• Bill requiring Internet companies to report “terrorist activity” opposed by digital rights groups

    A coalition of digital rights groups and trade associations last week released a joint letter opposing a proposal in the Senate to require U.S. tech firms to police the speech of their users and to report any signs of apparent “terrorist activity” to law enforcement. The letter says that this sweeping mandate covers an undefined category of activities and communications and would likely lead to significant over-reporting by communication service providers. The letter urged senators to remove the “terrorist activity” reporting requirements from the Intelligence Authorization Act (S. 1705).

  • German prosecutors charge news Web site with treason over leaks of surveillance plan

    German authorities have launched a treason investigation into a news Web site which had reported on government plans to broaden state surveillance of online communications. This is the first time in more than fifty years that German journalists are facing treason charges for publishing leaked documents.

  • NSA to destroy millions of American call records collected under controversial program

    The director of national intelligence said on Monday that the NSA would no longer examine call records collected by the NSA in its controversial bulk collection program before the June reauthorization of the Patriot Act which prohibits such collection. Bulk records are typically kept for five years, but the director said that although the records in the NSA database were collected lawfully, they would not be examined, and would soon be destroyed.

  • Journalists’ computer security tools lacking in a post-Snowden world

    Edward Snowden’s leak of classified documents to journalists around the world about massive government surveillance programs and threats to personal privacy ultimately resulted in a Pulitzer Prize for public service. Though Snowden had no intention of hiding his identity, the disclosures also raised new questions about how effectively news organizations can protect anonymous sources and sensitive information in an era of constant data collection and tracking. Researchers found a number of security weaknesses in journalists’ and news organizations’ technological tools and ad-hoc workarounds.

  • In first case of its kind, UK high court rules surveillance law unconstitutional

    Controversial surveillance legislation hustled through parliament last summer has been ruled unlawful by the U.K. High Court, which argued that the vague terms and descriptions of powers in the Data Retention and Investigatory Powers Act 2014 (DRIPA) renders the act incompatible with human rights under European law. DRIPA, one in a series of laws supporting controversial surveillance powers passed by successive U.K. governments, establishes the principle by which anti-terrorism measures and national security priorities take precedence over human rights considerations. However, the judgment rules that the EU Charter of Fundamental Rights must take precedence, and in doing so requires the U.K. government to undo its own act of parliament — a significant precedent by a British court.

  • Questions raised about Kaspersky’s close ties to the Russian government

    Kaspersky Lab is a Moscow-based company which sells security software, including antivirus programs. The company has 400 million customers, and it ranks sixth in revenue among security-software makers. Since 2012, the company began to replace senior managers with people with close ties to Russia’s military or intelligence services. The company is also helping the FSB, the KGB’s successor, in investigating hacks – and people in the know say the company provides the FSB with the personal data of customers. The company’s actual or perceived alliances have made it a struggle to win U.S. federal contracts.

  • New U.K. surveillance review calls for a fresh start in the law for interception of communications

    After a year of investigation and consultation, the U.K. Independent Surveillance Review has delivered its conclusions to Prime Minister David Cameron. The authors presented their report, A Democratic License to Operate, yesterday (14 July 2015). The Review shows how a democracy can combine the high level of security the public has a right to expect, and also ensure the respect for privacy and freedom of speech that are the foundations of a democracy. The panel unanimously calls on government, civil society, and industry to accept its recommendations and work together to put them into practice.

  • Giving government special access to data poses major security risks

    In recent months, government officials in the United States, the United Kingdom, and other countries have made repeated calls for law-enforcement agencies to be able to access, upon due authorization, encrypted data to help them solve crimes. Beyond the ethical and political implications of such an approach, though, is a more practical question: If we want to maintain the security of user information, is this sort of access even technically possible? A report by cybersecurity and encryption experts says that whether “backdoor” or “front-door,” such mechanisms “pose far more grave security risks, imperil innovation on which the world’s economies depend, and raise more thorny policy issues than we could have imagined when the Internet was in its infancy.”

  • Privacy vs. security debate intensifies as more companies offer end-to-end-encryption

    A long running debate has now come to the fore with greater urgency. The tension between the privacy that encryption offers, and the need for law enforcement and national security agencies to have access to secured and encrypted e-mail, has become more acute in the last two years. The revelations of Edward Snowden about the post-9/11 reach and scope of surveillance by intelligence agencies and law enforcement, have caused some tech giants to offer encrypted services to their customers – encrypted services which enhance customers’ privacy protection, but which at the same time make it impossible for law enforcement and intelligence services to track and monitor terrorists and criminals. “Our job is to find needles in a nationwide haystack, needles that are increasingly invisible to us because of end-to-end encryption,” FBI director James Comey told lawmakers in recent hearing on the Hill.

  • U.S. surveillance policies cost U.S. tech sector more than $35 billion in sales

    New report says the U.S. tech industry has under-performed as a result of concerns about the U.S. government’s electronic surveillance. The report estimates that the total economic impact on the U.S. tech sector of U.S. surveillance practices exceeds $35 billion annually. The report recommends policymakers level the playing field for the U.S. tech sector by implementing a series of reforms such as increasing the transparency of its surveillance practices, opposing government efforts to weaken encryption or introduce backdoors in software, and strengthening its mutual legal assistance treaties with other nations.

  • Snowden fallout: Revelations forced U.K. to pull out agents from “hostile countries”

    The British security services had to pull out agents from “hostile countries” as a result of information the Chinese and Russian intelligence services obtained when they gained access to the millions of top-secret NSA files Edward Snowed was carrying with him when he fled to Honk Kong and then to Russia. Snowden assured journalists who interviewed him that the Chinese and Russian intelligence services would not be able to access these files because he encrypted them with the highest encryption methods available. Security experts commented that he was either naïve or disingenuous – because he must have known, or should have known, that the cyber capabilities these two countries would make it relatively easy for them to crack the encrypted files he was carrying with him. We now know that these security experts were right.

  • Administration rejects criticism of NSA’s surveillance of foreign hackers

    Just two years after the Edward Snowden leaks exposed the NSA’s domestic surveillance program, another report released last Friday from the Snowden files shares information about the NSA’s efforts to track foreign hackers. As with the NSA’s controversial foreign surveillance program which kept metadata records of suspected foreign terrorists’ conversations with Americans, the NSA’s hacker program may incidentally gather Americans’ private information from the files of foreign hackers.

  • Administration asks court for six more months of NSA bulk metadata collection

    Just four hours after President Barack Obama vowed to sign the USA Freedom Actwhich limits the NSA’s domestic bulk data collection program, his administration asked the Foreign Intelligence Surveillance (FISA) court to ignore a ruling by the second circuit court of appeals declaring the bulk surveillance program unauthorized, and instead grant the NSA power to continue bulk collection for six months. In its request, the administration pointed to a six months transition period provided in the USA Freedom Act as a reason to permit an “orderly transition” of the NSA’s domestic bulk collection program.

  • “Dark Internet” inhibits law enforcement’s ability to identify, track terrorists

    For several months, Islamic State militants have been using instant messaging apps which encrypt or destroy conversations immediately. This has inhibit U.S. intelligence and law enforcement agencies from identifying and monitoring suspected terrorists, even when a court order is granted, because messaging companies and app developers say they are unable to unlock the coded conversations and/or do not have a record of the conversations. “We’re past going dark in certain instances,” said Michael B. Steinbach, the FBI’s top counterterrorism official. “We are dark.”

  • Senate passes surveillance reform

    The U.S. Senate yesterday voted 67-32 to pass the House’s USA Freedom Act which would end the NSA collection of bulk metadata of Americans’ phone records. The bill will now head to the White House for the president to sign. The USA Freedom Act shifts the responsibility for keeping the phone records from the government to hundreds of separate phone carriers – but important questions remain. Thus it is not entirely clear how many records the carriers will keep, and for how long, and under what circumstances will they allow law enforcement to view these records. Senator Mitch McConnell (R-Kentucky), the Senate majority leader, who supported the reauthorization of the Patriot Act, said that the USA Freedom Act is “a resounding victory for those who currently plotted against our homeland. It does not enhance the privacy protections of American citizens, and it surely undermines American security by taking one more tool from our war fighters, in my view, at exactly the wrong time.”