Thursday, February 05, 2015

OpenStack 02/05/2015 (p.m.)

  • Tags: surveillance state, NSA-reform, DNI, Clapper, voluntary-reforms

    • The US intelligence community has delivered a limited list of tweaks to how long it can hold information on ordinary citizens and hide secret trawls for data, responding to Barack Obama’s call for reform of its surveillance practices in the wake of revelations about NSA practices.

      Published by the office of the director of national intelligence, James Clapper, just six days before a recently announced visit to Washington by the German chancellor, Angela Merkel, the report is the culmination of a year-long effort to respond to revelations by whistleblower Edward Snowden.

    • But the report does not appear to address the role of telecommunications companies in collecting metadata and the use of encryption to prevent hacking, and privacy critics were quick to pounce on a year of promises with little reform to show.

      “It’s hard to see much ‘there’ there,” Senator Ron Wyden said in a statement. “When it comes to reforming intelligence programs and protecting Americans’ privacy, there is much, much more work to be done.”

      The outline from the intelligence community also appears to fall short of the legislative changes attempted by campaigners in Congress, focusing instead on measures to tighten internal guidelines and provide foreigners with some of the protections allowed for US citizens.

      These measures include:

    • Other measures outlined in the new report include steps to clarify the protection given to whistleblowers if they follow internal rules and a requirement that “any significant compliance incident involving personal information, regardless of the person’s nationality” be reported to Clapper.
      • Limiting how long personal data gathered from non-US citizens can be held to five years, so long as it is deemed not relevant to ongoing intelligence investigations.
      • Asking Congress to provide some foreign nationals access to legal redress if their private information has been wilfully disclosed by US intelligence agencies.
      • Limiting to three years how long the FBI can prevent disclosure of its surveillance activities using so-called national security letters, unless a special agent deems otherwise.
    • The official results of Obama’s call for surveillance reform also appear to have failed to address encryption. The FBI director, James Comey, and other officials have been highly critical of the use of encryption by tech companies such as Apple to protect their users’ information. Comey has argued that stronger encryption, baked in to some technology after the Snowden revelations, will aid criminals and terrorists and shut out law enforcement.
    • The intelligence report itself acknowledges that further reforms called for by the president, such as ending the collection of bulk data by the government, have not been implemented, possibly due to stalled legislative efforts in Congress.
  • Victory on Net Neutrality in sight. The FCC Chairman is circulating a draft rule that designates both cable and wireless ISPs as "common carriers" under Title II.  

    Tags: net-neutrality, FCC, Title-II, rules

  • Tags: surveillance state, NSA-reform, DNI, Clapper, voluntary-reforms

    • Director of National Intelligence James Clapper this morning released a report detailing new rules aimed at reforming the way signals intelligence is collected and stored by certain members of the United States Intelligence Community (IC). The long-awaited changes follow up on an order announced by President Obama one year ago that laid out the White House’s principles governing the collection of signals intelligence. That order, commonly known as PPD-28, purports to place limits on the use of data collected in bulk and to increase privacy protections related to the data collected, regardless of nationality.

      Accordingly, most of the changes presented as “new” by Clapper’s office  (ODNI) stem directly from the guidance provided in PPD-28, and so aren’t truly new. And of the biggest changes outlined in the report, there are still large exceptions that appear to allow the government to escape the restrictions with relative ease.

      Here’s a quick rundown.

    • Retention policy for non-U.S. persons. The new rules say that the IC must now delete information about “non-U.S. persons” that’s been gathered via signals intelligence after five-years. However, there is a loophole that will let spies hold onto that information indefinitely whenever the Director of National Intelligence determines (after considering the views of the ODNI’s Civil Liberties Protection Officer) that retaining information is in the interest of national security. The new rules don’t say whether the exceptions will be directed at entire groups of people or individual surveillance targets. 

      Section 215 metadata. Updates to the rules concerning the use of data collected under Section 215 of the Patriot Act includes the requirement that the Foreign Intelligence Surveillance Court (rather than authorized NSA officials) must determine spies have “reasonable, articulable suspicion” prior to query Section 215 data, outside of emergency circumstances. What qualifies as an emergency for these purposes? We don’t know.

      Additionally, the IC is now limited to two “hops” in querying the database. This means that spies can only play two degrees of Kevin Bacon, instead of the previously allowed three degrees, with the contacts of anyone targeted under Section 215. The report doesn’t explain what would prevent the NSA (or other agency using the 215 databases) from getting around this limit by redesignating a phone number found in the first or second hop as a new “target,” thereby allowing the agency to continue the contact chain.

    • National security letters (NSLs). The report also states that the FBI’s gag orders related to NSLs expire three years after the opening of a full-blown investigation or three years after an investigation’s close, whichever is earlier. However, these expiration dates can be easily overridden by by an FBI Special Agent in Charge or a Deputy Assistant FBI Director who finds that the statutory standards for secrecy about the NSL continue to be satisfied (which at least one court has said isn’t a very high bar). This exception also doesn’t address concerns that NSL gag orders lack adequate due process protections, lack basic judicial oversight, and may violate the First Amendment.
    • The report also details the ODNI’s and IC’s plans for the future, including:

      (1) Working with Congress to reauthorize bulk collection under Section 215.

      (2) Updating agency guidelines under Executive Order 12333 “to protect the privacy and civil liberties of U.S. persons.”

      (3) Producing another annual report in January 2016 on the IC’s progress in implementing signals intelligence reforms.

      These plans raise more questions than they answer. Given the considerable doubts about Section 215’s effectiveness, why is the ODNI pushing for its reauthorization? And what will the ODNI consider appropriate privacy protections under Executive Order 12333?


Posted from Diigo. The rest of Open Web group favorite links are here.

No comments: