Surveillance

Since 2011, Silicon Valley-based software firm Palantir has helped the Los Angeles Police Department analyze data, ranging from license plates photos, to rap sheets, traffic tickets, listings of foreclosed properties and more. The company, which also works with government agencies such as the CIA and FBI, is quietly transforming how police operate. Palantir doesn't reveal how many clients are using its tools, but police departments in both California and New York have previously worked with the company. Sarah Brayne, a sociology professor at the University of Texas in Austin, conducted more than 100 interviews of officers and civilian employees. What follows are six of Bayne's most striking findings:
1. Surveillance today is unprecedented
2. Citizens without police contact can be tracked
3. Sharing data helps cops do their jobs
4. Not all officers love the new surveillance tools
5. Big data has a role in inequality
6. Laws haven't kept up with technology

[Commentary] European law allows the transfer of personal data to non-European countries only if they “ensure an adequate level of protection.” The U.S.-EU Safe Harbor framework was believed to provide such adequate safeguards, but, in its October 2015 decision in Maximillian Schrems v. Data Protection Commissioner, the Court of Justice of the European Union invalidated the framework. In the background were Edward Snowden’s revelations about the prevalence of access to private communications data by the U.S. government, particularly the NSA....

In the next few years, the debate will continue to rage. As the U.K. breaks ranks with its EU partners, its laws too could be deemed “inadequate.” In fact, while not subject to the jurisdiction of the European Commission, national security regimes of European Member States are drawing wide criticism for being overly lenient, cryptic and opaque. To perhaps avoid widely divergent opinion on the relative beauty or ugliness of U.S. surveillance law, this collection will help inform the conversation and ground it in solid facts.

[Omer Tene is Vice President of Research and Education at the International Association of Privacy Professionals. He is an Affiliate Scholar at the Stanford Center for Internet and Society and a Senior Fellow at the Future of Privacy Forum. ]

[Commentary] Congress must decide by the end of 2017 whether to renew the National Security Agency’s power to engage in surveillance of communications that transit switches and servers inside the United States using a secret court order. The intelligence community has revealed that over 100,000 targets were under such surveillance in 2016, for reasons well beyond terrorism. While the government may not single out Americans as targets, it may search the database for information about Americans who may be communication with foreigners. It did so more than 30,000 times in 2016.

While Congress should reform this “backdoor search” practice, it should not make the same mistake I made by focusing only on protecting the privacy of Americans. If it does, businesses may face a rude awakening when European courts again strike down transfers of personal data to the United States, threatening a half-trillion dollar transatlantic trading relationship. Reforming the NSA’s mass surveillance programs to focus more narrowly on terrorism and other security threats would do much to address these concerns. Protecting the privacy of foreign users of American internet services is not just good for business, it is good for everyone’s privacy – including Americans. The digital data, communications, and personal lives of Americans now transcend national boundaries. It turns out we are all in this together. In the digital age, the only way to protect the privacy of Americans is to protect the privacy of everyone.

[Tim Edgar was the first privacy officer for the White House, former ACLU attorney and current Professor at Brown University.]

One of President Donald Trump’s top advisers called on Congress to reauthorize authorities that gives intelligence agencies the ability to collect and analyze communications of foreigners outside the US Homeland Security Adviser Tom Bossert said Section 702 of the Foreign Intelligence Surveillance Act—set to expire in December—is the best means for intelligence agencies to monitor terrorist threats en masse given today’s internet-driven world.

“The terrorist threat isn’t going to sunset, so the authority shouldn’t either,” he said at the Intelligence and National Security Summit.The provision in the FISA amendment act dates back to 2008 and previously reauthorized in 2012. While the intelligence community including the National Security Agency and Central Intelligence Agency has advocated for its renewal, Section 702 has critics in Congress and among privacy advocates. Critics contend the authority allows intelligence agencies to scoop up emails, text messages and other communications of Americans who communicate with foreign targets or mention potential targets in conversations with non-targeted foreigners.

Artificial intelligence is giving rise to unprecedented capabilities for surveillance, from facial recognition at bridge crossings to the ability to identify thousands of people at once. Now, new research suggests that AI could potentially be used to identify people who have taken steps to conceal their identities by wearing hats, sunglasses, or scarves over their faces.

When the Obama administration was designing Deferred Action for Childhood Arrivals (DACA), privacy was a chief concern for immigration advocates, who worried about having undocumented immigrants identify themselves to the government. So US Citizenship and Immigration Services (USCIS) vowed it would wall off that data, protecting it from other agencies, including Immigration and Customs Enforcement (ICE), that wanted to use it for deportation purposes. But because DACA was merely a policy, not a law, even the framers of this process knew full well that that promise to Dreamers was not binding. Even if the Dreamer data remains confidential, however, immigration advocates fear that ICE already has all the information it needs to target Dreamers where they work.

One reason many Dreamers applied for the program, after all, is to receive a work permit. Many employers use a system called e-verify to keep tabs on their employees’ immigration statuses. If President Donald Trump reverses DACA protections and stops renewing those permits, there’s not much stopping ICE from showing up at an employer's office the day after an employee's DACA permit expires.

Government requests for the mass disclosure of every caller who connected to a particular cellphone tower have spiked during the first half of 2017, according to Verizon’s latest transparency report. Law enforcement seek so-called tower dumps to try to identify a suspect in a crime, compelling tower operators to provide the phone numbers of all devices that connected to a specific tower during a given period of time. “This tool is being used much more frequently by law enforcement,” Verizon said in the report.

Verizon has received approximately 8,870 warrants or court orders for cell tower dumps in the first half of this year — a huge increase over 2013, when the government sought only 3,200 dumps across the whole of that year. In 2016, the total figure was 14,630. Law enforcement demands for customer data totaled at 138,773 for the first half of the year — relatively steady with six-month segments over the past two years. Verizon rejected around 3 percent of requests, granting around 68,000 subpoenas, 700 wiretap demands and about 4,000 “trap and trace” orders that let investigators see what phone numbers are calling a target in real time.

The acting head of Immigration and Customs Enforcement (ICE), the federal agency charged with deportations, has confirmed in a new letter that it does not use cell-site simulators, also known as stingrays, to locate undocumented immigrants. In the August 16 letter, which was sent to Sen Ron Wyden (D-OR), acting Director Thomas Homan wrote that, since October 2015, ICE has followed similar guidelines put in place by the Department of Justice and the Department of Homeland Security a month earlier, which require a warrant before deploying a stingray. Sen Wyden has also recently sent a similar letter to the Department of Justice, which has not yet responded.

Fourteen of the biggest US tech companies filed a brief with the Supreme Court on Aug 14 supporting more rigorous warrant requirements for law enforcement seeking certain cell phone data, such as location information. In the statement, the signatories—Google, Apple, Facebook, and Microsoft among them—argue that the government leans on outdated laws from the 1970s to justify Fourth Amendment overreach. One perhaps surprising voice in the chorus of protesters? Verizon.

Verizon's support means that the largest wireless service provider in the US, and a powerful force in Silicon Valley, has bucked a longtime trend of telecom acquiescence. While carriers have generally been willing to comply with a broad range of government requests—even building out extensive infrastructure to aid surveillance—Verizon has this time joined with academics, analysts, and the company’s more privacy-focused corporate peers. Carpenter v. United States is “one of the most important Fourth Amendment cases in recent memory,” wrote Craig Silliman, Verizon’s executive vice president for public policy and general counsel. “Although the specific issue presented to the Court is about location information, the case presents a broader issue about a customer’s reasonable expectation of privacy for other types of sensitive data she shares with any third party.… Our hope is that when it decides this case, the Court will help us better apply old Fourth Amendment doctrines to an evolving digital era.”

Computer companies are standing with a web hosting company that is facing a search warrant obtained by the Department of Justice to 1.3 million IP addresses of an anti-Trump protest web site. The Computer & Communications Industry Association, whose members include Amazon, Facebook, Google, and eBay, came to the company's defense.

“CCIA supports DreamHost and calls on DOJ to revise this request, and reassess its search warrant practices to respect the First and Fourth Amendments," said CCIA President Ed Black. “U.S. tech companies are often compelled to resist sweeping dragnets aimed at political dissent from foreign regimes. The U.S. government itself has criticized countries that target political dissent with criminal process. We would urge DOJ to consider the consequences of such requests both in terms of emboldening countries like China and in the message this sends to democratic allies.”