open-ended request to grab every email in a person’s Gmail account and sort through them at its leisure. He was actually the second magistrate to shoot down this request. The government went “judge shopping” after Judge John Facciola told it the scope of the request needed to be narrowed considerably before he would even think about granting it. The government decided it still wanted all the email and traveled across the country to see Judge Grewal… who told them to GTFO without even giving the feds the option to rewrite the request.

Grewal is once again siding with the public and acting as a check against government overreach.

Law enforcement cannot indefinitely forbid Yahoo Inc from revealing a grand jury subpoena that seeks subscriber account information, a U.S. judge ruled, because doing so would violate the company’s free speech rights.

U.S. Magistrate Judge Paul Grewal in San Jose, California on Thursday wrote that the government’s request would prohibit Yahoo from disclosing the subpoena, even years after the grand jury concluded its probe. The court order does not disclose the target of the federal investigation.

“In an era of increasing public demand for transparency about the extent of government demands for data from providers like Yahoo!, this cannot stand,” Grewal wrote.

Link (Techdirt)