FISA
Latest
NSA cites executive order to defend its collection of cellphone location data
The 5 billion cellphone location records the NSA's reportedly collecting daily? Don't expect an apology. While it's hard to sustain shock and disbelief when we've been hearing new details about the government's information collecting for months now, the National Security Agency saw fit to address concerns about the so-called Co-Traveler program in a statement today. The gist: The collection of massive amounts of location data is incidental in the agency's effort to "collect foreign intelligence information that is relevant to national security." Interestingly, the statement references a Reagan-era executive order (12333, if you want to dig deep) to vindicate the agency's data-collection practices. That executive order, authorized in 1981, authorizes the collection of foreign intelligence information relevant to the nation's safety through means "consistent with applicable United States law." Additionally, the statement asserts that these surveillance activities don't violate FISA. The bottom line, though, is that the NSA won't be doubling back on its data collecting any time soon.
Google Transparency Report now breaks out US court orders
Google has frequently expanded the coverage of its Transparency Report with each update, and it's not about to stop today. The search giant's latest report now illustrates US court orders by type, including wiretaps, pen registers (phone routing info) and potentially life-saving emergency disclosures. As you'll see both above and in charts after the break, these specialized court orders make up just nine percent of government requests -- the bulk are either subpoenas or warrants, not all of which require a judge. Meanwhile, things aren't looking good for those who've been hoping for less state surveillance. Google says that the volume of government data requests worldwide has more than doubled in the past three years, with about 42 percent of the latest batch coming from the US. The company also notes that this is only what it can report; without the legal authority to disclose FISA requests, it can only provide an incomplete picture at best.
Facebook, Google received redacted government reply to FISA court, respond with new filing
You may recall that several internet companies have petitioned the US Foreign Intelligence Surveillance Court to disclose information about the government's requests for user data. In a September 30 filing, the Department of Justice denied those requests -- and only provided Google et al. with a heavily redacted version of its response. In a new filing today, Facebook, Google, LinkedIn, Microsoft and Yahoo claim that the DoJ withheld the government's reasoning for refusing the requests for greater transparency. This, in turn, makes it nearly impossible for the companies to respond with a counterargument. Today's filing calls this withholding of information unconstitutional, and it calls for the court to strike the redacted sections. We doubt this is the last we'll hear on the subject; these tech firms have increasingly privacy-conscious users to answer to, and the FISA court's October decision to renew NSA call metadata-collecting doesn't exactly assuage fears, either.
FISA court renews NSA permission to collect call metadata
News that the NSA collects bulk phone call metadata (phone numbers, call times and duration) from Verizon and other backbone providers initially leaked out in June. Since then PRISM, Edward Snowden and any number of other national security related topics have been in the spotlight, and the new focus has spurred at least one change in the process. On Friday, the Office of the Director of National Intelligence publicly announced the request -- following other declassified documents about the program -- and that it has been renewed (again) by the Foreign Intelligence Surveillance Court. As The Hill mentions, the NSA claims its analysts are only able to search through the collected data if there is "reasonable, articulable suspicion" a phone number is connected to terrorist activity. With analysts still able to paw through tons of our data this doesn't quite feel like the transparency promised, but even this small admission that it's happening highlights how things have changed.
Dropbox backs petitions to disclose exact national security request numbers
The call for greater US government transparency just got louder: Dropbox has filed a Foreign Intelligence Surveillance Court brief that endorses petitions to disclose exact national security request numbers. Much like LinkedIn, Dropbox believes that limiting disclosures to broad ranges hurts transparency by implying that smaller firms get as many requests as larger rivals. The ban on exact figures also violates a First Amendment right to publish specific information, according to the cloud storage provider. We likely won't know the effectiveness of the brief for some time -- or ever, if the court proceedings remain a secret -- but Dropbox can at least say that it made its case.
LinkedIn petitions court to provide more details regarding government data requests
It's not just the heaviest of the internet heavyweights pushing for greater government transparency. LinkedIn has filed its own petition with the US Foreign Intelligence Surveillance Court asking for the ability to publish the exact number of national security requests that it gets. The social network argues that restricting data request numbers to vague ranges is not only pointless, but misleading -- the figures imply that the government wants as much data from LinkedIn as it does from larger firms. There's no certainty that the court will grant the company's wish, but its petition adds volume to an increasingly louder chorus.
Google, Facebook and Yahoo petition court to disclose government data requests
It's not every day you see Google, Facebook and Yahoo aligned on a issue, but a push toward increased governmental transparency is just the sort of cause that'll put competing web companies on the same outraged page. All three noted today through their respective channels that they've filed petitions with the Foreign Intelligence Surveillance Court (FISC) to disclose the number of requests the government has issued for user data under national security statutes. Says Yahoo general counsel Ron Bell: We believe that the U.S. Government's important responsibility to protect public safety can be carried out without precluding Internet companies from sharing the number of national security requests they may receive.
Report: NSA used taxpayer dollars to cover PRISM compliance costs for tech companies
The mounting national debt? Yeah, you're probably better off just ignoring why exactly it's mounting. The Guardian is continuing the blow the lid off of the whole NSA / PRISM saga, today revealing new documents that detail how the NSA paid out "millions" of dollars to cover PRISM compliance costs for a multitude of monolithic tech outfits. As the story goes, the National Security Agency (hence, tax dollars from American taxpayers) coughed up millions "to cover the costs of major internet companies involved in the PRISM surveillance program after a court ruled that some of the agency's activities were unconstitutional." The likes of Yahoo, Google, Microsoft and Facebook are expressly named, and while Google is still angling for permission to reveal more about its side of the story, other firms have conflicting tales. For whatever it's worth, a Yahoo spokesperson seemed a-okay with the whole ordeal, casually noting that this type of behavior is perfectly legal: "Federal law requires the US government to reimburse providers for costs incurred to respond to compulsory legal process imposed by the government. We have requested reimbursement consistent with this law." Meanwhile, Facebook stated that it had "never received any compensation in connection with responding to a government data request." Microsoft, as you might imagine, declined to comment, though we heard that Steve Ballmer could be seen in the distance throwing up a peace sign. At any rate, it's fairly safe to assume that your worst nightmares are indeed a reality, and you may have a far more enjoyable weekend if you just accept the fact that The Man knows everything. Better, right?
Lavabit founder chafes under NSA scrutiny, speaks out against govermental privacy violations
Lavabit shut down its email services a couple weeks ago in response to governmental pressure regarding NSA whistleblower Edward Snowden's account. At the time, founder Ladar Levison stated he was shutting down Lavabit because he didn't want to "become complicit in crimes against the American people," but didn't expound upon what that statement meant due to a governmental gag order. The Guardian spoke with Levison recently, however, and while he still didn't deliver details about his legal dealings with Uncle Sam, he did share some thoughts about governmental surveillance in general. As you might expect, Levison is against ubiquitous governmental surveillance of communications between citizens. To that end, he's calling for a change to be made in US law so that private and secure communications services can operate without being used as "listening posts for an American surveillance network." He's not wholly against the feds tapping phone lines, though, as he recognizes the role such surveillance plays in law enforcement. However, he thinks the methods that are being used to conduct that surveillance should be made public -- not an unreasonable request, by any means. You can read Levison's full take on the matter, along with a recounting of reasons behind Lavabit's creation at the source below.
US government will declassify Yahoo documents and court decision by September
Earlier this month, the US government was put in the hot seat with regards to the Justice Department's 2008 battle with Yahoo over its request for user data. Yahoo fought the PRISM demand and ultimately lost; five years later, we're finally going to be able to see the court decision that's been kept under lock and key since then. The clock is ticking for the federal government, as the Foreign Intelligence Surveillance Court has set a September deadline for unveiling those classified documents. While this might be a victory for transparency, it's important to remember that declassification doesn't necessarily mean full disclosure. The government will still have the option to redact certain portions of text that it feels must remain classified. Considering its reticence to share the information in the first place, we can probably expect to see a liberal distribution of those pesky black rectangles.
Utah ISP breaks silence over government server installed on its network
When the government comes knocking on your door, you kind of have to cooperate with them or face the consequences. That's the situation Pete Ashdown, CEO of Utah ISP XMission, was faced with in 2010 after receiving a warrant under the Foreign Intelligence Service Act (FISA). The warrant, coming in at just three or four pages, was perfectly clear: install a rack-mount server on your network to track every last bit going in and out from one of your customers, and don't say anything to anyone about this. Ashdown's lawyer said the request was indeed legit, and the box stayed there for a little over half a year. So why talk about it now? Because Pete, like the rest of us, wants a bit of transparency, even if there's a risk the G-Men will come "come back and haunt" him.
Microsoft asks US Attorney General to intervene on security disclosures, denies assisting with NSA interceptions
Microsoft sits between a rock and a hard place when it comes to privacy -- it can't reveal more about FISA requests, but it's also accused of assisting with NSA eavesdropping. The company is trying to settle both matters today, starting with a call on the US Attorney General for help. Microsoft hasn't had a response to its June 19th request to publish aggregate security request data, and it wants the Attorney General to directly intervene by legalizing these disclosures. The government official hasn't publicly acknowledged the request so far, although we weren't expecting an immediate answer. At the same time, Microsoft is expanding its denials of The Guardian's recent reporting that it facilitates large-scale NSA snooping. Along with insisting once more that it only offers specific information in response to legal requests, the firm claims that its supposedly eavesdrop-friendly actions were innocuous. Microsoft was only moving Skype nodes in-house rather than simplifying the NSA's access to audio and video chats, for example. It's doubtful that the public position will completely reassure doubters given the veils of secrecy surrounding the NSA and its collaborators, but the crew in Redmond at least has a full statement on record.
US government to declassify Yahoo legal docs on FISA, secret court opinion
Yahoo had claimed that it fought against PRISM since 2008, and now it's about to land previously-secret court documents to prove it. A Foreign Intelligence Surveillance Court has ruled that the US Department of Justice must declassify the firm's legal briefs and the court's decision on the search giant's attempts to resist the government's request for user data. Uncle Sam has until July 29th to provide an estimate of how long the declassification will take, and the docs can still have classified portions redacted. As The Daily Dot notes, this is only the second known civilian victory in a Foreign Intelligence Surveillance Act (FISA) courtroom, and it follows a win by the EFF just a few days ago. Mayer and Co. still won't be able to outline exactly how many FISA data requests they've gotten, but we'll take any transparency from the federales we can get.
US reportedly uses security agreements to intercept data from undersea fiber optic lines
The US government has clear incentives to safeguard against internet attacks coming through undersea fiber optic lines, but the Washington Post now hears that they're stretching the law to make this happen. The newspaper claims that federal agencies push foreign fiber operators into Network Security Agreements that, while public, are used for eavesdropping that isn't covered under their terms. In the case of an old deal with Global Crossing, the telecom firm had to allow short-notice government visits and even keep top executives in the dark. The FCC reportedly serves as the bargaining chip, delaying cable licenses until providers agree to the terms. Government officials maintain that their surveillance is legal, although that's cold comfort -- the New York Times and Wall Street Journal both allege that the Foreign Intelligence Surveillance Court has reinterpreted laws to let the NSA collect more information than it would otherwise. [Image credit: JL Hopgood, Flickr]
Microsoft follows Google's lead, files request to reveal more data about FISA orders
The Wall Street Journal reports that in a move similar to Google's request last week, Microsoft has submitted a motion to the secret FISA court to authorize the release of "aggregate data" about the requests it has received. Microsoft published the information it has so far been authorized to reveal a couple of weeks ago, lumping in national security related requests with stats for other criminal warrants and subpoenas. Google and Twitter have been among the loudest requesting the ability to separate national security-related requests like those at the center of the PRISM controversy, however it's been reported that several companies are negotiating for the ability to be more specific.
EFF looks at rules controlling NSA surveillance, sees big risks for Americans
While The Guardian undoubtedly garnered attention when it posted court papers detailing data collection rules for the NSA, it also provided a lot of detail that isn't easy to digest. The Electronic Frontier Foundation is more than willing to break down those rules, however -- and it doesn't like what it sees. It's concerned that there are too many exceptions letting the NSA store and transmit private information, with little oversight preventing investigators from seeing more US data than they should. Allegedly, the rules could defy American rights to anonymous speech; they may also violate attorney-client privileges both inside and outside of the US. We have a hunch that the NSA might disagree with this interpretation of its authority, but you can see all the points of contention for yourself at the link below. [Image credit: David Drexler, Flickr]
The Daily Roundup for 06.18.2013
You might say the day is never really done in consumer technology news. Your workday, however, hopefully draws to a close at some point. This is the Daily Roundup on Engadget, a quick peek back at the top headlines for the past 24 hours -- all handpicked by the editors here at the site. Click on through the break, and enjoy.
Google challenges FISA court on government data requests, asks for ability to release more details
Google and other companies have already made general calls for more transparency in the wake of the PRISM revelations, and it looks like Mountain View is now escalating those requests to a court challenge. As The Washington Post reports, Google is asking the Foreign Intelligence Surveillance Court for some additional leeway with the government requests for data that it's able to disclose, and it's citing the First Amendment to make its case. In a statement provided to us (included in full after the break), a Google spokesperson says that the company is specifically asking the court to let it "publish aggregate numbers of national security requests, including FISA disclosures, separately," adding that "lumping national security requests together with criminal requests - as some companies have been permitted to do - would be a backward step for our users." That's in line with a statement Google made on Friday, which was echoed by Twitter, although there's no word yet on it or any other companies joining Google in the court challenge at this time.
FISA request roundup: Who has Uncle Sam asked to see your data, and how often?
As much as the federal government would like it to, the public outrage at the scope of its PRISM program has yet to die down, despite any good the program may have served in the interests of national and local security. The revelations made by Edward Snowden have cast a bright light on the powers granted our government by the Foreign Intelligence Surveillance Act (FISA), and many companies are taking the opportunity to push the feds to let them tell the public just how many governmental data requests are being made. Of course, no company can release exactly how many requests were made under FISA -- companies can only publish the number of total data requests, whether they be from the NSA, local law enforcement or elsewhere. Since so many of Silicon Valley's giants have been dishing our data to Uncle Sam on the sly, we figured we'd bring you all the numbers in one place. At the top of the request list is Yahoo, which received between 12-13,000 requests in the first six months of 2013. During that same time period, Apple received between 4-5,000 requests. Meanwhile, Google reported 8,438 requests between July and December of 2012, Facebook received between 9-10,000 and Microsoft was asked for its users data between 6-7,000 times. Prefer pictures to numbers? A colorful chart awaits after the break.
Yahoo discloses US government data request stats: over 12,000 in six months
Yahoo has just revealed just how many government requests for data it's received in the past six months, and it's beaten out Apple, Microsoft and Facebook. Marissa Mayer and General Counsel Ron Bell noted in a Tumblr post that the search giant received between 12,000 and 13,000 requests, "inclusive of criminal, Foreign Intelligence Surveillance Act (FISA), and other requests," between December 1st, 2012 and May 31st, 2013. According to Mayer and Bell, the majority of requests relate to "fraud, homicides, kidnappings, and other criminal investigations." Naturally, Yahoo notes that it can't specify how many FISA requests are in that figure due to their classified nature, but it "strongly urge(s) the federal government to reconsider its stance on this issue." Mayer and Co. also announced that their first "global law enforcement transparency report" will debut later in the summer, and will include data on the first half of 2013. It's not a one-time occurrence either -- the firm plans to update the dossier twice each year.
