I like how these jerks think they can go around and just make up their own rules on what is and what is not allowed.
Why don't they just admit that their lying sacks of shit, set fire to the constition, and admit what they think all the along:
"The only limit on Federal government powers are ones that we decide is valid and ok. We can do whatever the hell we want and everything we do is secret. If you try to tell the American public what is going on we will throw you in jail or otherwise make your life a living hell. We are only obligated to admit what we do when we feel like it or are caught. The rules we can change any time and only exist for our own convenience. The only people that are allowed to judge us are the judges we select and appoint for life and the rest of you peons just STFU."
It takes different experiences for different people to realize that government's claim to power is largely arbitrary.
This has been the situation prior to the existence of the NSA. Because people's actions tend to coincide with government policy, they often don't ever realize it.
This is true for this specific program and only under the current policies. Let's just stop kidding ourselves and assume that the NSA stores our communications indefinitely, and design our software accordingly.
Exactly. This is what Snowden was warning about. There is a single variable (in each program) that determines this expiry date. Today it's set to '5' years. But a flip of a (few) bits and that could be 50, or 500. Much like the Mickey Mouse laws. That flipping a bit, he analogizes to 'turn-key' with the result being quite close to tyranny.
First, the 5 year limit is, if I recall correctly, based on Holder/DOJ's secret interpretation of the law. It's not fixed in statute. It could have changed at any point.
Second, Holder signed the secret authorization in July 2009. It hasn't yet been 5 years. The question is whether it's extended by July 2014 or not.
> This is true for this specific program and only under the current policies. Let's just stop kidding ourselves and assume that the NSA stores our communications indefinitely, and design our software accordingly.
Really?
And you believe this... because why? Because that is what they said?
I seriously believe that if I was to tell you that Obama had a massive program to collect and record the phone activities of every American at any time for any reason two months ago you would of called 'bullshit' so fast that it would of made my head spin.
I see zero reason to believe anything these guys tell us about anything. The only way to understand what they are really doing is to get information that they say is illegal for you to know.
"I seriously believe that if I was to tell you that Obama had a massive program to collect and record the phone activities of every American at any time for any reason two months ago you would of called 'bullshit' so fast that it would of made my head spin."
What makes you think that the latest news has changed my assumptions about the NSA? There has been evidence of widespread surveillance by the NSA for decades:
Statements by candidate Obama that he'd put an end to warrantless wiretapping was some reason, if not (apparently) sufficient reason. Of course, he did put an end to warrantless wiretapping: collection of metadata is no longer considered wiretapping. Yay!
a) Thinking the NSA and other intelligence organizations would really make the distinction between US and non-US citizens, except in the scope that public opinion doesn't instantly crush them, doesn't seem like something they'd actually be likely to do.
b) 95% of the earths population are outside of the USA, Facebook alone has a user count higher than 3 times the total US population.
Really, the distinction is completely meaningless for this discussion. The only effect it has is alienating non-US citizens because it makes it seem like US citizens are only concerned about themselves.
I also think the focus on the US surveillance apparatus might not be the way to go either, things like the upcoming Indian surveillance system belong to the very same discussion.
While I think in numerous respects we do pay too little attention to the rights of people elsewhere, both in a moral and practical sense, there is a significant sense in which our surveillance capabilities turned inward is a bigger problem than them turned outward: the American people are fundamentally the biggest check on the further growth of the power of these individuals, and giving them further power over us diminishes that.
Right. It isn't to be disingenuous to everyone else. I think of it similar to Chinese hacking incidences. "Foreign Power X hacked into the US defense contractors?" Yeah, I'm okay with that. We need a balance of power in this world.
Versus if it was this: "The US hacked into it's own civilian's businesses?" Not acceptable.
Oh, and it being lawful somehow makes it better? Also I'm pretty sure they bent it a way so that the current spying on US citizens isn't technically illegal either.
Which definitely don't make up >600 million accounts. I could've also used Google as an example, I'm pretty sure the bulk of their traffic is non-US traffic. But even if it doesn't, that doesn't change my point one bit.
1) FAA702 is supposed not to target "US persons" at all. But FAA703 and 704 are intended to target US persons outside the United States. They are more restrictive, and surely less often used, but they're still there.
"2 . The Foreign Intelligence Exception . The recurrent
theme permeating the petitioner's arguments is the notion that
there is no foreign intelligence exception to the Fourth
Amendment's Warrant Clause. 6 The FISC rejected this notion,
positing that our decision in In re Sealed Case confirmed the
existence of a foreign intelligence exception to the warrant
requirement. "
You may want to read that again. IANAL, but as best as I can understand this is the FISC appeals court (the secret intelligence court's appeals court) affirming its belief that while law - the FISA - prevents (some) no-warrant searches for "foreign intelligence information" on US persons, this is not actually necessary to comply with the US constitution, because the Constitution does not prevent such searches at all. As soon as a foreign intelligence justification exists, open Sesame! the Warrant Clause goes away and the US government can search US citizens without any warrant. It is (according to this theory) only out of the goodness of Congress' heart that this isn't permitted already.
They can store inadvertently collected US data without a warrant (with a written letter from the NSA director outlinig the reaons), but can they listen or read it without a warrant? That key bit of data is missing from this article. It appears that the answer is "yes" but it's not clear.
According to the Guardian's original article, they can
Retain and make use of "inadvertently acquired" domestic communications if they contain usable intelligence, information on criminal activity, threat of harm to people or property, are encrypted, or are believed to contain any information relevant to cybersecurity
If I send a letter with my email address and proof of citizenship to the NSA, that gives them specific information that my email address belongs to a US person.
Will they not then be required to delete all communications collected under FAA702 between my email address and any other email address for which they have received similar proof of US person-ness?
Can we organize a mass campaign for everyone to send letters to the NSA doing something like this?
Won't work. Think a little harder. Why do you think this has happened?
Hint. Answer this brain-teaser: 'How can a piece of paper with words on it restrain legislators effectively?' Has history validated the proposition that constitutions are effective tools for restraining governments?
I want to do this, but I think it only makes sense for big cities. Am I wrong? My nearest city has ~8k people. Should I stand with a placard at the town square?
Call your senators and representative, it really helps. Keep it short and to the point, write out what you're going to say before you call. You'll get put through to voicemail or an intern who will take notes on what you say. It's very low-pressure.
Apple, Google and Facebook can store communications for evermore. And NSA can easily get a copy anytime, via a rubber stamp by a judge in the secret court.
Now, in light of this, are we all (the good guys) permitted to use strong encryption to protect our data in storage by these third parties... since we can't trust them to do so?
Unless we have a HIPAA-like law to cover all data, not just our medical records, then may we resort to self-help?
> Apple [...] can store communications for evermore. And NSA can easily get a copy anytime, via a rubber stamp by a judge in the secret court.
"There are certain categories of information which we do not provide to law enforcement or any other group because we choose not to retain it.
For example, conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them. Apple cannot decrypt that data."
Dude, we Brits know you Aussies love your beer, like we do, but hey, don't openly prove the stereo type!!!!
Although, I am "pissed" too. No, non Americans are subhuman and have no rights in US law and seemingly to most Americans, even if we are customers of US businesses making them money, while these US business avoids tax like its AIDS. The US government also happily sweeps aside international law and convention when it suits them. Hence drone strikes, gitmo and rendition, or as the rest of us sub-humans call it, kidnap, murder and false imprisonment. Or the refusal to submit US citizens to international courts.
That is the problem with the US attitude to the rest of the planet, we are seen as both customers to be exploited, and the enemy. Real shame the US is so paranoid, the vast majority of us aren't evil.
I really fail to understand why the US believes it can behave in a way no one else does, why it thinks it has the right to do what it likes and over ride every one else. It really does feel like the US only recognizes American citizens as fully human. America and Americans are some how special and of more worth than every one else.
Yet, while I disapprove of this, worse is the way US allies lay down and accept it. So, partly, I think, "sod it, if my government cant be arsed to challenge them, then why am I bothering?". A bit like thinking the US citizens clearly want this, they voted for it, so they deserve it.
Its sad because all this stuff, IMHO, tarnishes everything good the US does. And it really does do some brilliant, awesome stuff. Is this superiority complex really the price the rest of us have to pay?
It funny, just a the simple addition of equality and humility, and the US could be the most loved country on the planet.
5 days/months/years doesn't really matter, they have it, they will store it. Data is new Gold, no one wants to get rid of it or can get rid of it for the complications it might cause in the future.
Can the people who decided to store the data, will ever be ready to destroy it ?
1. You Can't treat your citizens like suspects
2. You can't take control over the world information
3. If it is done for the security, let us know upfront about it, there should be no beating around the bush.
A communication identified as a domestic communication will be promptly destroyed upon recognition unless the Director of the NSA specifically determines, in writing, that
(3) the communication is reasonably believed to contain ... information necessary to assess a communications security vulnerability
What does this say for vulnerability researchers who happen to be American?
I interpret it to mean that if NSA's filter catches words related to communications security then it is flagged and possibly read by an analyst. It does say the Director of the NSA has to specifically request that the communication be kept, but someone has to read it first to determine its value. So it's read and stored without a warrant. Seems like a pretty clear violation of the 4th amendment to me.
I have been thinking about steps Google and other big providers could take to make their services more trustworthy again for those outside the US who apparently have no protection from this dragnet under US law. Given the dominance of their services in email and search, Google could actually initiate a step-change in the privacy of their customers, without much effort.
They could anonymise their search data before storing, so that they don't store individual actions, just something like group preferences to tailor searches and target advertising. This wouldn't be easy while keeping their advertisers happy, but it's an interesting problem - how do you tailor search and advertising while not keeping track of every URL the user searches or clicks on. It would be interesting to know if turning off google web history actually turns anything off apart from the UI to display this tracking to the user - they have a disclaimer saying they still log for other purposes even with web history turned off. They could allow users to turn off this tracking completely.
They could make gmail delete old mails after 1 year or so by default, as a security measure. Keeping everything forever on a server is not a great idea if various governments are then given access to that data at some point in the future, and people should keep their archives of mail locally, not on Google's server - Google should encourage that.
They could offer easy to set up encryption on gmail, in fact they could set it up by default for each user. If the user chose to this could kick in automatically when emailing any account on their own service, giving a lot of people encrypted email all of a sudden without any effort on their part. That would make a vast number of email communications encrypted, and coupled with deleting older emails, this would make it far harder for the NSA to snoop on email communications, at least for those who don't use webmail and delete their old messages from the server. If Google did this and used an open standard, other providers like Apple, Hotmail etc would follow, and mail readers like Apple mail would be changed to read the messages.
Finally, they could do far more to explain what they are gathering on each individual, and in what circumstances they will pass the material on to the NSA - they claim that they robustly defend the rights of their users, but without actual proof, this is not very convincing. I read their lawyer's Q&A with the guardian last week, and nothing of substance was said, though lots of vague denials were included again:
"We review each of those requests and push back when the request is overly broad or doesn't follow the correct process. There is no free-for-all, no direct access, no indirect access, no back door, no drop box."
Which tells us nothing about what actually does happen, and whether Google has enough information to effectively oversee these requests. If they don't feel they can legally tell their customers what they are doing, they should be campaigning far more robustly and openly for the right to divulge that information, and fighting it in the open courts with ACLU now that the details have emerged. They could start by simply refusing to cooperate with FISA requests going forward, until a more transparent system is put in place - Twitter hasn't been cooperating, so why should Google?
This scandal is damaging their standing in other countries, and the best way to counter that would be to be open and honest (in spite of the secret laws they are asked to operate under) and stand up for their users' privacy with concrete actions rather than denials. If they continue to give information to the NSA, US users should be very concerned about what Google will say when all the other governments of the world require data on US persons from Google subsidiaries, following the NSA's example.
The issue here is that Google's business, or a large part of it, is all about amassing data in a useful and usable way. Most of what you propose would undermine Google as much as it would undermine security organisations.
The issue here is that Google's business, or a large part of it, is all about amassing data in a useful and usable way.
I see it as a social contract between Google and their customers - customers give up a certain amount of anonymity and allow some activities to be tracked so that they are provided with services, sometimes paid (e.g. google apps), sometimes free (e.g. search or gmail). If the relationship becomes one where Google takes whatever they want and provides that data to third parties, why should we as customers put up with it? It's particularly galling if you're paying them for the privilege.
Plenty of alternatives are ready to replace them if they don't pay more than lip-service to their users' privacy.
The NSA pulls all data going in and out of Google without their permission. Being the man-in-the-middle, they intercept all communications even if encrypted.
For that matter, how can they identify any individual as a US citizen when the commercial systems they're monitoring (phone, email, etc) often don't know? What about foreign workers on visas, or US expats abroad, or simple business travelers.
Off topic, but explain to me the gratuitous use of a French word in the headline. Is this some kind of slur on the French, e.g. the NSA are being so duplicitous they are almost French?
Sometimes all I think we can do by writing to our "tough on terrorists" lawmakers is save some money. Avoid the FISA court entirely, just give the the rubber stamp to the f#^&%($ NSA, it's not like any request is denied anyway.
Look at hosting services and the storage GB and traffic they offer now compared to a few years ago. Storage and bandwidth costs are going lower and lower so NSA can easily store everything "forever." If Google can do it, why can't NSA with a comparatively unlimited budget ? Just the US intel spending is something like $80 Billion a year and that's one area that is not going to be left unfunded or "you Senator will have blood on your hands next time Al Qaeda..."
Why don't they just admit that their lying sacks of shit, set fire to the constition, and admit what they think all the along:
"The only limit on Federal government powers are ones that we decide is valid and ok. We can do whatever the hell we want and everything we do is secret. If you try to tell the American public what is going on we will throw you in jail or otherwise make your life a living hell. We are only obligated to admit what we do when we feel like it or are caught. The rules we can change any time and only exist for our own convenience. The only people that are allowed to judge us are the judges we select and appoint for life and the rest of you peons just STFU."