Claire Diviner
President
The article is in spoilers due to the length:
http://m.dailykos.com/story/2013/06/23/1218102/-US-NSA-Accused-of-Criminal-Privacy-Violations-in-Dozens-of-Nations-Snowden-Blowback
Conspiracy theorists unite.
http://m.dailykos.com/story/2013/06/23/1218102/-US-NSA-Accused-of-Criminal-Privacy-Violations-in-Dozens-of-Nations-Snowden-Blowback
Do you remember this story from last September?
It wasn't a big story in the US, but the rest of the world took a keen and somewhat alarmed interest in it. It's the beginning point -- the first clue -- that something was very much amiss in America:
WASHINGTON, Sept 4, (AFP): A hacker group has claimed to have obtained personal data from 12 million Apple iPhone and iPad users by breaching an FBI computer, raising concerns about government tracking.
The group called AntiSec, linked to the hacking collective known as Anonymous, posted one million Apple user identifiers on Monday purported to be part of a larger group of 12 million obtained from an FBI laptop.
Contacted by AFP, FBI spokeswoman Jenny Shearer said: “We’re not commenting.”
Apple did not immediately respond to a request for comment.
::
Peter Kruse, an e-crime specialist with CSIS Security Group in Denmark, said on Twitter that the leak “is real” and that he confirmed three of his own devices in the leaked data.
“Also notice that they claim to have fullname, addresses, phone numbers etc... Big ouch!” he tweeted.
---------------------
Eric Hemmendinger, a security expert with Tata Communications headquartered in India, said the report raises concerns about the protectors of cybersecurity.
“The question is not whether it’s accurate, it is why did the feds have the information and why did they not take due care to secure it,” he told AFP.
---------------------
Aldo Cortesi, a security consultant living in New Zealand, called the incident “a privacy catastrophe.”
“The vulnerabilities ranged from de-anonymization, to takeover of the user’s gaming social network account, to the ability to completely take over the user’s Facebook and Twitter accounts,” he said on a blog posting.
---------------------
Graham Cluley of the British security firm Sophos, remarked, “Quite why the FBI was collecting the UDIDs and personal information of millions of iPhone and iPad users is not yet clear — but it’s obvious that the data (and the computer it was apparently stored on) was not adequately secured.”
---------------------
Johannes Ullrich of the SANS Internet Storm Center said it was difficult to verify the report.
“There is nothing else in the file that would implicate the FBI. So this data may very well come from another source. But it is not clear who would have a file like this,” he told AFP.
"It's unclear why the FBI, if the report were true, would have the data," he added. “The size of the file would imply a widespread, not a targeted, tracking operation...."
::
In the posting of this data, AntiSec said the original file “contained around 12,000,000 devices” and that “we decided a million would be enough to release.”
AntiSec said it posted the information to draw attention to Apple’s practices which allow users to be tracked [in real time].
“We never liked the concept of UDIDs since the beginning indeed. Really bad decision from Apple,” it said. "The FBI is using your device info for a tracking-people project or some ****.”
It seems AntiSec had stumbled upon a tiny piece of the vast NSA "global" spying dragnet that was collecting private data profiles on ordinary citizens-- not only in the US, but throughout the world.
Ten months later, halfway around the world, Edward Snowden was monitoring the systems that were collecting this illegally accessed very private citizen data. And the data was not just from ordinary Americans and Chinese, but from all our friends and allies -- Germany, Australia, Canada, Scandinavia, Latin and South America, and many others.
It took three months for Snowden to decide to put a stop to this illegal activity.
If Snowden were a criminal, he could have exploited the data. Or sold it to identity thieves. Or, even sold it to a foreign enemy.
But in order to do the right thing -- and expose the crime -- Snowden would have to give up his own life and throw himself on the mercy of the ordinary citizens of the world.
Yes, the collection of this kind of personal data is illegal in almost every nation in the world.
The right to privacy from electronic surveillance is granted in most national constitutions. This expectation of privacy has been declared a human right by the UN. It is a crime to collect it secretly.
It may be hard for Americans to wrap their minds around this concept because, in their case, human rights are not directly conferred upon them, constitutionally -- and can be suspended by the Executive Branch or the high court at any time, if it is deemed (often secretly) to be in the best interest of the "defense" of the nation.
Read that last sentence again.
You are living in that reality. The citizens of other nations are not. Their constitutions declare and affirm human rights that are specific to the 21st century issues.
Americans have have little expectation of general human rights, many of which were circumvented by the Patriot Act. But, right npw, the rest rest of the world is dismayed and outraged that the US has illegally breached their sovereign laws to spy on their citizens and businesses.
The world regards what the NSA is doing as an international crime and a direct violation of their human rights.
Here's the Problem with the US that the World is going to Fix:
The world is looking at an international crisis -- as a result of Edward Snowden's description of an illegal data theft "Process" -- perpetrated against their own citizens. The US is engaged in ongoing criminal activity against their sovereignty. And they are scrambling to put a stop to it.
The United States can no longer be trusted, never, ever again.
This is a watershed moment that changes everything. You are witnessing an epic geopolitical shift that will profoundly effect the United States standing throughout the world. It will certainly affect your future.
Before this is over, the entire architecture of the Internet will be rebuilt. Here's why:
A huge proportion of all global Internet traffic flows through networks controlled by the United States. This is because eight of fifteen global tier 1 telecommunications companies are American owned -- companies like AT&T, CenturyLink, and Verizon. Furthermore, the social media services are also mostly provided by giants headquartered in the United States, including Google, Facebook, Yahoo!, and Twitter.
All of these companies are subject to U.S. law, including the provisions of the U.S. Patriot Act, no matter where their services are offered or their servers located.
Having the world's Internet traffic routed through the U.S. and having those telecommunications companies under its jurisdiction compromises the constitutionally guaranteed privacy rights of citizens of all other sovereign nations.
This will end.
The rest of the world will not stand for it.
It's a simple fact and an economic black swan for the US.
Here's what Edward Snowden told the world:
“We hack network backbones — like huge Internet routers, basically — that gives us access to the communications of hundreds of thousands of computers without having to hack every single one.”
Actually, it's hundreds of millions of computers, and billions of phone calls, that are routed through the NSA's data collection traps -- from every corner of the world -- every minute of the day. Even though most of them are not communicating to anyone in the US, the Internet's current architecture allows the NSA to capture them all. Potentially, that means every single soul on earth who uses electronic communication is being tracked.
Other nations understood this immediately. They are well aware that their citizens have been caught in the illegal NSA dragnet. This is a completely unacceptable act by the US -- just as it would be if the world's Internet backbone was located in Russia and Moscow was mining the rich personal data of every American citizen.
The United States has inadvertently declared itself to be a rogue, predatory Police State. When the story broke, officials in European capitals demanded immediate answers from their US counterparts and denounced the practice of secretly gathering digital information on Europeans as unacceptable, illegal and a serious violation of basic human rights.
There were heated and outraged discussions at the G-8 summit in Ireland. Eric Holder was flown to Brussels for questioning by the European Union. When Holder left, they were even more outraged. The Germans openly liken the United States actions to the actions of the Cold War-era Stasi.
Here's what the Nations of the World are saying to each other:
The United Nations:
Surveillance programmes that trample on people’s right to privacy in the name of security actually risk damaging the fight against terrorism, UN rights chief Navi Pillay warned Thursday.
“Concerns have been expressed over surveillance regimes adopted by some states without adequate safeguards to protect individuals’ right to privacy,” Pillay told a UN counter-terrorism conference in Geneva.
“If our goal in countering terrorism is to provide for the security of individuals and preserve the rule of law, such practices are... counterproductive,” she said.
::
UN Under Secretary General Jeffrey Feltman said: “If we allow compromise on human rights, we are not countering terrorism but letting it get its way.
“When the principles enshrined in the human rights instruments are disrespected, extremism tends to thrive,” said Feltman, who heads the world body’s Counter-Terrorism Implementation Task Force Office (CTITF).
Switzerland:
Swiss Foreign Minister Didier Burkhalter told the conference: “The quest for security must not lead to excessive infringements of the right to privacy.”
Switzerland this week asked Washington for explanations about Snowden’s revelations, especially on an alleged CIA blackmail operation to spy on its banks while he was stationed in Geneva as a diplomatic attache from 2007 to 2009.
“Would we have a better society if honest citizens were subjected to constant surveillance by governments, with all the abuses that this may bring?” Burkhalter said. “In Switzerland’s view, the answer is definitely no.”
In Switzerland, at least one lawmaker has demanded that Internet giant Google be forced to be more transparent about the user data it retains.
Germany:
At the G-8 this week, Merkel’s spokesman has said she will press Obama for answers on the US surveillance programme. Berlin wants assurances from Obama that the on-line exchanges of its own citizens are not being monitored from Washington.
Reports about the apparent sophistication and long reach of US surveillance have also caused anxiety in continental Europe, particularly in Germany, where there are memories of the former East Germany’s Stasi intelligence service.
The country’s data commissioner has said he expects the government to put a stop to any American surveillance of German citizens, while worried lawmakers from across the political spectrum have said they want to know more.
“No one has a problem with the USA keeping terrorists under surveillance — that has prevented terrorist attacks in Germany before now too,” said Thomas Oppermann, a senior lawmaker from the opposition Social Democrats (SPD).
“(But) total surveillance of all citizens by the USA is completely inappropriate. The German government must protect the privacy of Germans from the USA too.”
“This affair looks like it will be one of the biggest scandals in data sharing ... Merkel cannot just look away and act like nothing has happened,” added Renate Kuenast, a senior Green lawmaker.
Peter Schaar, Germany's federal data protection commissioner told the Guardian that it was unacceptable that US authorities have access to the data of European citizens "and the level of protection is lower than what is guaranteed for US citizens."
Privacy-focused Germany was quick to condemn their co-operation with the US security services.
“The US government must provide clarity regarding these monstrous allegations of total monitoring of various telecommunications and Internet services,” said Peter Schaar, German data protection and freedom of information commissioner.
“Statements from the US government that the monitoring was not aimed at US citizens but only against persons outside the United States do not reassure me at all.”
Some of the companies named in the article have denied the government had “direct access” to their central servers. Nevertheless, the justice minister for the German state of Hesse, Joerg-Uwe Hahn, called for a boycott of the companies involved.
“I am amazed at the flippant way in which companies such as Google and Microsoft seem to treat their users’ data,” he told the Handelsblatt newspaper. “Anyone who doesn’t want that to happen should switch providers.”
Brussels and the European Union:
European companies using services from U.S. Internet companies must now be concerned about whether they are in breach of EU Data Protection laws. Those laws require companies to ensure only authorized personnel have access to any personal information of individuals.
The fact that U.S. government agencies may be accessing this data could result in many European organizations being unable to satisfy their data protection obligations.
The European Union has struggled to assert its citizens' rights to privacy in the United States for almost a decade.
Transatlantic agreements on sharing the financial and travel data of European citizens have taken years to complete, and the European Union is now trying to modernise an almost 20-year-old privacy law to strengthen Europeans' rights.
Fears about the security of data held on U.S. servers have already been a major factor in slow European adoption of "cloud" computing services, in which computing-intensive applications are done by central providers in large server farms.
“You hear more concerns in Europe than in the US, about the Patriot Act in particular. PRISM just enhances those concerns,” said Mark Watts, a partner in London law firm Bristows specialising in privacy and data compliance.
“The main players that are mentioned are much more on the consumer cloud end... but it may be that emotionally it adds to the concerns about US cloud providers,” said Watts, whose clients include several large US internet firms.
The EU said Friday that US Attorney General Eric Holder had agreed to share information about Washington’s huge Internet spy programme after Brussels expressed concerns about the privacy of European citizens.
Holder meanwhile said that US authorities had full oversight over the so-called PRISM programme, even through the US was easily undermined by contract worker, Edward Snowden.
The talks came just days after the EU demanded answers from Holder and warned of a “grave” threat to the rights of European citizens from the intelligence programme.
EU Justice Commissioner Viviane Reding and Home Affairs Commissioner Cecilia Malmstroem said the EU and US had agreed to set up a group of experts to exchange information and look at better safeguards. Reding said the US attorney general had addressed their fears of “big brother intrusion on privacy”.
“I welcome Attorney General Holder’s proposal to convene, in the short-term, a meeting of experts from the US and from the EU in order to clarify together the remaining matters — and I think there are remaining matters,” Reding said.
“There are still questions to be answered.
European Justice Commissioner and Vice President Viviane Reding said: "This case shows that a clear legal framework for the protection of personal data is not a luxury or constraint but a fundamental right."
Reding, who has been trying to push through an update to Europe's data protection laws for 18 months, noted that EU government leaders meeting in the European Council had been able to agree the Data Retention Directive relatively quickly.
Their action on the 2006 directive, which stipulates that phone and internet companies must store records to help in fighting serious crime, showed they could act fast when limiting civil liberties.
"It is time for the Council to prove it can act with the same speed and determination on a file which strengthens such rights," she said in an emailed statement.
Ireland:
In Dublin, Holder tried to play down Ireland's fears about the extent of the surveillance programme. The top-secret intelligence dragnet operated by the US National Security Agency (NSA) collects and analyses data from Internet and phone users around the world.
Holder said the US government could not force Internet companies to provide information on individuals unless there was an “appropriate and documented” foreign intelligence threat. Holder added that there was an “extensive oversight regime” on the spy programmes.
He took a stern tone on Snowden, saying that, "This case is still under investigation and I can assure you that we will hold accountable the person responsible for those extremely damaging leaks.”
But the 29-year-old Snowden is expected to resist any bid to extradite him from Hong Kong.
Italy:
Leader Antonello Soro, said that the data dragnet "would not be legal in Italy."
It would be contrary to the principles of our legislation and would represent a very serious violation.
Australia:
Fears about the security of data held on U.S. servers have already been a major factor in slow European adoption of "cloud" computing services, in which computing-intensive applications are done by central providers in large server farms.
Unease over a clandestine US data collection programme has rippled across the Pacific to two of Washington’s major allies, Australia and New Zealand, raising concerns about whether they have cooperated with secret electronic data mining.
Both countries are members of the so-called ‘five eyes’ collective of major Western powers collecting and sharing signals intelligence, set up in the post-war 1940s. Five Eyes also includes the UK, Canada, and the US.
In Australia, the conservative opposition said it was "very troubled" and had voiced concern to U.S. diplomats in Canberra about what it called large-scale, covert surveillance of private data belonging to foreigners.
"There is a massive global trend to cloud services," said opposition communications spokesman Malcolm Turnbull, noting that the vast majority of providers were U.S. firms.
The opposition, poised to win September elections, said it was concerned that data stored by Australians in the computer servers of US Internet giants like Facebook and Google could be accessed by the NSA, echoing fears voiced in Europe last week over the reach of US digital surveillance in the age of cloud computing.
Australia’s influential Greens party called on the government to clarify whether Canberra’s own intelligence agencies had access to the NSA-gathered data, which according to Britain’s Guardian newspaper included search history, emails, file transfers and live chats.
“We’ll examine carefully any implications in what has emerged for the security and privacy of Australians,” Australia’s Foreign Minister Bob Carr said in a television interview on Sunday, when asked whether Canberra had cooperated with Washington’s secret initiative.
New Zealand:
Responding to the government-surveillance controversy engulfing New Zealand’s security-alliance partners in Washington,
Prime Minister John Key said Tuesday his country doesn’t use foreign intelligence agencies to circumvent local laws and illegally spy on its citizens.
But Key declined to say exactly what help New Zealand does get from agencies like the US National Security Agency. He said any help the South Pacific nation has received from foreign intelligence agencies would have been lawful and in the country’s national interest.
Key was responding in Parliament to questions raised by opposition lawmakers. They’ve raised fears the NSA may have spied on New Zealanders under an intelligence-sharing alliance known as Five Eyes that includes the US, Canada, the UK and Australia.
Revelations in recent days about US spy programs that track phone and Internet messages around the world have created an international uproar.
Canada:
In Canada, Privacy Commissioner Jennifer Stoddart said Monday she would look into the implications for her country, saying the scope of information reportedly collected raises “significant concerns.”
In 2011, I was on a panel, organized by the security company RSA, with two retired National Security Agency directors, Michael Hayden and Kenneth Minihan. During the course of our debate, I raised concerns, as the only non-American on the panel, that their plans and preferences for having the NSA secure cyberspace for the rest of us were not exactly reassuring. To this, Minihan replied that I should not describe myself as "Canadian" but rather "North American."
As jarring as his response was, the fact of the matter is when it comes to communications, he's right. Practically speaking, there is no border separating Canadian from U.S. telecommunications -- though that's not true the other way around. Primarily, this one-way dependence is a product of history and economics. Canadians' communications are inextricably connected to networks south of the border and subject to the laws and practices of the U.S. over which we, as foreigners, have no say or control.
Norway:
Norwegian lawmakers debated a ban on the use by public officials of Google's and Microsoft's cloud computing services. Although shelved temporarily, this type of debate will almost certainly be resurrected and spread throughout Europe and other regions as the full scope of U.S.-based "foreign directed" wiretapping and metadata collection sinks in.
Finland:
Mikko Hypponen, chief research officer at Finnish software security firm F-Secure, said outrage was the appropriate response to the US revelations.
“What we have in our hands now is the first concrete proof of US-based high-tech companies participating with the NSA in wholesale surveillance on us, the rest of the world, the non-American, you and me,” he said.
But he added there was little that individuals could do, with precious few alternatives to the popular services offered by US firms Facebook, Google or Apple.
“The long term solution is that Europe should have a dot.com industry just like the United States, which would give us economic benefits but more importantly would make us independent of the wholesale surveillance of the US intelligence agencies.”
Hong Kong:
Pro-democracy lawmakers Gary Fan and Claudia Mo urged the Obama administration not to penalise Snowden for what they said was serving the public good.
In a joint letter to the US president, they said Snowden may have “done liberal democracy a service by stimulating serious discussion in many countries of the extent to which surveillance is acceptable”.
“Obama should consider letting him go,” Mo said in a press conference, while urging Beijing not to interfere if an extradition case goes to the Hong Kong courts.
“This is shocking because while the US has accused China of hacking, they have also been doing the same thing, particularly when Hong Kong ordinary citizens are involved,” Fan told reporters.
Snowden does have the option of applying for asylum or refugee status in Hong Kong, which maintains a Western-style legal system. If Snowden chose to fight it, his extradition to the US could take years to make its way through Hong Kong’s courts.
::
Details about PRISM were leaked by former US security consultant Snowden and revealed by The Guardian and the Washington Post last week.
China’s Internet security chief, who told state media that Beijing has amassed huge amounts of data on US-based hacking.
Air Force Col. Dai Xu, known for the hawkish opinions he voices on his Sina Weibo microblog, wrote: “I have always said, the United States’ accusations about Chinese hacking attacks have always been a case of a thief crying for another thief to be caught.”
The ACLU:
The American Civil Liberties Union branded the program, authorized by a top secret court order, as “beyond Orwellian.”
The invasive domestic spying revelations have divided Congress and led civil liberties advocates and some constitutional scholars to accuse Obama of crossing a line in the name of rooting out terror threats.
Obama, himself a constitutional lawyer, strove to calm Americans’ fears but also to remind them that Congress and the courts had signed off on the surveillance.
The ACLU and Yale Law School's Media Freedom and Information Clinic filed a motion on Monday asking for secret Foreign Intelligence Surveillance Court opinions on the Patriot Act to be made public in the light of the Guardian's revelations.
The motion asks for any documents relating to the court's interpretation of the scope, meaning and constitutionality of Section 215 of the Patriot Act – which authorises government to obtain "any tangible thing" relevant to foreign intelligence or terrorism investigations – to be published "as quickly as possible" and with only minimal redaction.
"In a democracy, there should be no room for secret law," said Jameel Jaffer, ACLU deputy legal director.
"The public has a right to know what limits apply to the government's surveillance authority, and what safeguards are in place to protect individual privacy."
Finally, the ACLU is going to court.
On Monday it filed a motion with the "Foreign Intelligence Surveillance Court (FISC) seeking the release of secret court opinions on the Patriot Act's Section 215, which has been interpreted to authorize this warrantless and suspicionless collection of phone records.
And on Tuesday it filed a lawsuit charging that the program [the NSA's mass surveillance of phone calls] violates Americans' constitutional rights of free speech, association, and privacy.
Executive Summary:
As we can see, the American Bubble has no awareness or perspective of how Edward Snowden's whistleblowing has affected the entire world and the future of its digital communications infrastructure. Americans think it is all about them -- but the fact is, the global community doesn't care how the US treats its own citizens. This is completely immaterial to the sovereign security crisis the world is actually facing as a result of Snowden's revelations.
::
In the US, where the concerns of other sovereign nations are not a factor, pressure is growing at the White House to explain whether there is effective congressional oversight of the domestic spying programs revealed by Snowden. This is a conversation that the government cannot have with the American people. Every time they make a statement, the global blowback gets worse.
The administration hopes that the American public will be easily distracted by the drama of charging Snowden with espionage and the years long extradition kabuki. This way, they can stonewall the people's inquiries with "ongoing case" and "national security" tropes -- until the new season of American Idol begins again in September.
Personally, I don't believe that any elected figure at the Federal Government has the will or the authority to stop the NSA, even if that was a desired goal. It was a different America when over-reach like like J. Edgar Hoover's could be somewhat contained. Everything changed after September 11th, which was certainly a fortuitous event for the Neocons and the signers of PNAC.
No, it's too late to stop the NSA's Orwellian mission. Are your phone calls recorded? The NSA absolutely has the capability to do so.
Would they lie about that?
We now live in the America the Neocons fantasized about. We will be in the business of war for the rest of your lives. The entire continent of Africa, rich with resources, is prize this time. Our advance "special" forces from the Africom command center are already busy planting the Libyan/Syrian Rebel Scenario Seeds in every single resource-rich country. That's the next place that current American teens will be sent to die for the corporations.
::
In March,2012, NSA spokeswoman Vanee Vines emailed an Associated Press reporter about a story that described the NSA as a monitor of worldwide Internet data and phone calls.
“NSA collects, monitors, and analyzes a variety of FOREIGN signals and communications for indications of threats to the United States and for information of value to the US government,” she wrote. “FOREIGN is the operative word. NSA is not an indiscriminate vacuum, collecting anything and everything.”
Then, just last week, President Obama make it clear that the NSA statement was a lie:
“Nobody is listening to your telephone calls,” Obama assured the nation after two days of reports that many found unsettling. What the government is doing, he said, is digesting phone numbers and the durations of calls, seeking links that might “identify potential leads with respect to folks who might engage in terrorism.”
If there’s a hit, he said, “if the intelligence community then actually wants to listen to a phone call, they’ve got to go back to a federal judge, just like they would in a criminal investigation.”
“I think the American people understand that there are some trade-offs involved,” Obama said when questioned by reporters at a health care event in San Jose, California.
“It’s important to recognize that you can’t have 100 percent security and also then have 100 percent privacy and zero inconvenience,” he said. “We’re going to have to make some choices as a society. And what I can say is that in evaluating these programs, they make a difference in our capacity to anticipate and prevent possible terrorist activity.”
The above passage may put your mind at ease.
Or, it may do exactly the opposite.
If you are inside the US, it really doesn't matter. The immediate future is set. The ball is in the global court. American businesses will be the first to feel the blowback..
The NSA revelations pose an immediate economic problem for US cloud providers on the international market -- the big name telecoms. Richard Stiennon, chief research analyst at IT-Harvest, wrote in Forbes that this kind of, "vast foreign and domestic spying & threatens the global competitiveness of U.S. tech companies."
Internet traffic to the United States from Asia, Africa and even Latin America has been in decline, a trend that is almost certainly going to accelerate as those regions ramp up their own network exchange points and local services to minimize dependence on networks and media services under US control.
The global imperative is to contain and isolate the criminal NSA data-mining exploits solely to the United States. That is, to quarantine this Orwellian infection to North America.
That's what the world is talking about today.
It wasn't a big story in the US, but the rest of the world took a keen and somewhat alarmed interest in it. It's the beginning point -- the first clue -- that something was very much amiss in America:
WASHINGTON, Sept 4, (AFP): A hacker group has claimed to have obtained personal data from 12 million Apple iPhone and iPad users by breaching an FBI computer, raising concerns about government tracking.
The group called AntiSec, linked to the hacking collective known as Anonymous, posted one million Apple user identifiers on Monday purported to be part of a larger group of 12 million obtained from an FBI laptop.
Contacted by AFP, FBI spokeswoman Jenny Shearer said: “We’re not commenting.”
Apple did not immediately respond to a request for comment.
::
Peter Kruse, an e-crime specialist with CSIS Security Group in Denmark, said on Twitter that the leak “is real” and that he confirmed three of his own devices in the leaked data.
“Also notice that they claim to have fullname, addresses, phone numbers etc... Big ouch!” he tweeted.
---------------------
Eric Hemmendinger, a security expert with Tata Communications headquartered in India, said the report raises concerns about the protectors of cybersecurity.
“The question is not whether it’s accurate, it is why did the feds have the information and why did they not take due care to secure it,” he told AFP.
---------------------
Aldo Cortesi, a security consultant living in New Zealand, called the incident “a privacy catastrophe.”
“The vulnerabilities ranged from de-anonymization, to takeover of the user’s gaming social network account, to the ability to completely take over the user’s Facebook and Twitter accounts,” he said on a blog posting.
---------------------
Graham Cluley of the British security firm Sophos, remarked, “Quite why the FBI was collecting the UDIDs and personal information of millions of iPhone and iPad users is not yet clear — but it’s obvious that the data (and the computer it was apparently stored on) was not adequately secured.”
---------------------
Johannes Ullrich of the SANS Internet Storm Center said it was difficult to verify the report.
“There is nothing else in the file that would implicate the FBI. So this data may very well come from another source. But it is not clear who would have a file like this,” he told AFP.
"It's unclear why the FBI, if the report were true, would have the data," he added. “The size of the file would imply a widespread, not a targeted, tracking operation...."
::
In the posting of this data, AntiSec said the original file “contained around 12,000,000 devices” and that “we decided a million would be enough to release.”
AntiSec said it posted the information to draw attention to Apple’s practices which allow users to be tracked [in real time].
“We never liked the concept of UDIDs since the beginning indeed. Really bad decision from Apple,” it said. "The FBI is using your device info for a tracking-people project or some ****.”
It seems AntiSec had stumbled upon a tiny piece of the vast NSA "global" spying dragnet that was collecting private data profiles on ordinary citizens-- not only in the US, but throughout the world.
Ten months later, halfway around the world, Edward Snowden was monitoring the systems that were collecting this illegally accessed very private citizen data. And the data was not just from ordinary Americans and Chinese, but from all our friends and allies -- Germany, Australia, Canada, Scandinavia, Latin and South America, and many others.
It took three months for Snowden to decide to put a stop to this illegal activity.
If Snowden were a criminal, he could have exploited the data. Or sold it to identity thieves. Or, even sold it to a foreign enemy.
But in order to do the right thing -- and expose the crime -- Snowden would have to give up his own life and throw himself on the mercy of the ordinary citizens of the world.
Yes, the collection of this kind of personal data is illegal in almost every nation in the world.
The right to privacy from electronic surveillance is granted in most national constitutions. This expectation of privacy has been declared a human right by the UN. It is a crime to collect it secretly.
It may be hard for Americans to wrap their minds around this concept because, in their case, human rights are not directly conferred upon them, constitutionally -- and can be suspended by the Executive Branch or the high court at any time, if it is deemed (often secretly) to be in the best interest of the "defense" of the nation.
Read that last sentence again.
You are living in that reality. The citizens of other nations are not. Their constitutions declare and affirm human rights that are specific to the 21st century issues.
Americans have have little expectation of general human rights, many of which were circumvented by the Patriot Act. But, right npw, the rest rest of the world is dismayed and outraged that the US has illegally breached their sovereign laws to spy on their citizens and businesses.
The world regards what the NSA is doing as an international crime and a direct violation of their human rights.
Here's the Problem with the US that the World is going to Fix:
The world is looking at an international crisis -- as a result of Edward Snowden's description of an illegal data theft "Process" -- perpetrated against their own citizens. The US is engaged in ongoing criminal activity against their sovereignty. And they are scrambling to put a stop to it.
The United States can no longer be trusted, never, ever again.
This is a watershed moment that changes everything. You are witnessing an epic geopolitical shift that will profoundly effect the United States standing throughout the world. It will certainly affect your future.
Before this is over, the entire architecture of the Internet will be rebuilt. Here's why:
A huge proportion of all global Internet traffic flows through networks controlled by the United States. This is because eight of fifteen global tier 1 telecommunications companies are American owned -- companies like AT&T, CenturyLink, and Verizon. Furthermore, the social media services are also mostly provided by giants headquartered in the United States, including Google, Facebook, Yahoo!, and Twitter.
All of these companies are subject to U.S. law, including the provisions of the U.S. Patriot Act, no matter where their services are offered or their servers located.
Having the world's Internet traffic routed through the U.S. and having those telecommunications companies under its jurisdiction compromises the constitutionally guaranteed privacy rights of citizens of all other sovereign nations.
This will end.
The rest of the world will not stand for it.
It's a simple fact and an economic black swan for the US.
Here's what Edward Snowden told the world:
“We hack network backbones — like huge Internet routers, basically — that gives us access to the communications of hundreds of thousands of computers without having to hack every single one.”
Actually, it's hundreds of millions of computers, and billions of phone calls, that are routed through the NSA's data collection traps -- from every corner of the world -- every minute of the day. Even though most of them are not communicating to anyone in the US, the Internet's current architecture allows the NSA to capture them all. Potentially, that means every single soul on earth who uses electronic communication is being tracked.
Other nations understood this immediately. They are well aware that their citizens have been caught in the illegal NSA dragnet. This is a completely unacceptable act by the US -- just as it would be if the world's Internet backbone was located in Russia and Moscow was mining the rich personal data of every American citizen.
The United States has inadvertently declared itself to be a rogue, predatory Police State. When the story broke, officials in European capitals demanded immediate answers from their US counterparts and denounced the practice of secretly gathering digital information on Europeans as unacceptable, illegal and a serious violation of basic human rights.
There were heated and outraged discussions at the G-8 summit in Ireland. Eric Holder was flown to Brussels for questioning by the European Union. When Holder left, they were even more outraged. The Germans openly liken the United States actions to the actions of the Cold War-era Stasi.
Here's what the Nations of the World are saying to each other:
The United Nations:
Surveillance programmes that trample on people’s right to privacy in the name of security actually risk damaging the fight against terrorism, UN rights chief Navi Pillay warned Thursday.
“Concerns have been expressed over surveillance regimes adopted by some states without adequate safeguards to protect individuals’ right to privacy,” Pillay told a UN counter-terrorism conference in Geneva.
“If our goal in countering terrorism is to provide for the security of individuals and preserve the rule of law, such practices are... counterproductive,” she said.
::
UN Under Secretary General Jeffrey Feltman said: “If we allow compromise on human rights, we are not countering terrorism but letting it get its way.
“When the principles enshrined in the human rights instruments are disrespected, extremism tends to thrive,” said Feltman, who heads the world body’s Counter-Terrorism Implementation Task Force Office (CTITF).
Switzerland:
Swiss Foreign Minister Didier Burkhalter told the conference: “The quest for security must not lead to excessive infringements of the right to privacy.”
Switzerland this week asked Washington for explanations about Snowden’s revelations, especially on an alleged CIA blackmail operation to spy on its banks while he was stationed in Geneva as a diplomatic attache from 2007 to 2009.
“Would we have a better society if honest citizens were subjected to constant surveillance by governments, with all the abuses that this may bring?” Burkhalter said. “In Switzerland’s view, the answer is definitely no.”
In Switzerland, at least one lawmaker has demanded that Internet giant Google be forced to be more transparent about the user data it retains.
Germany:
At the G-8 this week, Merkel’s spokesman has said she will press Obama for answers on the US surveillance programme. Berlin wants assurances from Obama that the on-line exchanges of its own citizens are not being monitored from Washington.
Reports about the apparent sophistication and long reach of US surveillance have also caused anxiety in continental Europe, particularly in Germany, where there are memories of the former East Germany’s Stasi intelligence service.
The country’s data commissioner has said he expects the government to put a stop to any American surveillance of German citizens, while worried lawmakers from across the political spectrum have said they want to know more.
“No one has a problem with the USA keeping terrorists under surveillance — that has prevented terrorist attacks in Germany before now too,” said Thomas Oppermann, a senior lawmaker from the opposition Social Democrats (SPD).
“(But) total surveillance of all citizens by the USA is completely inappropriate. The German government must protect the privacy of Germans from the USA too.”
“This affair looks like it will be one of the biggest scandals in data sharing ... Merkel cannot just look away and act like nothing has happened,” added Renate Kuenast, a senior Green lawmaker.
Peter Schaar, Germany's federal data protection commissioner told the Guardian that it was unacceptable that US authorities have access to the data of European citizens "and the level of protection is lower than what is guaranteed for US citizens."
Privacy-focused Germany was quick to condemn their co-operation with the US security services.
“The US government must provide clarity regarding these monstrous allegations of total monitoring of various telecommunications and Internet services,” said Peter Schaar, German data protection and freedom of information commissioner.
“Statements from the US government that the monitoring was not aimed at US citizens but only against persons outside the United States do not reassure me at all.”
Some of the companies named in the article have denied the government had “direct access” to their central servers. Nevertheless, the justice minister for the German state of Hesse, Joerg-Uwe Hahn, called for a boycott of the companies involved.
“I am amazed at the flippant way in which companies such as Google and Microsoft seem to treat their users’ data,” he told the Handelsblatt newspaper. “Anyone who doesn’t want that to happen should switch providers.”
Brussels and the European Union:
European companies using services from U.S. Internet companies must now be concerned about whether they are in breach of EU Data Protection laws. Those laws require companies to ensure only authorized personnel have access to any personal information of individuals.
The fact that U.S. government agencies may be accessing this data could result in many European organizations being unable to satisfy their data protection obligations.
The European Union has struggled to assert its citizens' rights to privacy in the United States for almost a decade.
Transatlantic agreements on sharing the financial and travel data of European citizens have taken years to complete, and the European Union is now trying to modernise an almost 20-year-old privacy law to strengthen Europeans' rights.
Fears about the security of data held on U.S. servers have already been a major factor in slow European adoption of "cloud" computing services, in which computing-intensive applications are done by central providers in large server farms.
“You hear more concerns in Europe than in the US, about the Patriot Act in particular. PRISM just enhances those concerns,” said Mark Watts, a partner in London law firm Bristows specialising in privacy and data compliance.
“The main players that are mentioned are much more on the consumer cloud end... but it may be that emotionally it adds to the concerns about US cloud providers,” said Watts, whose clients include several large US internet firms.
The EU said Friday that US Attorney General Eric Holder had agreed to share information about Washington’s huge Internet spy programme after Brussels expressed concerns about the privacy of European citizens.
Holder meanwhile said that US authorities had full oversight over the so-called PRISM programme, even through the US was easily undermined by contract worker, Edward Snowden.
The talks came just days after the EU demanded answers from Holder and warned of a “grave” threat to the rights of European citizens from the intelligence programme.
EU Justice Commissioner Viviane Reding and Home Affairs Commissioner Cecilia Malmstroem said the EU and US had agreed to set up a group of experts to exchange information and look at better safeguards. Reding said the US attorney general had addressed their fears of “big brother intrusion on privacy”.
“I welcome Attorney General Holder’s proposal to convene, in the short-term, a meeting of experts from the US and from the EU in order to clarify together the remaining matters — and I think there are remaining matters,” Reding said.
“There are still questions to be answered.
European Justice Commissioner and Vice President Viviane Reding said: "This case shows that a clear legal framework for the protection of personal data is not a luxury or constraint but a fundamental right."
Reding, who has been trying to push through an update to Europe's data protection laws for 18 months, noted that EU government leaders meeting in the European Council had been able to agree the Data Retention Directive relatively quickly.
Their action on the 2006 directive, which stipulates that phone and internet companies must store records to help in fighting serious crime, showed they could act fast when limiting civil liberties.
"It is time for the Council to prove it can act with the same speed and determination on a file which strengthens such rights," she said in an emailed statement.
Ireland:
In Dublin, Holder tried to play down Ireland's fears about the extent of the surveillance programme. The top-secret intelligence dragnet operated by the US National Security Agency (NSA) collects and analyses data from Internet and phone users around the world.
Holder said the US government could not force Internet companies to provide information on individuals unless there was an “appropriate and documented” foreign intelligence threat. Holder added that there was an “extensive oversight regime” on the spy programmes.
He took a stern tone on Snowden, saying that, "This case is still under investigation and I can assure you that we will hold accountable the person responsible for those extremely damaging leaks.”
But the 29-year-old Snowden is expected to resist any bid to extradite him from Hong Kong.
Italy:
Leader Antonello Soro, said that the data dragnet "would not be legal in Italy."
It would be contrary to the principles of our legislation and would represent a very serious violation.
Australia:
Fears about the security of data held on U.S. servers have already been a major factor in slow European adoption of "cloud" computing services, in which computing-intensive applications are done by central providers in large server farms.
Unease over a clandestine US data collection programme has rippled across the Pacific to two of Washington’s major allies, Australia and New Zealand, raising concerns about whether they have cooperated with secret electronic data mining.
Both countries are members of the so-called ‘five eyes’ collective of major Western powers collecting and sharing signals intelligence, set up in the post-war 1940s. Five Eyes also includes the UK, Canada, and the US.
In Australia, the conservative opposition said it was "very troubled" and had voiced concern to U.S. diplomats in Canberra about what it called large-scale, covert surveillance of private data belonging to foreigners.
"There is a massive global trend to cloud services," said opposition communications spokesman Malcolm Turnbull, noting that the vast majority of providers were U.S. firms.
The opposition, poised to win September elections, said it was concerned that data stored by Australians in the computer servers of US Internet giants like Facebook and Google could be accessed by the NSA, echoing fears voiced in Europe last week over the reach of US digital surveillance in the age of cloud computing.
Australia’s influential Greens party called on the government to clarify whether Canberra’s own intelligence agencies had access to the NSA-gathered data, which according to Britain’s Guardian newspaper included search history, emails, file transfers and live chats.
“We’ll examine carefully any implications in what has emerged for the security and privacy of Australians,” Australia’s Foreign Minister Bob Carr said in a television interview on Sunday, when asked whether Canberra had cooperated with Washington’s secret initiative.
New Zealand:
Responding to the government-surveillance controversy engulfing New Zealand’s security-alliance partners in Washington,
Prime Minister John Key said Tuesday his country doesn’t use foreign intelligence agencies to circumvent local laws and illegally spy on its citizens.
But Key declined to say exactly what help New Zealand does get from agencies like the US National Security Agency. He said any help the South Pacific nation has received from foreign intelligence agencies would have been lawful and in the country’s national interest.
Key was responding in Parliament to questions raised by opposition lawmakers. They’ve raised fears the NSA may have spied on New Zealanders under an intelligence-sharing alliance known as Five Eyes that includes the US, Canada, the UK and Australia.
Revelations in recent days about US spy programs that track phone and Internet messages around the world have created an international uproar.
Canada:
In Canada, Privacy Commissioner Jennifer Stoddart said Monday she would look into the implications for her country, saying the scope of information reportedly collected raises “significant concerns.”
In 2011, I was on a panel, organized by the security company RSA, with two retired National Security Agency directors, Michael Hayden and Kenneth Minihan. During the course of our debate, I raised concerns, as the only non-American on the panel, that their plans and preferences for having the NSA secure cyberspace for the rest of us were not exactly reassuring. To this, Minihan replied that I should not describe myself as "Canadian" but rather "North American."
As jarring as his response was, the fact of the matter is when it comes to communications, he's right. Practically speaking, there is no border separating Canadian from U.S. telecommunications -- though that's not true the other way around. Primarily, this one-way dependence is a product of history and economics. Canadians' communications are inextricably connected to networks south of the border and subject to the laws and practices of the U.S. over which we, as foreigners, have no say or control.
Norway:
Norwegian lawmakers debated a ban on the use by public officials of Google's and Microsoft's cloud computing services. Although shelved temporarily, this type of debate will almost certainly be resurrected and spread throughout Europe and other regions as the full scope of U.S.-based "foreign directed" wiretapping and metadata collection sinks in.
Finland:
Mikko Hypponen, chief research officer at Finnish software security firm F-Secure, said outrage was the appropriate response to the US revelations.
“What we have in our hands now is the first concrete proof of US-based high-tech companies participating with the NSA in wholesale surveillance on us, the rest of the world, the non-American, you and me,” he said.
But he added there was little that individuals could do, with precious few alternatives to the popular services offered by US firms Facebook, Google or Apple.
“The long term solution is that Europe should have a dot.com industry just like the United States, which would give us economic benefits but more importantly would make us independent of the wholesale surveillance of the US intelligence agencies.”
Hong Kong:
Pro-democracy lawmakers Gary Fan and Claudia Mo urged the Obama administration not to penalise Snowden for what they said was serving the public good.
In a joint letter to the US president, they said Snowden may have “done liberal democracy a service by stimulating serious discussion in many countries of the extent to which surveillance is acceptable”.
“Obama should consider letting him go,” Mo said in a press conference, while urging Beijing not to interfere if an extradition case goes to the Hong Kong courts.
“This is shocking because while the US has accused China of hacking, they have also been doing the same thing, particularly when Hong Kong ordinary citizens are involved,” Fan told reporters.
Snowden does have the option of applying for asylum or refugee status in Hong Kong, which maintains a Western-style legal system. If Snowden chose to fight it, his extradition to the US could take years to make its way through Hong Kong’s courts.
::
Details about PRISM were leaked by former US security consultant Snowden and revealed by The Guardian and the Washington Post last week.
China’s Internet security chief, who told state media that Beijing has amassed huge amounts of data on US-based hacking.
Air Force Col. Dai Xu, known for the hawkish opinions he voices on his Sina Weibo microblog, wrote: “I have always said, the United States’ accusations about Chinese hacking attacks have always been a case of a thief crying for another thief to be caught.”
The ACLU:
The American Civil Liberties Union branded the program, authorized by a top secret court order, as “beyond Orwellian.”
The invasive domestic spying revelations have divided Congress and led civil liberties advocates and some constitutional scholars to accuse Obama of crossing a line in the name of rooting out terror threats.
Obama, himself a constitutional lawyer, strove to calm Americans’ fears but also to remind them that Congress and the courts had signed off on the surveillance.
The ACLU and Yale Law School's Media Freedom and Information Clinic filed a motion on Monday asking for secret Foreign Intelligence Surveillance Court opinions on the Patriot Act to be made public in the light of the Guardian's revelations.
The motion asks for any documents relating to the court's interpretation of the scope, meaning and constitutionality of Section 215 of the Patriot Act – which authorises government to obtain "any tangible thing" relevant to foreign intelligence or terrorism investigations – to be published "as quickly as possible" and with only minimal redaction.
"In a democracy, there should be no room for secret law," said Jameel Jaffer, ACLU deputy legal director.
"The public has a right to know what limits apply to the government's surveillance authority, and what safeguards are in place to protect individual privacy."
Finally, the ACLU is going to court.
On Monday it filed a motion with the "Foreign Intelligence Surveillance Court (FISC) seeking the release of secret court opinions on the Patriot Act's Section 215, which has been interpreted to authorize this warrantless and suspicionless collection of phone records.
And on Tuesday it filed a lawsuit charging that the program [the NSA's mass surveillance of phone calls] violates Americans' constitutional rights of free speech, association, and privacy.
Executive Summary:
As we can see, the American Bubble has no awareness or perspective of how Edward Snowden's whistleblowing has affected the entire world and the future of its digital communications infrastructure. Americans think it is all about them -- but the fact is, the global community doesn't care how the US treats its own citizens. This is completely immaterial to the sovereign security crisis the world is actually facing as a result of Snowden's revelations.
::
In the US, where the concerns of other sovereign nations are not a factor, pressure is growing at the White House to explain whether there is effective congressional oversight of the domestic spying programs revealed by Snowden. This is a conversation that the government cannot have with the American people. Every time they make a statement, the global blowback gets worse.
The administration hopes that the American public will be easily distracted by the drama of charging Snowden with espionage and the years long extradition kabuki. This way, they can stonewall the people's inquiries with "ongoing case" and "national security" tropes -- until the new season of American Idol begins again in September.
Personally, I don't believe that any elected figure at the Federal Government has the will or the authority to stop the NSA, even if that was a desired goal. It was a different America when over-reach like like J. Edgar Hoover's could be somewhat contained. Everything changed after September 11th, which was certainly a fortuitous event for the Neocons and the signers of PNAC.
No, it's too late to stop the NSA's Orwellian mission. Are your phone calls recorded? The NSA absolutely has the capability to do so.
Would they lie about that?
We now live in the America the Neocons fantasized about. We will be in the business of war for the rest of your lives. The entire continent of Africa, rich with resources, is prize this time. Our advance "special" forces from the Africom command center are already busy planting the Libyan/Syrian Rebel Scenario Seeds in every single resource-rich country. That's the next place that current American teens will be sent to die for the corporations.
::
In March,2012, NSA spokeswoman Vanee Vines emailed an Associated Press reporter about a story that described the NSA as a monitor of worldwide Internet data and phone calls.
“NSA collects, monitors, and analyzes a variety of FOREIGN signals and communications for indications of threats to the United States and for information of value to the US government,” she wrote. “FOREIGN is the operative word. NSA is not an indiscriminate vacuum, collecting anything and everything.”
Then, just last week, President Obama make it clear that the NSA statement was a lie:
“Nobody is listening to your telephone calls,” Obama assured the nation after two days of reports that many found unsettling. What the government is doing, he said, is digesting phone numbers and the durations of calls, seeking links that might “identify potential leads with respect to folks who might engage in terrorism.”
If there’s a hit, he said, “if the intelligence community then actually wants to listen to a phone call, they’ve got to go back to a federal judge, just like they would in a criminal investigation.”
“I think the American people understand that there are some trade-offs involved,” Obama said when questioned by reporters at a health care event in San Jose, California.
“It’s important to recognize that you can’t have 100 percent security and also then have 100 percent privacy and zero inconvenience,” he said. “We’re going to have to make some choices as a society. And what I can say is that in evaluating these programs, they make a difference in our capacity to anticipate and prevent possible terrorist activity.”
The above passage may put your mind at ease.
Or, it may do exactly the opposite.
If you are inside the US, it really doesn't matter. The immediate future is set. The ball is in the global court. American businesses will be the first to feel the blowback..
The NSA revelations pose an immediate economic problem for US cloud providers on the international market -- the big name telecoms. Richard Stiennon, chief research analyst at IT-Harvest, wrote in Forbes that this kind of, "vast foreign and domestic spying & threatens the global competitiveness of U.S. tech companies."
Internet traffic to the United States from Asia, Africa and even Latin America has been in decline, a trend that is almost certainly going to accelerate as those regions ramp up their own network exchange points and local services to minimize dependence on networks and media services under US control.
The global imperative is to contain and isolate the criminal NSA data-mining exploits solely to the United States. That is, to quarantine this Orwellian infection to North America.
That's what the world is talking about today.
Conspiracy theorists unite.
