Guardian, The

Vodafone, one of the world's largest mobile phone groups, has revealed the existence of secret wires that allow government agencies to listen to all conversations on its networks, saying they are widely used in some of the 29 countries in which it operates in Europe and beyond.

The company has broken its silence on government surveillance in order to push back against the increasingly widespread use of phone and broadband networks to spy on citizens, and will publish its first Law Enforcement Disclosure Report on June 6, 2014. At 40,000 words, it is the most comprehensive survey yet of how governments monitor the conversations and whereabouts of their people.

The company said wires had been connected directly to its network and those of other telecoms groups, allowing agencies to listen to or record live conversations and, in certain cases, track the whereabouts of a customer. Privacy campaigners said the revelations were a "nightmare scenario" that confirmed their worst fears on the extent of snooping.

In May 2013, it looked as though privacy advocates had scored a tenuous victory against the widespread surveillance practices exposed by Edward Snowden a year ago. Then came a resurgent intelligence community, armed with pens, and dry, legislative language.

During several protracted sessions in secure rooms in the Capitol, intelligence veterans, often backed by the congressional leadership, sparred with House aides to abridge privacy and transparency provisions contained in the first bill rolling back National Security Agency spying powers in more than three decades.

The episode shows the lengths to which the architects and advocates of bulk surveillance have gone to preserve their authorities in the time since the Guardian, 12 months ago, began disclosing the scope of NSA data collection. That resistance to change, aided by the power and trust enjoyed by the NSA on Capitol Hill, helps explain why most NSA powers remain intact a year after the largest leak in the agency's history.

"This is not how American democracy is supposed to work," said Congresswoman Zoe Lofgren (D-CA), who had supported the bill but ultimately voted against it.

Senior leaders at the agency say that Snowden thrust them into a new era. James Clapper, the director of US national intelligence, said the intelligence agencies need to grant a greater degree of transparency or risk losing public confidence permanently. But exactly one year on, the agency, under public pressure, has divested itself of exactly one activity, the bulk collection of US phone data.

Yet while the NSA will not itself continue to gather the data directly, the major post-Snowden legislative fix grants the agency wide berth in accessing and searching large volumes of phone records, and even wider latitude in collecting other kinds of data. There are no other mandated reforms. President Barack Obama in January added restrictions on the dissemination of non-Americans' "personal information", but that has not been codified in law.

The coalition of large Internet firms demanding greater safeguards around their customers’ email, browsing and search histories have received nothing from the government for their effort.

A recent move to block the NSA from undermining commercial encryption and amassing a library of software vulnerabilities never received a legislative hearing. While there have also been significant commercial changes brought by companies that fear the revelations imperiling their businesses -- Google's Gmail service broadened its use of encryption, will soon present end-to-end encryption for its Chrome browser; and after the Washington Post revealed that the NSA intercepts data transiting between Google and Yahoo storage centers, Google expanded encryption for Gmail data flowing across the Internet and Yahoo implemented default email encryption -- the bitterest disappointment has been the diminished ambitions for surveillance reform contained in the USA Freedom Act.

"That," Jameel Jaffer, the ACLU’s deputy legal director, said, "was a very frustrating process for us."

The UK government has said it wants to hand out life sentences to anyone found guilty of a cyberattack that has a catastrophic effect, under plans announced in the Queen's speech.

Any hackers that manage to carry out "cyberattacks which result in loss of life, serious illness or injury or serious damage to national security, or a significant risk thereof" would face the full life sentence, according to the serious crime bill proposed in the Queen's speech.

As well as targeting cyberterrorists, the new offence in the proposed update to the Computer Misuse Act 1990 would also hand harsher sentences to those hackers carrying out industrial espionage, believed to be a growing menace affecting UK business. The law would have a maximum sentence of 14 years for attacks that create "a significant risk of severe economic or environmental damage or social disruption". Currently, the section of the CMA covering such an offence carries a 10-year sentence.

Jim Killock, executive director of the Open Rights Group, said the bill would be difficult to justify, given current laws already carry punishments for those who carry out significant acts of terrorism, whether via computers or other means. "If a supposed cyberterrorist endangers life or property, there are existing laws that can be used to prosecute them," Killock said.

Such acts have "only been seen in Hollywood movies", said Mustafa Al-Bassam, a computer science student who was convicted under the CMA for his participation in cyberattacks on companies as part of the hacktivist collective LulzSec.

The government has also not addressed complaints over the application of current computer crime law, which some in the security industry claim actually makes the Internet less safe.

The US Federal Communications Commission website reported technical difficulties because of heavy traffic hours after comedian John Oliver called on viewers to share their thoughts with the agency about what he called “cable company fuckery.”

“We need you to get out and, for once in your lives, focus your indiscriminate rage in a useful direction,” Oliver said. “Seize your moment my lovely trolls, turn on caps lock, and fly my pretties, fly, fly!”

And, it would appear, they did. Just after the segment aired on HBO, Last Week Tonight, and its fans, said the FCC comment feature was not working. The FCC confirmed that its system was experiencing technical difficulties because of heavy traffic, after Oliver's video was posted and widely shared online.

The next day, it had been viewed nearly 800,000 times. More than 47,000 public comments have been filed on the proposal in the past thirty days. One comment blasted "cable company fuckery," using Oliver's line. Another user cited a claim made by Oliver on the show: "It is embarrassing that Estonia has higher download speeds at lower prices than the USA." One profanity-ridden post concluded with: "John Oliver told me to do this."

Some of the world's largest websites are planning a coordinated day of action to oppose mass surveillance online. The sites, which include Reddit, Imgur and BoingBoing, will be taking part in the campaign, called "Reset the Net", in a number of ways.

Some will showing a splash screen to all users, reminiscent of the one used in the successful protests against Stop Online Privacy Act, or SOPA, the US copyright bill which many feared would damage the backbone of the Internet.

But rather than telling users to write to their electoral representatives, this protest will push more direct action, encouraging visitors to install privacy and encryption tools. Other sites have committed to improving their own privacy as part of the campaign, by enabling standards such as HTTPS, which prevents attackers from eavesdropping on visitors.

Such security standards are common in the world of ecommerce, but rarer for sites which don't think of themselves as holding sensitive information.

The campaign is being co-ordinated by Fight for the Future, whose co-founder Tiffiniy Cheng said "Now that we know how mass surveillance works, we know how to stop it. That’s why people all over the world are going to work together to use encryption everywhere and make it too hard for any government to conduct mass surveillance.

[Commentary] Edward Snowden has revealed problems for which we need solutions. The vast surveillance-industrial state that has grown up since 2001 could not have been constructed without government contractors and the data-mining industry. Both are part of a larger ecological crisis brought on by industrial overreaching.

We have failed to grasp the nature of this crisis because we have misunderstood the nature of privacy. Businesses have sought to profit from our confusion, and governments have taken further advantage of it, threatening the survival of democracy itself. The real problem is that we are losing the anonymity of reading, for which nobody has contracted at all.

We have lost the ability to read anonymously, but the loss is concealed from us because of the way we built the web. We gave people programs called "browsers" that everyone could use, but we made programs called "web servers" that only geeks could use log.

In particular, the anonymity of reading is broken by the collection of metadata. Without anonymity in reading there is no freedom of the mind. Indeed, there is literally slavery.

Our politics can't wait. Not in the US, where the war must end. Not around the world, where people must demand that governments fulfil the basic obligation to protect their security.

[Moglen is professor of law and legal history at Columbia University, and is founder, director-counsel and chairman of Software Freedom Law Centre]

[Commentary] A last-minute change to the National Security Agency reform bill making its way through Congress, as reported by the Guardian, may minimize one of the greatest dangers of the program.

Or it may make things far worse! Even though you may not talk to terrorists, you and a suspected terrorist may both use FedEx, so you still might have your most intimate relationships exposed to NSA’s analysis.

Right now, the NSA tries to minimize the number of innocent people whose call records get sucked up in queries by taking those voicemail and cable provider numbers out of the database. The new language in the USA Freedom Act would “require the prompt destruction of all call detail records” turned over by the telecoms “that the Government determines are not foreign intelligence information.”

If the NSA thinks you have interesting friends and relatives in China or Russia or anywhere else, it might keep your data. If it thinks you have ties to the drug trade, it might keep your data. If you work for an interesting foreign-owned company, it might keep the data. Plus, what process is the NSA going to use to decide if your phone number -- after all, it’s just a number, without a name -- is “foreign intelligence information” or not?

The NSA has to conduct some seriously intrusive analysis just to determine if your phone number amounts to foreign intelligence information! So to learn enough about your phone number to decide to destroy it, the NSA probably has to do intrusive searches on your number.

[Commentary] In a secured room beneath the US Capitol, legislative aides working to finalize a bill intended to constrain the National Security Agency attempted to out-think a battery of lawyers working for the Obama Administration and the intelligence services.

The NSA, its credibility hurt by whistleblower Edward Snowden’s disclosures, is trying to reassure its overseers that it will abide by new congressional action, even as its advocates labor to shape the bill to its liking. But the agency's post-9/11 history has left the architects and advocates of the bill concerned about the ways in which it might once again reinterpret a law intended to restrain it into one allowing it more surveillance leeway than congressional architects intend.

Recent meetings between Hill aides and administration and intelligence lawyers yielded a sense of the legal reasoning likely to result if the USA Freedom Act becomes law. The NSA thinks it has not earned the public’s suspicion and has sought to assuage it since the Snowden disclosures. Its battalions of lawyers are preoccupied with restraining surveillance, veterans say, far more than they are with expanding the frontiers of the law. Still, congressional testimony has suggested that the agency will be reluctant to let legislation aimed at restricting surveillance have the final word.

[Commentary] In two significant but almost-completely overlooked legal briefs, the US government defended the constitutionality of the Foreign Intelligence Security Amendments Act, the controversial 2008 law that codified the Bush Administration's warrantless-wiretapping program.

That law permits the government to monitor Americans' international communications without first obtaining individualized court orders or establishing any suspicion of wrongdoing.

It's hardly surprising that the government believes the 2008 law is constitutional -- government officials advocated for its passage in 2008, and they have been vigorously defending the law ever since. Documents made public over the last eleven-and-a-half months by the Guardian and others show that the National Security Agency has been using the law aggressively. What's surprising -- even remarkable -- is what the government says on the way to its conclusion. It says, in essence, that the Constitution is utterly indifferent to the NSA's large-scale surveillance of Americans' international telephone calls.

The government also argues that Americans' privacy rights are further diminished in this context because the NSA has a "paramount" interest in examining information that crosses international borders. And, apparently contemplating a kind of race to the bottom in global privacy rights, the government even argues that Americans can't reasonably expect that their international communications will be private from the NSA when the intelligence services of so many other countries -- the government doesn't name them -- might be monitoring those communications, too.

Reform is urgently necessary, and years overdue, but this imperfect legislation would leave some of the government's most sweeping authorities intact -- and to a large extent it would leave the privacy rights, of Americans and non-Americans alike, to the mercy of the NSA. The US Congress should pass the USA Freedom Act, but this legislation must be the beginning of reform, not the end.

[Jaffer is deputy legal director at the American Civil Liberties Union and director of the ACLU's Center for Democracy]

[Commentary] The US Supreme Court arguments involved a seemingly basic legal question about the future of the Fourth Amendment: do police officers need a warrant to search the cellphone of a person they arrest?

But the two privacy cases pit against each other two very different conceptions of what it means to be a supreme court in the first place -- and what it means to do constitutional law in the 21st century.

"With computers, it's a new world," several justices reportedly said in the chamber. Are they ready to be the kinds of justices who make sense of it? Cellphones expose so much of our most personal data that the decision should be a 9-0 no-brainer.

The basic problem that makes it a harder call is that lawyers and judges are by training and habit incrementalists, while information and communications technology moves too fast for incrementalism to keep up. But this kind of narrow legalism simply cannot do when the world is changing as rapidly as it is today: all narrow analogies will systematically fail to preserve the values they did five or ten years ago, especially when we're walking around with all the metadata coming out of the bank/medical monitor/full-on GPS trackers in our pockets.

The world is changing, and that narrow view of constitutional adjudication will not offer us meaningful protection. What we need in these news cellphone cases is for those five justices to join together and show that constitutional vision is more than just the workmanlike competence of lawyers. Otherwise, the coming decades will become a series of lurches from one formally defensible but substantively implausible invasion to another, with no end in sight -- as long as there's another iPhone in the works.