Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email

Posts Tagged ‘#snowden’

defense-large

The Military Is Building an Employee Database to Predict Traitors

June 6, 2016

The “DoD Component Insider Threat Records System” is part of the U.S. government’s response to the 2010 leaks of classified diplomatic cables by former Pfc. Chelsea Manning.
The Defense Department is building a massive information-sharing system detailing national security personnel and individuals cleared for accessing U.S. secrets, to flag who among them might be potential turncoats or other “insider threats.”
The “DoD Component Insider Threat Records System” is part of the U.S. government’s response to the 2010 leaks of classified diplomatic cables by former Pfc. Chelsea Manning. A 2011 so-called WikiLeaks executive order called for an “insider threat detection” program.
A review of the 2013 Washington Navy Yard shootings found that the department still lacked “a centralized hub” to obtain a holistic view into potential threats, Defense spokeswoman Linda Rojas told Nextgov in an email.
Now, the Pentagon is establishing a team of “cross-functional experts” trained in cybersecurity, privacy, law enforcement, intelligence and psychology—aided by the new workflow technology—to help fill that gap, she said.
But some civil liberties advocates say this Defensewide insider threat analytics system could create a culture of mutual suspicion that silences whistleblowers.
The Pentagon expects to enter into the tool information that is gleaned, in part, from a new ”continuous evaluation” approach to screening clearance-holders that uses automated data checks, according to a May 19 Privacy Act notice.
The insider-threat system also will share data pulled from public social media posts and “user activity monitoring” of employees’ private digital habits at work, the notice states. The surveillance of military networks may include keystrokes, screen captures, and content transmitted via email, chat, and data import or export.
Earlier this month, Director of National Intelligence James Clapper signed a policy that would authorize investigators to vet public social media posts when conducting background checks of national security personnel.
In the privacy notice, Aaron Siegel, alternate Defense Federal Register Liaison officer, describes user activity monitoring as the technical capability to “record the actions and activities of all users, at any time, on a computer network controlled by DoD.”
The insider threat technology also would disseminate equal employment opportunity complaints, security violations, and personal contact records, the notice states. Logs of printer, copier, and fax machine use would be shared through the tool. Public information from professional certifications—like pilot’s licenses, firearms and explosive permits—would be fair game too, the notice states.
Traitor or Truthsayer?
Referring to the equal employment opportunity complaints and security violation data, some civil liberties advocates said the new technology could propagate misleading information about behaviors that are common in any workplace.
“Almost all of us at different periods of time, have been upset with the people we work with, and that is part of the human nature, so to identify that behavior as potentially troubling and indicative of being a—quote—insider threat is both inappropriate and likely to lead to errors,” said Michael German, a 16-year FBI veteran who now is a fellow with the Brennan Center for Justice’s Liberty and National Security Program.
“When you read the insider threat material, what they view as a threat is somebody reporting information about government activity to the press, which is, in a democratic society, not only important but necessary,” he said.
According to the privacy notice, the system will be governed under the following definition of “insider threat:”
The threat that an insider will use his or her access, wittingly or unwittingly, to do harm to the security of the United States. This threat includes damage to the United States through espionage, terrorism, unauthorized disclosure of national security information, or the loss or degradation of government, company, contract or program information, resources, or capabilities.
German said personnel who ruffle the feathers of managers while trying to root out government abuses could be tracked by the system.
“They are definitely attempting to get whistleblowers and people who are reporting the truth in the face of government efforts to suppress that truth,” he said. “The real threat are the people that they are not seeing,” German added, pointing to cases like that of Robert Hanssen, who spied for the Russian government while serving at the FBI—unnoticed—between 1979 and 2001.
And if national security personnel know their criticisms will be widely circulated, they might shy away from reporting problems, German said.
“If you have an agency whose mission is national security and that entity is being hampered by waste, fraud, misconduct or illegality, you would think reporting that would be something that is positive and promoted, but this program would tend to suppress that type of internal activity and instead cause more problems which then undermine our national security goals,” he said.
System Specs
Defense officials said only military-affiliated personnel who fall under certain criteria will be entered into the insider-threat system.
“Adequate controls, training, and oversight are in place to ensure that personally identifiable information is protected and that only information which meets a pre-determined threshold is entered into the system,” Rojas said.
The tool will share records on people eligible to hold sensitive Defense positions and people granted security clearances who have “exhibited actual, probable, or possible indications of insider threat behaviors or activities,” Siegel said in the privacy notice.
Only personnel trained in insider threat, privacy and civil liberties, and intelligence oversight, who are approved by the department, will be allowed to use the system, Rojas said. The system will not be activated until after a public comment period that ends June 20.
Insider threat programs require “a holistic approach to information management,” since the “data containing anomalous behaviors that may be indicative of an insider threat can come from many sources, such as personnel security, physical security, information assurance, and law enforcement,” Rojas said. But, right now, this information is not easy to access, plus the size and complexity of the Pentagon makes it hard to share information among military components, she said.
The insider threat tool’s ”workflow management and analytics” features will facilitate the exchange of information, Rojas said. When one department unit identifies and validates behavior that may signal a threat, it can be shared with other department units for further analysis, once the tool is in place, she said.
The system also will provide access to traditional background check records like biometric data files, and self-reported “SF-86” forms detailing the medical and personal lives of individuals applying for security clearances.
On the Record
A diverse group, including the press and civilian agency employers, will be able to use certain material in the system, according to the privacy notice.
Information in the tool also could be used outside the Pentagon for HR, licensing and counterterrorism purposes.For example, other federal and state agencies can obtain information that is relevant to a “decision concerning the hiring or retention” of a worker, the notice states. The “news media or the general public” can view factual information that is in the public interest and does not constitute an unwarranted invasion of personal privacy, Siegel said. And congressional offices can request records on specific individuals.
In addition to active troops, individuals profiled by the system could include National Guard members, civilian employees cleared to handle classified material, and defense contractors, the notice states.
U.S. Coast Guard members, “mobilized” retired military personnel, and Limited Access Authorization grantees could be documented in the system too, according to the notice.

By Aliya Sternstein

www.defenseone.com

Tags: , , , , , , ,

3500

CIA Ex-Boss: Secretive Spooks Tolerated In UK More Than In US

May 31, 2016

British people are not demanding more transparency from the intelligence services as loudly as Americans, the former director of the US National Security Agency (NSA) and CIA has said.
Michael Hayden played a pivotal, leading role in American intelligence until he was replaced as director of the CIA shortly into the presidency of Barack Obama.
In a wide-ranging talk on the fourth day of the Hay festival, Hayden addressed CIA torture, targeted killings, what he thinks about Edward Snowden and how Facebook is perhaps a greater threat to privacy than government.
Hayden said the security services were changing faster in the US than the UK. “You as a population are far more tolerant of aggressive action on the part of your intelligence services than we are in the United States,” he said.
The US intelligence services would not have validation from the American people unless there was a certain amount of knowledge, an increased transparency, he said.
Hayden talked about the tensions between the need to know and the need to protect.
In his newlypublished book Hayden calls Snowden naive and narcissistic and says he wanted to put him on a “kill list”.
On the next page he said Snowden “highlighted the need for a broad cultural shift” in terms of transparency and what constitutes consent. On Sunday he said there was no contradiction between the two assertions.
“The 2% of what Snowden revealed that had to do with privacy accelerated a necessary conversation. The other 98% was about how the US and foreign governments collected legitimate material … that was incredibly damaging.”
The privacy revelations quickened a conversation which had “hit the beach” in the US but it “has not hit the beach here in Great Britain”.
Hayden was asked about how much information we give to social media companies and whether the public is naive in trusting Mark Zuckerberg and Facebook more than the NSA.
“I have my views on that,” he joked. “Your habits are all geared to protecting privacy against the government because that was always the traditional threat. That is no longer the pattern, it is the private sector … we are going through a cultural adjustment.
“With regard to the 21st-century definition of reasonable privacy, Mark Zuckerberg is probably going to have a greater influence on that than your or my government because of the rules we will embed inside his Facebook applications.”
On “enhanced interrogation techniques” or torture – which could include waterboarding – Hayden said he personally authorised it only once and it did not, he admitted, work.
But he added the “suite” of usable techniques had been reduced from 13 to six and the interrogator believed he would have got information if that had not been the case. “Was it doomed to failure or was it a failure because we did not do enough?”
Targeted killings were justified, Hayden said, because the US believed it was at war. The UK, he said, referring to the killing of “Jihadi John”, has now “joined the queue”.
Hayden said he believed Islam was going through the crisis that Christianity went through in the 17th century as it was in an internal crisis. “We are not the target, we are collateral damage. What has happened in Paris, in Brussels … is spillage.”
Hayden also touched on Donald Trump, whose pronouncements, he said, had damaged US security.
“The jihadist narrative is that there is undying enmity between Islam and the modern world so when Trump says they all hate us, he’s using their narrative … he’s feeding their recruitment video.”
By Mark Brown
www.theguardian.com

Tags: , , , , , , ,

csm_000_Par7505646_01_81f6fba6c8

Under Surveillance: Journalists Urged To Guard Their Data

May 30, 2016

The two most important principles for great journalism go hand in hand: first, to hold power to account, and second, to protect sources.
However, both principles are becoming increasingly challenging in light of the UK government’s attack on Freedom of Information and the expansive surveillance powers laid out in the Draft Investigatory Powers Bill.
If the UK Home Office has its way, bulk collection of metadata and content, collation of ‘bulk personal datasets’ (including innocent people’s political opinions, medical conditions, ethnicity, sexuality) and even bulk hacking, will be exercised under the new legislation. This is despite the extreme breaches of human rights law and basic democratic principles.
Journalistic principles are more important than ever if the draft bill becomes law in the United Kingdom. Equally important is for journalists to offer real source protection and adopt good information security practices.
It is thanks to great journalism, and excellent information security, that we can even have an informed debate about the surveillance state today. I’m referring, of course, to the courageous work of Glenn Greenwald and other journalists. It was their reporting on thousands of classified documents from NSA whistleblower Edward Snowden – jigsaw pieces put together over the past two and a half years – that formed an unrecognisable and frankly dystopian picture of the Western democracies we thought we knew.
Whistleblowing and journalism has forced UK intelligence agencies and government to present comprehensive legislation to parliament in form of the draft bill to clearly define the powers that have been, and currently are, exercised with dubious legality. Few expected the worst of Snowden’s revelations to be proliferated and even extended, but they have been.
The UK government made a great deal of ‘journalist protections’ in the draft bill. I spent considerable time looking for them in the 300-page document. There aren’t any. There is a draft code of practice accompanying the bill, which recommends that police and spies have ‘consideration’ when gathering data on, or intercepting, journalist-source communications. But the bill gives police and intelligence agencies the power to spy on, intercept and even hack journalists’ communications. Since when is ‘consideration’ an effective safeguard to protect a critical pillar of a free society – a free press?
Journalists rarely know when they are being spied on. Authorities need not declare their target’s job; there is no obligation to inform those wrongfully spied on; and intercept evidence is banned from the courts. Despite the near impossibility of finding out you’ve been the target of surveillance, there are increasing examples of unjustified surveillance of journalists and their sources.
Journalists who want to be able to offer source protection; who want to do serious investigative work; who want to hold power to account, must adopt information security practices. Information security is source protection in the digital age, and journalists who show an awareness, willingness and ability to adopt digital security behaviours will attract valuable sources and stories.
My top tips for journalists on protecting their data:
• Don’t offer source protection unless you are confident you can provide it. It is important to give potential sources an honest and informed evaluation of the protection you can provide them and the safety of your communications. Their livelihoods, and in some countries their lives, could be at stake.
• Information you need to understand the risks and defend against them is widely available, including this free handbook from the Centre for Investigative Journalism.
• Use encryption to securely exchange emails and to safely share important source files. Encryption wraps communications in impenetrable code, so that the content is only accessible to the intended recipient/s. It is one of the very best ways we have of securing modern communications and technologies.
• Using the Centre for Investigative Journalism handbook you can learn some simple but highly effective ways to encrypt your emails, use encrypted instant messaging and store or exchange encrypted files.
By Silkie Carlo
www.newssafety.org

Tags: , , , , , ,

featured image 7

Here’s why the FBI forcing Apple to break into an iPhone is a big deal

February 17, 2016

When U.S. Magistrate Sheri Pym ruled that Apple must help the FBI break into an iPhone belonging to one of the killers in the San Bernardino, Calif., shootings, the tech world shuddered.

Why? The battle of encryption “backdoors” has been longstanding in Silicon Valley, where a company’s success could be made or broken based on its ability to protect customer data.

The issue came into the spotlight after Edward Snowden disclosed the extent to which technology and phone companies were letting the U.S. federal government spy on data being transmitted through their network.

Since Edward Snowden’s whistleblowing revelations, Facebook, Apple and Twitter have unilaterally said they are not going to create such backdoors anymore.

So here’s the “backdoor” the FBI wants: Right now, iPhone users have the option to set a security feature that only allows a certain number of tries to guess the correct passcode to unlock the phone before all the data on the iPhone is deleted. It’s a security measure Apple put in place to keep important data out of the wrong hands.

Federal prosecutors looking for more information behind the San Bernardino shootings don’t know the phone’s passcode. If they guess incorrectly too many times, the data they hope to find will be deleted.

That’s why the FBI wants Apple to disable the security feature. Once the security is crippled, agents would be able to guess as many combinations as possible.

Kurt Opsahl, general counsel for the Electronic Frontier Foundation, a San Francisco-based digital rights non-profit, explained that this “backdoor” means Apple will have to to write brand new code that will compromise key features of the phone’s security. Apple has five business days to respond to the request.

What does Apple have to say about this? Apple CEO Tim Cook said late Tuesday that the company would oppose the ruling. In a message to customers published on Apple’s website, he said: “We can find no precedent for an American company being forced to expose its customers to a greater risk of attack. For years, cryptologists and national security experts have been warning against weakening encryption. Doing so would hurt only the well-meaning and law-abiding citizens who rely on companies like Apple to protect their data.”

Back in December, Cook defended the company’s use of encryption on its mobile devices, saying users should not have to trade privacy for national security, in a broad interview with 60 Minutes. In the interview, Cook stood by the company’s stance of refusing to offer encrypted texts and messages from users.

What does this mean for the next time the government wants access? The order doesn’t create a precedent in the sense that other courts will be compelled to follow it, but it will give the government more ammunition.

What do digital rights experts have to say? There are two things that make this order very dangerous, Opsahl said. The first is the question is raises about who can make this type of demand. If the U.S. government can force Apple to do this, why can’t the Chinese or Russian governments?

The second is that while the government is requesting a program to allow it to break into this one, specific iPhone, once the program is created it will essentially be a master key. It would be possible for the government to take this key, modify it and use it on other phones. That risks a lot, that the government will have this power and it will not be misused, he said.

And the lawmakers? Well, they are torn. Key House Democrat, Rep. Adam Schiff, D-Calif., says Congress shouldn’t force tech companies to have encryption backdoors. Congress is struggling with how to handle the complex issue.

On the other side of things, Senate Intelligence Committee Chairman Richard Burr, R-N.C., and Vice Chair Dianne Feinstein, D-Calif., say they want to require tech companies to provide a backdoor into encrypted communication when law enforcement officials obtain a court order to investigate a specific person.

What now? This could push the tech companies to give users access to unbreakable encryption. To some extent, it’s already happening. Companies like Apple and Google — responding to consumer demands for privacy — have developed smart phones and other devices with encryption that is so strong that even the companies can’t break it.

Tags: , , , , , , ,

icj72zx2yut869ozi5jbypt735x2gi

Secret US flight flew over Scottish airspace to capture Snowden

February 3, 2016

THE UK GOVERNMENT is facing demands to reveal the details of a secret flight through Scottish airspace which was at the centre of a plot to capture whistleblower Edward Snowden.

The plane, which passed above the Outer Hebrides, the Highlands and Aberdeenshire, was dispatched from the American east coast on June 24 2013, the day after Snowden left Hong Kong for Moscow. The craft was used in controversial US ‘rendition’ missions.

Reports by Scottish journalist Duncan Campbell claim the flight, travelling well above the standard aviation height at 45,000 feet and without a filed flight plan, was part of a mission to capture Snowden following his release of documents revealing mass surveillance by US and UK secret services.

That the flight passed over Scotland, airspace regulated by the UK, has raised questions over UK complicity in a covert mission to arrest Snowden and whether any police, aviation or political authorities in Scotland were made aware of the flight path.

Alex Salmond, the SNP foreign affairs spokesman and Scotland’s First Minister when the flight took place, has called for full transparency from the UK Government over the case.

He said: “As a matter of course and courtesy, any country, particularly an ally, should be open about the purposes of a flight and the use of foreign airspace or indeed airports.”

“What we need to know now is, was this information given to the UK Government at the time. If so, then why did they give permission? If not, then why not? As a minimum requirement, the UK authorities should not allow any activity in breach of international law in either its airspace or its airports.

“That is what an independent Scotland should insist on. Of course, since no rendition actually took place in this instance, it is a moot point as to whether intention can constitute a breach of human rights. However, we are entitled to ask what the UK Government knew and when did they know it.”

The flight took place after US federal prosecutors filed a criminal complaint against Snowden on June 14. Regular meetings with the FBI and CIA, convened by US Homeland Security adviser Lisa Monaco, then planned Snowden’s arrest for alleged breaches of the Espionage Act, according to The Washington Post.

New documents, revealed by Danish media group Denfri, confirm that the N977GA plane was held at a Copenhagen airport for “state purposes of a non-commercial nature”. Two days later Danish authorities received an “urgent notification” from the US Department of Justice to cooperate in arresting Snowden.

N977GA was previously identified by Dave Willis in Air Force Monthly as an aircraft used for CIA rendition flights of US prisoners. This included the extradition of cleric Abu Hamza from the UK. Snowden accused the Danish Government of conspiring in his arrest. In response to flight reports, he said: “Remember when the Prime Minister Rasmussen said Denmark shouldn’t respect asylum law in my case? Turns out he had a secret.”

Snowden was behind the largest leak of classified information in history, revealing spying activities that were later deemed illegal on both sides of the Atlantic. He was elected rector at the University of Glasgow in February 2014, yet is unable to fully carry out his duties.

Patrick Harvie, co-convener of the Scottish Green Party, echoed calls for an inquiry into the flight: “It will certainly raise suspicions that an aircraft previously identified as involved in rendition flew through UK airspace at that time. We have a right to know what UK and Scottish authorities knew about this flight given it is implicated in the US response to whistleblowing about global surveillance.”

ATTEMPTS to arrest Snowden have failed as Russian authorities refused to comply. However, pressure from US authorities made it dangerous for Snowden to travel from Russia to Latin America, where Ecuador, Nicaragua, Bolivia, and Venezuela have all offered him asylum.

The presidential plane of Bolivian leader Evo Morales was forced to ground in Vienna, after four EU nations refused airspace access on the mistaken belief that Snowden was hidden on board.

In 2013 Police Scotland launched an investigation into whether other US rendition flights – where prisoners were taken to blacklist torture sites – used Scottish airports or airspace.

In 2006 aviation expert Chris Yates said it was likely that a US rendition flight had passed through Scottish airspace to Syria, in a case where the prisoner, Maher Arar, said he was tortured.

In 2008 then foreign secretary David Miliband admitted that UK airports had been used for US rendition flights and apologised for previous government denials.

American politics lecturer John MacDonald, director of foreign policy group the Scottish Global Forum, said: “Given the constitutional arrangements, there are a number of areas in which the Scottish Government may well have interests or concerns but will be excluded because security arrangements with the US are deemed ‘out of bounds’ for Scotland.

“However, if you take serious the supposition that all responsible governments have a moral and legal obligation to raise questions about flights which may be involved in dubious security and intelligence activities, then the Scottish Government may well have an interest in – or even be obliged to –raise questions.

“Questions have already been raised about the nature of military and intelligence air traffic through Scotland and if this activity is raising concerns within Scottish civil society – and it seems to be – then it is surely incumbent upon the Scottish Government to raise the issue with London.”

National Air Traffic Control Systems (Nats), who control flight access to UK airspace, said rendition flights are an issue for the UK Government. In response to questions, the UK Government refused to provide details on attempts to arrest Snowden or on the passage of the N977GA flight.

The Scottish Government also avoided a direct statement on the case on legal grounds. A spokesman said: “There is already an ongoing Police Scotland investigation, directed by the Lord Advocate. This investigation will seek to gather all available evidence of rendition flights using Scottish airports. As this is a live investigation it would be inappropriate to comment further.”

During his two and a half years in Moscow, Snowden has caused diplomatic ruptures and a worldwide debate on privacy and state security. In October 2015 the European Parliament voted narrowly, in a non-binding motion, to drop charges against him in recognition of “his status as [a] whistle-blower and international human rights defender”.

Tags: , , , , , ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
telegram-3m
Your Privacy Is Our Business
April 30, 2019

Let us reassure you: You’re worried only because you don’t understand anything about anything. ...

Read more
pr
Coffee with Privacy Pros: Three Constants of Privacy
April 23, 2019

A look behind the career and privacy theology of the law-lovin’ CPO of Uber, Ruby Zefo Jared Cose...

Read more
privacy-coins-and-bitcoin-dominance-guide
We’ve Stopped Talking And Searching About Privacy
April 15, 2019

Kalev Leetaru Contributor AI & Big Data I write about the broad intersection of data and soci...

Read more
private
Rebiton Allows You to Buy Bitcoin and Keep Your Privacy
April 8, 2019

by Kai Sedgwick Purchasing bitcoin ought to be quick and easy, but over the years, encroaching KY...

Read more
20190323_fbd001
Big tech faces competition and privacy concerns in Brussels
March 25, 2019

And the sector may be the better for it Print edition | Briefing Mar 23rd 2019 | PARIS Around 19 ...

Read more