No Warrant, No Problem: How The Government Can Still Get Your Digital Data

04/12/2013

The U.S. government isn’t allowed to wiretap American citizens without a warrant from a judge. But there are plenty of legal ways for law enforcement, from the local sheriff to the FBI to the Internal Revenue Service, to snoop on the digital trails you create every day. Authorities can often obtain your emails and texts by going to Google or AT&T with a simple subpoena. Usually you won’t even be notified.

Two senators introduced legislation last month to update privacy protection for emails, but the bill remains in committee. Meantime, here’s how law enforcement can track you without a warrant now:

PHONE RECORDS: Who You Called, When You Called

Listening to your phone calls without a judge’s warrant is illegal if you’re a U.S. citizen. But police don’t need a warrant — which requires showing “probable cause” of a crime — to get just the numbers you called and when you called them, as well as incoming calls, from phone carriers. Instead, police can get courts to sign off on a subpoena, which only requires that the data they’re after is relevant to an investigation — a lesser standard of evidence.

Police can get phone records without a warrant thanks toSmith v. Maryland, a Supreme Court ruling in 1979, which found that the Constitution’s Fourth Amendment protection against unreasonable search and seizure doesn’t apply to a list of phone numbers. The New York Times reported last week that the New York’s police department “has quietly amassed a trove” of call records by routinely issuing subpoenas for them from phones that had been reported stolen. According to The Times, the records “could conceivably be used for any investigative purpose.”

LOCATION DATA: Your Phone Is a Tracker

Many cell phone carriers provide authorities with a phone’s location and may charge a fee for doing so. Cell towers track where your phone is at any moment; so can the GPS features in some smartphones. The major cell carriers, including Verizon and AT&T, responded to at least 1.3 million law enforcement requests for cell phone locations, text messages and other data in 2011. Internet service providers can also provide location data that tracks users via their computer’s IP address — a unique number assigned to each computer.

Many courts have ruled that police don’t need a warrant from a judge to get cell phone location data. They only have to show that, under the federal Electronic Communications Privacy Act (EPCA), the data contains “specific and articulable facts” related to an investigation — again, a lesser standard than probable cause.Delaware, Maryland and Oklahoma have proposed laws that would require police to obtain a warrant for location data; Gov. Jerry Brown of California, a Democrat, vetoed a similar bill last September. Last year, the Senate Judiciary Committee approved a bill championed by Sen. Patrick Leahy, a Vermont Democrat, which would have updated the ECPA but wouldn’t have changed how location data was treated. Leahy and Sen. Mike Lee, a Utah Republican, introduced a similar bill last month, which remains in committee. Rep. Zoe Lofgren, a California Democrat, introduced a separate bill in the House of Representatives last month that would require a warrant for location data as well as emails.

IP ADDRESSES: What Computers You Used

Google, Yahoo, Microsoft and other webmail providers accumulate massive amounts of data about our digital wanderings. A warrant is needed for access to some emails (see below), but not for the IP addresses of the computers used to log into your mail account or surf the Web. According to the American Civil Liberties Union, those records are kept for at least a year.

Police can thank U.S. v. Forrester, a case involving two men trying to set up a drug lab in California, for the ease of access. In the 2007 case, the government successfully argued that tracking IP addresses was no different than installing a device to track every telephone number dialed by a given phone (which is legal). Police only need a court to sign off on a subpoena certifying that the data they’re after is relevant to an investigation — the same standard as for cell phone records.

EMAILS: Messages You Sent Months Ago

There’s a double standard when it comes to email, one of the most requested types of data. A warrant is needed to get recent emails, but law enforcement can obtain older ones with only a subpoena. Google says it received16,407 requests for data — including emails sent through its Gmail service — from U.S. law enforcement in 2012. And Microsoft, with its Outlook email service, disclosed last month that it had received 11,073 requests for data last year. Other email providers, such as Yahoo, have not made similar statistics available. In January, Googlesaid that it would lobby in favor of greater protections for email.

This is another area where the ECPA comes into play. The law gives greater protection to recent messages than older ones, using a 180-day cutoff. Only a subpoena is required for emails older than that; otherwise, a warrant is necessary. This extends to authorities beyond the FBI and the police. I.R.S. documents released this week by the American Civil Liberties Union suggest that the I.R.S.’ Criminal Tax Division reads emails without obtaining a warrant. The bills introduced by Leahy and Lee in the Senate and Lofgren in the House would require a warrant for the authorities to get all emails regardless of age. The Justice Department, which had objected to such a change, said last month that it doesn’t any longer.

EMAIL DRAFTS: Drafts Are Different

Communicating through draft emails, à la David Petreaus and Paula Broadwell, seems sneaky. But drafts are actually easier for investigators to get than recently sent emails because the law treats them differently.

The ECPA distinguishes between communications — emails, texts, etc. — and stored electronic data. Draft emails fall into the latter, which get less protection under the law. Authorities need only a subpoena for them. The bills introduced by Leahy and Lee in the Senate and Lofgren in the House would change that by requiring a warrant to obtain email drafts.

TEXT MESSAGES: As With Emails, So With Texts

Investigators need only a subpoena, not a warrant, to get text messages more than 180 days old from a cell provider — the same standard as emails. Many carriers charge authorities a fee to provide texts and other information. For texts, Sprint charges $30, for example, while Verizon charges $50.

The ECPA also applies to text messages, according to Hanni Fakhoury, a lawyer with the Electronic Frontier Foundation, which is why the rules are similar to those governing emails. But the ECPA doesn’t apply when it comes to actually reading texts on someone’s phone rather than getting them from a carrier. State courts havesplit on the issue. Ohio’s Supreme Court has ruled thatpolice need a warrant to view the contents of cell phones of people who’ve been arrested, including texts. But the California Supreme Court has said no warrant is needed. The U.S. Supreme Court in 2010 declined to clear up the matter.

CLOUD DATA: Documents, Photos, and Other Stuff Stored Online

Authorities typically need only a subpoena to get data from Google Drive, Dropbox, SkyDrive, and other services that allow users to store data on their servers, or “in the cloud,” as it’s known.

The law treats cloud data the same as draft emails — authorities don’t need a warrant to get it. But files that you’ve shared with others — say, a collaboration using Google Docs — might require a warrant under the ECPA if it’s considered “communication” rather than stored data. “That’s a very hard rule to apply,” says Greg Nojeim, a senior counsel with the Center for Democracy & Technology. “It actually makes no sense for the way we communicate today.”

SOCIAL MEDIA: The New Privacy Frontier

When it comes to sites like Facebook, Twitter and LinkedIn, the social networks’ privacy policies dictate how cooperative they are in handing over users’ data. Facebook says it requires a warrant from a judge to disclose a user’s “messages, photos, videos, wall posts, and location information.” But it will supply basic information, such as a user’s email address or the IP addresses of the computers from which someone recently accessed an account, under a subpoena. Twitter reported in July that it had received 679 requests for user information from U.S. authorities during the first six months of 2012. Twitter says that “non-public information about Twitter users is not released except as lawfully required by appropriate legal process such as a subpoena, court order, or other valid legal process.”

Courts haven’t issued a definitive ruling on social media. In September, a Manhattan Criminal Court judge upheld a prosecutor’s subpoena for information from Twitter about an Occupy Wall Street protester arrested on the Brooklyn Bridge in 2011. It was the first time a judge had allowed prosecutors to use a subpoena to get information from Twitter rather than forcing them to get a warrant; the case is ongoing.

Via ProPublica

Related Links:

NSA Whistleblower: Everyone in U.S. Under Virtual Surveillance

Intelligence Officials Evade Questions on Domestic Surveillance

CISPA Infographic

Senate Approves FISA Extension, Warrantless Wiretapping Continues

Google Says the FBI is Secretly Spying on Some of Its Customers

DOJ Asks Judge to Dismiss Suit Over Secret Surveillance Court Opinions

“Going Dark”: What’s So Wrong With the Government’s Plan to Tap Our Internet?

FBI to Monitor Online Chats in Real-Time by 2014

Microsoft, Too, Says FBI Secretly Surveilling Its Customers

FBI Documents Shine Light on Clandestine Cellphone Tracking Tool “Stringray”

DOJ Emails Show Feds Routinely Using Cell Phone Tracking Tool “Stingray”, Hiding It From Judges

FBI Sued Over Secretive Mass Surveillance Program

Facial Recognition & GPS Tracking: TrapWire Company Conducting Even More Surveillance

FBI OWS Documents: Spying, “Domestic Terrorists” & Assassination Plots

New FOIA Documents Reveal DHS Spying on Peaceful Demonstrations and Activists

DHS Built Domestic Surveillance Tech Into Predator Drones

Fusion Center Director: We Don’t Spy on All Americans, Just Anti-Government Americans

New Documents Show IRS Reads Americans’ Emails Without Warrants

CIA’s Chief Tech Officer on Big Data: We Try to Collect Everything and Hang Onto It Forever

Amazon Reportedly Building $600M Cloud for the CIA

The Global Intelligence Files

Global Intelligence Files – quarter million released out of five million emails. The search engine which is now enabled for the GIFiles allows deep core drilling through the emails developing threads for the next release(s).   http://search.wikileaks.org/gifiles/ One part of the problem with the volume of the Stratfor ‘hack’ was that a lot of the files were corrupt and contained trojans. These files needed to be quarantined and then carefully dissected as they appeared on much larger files as attachments, and there are hundreds of thousands of them. With only 5% of the emails total released….

Anonymous: The Surveillance State

02/15/2013

“It was terribly dangerous to let your thoughts wander when you were in any public place or within range of a telescreen. The smallest thing could give you away. A nervous tic, an unconscious look of anxiety, a habit of muttering to yourself — anything that carried with it the suggestion of abnormality, of having something to hide. In any case, to wear an improper expression on your face (to look incredulous when a victory was announced, for example) was itself a punishable offense. There was even a word for it in Newspeak: facecrime, it was called.”

– George Orwell, 1984

In 1949, Eric Arthur Blair while under the pen name George Orwell penned one of the greatest dystopian novels of the modern era. The novel, 1984 became a timeless classic of oppression, surveillance, and control. It depicted a cold future society, where the Party controlled all aspects of life. It was a perpetual world at war, where its own citizens were persecuted “For your own protection”. Society was under complete surveillance, in the streets, in public places, even in their own homes. Individuality and free thought were regarded as crimes. All dissent was ruthlessly squashed.

Orwell’s work in 1984 became its own genre of dystopian fiction: Orwellian. He also coined the term “The Surveillance State”. And it seems that our State is rapidly moving towards this end. After the 9/11 attacks, the United States government passed the infamous Patriot Act, expanding the powers of the Federal government in key areas, notably in increasing information sharing between agencies and surveillance procedures. First, wiretapping was expanded to allow the capture of internet communications and to reduce the amount of information needed to get a warrant. This also expanded the amount of data and time information could be collected and stored. Basically, this act expanded surveillance capabilities, expanded the powers of warrants, and did away with the need for a warrant in many cases. And the only requirement for the use of these powers is the activity being “terrorism related”.

Fast forward to Christmas 2011. Anonymous had just completed the hacks leading to the Stratfor leaks. Soon after, they were released by Wikileaks as part of the Global Intelligence Files. Just before the planned publication, a group known only as AntiLeaks preceded to DDoS the Wikileaks websites, along with many supporter’s sites. Theses attacks many have been ‘justified’ in the eyes of the attackers. After the attacks were mitigated, Wikileaks proceeded to finish publishing the Stratfor leaks. These documents showed a partnership with a previously unknown company: Trapwire.

Trapwire’s goal, from its website is : “designed to detect patterns of pre-attack surveillance and logistical planning and introduce the basis for a paradigm shift in the methodologies traditionally applied to securing critical infrastructure, key resources and personnel.” (emphasis added). Trapwire is in the business of surveillance, and all in the name of peace and anti-terrorism. Not only Trapwire’s systems fed from their own and their clients’ cameras, the iWatch system in some major cities feeds into the database. Private company? Trapwire also feeds into the National Suspicious Activity Report. Not only is a large amount of surveillance data being held and filtered by a private company, it also is being feed to governmental agencies without due process of law.

From the Trapwire website:

“In executing our mission, we work with a wide range of law enforcement personnel and public and private security officials domestically and internationally, and similarly serve a large number of market segments.” (Emphasis added).
So what, you may ask. Maybe the government and companies are watching all the cctc camera feeds, but they cant possible view every square foot of the city. Think again. The United Kingdom alone, there are over 51,000 cctv cameras feeding into the central grid. Not only is the use of this data lightly restricted, there are new technologies that enable this information to be of greater value. UK’s Automatic Number Plate Recognition (ANPR) system automatically records license place numbers and matches them against a hot-list. Even if you are not a criminal, your plate images are kept for 2 years, and the pictures of you (the occupant) are kept for 90 days. Its not only your cars that are being targeted. If you are deemed as suspicious, or near the scene of a crime, a picture of your face will be uploaded to the cloudsourcing app Facewatch, where people can match a name with your face. And its not too long until automatic face-recognition becomes standard.

These technologies are an increasingly prevalent threat to the privacy and anonymity of the individual. The surveillance state has indeed become a reality, and there is no end in sight. The time is not far away when every move will be recorded, analyses and banked. and of course it is all “for your protection”. But it is not without hope. Site such as Documenting Dystopia and other Camspotting initiative seek to build public awareness of surveillance, and where the are being watched. You can get involved as well. Documenting Dystopia maintains a database of all know camera locations, which anyone can take pictures and upload new locations. Fighting back might even be ask simple as wearing a mask in watched areas. The fight is up to the people. And the greatest weapon in this war will be knowledge.

Via AnonRelations

Related Link: Anonymous #OpBigBrother 02/23/2013 #IDP13 International Day for Privacy

Anonymous: Twitterbomb – #StopCISPA NOW!

This picture resolution is right for a Twitter header. Download and set it as yours!

02/12/2013

Greetings world. We are Anonymous.

Internet, the time has come for us to unite again. In an effort to kill our online freedoms [again], #CISPA has returned. We also have Raytheon’s bill #RIOT to worry about. Along with that, Obama just signed a cybersecurity executive order with CISPA-like provisions to spy on American citizens and to censor our internet. That is why we need to get #StopCISPA trending ASAP. Spread this message everywhere. Even if you are not Anonymous, you can still help our with this. Just tweet #StopCISPA when you get this message. Keep tweeting and don’t stop until it trends. Congress will see that we are truely legion and we shall not sit idly by while our internet goes up for debate again. We will not be silent.

Tweet to #CISPA Reps @Call_Me_Dutch and @RepMikeRogers and tell them you oppose their bill.

Also, if you live in these states, call your reps and tell them you oppose CISPA

CALIFORNIA:

Devin Nunes -(202) 225-2523

Mike Thompson -(202) 225-3311

Adam Schiff -(202) 225-4176

FLORIDA:

Jeff Miller -(202) 225-4136

Thomas J Rooney -(202) 225-5792

GEORGIA:

Lynn Westmoreland -(202) 225-5901

ILLINOIS:

Jan Schakowsky -(202) 225-2111

Luis Gutierrez -(202) 225-8203

KANSAS:

Mike Pompeo -(202) 225-6216

MARYLAND:

Dutch Ruppersberger -202-225-3061

MICHIGAN:

Mike Rogers -(202) 225-4872

MINNESOTA:

Michele Bachmann -(202) 225-2331

NEVADA:

Joe Heck -(202) 225-3252

NEW JERSEY:

Frank LoBiondo -(202) 225-6572

NEW YORK:

Peter King -202-225-7896

RHODE ISLAND:

Jim Langevin -(202) 225-2735

TEXAS:

Mac Thornberry -(202) 225-3706

Mike Conaway -(202) 225-3605

Together, we can stop this just like we stopped SOPA. Toegther, we are capable of doing so much more. If you’re as in love with the internet as Anonymous is, then you can help us. Get #StopCISPA trending!

We are Anonymous.

We are Legion.

We do not forgive internet censorship.

We do not forget warantless spying on Americans.

United States Congress, Expect Us.

Via Pastebin

Sign CISPAisBack.com Petition Here

Canada’s Bill C-55 – Warrantless Wiretapping in Emergencies

02/11/2013

Overshadowed by news that the Canadian government had abandoned the “Internet Snooping” Bill C-30, was the first announcement Federal Justice Minister Rob Nicholson made today. The  introduction of a bill to update provisions that would allow for warrantless phone tapping in emergencies.

Canadian law allows police to wiretap without authorization from a court when there is the risk of imminent harm, such as a kidnapping or bomb threat, but the Supreme Court last year struck down the law and gave Parliament 12 months to rewrite another one.

The new bill, C-55, would give peace officers the right to secretly intercept private communications without a warrant in relatively rare, urgent situations. Someone whose communications had been intercepted in situations of imminent harm would have to be notified by police within 90 days.

View this document on Scribd