• Legislation would give U.K. police powers to access U.K. computer users’ browsing history

    The U.K. police and intelligence service, ahead of the publication this coming Wednesday of legislation on regulating surveillance powers, have urged the government to give them the power to view the Internet browsing history of British computer users. Senior officers were pressuring the government to revive measures which would require telecommunications companies to retain for twelve months data which would reveal Web sites visited by customers. The police and intelligence agencies argue that such measures are necessary because the scale of online activity has made traditional methods of surveillance and investigation less useful.

  • IRS commissioner confirms agency employs cellphone tracking devices

    IRS commissioner John Koskinen on Tuesday confirmed to lawmakers that his agency employed StingRay cellphone tracking devices. Koskinen said that the agency’s use of StingRay devices is limited to its criminal investigations division, which is responsible of investigating money laundering, terrorism, and organized crime cases. “It can only be used with a court order. It can only be used based on probable cause of criminal activity,” Koskinen said, the Hill reports. “It is not used in civil matters at all,” he continued. “It’s not used by other employees of the IRS.”

  • IRS employed cellphone-surveillance technology

    The IRS spent $65,652 on surveillance technology which tracks people by capturing their cellphone calls through StingRays – devices which mimic legitimate cell towers. The devices are also known as IMSI-catchers or cell-tower simulators. In addition to locating cellphone users, StingRays also use the signals to identify the owner of the phone, and may also be able to capture the phone owner’s contacts, messages, and other content off the phone. More than a dozen federal agencies, and local police in twenty-two states, have also employed the technology.

  • Ruling shows Europe still vexed over NSA spying, leaving U.S. companies in legal limbo

    For over fifteen years, the Data Transfer Pact between the European Union and the United States, more commonly known as Safe Harbor, had ensured that companies with EU operations could transfer online data about their employees and customers back to the United States despite stark differences between U.S. and European privacy law. Earlier this month, U.S. companies operating in Europe got some unwelcome news: Safe Harbor had been ruled invalid. The European court’s ruling has serious implications for these companies’ business models and profitability, leaving many scrambling to find solutions. But it also exposes a fundamental cultural rift between the U.S. and Europe’s conceptions of privacy – one that a new agreement won’t be able to paper over.

  • White House will not seek law allowing law enforcement access to encrypted messages

    The Obama administration has decided not to seek legislation which would require tech companies to design their devices in a way which would give law enforcement agencies access to individuals’ encrypted messages, the White House said on Saturday. The tech industry, led by giants Apple, Google, Facebook, IBM, and Microsoft, has mounted a vigorous campaign opposing any administration moves to weaken ever-more-sophisticated encryption systems which are designed to protect consumers’ privacy.

  • European Court of Justice: U.S. data systems expose users to state surveillance

    The European Court of Justice (ECJ) in Luxembourg has ruled that U.S. digital data storage systems fail to provide sufficient privacy from state surveillance. The ECJ declared the American so-called safe harbor scheme “invalid.” The ruling, which is binding on all EU members states, stated that: “The United States … scheme thus enables interference, by United States public authorities, with the fundamental rights of persons…” The ruling will have far-reaching ramifications for the online industry and would likely lead many companies to relocate their operations.

  • The growing link between intelligence communities and academia

    The events of September 11 2001 were a catalyst for change in the intelligence profession.One noticeable change: The number of universities offering an intelligence studies-related degree has grown from  a handful to few dozen. Universities are starting to develop curricula that feature practical real-world exercises and structural analytical techniques. This is often happening in collaboration with the intelligence community. Like most businesses or agencies do, universities are starting to develop specific niches. This expansion is being led by the International Association for Intelligence Education (IAFIE), which was formed in June 2004. The field will only grow. It’s a necessary expansion to produce the professionals needed to ensure America’s national security and that of its allies for generations to come.

  • Sandia teams with industry to improve human-data interaction

    Intelligence analysts working to identify national security threats in warzones or airports or elsewhere often flip through multiple images to create a video-like effect. They also may toggle between images at lightning speed, pan across images, zoom in and out or view videos or other moving records. These dynamic images demand software and hardware tools that will help intelligence analysts analyze the images more effectively and efficiently extract useful information from vast amounts of quickly changing data. Sandia Lab and EyeTracking, Inc. will research and develop tools to improve how intelligence analysts gather visual information.

  • Bill requiring Internet companies to report “terrorist activity” opposed by digital rights groups

    A coalition of digital rights groups and trade associations last week released a joint letter opposing a proposal in the Senate to require U.S. tech firms to police the speech of their users and to report any signs of apparent “terrorist activity” to law enforcement. The letter says that this sweeping mandate covers an undefined category of activities and communications and would likely lead to significant over-reporting by communication service providers. The letter urged senators to remove the “terrorist activity” reporting requirements from the Intelligence Authorization Act (S. 1705).

  • German prosecutors charge news Web site with treason over leaks of surveillance plan

    German authorities have launched a treason investigation into a news Web site which had reported on government plans to broaden state surveillance of online communications. This is the first time in more than fifty years that German journalists are facing treason charges for publishing leaked documents.

  • NSA to destroy millions of American call records collected under controversial program

    The director of national intelligence said on Monday that the NSA would no longer examine call records collected by the NSA in its controversial bulk collection program before the June reauthorization of the Patriot Act which prohibits such collection. Bulk records are typically kept for five years, but the director said that although the records in the NSA database were collected lawfully, they would not be examined, and would soon be destroyed.

  • Journalists’ computer security tools lacking in a post-Snowden world

    Edward Snowden’s leak of classified documents to journalists around the world about massive government surveillance programs and threats to personal privacy ultimately resulted in a Pulitzer Prize for public service. Though Snowden had no intention of hiding his identity, the disclosures also raised new questions about how effectively news organizations can protect anonymous sources and sensitive information in an era of constant data collection and tracking. Researchers found a number of security weaknesses in journalists’ and news organizations’ technological tools and ad-hoc workarounds.

  • In first case of its kind, UK high court rules surveillance law unconstitutional

    Controversial surveillance legislation hustled through parliament last summer has been ruled unlawful by the U.K. High Court, which argued that the vague terms and descriptions of powers in the Data Retention and Investigatory Powers Act 2014 (DRIPA) renders the act incompatible with human rights under European law. DRIPA, one in a series of laws supporting controversial surveillance powers passed by successive U.K. governments, establishes the principle by which anti-terrorism measures and national security priorities take precedence over human rights considerations. However, the judgment rules that the EU Charter of Fundamental Rights must take precedence, and in doing so requires the U.K. government to undo its own act of parliament — a significant precedent by a British court.

  • Questions raised about Kaspersky’s close ties to the Russian government

    Kaspersky Lab is a Moscow-based company which sells security software, including antivirus programs. The company has 400 million customers, and it ranks sixth in revenue among security-software makers. Since 2012, the company began to replace senior managers with people with close ties to Russia’s military or intelligence services. The company is also helping the FSB, the KGB’s successor, in investigating hacks – and people in the know say the company provides the FSB with the personal data of customers. The company’s actual or perceived alliances have made it a struggle to win U.S. federal contracts.

  • New U.K. surveillance review calls for a fresh start in the law for interception of communications

    After a year of investigation and consultation, the U.K. Independent Surveillance Review has delivered its conclusions to Prime Minister David Cameron. The authors presented their report, A Democratic License to Operate, yesterday (14 July 2015). The Review shows how a democracy can combine the high level of security the public has a right to expect, and also ensure the respect for privacy and freedom of speech that are the foundations of a democracy. The panel unanimously calls on government, civil society, and industry to accept its recommendations and work together to put them into practice.