September 2013

NSA Gathers Data on Social Connections of US Citizens

Since 2010, the National Security Agency has been exploiting its huge collections of data to create sophisticated graphs of some Americans’ social connections that can identify their associates, their locations at certain times, their traveling companions and other personal information, according to newly disclosed documents and interviews with officials.

The spy agency began allowing the analysis of phone call and e-mail logs in November 2010 to examine Americans’ networks of associations for foreign intelligence purposes after NSA officials lifted restrictions on the practice, according to documents provided by Edward J. Snowden, the former NSA contractor. The policy shift was intended to help the agency “discover and track” connections between intelligence targets overseas and people in the United States, according to an NSA memorandum from January 2011. The agency was authorized to conduct “large-scale graph analysis on very large sets of communications metadata without having to check foreignness” of every e-mail address, phone number or other identifier, the document said. Because of concerns about infringing on the privacy of American citizens, the computer analysis of such data had previously been permitted only for foreigners. The agency can augment the communications data with material from public, commercial and other sources, including bank codes, insurance information, Facebook profiles, passenger manifests, voter registration rolls and GPS location information, as well as property records and unspecified tax data, according to the documents.

US officials dodge questions on scope of surveillance

US officials declined to directly answer lawmakers’ questions about the full scope of the National Security Agency’s collection of Americans’ data, including whether it has ever sought to acquire large volumes of cellphone location information or other records.

NSA Director Keith Alexander dodged questions by a senior member of the Senate Intelligence Committee about whether the agency has ever tried to augment its broad collection of virtually all Americans’ phone-call records by gathering data that would indicate the callers’ locations. He noted that intelligence officials had given a classified answer to the question. “If you’re responding to my question by not answering it because you think it’s a classified matter, that is your right,” Sen. Ron Wyden (D-OR) told Gen Alexander at a hearing about the government’s intelligence-gathering programs. “We will continue to explore that,” Sen Wyden said, “because I believe this is something that the American people have a right to know — whether the NSA has ever collected or made plans to collect cell site information.” Questions by Wyden and Sen. Mark Udall (D-CO) suggested that the agency has at least sought if not won permission to expand its domestic collection activities beyond what has been publicly acknowledged.

US government given December deadline to unseal more NSA documents

A federal judge has ruled that the US government must unseal more documents related to the National Security Agency spying program by December 20. The news comes from an Electronic Frontier Foundation (EFF) press release after the organization found some recent success in its long-running Jewel v. NSA lawsuit. (The EFF initially filed suit in 2008 in response to Bush administration revelations about the existence of NSA spying programs.)

Which World Governments Are Most Likely to Snoop on Your Facebook?

Want to avoid the government prying into your Facebook? Then move to Barbados. There, tens of thousands of years will roll by before you even reach a 1 percent probability the Man will scoop private data from your account. That's according to an occasionally anxiety-provoking map of Facebook security created by Anselm Bradford, a digital-media lecturer (on leave) in New Zealand and a 2013 fellow at Code for America – mission, "to improve the relationships between citizens and government." This enlightening cartography will hardly make privacy advocates want to snuggle with the bureaucratic machine if they live in the United States, Italy, the United Kingdom, India, and Australia. These nations have the worst respective rates of governmental intrusion into Facebook accounts, to judge from the service's own admission.

NSA Internet Spying Sparks Race to Create Offshore Havens for Data Privacy

Three of Germany's largest email providers, including partly state-owned Deutsche Telekom, teamed up to offer a new service, Email Made in Germany. The companies promise that by encrypting email through German servers and hewing to the country's strict privacy laws, U.S. authorities won't easily be able to pry inside. More than a hundred thousand Germans have flocked to the service since it was rolled out in August. Fueled by the controversy, countries are seeking to use data-privacy laws as a competitive advantage—a way to boost domestic companies that long have sought an edge over Google, Microsoft and other US tech giants.

The Fault in Those Web Site Stars

[Commentary] Having consumers review restaurants, contractors or even doctors is a healthy concept. The problem, as New York’s attorney general, Eric Schneiderman, explained, is that some of those online reviews are fakes, written by people who are paid for them. And that, he said, is “worse than old-fashioned false advertising.”

He announced agreements with 19 companies to stop manufacturing fake reviews. The companies also agreed to pay a total of $350,000 in penalties. That is a good start. Still, the Web is a giant universe with whole galaxies of starred reviews, and despite efforts by Yelp and Google and others to filter out the fakers, it is hard to be sure which stars are real. In the end, consumers have to be wary of reviews with lots of exclamation points that sound too good to be true. They probably aren’t.

City’s Web Site is Redesigned for First Time in a Decade

NYC.gov was established in 2000, when Rudolph W. Giuliani was mayor, the city’s 311 services line did not exist and the first iPhone was seven years from distracting anybody. NYC.gov had plenty of text, an unglamorous warren of drop-down menus and a clunky search engine. Yet after a series of decidedly smartphone-age steps, including creating its own cloud computing network, the city unveiled a new NYC.gov— the site’s first redesign since 2003.

The redesign has been planned since 2011, when Mayor Michael Bloomberg included it among other goals for the city’s digital future. The city held a hackathon, during which programmers and designers brainstormed new looks for the site. It hired a Brooklyn firm, Huge Inc., to create the final design. Many of the changes are based on data on what the site’s 35 million annual unique visitors tend to look for — most commonly, information on parking, transit, garbage collection and school opening

For Journalists, More Firepower to Protect Sources and Secrets

[Commentary] The new guidelines at the Justice Department and some form of shield law will put more tools in the hands of journalists and their lawyers. I’ll root for anything that puts more speed bumps in the way the next time prosecutors want to simply roam around in the records of a news organization that stands between them and one of their targets.

No, Gmail’s ad-targeting isn’t wiretapping

[Commentary] A federal judge in California has ruled that Google may have committed wiretapping when it used the contents of e-mails to choose ads to display to its own customers. The poorly reasoned decision isn't just unfair to Google, it threatens to impose unpredictable legal liability on other online businesses. The plaintiffs' argument goes like this: When Google receives an e-mail on your behalf, it doesn't just deliver it to your inbox. It also "intercepts" the e-mail and "reads" it to scan for ads. That, in the plaintiffs' view, violates the wiretapping provisions of the Electronic Communication Privacy Act (ECPA). The plaintiffs should have lost right there.

To provide a useful e-mail service, Google needs to perform a number of complex operations on each e-mail a user receives. Google servers read e-mail headers to decide whom to deliver the e-mails to, scan e-mails for spam and viruses, index them to aid in searching, categorize them for its priority inbox feature, convert them to HTML for display in the user's browser, and, yes, scan them to help select ads to display next to each e-mail. If "reading" an e-mail for ad-serving purposes is "interception" under the wiretap act, those other functions could be illegal wiretapping, too. And that would create a huge headache for anyone who runs an e-mail service or social media site.

Julius Genachowski, telecoms and Internet expert

After Barack Obama’s successful presidential campaign in 2008, he asked Julius Genachowski to take over the Federal Communications Commission, which regulates the US telecommunications industry.

His stint at the FCC is widely regarded as a success. He is credited with transforming the organization to deal with 21st-century challenges. “We modernized it from an agency that had been focused on older communications technologies like broadcast television and we focused it on broadband,” he says. Among his initiatives was to produce a national broadband plan, an endeavor that he sees as crucial for any country hoping to take advantage of the explosion in smartphone and tablet use. The obstacles to expanding broadband access, though, were significant. Getting the legislation for the incentive auctions – planned to kick off next year – through a gridlocked Congress was in itself an achievement. “I worked as hard as I could to keep communications technology issues from becoming polarized and partisan, although polarization in the US does affect everything,” he says. “But the other advantage to the idea that we crafted was that it produced revenue for the US Treasury.” During his tenure, the US also pulled far ahead of Europe in terms of the implementation of 4G. But the success that possibly gained the most attention was his record on “net neutrality” – the principle that internet service providers should not give their own content preferential treatment.