Tag: Privacy

SCOTUS Protects Our Phones

A lot of breaking news today, so short posts while I prepare two big ones. The Court will be issuing its biggest decisions over the next week. Today they ruled against Aero (and much as I like the idea of Aero, I kind of see their point). But the most important decision they handed down was in Riley v. California. The Court decided — unanimously — that cops need a warrant to search your cell phone. The decision is here and it’s beautiful. They systematically destroy the government’s argument that cell phones must be searched immediately for police safety. They point out that taking a phone off the network can easily protect it from being “wiped”. And they close with this:

Modern cell phones are not just another technological convenience. With all they contain and all they may reveal, they hold for many Americans “the privacies of life,” Boyd, supra, at 630. The fact that technology now allows an individual to carry such information in his hand does not make the information any less worthy of the protection for which the Founders fought. Our answer to the question of what police must do before searching a cell phone seized incident to an arrest is accordingly simple — get a warrant.

They only way it could have been better if they’d said “get a fucking warrant”, words that should be inscribed on the doors of every police station, NSA office, CIA dungeon and FBI building in the country.

Judge Slams NSA

Poor poor NSA. Just last night, 60 minutes gave them a 20-minute infomercial about how wonderful they are. And all the Obama supporters, who blasted CBS for their Benghazi story, fell in line and said it reassured them.

And then, today, this:

A federal judge said Monday that he believes the government’s once-secret collection of domestic phone records is unconstitutional, setting up likely appeals and further challenges to the data mining revealed by classified leaker Edward Snowden.

U.S. District Judge Richard Leon said the National Security Agency’s bulk collection of metadata — phone records of the time and numbers called without any disclosure of content — apparently violates privacy rights.
His preliminary ruling favored five plaintiffs challenging the practice, but Leon limited the decision only to their cases.

“I cannot imagine a more ‘indiscriminate’ and ‘arbitrary invasion’ than this systematic and high-tech collection and retention of personal data on virtually every citizen for purposes of querying and analyzing it without prior judicial approval,” said Leon, an appointee of President George W. Bush. “Surely, such a program infringes on ‘that degree of privacy’ that the Founders enshrined in the Fourth Amendment.”

Leon’s ruling said the “plaintiffs in this case have also shown a strong likelihood of success on the merits of a Fourth Amendment claim,” adding “as such, they too have adequately demonstrated irreparable injury.”
He rejected the government’s argument that a 1979 Maryland case provided precedent for the constitutionality of collecting phone metadata, noting that public use of telephones had increased dramatically in the past three decades.

This will certainly be appealed. Judge Leon didn’t overturn Smith vs. Maryland. What he did was make the pretty straight-forward argument that the information the government was collecting in 1979 by bugging an exchange for a few days to see who someone was calling is different from automatically slurping up comprehensive meta-data about millions of Americans every day. Check here for the ACLU’s demonstration of what can be done with “just” meta-data.

The usual suspects are decrying Judge Leon’s decision, although that seems entirely motivated by the lawsuit having been brought by, among others, Larry Klayman. Personally, I don’t care if the lawsuit was brought by Tarzan of the Apes. The fact is that the NSA’s meta-data collection program, which was kept secret until Snowden’s leaks, has to be addressed by the Supreme Court, not by some secret FISA Court.

All Your Infos

Well call me Nancy and color me surprised:

Maryland’s Health Connection, the state’s Obamacare marketplace, has been plagued by delays in the first days of open enrollment. If users are able to endure long page-loading delays, they are presented with the website’s privacy policy, a ubiquitous fine-print feature on websites that often go unread. Nevertheless, users are asked to check off a box that they agree to the terms.

The policy contains many standard statements about information automatically collected regarding Internet browsers and IP addresses, temporary “cookies” used by the site, and website accessibility. However, at least two conditions may give some users pause before proceeding.

The first is regarding personal information submitted with an application for those users who follow through on the sign up process all the way to the end. The policy states that all information to help in applying for coverage and even for making a payment will be kept strictly confidential and only be used to carry out the function of the marketplace. There is, however, an exception: “[W]e may share information provided in your application with the appropriate authorities for law enforcement and audit activities.”

Remember, this is Maryland, the state that won the right from SCOTUS to take your DNA on arrested and try to cross-match it any crime in their database. Do you think this state will hesitate to share any insurance information with law enforcement authorities? How long will it take for them to carve out exemptions to HIPAA to force doctors and insurance companies to share information about drug use, spousal abuse or gun ownership?

Oh, I’m being paranoid am I? Well, check out this story. The Border Patrol is using drones to look for illegal immigrants. But they now admit they have shared information from these drone flights with other agencies 500 times. What agencies? They won’t tell us. I’m going to guess we’re talking about ATF and DEA, looking for gun and drug runners, respectively. Also check out this graph showing what the NSA does with information they collect. Notice the inclusion of the FBI, the CIA and foreign governments.

This is what I keep yammering on about with the surveillance state. Once your information is out there, it’s out there. There’s no putting the genie back in the bottle. Information is so fluid, it can flow easily from agency to agency with minimal supervision. All it takes is a few clicks of the keyboard. The constant response of the surveillance defenders — just trust us — was inadequate when government agencies didn’t have our personal healthcare information. It’s doubly inadequate now.

Further Thoughts on Prism

A few notes as this story evolves:

You should read the NYT’s story about PRISM. It makes everything consistent: Greenwald’s original report, the tech companies denial and the reports we’ve been hearing off and on for the last seven years. Money quote:

Each of the nine companies said it had no knowledge of a government program providing officials with access to its servers, and drew a bright line between giving the government wholesale access to its servers to collect user data and giving them specific data in response to individual court orders. Each said it did not provide the government with full, indiscriminate access to its servers.

The companies said they do, however, comply with individual court orders, including under FISA. The negotiations, and the technical systems for sharing data with the government, fit in that category because they involve access to data under individual FISA requests. And in some cases, the data is transmitted to the government electronically, using a company’s servers.

“The U.S. government does not have direct access or a ‘back door’ to the information stored in our data centers,” Google’s chief executive, Larry Page, and its chief legal officer, David Drummond, said in a statement on Friday. “We provide user data to governments only in accordance with the law.”

Statements from Microsoft, Yahoo, Facebook, Apple, AOL and Paltalk made the same distinction.

But instead of adding a back door to their servers, the companies were essentially asked to erect a locked mailbox and give the government the key, people briefed on the negotiations said. Facebook, for instance, built such a system for requesting and sharing the information, they said.

The data shared in these ways, the people said, is shared after company lawyers have reviewed the FISA request according to company practice. It is not sent automatically or in bulk, and the government does not have full access to company servers. Instead, they said, it is a more secure and efficient way to hand over the data.

Tech companies might have also denied knowledge of the full scope of cooperation with national security officials because employees whose job it is to comply with FISA requests are not allowed to discuss the details even with others at the company, and in some cases have national security clearance, according to both a former senior government official and a lawyer representing a technology company.

This is less alarming than the initial reporting but still very very concerning. Keep in mind that, according to the Verizon story, the FISA court has been granting extremely broad warrants for surveillance. Keep in mind also that, according to the FISA laws, communications involving US citizens can be monitored.. Think about how many people overseas are on Twitter, on Facebook, use Google or read this very blog.

Do we have reason to be worried that these powers — which were a secret until now — will be abused? We already have reports that electronic communications of innocent Americans have been “accidentally” intercepted. The NSA is also trying to prevent the release of a Court opinion finding that they had engaged in unconstitutional spying.

And even if this weren’t the case, we know that these powers, especially when they lurk in secret, only have a tendency to expand. Powers intended for terrorism rapidly extend to drugs (which often involve foreign agents) and are then extended to ordinary crime. Think about the Constitution-shredding tactics used in the War on Drugs — asset forfeiture, for example — and how they been extended beyond the War on Drugs. Once you give our government a hammer, they will get the courts to rule that everything is a nail. I’m not particularly moved by the arguments — put forward by DNI Clapper and his apologists — that national security has been compromised. Not when some of our basic liberties are at stake. I’m pretty sure the terrorists are either completely clueless or avoid electronic communications, having assumed that something like this was going on.

The one thing I keep hearing is that we need to have a public debate about this. But keep in mind that the public debate hasn’t happened yet and is only happening to the extent that it is because of the leak. The Administration’s defenders would rather we not have had the debate at all.

Ah, the Administration’s defenders. Libertarians and some conservatives are responding to this revelation as you might expect. But the response of the Left Wing is disappointing if unsurprising. You know how we’ve used the terms “Bush Derangement Syndrome” and “Obama Derangement Syndrome”? They describe someone who has an irrational hatred of one of the two Presidents to the point where they always assume the worst motivations, the worst intentions and instantly believe any absurd story that emerges about them. Well, in the past few days, we’ve been seeing a lot of “Obama Defense Derangement Syndrome”: people who believe that any criticism of Obama falls into the ODS category (or is a sign of crypto-racism). Their increasingly mindless defense of the President is not based on any facts or any actions of his; they are based on who his critics are. So if Rand Paul disagrees with the President … well, Rand Paul is a nut so the President’s actions must be defensible.

The ODDS starting immediately with people saying the Prism slides didn’t look professional and might be faked. After they were confirmed, they jumped on the tech companies denial of the existence of the system (conveniently ignoring the Greenwald specifically mentioned those denials in his original report). Then they said that Bush started it (true enough; but Obama ran against that and has now brought it to its apotheosis). Now they’re claiming that we had a public debate (the tense is wrong; we’re having one now, thanks to the leak).

They have further parroted the President’s lie that Congress and the Courts signed off on all this without a qualm. But Senators Udall, Wyden and Paul were among many who objected to these powers, who tried to get basic civil liberties protections into the laws and warned us about the surveillance state that was being built. Senator Sensenbrenner, one of the architects of the Patriot Act, blasted the President for going beyond what was intended and not getting Congressional approval. As noted above, the Courts have pushed back on this, to the extent that they’ve been consulted. And, it bears repeating, much of the detail is in secret with many participants forced into silence under penalty of law. Citing the Sunday Morning Talkshow Dipshits as though they were an authority is simply abandoning your duty as a citizen.

The biggest tell for ODDS is ad hominem attacks on his critics. And, in this case, it’s attacks on Glenn Greenwald. I have my issues with Greenwald. I agree with him on civil liberties but the list of things I disagree with him on — Bradley Manning, Israel, the War on Terror, healthcare — is very long. But to suggest, as many are doing, that his revelation is based on some kind of personal animus against the President is ridiculous. Greenwald calls it as he sees it. He was highly critical of Bush, too. He is highly critical of almost everyone. He is always inflammatory on the subject of civil liberties. This sometimes leads him to overstate his case or assume the worst. But that’s his way and it always has been.

In this case, he has a legitimate story: the federal government has now admitted that the infrastructure exists for massive electronic surveillance; that they are already using this with FISA on foreign targets; that they have been able to get broad court orders to get meta-data from cell phone companies (which can be as intrusive as actual wiretapping). Claims that this reporting is “irresponsible” or “hysterical” misses that we should be kind of hysterical about broad surveillance powers. Reporting on this kind of government program is the press’s job. And responding to it by saying that we should just trust our government, that we should let Obama make these decisions, that “no one elected Glenn Greenwald” is subservient hogwash.

There is a need for our government to keep some things secret (and Greenwald specifically refused to publish technical details of PRISM for that reason). All Americans understand that there are things the government has to do on the quiet. But the creation of a massive surveillance state — a state that could be turned on us quite easily — is not something we should just trust our politicians to execute, no matter who they are or how much of a tingle they might give us up our leg.

Postscript: The identity of the leaker is now known. He has fled to Hong Kong, citing their commitment to civli liberties. This frankly strikes me as deranged, given Chinese law. I suspect the real reason for going there is to avoid extradition.

PPS: As for the political impact of all this, I suspect it will be small. Unfortunately, the American people are all too willing to ignore encroachments on their liberty.

Goose Gander Watch

I find myself amused. When I first saw this, I was sure it was from the Onion.

The Congress-focused research organization LegiStorm set off a firestorm on Capitol Hill this week as some staffers learned that their personal Twitter accounts would appear on the site.

LegiStorm on Wednesday publicized the tool StormFeed, a “real-time, full-text searchable access to every official press release and official tweet from Capitol Hill plus the tweets of thousands of congressional staffers,” according to a release. It’s a page available for members of the subscription service LegiStorm Pro.

As staffers learned about StormFeed, some discovered other detailed, personal information listed on the site.

“Many are finding inaccurate information in their profiles, despite [Legistorm’s] promise that info provided is ‘confirmed,’” one House Republican staffer told POLITICO in an email on Friday. “I was pretty surprised to show that they even listed who I married, when I married him and where. Why in the world does that need to be in there?”

Welcome to the fucking club, guys. We, the citizens, are subject to our government collecting all kinds of information about us. We, the citizens, are told that government can monitor our cell phones, roll drug-sniffing dogs up and see our e-mail patterns without a warrant. We, the citizens, will be subject to the new SOPA bills you guys are quietly crafting. We, the citizens, are subject to an ever-expanding list of federal crimes we can commit with knowing it. But someone wants to publish your public records and suddenly it’s a violation?

You may think that Congressional staffers are innocent bystandards in the war on our privacy. You would think wrong. Staffers are usually very involved in the legislative process. They often read the bills that Congressmen don’t. They are a party to ever civil liberties violations that has come down the pipe in the last ten years. And now they’re miffed because someone is looking at their God damned Twitter feed?

Give me a break.

The Eye in the, uh, Bushes

The Fourth Amendment takes another one in the seat for the Great Lost Cause.

U.S. District Judge William Griesbach ruled that it was reasonable for Drug Enforcement Administration agents to enter rural property without permission — and without a warrant — to install multiple “covert digital surveillance cameras” in hopes of uncovering evidence that 30 to 40 marijuana plants were being grown.

Funny thing about this: I do have some personal experience with this practice. In my PI days, I used a small wireless camera almost exactly like this one that I would place whenever I needed to watch a spot that direct surveillance wouldn’t work for. I could monitor it from about 1/2 mile away and record footage for as long as the batteries lasted. This was more for workman’s comp/disability cases, but the application was similar enough. And yes, I would position it on a subject’s property if I could, even though I never disregarded a No Trespassing sign like the Feds did on this case.

Did I feel like a creep spying on people that way? I guess I probably should have, but it was business. From the perspective of our rotting civil liberties though, increased technological surveillance is totally inevitable as long as we keep this charade on drugs going.

Unfortunately, the judge in this case properly applied the open fields exception and it will probably hold up on appeal.

Why you can not take them seriously

Where’s the anger from the perpetually mad leftists these days? Man, did the left howl about the Patriot Act when that was passed. Evil Boosh-Hitler and his fascist government tactics violating the rights of terrorists! Never mind that fascism is a disease of the left, and Bush while a big government lover, never rose to the level of the left and their desire to have government control all aspects of the rube’s lives, or that terrorists really are dangerous and deadly. Team Obama decides to ratchet up the scary government in what seriously amounts to a near fascist move, and we get nothing….

WASHINGTON (AP) – The U.S. intelligence community will now be able to store information about Americans with no ties to terrorism for up to five years under new Obama administration guidelines.

Until now, the National Counterterrorism Center had to immediately destroy information about Americans that was already stored in other government databases when there were no clear ties to terrorism.

Giving the NCTC expanded record-retention authority had been called for by members of Congress who said the intelligence community did not connect strands of intelligence held by multiple agencies leading up to the failed bombing attempt on a Detroit-bound airliner on Christmas 2009.

“Following the failed terrorist attack in December 2009, representatives of the counterterrorism community concluded it is vital for NCTC to be provided with a variety of datasets from various agencies that contain terrorism information,” Director of National Intelligence James Clapper said in a statement late Thursday. “The ability to search against these datasets for up to five years on a continuing basis as these updated guidelines permit will enable NCTC to accomplish its mission more practically and effectively.”

The new rules replace guidelines issued in 2008 and have privacy advocates concerned about the potential for data-mining information on innocent Americans.

Look, while not comfortable with it, I think some aspects of the Patriot Act where necessary because the terrorists need to be dealt with, but my support was always predicated on the premise that someone was really paying attention and the first time government abused these powers, there would be hell to pay. After all, it was obvious that the LSM so desperately wanted to help their partners in crime in the democrat party nail Bush, that even the appearance of impropriety would result in massive coverage implying the most negative possible scenario, and that would keep these powers somewhat in check.

Fast forward a few years, and not only is the Patriot Act still around, but now the LSM doesn’t quite care that much about improprieties. And when the left decides to do some seriously scary things like this, and there is no way you make the case that collecting information on citizens using the weak argument that a database you can mine might help you catch a terrorist, it results in nary a peep. Oh, privacy advocates are worried. Shit, this is the time to scream about fascist moves by government people.

“It is a vast expansion of the government’s surveillance authority,” Marc Rotenberg, executive director of the Electronic Privacy Information Center, said of the five-year retention period.

The government put in strong safeguards at the NCTC for the data that would be collected on U.S. citizens for intelligence purposes, Rotenberg said. These new guidelines undercut the Federal Privacy Act, he said.

“The fact that this data can be retained for five years on U.S. citizens for whom there’s no evidence of criminal conduct is very disturbing,” Rotenberg said.

“Total Information Awareness appears to be reconstructing itself,” Rotenberg said, referring to the Defense Department’s post-9/11 data-mining research program that was killed in 2003 because of privacy concerns.

The Washington Post first reported the new rules Thursday.

Tracking suspected or know terrorists and keeping data on them is one thing. If carefully scrutinized to prevent abuse, and abuse is punished, I can live with that. It’s an unfortunate consequence of the horrible times we live in and our inability or lack of desire to really do what would break the terrorist’s will to keep doing these sort of things. But collecting information on people – and we are unclear if the intent is to collect information on everyone or just certain people, but I am inclined to assume that once they can do a few, they will just do all people – is a whole other sort of game. It is frightening. Even if it is just for 5 years.

Tyrannical government starts with 2 things: the first is the attempt to disarm the populous, and the second is the collection of information about the people so you know who will give you grief and needs to be dealt with. Fast & Furious anyone? And now this. And yet, no anger from the LSM or the left. After all, Obama will just use it to sick Media Matters on conservatives or to see whom to hit up for donations in these idiot’s minds, and all that stuff is awesome.

Look, I am not saying that the right doesn’t do dumb things, but shit, and yeah, this is a hypothetical where I reverse the order of the political party holding the WH when things happen, if I was insanely angry at Obama for Passing the Patriot Act, and he was followed by Bush whom did something like this that takes it to a whole new level of scary, I would be howling at Bush too. My guy or not. Not gonna happen on the left though, because the anger was never over any fear of government abuse of power, but simply because the guy in the WH had the wrong letter next to his name.

The Obama administration said the new rules come with strong safeguards for privacy and civil liberties as well. Before the NCTC may obtain data held by another government agency, there is a high-level review to assure that the data “is likely to contain significant terrorism information,” Alexander Joel, the civil liberties protection officer at national intelligence directorate, said in a news release Thursday.

Yeah, sure. Because there isn’t any history at all of government, once it has access to a gimmick to bypass the proper process, has never abused it. The argument that we should collect data on everyone and that they will only look at it when they suspect something suddenly, with all kinds of precautions to prevent abuse, might appease some, but if you didn’t like the previous ability to collect information on suspects and actual terrorists, this expansion of power should leave you even more scared and angry. And I am not getting any of that from the usual suspects, when to me now the power and the ability to abuse definitely have crossed a threshold of tolerability.

Another Assualt On The Fourth Amendment

Last month we discussed Castle Laws, the concept that a man’s home is is castle, sacrosanct, and protected both from private citizens and government agencies. The sanctity of “The Home” is mentioned both in the Third and Fourth Amendments to The Constitution. In The Third, it prohibits the quartering of troops in peace time, and The Fourth Amendment specifically mentions houses as a place where person have a right “to be secure against unreasonable searches and seizures”. And along with the protections against unreasonable search comes the concept of the expectation of privacy:

In United States constitutional law the expectation of privacy is a legal test which is crucial in defining the scope of the applicability of the privacy protections of the Fourth Amendment to the United States Constitution. It is related to, but is not the same thing as a right of privacy, a much broader concept which is found in many legal systems (see privacy law).

There are two types of expectations of privacy:

A subjective expectation of privacy is an opinion of a person that a certain location or situation is private. These obviously vary greatly from person to person.
An objective, legitimate or reasonable expectation of privacy is an expectation of privacy generally recognized by society.

There is the primer. The city council of City Falls, Iowa has passed Ordinance #2740
which forces business owners and owners of certain rental properties to provide keys to their businesses (rentals) to the city council in the form of universal lock boxes, so that they (or their agents) can enter whenever they like:

A few things I find curious, like how easily these council members hide behind “The right to protect it’s citizens” irrespective of the obvious Constitutional conflicts it provides, how the most seemingly innocuous occurrence like a fire when no one is home is ample excuse to give them total access to your castle, and how irregardless of the apparent conflicts, a judge in the court room is only (and final) arbiter of whether this is right.

The video mentioned that today, 7pm local time, the council would have another vote on the matter. As I type this, that meeting started 4 hours ago, hopefully I can find something on the outcome later but given that it flew through the first time 6-1, some stiff head winds will be required to derail it.

A few of the those speaking out against this proposal made some good points. Protecting the folks does not mean that it is their job to remove all risks, impractical and impossible. And the point the gentleman made about the purpose of The Constitution, for the people to restrain the government-not the other way around, is paramount in this discussion.

The other thing they glossed over was liability. In this new age of austerity, where cities have to be run on a shoe string, to expose themselves in this way, making them by virtue of them having the keys to the castle liable for any and all ill that might befall the owners or residences, I don’t get it.

I’ve said it before, although government has a legitimate purpose in our lives and the full backing and will of the people by virtue of their democratic assent, this in no way means that we do not watch them or trust them with that faith. Abuses, whether intentional of otherwise happen all the time. An ever watchful and diligent populace stands between democracy and totalitarianism. This is no time for the people to get all wobbly. From the DOI:

That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, — That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness.

And the people are the only judge of when it becomes destructive of these ends.