The Big Brother Thread

[bourbon]

UK: Information Commissioner’s report to Parliament on the state of surveillance (PDF)

[bourbon]

The Cloud Panopticon: Google, Cloud Computing and the Surveillance-Industrial Complex, by Christopher Ketcham and Travis Kelly. CounterPunch Magazine, April 1-15, 2010; vol. 17, no. 7. (PDF)

Kevin Bankston, a privacy expert and attorney at the Electronic Frontier Foundation, a nonprofit advocacy group engaged in questions of privacy, free speech, and intellectual property in the digital age, warns of the possibilities. “In all of human history,” he says, “few if any single entities, other than the National Security Agency, have ever possessed such a hoard of sensitive data about so many people.” This is the sort of thing that should make the intelligence agencies, says Bankston, “drool with anticipation.” And drooling they are. Stephen Arnold, an IT expert who formerly worked at the defense and intelligence contractor Booz Allen Hamilton Inc. and who once consulted for Google, addressed this in a speech before a conference of current and former intelligence officials in Washington, D.C., in January 2006. According to an audio recording in our possession, he reported Google was increasingly sought out by the U.S. intelligence services because click-stream data – and everything else Google archives – “is a tremendous opportunity for the intelligence community.” Google, he said, “has figured out everything there is to know about data-collection.” The relationship with the government had become intimate enough, Arnold said, that at least three officers from “an unnamed intelligence agency” had been posted at Google’s headquarters in Mountain View, Calif. What they are doing there, Arnold did not reveal.

[davidbfpo]

Currently the UK government has proposed a bill to extensively update the law on law enforcement and security agencies access to communications data. This is a controversial piece of legislation, partly for political reasons as when in opposition the current government opposed similar proposals.

Hat tip to a privacy advocacy group:http://www.bigbrotherwatch.org.uk/ho...companies.html

Parliament has a committee taking evidence on the bill, which has led to some very strange exchanges between them and the industry (Google, yahoo, Skype, Tor and others). Try this passage:

It is in the background brief. The Home Office states, “The Government is introducing legislation to ensure that communications data will continue to be available in the future as it has been in the past”. Another part says, “CEOP is already experiencing significant problems because of the difficulty of obtaining the same level of subscriber information for internet communications as is currently available for traditional telephony”. There is the problem. The key point is that our services cannot be made to look like telephony

Link:http://www.parliament.uk/documents/j...nel%201%29.pdf

Or the use by the Home Office (equiv. Dept. Interior & parts of DoJ) of

...this elusive 25%. If representatives from the Home Office were here today—and we asked them—they might say that telephony was not all on landlines or even on mobile phones but is now over the internet, and they might point at Skype or Tor as developments that have reduced their capability to capture and retain information

It is rare to see a comparison like this, from an industry speaker:

criminals already have the capability to prevent law enforcement making useful use of communications data. Criminals have shown the capability, but human rights workers do not have the same capabilities that criminals have, so they will be put at risk by deep packet inspection and similar things that this Bill could introduce.

From:http://www.parliament.uk/documents/j...nel%202%29.pdf

This blogsite also comments on such matters:http://www.spyblog.org.uk/

[AdamG]

One photo = 1k word Soliloquy

[davidbfpo]

As the UK chattering politicians post-Woolwich push for the "snooper's charter" bill to be reintroduced Denmark reports data collection is not that useful:

...five years of extensive Internet surveillance have proven to be of almost no use to the police. Session logging has caused serious practical problems....The implementation of session logging proved to be unusable to the police; this became clear the first time they tried to use [the data] as part of a criminal investigation

Link:http://techpresident.com/news/wegov/...igital-privacy

Back to the UK debate. An IT expert's thoughts:http://www.eradar.eu/2013/05/communi...t-opportunism/

'Naked Citizens' is a short twenty-five minute film on surveillance; it is not obsessed with:

..With one camera for every 14 people in London...

It starts with a good explanation of 'smart' CCTV identifying aberrant behaviour, but then becomes more strident. Anyway some interesting concepts are explained, notably suspicion, anonymity and privacy.

Link:http://www.journey.webbler.co.uk/?lid=65226&bid=2

[davidbfpo]

An example of vulnerability and in Syria, so no surprises that many sources have disappeared into the regime's care:http://www.cjr.org/feature/the_spy_w...c.php?page=all

[Firn]

An interesting and quite sad link with lots of further leads and reads.

After reading quite a bit about the latest events and trying to piece most of it into a big picture I had to note once again the deep irony of the whole story. The sheer size of the dragnet, and its depth needed a greatly increased the number of people working on secret stuff. The fear to fail to connect the dots has seemingly increased the amount of sharing and more people know more about the national efforts. The gigantic scope and reach of certain programs, especially those involving your average citizien have increased the danger of employing people who might feel it morally justified to whistleblow.

If that happens the public echo might be big indeed and it can indeed seriously harm directly and indirectly the most important, the true key interests of a nation. At least some sources are saying that terrorist groups have changed their comm. patters and that certain methods will be much harder to pull off. While there are certainly political games involved there should be a certain amount of truth in those informations. So if the fight against terrorism has indeed been the main goal of those various efforts then the NSA&Co might have scored an own goal in that area as well.

[davidbfpo]

I know many Americans have a strange regard, if not dislike for their postal service and it's inefficiencies - so they may think this odd:

..the Mail Isolation Control and Tracking program, in which Postal Service computers photograph the exterior of every piece of paper mail that is processed in the United States — about 160 billion pieces last year. It is not known how long the government saves the images.

Link:http://www.nytimes.com/2013/07/04/us...pagewanted=all

That must be some computer database, even if only retaining the photos for thirty days.

[Firn]

I know many Americans have a strange regard, if not dislike for their postal service and it's inefficiencies - so they may think this odd:

Link:http://www.nytimes.com/2013/07/04/us...pagewanted=all

That must be some computer database, even if only retaining the photos for thirty days.

So when the US spooks want 'everything' they really want every metadata at least from US citiziens. More, if possible from the rest of the world.

“In the past, mail covers were used when you had a reason to suspect someone of a crime,” said Mark D. Rasch, the former director of the Justice Department’s computer crime unit, who worked on several fraud cases using mail covers. “Now it seems to be ‘Let’s record everyone’s mail so in the future we might go back and see who you were communicating with.’ Essentially you’ve added mail covers on millions of Americans.”

Bruce Schneier, a computer security expert and an author, said whether it was a postal worker taking down information or a computer taking images, the program was still an invasion of privacy.

“Basically they are doing the same thing as the other programs, collecting the information on the outside of your mail, the metadata, if you will, of names, addresses, return addresses and postmark locations, which gives the government a pretty good map of your contacts, even if they aren’t reading the contents,” he said.

In this case it seems as if the methods of the digital age have been brought into the old analog world. Legally the path has been the reverse. Whatever floats the boats and is possible seems to get done with the legal bounderies getting streched and streched or even completely removed...

Law enforcement officials need warrants to open the mail, although President George W. Bush asserted in a signing statement in 2007 that the federal government had the authority to open mail without warrants in emergencies or foreign intelligence cases.

In such days it certainly feels like that the terrorists did indeed score some important victories against key and noble ideas of the Western World. And once again it seems that the scale of the tracking efforts opens the door for highly questionable abuses which pushes the whole thing into the spotlight and alerts also the valid targets. Imperial intelligence overstrech.

[jmm99]

Petabytes (Wiki)

1000 kB kilobyte
1000^2 MB megabyte
1000^3 GB gigabyte
1000^4 TB terabyte
1000^5 PB petabyte
1000^6 EB exabyte
1000^7 ZB zettabyte
1000^8 YB yottabyte

A billion 1MB scans = 1 petabyte; so, 160 billion scans per year at 1MB per scan = 160 petabytes. Hitachi was marketing 32 petabytes of rack storage in 2004 (BBC).

The Bluffdale UT database (easily expanded at ~$2billion per site) could take us into the zetta and yotta storage ranges (UK Guardian).

William Binney, a mathematician who worked at the NSA for almost 40 years and helped automate its worldwide eavesdropping, said Utah's computers could store data at the rate of 20 terabytes – the equivalent of the Library of Congress – per minute. "Technically it's not that complicated. You just need to work out an indexing scheme to order it."

The USPS scans (@1MB per scan; a pure WAG) works out to ~ 1/2 petabyte (500 terabytes) per day - or 25 minutes of Bluffdale's daily capacity - IF Binney is in the correct order of magnitude; and if my math done in head is correct.

I believe all of this is due to the political response to the perceived demand by the American public for absolute security. Others will easily migrate to varied conspiracy theories. I believe it depends on whom we elect; and on whom they appoint. Others will disagree.

One can spend an interesting hour plus, watching William Binney on Youtube, NSA whistleblower William Binney Keynote at HOPE Number Nine (2012). Note the picture of the British sheep about two minutes into the video.

Regards

Mike

[davidbfpo]

Actually the article's full title is 'NSA and GCHQ: the flawed psychology of government mass surveillance' and yes it is in The Guardian. The sub-title is probably more telling:

Research shows that indiscriminate monitoring fosters distrust, conformity and mediocrity

Link:http://www.theguardian.com/science/h...nce?CMP=twt_gu

I am uncertain about the science, but it certainly fits in here!

[davidbfpo]

The debate in the UK over privacy and security has restarted as the Conservative government proposes a new law on extending surveillance and adding safeguards.

Today I found a number of good commentaries; if you want the "spin" by some papers assisted by the intelligence agencies you will find them too about a week ago.

The Economist 'To MI5 with love':http://www.economist.com/news/britai...pies-mi5-love?

Jamie Bartlett concludes:

First, it’s not clear how long any measures will even work. Thanks in part to Snowden revelations, soon there will be a new generation of easy-to-use encryption services. The net will become more private and also more difficult to censor and monitor, and I think this might require a very real rethink in how we do intelligence.

And then there is a risk of serious long term damage to the economy, especially the digital economy, of monitoring too much, or forcing companies to install the equipment required to collect and store internet connection records. It’s not quite clear either how serious or damaging this might be, but I think it could be more than the government thinks. And as more of life goes online, we’ll need ever more powerful encryption, not less. This can save the police a fortune in reducing cybercrime, although will certainly make other types of policing more difficult.

Link: http://www.telegraph.co.uk/technolog...ts-or-not.html

Heather Brooke's pice is sub-titled:

The new surveillance bill renders the citizen transparent to the state, putting every one of us under suspicion. It would serve a tyranny well.

Link:http://www.theguardian.com/commentis...george-orwell?

Janet Daley in The Daily Telegraph is rather trenchant, as the title suggests:

Britain trusts its spies too much – even when they’re threatening our freedom
It is deeply worrying that the government could soon have the legal right to snoop on the private activities of all law-abiding citizens

Link:http://www.telegraph.co.uk/news/ukne...r-freedom.html

[davidbfpo]

In the UK licence plate readers (LPR in the USA) are known as Automatic Number Plate Readers (ANPR) and as the title implies we have a lot of them:

UK number plate monitoring one of the 'world's biggest surveillance systems'

Link:http://www.v3.co.uk/v3-uk/news/24371...llance-systems

Personally I am not shocked that the (publicly owned) system across the UK ANPR system currently has 8,300 ANPR cameras (mainly overt on main roads and motorways or inter-state) in use submitting 25-35 million ‘read’ records to the National ANPR Data Centre daily, but lacks any legal framework or governance.

What is odd is that a former senior UK CT police officer, now having oversight of surveillance cameras has spoken publicly asking why:https://www.gov.uk/government/speech...ing-university

He is also critical of:

In the UK our (police) database is touching 18m images made up of custody photos (The FBI has 51m). They include photos of people never charged, or others cleared of an offence.

ANPR was originally limited to the "Ring of Steel" around the City of London IRRC long ago when the IRA were bombing London. Their arrival on motorways was originally announced as a prelude to road charging, traffic control and more - not for policing. They have been added in most city centres and almost every port.

The publicly owned system can be supplemented by downloading imagery from the privately owned and to my knowledge not netwworked ANPR at petrol filling stations, let alone car parks or airports.

[davidbfpo]

Where does one start? "Big Sister" the Home Secretary will not explain why:

Theresa May has refused to say whether Britain's security services are accessing medical records and other potentially sensitive information.The home secretary said she did not want to "go down the route of giving information about the sort of data sets that are being acquired".
She was speaking to the draft Investigatory Powers Bill committee.
It was revealed last year that GCHQ is downloading large amounts of personal data to aid its investigations.
It could include the personal details of "a large number of individuals, the majority of whom will not be of any interest to the security and intelligence agencies", according the draft bill.
The information from these "bulk personal data sets," which could include everything from the electoral register, supermarket loyalty schemes or bank records, is then analysed to enable investigators to "join the dots".
The practice is covered by old legislation and has never been debated by MPs. "The UK does not undertake mass surveillance".

Link:http://www.bbc.co.uk/news/uk-politics-35300671

An Australian SME responds on whether 'big data' helps:https://counterterrorismmatters.word...ter-terrorism/

[davidbfpo]

First up a NYT article 'New Technologies Give Government Ample Means to Track Suspects, Study Finds', which refer to a Harvard report due out today and is sharp retort to officialdom's frequent doom-laden statements:

Now, a study in which current and former intelligence officials participated concludes that the warning is wildly overblown, and that a raft of new technologies — like television sets with microphones and web-connected cars — are creating ample opportunities for the government to track suspects, many of them worrying.

Link to NYT:http://www.nytimes.com/2016/02/01/us...tudy-finds.htm

Link to report (37 pgs):https://cyber.law.harvard.edu/pubrel...ark_Debate.pdf

[davidbfpo]

From a newly found CT blog an article that sets out to:

To understand the utility of bulk communications data in intelligence and CT, you first need to re-consider the needle/haystack analogy typically used when discussing intelligence agency use of bulk datasets.

(He ends with) contrary to Binney’s evidence – bulk communications data does and should play a critical role in the work of UK intelligence agencies.

Link:https://counterterrorismmatters.word...ll-submission/

[davidbfpo]

A short commentary by a good journalist, Paul Lashmar and subtitled:

These pieces of research indicate a pattern of behavioural change that dampens dissent and resistance to overbearing power, both of which are hallmarks of an active democratic citizenry.

(He concludes) In culmination all these pieces of research are indicating a pattern of behavioural change that dampens dissent and resistance to overbearing power, both of which are hallmarks of an active democratic citizenry. What this suggests to me is that that the terrorists have won another unexpected if particular blow against liberal democracy as it is superseded by a security state.

Link:https://www.opendemocracy.net/uk/paul-lashmar/undigested-snowden?

[Bill Moore]

Good post David, this touches on my previous arguments that we need to reassess our view of risk. Our reaction to terrorism is a self inflicted extential risk on our way of life. We need to think harder about the risks associated with our security measures.

[davidbfpo]

That is my title after this rather startling Lawfare article, which cites Attorney-General Holder:

I think that he actually performed a public service by raising the debate that we engaged in and by the changes that we made...

Link:https://www.lawfareblog.com/three-ye...ence-community

A statement I expect Snowden's lawyers will use should he ever leave Moscow; especially as the A-G has laid charges against him.

Or former NSA Director Michael Hayden:

..although the public cannot be briefed on everything, there has to be enough out there so that the majority of the population believe what they are doing is acceptable.

[davidbfpo]

The UK's Surveillance Camera Commissioner, an ex-CT detective, has a new report out and is concerned how society is changing:

The privacy of the public is at risk of being invaded on a mass scale without its consent as the collection of big data meshes with proliferation of video surveillance...What most worries me is the impact of big data and integration of video surveillance.....

Link:https://www.theguardian.com/uk-news/...illance-merge?

An academic commentary, with many links:https://theconversation.com/if-surveillance-cameras-are-to-be-kept-in-line-the-rules-will-have-to-keep-pace-with-technology-74271?

I note that since the last post in August 2016 this thread has gone from 15,541 to 53,728 views. Someone is reading this thread.