lawenforcement
Latest
Here's what Apple does when US law enforcement wants your data
Apple insists that the US government doesn't have backdoor access to its data (despite signs to the contrary). So what happens when law enforcement comes knocking at the company's door, then? We have a fairly good idea as of this week. The company has published guidelines showing just what data it can provide to the authorities and the legal steps needed to get that information. As a rule, Apple can hand over anything from iCloud and its stores as long as there's a proper court order, subpoena or warrant. It can also pull call records, contacts, text messages and media from locked iOS devices sent to its headquarters in Cupertino, although calendars, email and third-party apps are off-limits.
Investigator worries that UK authorities may be misusing surveillance powers
If you've ever argued that the British government is a little too nosy, you'll be glad to hear that there's some fresh evidence to back up your claims. The Interception of Communications Commissioner has published a report noting that UK police and other government agencies made 514,608 requests for communication data in 2013 -- a rather hefty number that may be "too many." The official isn't reaching conclusions just yet (there were more requests in 2012), but he's conducting an inquiry to make sure there isn't a "significant institutional overuse" of surveillance demands.
AT&T echoes Verizon with plans to publish reports on law enforcement data requests
Sometimes, peer pressure can be a beautiful thing. Just hours after Verizon said it would start publishing transparency reports, AT&T has followed suit with plans of its own. Big Blue will largely mirror its rival's moves and publish a semi-annual internet report that breaks down law enforcement requests by type, such as court orders. The initial study, due in early 2014, will summarize the telecom provider's 2013 data. We'd note that AT&T is reversing its attitude from just days earlier, when it was hostile toward shareholders that wanted a similar level of accountability. Still, we don't mind the contradiction if it brings more government surveillance activity to light -- even if it doesn't address thornier issues like warrantless wiretapping.
Verizon to publish regular reports on government data requests
Numerous tech giants have been eager to publish what they can about government data requests, but telecoms haven't been so forthcoming. Verizon is breaking some ground, though, with plans to publish semi-annual transparency reports starting in early 2014. While the reports will mostly reflect information that the carrier has already been publishing in some form, the data will be more accessible and consistent than before. Much like Google, Verizon plans to break down requests by type, such as court orders and warrants. It's also asking the government if it can be more precise with the number of National Security Letters it received last year. Although it's doubtful that the reports will reveal everything that the public would like to know, they represent a big step forward for a communications industry that many believe is too eager to cooperate with government eavesdroppers.
Microsoft outlines 66,539 account requests from law enforcement during first half of 2013
We've covered various transparency reports before, but now the whole notion takes on a different feel in our post-PRISM world. Microsoft's latest report details that it received 37,196 requests from law enforcement agencies between this January and June, which impacted 66,539 of its accounts. Seventy-seven percent of those requests were for data like a user's name, IP history and billing address, and with 21 percent of requests, no data was disclosed at all. However, in 2.19 percent of queries by law enforcement, Redmond disclosed "at least some" customer content. What does that mean? Well, the company's definition includes the subject or body of an email, photos stored in SkyDrive and address book info. According to the document, the info was all obtained via lawful warrants and court orders. While National Security Letters also fall under the guise of law enforcement requests -- which primarily come from the FBI in order to obtain records such as phone numbers and email addresses -- Microsoft is only allowed to publish these statistics on an annual basis. Hence, they're absent this time around, and will be published in the company's next Law Enforcement Requests Report. To see just how deep the rabbit hole goes, do check out the source. We suggest putting on a pot of coffee, though -- it's not a quick read.
FBI turning to private sector to hack phones, exploit unknown security holes
Thanks to the NSA PRISM revelations we've all lost our innocence about government cyber-spying, but how far down that rabbit-hole has law-enforcement gone? Revelations from the Def Con hacking conference in Las Vegas show that such tactics are old hat for another US anti-crime department: the FBI. For instance, one ex-official said that the bureau's analysts (shown above) can routinely turn on the microphones in laptops and Android devices to record conversations without a person's knowledge. On top of such in-house expertise, a private sector cottage industry has sprung up around cyber surveillance, marketing programs that can also hack handheld devices and PCs. One company even markets "zero day" bugging software that exploits unknown security holes -- meaning crime lords can't just patch their browsers to avoid detection. [Image credit: Wikimedia Commons]
EU toughens penalties for internet-based crimes
Virtual crime can lead to very real damage, and the European Parliament knows this well enough to have just issued a draft directive toughening up the EU's penalties for internet-based violations. Get caught running a botnet and you'll face a minimum of three years in prison; dare to attack critical infrastructure and you may spend five years behind bars. Don't think of hiring someone for corporate espionage, either -- the directive makes whole companies liable for online offenses committed in their name. EU nations will have two years to adopt the directive as law, although an existing, unofficial agreement suggests that at least some countries won't wait that long to enforce the new rules.
Google, Twitter push to reveal number of national security related requests separately
While Microsoft and Facebook have both published information tonight about how many requests for customer info the government made over a six month period, Google and Twitter are apparently hoping to take a different route. As Google told AllThingsD and Twitter legal director Benjamin Lee tweeted, "it's important to be able to publish numbers of national security requests-including FISA disclosures-separately." Google went further, claiming that lumping the number of National Security Letters together with criminal requests would be a "step backwards." Clearly this post-PRISM revelations battle for more transparency on just what the government is doing behind the scenes isn't over, we'll let you know if any of the parties involved have more information to share.
Daily Update for May 10, 2013
It's the TUAW Daily Update, your source for Apple news in a convenient audio format. You'll get all the top Apple stories of the day in three to five minutes for a quick review of what's happening in the Apple world. You can listen to today's Apple stories by clicking the inline player (requires Flash) or the non-Flash link below. To subscribe to the podcast for daily listening through iTunes, click here. No Flash? Click here to listen. Subscribe via RSS
Microsoft posts its first Law Enforcement Requests Report, shows US-centric scrutiny
Civil liberty advocates have had access to Google's Transparency Report and a handful of equivalents to understand just how frequently governments want our data. But what if we spend most of our time in Outlook.com, Skype or Xbox Live? Microsoft wants to show that it's equally concerned, and it's accordingly publishing its first-ever Law Enforcement Requests Report to reveal just how much attention the police gave to our information in 2012. The gist? While there were 75,378 international requests, 99 percent of the 1,558 actual content disclosures went straight to American agencies -- thankfully, with court warrants. Microsoft did get its fair share of FBI National Security Letter requests, although those may be short-lived. Different Microsoft services also received different levels of attention: Skype handed over certain account details but no actual content, while enterprise users were virtually untouched from Microsoft's position. The company plans to keep publishing these reports in the future, which should give us a better long-term sense of just how we're put under the microscope.
Connected To The Case to use Facebook for crowd-sourced crime solving
Ready the spandex and decide on a name for your alter ego, because come October 16th, you'll have the chance to fight crime from the comfort of your computer. On that date, the "Connected To The Case" website goes live with the aim of crowd-sourcing tips from its users to help the cops solve active investigations. You'll use your Facebook login for access, as the service pulls data from your profile to prioritize cases with which you might have a connection. Morgan Wright, CEO and Chief Crime Fighter of Crowd Sourced Investigations, told us its system looks at five key areas when digging for pertinent triggers: "date, location, time, relation and demographics." It then uses that data to tailor notifications of unsolved crimes based on -- for example -- proximity to your school, or where you used to work. Rest assured that you control the privacy settings, and if you've got useful info to share, you can do so anonymously. Law enforcement agencies can register to include their cases from today, with the initial roll-out targeting the US. The plan is to expand first to other English-speaking countries, with foreign language support in the future to build a global network of internet do-gooders. Including data from other social networks is also in the pipeline, starting with Twitter and later, Foursquare and Pinterest. A smartphone app is also on the agenda, so get your detective devices ready -- we can be heroes, if just for one click.
Judge rules Facebook users can share friends' profiles with the feds
It's not the backdoor access that the FBI has been pushing for, but US District Judge William Pauley III has now ruled that it and other law enforcement agencies are entitled to view your Facebook profile if one of your "friends" gives them permission to do so. As GigaOm reports, that ruling comes as part of a New York City racketeering trial, in which one of the accused, Melvin Colon, had tried to suppress evidence turned up on Facebook that led to his indictment. That information was obtained through an informant who gave investigators access to the profile, something that Colon had argued violated his rights against unreasonable searches and seizures under the Fourth Amendment. In the ruling, Judge Pauley dismissed that claim, likening the Facebook access instead to a phone wiretap in which one person on the call allows the government to monitor it -- a practice that has been ruled constitutional. GigaOm also has the ruling in its entirety at the source link below for those interested.
PlayBook Mobile Responder app puts police tools in a finger-friendly package
The PlayBook may not have taken off in the consumer market, but its enterprise-friendly features may help it find a home elsewhere -- especially now that it's packing a speedy 4G radio. Fresh on the heels of the LTE edition hitting Canadian shores, Intergraph has unveiled its Mobile Responder app that turns RIM's slate into a formidable tool for police and other emergency responders. The app taps into the company's Computer Aided Dispatch system, which pulls in data from police databases, keeps dispatch centers just a tap away and allows the immediate filing of incident reports. The suite is getting its first public demo next week at the Canadian Association of Chiefs of Police Conference in Nova Scotia. For more, check out the PR after the break.
Sheriff's department streamlines traffic citation process with iOS devices
The next time you're caught speeding in St. John the Baptist Parish in Louisiana, don't be surprised if the sheriff uses an iPad or iPhone to write your ticket. The Sheriff's Office in this parish about 30 miles west of New Orleans is using a ticketing solution developed by Zerion Software on their iFormBuilder platform for iOS. The idea behind the system is to allow law enforcement officers to enter data directly onto an iPad, iPhone or iPod touch while they're talking with drivers. They won't have to return to their vehicles to enter the information into a dashboard-mounted computer, thus saving time. Data entry errors are expected to fall as well thanks to the use of a Socket Mobile barcode scanner to capture driver's license and vehicle information. The ticket is printed on a Zebra mobile printer and given to the errant driver. The citation info is sent to a server for storage and processing, or held for later transfer if the device is offline. There's no word on whether the devices will be pre-loaded with Angry Birds for those long traffic stakeouts, or use Siri to find local donut shops.
Authorities decrypt laptop without defendant's help, Fifth Amendment need not apply
Constitutional junkies have had their eyes on Colorado for awhile now, because a federal judge there ordered a woman to decrypt her hard drive in a criminal trial. This, despite her cries that doing so would violate her Fifth Amendment right to be free from self-incrimination. The argument is now moot, as authorities have managed to access the laptop's data without any aid from the defendant, thereby obviating any Constitutional conundrums. Who knows if the feds found the evidence of bank-fraud they were looking for, or whether it was brute force or a lucky guess that did the trick, but at least we can say it's the last of the laptop-related Fifth Amendment court cases for awhile, right?
Court upholds Fifth Amendment, prevents forced decryption of data
When our forefathers were amending the constitution for the fifth time, they probably didn't have TrueCrypt-locked hard drives in mind. However, a ruling from the 11th Circuit Appeals Court has upheld the right of an anonymous testifier to not forcibly decrypt their data. The case relates to a Jon Doe giving evidence in exchange for immunity. The protection afforded to them under this case wouldn't extend to any other incriminating data that might be found, and as such Doe felt this could lead to violation of the fifth amendment. The validity of the prosecution's demands for the data decryption lies in what they already know, and how they knew it -- to prevent acting on hopeful hunches. The prosecutors were unable to demonstrate any knowledge of the data in question, leading the 11th Circuit to deem the request unlawful, adding that the immunity should have extended beyond just the current case. This isn't the first time we've seen this part of the constitution under the digital spotlight, and we're betting it won't be the last, either.
Taser's on-officer cameras catch you in the act, right to remain silent imperative
Taser International has released an update to its on-officer system, the AXON Flex. The new rig provides law enforcement officials with body-mounted cameras that capture video evidence "from the officer's perspective." These recording devices can be affixed to the hat, collar, shoulder or on specially designed Oakley shades and are ruggedized to IPX2 standards. That's all well and good, but what really gives this setup nerd-cred is what can be done with the captured video. Through a partnership with evidence.com, the Flex system can send footage to a "military grade" cloud-based storage system for safe keeping; there is also an on-site storage option for IT-savvy forces. As if that weren't enough, Taser and Looxcie have co-developed a smartphone app -- available for iOS or Android -- that will allow officers to review captured clips and add GPS coordinates, notes or timestamps. The system's goal is to protect officers from "false claims, enhance public trust [and] decrease litigation." AXON Flex is set to be released in Q1 and will have a base price of around $700. Don't tase film me, bro.
Hawaii's online tracking law is all but dead, lead sponsor confirms
The Hawaii state legislature has apparently pulled an about face on a proposed internet tracking bill, amid swelling concerns from civil libertarians and internet service providers alike. First introduced last week, the controversial measure calls for all ISPs to track and record a user's online activity and identity within individual digital dossiers. The law's supporters trumpeted it as a vital step in protecting "victims of crime," but its momentum has all but come to a halt, now that its lead champion has proclaimed its death. In a recent interview with CNET, Democratic Representative John Mizuno (pictured left) confirmed that his bill has been shelved, attributing the decision to the avalanche of critical feedback he's received (see the coverage links, below). "It's generated a lot of national attention," Mizuno explained. "I've taken into consideration the thousands of e-mails (which were often) colorful and passionate, which is absolutely fine... This bill just isn't ready. It needs a lot of work." Unfortunately, this doesn't mean spell an outright death for the law, as Mizuno still believes that keeping a record of browsing history could help authorities hunt down pedophiles and other evil doers. "I think both would be very strong pieces of evidence if there's going to be a criminal proceeding," he argued. Despite our own fundamental misgivings with Mizuno's approach, it's still encouraging to see politicians respond to public outcry so swiftly and, as with the SOPA debacle, appropriately.
AR goggles take crime scene technology to CSI: Miami level
Dutch researchers are looking to catapult crime scene investigation into the 21st century through the use of augmented reality (AR). The prototype system, designed by the Delft University of Technology, employs a pair of AR goggles, two head-mounted cameras and a portable laptop rig to allow investigators to build virtual crime scenes by tagging evidence and placing objects they are viewing. After mapping an area, additional law enforcement personnel can review the investigator's work and request additional information -- asking the CSI to define or place additional objects. Researchers hope that the 3D renders will be used as court-admissible evidence in the near future; the technology is set to be tried on a real Dutch crime scene later this year. We can see it now: Lieutenant Horatio Caine whips off his shades and tosses on a pair of (equally stylish) crime-fighting goggles... YEAAAAAAAAH!
Judge forces defendant to decrypt laptop, fuels debate over Fifth Amendment rights
A judge in Colorado yesterday ordered a defendant to decrypt her laptop's hard drive at the prosecution's request, adding new fire to the ongoing debate surrounding consumer technology and the Fifth Amendment. The defendant, Ramona Fricosu, is facing charges of bank fraud, stemming from a federal investigation launched in 2010. As part of this investigation, federal authorities used a search warrant to seize her Toshiba Satellite M305 laptop. Fricosu's legal team had previously refused to decrypt the computer, on the grounds that doing so would violate her Fifth Amendment rights to avoid self-incrimination. On Monday, though, US District Judge Robert Blackburn ruled against the defendant, arguing that the prosecution retained the right to access her device, as stipulated under the All Writs Act -- a law that requires mobile operators to comply with federal surveillance."I conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer," Blackburn wrote, adding that there was strong evidence to suggest that Fricosu's computer contained information pertinent to the case. Fricosu's lawyer, Phil Dubois, is hoping to obtain a stay on the ruling, in the hopes of taking the case to an appeals court. "I think it's a matter of national importance," Dubois explained. "It should not be treated as though it's just another day in Fourth Amendment litigation." It remains to be seen whether Dubois succeeds in his appeal, though civil libertarians are already paying close attention to the case, since the US Supreme Court has yet to weigh in on the matter.
