David Kravets
Supreme Court asked to rule if cops need warrant for cell-site data
On May 11, the Supreme Court will meet privately to discuss the controversial privacy question of whether the authorities need a court warrant to force mobile phone companies to divulge their customers' cell site data. This data shows where you were (according to a cell tower) and when you made a call. This information can paint a canvas of one's whereabouts, yet it's not constitutionally protected material because it's viewed as an ordinary business record held by the telcos.
Courts have largely interpreted this to mean that the authorities can get the data without probable-cause court warrants. There are five cases on the high court's conference list in which cell-site data, obtained without a probable-cause warrant from a judge, was instrumental for the authorities to prosecute for armed robbery, drug running, and illegal possession of weapons. The defendants are asking the court to revisit the so-called third-party doctrine—a legal theory that allows authorities to obtain private information on people if that information is considered a normal business record voluntarily given to and held by a third party. In this case, the data is deemed a business record of the mobile phone companies, which are required to disclose it as part of government investigations.
FBI’s methods to spy on journalists should remain classified, judge rules
A federal judge is agreeing with the FBI's contention that publicly disclosing its methods on how it spies on journalists could hamper national security. A Freedom of Information Act lawsuit brought by the Freedom of the Press Foundation sought FBI procedures surrounding the agency's protocol when issuing National Security Letters (NSLs) against members of the media. Without a court warrant, an NSL allows the bureau to obtain "subscriber information and toll billing records information, or electronic communication transactional records" from third-party wire or electronic communication providers if such information is "relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities." The items withheld from the organization, according to US District Judge Haywood Gilliam, included "instructions for managing and conducting cyber investigations," the "instructions for investigating and charging members of the news media," an NSL "PowerPoint training presentation," and other materials in draft form.
Judge Gilliam, in deciding March 13 that the FBI does not have to disclose the information sought, ruled that the FBI "described with particularity that the withheld documents all contained non-public information about the FBI's investigative techniques and procedures. These pages not only identified NSLs as an investigative technique but also described information such as the circumstances under which the techniques should be used, how to analyze the information gathered through these techniques, and the current focus of the FBI's investigations."
US visitors may have to reveal social media passwords to enter country
US Department of Homeland Security Secretary John Kelly has informed Congress that the DHS is considering requiring refugees and visa applicants from seven Muslim-majority nations to hand over their social media credentials from Facebook and other sites as part of a security check. "We want to get on their social media, with passwords: What do you do, what do you say?" he told the House Committee on Homeland Security Feb 7.
US Supreme Court loaded with First Amendment cases
The First Amendment is being put to the test on multiple levels this term before the US Supreme Court.
The high court will hear cases about the right to trademark offensive names and whether merchants have a right to inform customers that a credit-card surcharge is actually a surcharge. Two cases involve the free exercise of religion clause of the First Amendment. The first is about whether Missouri breached that clause by supplying recycled tire material for playgrounds to public and secular schools, but not to religious schools. The court has already decided to hear the Missouri case, but it has not decided whether it will consider a request to revive a challenge to Utah's law against polygamy. That lawsuit claims the law is a violation of "religious liberty rights protected by the First Amendment." At this stage, however, the justices most likely could decide this case without actually having to weigh in on polygamy or the First Amendment.
In two weeks, it will be easier for Uncle Sam to search your computer
Beginning December 1, the US surveillance state will expand—all without a congressional vote. Earlier in 2016, a new Federal Rule of Criminal Procedure was amended after three years of study by an unelected advisory committee. It was signed by the US Supreme Court and allows judges to sign warrants to allow the authorities to hack into computers outside a judge's jurisdiction. Rule 41 also grants judges the power to use one warrant to search multiple computers anywhere instead of requiring warrants for each computer.
Absent the rule, federal judges may only authorize electronic searches within their own judicial district. While this may seem bureaucratic or like a technicality, in practice the new rule will have a big impact on investigating cybercrime, according to the Justice Department. Evidence has been suppressed in some child pornography prosecutions because a Virginia magistrate allowed the FBI to seize and operate the Tor-hidden site Playpen for 13 days. Investigators also deployed malware that disrupted Tor's privacy protections and revealed more than 1,000 true IP addresses, which led to 137 prosecutions nationwide. In a few of those prosecutions, judges tossed cases because of the jurisdiction rule that Rule 41 now cures.
George Orwell never dreamed of advertising as invasive as Yahoo’s proposal
Yahoo wants to take advertising to the next level—that is, the Orwellian level—bombarding people in public places with targeted advertising served up by the surveillance society. That's according to a Yahoo patent application recently published by the US Patent and Trademark Office.
According to Yahoo, the time has come to move outdoor and public-facing advertising into the digital age—and get there by deploying more intrusive techniques than how it's now done online. Introducing "Smart Billboards," as Yahoo calls them. These digital billboards—which Yahoo envisions being placed along freeways and in bars, airports, planes, ferries, buses, trains, and other public spaces—might rely on video cameras, satellites, drones, microphones, motion detectors, and "biometric sensors" such as fingerprint, retinal, and facial recognition devices. Combined, these "sensor systems," as Yahoo calls them, analyze their surroundings to determine a common theme to serve up ads, in what Yahoo describes as "grouplization." Yahoo's patent proposal notes that "the sources of data and information that may be used to enable the techniques described herein are virtually limitless." Taken together, this real-time collected information generates an "aggregate audience profile," and ads are promptly served.
Verizon technician sold calling, location data for thousands of dollars
An Alabama man who worked as a Verizon Wireless technician has agreed to plead guilty to a federal hacking charge in connection to his illegal use of the company's computers to acquire customer calling and location data. The man, Daniel Eugene Traeger, faces a maximum five years in prison in October. He admitted that he sold customer data—from 2009 to 2014—to a private investigator whom the authorities have not named.
According to the man's signed plea deal, "At some point in 2009, the Defendant met a private investigator ("the PI") who wanted to buy Verizon customer information from the Defendant. The Defendant accepted the PI's offer. The defendant used Verizon computer systems and facilities to access customer call records and customer location data that he knew he was not authorized to access, and provided that information to the PI even though the Defendant knew that he was not authorized to provide it to a third party. The Defendant accessed customer call records by logging into Verizon's MARS system. The Defendant then compiled the data in spreadsheets, which the Defendant provided to the PI, including by e-mail. The Defendant accessed customer location data using a Verizon system called Real Time Tool. Using RTT, the Defendant "pinged" cellular telephones on Verizon's network and provided location data for those telephones to the PI." The plea agreement said that Traeger began making $50 monthly in 2009, when he sold two records a month. By mid-2013, he was earning $750 each month by selling 10 to 15 records. In all, the plea deal says he made more than $10,000 over a five-year period.
The most absurd Internet privacy class-action settlement ever
In 2013, Yahoo announced that it would begin scanning its users' e-mail for targeted advertising purposes—just as Google does. As is par for the course, class-action lawsuits were filed. The Silicon Valley media giant, according to one of the lawsuits, was violating the "personal liberties" of non-Yahoo Mail users. That's because non-Yahoo Mail users, who have sent mail to Yahoo mail users, were having their e-mail scanned without their permission. The suit, which was one of six that were co-mingled as a single class action, demanded that a judge halt the scanning and award each victim "$5,000 or three times actual damages" in addition to "reasonable attorneys' fees and costs."
Fast forward three years. The case is now closed. Days ago, a Silicon Valley federal judge signed off on a settlement. The lawyers won, they were awarded $4 million (£3 million), and the public got nothing. What's more, the settlement allows Yahoo to continue to scan e-mails without non-Yahoo users' consent. (Yahoo Mail customers have granted consent to the scanning as a condition of using the service.) The major change the lawsuit produced was that Yahoo is agreeing to scan the e-mail while it's at rest on its servers instead of while the mail is in transit. This, according to the settlement, satisfies the California Invasion of Privacy Act (CIPA) claims. The deal spells out that Yahoo only has to do this for three years, but Yahoo said it would continue with the new scanning protocol after the three years expire.
DOJ lawyer who leaked Bush spy program is censured for ethics failure
The Justice Department lawyer who disclosed the secret and warrantless surveillance program then-President George W. Bush adopted in the immediate aftermath of the Sept.11 terror attacks was publicly censured Aug 25 by a federal appeals court for breaching legal ethics. As a Lawyer for the Justice Department's Intelligence Policy and Review unit, Thomas Tamm violated professional conduct rules for disclosing to The New York Times "confidences" and "secrets," the US Court of Appeals for the District of Columbia Circuit concluded. As part of his Justice Department duties, Tamm was tasked with requesting electronic surveillance warrants from the secret Foreign Intelligence Surveillance Court. The District of Columbia Court of Appeals Board of Professional Responsibility said Tamm became aware in 2004 that certain applications to that FISA Court for national security surveillance authority "were given special treatment" and he leaked details of the program to the newspaper.
Lawmakers grill Attorney General Lynch over Clinton e-mails, get few answers
Republican Reps grilled Attorney General Loretta Lynch over why she chose not to prosecute Democratic presidential candidate Hillary Clinton for sending classified data through her private e-mail server when she was Secretary of State. But the Obama appointee refused to answer, saying it would be "inappropriate" to respond to lawmakers' repeated questions. "While I understand that this investigation has generated significant public interest, as attorney general, it would be inappropriate for me to comment further on the underlying facts of the investigation or the legal basis for the team’s recommendation,” Attorney General Lynch told the House Judiciary Committee's Subcommittee on the Constitution and Civil Justice.
Halfway through the more than two-hour hearing, Committee Chairman Bob Goodlatte (R-VA) said that the Attorney General's refusal to prosecute and answer questions was an "abdication of your responsibility." Before that, he said Attorney General Lynch's decision not to prosecute "defies logic and the law." "Were a rank-and-file federal employee to do what Secretary Clinton did, they would face severe punishment, including termination, revocation of security clearances, or criminal prosecution," Chairman Goodlatte said. Chairman Goodlatte said that Clinton's "extreme carelessness" likely jeopardized the nation's security and that, if Clinton is elected president, "she cannot be trusted with the nation's most sensitive secrets." Attorney General Lynch told the committee that "all the relevant facts were considered and investigated thoroughly" before she accepted the recommendation last week by FBI Director James Comey not to prosecute.