Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email

Posts Tagged ‘#WikiLeaks’


When Is It Okay To Mine Hacked Emails?

October 19, 2016

On June 17, 1972, Washington, D.C. police caught five men breaking into the Democratic National Headquarters at the Watergate hotel-apartment-office complex. “The five men had been dressed in business suits and all had worn Playtex surgical gloves,” Bob Woodward and Carl Bernstein described in their famous book. “Police had seized a walkie-talkie, 40 rolls of unexposed film, two 35-millimeter cameras, two lock picks, pen-size tear-gas guns, and bugging devices that apparently were capable of picking up both telephone and room conversations.”

In 2016, Donald Trump did not need to dispatch burglars to loot the Democratic National Committee and use the information to his advantage. He had Gmail, the Russians, WikiLeaks and the New York Times. In the two major document dumps so far, thousands of private emails that were stolen by hackers and provided to Julian Assange’s organization have been published on the internet for the perusal of all.

First came a serverload of mail from the Committee itself; then more recently, on October 8, came a wholesale delivery of the contents of Clinton campaign chairman John Podesta’s inbox. If the US intelligence agency’s conclusions are to be believed, Vladimir Putin and his government did the hacking, apparently in an attempt to tilt the American election. The perpetrators were counting on the US media to feast on this purloined corpus, sucking the meat from the bones of every email.
Feast they did. Since the leak dropped, the Times, the Washington Post and numerous other publications and blogs have been mining the emails for stories. This is perfectly legal. As long as journalists don’t do the stealing themselves, they are solidly allowed to publish what thieves expose, especially if, as in this case, the contents are available to all.

In 1972, journalists helped bring down a president by exposing the theft of political information. In 2016, it’s a presidential campaign urging us to gloss over the source of emails and just report what’s in them, preferably in the most unflattering light. Indeed, it’s not the theft that’s taken center stage, but rather the contents of the emails, as journalists focus on getting maximum mileage by shifting through the loot as if the DNC’s collected ephemera were the Pentagon Papers. And they are not.

Which leads me to wonder: is the exploitation of stolen personal emails a moral act? By diving into this corpus to expose anything unseemly or embarrassing, reporters may be, however unwillingly, participating in a scheme by a foreign power to mess with our election. Still, news is news, and it’s arguably a higher calling than concerns about privacy. (At least that’s what we journalists would argue!) By her refusal to share transcripts of her high-paid speeches to Wall Street firms, Hillary Clinton had already ignited efforts to find out what the heck she said to those fat cats. So it seems, well, seemly, that news organizations would leap at the unfortunate emails in which Podesta and colleagues did the work for journalists by pulling out the most uncomfortable portions of her appearances.

But then came a secondary wave. Taking advantage of WikiLeaks’s easy search function, journalists went deep into the emails. On October 10, the New York Times ran two more stories drawn from the release. One article mined a series of exchanges that suggested tension between the Clinton campaign and the mayor of New York. The other used the emails to document the not-terribly-earthshattering revelation that the Clinton campaign was having difficulty honing its message.

Both stories were inside-politics subjects that, without the juicy immediacy of information never intended to be public, might have been the kind of dry stories that run deep in the paper. But in this case, the stories wrote themselves because the reporters had emails stolen from Russian hackers. I’m guessing that they got better placement in the paper and more attention online because of the easy scoops.

As a “good” journalist, I know that I’m supposed to cheer on the availability of information. Probably every investigative journalist is envious of investigators with subpoena power, and often dreams of acquiring the authority to access private emails. Suddenly having that wish granted must seem like manna from heaven.

RELATED: How Hillary Clinton Adopted the Wonkiest Tech Policy Ever

Yet the second wave of stories got me wondering. Call me a moral relativist, but if I wrote that first story about the speeches, I would have no misgivings. But if I’d done the second set  —  and I’m not saying I wouldn’t have, had I been on that beat  —  I might be bothered by the unseemliness of picking at a stolen cache of emails. Sometimes journalists have to do uncomfortable things to get at the truth. But it’s difficult to argue that these discoveries were unearthed by reporters for the sake of public good. After all, didn’t we already know that the Clinton campaign had a message problem? In addition, because the Russians weren’t evenhanded enough to give us emails from the Trump campaign, the whole exercise is one-sided.

We’ve been here before. Remember the 2014 Sony hack? Computer rogues allegedly from North Korea (perhaps offended by a Seth Rogan movie) exposed over 170,000 emails of corporate correspondence.

A streak of stories followed the leak, easily tiered by the level of newsworthiness. Evidence that Sony was participating in a hitherto unexposed movie industry initiative against Google seemed like information the public had a right to know. But does that right extend to the disparaging language about President Obama and others that Sony’s then-co-CEO Amy Pascal used in private? Maybe, maybe not. Then there was information that revealed no transgressions, but was pretty juicy stuff. Gossip about what executives thought of various movie stars. Salaries and budgets. Everyday tasks of movie executives doing their jobs. The internal workings of a studio are fascinating, but no one would argue that the public had a right to this information. The press was offered an opportunity to know about it  —  and it grabbed it.

In a fierce op-ed piece, screenwriter Aaron Sorkin argued that journalists cheapened themselves by mining the data in the Sony hack:

I understand that news outlets routinely use stolen information. . . But there is nothing in these documents remotely rising to the level of public interest of the information found in the Pentagon Papers… As demented and criminal as it is, at least the hackers are doing it for a cause. The press is doing it for a nickel.
In the wake of the Podesta/DNC hacks, some press critics are revisiting Sorkin’s arguments. In a salient Tweet stream, sociologist Zeynep Tufekci complains that members of the press are “unable to take their eyes off the bright candy that fell from the piñata.” On the other hand, Glenn Greenwald vociferously defends journalists who dig into the emails, regardless of what details they unearth.

For someone who has been such a strong voice about government violations of email privacy, I would have assumed that Greenwald would express some outrage that a powerful government might have stolen personal emails to promote its agenda. Instead, he argues essentially that powerful people have less of a claim on privacy. Greenwald also reasons that, by exposing the inner workings of a campaign, the WikiLeaks dump sheds light on the way that major parties generally conduct campaigns, allowing us to examine the failings of “business as usual.” This resonates with me like a tuning fork—but hey, I’m a journalist. Still, it would be so much nicer if some disgruntled colleague of Podesta’s was providing information to reporters, rather than Vladimir Putin using them as stooges to undermine our democracy. Most disturbing, the message to those contemplating future electoral mischief by hacking an opponent is: Go ahead, it really works!

So what should journalists do when presented with hacked personal emails, especially since this situation may become the new normal? To be honest, I don’t know the answer to that question. That’s why I’m opening the floor to all of you Backchannel readers. What are journalists to do when WikiLeaks or anyone else dumps stolen private emails into open channels? Should there be guidelines to follow, or is it moral to amplify anything that’s already exposed on the internet, even if the exposers are lawbreakers with an agenda? Does anyone else feel uncomfortable that the dirty work of Russian hackers is being cheerfully mined for gossipy inside-politics accounts?

Tags: , , , ,


The Military Is Building an Employee Database to Predict Traitors

June 6, 2016

The “DoD Component Insider Threat Records System” is part of the U.S. government’s response to the 2010 leaks of classified diplomatic cables by former Pfc. Chelsea Manning.
The Defense Department is building a massive information-sharing system detailing national security personnel and individuals cleared for accessing U.S. secrets, to flag who among them might be potential turncoats or other “insider threats.”
The “DoD Component Insider Threat Records System” is part of the U.S. government’s response to the 2010 leaks of classified diplomatic cables by former Pfc. Chelsea Manning. A 2011 so-called WikiLeaks executive order called for an “insider threat detection” program.
A review of the 2013 Washington Navy Yard shootings found that the department still lacked “a centralized hub” to obtain a holistic view into potential threats, Defense spokeswoman Linda Rojas told Nextgov in an email.
Now, the Pentagon is establishing a team of “cross-functional experts” trained in cybersecurity, privacy, law enforcement, intelligence and psychology—aided by the new workflow technology—to help fill that gap, she said.
But some civil liberties advocates say this Defensewide insider threat analytics system could create a culture of mutual suspicion that silences whistleblowers.
The Pentagon expects to enter into the tool information that is gleaned, in part, from a new ”continuous evaluation” approach to screening clearance-holders that uses automated data checks, according to a May 19 Privacy Act notice.
The insider-threat system also will share data pulled from public social media posts and “user activity monitoring” of employees’ private digital habits at work, the notice states. The surveillance of military networks may include keystrokes, screen captures, and content transmitted via email, chat, and data import or export.
Earlier this month, Director of National Intelligence James Clapper signed a policy that would authorize investigators to vet public social media posts when conducting background checks of national security personnel.
In the privacy notice, Aaron Siegel, alternate Defense Federal Register Liaison officer, describes user activity monitoring as the technical capability to “record the actions and activities of all users, at any time, on a computer network controlled by DoD.”
The insider threat technology also would disseminate equal employment opportunity complaints, security violations, and personal contact records, the notice states. Logs of printer, copier, and fax machine use would be shared through the tool. Public information from professional certifications—like pilot’s licenses, firearms and explosive permits—would be fair game too, the notice states.
Traitor or Truthsayer?
Referring to the equal employment opportunity complaints and security violation data, some civil liberties advocates said the new technology could propagate misleading information about behaviors that are common in any workplace.
“Almost all of us at different periods of time, have been upset with the people we work with, and that is part of the human nature, so to identify that behavior as potentially troubling and indicative of being a—quote—insider threat is both inappropriate and likely to lead to errors,” said Michael German, a 16-year FBI veteran who now is a fellow with the Brennan Center for Justice’s Liberty and National Security Program.
“When you read the insider threat material, what they view as a threat is somebody reporting information about government activity to the press, which is, in a democratic society, not only important but necessary,” he said.
According to the privacy notice, the system will be governed under the following definition of “insider threat:”
The threat that an insider will use his or her access, wittingly or unwittingly, to do harm to the security of the United States. This threat includes damage to the United States through espionage, terrorism, unauthorized disclosure of national security information, or the loss or degradation of government, company, contract or program information, resources, or capabilities.
German said personnel who ruffle the feathers of managers while trying to root out government abuses could be tracked by the system.
“They are definitely attempting to get whistleblowers and people who are reporting the truth in the face of government efforts to suppress that truth,” he said. “The real threat are the people that they are not seeing,” German added, pointing to cases like that of Robert Hanssen, who spied for the Russian government while serving at the FBI—unnoticed—between 1979 and 2001.
And if national security personnel know their criticisms will be widely circulated, they might shy away from reporting problems, German said.
“If you have an agency whose mission is national security and that entity is being hampered by waste, fraud, misconduct or illegality, you would think reporting that would be something that is positive and promoted, but this program would tend to suppress that type of internal activity and instead cause more problems which then undermine our national security goals,” he said.
System Specs
Defense officials said only military-affiliated personnel who fall under certain criteria will be entered into the insider-threat system.
“Adequate controls, training, and oversight are in place to ensure that personally identifiable information is protected and that only information which meets a pre-determined threshold is entered into the system,” Rojas said.
The tool will share records on people eligible to hold sensitive Defense positions and people granted security clearances who have “exhibited actual, probable, or possible indications of insider threat behaviors or activities,” Siegel said in the privacy notice.
Only personnel trained in insider threat, privacy and civil liberties, and intelligence oversight, who are approved by the department, will be allowed to use the system, Rojas said. The system will not be activated until after a public comment period that ends June 20.
Insider threat programs require “a holistic approach to information management,” since the “data containing anomalous behaviors that may be indicative of an insider threat can come from many sources, such as personnel security, physical security, information assurance, and law enforcement,” Rojas said. But, right now, this information is not easy to access, plus the size and complexity of the Pentagon makes it hard to share information among military components, she said.
The insider threat tool’s ”workflow management and analytics” features will facilitate the exchange of information, Rojas said. When one department unit identifies and validates behavior that may signal a threat, it can be shared with other department units for further analysis, once the tool is in place, she said.
The system also will provide access to traditional background check records like biometric data files, and self-reported “SF-86” forms detailing the medical and personal lives of individuals applying for security clearances.
On the Record
A diverse group, including the press and civilian agency employers, will be able to use certain material in the system, according to the privacy notice.
Information in the tool also could be used outside the Pentagon for HR, licensing and counterterrorism purposes.For example, other federal and state agencies can obtain information that is relevant to a “decision concerning the hiring or retention” of a worker, the notice states. The “news media or the general public” can view factual information that is in the public interest and does not constitute an unwarranted invasion of personal privacy, Siegel said. And congressional offices can request records on specific individuals.
In addition to active troops, individuals profiled by the system could include National Guard members, civilian employees cleared to handle classified material, and defense contractors, the notice states.
U.S. Coast Guard members, “mobilized” retired military personnel, and Limited Access Authorization grantees could be documented in the system too, according to the notice.

By Aliya Sternstein


Tags: , , , , , , ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
Edward Snowden’s Autobiography Makes a Plea for the Fourth Amendment, the Right to Privacy, and Encryption
September 24, 2019

America's most famous whistleblower calls for restricting the power of government. Article by SCO...

Read more
Chinese deepfake app Zao sparks privacy row after going viral
September 3, 2019

Critics say face-swap app could spread misinformation on a massive scale A Chinese app that lets ...

Read more
Google tightens grip on some Android data over privacy fears, report says
August 19, 2019

The search giant ends a program that provided network coverage data to wireless carriers. BY CARR...

Read more
Wikipedia co-founder slams Mark Zuckerberg, Twitter and the ‘appalling’ internet
July 8, 2019

Elizabeth Schulze Wikpedia Co-Founder Larry Sanger said in an interview social media companies ...

Read more
Why America Needs a Thoughtful Federal Privacy Law
June 26, 2019

More than a dozen privacy bills have been introduced in this Congress. Here’s what it needs to do....

Read more