• Buro Jansen & Janssen is een onderzoeksburo dat politie, justitie, inlichtingendiensten, de overheid in Nederland en Europa kritisch volgt. Een grond-rechten kollektief dat al 30 jaar publiceert over uitbreiding van repressieve wetgeving, publiek-private samenwerking, bevoegdheden, overheids-optreden en andere staatsaangelegenheden.
    Buro Jansen & Janssen Postbus 10591, 1001EN Amsterdam, 020-6123202, 06-34339533, signal +31684065516, info@burojansen.nl (pgp)
    Steun Buro Jansen & Janssen. Word donateur, NL43 ASNB 0856 9868 52 of NL56 INGB 0000 6039 04 ten name van Stichting Res Publica, Postbus 11556, 1001 GN Amsterdam.

  • Categorieën

  • FBI Documents Expose Bureau‘s Big Jan. 6 ‘Lie‘
    The bureau says it lacked the authority to monitor social media activity ahead of the pro-Trump insurrection, but it did exactly that during 2020 racial justice and police violence protests

    In the aftermath of the Jan. 6 insurrection, the FBI told Congress and the American people that the agency had failed to prevent or fully prepare for the worst attack on the U.S. Capitol in more than 200 years in part because it lacked the authority and capabilities to more aggressively monitor social media, where much of the planning for the insurrection took place.

    lees meer

    NYPD officers accessed Black Lives Matter activists’ texts, documents show

    Exclusive: Documents obtained by the Guardian reveal details of how police posed as protesters amid unrest following the death of Eric Garner
    People protest after a grand jury decided not to indict officer Daniel Pantaleo in the Eric Garner case.

    Undercover officers in the New York police department infiltrated small groups of Black Lives Matter activists and gained access to their text messages, according to newly released NYPD documents obtained by the Guardian.

    The records, produced in response to a freedom of information lawsuit led by New York law firm Stecklow & Thompson, provide the most detailed picture yet of the sweeping scope of NYPD surveillance during mass protests over the death of Eric Garner in 2014 and 2015. Lawyers said the new documents raised questions about NYPD compliance with city rules.

    The documents, mostly emails between undercover officers and other NYPD officials, follow other disclosures that the NYPD regularly filmed Black Lives Matter activists and sent undercover personnel to protests. The NYPD has not responded to the Guardian’s request for comment or interview.

    Emails show that undercover officers were able to pose as protesters even within small groups, giving them extensive access to details about protesters’ whereabouts and plans. In one email, an official notes that an undercover officer is embedded within a group of seven protesters on their way to Grand Central Station. This intimate access appears to have helped police pass as trusted organizers and extract information about demonstrations. In other emails, officers share the locations of individual protesters at particular times. The NYPD emails also include pictures of organizers’ group text exchanges with information about protests, suggesting that undercover officials were either trusted enough to be allowed to take photos of activists’ phones or were themselves members of a private planning group text.

    protesters text message
    Police obtained access to protesters’ text messages, the documents show. Photograph: NYPD/Screenshot/Scribd
    “That text loop was definitely just for organizers, I don’t know how that got out,” said Elsa Waithe, a Black Lives Matter organizer. “Someone had to have told someone how to get on it, probably trusting someone they had seen a few times in good faith. We clearly compromised ourselves.”

    Keegan Stephan, a regular attendee of the Grand Central protests in 2014 and 2015, said information about protesters’ whereabouts was limited to a small group of core organizers at that time. “I feel like the undercover was somebody who was or is very much a part of the group, and has access to information we only give to people we trust,” said Stephan, who has been assisting attorneys with a lawsuit to obtain the documents on behalf of plaintiff James Logue, a protester. “If you’re walking to Grand Central with a handful of people for an action, that’s much more than just showing up to a public demonstration – that sounds like a level of friendship.”

    Joseph Giacalone, a retired NYPD detective sergeant and professor at John Jay College, agreed that it would not be easy for an undercover officer to join a small group of protesters and hear their plans. “It would be pretty amazing that they would be able to get into the core group in such a short window of time,” said Giacalone. “This could have been going on a while before for these people to get so close to the inner circle.”

    The NYPD documents also included a handful of pictures and one short video taken at Grand Central Station demonstrations. Most are pictures of crowds milling about or taking part in demonstrations. In one picture of a small group of activists, the NYPD identifies an individual in a brown jacket as the “main protester”. These images of protesters are reminiscent of those taken by undercover transit police, who were also deployed to Black Lives Matter protests in Grand Central Station in 2015.

    nypd documents
    Facebook Twitter Pinterest
    An individual is identified as the ‘main protester’. Photograph: NYPD/Screenshot/Scribd
    Giacalone said this type of leadership identification was standard police practice at protests. “If you take out the biggest mouth, everybody just withers away, so you concentrate on the ones you believe are your organizers,” he said. “Once you identify that person, you can run computer checks on them to see if they have a warrant out or any summons failures, then you can drag them in before they go out to speak or rile up the crowd, as long as you have reasonable cause to do so.”

    Attorneys say the documents raise legal questions about whether the NYPD was acting in compliance with the department’s intelligence-gathering rules, known as the Handschu Guidelines. The guidelines, which are based on an ongoing decades-old class-action lawsuit, hold that the NYPD can begin formally investigating first amendment activity “when facts or circumstances reasonably indicate that an unlawful act has been, is being, or will be committed” and if the police surveillance plan has been authorized by a committee known as the Handschu Authority. (That committee was exclusively staffed by NYPD officials at the time.) However, according to the guidelines, before launching a formal investigation, the NYPD can also conduct investigative work such as “checking of leads” and “preliminary inquiries” with even lower standards of suspicion.

    Michael Price, counsel at the Brennan Center for Justice, said it was difficult to know whether NYPD’s undercover surveillance operations crossed the line, as the documents did not make clear what, if any, stage of investigation the police were in at the time of the operations. But he said the department’s retention of pictures and video raised questions, since police are not allowed to retain information about public events unless it relates to unlawful activity.

    “So my question would be: what was the unlawful activity that police had reason to suspect here?” said Price. “It doesn’t appear that there was any criminal behavior they were talking about in the emails. Most references are to protesters being peaceful, so I would be very concerned if they were hinging their whole investigation on civil disobedience, such as unpermitted protests or blocking of pedestrians.”

    Throughout the emails, the NYPD’s undercover sources provide little indication of any unlawful activity, frequently characterizing demonstrators as peaceful and orderly with only one mention of a single arrest.

    “The documents uniformly show no crime occurring, but NYPD had undercovers inside the protests for months on end as if they were al-Qaida,” said David Thompson, an attorney of Stecklow & Thompson, who helped sue for the records.

    Giacalone argued that police could have easily come up with a legal justification to initiate surveillance, especially if such operations occurred after the shooting of two NYPD officers in December of 2014 (all dates in the NYPD’s email communications were redacted). But he noted that such investigative activities would be harder to justify if officers were not directly observing signs of unlawful activity.

    “If they’re not talking about any crimes being committed, they’re going to have a difficult time defending this. It may end up in another one of these lawsuits,” said Giacalone. “Some may say this is good police work, fine, but good police work or not, we have rules against this kind of thing in New York.”

    Attorneys have already filed a petition charging that the NYPD may have failed to produce all of its surveillance records. But for some protesters, the damage has already been done.

    “In the first couple of months, we had a lot of people in and out of the group, some because they didn’t fit our style but others because of the whispers that they were undercovers,” recalled Waithe. “Whether it was real or perceived, that was the most debilitating part for me, the whispers … It’s really hard to organize when you can’t trust each other.”

    George Joseph in New York
    Tuesday 4 April 2017 11.00 BST Last modified on Tuesday 4 April 2017 22.00 BST
    Find this story at 4 April 2017

    © 2017 Guardian News and Media Limited

    Met police accused of using hackers to access protesters’ emails

    Exclusive: Watchdog investigates claim that secretive unit worked with Indian police to obtain campaigners’ passwords

    An anonymous letter claimed the Scotland Yard unit accessed activists’ email accounts for ‘a number of years’.

    The police watchdog is investigating allegations that a secretive Scotland Yard unit used hackers to illegally access the private emails of hundreds of political campaigners and journalists.

    The allegations were made by an anonymous individual who says the unit worked with Indian police, who in turn used hackers to illegally obtain the passwords of the email accounts of the campaigners, and some reporters and press photographers.

    Met presses undercover police inquiry to examine fewer officers
    Read more
    The person, who says he or she previously worked for the intelligence unit that monitors the activities of political campaigners, detailed their concerns in a letter to the Green party peer Jenny Jones. The peer passed on the allegations to the Independent Police Complaints Commission (IPCC), which is investigating.

    Hacked passwords were passed to the Metropolitan police unit, according to the writer of the letter, which then regularly checked the emails of the campaigners and the media to gather information. The letter to Jones listed the passwords of environmental campaigners, four of whom were from Greenpeace. Several confirmed they matched the ones they had used to open their emails.

    The letter said: “For a number of years the unit had been illegally accessing the email accounts of activists. This has largely been accomplished because of the contact that one of the officers had developed with counterparts in India who in turn were using hackers to obtain email passwords.”

    Jones said: “There is more than enough to justify a full-scale criminal investigation into the activities of these police officers and referral to a public inquiry. I have urged the Independent Police Complaints Commission to act quickly to secure further evidence and to find out how many people were victims of this nasty practice.”

    The letter also alleges that emails of reporters and photographers, including two working for the Guardian, were monitored. A spokesperson for the Guardian said: “Allegations that the Metropolitan police has accessed the email accounts of Guardian journalists are extremely concerning and we expect a full and thorough investigation into these claims.”

    The IPCC has for several months been investigating claims that the national domestic extremism and disorder intelligence unit shredded a large number of documents over a number of days in May 2014.

    The stories you need to read, in one handy email
    Read more
    Last month the IPCC said it had uncovered evidence suggesting the documents had been destroyed despite a specific instruction that files should be preserved to be examined by a judge-led public inquiry into the undercover policing of political groups.

    The letter claimed that the shredding “has been happening for some time and on a far greater scale than the IPCC seems to be aware of”. The author added that “the main reason for destroying these documents is that they reveal that [police] officers were engaged in illegal activities to obtain intelligence on protest groups”.

    The letter to Jones lists 10 individuals, alongside specific passwords that they used to access their email accounts. Lawyers at Bindmans, who are representing Jones, contacted six on the list and, after outlining the allegations, asked them to volunteer their passwords.

    Five of them gave the identical password that had been identified in the letter. The sixth gave a password that was almost the same. The remaining four on the list have yet to be approached or cannot be traced.

    Colin Newman has for two decades volunteered to help organise mainly local Greenpeace protests which he says were publicised to the media. He used the password specified in the letter for his private email account between the late 1990s and last year.

    Newman said he felt “angry and violated, especially for the recipients”. He added: “I am open about my actions as I make a stand and am personally responsible for those, but it is not fair and just that others are scrutinised.

    “I am no threat. There is no justification for snooping in private accounts unless you have a reason to do so, and you have the authority to do that.”

    He said he had been cautioned by the police once, for trespassing on the railway during a protest against coal about two years ago.

    Another on the list was Cat Dorey who has worked for Greenpeace, both as an employee and a volunteer, since 2001. She said all the protests she had been involved in were non-violent.

    The password specified in the letter sent to Jones had been used for emails that contained private information about her family and friends.

    She said: “Even though Greenpeace UK staff, volunteers, and activists were always warned to assume someone was listening to our phone conversations or reading our emails, it still came as a shock to find out I was being watched by the police. It’s creepy to think of strangers reading my personal emails.”

    In 2005, she was part of a group of Greenpeace protesters who were sentenced to 80 hours of community service after installing solar panels on the home of the then deputy prime minister, John Prescott, in a climate change demonstration.

    According to the letter, the “most sensitive side of the work was monitoring the email accounts of radical journalists who reported on activist protests (as well as sympathetic photographers) including at least two employed by the Guardian newspaper”. None were named.

    Investigators working for the IPCC have met Jones twice with her lawyer, Jules Carey, and have asked to interview the peer. An IPCC spokesperson said: “After requesting and receiving a referral by the Metropolitan police service, we have begun an independent investigation related to anonymous allegations concerning the accessing of personal data. We are still assessing the scope of the investigation and so we are not able to comment further.”

    The letter’s writer said he or she had spoken out about the “serious abuse of power” because “over the years, the unit had evolved into an organisation that had little respect for the law, no regard for personal privacy, encouraged highly immoral activity and, I believe, is a disgrace”.

    In recent years, the unit has monitored thousands of political activists, drawing on information gathered by undercover officers and informants as well as from open sources such as websites. Police chiefs say they need to keep track of a wide pool of activists to identify the small number who commit serious crime to promote their cause.

    But the unit has come in for criticism after it was revealed to be compiling files on law-abiding campaigners, including John Catt, a 91-year-old pensioner with no criminal record as well as senior members of the Green party including the MP Caroline Lucas.

    The Metropolitan police said the IPCC had made it “aware of anonymous allegations concerning the accessing of personal data, and requested the matters were referred to them by the MPS. This was done. The MPS is now aware that the IPCC are carrying out an independent investigation.”

    Rob Evans
    Tuesday 21 March 2017 16.35 GMT Last modified on Wednesday 22 March 2017 00.50 GMT

    Find this story at 22 March 2017

    © 2017 Guardian News and Media Limited

    The letter I received about alleged police hacking shows how at risk we all are

    The whistleblower lists damning claims of spying on innocent individuals by a secretive Scotland Yard unit. It’s now vital that we hold the police to account
    ‘When the police act with impunity all of our private lives are put at risk’

    As the only Green party peer I receive a lot of post to my office in the House of Lords. Rarely, though, do I open letters like the one that has been revealed. The anonymous writer alleged that there was a secretive unit within Scotland Yard that has used hackers to illegally access the emails of campaigners and journalists. It included a list of 10 people and the passwords to their email accounts.

    As soon as I read the first sentence of the letter, I knew the content would be astonishing – and when some aspects of the letter were corroborated by lawyers and those on the list – I was convinced that we owed it to this brave whistleblower to hold the police to account.

    The list of allegations is lengthy. It includes illegal hacking of emails, using an Indian-based operation to do the dirty work, shredding documents and using sex as a tool of infiltration. And these revelations matter to all of us. None of us knows whether the police organised for our emails to be hacked, but all of us know the wide range of personal information that our emails contain. It might be medical conditions, family arguments, love lives or a whole range of drug- or alcohol-related misdemeanours.

    When the police act with impunity, all of our private lives are put at risk. Whether you’re involved in a local campaign against library closures, a concerned citizen worried about air pollution or someone working for a charity – who’s to say that officers won’t be spying on the emails you send? The police put me on the domestic extremism database during the decade when I was on the Metropolitan Police Authority signing off their budgets and working closely with officers on the ground to fight crimes such as road crime and illegal trafficking. If someone in my position – no criminal record and on semi-friendly terms with the Met commissioner – can end up on the database, then you can too.

    The truth is that without the bravery and professionalism of two serving police officers who have blown the whistle on state snooping I would know nothing about my files, and those of other campaigners, being shredded by the Domestic Extremism Unit. We would have had no suspicion that those files had been shredded to cover up the illegal hacking of personal and work e-mails by the police.

    Please don’t fall for the old establishment lie that the problem is a few rotten apples. This alleged criminality is the result of a deliberate government policy of using the police and security services to suppress dissent and protest in order to protect company profits and the status quo. Such an approach inevitably leads to police officers overstepping the mark as they feel emboldened by those at the top levels of government and an immunity from prosecution provided by senior officers keen to please the people who decide their budgets.

    The stories you need to read, in one handy email
    Read more
    The police don’t always act as neutral agents of the law. We know that the Thatcher government’s determination to break the miners’ strike led to the Orgreave confrontation in 1984. There are still allegations about the links between the police and those running blacklisting databases that led to hundreds of construction workers being condemned to unemployment and poverty.

    And don’t mistake this for a partisan attack on Conservative politicians. Theresa May has forced through the draconian Investigatory Powers Act, but the Labour party too has been timid at best in opposing this snoopers’ charter. Indeed it was the Blair government that left a legacy of draconian public order laws, and which broadly defined the anti-terrorism legislation upon which an edifice of modern surveillance powers has been constructed.

    Many are unaware that joining an anti-fracking group, or going on a demonstration, could get you labelled a domestic extremist, photographed, questioned and followed for months or even years – without ever having been convicted of a crime.

    It’s only by speaking out against these intrusions that we are able to challenge this rotten culture of impunity. After all, it was David Cameron who gave us the Hillsborough inquiry and Theresa May who set up the Pitchford inquiry into undercover officers. Politicians don’t always do things for good reasons, but they do respond to public pressure.

    Change is possible, but in the meantime, we should be doing everything we can to make it hard for the police to spy on us. Use encryption, two-step email security and other precautions suggested by organisations such as Liberty. Don’t stop saying what you think, or working to make the world a better place, but do assume that the police will be working to protect the companies, banks or energy companies that you want to challenge.

    It isn’t how things should be, but the evidence shows that is the way things are.

    A campaign to get the police out of the lives of environmentalists and social justice campaigners is a good start, but it will fail unless it reaches out – starting by working with those in the Muslim community intimidated by Prevent.

    Above all, we must convince the middle ground of society that everyone will be safer if the security services focused on what we all want them to do – stopping terrorists and serious criminals. This is not unreasonable, and the starting point is a change to the legislation so that it narrows the definition of terrorism to exclude the nonviolent, noisy and rebellious

    Wednesday 22 March 2017 15.23 GMT Last modified on Wednesday 22 March 2017 17.29 GMT
    Jenny Jones
    Find this story at 22 March 2017

    © 2017 Guardian News and Media Limited

    Going global: the UK government’s ‘CVE’ agenda, counter-radicalisation and covert propaganda

    Countering Violent Extremism (CVE) efforts, the government tells us, “address the root causes of extremism through community engagement”. But could this globalising project have counter-productive consequences?

    Earlier this week the advocacy group CAGE and the Guardian both published revelations concerning a covert propaganda programme run by the UK Home Office as part of the Prevent programme.

    We have been investigating the government Research and Information Communications Unit (RICU), the PR agency Breakthrough Media and the many ‘grassroots’ campaigns they worked with for almost a year with varying degrees of complicity. We have only published a small amount of the information we amassed and expect the Guardian and other journalists to reveal more in the coming days.

    In this article we show how those orchestrating the campaigns have global ambitions – and despite the abject lack of debate – how the UK’s “industrial scale propaganda” programme is already being held up as best practice by the EU and UN.

    The story so far
    Over the past five years, the Home Office and a secretive government department called RICU, the Research, Information and Communications Unit, has been cultivating a network of ‘grassroots’ Muslim voices to promote ‘counter-narratives’ that combat the appeal of an ill-defined ‘extremism’ among Britain’s Muslim youth. Parliament has not been informed of these activities and the policy has been kept from public scrutiny by draconian secrecy legislation and the veil of ‘national security’.

    Working with specialist PR agencies and new media companies to target young people who fit the profile of ‘vulnerable young Muslim’, RICU’s interventions represent the first concerted foray into cyberspace by the British state with the aim of covertly engineering the thoughts of its citizens. In practice this means the chosen ‘grassroots’ organisations and ‘counter-narratives’ receive financial and technical support from the government for the production of their multimedia campaigns (videos, websites, podcasts, blogs etc).

    These state-sponsored ‘counter-narratives’ are in turn promoted to specific groups of internet users, chosen on the basis of their demographics, the websites they visit, the social media accounts they ‘follow’, and the search terms they use.

    It has now been revealed that the following ‘grassroots’ campaigns have received some kind of support from the Home Office, RICU or Breakthrough Media: My 2012 Dream, Return to Somalia, Help for Syria, Faith on the Frontline, Families matter, Imams online, Not another brother, Ummah Sonic, The fightback starts here, Open Your Eyes: Isis Lies, The truth about Isis, and Making a Stand. At issue is not what these initiatives stand for, or even that they are government supported, but that they are presented as independent, community-based campaigns.

    While the government has defended RICU’s programme as some kind of ‘necessary evil’, we should not be duped. When democratic governments start using community groups and NGOs to disseminate government propaganda and hoodwink the public into believing they are authentic ‘grassroots’ campaigns, it damages everyone in civil society. Democracy requires clear lines between the security state and the police on the one hand, and civil society, public and social services on the other.

    Breakthrough Media – an official secret no more

    Fair use.
    Breakthrough Media is the government’s go-to creative media agency for its “counter-narratives”. It specializes in “emotionally driven films, campaigns and other communications products” and its clients include government and intergovernmental agencies (UK, US, European Union, African Union, United Nations) and various NGOs. It has offices in London, Nairobi and Mogadishu and employs 100 people across Europe and East Africa.

    Some of Breakthrough’s work for the UK government has been protected by the Official Secrets Act – an extraordinary use of national security legislation to conceal the activities of a government-contracted PR company.

    Breakthrough was founded by Managing Director Robert Elliot, and originally called “Camden Creative”, which was incorporated in 2008. Camden Creative operated as a drama and documentaries production company that delivered a ten-part reality drama series for Channel 5 and a one-off documentary about the Mayor of Mogadishu for Al Jazeera English. The name of the company was changed to “Breakthrough Media” on 27 November 2012. Breakthrough’s CEO is Scott Brown, appointed on 17 August 2012. Brown was formerly an account director at M&C Saatchi and Deputy Chief of Staff at Bell Pottinger (the UK’s biggest PR company) in Nairobi.

    Breakthrough has earned £11.8m from the UK government since 2012. Lest there be any doubt about the commitment of the UK government to this cause, it has just asked PR companies to pitch for a further £60 million.

    Horizon PR

    Fair use.
    Horizon PR was incorporated in March 2015 and is part of the M&C Saatchi Group, the international PR and advertising group formed by Maurice and Charles Saatchi after they were ousted from their original firm, Saatchi and Saatchi. Horizon has five directors: Robert Elliot and Scott Brown of Breakthrough Media, and Andrew Blackstone, Molly Aldridge and Marcus Peffers from the M&C Saatchi group. Blackstone and Aldridge are senior executives at M&C Saatchi, while Peffers was a senior account director who founded the company’s World Services division in 2011 to bring the “experience and creative capabilities” of the agency to “help tackle complex behavioural and social issues in fragile states and developing markets”. M&C Saatchi’s World Services works with a range of national and international governments, IGOs, INGOs and foundations and is among the group’s most successful divisions. Feffers has also worked at a senior advisory level with successive UK governments, including HMT, the FCO, the Home Office, HMRC and Number 10, and oversaw M&C Saatchi’s campaign to keep Scotland in the Union on behalf of the three main UK political parties.

    Horizon provides PR solutions to “ethnic, social and faith based issues” to clients including “non-government and civil-society groups who want to improve and increase the impact and scale of their activity and better reach audiences at a local, regional, national and international level”. This is achieved through “creative news generation, traditional and social media campaigns and targeted events”. In launching Horizon, Breakthrough and the Saatchis are clearly betting on a big future in communicating government messages on sensitive issues such as “terrorism” and “extremism”.

    Hand-in-hand: censorship and propaganda
    The lengths of the UK’s covert propaganda programme appear even more extraordinary in the context of the government’s mass censorship of the internet – something which can only be achieved with the cooperation of internet service providers and social media companies.

    Since the Edward Snowden revelations, and having realized that working hand-in-glove with the “Five Eyes” global surveillance system was not good for their reputation or business prospects, Silicon Valley appears to have enjoyed a much less comfortable relationship with western governments. Some of its biggest names have taken formal positions that distance themselves from government surveillance, and introduced corresponding procedures designed to reassure and protect their users.

    But Silicon Valley has been unable to extricate itself from the broader ‘war on terror’ and ad hoc public-private partnerships have emerged to address demands from law enforcement and intelligence agencies to block “terrorist propaganda”. In the UK, this process has essentially replicated the model developed to combat the proliferation of child pornography on the internet.

    As with child porn, states have passed laws banning the production and dissemination of terrorist propaganda, providing grounds for the state to request companies to close accounts or block websites (so-called “notice and take-down” requests) said to contravene national law. In the absence of obvious legal breaches, the censors argue that the content breaches the provider’s terms of service.

    The UK has pioneered the censorship of “terrorist” content, having established the world’s first Counter Terrorism Internet Referral Unit (CITRU) in 2010, modelled on the Child Exploitation and Online Protection agency. CITRU is the central contact point for police and intelligence officers seeking to block web pages or close social media accounts, and refers their requests to service providers, search engines and content platforms. By December 2015, CITRU claimed to have taken down “more than 120,000 pieces of unlawful terrorist-related content online” since 2010, with one-third removed in 2015.

    In practice, content hosted outside the UK (as most “terrorist propaganda” is) is not actually “taken down” – access is instead blocked by British ISPs (and can therefore be easily circumvented). Nor do these figures include independent action by social media companies. In February 2016, Twitter announced that it had shut down more than 125,000 ISIS related accounts.

    Following the Charlie Hebdo attacks, the EU launched a Europe-wide blocking system modelled on CITRU. The EU Counter-terrorism Internet Referral Unit began operating in July 2015 and is housed at Europol.

    You would instinctively think that “terrorist propaganda” means the horrific videos of ISIS beheadings and such like, yet violent material is said to make up just 2% of what is blocked. Regardless, the level of censorship of terrorists and extremists has now reached levels that would have been unthinkable just a few years ago. But this is only one side of the story.

    Silicon Valley and counter-narratives
    Having played ball with content take-down, the Silicon Valley behemoths have also increasingly embraced the “counter-narrative” agenda – an agenda they are of course uniquely placed to implement. In February 2015, a “White House Summit To Counter Violent Extremism” gathered foreign leaders, United Nations officials, and “a broad range of international representatives and members of civil society”.

    Following the summit, the White House announced several new initiatives. First, the US government would organize “technology camps” alongside social media companies, which will “work with governments, civil society and religious leaders to develop digital content that discredits violent extremist narratives and amplifies positive alternatives”. Second, the US will partner with the United Arab Emirates to create a “digital communications hub that will counter ISIL’s propaganda and recruitment efforts, both directly and through engagement with civil society, community, and religious leaders”. In other words: the stratosphere that includes organisations RICU, CITRU, Breakthrough, ‘grassroots’.

    While Facebook and Google were tight-lipped, a Twitter spokesman stated that they “support counterspeech efforts around the world and we plan to participate in this effort through third-party NGOs”. Twitter has also run a series of workshops for UK NGOs concerned with countering extremism to help them enhance their presence on social media.

    Giving evidence to the House of Commons’ Home Affairs Select Committee in February 2016, Google announced that it was going one step further and “piloting two pilot programmes. One is to make sure that these types of videos [counter-narratives] are more discoverable on YouTube. The other one is to make sure when people put potentially damaging search terms into our search engine… they also find this counter-narrative”. It was later clarified that the programme took the form of “free Google AdWords” to enable NGOs to place “counter-radicalisation adverts against search queries of their choosing”.

    To be clear about what this means in practice, imagine an internet user fitting the profile of ‘impressionable young Muslim’ (as defined by Prevent), searching Google for “Syria war” (or clicking on a Facebook link about it) and being referred to Breakthrough’s Open Your Eyes: Isis Lies campaign, among others. And as we know from the Snowden revelations, these searches will be logged and investigated by the intelligence services.

    The symbolism of all of this cannot be understated. Removing one kind of ‘propaganda’ and promoting another at the request of governments – or via government-backed NGOs or contractors – is a far cry from the free speech-cum-great leveller Silicon Valley told us to believe in.

    And as well-intentioned as their interventions may be, having embarked on this slippery slope, can or should we now expect the likes of Google to assist in re-directing would be white supremacists to #blacklivesmatter websites, or Europe’s growing army of neo-Nazis to #hopenothate?

    Your answer to this question should help you think through the legitimacy of what has been revealed to address ‘radicalisation’ among Muslims.

    Against Violent Extremism Network

    Fair use.
    The Against Violent Extremism (AVE) Network is a partnership between Google Ideas, the Institute for Strategic Dialogue and Gen Next Foundation (GNF). GNF, which initially described itself as an “exclusive membership organization and platform for successful individuals” committed to social change through venture capital funding, “aspires to solve the greatest generational challenges of our time using a unique hybrid of private sector and non-profit business models – called a venture philanthropy model”. Its core areas are education, economic opportunity and global security.

    AVE was hatched at the 2011 Google Ideas (now ‘Jigsaw’) Summit Against Violent Extremism and is managed by the Institute for Strategic Dialogue. It claims to have brought together “hundreds of former extremists and survivors of violent extremism to fight back against online extremist messaging and recruitment”. In 2015, AVE claimed to have “over 2,000 members globally”, “over 60 counter-extremism projects” and “partnerships with global technology firms including Twitter and Facebook”.

    The counter-narratives projects incubated and assisted by AVE are believed to include myextremism.org, a juvenile platform for “extremists against extremism”, and Abdullah X, the former extremist turned ‘down with the kids’ cartoon ‘Jihobbyist’.

    ‘Abdullah-X’ – the counter-narratives’ poster boy
    Abdullah-X says: “I am here to deliver awareness, develop and divert young Muslims from the path of relying solely on information that can take them on a journey towards extremism and hate. You will find me in content that is created to instil critical thinking and understanding in the minds of those who are often vulnerable to the messaging of extremist ideologies.”

    The ‘street-savvy’ looking cartoon character, complete with chains and corn-rows, is given a Muslim name with the suffix ‘X’, an obvious reference to Malcolm X, and a means of co-opting a legacy that disenfranchised youth may respect. Abdullah-X’s videos attempt to take on contentious issues within the Muslim world, providing a ‘counter-narrative’ to questions that many Muslims have. In one video, he considers Palestine and the growing call to boycott Israel, by questioning what it can achieve: “I wonder, is all my plaque waving and shouting in anger to others a Sunnah? I mean in truth, will my ‘peaceful protest’ for Gaza truly aid the Palestinian people or does it aid my ego… What is the bigger picture?”

    For Abdullah-X, the bigger picture is not Israeli occupation and apartheid, but the failure of the Arab world to intervene in Gaza: “Because they live in the shadow of their paymasters… sadly their paymasters are not those who follow the Sunnah.” This ahistorical presentation is part of a wider trend in which Abdullah-X seeks to depoliticise British Islam in favour of shallower spiritual reflection.

    Abdullah-X claims that he was a former adherent of Abu Hamza al-Masri and Omar Bakri Mohammed. He claims that his position as a former extremist uniquely places to deter others from following similar routes. He now has a female sidekick in Muslimah-X.

    One of the most astonishing achievements of the counter-radicalisation industry is its burial of the idea that the people best-placed to deter individuals from extremism, might actually be those who have never engaged in any form of it.

    In an interview with On the Media on 19 June 2015, Abdullah-X was asked if he is funded by MI6 or some other entity. He responded with the claim that the cartoon is “…a self funded project of myself and a few like-minded people.”

    Fair use.

    Going global
    The 2015 White House Summit on Combating Violent Extremism was more a product than a catalyst of the global CVE agenda, which has been developing under the auspices of the Global Counter Terrorism Forum (GCTF). The GCTF is an informal group of 29 states plus the European Union launched in no small part because of resistance to the dominant security and counter-terrorism paradigm at the UN on the part of many developing countries, which served to prevent those states most invested in the ‘war on terror’ from enhancing their operational cooperation through UN mechanisms.

    The UK co-chairs, in partnership with the United Arab Emirates, the GCTF’s CVE working group, which held its inaugural meeting in Abu Dhabi in April 2012. The minutes report that “The UK opened the session by underscoring the belief common to many GCTF members: that countering violent extremism is a battle of ideas; in such a battle, altering the grounds of debate and countering radical messages are vital.”

    The following year, the GCTF organised the UN Conference on “Best Practice in Communications” in June 2013 in London. The meeting was co-chaired by Richard Chalk, then head of RICU. It recommended that “practitioners must take a strategic approach to CVE communications work and articulate the totality of a government’s engagement on a given issue”; that “messages should be simple, concise, tailored, and delivered by credible messengers”; and that “policies must be aligned with messages in order to be credible”.

    Countering violent extremism… with our friends in Abu Dhabi and Riyadh
    The GCTF has also launched the Hedayah Center of Excellence in Countering Violent Extremism, based in Abu Dhabi, to which at least one British government official is seconded. Hedayah’s publications include “National CVE Strategies: Guidelines and Good Practices”, a document that draws heavily on the Prevent school of counter-extremism. Hedayah has been lavished with US, EU and Gulf state funding, and is the obvious home for the UAE-based “digital communications hub” to counter ISIL propaganda announced by the White House last year.

    Hedayah also hosted the GLOBAL CVE EXPO in December 2014, which stressed the need for “more effective collaboration on counter-narratives, drawing from experiences of policymakers, practitioners and industry/private sector representatives”. The month before it held an expert workshop on counter-narratives which extolled the virtues of using “victims, formers and ex-prisoners” in counter-narrative products.

    The irony of establishing an International Center of Excellence on Countering Violent Extremism in a country whose CVE efforts include a strict ban on the regime’s political opponents, the Muslim Brotherhood, the mass deportation of Shi’a residents, and hiring Erik Prince, the founder of Blackwater (now Academi), to form secret, mercenary armies, is not lost on all observers. In advance of the White House CVE summit, Steven Hawkins, director of Amnesty International USA, warned that abusive regimes could take advantage of ‘CVE-mania’ and use international funding to violate human rights in the absence of appropriate safeguards.

    The UK is also exporting its counter-narratives programme through the EU and the UN. The former has established the Radicalisation Awareness Network (RAN) under the ‘PREVENT’ strand of the EU Counter-Terrorism strategy, which has a dedicated Communication and Narratives Working Group. The WG is co-chaired by Najeeb Ahmed, a Home Office Prevent coordinator, and Guillaume de Saint Marc, CEO of the French Association of Victims of Terrorism. The RAN network also has a Working Group on the Internet and Social Media, co-chaired by Yasmin Green (Google Ideas) and Rachel Briggs (Institute for Strategic Dialogue). RAN’s Issue Paper on Counter Narratives and Alternative Narratives reads as if it was written by RICU.

    Similarly, the UN had a Working Group on the Use of the Internet for Terrorist Purposes, under the auspices of the UN Counter-Terrorism Implementation Task Force. This appears to have been disbanded, and its work taken-up the GCTF, but not before it had staged the Riyadh Conference on “Use of the Internet to Counter the Appeal of Extremist Violence” in 2011. This in a country declared an “Enemy of the Internet” by Reporters Without Borders and notorious for the mass beheading of alleged terrorists, apostates and blasphemers.

    The Riyadh conference, which was co-funded by the German government and the Saudi royal family, brought together around 150 policy-makers, experts and practitioners from the public sector, international organisations, industry, academia and the media. The speakers included Christopher Wainwright (RICU) and Jared Cohen (Google Ideas). Top of the list of summit Recommendations was to “Promote counter-narratives through all relevant media channels (online, print, TV/Radio)”.

    Under the heading “Credible Messengers as Important as the Message”, the summary of the proceedings produced by the CTITF records:

    Leaving aside the many dubious assertions in this passage, when a UN Working Group meets in Saudi Arabia to recommend that security and intelligence agencies recruit former extremists and provide them with institutional homes in fake NGOs to produce state propaganda, things have clearly gone badly awry.

    Do as I say not as I do
    As we said in our report, there is nothing objectionable in principle about grassroots activism that tries to steer people away from violence and ‘extremism’ – or any form of other ‘-ism’ for that matter. Indeed, freedom to engage in whatever kind of non-violent activism one chooses gets to the heart of what it means to live in a democracy that holds freedom of expression dear.

    But there has to be a basic degree of transparency and accountability, without which communities will not trust government, and people will not trust anyone. They need to be confident in the difference between government propaganda and genuine activism. They need to know that non-governmental organisations and grassroots organisations are independent of government and corporations, or otherwise open about their relationship to them. When civil society organisations become tools of government or business, it damages the non-profit sector as a whole.

    This week’s revelations are symptomatic of the capture of government policy by an increasingly influential counter-radicalisation industry. Yet for all the best practice and international recommendations described above, radicalisation theory is still mired in Islamophobic bunkum, with no reliable metrics through which to substantiate its claims of effectiveness, and no evidence to support the assertion that the UK’s Prevent programme has been anything other than a divisive failure.

    As a paper by the International Centre for Counter-terrorism in the Hague suggests: “Doing the right thing rather than saying the right thing produces, ideally, the stronger narrative and in that sense the interaction patterns between host community and vulnerable youth constitute a non-verbal message that might better manage to prevent extremists gaining more ground in a community”.

    BEN HAYES and ASIM QURESHI 4 May 2016

    Find this story at 4 May 2016

    British anti-extremism agencies are working at an ‘industrial scale and pace’ and using Cold War tactics to combat ISIS propaganda

    Terror group puts out around 18 messages a day to its followers
    Government has set up covert group to counter radical propaganda
    David Cameron is to announce new laws targeting hate preachers

    A covert unit set up to tackle extremism is working ‘at an industrial scale and pace’ as it attempts to counter the barrage of ISIS propaganda online.

    The Research, Information and Communications Unit (RICU), a little-known group set up by the UK government, is using Cold War tactics to stop the spread of radical jihadism.

    Some of the methods used by the unit emerged today as David Cameron prepares to announce tough new laws to crack down on extremism.

    Radical material is now available to anyone wanting to access it as jihadists flood the web with propaganda
    +3
    Radical material is now available to anyone wanting to access it as jihadists flood the web with propaganda

    RICU was set up in response to the July 7 terror attacks in 2005, but the importance of its role has increased with the rise of ISIS, who now put out an estimated 18 messages a day to their followers.

    The slick production techniques behind ISIS’s infamous beheading videos and the terrorists’ use of social media to spread them has meant even the most extreme propaganda can be accessed in homes, schools and workplaces around the world.

    It emerged today that RICU often conceals the origin of information it sends out over fears that knowing it came from the government would undermine its credibility in the eyes of some young Muslims.

    One initiative, which portrays itself as a campaign providing advice on how to raise funds for Syrian refugees, has spoken to thousands of students at university freshers’ fairs without any of them realising they were engaging with a government programme.

    The Help for Syria campaign has distributed leaflets to 760,000 homes without the recipients realising they were government communications.

    Meanwhile, some of the group’s work has been outsourced to a communications firm, Breakthrough Media Network, which produced websites, leaflets and social media pages with titles such as The Truth about ISIS,The Guardian revealed.

    The tactics used by a government counter-extremism group, which include setting up the Help for Syria campaign (website pictured), emerged today as the government plans a new crackdown on hate preachers
    The tactics used by a government counter-extremism group, which include setting up the Help for Syria campaign (website pictured), emerged today as the government plans a new crackdown on hate preachers

    The methods have been criticised as ‘deceptive’ by critics, with human rights lawyer Imran Khan telling the newspaper: ‘This government needs to stop thinking of young British Muslims as some sort of fifth column that it needs to deal with.’

    But the Home Office insisted RICU’s work could involve ‘sensitive issues’ and some of the organisations it worked with did not want to publicly reveal the relationship with the Government.

    A Home Office spokeswoman said: ‘The battle against terrorism and extremism must be fought on several fronts including countering its twisted narrative online and in our communities. The need for this work is recognised at a national and international level.

    Videos including those of Jihadi John, since killed, have been used by ISIS to spread hate
    Videos including those of Jihadi John, since killed, have been used by ISIS to spread hate

    ‘As the Prime Minister has said, we face a generational challenge and it is vital we work in partnership with communities, civil society groups and individuals to confront extremism in all its forms.

    ‘This has been a key part of the Government’s counter-terrorism strategy since publication of the Prevent review in 2011.

    ‘We are very proud of the support RICU has provided to organisations working on the front line to challenge the warped ideology of groups such as Daesh [ISIS], and to protect communities.

    ‘This work can involve sensitive issues, vulnerable communities and hard to reach audiences and it has been important to build relationships out of the media glare.

    ‘We respect the bravery of individuals and organisations who choose to speak out against violence and extremism and it is right that we support, empower and protect them.

    ‘Our guiding principle has to be whether or not any organisation we work with is itself happy to talk publicly about what they do. At the same time we are as open as possible about RICU’s operating model, and have referenced the role of RICU in a number of publications and in Parliament.’

    By RICHARD SPILLETT FOR MAILONLINE
    PUBLISHED: 08:16 GMT, 3 May 2016 | UPDATED: 10:02 GMT, 3 May 2016

    Find this story at 3 May 2016

    © Associated Newspapers Ltd

    Saudi Arabia: prime centre of content blocking

    The Communication and Information Technology Commission (CITC) the Internet Services Unit (ISU)

    Surveillance and censorship of the Internet, relentless in the kingdom for many years, intensified after the popular uprisings in the Arab world in 2011, cutting still further the only free space where non-official views, news and information could be published. The latest target in the Saudi authorities’ sights is the video platform YouTube, which has been blocked since last December. Six months earlier, the Viber messaging service was cut off.

    The main Internet Enemies are the Communication and Information Technology Commission and the Internet Services Unit. Far from concealing their actions, the authorities openly attest to their censorship practices and claim to have blocked some 400,000 sites.

    The main regulatory agencies

    The Communications and Information Technology Commission (CITC) has been responsible for regulating the Internet in the country since 2006, censoring thousands of websites.

    The Saudi Arabian National Center for Science & Technology (SANCST) was established as an independent scientific organization in 1977 to promote the development of science and technology in Saudi Arabia. There was a change of direction in 1985, when the centre became the King Abdulaziz City for Science and Technology (KACST). This is the backbone of the Internet in Saudi Arabia and the place where all Saudi domain names are registered. Since October 2006, the CITC has taken over its content-filtering role.

    Citizens are encouraged to report sites with a view to having them blocked. These requests, previously centralized and managed by the Internet Services Unit (ISU), linked to the KACST, are now handled by the CITC, as stated on the ISU site. It takes just a few mouse-clicks for a user to report a site or a page to be blocked or unblocked.

    Late last year, after an article was published in the newspaper Al-Hayat, there was a rumour that the Saudi broadcasting authorities wanted to create a new body to censor and monitor video content on YouTube and other sites.

    Another idea under consideration was to require Saudis who wanted to share videos online to obtain a permit from this new agency and comply with its terms and conditions for the production of content. Only YouTube use compatible with Saudi “culture, values and traditions” would be permitted. It was not clear whether such censorship would apply to videos posted in Saudi Arabia itself or to all YouTube content. The head of the commission was critical of the article, but he stopped short of denying it.

    The whole thing was tied together by the state-owned company Saudi Telecom Company (STC), which for long was the country’s sole telecoms operator for mobile and Internet technology before the market was opened up. However, all licences of private companies are granted by the STC.

    Internet cafés are also monitored. They must have concealed video cameras and keep an accurate record of their customers and note their identities.

    The licence – stamp of approval

    Culture and information minister Abdul Aziz Khoja, published new regulations for news and information websites in January 2011 aimed at reinforcing Internet censorship and dissuading Web users from creating their own sites and blogs.

    According article 7 of the regulations, online media, the websites of so-called traditional media and platforms offering audio and video content or advertising now have to register with, and receive accreditation from, the culture and information ministry for a licence that must renewed every three years. A licence is valid for only three years. An applicant must be a Saudi national, aged at least 20, have a high school qualification and be able to produce “documents testifying to good conduct.”

    All these online media will also have to identify the company that hosts them. According to the original regulations, the ministry would also have had to approve the editor of each online newspaper, who would be the guarantor of the site’s entire content. However, the minister scrapped this provision after an outcry. The ministry will now just have to be notified of the editor’s name. Its approval will not be required.

    Online forums, blogs, personal websites, distribution lists, electronic archives and chat sites thereafter had to be registered. Bloggers were able to identify themselves “if they want,” but anonymity was clearly regarded as undesirable. Last month the authorities ruled that bloggers must use their real names.

    Under article 17, any breach of these regulations will incur a fine and a partial or total block on the website concerned. Fines can be as high as 100,000 Saudi rials (20,000 euros). The ministry retains the right to broaden the scope of these measures.

    Strict content filtering policy

    A strict filtering policy is applied to any content deemed by the authorities to be pornographic, or “morally reprehensible”. Websites that discuss religious or human rights issues or the opposition viewpoints are also blocked.

    Prohibited websites now include the Arab Network for Human Rights Information (ANHRI), and the sites gulfissues.net, saudiinstitute.org and saudiaffairs.net. Other sites have been blocked in response the Arab uprisings. In addition, there is increased surveillance of online forums and social networking sites, especially those that are participative.

    The CITC announced in June last year that it had cut off access to the Viber messaging service, a free voice-over-Internet application, because it had failed to meet “the regulatory requirements and laws in Saudi Arabia”.

    The authorities decided to target YouTube last December after the success of the campaign to allow women to drive in Saudi Arabia and of the video No Woman, No Drive” a parody of the Bob Marley song “No Woman, No Cry” by the Saudi comedian Hisham Fageeh.

    Last month, the NGO Arab Network for Human Rights Information, reported the closure of dozens of sites that were “opposed to the values of the Saudi government” and that 41 others had been shut down on the grounds that they had not complied with legislation requiring them to be registered.

    Cyber dissidents jailed

    Bloggers who dare to tackle sensitive subjects are liable to retaliation by the censors. Last July a Jeddah criminal court sentenced the cyber-activist Raef Badawi to seven years in prison and 600 lashes. The founder of Saudi Liberals, a website for political and social debate that has been censored since its creation in 2008, Badawi has been held in Jeddah’s Briman prison since his arrest on 17 June 2012.

    He was accused of creating and moderating a website that insulted religion and religious officials, including the Committee for the Promotion of Virtue and Prevention of Vice, and violated the Sharia’s basic rules. Judge Faris Al-Harbi added three months to his sentence for “parental disobedience.”

    Tariq al-Mubarak, a blogger and columnist who writes for the London-based Saudi newspaper Asharq al-Awsat, was arrested on 27 October last year after he wrote opinion pieces for the newspaper on subjects regarded as controversial in Saudi Arabia. In one of his stories published in its print edition on 6 October and headlined “It’s Time to Change Women’s Place in the Arab World”, he criticized the ban on women drivers. In another column published on 26 October and entitled “When the mafia threatens…”, he deplored the reign of terror in Arab societies that prevented people from fully enjoying fundamental freedoms. He was released after spending eight days in detention.

    In late October, human rights lawyer Waleed Abu Al-Khair — Raef Badawi’s counsel – was sentenced to three months’ imprisonment for signing a petition in 2011 that criticized the heavy sentences imposed on 16 Saudi reformists.

    This entry was posted in Enemies of the Internet and tagged Arab Network for Human Rights Information (ANHRI), Communications and Information Technology Commission (CITC), Internet Services Unit (ISU), Raef Badawi, Tariq al-Mubarak, The Saudi Arabian National Center for Science & Technology (SANCST), Waleed Abu Al-Khair on 11 March 2014 by moyenorient3.

    Find this story at 11 March 2014

    CIA Aided Program to Spy on U.S. Cellphones

    WASHINGTON—The Central Intelligence Agency played a crucial role in helping the Justice Department develop technology that scans data from thousands of U.S. cellphones at a time, part of a secret high-tech alliance between the spy agency and domestic law enforcement, according to people familiar with the work.

    The CIA and the U.S. Marshals Service, an agency of the Justice Department, developed technology to locate specific cellphones in the U.S. through an airborne device that mimics a cellphone tower, these people said.

    Today, the Justice Department program, whose existence wasreported by The Wall Street Journal last year, is used to hunt criminal suspects. The same technology is used to track terror suspects and intelligence targets overseas, the people said.

    The program operates specially equipped planes that fly from five U.S. cities, with a flying range covering most of the U.S. population. Planes are equipped with devices—some past versions were dubbed “dirtboxes” by law-enforcement officials—that trick cellphones into reporting their unique registration information.
    The surveillance system briefly identifies large numbers of cellphones belonging to citizens unrelated to the search. The practice can also briefly interfere with the ability to make calls, these people said.

    Some law-enforcement officials are concerned the aerial surveillance of cellphone signals inappropriately mixes traditional police work with the tactics and technology of overseas spy work that is constrained by fewer rules. Civil-liberties groups say the technique amounts to a digital dragnet of innocent Americans’ phones.

    ….

    The cooperation between technical experts at the CIA and the Marshals Service, which law-enforcement officials have described as a “marriage,” represents one way criminal investigators are increasingly relying on U.S. intelligence agencies for operational support and technical assistance in the wake of the Sept. 11, 2001, attacks. Many Justice Department officials view the joint effort with the CIA as having made valuable contributions to both domestic and overseas operations.

    A CIA spokesman declined to comment on whether the CIA or any other agency uses the devices. Some technologies developed by the agency “have been lawfully and responsibly shared with other U.S. government agencies,” the spokesman said. “How those agencies use that technology is determined by the legal authorities that govern the operations of those individual organizations—not CIA.” He also said the relationship between the Marshals Service and CIA tech experts couldn’t be characterized as a marriage.

    A Justice Department spokesman said Marshals Service techniques are “carried out consistent with federal law, and are subject to court approval.” The agency doesn’t conduct “domestic surveillance, intelligence gathering, or any type of bulk data collection,” the spokesman said, adding that it doesn’t gather any intelligence on behalf of U.S. spy agencies.

    By DEVLIN BARRETT
    Updated March 10, 2015 7:39 p.m. ET

    Find this story at 10 March 2015
    Copyright wsj.com

    CIA looks to expand its cyber espionage capabilities

    CIA Director John Brennan is planning a major expansion of the agency’s cyber-espionage capabilities as part of a broad restructuring of an intelligence service long defined by its human spy work, current and former U.S. officials said.

    The proposed shift reflects a determination that the CIA’s approach to conventional espionage is increasingly outmoded amid the exploding use of smartphones, social media and other technologies.

    U.S. officials said Brennan’s plans call for increased use of cyber capabilities in almost every category of operations — whether identifying foreign officials to recruit as CIA informants, confirming the identities of targets of drone strikes or penetrating Internet-savvy adversaries such as the Islamic State.

    Several officials said Brennan’s team has even considered creating a new cyber-directorate — a step that would put the agency’s technology experts on equal footing with the operations and analysis branches, which have been pillars of the CIA’s organizational structure for decades.

    U.S. officials emphasized that the plans would not involve new legal authorities and that Brennan may stop short of creating a new directorate. But the suggestion underscores the scope of his ambitions, as well as their potential to raise privacy concerns or lead to turf skirmishes with the National Security Agency, the dominant player in electronic espionage.

    “Brennan is trying to update the agency to make sure it is prepared to tackle the challenges in front of it,” said a U.S. official familiar with the reorganization plan. “I just don’t think you can separate the digital world people operate in from the human intelligence” mission that is the CIA’s traditional domain.

    Like others, the official spoke on the condition of anonymity to discuss internal decision-making.

    The expanded emphasis on cyber is part of a broader restructuring envisioned by Brennan that is expected to break down long-standing boundaries between the CIA’s operations and analysis directorates, creating hybrid “centers” that combine those and other disciplines.

    Brennan is expected to begin implementing aspects of his plan this month, officials said. He recently met with senior members of the House and Senate Intelligence Committees to outline the proposed changes.

    CIA spokesman Dean Boyd declined to comment, saying that “final decisions have not yet been made with respect to agency reorganization efforts.” In a notice to the CIA workforce last year, Brennan said that he had become “increasingly convinced that the time has come to take a fresh look at how we are organized.”

    The changes are designed to replicate the model of the CIA’s Counterterrorism Center, which has surged in size and influence since the Sept. 11, 2001, attacks. The restructuring could lead to new reporting lines for thousands of CIA employees, as long-standing units such the Latin America and Near East divisions give way to new centers that combine analysis, collection and covert operations.

    The National Clandestine Service and the Directorate of Intelligence — the formal names for the operations and analysis branches — would continue to exist, but would focus more on developing talent and resources that could be distributed to the new centers.

    “It would be a huge deal,” said Michael Allen, a former White House and congressional aide who wrote a 2013 book about intelligence reform. Unlike at the FBI and other security agencies, Allen said, “there hasn’t been wholesale structural reform in the CIA post-9/11.”

    Former officials who are familiar with the plan said it has caused generational friction within the CIA’s ranks, with longtime officers resisting changes that younger employees are more eager to embrace.

    The head of the clandestine service recently resigned, in part over objections to the scope of Brennan’s plan, officials said. Brennan quickly replaced him with a longtime officer who had led an internal review panel that broadly endorsed the director’s reform agenda.

    Although limited compared with the larger NSA, the CIA has substantial cyber capabilities. Its Information Operations Center, which handles assignments such as extracting information from stolen laptops and planting surveillance devices, is now second only to the Counterterrorism Center in size, former officials said.

    The CIA also oversees the Open Source Center, an intelligence unit created in 2005 to scour publicly available data, including Twitter feeds, Facebook postings and Web forums where al-Qaeda and other terrorist groups post material.

    Brennan hopes to make the use of such capabilities more pervasive, U.S. officials said, ensuring that expertise and tools that now reside in the Information Operations Center are distributed across the agency.

    The move comes at a time when the CIA has struggled to gain traction against adversaries — including the Islamic State and the Jabhat al-Nusra terrorist group — that recruit and communicate extensively online but operate in combat zones that CIA officers are generally not able to enter.

    But officials said digital changes have transformed even the most conventional cloak-and-dagger scenarios. Secrets that were once obtained by recruiting a source or meeting in a safe house increasingly reside in clouds of digital transmissions that surround espionage targets.

    To recruit a Russian spy, “you may need to manipulate someone’s e-mail, read someone’s e-mail and track the whereabouts of the FSB,” a former official said, referring to the Russian security service. “Cyber is now part of every mission. It’s not a specialized, boutique thing.”

    Beyond elevating the role of the Information Operations Center, U.S. officials said, Brennan is seeking to ensure that the agency is not lagging in other areas, such as counterintelligence work and the CIA’s internal e-mail system.

    Brennan provided only broad outlines of his plan in recent congressional meetings, which excluded all but the four highest-ranking members of the House and Senate intelligence panels. A senior U.S. intelligence official said some senior NSA executives remain in the dark on Brennan’s cyber ambitions.

    In recent years, the CIA has collaborated extensively with the NSA on a range of covert programs, including its drone campaign against al-Qaeda. Documents released by former NSA contractor Edward Snowden showed that e-mails and cellphone signals intercepted by the NSA were used to confirm the identities of targets in strikes.

    But the CIA also has fought budget and bureaucratic battles to maintain its standalone capability, prompting some to view the latest push as an attempt to capi­tal­ize on Washington’s growing alarm over cyberthreats — and the corresponding shifts in federal budgets.

    Former CIA officials said that the agency is mainly concerned about having direct control over the cyber components of its operations and that Brennan’s plans would not encroach on the global surveillance programs run by the NSA. Nor would they interfere with the work of a new agency the Obama administration is creating to fuse intelligence on cyberattacks.

    Brennan’s push to expand the CIA’s cyber capabilities is “entirely appropriate, even overdue,” said Stephen Slick, a former CIA official who directs the Intelligence Studies Project at the University of Texas at Austin. “Advances in digital technology are having a revolutionary impact on the intelligence business, and it’s important for CIA to adapt its collection and covert action missions to account for the new opportunities and dangers.”

    Ellen Nakashima and Julie Tate contributed to this report.

    By Greg Miller February 23

    Find this story at 23 February 2015

    Copyright washingtonpost.com

    GCHQ captured emails of journalists from top international media

    • Snowden files reveal emails of BBC, NY Times and more
    • Agency includes investigative journalists on ‘threat’ list
    • Editors call on Cameron to act against snooping on media
    GCHQ

    GCHQ’s bulk surveillance of electronic communications has scooped up emails to and from journalists working for some of the US and UK’s largest media organisations, analysis of documents released by whistleblower Edward Snowden reveals.

    Emails from the BBC, Reuters, the Guardian, the New York Times, Le Monde, the Sun, NBC and the Washington Post were saved by GCHQ and shared on the agency’s intranet as part of a test exercise by the signals intelligence agency.

    The disclosure comes as the British government faces intense pressure to protect the confidential communications of reporters, MPs and lawyers from snooping.

    The journalists’ communications were among 70,000 emails harvested in the space of less than 10 minutes on one day in November 2008 by one of GCHQ’s numerous taps on the fibre-optic cables that make up the backbone of the internet.

    The communications, which were sometimes simple mass-PR emails sent to dozens of journalists but also included correspondence between reporters and editors discussing stories, were retained by GCHQ and were available to all cleared staff on the agency intranet. There is nothing to indicate whether or not the journalists were intentionally targeted.

    The mails appeared to have been captured and stored as the output of a then-new tool being used to strip irrelevant data out of the agency’s tapping process.

    New evidence from other UK intelligence documents revealed by Snowden also shows that a GCHQ information security assessment listed “investigative journalists” as a threat in a hierarchy alongside terrorists or hackers.

    Senior editors and lawyers in the UK have called for the urgent introduction of a freedom of expression law amid growing concern over safeguards proposed by ministers to meet concerns over the police use of surveillance powers linked to the Regulation of Investigatory Powers Act 2000 (Ripa).

    More than 100 editors, including those from all the national newspapers, have signed a letter, coordinated by the Society of Editors and Press Gazette, to the UK prime minister, David Cameron, protesting at snooping on journalists’ communications.

    In the wake of terror attacks on the Charlie Hebdo offices and a Jewish grocer in Paris, Cameron has renewed calls for further bulk-surveillance powers, such as those which netted these journalistic communications.

    Ripa has been used to access journalists’ communications without a warrrant, with recent cases including police accessing the phone records of Tom Newton-Dunn, the Sun’s political editor, over the Plebgate investigation. The call records of Mail on Sunday reporters involved in the paper’s coverage of Chris Huhne’s speeding row were also accessed in this fashion.

    Under Ripa, neither the police nor the security services need to seek the permission of a judge to investigate any UK national’s phone records – instead, they must obtain permission from an appointed staff member from the same organisation, not involved in their investigation.

    However, there are some suggestions in the documents that the collection of billing data by GCHQ under Ripa goes wider – and that it may not be confined to specific target individuals.

    A top secret document discussing Ripa initially explains the fact that billing records captured under Ripa are available to any government agency is “unclassified” provided that there is “no mention of bulk”.

    The GCHQ document goes on to warn that the fact that billing records “kept under Ripa are not limited to warranted targets” must be kept as one of the agency’s most tightly guarded secrets, at a classification known as “Top secret strap 2”.

    That is two levels higher than a normal top secret classification – as it refers to “HMG [Her Majesty’s government] relationships with industry that have areas of extreme sensitivity”.

    Internal security advice shared among the intelligence agencies was often as preoccupied with the activities of journalists as with more conventional threats such as foreign intelligence, hackers or criminals.

    One restricted document intended for those in army intelligence warned that “journalists and reporters representing all types of news media represent a potential threat to security”.

    It continued: “Of specific concern are ‘investigative journalists’ who specialise in defence-related exposés either for profit or what they deem to be of the public interest.

    “All classes of journalists and reporters may try either a formal approach or an informal approach, possibly with off-duty personnel, in their attempts to gain official information to which they are not entitled.”

    It goes on to caution “such approaches pose a real threat”, and tells staff they must be “immediately reported” to the chain-of-command.

    GCHQ information security assessments, meanwhile, routinely list journalists between “terrorism” and “hackers” as “influencing threat sources”, with one matrix scoring journalists as having a “capability” score of two out of five, and a “priority” of three out of five, scoring an overall “low” information security risk.

    Terrorists, listed immediately above investigative journalists on the document, were given a much higher “capability” score of four out of five, but a lower “priority” of two. The matrix concluded terrorists were therefore a “moderate” information security risk.

    A spokesman for GCHQ said: “It is longstanding policy that we do not comment on intelligence matters. Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the parliamentary intelligence and security committee.

    “All our operational processes rigorously support this position. In addition, the UK’s interception regime is entirely compatible with the European convention on human rights.”

    James Ball
    Monday 19 January 2015 15.04 GMT Last modified on Tuesday 20 January 2015 00.17 GMT

    Find this story at 19 January 2015

    © 2015 Guardian News

    Met de billen bloot op Facebook

    Er wordt alom voor gewaarschuwd: je sociale leven kan redelijk eenvoudig in kaart worden gebracht zodra je actief een Facebook-pagina onderhoudt. Buro J&J brengt het resultaat visueel in kaart.

    Metadata zijn sporen die je na laat gedurende je communicatie via internet en telefoon. Dit zijn vooral individuele sporen, sporen over jezelf en het directe contact dat je onderhoudt met mensen. Natuurlijk kan naar aanleiding van die sporen een beeld geschetst worden van je sociale leefwereld, maar daarvoor moet je iemands data wel eerst voor langere tijd opslaan.

    Individuele data is harde data over waar, hoe laat en met wie je hebt gesproken waarmee je als verdachte, getuige of onbekende kunt worden gelabeld door opsporingsdiensten. Je bent in de buurt geweest, je hebt met iemand gebeld of gewhatsappt, je reageert niet op een sms-bombardement, alles in het kader van de opsporing.

    Metadataverzameling

    Voor directe vervolging zijn die data van belang, voor inlichtingendiensten minder. Zij zullen ongetwijfeld veel data verzamelen (‘At a meeting with his British counterparts in 2008, Keith Alexander, then head of the National Security Agency, reportedly asked, “Why can’t we collect all the signals, all the time?”’, the Washington Post 13 mei 2014), maar dat ligt in de aard van inlichtingendiensten. Die data heeft ook pas inlichtingenwaarde op het moment dat je iemands digitale stappen langer volgt. Voor het voorkomen van aanslagen zijn die data meestal zinloos. Zij geven misschien wel patronen aan, maar hebben geen voorspellende waarde voor mogelijke acties.

    Op 20 december 2013 opent NBC news met: ‘NSA program stopped no terror attacks, says White House panel member’ The Guardian (14-01-14) onderstreept deze claim met de stelling dat volgens de Senate judiciary committee het verzamelen van bulk telefoondata een beperkte rol heeft gespeeld in het voorkomen van terrorisme.

    The Guardian baseert haar stelling op een onderzoek door de New America Foundation die tot de conclusie kwam dat de NSA geen enkele aanslag heeft weten te voorkomen. De aanslag op de marathon van Boston van 15 april 2013 onderschrijven die conclusie. Meerdere diensten (FBI, CIA en NSA) hielden de verdachten in de gaten, maar zij konden hun aanslagen toch uitvoeren.

    Nederland laat hetzelfde beeld zien. De inlichtingendiensten hebben de moord op Fortuyn en Van Gogh niet weten te voorkomen. Van de Hofstadgroep, waar Mohammed Bouyeri toe behoorde, was reeds bekend dat de meeste leden benaderd waren door de AIVD. Tevens was bekend dat zij bijeen kwamen in het huis van Bouyeri en dat het adresboek van hem door de Amsterdamse politie was gekopieerd voor de inlichtingendienst. De dienst heeft aangegeven dat zij webfora kunnen hacken, daarnaast heeft de dienst naar alle waarschijnlijkheid telefoontaps en internettaps op de Hofstadgroep leden geplaatst. Theo van Gogh is ondanks die dataverzameling vermoord (zie Onder Druk, Buro Jansen & Janssen).

    Open boek

    Voor inlichtingendiensten is het voorkomen van aanslag echter niet het belangrijkste. Zij willen de ‘subversieven’, de ‘tegencultuur’ in kaart brengen. Specifieke informatie kan dan belangrijk zijn om op een groep in te kunnen zoomen, maar die data (metadata) is slechts deels interessant.

    Je kunt bijvoorbeeld vastleggen dat Margriet en Barbara (de twee vrouwen in dit verhaal) veel met elkaar communiceren, bijvoorbeeld elke dag om 16.00 uur gedurende twee minuten. Margriet bevindt zich ten oosten van het centrum van Amsterdam, Barbara ten westen. Een locatie is er ook voor beide vrouwen. Laurence (de man in dit verhaal) communiceert slechts zelden met beide vrouwen, met Barbara op bepaalde momenten. Groepsgesprekken hebben de drie nooit.

    Eigenlijk ben je nu al het zicht op de ‘bigger picture’ kwijt, omdat je direct inzoomt op het individu. Je verliest zo het helikopterperspectief, je staat niet meer boven de persoon, maar eigenlijk direct naast hem. Voor opsporingsdiensten is dit van belang voor het traceren van verdachten van misdrijven, je legt iemands leven in retrospectief vast. Voor inlichtingendiensten is deze data eigenlijk zinloos, je bent altijd te laat, zoals de moord op Van Gogh laat zien.

    Dat tegenwoordig iedereen een spoor van data trekt, is sinds de onthullingen van Edward Snowden op de achtergrond geraakt. De overheid heeft een grote verzamelwoede en dat is de ‘schuldige’ in de discussie. Dit is al vele jaren bekend, maar veel mensen leken en lijken zich daar niets van aan te trekken. De discussie over de massa aan data die mensen zelf op het internet storten door eigen communicatie, is op de achtergrond geraakt.

    Communicatie over mijn aanwezigheid in de Albert Heijn gebeurt zowel verhuld (metadata) als open (twitter, instagram). Het lijkt erbij te horen dat bij een actie, bijvoorbeeld het omtrekken van stellingkasten in de AH tegen de macht van de supermarkten, je niet alleen je metadata meesleept (zonder bellen al je locatie prijsgeven), maar ook nog eens met diezelfde telefoon twittert (hashtag #valAHaan) en fotografeert.

    Dat de overheid die data verzamelt is dan eigenlijk bijzaak geworden. Veel mensen delen hun gehele leven elke seconde van de dag, niet alleen via metadata ook door ‘echte’ data. Het op straat gooien van persoonlijke data is ook zichtbaar bij Facebook. Wij hebben drie mensen (Margriet, Barbara en Laurence) die buitenparlementair politiek actief zijn, gevraagd of wij hun Facebook-data mochten analyseren. Die analyse hebben we vervolgens in een grafisch beeld omgezet.

    Wie is wie

    Stel, je bent vagelijk bevriend met Margriet. Je hebt nooit haar vrienden ontmoet en wordt uitgenodigd voor haar dertigste verjaardag. Margriet geeft een knalfuif en al haar familie, vrienden en bekenden komen langs. Zelfs incidentele vrienden van uitgaansgelegenheden zijn van de partij.

    Zodra je van de grote zaal waar de party plaatsvindt een foto zou maken, krijg je grofweg een schets van de Facebook-pagina van Margriet. Haar familie zoekt elkaar op, mensen van de ngo waar zij actief voor is doen hetzelfde, krakers delen de laatste nieuwtjes uit, de deelnemers aan haar dansgroepen begroeten elkaar, en anderen hokken in groepjes. Door de gehele ruimte zwerven enkele eenlingen die niet echt mensen kennen.

    In de loop van de avond vormt de dansvloer het middelpunt van het feest, ook daar is sprake van groepsvorming. Het eerste moment van de avond, dat bekenden elkaar opzoeken, zie je terug in de afbeelding op de Facebook-pagina van Margriet. Nu niet alleen op haar dertigste verjaardagsdag, maar dagelijks.

    In het algemeen valt op dat de meeste mensen met hun volledige naam (voor- en achternaam) zich op Facebook presenteren. Ook ngo´s, actiegroepen, bands, kraakpanden en alternatieve uitgaansgelegenheden vermelden een volledig profiel op sociale media. Daardoor wordt vrij snel duidelijk waar iemand sympathie voor heeft, waar hij of zij uitgaat, welke kraakpanden de persoon kent en welke acties door iemand worden ondersteund.

    Opvallend is dat al die acties en ngo’s ook bij elkaar horen. Er zitten geen vreemde zaken bij, zoals bijvoorbeeld bedrijven als Coca Cola, Monsanto of Shell. De drie activisten tonen hun politieke opvatting door middel van hun Facebook-pagina duidelijk. Natuurlijk zijn Margriet, Barbara en Laurence bekenden van Jansen & Janssen, maar zelfs bij onbekende activisten zal het eenvoudig zijn om de politieke kleur, vrienden, familie, werk en je sociale netwerk op te tekenen.

    Een kraaksymbool op Facebook bijvoorbeeld is iets totaal anders dan een kraaksymbool op een T-shirt dat je vandaag draagt. Dat T-shirt draag je waarschijnlijk anoniem, zonder naambordje of rug-burgerservicenummer. Via je Facebook-pagina is dat T-shirt gekoppeld aan je naam, je sociale netwerk, je leefwereld. Dat is niet anoniem, het gaat zelfs verder dan je persoonlijke identificatie.

    Niet perfect

    Natuurlijk is het beeld niet perfect en moet er rekening worden gehouden met allerlei ongerijmdheden, maar de grafische representatie van de drie mensen schept een beeld van hun leven. Bij het zien van het beeld viel het Margriet op dat haar “sociale netwerk heel goed zichtbaar is”. Dat het beeld niet perfect is viel haar ook op: “Grappig dat er ook een muziekband en een persoon tussen zitten die inmiddels amper nog actief zijn.” Het beeld is niet perfect en daarom worden hier enkele kanttekeningen bij de interpretaties geplaatst.

    Veel communiceren, veel ‘liken’ of veel ‘likes’ krijgen op Facebook betekent niet alles. In de beelden hebben de verschillende personen en groepen een andere kleuren. Donker rood is een teken van grote activiteit, maar in deze analyse wordt daar niet dieper op ingegaan. Veel activiteit valt bij een oppervlakkige analyse niet goed te definiëren. Wel maakt het beeld duidelijk dat met verfijnde oplossingen de mate van activiteit en welke activiteit nader kan worden ingekleurd. Automatisch moet bij de analyse van de beelden voorzichtig worden omgesprongen met conclusies over leiderschap en hiërarchie.

    Ook zegt de communicatie op Facebook niet alles. Mensen die op internet zeer actief zijn, zijn misschien in werkelijkheid erg verlegen. Mensen met een grote mond en die stoer doen op internet, vervullen niet per se een belangrijke rol binnen een groep en/of sociaal netwerk. Tevens is niet iedereen aanwezig op Facebook. Er zijn nog steeds mensen die geen Facebook-pagina hebben, die zijn dus niet zichtbaar in het netwerk. Zelfs met deze kanttekeningen moet Laurence ook toegeven dat zijn leven redelijk goed in beeld wordt gebracht.

    Facebook-beeld van Barbara
    Pijl 1 oude vriendengroep en contacten via derden, geen sterke banden
    Pijl 2 collega’s en ngo’s gerelateerd aan het werk van Barbara
    Pijl 3 sterke relatie met Barbara, springt eruit in het netwerk, is haar vriend Evert
    Pijl 4 collega’s en uitgaansgelegenheden gerelateerd aan Evert vriend van Barbara
    Pijl 5 oude vriendengroep en contacten via familie zwerm, geen sterke banden
    Tussen pijl 1 en 5 Familie zwerm
    Tussen pijl 2 en 4 individuen, kraakpanden en alternatieve uitgaansgelegenheden.

    Familie zwerm

    Het Facebook beeld van Margriet bestaat uit een grote zwerm (pijl 1 van haar beeld), een klein wolkje onder (pijl 3), twee wolken bij elkaar (pijl 4) en enkele losse individuen bovenaan. Het beeld van Barbara laat links een kleine wolk zien met een plukje daaronder (pijl 1 en 5) en rechts een grote zwerm in een boog van boven naar beneden (pijl 2, 3 en 4). Laurence laat een grote wolk in het midden zien (pijl 2 en 4) en twee plukjes boven (pijl 1) en beneden (pijl 3).

    Bij alle drie de beelden springen de plukjes familie er uit. Margriet heeft een klein wolkje familie (pijl 3) die ver onder haar ‘eigen’ wolk hangt. Barbara heeft een grote wolk links van de centrale zwerm. Dat is haar familie en waarschijnlijk oude vrienden in het land waar zij vandaan komt. Laurence heeft een klein wolkje onder de hoofdwolk, waar zijn familie en enkele oude vrienden zich hebben verenigd.

    Alle drie de activisten hebben ‘afstand’ tot hun familie. Bij Barbara heeft het met fysieke afstand te maken, bij Laurence en Margriet kan het iets zeggen over de mate van gehechtheid. Bij Barbara is nog opvallen dat naast de ‘familie’ zwerm (tussen pijl 1 en pijl 5) er nog twee kleine wolkjes (pijl 1 en 5) verder van de centrale wolk afstaat. De verklaring van deze wolk: een groep vrienden of bekenden in het land waar Barbara vandaan komt. Pijl 1 laat een klein netwerk zien dat verbonden is met enkele wolken bij de centrale zwerm. Het is niet direct verbonden met de centrale persoon (pijl 3) in de grote wolk. Waarschijnlijk is dit een groep uit het verleden waar om verschillende redenen minder relaties mee onderhouden zijn.

    Hoe zijn die specifieke familie-zwermen te onderscheiden van elkaar? Eigenlijk vrij simpel. De activisten staan op Facebook met hun achternaam. In de ‘familie’ wolken komt die naam veel voor. Natuurlijk is het een aanname, maar bij navraag blijkt Margriet aan te geven dat “rechtsonder de familie zit”. Ook Laurence zegt dat pijl 3 een “opvallend los netwerkje is. Dit is een netwerk van oude vrienden en familie. Ik heb daar weinig contact mee en dat lijkt zelfs uit het Facebook-beeld te halen”, geeft Laurence aan. In ieder geval is de familie zwerm niet opgenomen in de centrale wolk van alle drie de activisten.

    Facebook-beeld van Laurence
    Pijl 1: wolkje vrienden of collega’s die betrokken zijn bij een ngo’s
    Pijl 2: activisten zwerm rond kraakpand in Amsterdam (groepen, individuen, kraakpanden etc.)
    Pijl 3: Familie zwerm en wat oude vrienden
    Pijl 4: activisten zwerm rond groep in Den Haag (groepen, individuen, kraakpanden etc.)

    Activisten zwerm

    De activisten zwerm bestaat bij alle drie uit een verzameling groepen, kraakpanden, alternatieve uitgaansgelegenheden en personen. Bij Margriet bestaat die wolk (pijl 1) uit verschillende delen. Links boven bevindt zich een groep mensen, muziekbands en groepen rond enkele uitgaansgelegenheden en kraakpanden zoals de OCCii aan de Amstelveenseweg in Amsterdam West en het kraakpand de Valreep in Amsterdam Oost.

    Links onder in de centrale wolk komt het woord anarchisme regelmatig terug, zoals Anarchistische Groep Friesland en Anarchistisch Kollektief Utrecht. Deze groepen en mensen ‘hangen’ rond bij Doorbraak, een linkse basisorganisatie. Rechts onder bevinden zich individuen in de zwerm die actief zijn voor verschillende ngo’s. Gezien het werk van Margriet is het logisch dat zij verbinding met deze groep mensen heeft. Slechts enkele groepen komen er in voor, het zijn vooral personen.

    Tot slot rechtsboven is een groep mensen en enkele bands gegroepeerd die tussen de alternatieve uitgaansgelegenheden en kraakpand (links boven) en de twee wolken rechts van de activisten zwerm staan. Rechtsboven vormt een soort brug naar twee dansgroepen die rechts van de centrale wolk staan.

    De activistenzwerm van Laurence (pijl 2 en 4) is even scherp in te delen in aparte delen. Rechtsonder een specifiek groepje krakers/activisten die dezelfde hobby’s erop nahouden. Rechtsboven een groep mensen en organisaties georganiseerd rond het Autonoom Centrum Den Haag (pijl 4). Linksonder is weer het kraakpand de Valreep in Amsterdam Oost present, net als bij Margriet. Het is opvallend hoe de Valreep (pijl 2) bij Laurence als een soort spin vele connecties maakt met mensen en groepen.

    Hier omheen hangen wat activisten en krakers uit Amsterdam. De centrale as in de activistische zwerm van Laurence wordt gevormd tussen de Valreep in Amsterdam en het Autonoom Centrum in Den Haag. Linksboven zijn een paar personen aanwezig die de link vormen tussen de Amsterdamse kraakscene en het wolkje dat links boven de activistenzwerm van Laurence zweeft. Dit kleine wolkje dat los is geweekt van de centrale wolk zijn mensen die betrokken zijn bij een ngo.

    De as ‘de Valreep – Autonoom Centrum’ in de activistenzwerm van Laurence is niet direct zichtbaar bij Margriet. Daar spelen eerder enkele individuen een centrale rol in de ‘grote wolk’. Margriet: “in de grote wolk (pijl 1) springen er een aantal erg uit die blijkbaar zeer actief zijn op Facebook zoals Albert en Astrid.” Deze twee mensen waren vroeger actief (jaren ’90 en begin ‘0), maar spelen nu geen belangrijke rol meer binnen de activisten scene. Niet alleen groepen kunnen dus een verbindende factor spelen, maar ook individuen zoals de zwermen rond Albert en Astrid laten zien. Zij houden de wolk van Margriet bij elkaar.

    Bij Barbara is iets vergelijkbaars aan de hand. De onderkant van de grote wolk (pijl 2, 3 en 4) wordt bij elkaar gehouden door één persoon (pijl 3). Dat is iemand waarmee Barbara veel connecties heeft, haar vriend Evert. Zelfs zonder kennis over de relatie tussen Barbara en Evert valt in ieder geval zijn zeer actieve positie binnen haar netwerk op. Het is duidelijk dat Evert heel dicht bij Barbara staat. Dit kan ook worden geconcludeerd uit het feit dat Evert veel contacten heeft met de familie zwerm (tussen pijl 1 en 5).

    Rechts van Evert wordt het laagste deel van de wolk (pijl 4) ingenomen door collega´s en groepen rond de uitgaansgelegenheid waar hij werkt. In het midden zijn vooral de alternatieve uitgaansgelegenheden en kraakpanden vertegenwoordigd (rond pijl 3). Halverwege de top is er een lichte breuk zichtbaar in de wolk. De top lijkt daardoor een beetje los te staan van het deel er onder (pijl 2).

    Die top wordt ingenomen door collega´s van de werkplek van Barbara, een ngo die enkele contacten onderhoudt met de activistische scene. Vanuit die top zijn er enkele individuen die tegen de grote wolk aanhangen in twee kleine plukken verdeeld en die ook contact onderhouden met de ‘overkant’, de familie en oude vrienden zwerm. Dat zijn mensen die connecties hebben met het land waar Barbara vandaan komt, iets dat is op te maken uit de namen van de verschillende mensen.

    Facebook-beeld van Margriet
    Pijl 1: activisten zwerm met groepen, individuen, kraakpanden en alternatieve uitgaansgelegenheden.
    Pijl 2: Losse individuen, merendeel oud klasgenoten van de middelbare school
    Pijl 3: Familie zwerm
    Pijl 4: Vertier wolk: een grote (waar de pijl naar wijst) en kleine dansgroep (links van de grote wolk)

    Vertier wolk

    Bij Margriet is het opvallend dat zij twee aparte wolken ter rechterzijde van de activisten zwerm heeft (pijl 4 en iets naast pijl 4). Centraal in die twee wolken staan de namen van een dansgroep. De individuen daaromheen zullen naar alle waarschijnlijkheid leden zijn of sympathisanten, zoals bij de activisten zwerm. Barbara en Laurence geven niet zo heel duidelijk hun hobby’s prijs, maar het kan ook betekenen dat zij activiteiten doen met mensen die geen gebruik maken van Facebook of niet zichtbaar zijn in een duidelijk clubverband.

    In principe is er natuurlijk sprake van diverse opties ten aanzien van het wel of niet zichtbaar zijn van groepen. Toch is dat niet helemaal waar, want de clusters rond werk, connecties rond een ngo, rond een kraakpand of een uitgaansgelegenheid, zijn wél heel duidelijk. Een logischer verklaring is dat de activiteit meer is ingebed in de bestaande structuur, waardoor er geen losse groep is. Dit is zo als een activiteit niet in een officieel club- of groepsverband, zoals de twee dansgroepen van Barbara, plaatsvindt. Bij Margriet lijkt dit te kloppen, ook ten aanzien van haar oude klasgenoten uit het verleden. “Het groepje helemaal bovenin zijn oud-klasgenoten van mijn middelbare school met enkele geïsoleerde contacten”, analyseert Margriet haar eigen Facebook-beeld.

    Barbara laat eigenlijk twee wolken zien. Een familie- en vriendenzwerm met daarnaast twee aparte wolken oud-vrienden of bekenden waar nu minder contact mee wordt onderhouden. Deze wolk staat los van haar leven in Nederland, maar is vergelijkbaar met de danswolken van Margriet, gescheiden werelden met enkele connecties. Bij de wolk met het werk van Barbara boven en het werk van Evert beneden wordt het centrum ingenomen door uitgaan, persoonlijke contacten en wat activisme en kraakpanden. Een duidelijke aparte groep sport, cultuur of natuur heeft Barbara niet binnen haar netwerk. Barbara en Margriet zijn wel weer in dat centrum aan elkaar gekoppeld. Margriet en Barbara komen terug in het netwerk van Laurence.

    Sociaal netwerk vastleggen

    Na het zien van zijn Facebook-beeld vraagt Laurence zich af hoeveel hij gaat veranderen aan zijn gedrag op Facebook. “Het geeft een duidelijk inzicht in mijn sociale leven”, constateert hij. Hij merkt daarbij op dat een analyse van de gegevens van Facebook duidelijk maakt waar de zwakke schakels in zijn leven zich bevinden. “Dat is best scarry, vreemd om dat op deze manier te ontdekken”, voegt hij eraan toe.

    Ook Margriet is verbaasd over hoe scherp haar sociale leven door Facebook in kaart wordt gebracht. “Als je weet in welke thema´s die zwermen of wolken geïnteresseerd zijn, heb je een schat aan informatie. Door een combinatie te maken van individuen en groepen wordt dat snel duidelijk. Je weet echter niet alleen welke thema’s centraal staan, ook is zichtbaar hoe bepaalde informatie kan worden verspreid binnen die specifieke netwerken. Je weet namelijk wie actief is, een centrale rol speelt, veel connecties heeft, ga zo maar door. En dan hoeft het niet alleen om commerciële boodschappen te gaan”, laat zij weten.

    Facebook legt iemands sociale leven vast, maar doet dat echter niet alleen. Mensen leveren het internetbedrijf hun persoonlijke data. Die informatie is misschien onschuldig als je naar de elementen kijkt, maar wie de data in context plaatst kan een foto maken van de bezoekers van de dertigste verjaardag van Margriet. Die foto weerspiegelt haar sociale leven, niet alleen op die dag. Het plaatst mensen in groepen, kleurt politieke ideeën in en geeft inzicht in verhoudingen.

    Wie van alle groepen en personen van de Facebook-pagina van Margriet (hetzelfde geldt voor Barbara en Laurence) een grafisch beeld maakt, kan een nog specifiekere sociale geschiedenis van haar optekenen. Jeugd, school, universiteit, arbeidsverleden, vrije tijd, activisme en politieke voorkeuren kunnen deels worden ingevuld. Misschien niet perfect, maar Facebook bezit zoveel data dat die perfectie in de loop der jaren naar alle waarschijnlijkheid zal toenemen.

    Vraag is natuurlijk of je je hele sociale leven op straat wilt leggen, of dat je daar zelf controle over wilt hebben en/of houden. Dat is een persoonlijke keuze die niets met privacydiscussies te maken heeft. ‘Wat deel je met een bedrijf en daarbij indirect met de wereld?’, is de primaire vraag die je jezelf moet stellen.

    Maikel van Leeuwen

    Facebook beelden, beelden van je Facebook pagina of een social graph

    De bijgevoegde beelden zijn een visualisatie van de Facebook-pagina’s van Margriet, Barbara en Laurence. De verbindingen in het netwerk, de lijnen tussen de rondjes worden ook wel ‘edges’ genoemd. In het Nederlands vertaald zou dit randen of richels betekenen. Eigenlijk zegt dit al iets over de voorzichtigheid die in acht genomen moet worden bij interpretaties. Randen en richels zijn geen diepe verbindingen. Een verbinding kan een ‘like’ zijn of een opmerking.

    Een node, een rondje in de beelden, is een persoon en/of organisatie binnen het netwerk. Nodes en edges vormen tezamen een social graph, een Facebook beeld. De grote van een node bepaald de ‘populariteit’ in het netwerk. Met allerlei berekeningen kan bepaald worden hoe populair een node is. De populariteit wordt bepaald door het aantal likes, maar ook door de mate van activiteit door het versturen van berichten of het krijgen van berichten.

    Find this story at 30 June 2014

    Facebook, het ultieme inlichtingenbedrijf

    Je kan Facebook vergelijken met de people’s secret service. Want hoe je het wendt of keert, uiteindelijk zijn het de internetgebruikers die vrijwillig hun persoonlijke leven prijsgeven aan het commerciële bedrijfsleven en de overheid.

    In het voorafgaande artikel ‘Met de billen bloot op Facebook’, over Facebook profiling, gaat het vooral over netwerken waarin mensen zich bevinden. Profiling bestaat echter niet alleen uit netwerkanalyse, maar ook uit identificatie-analyse. Wie de profielen van Margriet, Barbara en Laurens bekijkt, krijgt niet alleen de beschikking over veel informatie met betrekking tot familie, vrienden, kennissen, heden en verleden, maar ook voorkeuren.

    Facebook fungeert als een soort inlichtingendienst. Het verzamelt informatie die mensen zelf aanleveren. Het lijkt anders dan het persoonsdossier van de inlichtingendienst die bestaat uit krantenartikelen, mediaoptredens, twitterberichten, Facebook postings, vergadernotulen, observatieverslagen en telefoon-/internettaps.

    Verzamelwoede

    Wie echter inzoomt op de Facebook-data constateert dat het commerciële internetbedrijf dezelfde data beheert die inlichtingendiensten proberen te verzamelen. Informatie die betrekking heeft op persoonlijke voorkeuren, relaties, contacten en netwerken. Het verschil met inlichtingendiensten is dat Facebook niets hoeft te doen voor die dataverzameling. Zij stelt een gratis dienst ter beschikking. Gratis betekent in dit geval natuurlijk niet voor niets. Daarbij gaat het bij Facebook allang niet meer om de advertenties die je moet tolereren.

    Het Facebook-beeld van de drie aan ons visualisatie-/analyseproject deelnemende activisten geeft een aantal zaken weer, waar inlichtingendiensten ook constant naar op zoeken zijn. Wie zijn je vrienden (op Facebook), bij welke actiegroepen en politieke partijen ben je aangesloten en voor welke demonstraties en acties heb je sympathie. Likes spelen daarbij natuurlijk een rol, maar het gaat ook om de interactie en de berichten die gekoppeld zijn aan die politieke voorkeuren.

    Met de subscribe knop kan Facebook waarde koppelen aan verschillende persoonlijke relaties die je hebt. De relaties en voorkeuren leggen je sociale leven bloot. Naar welke muziek luister je graag, welke boeken lees je en hoe (e-book of papier), favoriete tv-series, de sport die je beoefent, de games die je speelt als je je even verveelt.

    Dit is geen persoonlijke informatie die Facebook aan mensen ontfutselt. Het is geen inlichtingendienst die je bibliotheekgegevens opvraagt om te weten welk boek je hebt geleend. Mensen leveren Facebook al hun data aan, vrijwillig zonder dwang. Hooguit kun je spreken van groepsdruk, druk van het argument ‘iedereen gebruikt het’.

    De kennis van het bedrijf over je sociale leven strekt zich uit van je voornaam, achternaam, geboortedatum en leeftijd tot aan je afkomst, je gezicht (scan), zeg maar je GBA (Gemeentelijke Basis Administratie) gegevens. Maar Facebook beschikt ook over gegevens betreffende je basisschool, middelbare school en hoger onderwijs (DUO Dienst Uitvoering Onderwijs gegevens), tot aan je seksuele oriëntatie (GGD gegevens in verband met inentingen en tests op HIV en andere seksueel overdraagbare ziekten), je huidige en voormalig werkgevers (UWV en DWI gegevens), partner en ex-partners (GBA gegevens), creditcard gegevens (banken/ en creditcard bedrijven), fysieke locatie (telefoonmaatschappijen en internetproviders). Gegevens die overheidsdiensten bij allerlei instanties moeten opvragen.

    Duistere achterkant

    Mensen delen veel en Facebook vraagt ook regelmatig om je profiel volledig in te vullen. Inlichtingendiensten kloppen bij al die instanties aan, of proberen direct en constant toegang tot deze data te verkrijgen. Aan de achterkant weet je eigenlijk niet wat Facebook met die data doet. Advertenties koppelen aan je profiel is de meest opvallende, maar die achterkant blijft duister.

    Met de onthullingen van Edward Snowden over datastofzuiger de National Security Agency (NSA), is duidelijk geworden dat multinationals zoals Facebook, maar ook Google, Microsoft en Apple hun achterdeur voor de inlichtingendienst(en) open zetten. Het Amerikaanse blad Mother Jones kopte in december 2013: ‘Where Does Facebook Stop and the NSA Begin?’

    Toch is deze weergave niet helemaal correct. Het lijkt eerder op de omgekeerde wereld. ‘Waar stoppen de inlichtingendiensten en gaat het bedrijf Facebook verder?’ Dit zit niet in de interacties tussen je vrienden op Facebook of met groepen; Facebook wil veel meer van je weten en of je nu ingelogd bent of niet, het bedrijf zorgt ervoor dat ze op de hoogte is van wat er in je leven gebeurt.

    Eind oktober 2013 vertelde analist Ken Rudin van Facebook dat het bedrijf testen uitvoert om cursorbewegingen van individuele burgers op Facebook vast te leggen en te analyseren. Het gaat hierbij om het vastleggen van bewegingen met de muis naar locaties op het scherm om vervolgens daaruit af te kunnen leiden wat de interesse is van de afzonderlijke gebruikers.

    De analist beweerde dat dit van doen heeft met het plaatsen van advertenties, maar uiteindelijk heeft het te maken met het profileren van de gebruikers. Zo kan Facebook namelijk ook zien of de persoon tijdens het gebruik van het sociale medium naar zijn telefoon of computerscherm kijkt, hoe lang, wanneer en wat. Allemaal nog wel gerelateerd aan de website van het bedrijf, maar met aanvullende functies als de sport applicatie pedometer kan Facebook vastleggen hoe lang, waar en wanneer je hebt hardgelopen of gewandeld.

    Het duurt niet lang meer voordat het bedrijf je algehele conditie heeft doorgrond als aanvullende applicaties over bloeddruk en hartslag beschikbaar worden gesteld. Zo ontwikkelt Google een slimme contactlens voor diabetes patiënten en investeert zij in bedrijven die zicht bezig houden met diabetes. Allemaal gratis natuurlijk. Of is het niet gratis?

    Rijkdom aan informatie

    Facebook wil graag toegang tot de microfoon van je computer, headset of telefoon en dringt daarmee door tot in je huiskamer waar je, misschien zonder Facebook, naar muziek luistert die de private inlichtingendienst dan kan horen en toevoegen aan het profiel van jou. Hoe iemand zich voelt komt zo binnen bereik van het bedrijf. Want zelfs als je een andere naam, adres, geboortedatum en andere zaken opgeeft, volgt het bedrijf je. Het legt het apparaat vast waarmee je op Facebook bent ingelogd, met bijbehorend ip-adres, maar ook je locatie, tijdzone, datum en tijdstip.

    Ook al vermijdt je te liken, het private bedrijf volgt je stappen langs de ‘events’ en ‘checkins’, de websites die je bezoekt zodra je geobserveerd wordt door Facebook. Zo kan het bedrijf kennis nemen van jouw favoriete café’s, restaurants, gerechten en recepten. Het inlichtingenbedrijf legt vast welke mensen je regelmatig bezoekt, op welke locaties je fotografeert en filmt, met wie je chat en welke groepen je in de gaten houdt.

    Foto’s en films die worden toegevoegd aan Facebook bevatten een rijke verzameling aan extra gegevens, zoals met welk apparaat ze zijn gemaakt, sluitertijd en diafragma, locatie, auteur, tijd etc. En van de chats en berichten bewaart Facebook ook de uitgewiste stukken tekst. Je wilt een vriend schrijven dat hij een ‘eikel’ is, maar wist dat vervolgens uit omdat je je vriendschap ermee niet op het spel wilt zetten. Je stuurt deze vriend een berichtje dat je geen tijd hebt dit weekend. Facebook weet zo meer over jouw relatie met die vriend, dan die vriend zelf.

    Bij dit alles moet worden aangetekend dat je ingelogd moet zijn op ‘jouw’ Facebook-pagina en dat je bepaalde applicaties hebt geïnstalleerd en aan hebt staan, zoals GPS voor je plaatsbepaling en de pedometer voor je hardloop tracking. Met de gezichtsherkenning kunnen mensen die onzichtbaar willen zijn door Facebook uit de duisternis worden getrokken. Niet door het bedrijf zelf, maar door haar medewerkers, de gebruikers van Facebook. Wie gaat er echter zo bewust mee om? En vooral: wie staat er bij stil dat jouw identiteit altijd gekoppeld is aan die van anderen?

    In die zin is Facebook de ultieme inlichtingendienst. Het bedrijf is de people’s secret service, wat zoveel inhoudt dat de individuele gebruikers het werk als medewerkers van de geheime dienst vervullen voor henzelf en voor anderen. De Stasi zou haar vingers erbij aflikken, vandaar dat inlichtingendiensten als de NSA graag toegang hebben tot de achterkant van Facebook, het bedrijf zal de vergaarde informatie ook zonder blikken of blozen vrijgeven.

    Steun overheid van belang

    Het vrijgeven van vergaarde persoonlijke informatie aan inlichtingendiensten heeft met verschillende aspecten te maken. Ten eerste zijn grote internationaal opererende bedrijven afhankelijker van hun ‘nationale regering’ dan ze zelf zullen toegeven. Zo onderhoudt Shell innige relaties met zowel de Nederlandse als de Britse regering om haar operaties in het buitenland veilig te stellen. Als er ergens iets misgaat wordt zowel het diplomatieke als het militaire apparaat van het ’thuisland’ gemobiliseerd.

    Amerikaanse bedrijven als Facebook en Google zullen dat ook doen. Als Gmail (Google) wordt gehackt zal het bedrijf de Amerikaanse overheid over haar schouder laten meekijken, maar diezelfde overheid zal langs diplomatieke, en zo nodig langs militaire (in dit geval waarschijnlijk cyber-militaire) weg, het bedrijf ondersteunen. Dat is natuurlijk niet vreemd, Google is een groot bedrijf en van belang voor de Amerikaanse economie en hegemonie.

    Hetzelfde geldt voor Facebook waarvan diverse accounts begin 2013 werden gehackt. De Amerikaanse overheid zal vaak worden gevraagd om ‘officieel’ te reageren om in veel gevallen de Chinezen terecht te wijzen. Die steun van de Amerikaanse overheid is echter ook niet gratis. Zij zal druk op de bedrijven uitoefenen om de achterdeur voor inlichtingendiensten als de NSA, maar ook de FBI, open te houden. Je kunt bijna spreken van public private partnership waarbij multinationals vaak niet voor de overheidsdiensten hoeven te betalen.

    Daarnaast proberen overheden een zo fijnmazig netwerk te creëren van diplomatieke posten en ambassades om hun land in het buitenland te promoten. Die posten hebben ook een andere functie. De onthullingen van Snowden hebben onderstreept dat de Amerikanen en bevriende naties als Canada, Australië, Groot-Brittannië en Nieuw Zeeland die diplomatieke posten gebruiken om in de gehele wereld de mogelijkheid te hebben om af te luisteren.

    Werknemers van internationale bedrijven die wereldwijd opereren, zullen regelmatig gevraagd worden bij te dragen aan de inlichtingenoperatie van die overheid. Zij zitten vaak op andere plaatsen dan de diplomaten die vaak onder een vergrootglas in het buitenland opereren. Landen proberen dus hun zicht op het buitenland, de concurrenten en de vijanden zo scherp mogelijk te krijgen. Hoe meer diplomatieke posten en meewerkende bedrijven hoe scherper het beeld. Facebook probeert eigenlijk hetzelfde te doen met de data die zij van haar gebruikers verzamelt en analyseert. Hoe meer data, hoe scherper de analyses en hoe meer zicht op de verbanden en de interacties, hoe helderder het beeld.

    In de loop der jaren heeft Facebook het aantal pixels (punten) van de foto van de profielen vergroot. Uiteindelijk werkt zij aan een haarscherp beeld van het profiel van haar gebruikers. Facebook realiseert dit zelf ook. Op 12 november 2013 diende het bedrijf een patent aanvraag in, de ‘178th patent application for a consumer profiling technique the company calls inferring household income for users of a social networking system’ (Facebook Future Plans for Data Collection Beyond All Imagination, 4 december 2013).

    Deze aanvraag omschrijft de hoeveelheid en diversiteit van de data. Facebook heeft sinds oktober 2013 1,189,000,000 actieve gebruikers in de gehele wereld. Die data gebruikt het bedrijf nu al voor sociaal wetenschappelijk onderzoek door het Data Science Team van het bedrijf. Dit team doet niet alleen onderzoek naar de data, maar gebruikt de gebruikers ook als onderzoeksmateriaal, zoals het onderzoek van Eytan Bakshy die de toegang tot materiaal van 250 miljoen gebruikers manipuleerde. De gebruikers als proefpersonen in de ideale wereld van Facebook.

    Gewoon een bedrijf

    Uiteindelijk is Facebook natuurlijk geen gratis dienst. In eerste instantie zal het vooral proberen geld te verdienen door de verkoop van gebruikersprofielen ten bate van gerichte advertenties. De volgende stap heeft het bedrijf al gezet door de voorwaarden die ze stelt voor het aanmaken van een Facebook-pagina. Foto’s en films zijn in principe niet meer je eigendom. Het bedrijf kan die foto’s rechtenvrij gebruiken. Dit geldt natuurlijk ook voor Instagram. Andere bedrijven als Twitter (Twitpic’s) doen hetzelfde.

    Wat geldt voor foto’s en films geldt natuurlijk ook voor teksten en andere content die je aan je pagina toevoegt. Voor deze zeer positieve voorwaarden is het bedrijf natuurlijk ook afhankelijk van de Amerikaanse overheid. Mocht wetgeving plotseling veranderen en gebruikers geld van Facebook eisen, zou dat voor het bedrijf een ramp zijn.

    Afgaande op de totale omvang van de gebruikers, bijna evenveel als China inwoners heeft, en data die het bedrijf heeft verzameld en beheert, zou je bijna vergeten dat het gewoon een bedrijf is met 6.818 werknemers, een raad van bestuur en aandeelhouders die uiteindelijk graag hun inleg en winst terug willen zien.

    De raad van bestuur geeft inzicht op welke plek Facebook in de markt staat. De verschillende leden zijn uit allerlei windstreken gerekruteerd. Natuurlijk Google Inc., Microsoft Corp. en haar dochter Skype, eBay Inc. en andere technologiebedrijven, maar ook entertainment bedrijven als Netflix en Walt Disney Co. Alsmede enkele banken, zoals Morgan Stanley & Co. LLC en Credit Suisse, maar ook The World Bank Group.

    Contacten met de politiek zijn ook van belang, dat vindt plaats via oud-leden van de White House Chief of Staff of de US Department of The Treasury. En tot slot natuurlijk de ouderwetse consumentenmarkt zoals General Motors Corp. en Starbucks. Met een klein aantal leden van de raad van bestuur dekt Facebook haar contacten in verleden en heden af. Uiteindelijk is en blijft het gewoon een bedrijf, misschien wel een private inlichtingendienst, maar zonder winst zullen op een gegeven moment de aandeelhouders weglopen en valt het om.

    Alternatieven?

    Wat er met de vergaarde persoonlijke data gebeurt zodra het bedrijf failliet gaat, is onduidelijk. De overname van Whatsapp door Facebook liet zien dat gebruikers zich plots beducht waren voor hun persoonlijke informatie en op zoek gingen naar ‘alternatieven’.

    Aan de bestaande alternatieven kleven eigenlijk dezelfde bezwaren als aan Facebook. Google Hangouts maakt onderdeel uit van een andere multinational, net als Imessenger. Bij Telegram werd geroepen dat het een Russische app is, maar waarom dat slechter is dan een Amerikaanse Whatsapp, los van de technische mankementen, blijft onduidelijk.

    Uiteindelijk gaat het niet meer om een discussie over privacy, burgerrechten en/of bigdata. Facebook verzamelt namelijk niet zelf de data, zij verkrijgt het van haar gebruikers/agenten en die staan de persoonsgebonden informatie geheel vrijwillig af. Los van groepsdruk is er geen sprake van drang en dwang.

    De Facebook inlichtingendienst stelt indirect solidariteit en de minderheid centraal. Hoe solidair zijn wij met mensen die misschien wel op de foto willen maar niet getagd wllen worden. Die wel iets schrijven maar niet geliked willen worden. Die wel op de foto willen maar zich niet op Facebook geplaatst willen zien. Het debat rond Facebook gaat ook over pluriformiteit versus uniformiteit. Over allemaal hetzelfde, Facebook, of iedereen iets anders.

    Facebook registreert in meer of mindere mate het volgende van jou:

    Je cursor bewegingen, geo-locatie, meta-data van foto’s en films (type, sluitertijd, geo-locatie indien gps aanstaat, auteur), biometrische gegevens (scan van het gezicht, matched zeer goed), chat gegevens en tekst die je zelfs niet verstuurd hebt, likes, vrienden, politieke kleur, seksuele oriëntatie, school, afkomst, ip-adressen van ingelogd zijn, wanneer je op je scherm van de smart device kijkt, welke smart devices waarmee je op Facebook bent, wanneer je achter de computer zit, hoelang je achter de computer zit, leeftijd, voormalige werkgevers en huidige, partner, familie, vrienden, ex-vriendinnen, muziek, boeken, films, series, games, sport, interacties tussen alle vrienden groepen, welke websites je bezoekt als je ingelogd bent, welke content je bekijkt op Facebook zelf, andere biometrische gegevens (zoals stappen, algehele conditie met sport applicaties).

    Find this story at 30 June 2014

    Facebook reveals news feed experiment to control emotions Protests over secret study involving 689,000 users in which friends’ postings were moved to influence moods

    Poll: Facebook’s secret mood experiment: have you lost trust in the social network?

    It already knows whether you are single or dating, the first school you went to and whether you like or loathe Justin Bieber. But now Facebook, the world’s biggest social networking site, is facing a storm of protest after it revealed it had discovered how to make users feel happier or sadder with a few computer key strokes.

    It has published details of a vast experiment in which it manipulated information posted on 689,000 users’ home pages and found it could make people feel more positive or negative through a process of “emotional contagion”.

    In a study with academics from Cornell and the University of California, Facebook filtered users’ news feeds – the flow of comments, videos, pictures and web links posted by other people in their social network. One test reduced users’ exposure to their friends’ “positive emotional content”, resulting in fewer positive posts of their own. Another test reduced exposure to “negative emotional content” and the opposite happened.

    The study concluded: “Emotions expressed by friends, via online social networks, influence our own moods, constituting, to our knowledge, the first experimental evidence for massive-scale emotional contagion via social networks.”

    Lawyers, internet activists and politicians said this weekend that the mass experiment in emotional manipulation was “scandalous”, “spooky” and “disturbing”.

    On Sunday evening, a senior British MP called for a parliamentary investigation into how Facebook and other social networks manipulated emotional and psychological responses of users by editing information supplied to them.

    Jim Sheridan, a member of the Commons media select committee, said the experiment was intrusive. “This is extraordinarily powerful stuff and if there is not already legislation on this, then there should be to protect people,” he said. “They are manipulating material from people’s personal lives and I am worried about the ability of Facebook and others to manipulate people’s thoughts in politics or other areas. If people are being thought-controlled in this kind of way there needs to be protection and they at least need to know about it.”

    A Facebook spokeswoman said the research, published this month in the journal of the Proceedings of the National Academy of Sciences in the US, was carried out “to improve our services and to make the content people see on Facebook as relevant and engaging as possible”.

    She said: “A big part of this is understanding how people respond to different types of content, whether it’s positive or negative in tone, news from friends, or information from pages they follow.”

    But other commentators voiced fears that the process could be used for political purposes in the runup to elections or to encourage people to stay on the site by feeding them happy thoughts and so boosting advertising revenues.

    In a series of Twitter posts, Clay Johnson, the co-founder of Blue State Digital, the firm that built and managed Barack Obama’s online campaign for the presidency in 2008, said: “The Facebook ’transmission of anger’ experiment is terrifying.”

    He asked: “Could the CIA incite revolution in Sudan by pressuring Facebook to promote discontent? Should that be legal? Could Mark Zuckerberg swing an election by promoting Upworthy [a website aggregating viral content] posts two weeks beforehand? Should that be legal?”

    It was claimed that Facebook may have breached ethical and legal guidelines by not informing its users they were being manipulated in the experiment, which was carried out in 2012.

    The study said altering the news feeds was “consistent with Facebook’s data use policy, to which all users agree prior to creating an account on Facebook, constituting informed consent for this research”.

    But Susan Fiske, the Princeton academic who edited the study, said she was concerned. “People are supposed to be told they are going to be participants in research and then agree to it and have the option not to agree to it without penalty.”

    James Grimmelmann, professor of law at Maryland University, said Facebook had failed to gain “informed consent” as defined by the US federal policy for the protection of human subjects, which demands explanation of the purposes of the research and the expected duration of the subject’s participation, a description of any reasonably foreseeable risks and a statement that participation is voluntary. “This study is a scandal because it brought Facebook’s troubling practices into a realm – academia – where we still have standards of treating people with dignity and serving the common good,” he said on his blog.

    It is not new for internet firms to use algorithms to select content to show to users and Jacob Silverman, author of Terms of Service: Social Media, Surveillance, and the Price of Constant Connection, told Wire magazine on Sunday the internet was already “a vast collection of market research studies; we’re the subjects”.

    “What’s disturbing about how Facebook went about this, though, is that they essentially manipulated the sentiments of hundreds of thousands of users without asking permission,” he said. “Facebook cares most about two things: engagement and advertising. If Facebook, say, decides that filtering out negative posts helps keep people happy and clicking, there’s little reason to think that they won’t do just that. As long as the platform remains such an important gatekeeper – and their algorithms utterly opaque – we should be wary about the amount of power and trust we delegate to it.”

    Robert Blackie, director of digital at Ogilvy One marketing agency, said the way internet companies filtered information they showed users was fundamental to their business models, which made them reluctant to be open about it.

    “To guarantee continued public acceptance they will have to discuss this more openly in the future,” he said. “There will have to be either independent reviewers of what they do or government regulation. If they don’t get the value exchange right then people will be reluctant to use their services, which is potentially a big business problem.”

    Robert Booth
    The Guardian, Monday 30 June 2014

    Find this story at 30 June 2014

    © 2014 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    Facebook’s Future Plans for Data Collection Beyond All Imagination

    Facebook’s dark plans for the future are given away in its patent applications.

    “No one knows who will live in this cage in the future, or whether at the end of this tremendous development, entirely new prophets will arise, or there will be a great rebirth of old ideas and ideals, or, if neither, mechanized petrification, embellished with a sort of convulsive self-importance. For of the fast stage of this cultural development, it might well be truly said: ‘Specialists without spirit, sensualists without heart; this nullity imagines that it has attained a level of civilization never before achieved.’”

    —Max Weber, 1905

    On November 12 Facebook, Inc. filed its 178th patent application for a consumer profiling technique the company calls “inferring household income for users of a social networking system.”

    “The amount of information gathered from users,” explain Facebook programmers Justin Voskuhl and Ramesh Vyaghrapuri in their patent application, “is staggering — information describing recent moves to a new city, graduations, births, engagements, marriages, and the like.” Facebook and other so-called tech companies have been warehousing all of this information since their respective inceptions. In Facebook’s case, its data vault includes information posted as early as 2004, when the site first went live. Now in a single month the amount of information forever recorded by Facebook —dinner plans, vacation destinations, emotional states, sexual activity, political views, etc.— far surpasses what was recorded during the company’s first several years of operation. And while no one outside of the company knows for certain, it is believed that Facebook has amassed one of the widest and deepest databases in history. Facebook has over 1,189,000,000 “monthly active users” around the world as of October 2013, providing considerable width of data. And Facebook has stored away trillions and trillions of missives and images, and logged other data about the lives of this billion plus statistical sample of humanity. Adjusting for bogus or duplicate accounts it all adds up to about 1/7th of humanity from which some kind of data has been recorded.

    According to Facebook’s programmers like Voskuhl and Vyaghrapuri, of all the clever uses they have already applied this pile of data toward, Facebook has so far “lacked tools to synthesize this information about users for targeting advertisements based on their perceived income.” Now they have such a tool thanks to the retention and analysis of variable the company’s positivist specialists believe are correlated with income levels.

    They’ll have many more tools within the next year to run similar predictions. Indeed, Facebook, Google, Yahoo, Twitter, and the hundreds of smaller tech lesser-known tech firms that now control the main portals of social, economic, and political life on the web (which is now to say everywhere as all economic and much social activity is made cyber) are only getting started. The Big Data analytics revolutions has barely begun, and these firms are just beginning to tinker with rational-instrumental methods of predicting and manipulating human behavior.

    There are few, if any, government regulations restricting their imaginations at this point. Indeed, the U.S. President himself is a true believer in Big Data; the brain of Obama’s election team was a now famous “cave” filled with young Ivy League men (and a few women) sucking up electioneering information and crunching demographic and consumer data to target individual voters with appeals timed to maximize the probability of a vote for the new Big Blue, not IBM, but the Democratic Party’s candidate of “Hope” and “Change.” The halls of power are enraptured by the potential of rational-instrumental methods paired with unprecedented access to data that describes the social lives of hundreds of millions.

    Facebook’s intellectual property portfolio reads like cliff notes summarizing the aspirations of all corporations in capitalist modernity; to optimize efficiency in order to maximize profits and reduce or externalize risk. Unlike most other corporations, and unlike previous phases in the development of rational bureaucracies, Facebook and its tech peers have accumulated never before seen quantities of information about individuals and groups. Recent breakthroughs in networked computing make analysis of these gigantic data sets fast and cheap. Facebook’s patent holdings are just a taste of what’s arriving here and now.

    The way you type, the rate, common mistakes, intervals between certain characters, is all unique, like your fingerprint, and there are already cyber robots that can identify you as you peck away at keys. Facebook has even patented methods of individual identification with obviously cybernetic overtones, where the machine becomes an appendage of the person. U.S. Patents 8,306,256, 8,472,662, and 8,503,718, all filed within the last year, allow Facebook’s web robots to identify a user based on the unique pixelation and other characteristics of their smartphone’s camera. Identification of the subject is the first step toward building a useful data set to file among the billion or so other user logs. Then comes analysis, then prediction, then efforts to influence a parting of money.

    Many Facebook patents pertain to advertising techniques that are designed and targeted, and continuously redesigned with ever-finer calibrations by robot programs, to be absorbed by the gazes of individuals as they scroll and swipe across their Facebook feeds, or on third party web sites.

    Speaking of feeds, U.S. Patent 8,352,859, Facebook’s system for “Dynamically providing a feed of stories about a user of a social networking system” is used by the company to organize the constantly updated posts and activities inputted by a user’s “friends.” Of course embedded in this system are means of inserting advertisements. According to Facebook’s programmers, a user’s feeds are frequently injected with “a depiction of a product, a depiction of a logo, a display of a trademark, an inducement to buy a product, an inducement to buy a service, an inducement to invest, an offer for sale, a product description, trade promotion, a survey, a political message, an opinion, a public service announcement, news, a religious message, educational information, a coupon, entertainment, a file of data, an article, a book, a picture, travel information, and the like.” That’s a long list for sure, but what gets injected is more often than not whatever will boost revenues for Facebook.

    The advantage here, according to Facebook, is that “rather than having to initiate calls or emails to learn news of another user, a user of a social networking website may passively receive alerts to new postings by other users.” The web robot knows best. Sit back and relax and let sociality wash over you, passively. This is merely one of Facebook’s many “systems for tailoring connections between various users” so that these connections ripple with ads uncannily resonant with desires and needs revealed in the quietly observed flow of e-mails, texts, images, and clicks captured forever in dark inaccessible servers of Facebook, Google and the like. These communications services are free in order to control the freedom of data that might otherwise crash about randomly, generating few opportunities for sales.

    Where this fails Facebook ratchets up the probability of influencing the user to behave as a predictable consumer. “Targeted advertisements often fail to earn a user’s trust in the advertised product,” explain Facebook’s programmers in U.S. Patent 8,527,344, filed in September of this year. “For example, the user may be skeptical of the claims made by the advertisement. Thus, targeted advertisements may not be very effective in selling an advertised product.” Facebook’s computer programmers who now profess mastery over sociological forces add that even celebrity endorsements are viewed with skepticism by the savvy citizen of the modulated Internet. They’re probably right.

    Facebook’s solution is to mobilize its users as trusted advertisers in their own right. “Unlike advertisements, most users seek and read content generated by their friends within the social networking system; thus,” concludes Facebook’s mathematicians of human inducement, “advertisements generated by a friend of the user are more likely to catch the attention of the user, increasing the effectiveness of the advertisement.” That Facebook’s current So-And-So-likes-BrandX ads are often so clumsy and ineffective does not negate the qualitative shift in this model of advertising and the possibilities of un-freedom it evokes.

    Forget iPhones and applications, the tech industry’s core consumer product is now advertising. Their essential practice is mass surveillance conducted in real time through continuous and multiple sensors that pass, for most people, entirely unnoticed. The autonomy and unpredictability of the individual —in Facebook’s language the individual is the “user”— is their fundamental business problem. Reducing autonomy via surveillance and predictive algorithms that can placate existing desires, and even stimulate and mold new desires is the tech industry’s reason for being. Selling their capacious surveillance and consumer stimulus capabilities to the highest bidder is the ultimate end.

    Sounds too dystopian? Perhaps, and this is by no means the world we live in, not yet. It is, however, a tendency rooted in the tech economy. The advent of mobile, hand-held, wirelessly networked computers, called “smartphones,” is still so new that the technology, and its services feel like a parallel universe, a new layer of existence added upon our existing social relationships, business activities, and political affiliations. In many ways it feels liberating and often playful. Our devices can map geographic routes, identify places and things, provide information about almost anything in real time, respond to our voices, and replace our wallets. Who hasn’t consulted “Dr. Google” to answer a pressing question? Everyone and everything is seemingly within reach and there is a kind of freedom to this utility.

    Most of Facebook’s “users” have only been registered on the web site since 2010, and so the quintessential social network feels new and fun, and although perhaps fraught with some privacy concerns, it does not altogether fell like a threat to the autonomy of the individual. To say it is, is a cliche sci-fi nightmare narrative of tech-bureaucracy, and we all tell one another that the reality is more complex.

    Privacy continues, however, too be too narrowly conceptualized as a liberal right against incursions of government, and while the tech companies have certainly been involved in a good deal of old-fashioned mass surveillance for the sake of our federal Big Brother, there’s another means of dissolving privacy that is more fundamental to the goals of the tech companies and more threatening to social creativity and political freedom.

    Georgetown University law professor Julie Cohen notes that pervasive surveillance is inimical to the spaces of privacy that are required for liberal democracy, but she adds importantly, that the surveillance and advertising strategies of the tech industry goes further.

    “A society that permits the unchecked ascendancy of surveillance infrastructures, which dampen and modulate behavioral variability, cannot hope to maintain a vibrant tradition of cultural and technical innovation,” writes Cohen in a forthcoming Harvard Law Review article.

    “Modulation” is Cohen’s term for the tech industry’s practice of using algorithms and other logical machine operations to mine an individual’s data so as to continuously personalize information streams. Facebook’s patents are largely techniques of modulation, as are Google’s and the rest of the industry leaders. Facebook conducts meticulous surveillance on users, collects their data, tracks their movements on the web, and feeds the individual specific content that is determined to best resonate with their desires, behaviors, and predicted future movements. The point is to perfect the form and function of the rational-instrumental bureaucracy as defined by Max Weber: to constantly ratchet up efficiency, calculability, predictability, and control. If they succeed in their own terms, the tech companies stand to create a feedback loop made perfectly to fit each an every one of us, an increasingly closed systems of personal development in which the great algorithms in the cloud endlessly tailor the psychological and social inputs of humans who lose the gift of randomness and irrationality.

    “It is modulation, not privacy, that poses the greater threat to innovative practice,” explains Cohen. “Regimes of pervasively distributed surveillance and modulation seek to mold individual preferences and behavior in ways that reduce the serendipity and the freedom to tinker on which innovation thrives.” Cohen has pointed out the obvious irony here, not that it’s easy to miss; the tech industry is uncritically labeled America’s hothouse of innovation, but it may in fact be killing innovation by disenchanting the world and locking inspiration in an cage.

    If there were limits to the reach of the tech industry’s surveillance and stimuli strategies it would indeed be less worrisome. Only parts of our lives would be subject to this modulation, and it could therefore benefit us. But the industry aspires to totalitarian visions in which universal data sets are constantly mobilized to transform an individual’s interface with society, family, the economy, and other institutions. The tech industry’s luminaries are clear in their desire to observe and log everything, and use every “data point” to establish optimum efficiency in life as the pursuit of consumer happiness. Consumer happiness is, in turn, a step toward the rational pursuit of maximum corporate profit. We are told that the “Internet of things” is arriving, that soon every object will have embedded within it a computer that is networked to the sublime cloud, and that the physical environment will be made “smart” through the same strategy of modulation so that we might be made free not just in cyberspace, but also in the meatspace.

    Whereas the Internet of the late 1990s matured as an archipelago of innumerable disjointed and disconnected web sites and databases, today’s Internet is gripped by a handful of giant companies that observe much of the traffic and communications, and which deliver much of the information from an Android phone or laptop computer, to distant servers, and back. The future Internet being built by the tech giants —putting aside the Internet of things for the moment— is already well into its beta testing phase. It’s a seamlessly integrated quilt of web sites and apps that all absorb “user” data, everything from clicks and keywords to biometric voice identification and geolocation.

    United States Patent 8,572,174, another of Facebook’s recent inventions, allows the company to personalize a web page outside of Facebook’s own system with content from Facebook’s databases. Facebook is selling what the company calls its “rich set of social information” to third party web sites in order to “provide personalized content for their users based on social information about those users that is maintained by, or otherwise accessible to, the social networking system.” Facebook’s users generated this rich social information, worth many billions of dollars as recent quarterly earnings of the company attest.

    In this way the entire Internet becomes Facebook. The totalitarian ambition here is obvious, and it can be read in the securities filings, patent applications, and other non-sanitized business documents crafted by the tech industry for the financial analysts who supply the capital for further so-called innovation. Everywhere you go on the web, with your phone or tablet, you’re a “user,” and your social network data will be mined every second by every application, site, and service to “enhance your experience,” as Facebook and others say. The tech industry’s leaders aim to expand this into the physical world, creating modulated advertising and environmental experiences as cameras and sensors track our movements.

    Facebook and the rest of the tech industry fear autonomy and unpredictability. The ultimate expression of these irrational variables that cannot be mined with algorithmic methods is absence from the networks of surveillance in which data is collected.

    One of Facebook’s preventative measures is United States Patent 8,560,962, “promoting participation of low-activity users in social networking system.” This novel invention devised by programmers in Facebook’s Palo Alto and San Francisco offices involves a “process of inducing interactions,” that are meant to maximize the amount of “user-generated content” on Facebook by getting lapsed users to return, and stimulating all users to produce more and more data. User generated content is, after all, worth billions. Think twice before you hit “like” next time, or tap that conspicuously placed “share” button; a machine likely put that content and interaction before your eyes after a logical operation determined it to have the highest probability of tempting you to add to the data stream, thereby increasing corporate revenues.

    Facebook’s patents on techniques of modulating “user” behavior are few compared to the real giants of the tech industry’s surveillance and influence agenda. Amazon, Microsoft, and of course Google hold some of the most fundamental patents using personal data to attempt to shape an individual’s behavior into predictable consumptive patterns. Smaller specialized firms like Choicestream and Gist Communications have filed dozens more applications for modulation techniques. The rate of this so-called innovation is rapidly telescoping.

    Perhaps we do know who will live in the iron cage. It might very well be a cage made of our own user generated content, paradoxically ushering in a new era of possibilities in shopping convenience and the delivery of satisfactory experiences even while it eradicates many degrees of chance, and pain, and struggle (the motive forces of human progress) in a robot-powered quest to have us construct identities and relationships that yield to prediction and computer-generated suggestion. Defense of individual privacy and autonomy today is rightly motivated by the reach of an Orwellian security state (the NSA, FBI, CIA). This surveillance changes our behavior by chilling us, by telling us we are always being watched by authority. Authority thereby represses in us whatever might happen to be defined as “crime,” or any anti-social behavior at the moment. But what about the surveillance that does not seek to repress us, the watching computer eyes and ears that instead hope to stimulate a particular set of monetized behaviors in us with the intimate knowledge gained from our every online utterance, even our facial expressions and finger movements?

    Darwin Bond-Graham, a contributing editor to CounterPunch, is a sociologist and author who lives and works in Oakland, CA. His essay on economic inequality in the “new” California economy appears in theJuly issue of CounterPunch magazine. He is a contributor to Hopeless: Barack Obama and the Politics of Illusion

    Darwin Bond-Graham, a contributing editor to CounterPunch, is a sociologist and author who lives and works in Oakland, CA. His essay on economic inequality in the “new” California economy appears in theJuly issue of CounterPunch magazine. He is a contributor to Hopeless: Barack Obama and the Politics of Illusion

    By Darwin Bond-Graham
    December 4, 2013

    Find this story at 4 December 2013

    copyright http://www.alternet.org/

    Who Owns Photos and Videos Posted on Facebook, Instagram or Twitter?

    Well, it depends on what you mean as “own.” Under copyright law, unless there is an agreement to the contrary or the photograph or video is shot as part of your job, a copyright to a photograph generally belongs to the creator. As the copyright owner, you own the exclusive rights to display, copy, use, produce, distribute and perform your creation as you see fit and approve. As the subject of the photograph, you have a right to publicity, which allows you to get paid for the commercial use of your name, likeness or voice.
    But what happens when you decide to post that picture on the Internet — perhaps on Facebook or Twitter (using Twitpic), or some other social network or photo-sharing site?
    You may be shocked to find out that once you post on these sites, that although you still “own” the photograph, you grant the social media sites a license to use your photograph anyway they see fit for free AND you grant them the right to let others use you picture as well! This means that not only can Twitter, Twitpic and Facebook make money from the photograph or video (otherwise, a copyright violation), but these sites are making commercial gain by licensing these images, which contains the likeness of the person in the photo or video (otherwise, a violation of their “rights of publicity”).
    Facebook
    Under Facebook’s current terms (which can change at anytime), by posting your pictures and videos, you grant Facebook “a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any [IP] content that you post on or in connection with Facebook (“IP License”). This IP License ends when you delete your IP content or your account unless your content has been shared with others, and they have not deleted it. Beware of the words “transferable, sub-licensable, royalty-free, worldwide license.” This means that Facebook can license your content to others for free without obtaining any other approval from you! You should be aware that once your photos or videos are shared on Facebook, it could be impossible to delete them from Facebook, even if you delete the content or cancel your account (the content still remains on Facebook servers and they can keep backups)! So, although you may be able to withdraw your consent to the use of photos on Facebook, you should also keep in mind that if you share your photos and videos with Facebook applications, those applications may have their own terms and conditions of how they use your creation! You should read the fine print to make sure you are not agreeing to something that you don’t want to have happen.
    Twitter
    Twitter’s photo sharing service, Twitpic, just updated their terms of Service on May 10, 2011 (which, of course, can and will be updated at any time, from time to time). By uploading content using Twitpic, you are giving “Twitpic permission to use or distribute your content on Twitpic.com or affiliated sites.” You are also granting “Twitpic a worldwide, non-exclusive, royalty-free, sublicenseable and transferable license to use, reproduce, distribute, prepare derivative works of, display, and perform the Content in connection with the Service and Twitpic’s (and its successors’ and affiliates’) business, including without limitation for promoting and redistributing part or all of the Service (and derivative works thereof) in any media formats and through any media channels.”
    The terms go on to state that you also grant “each user of the Service a non-exclusive license to access your Content through the Service, and to use, reproduce, distribute, display and perform such Content as permitted through the functionality of the Service and under these Terms of Service. The above licenses granted by you in media Content you submit to the Service terminate within a commercially reasonable time after you remove or delete your media from the Service provided that any sub-license by Twitpic to use, reproduce or distribute the Content prior to such termination may be perpetual and irrevocable.”
    Twitpic/Twitter is probably more problematic than Facebook — They can sell your images and videos if they want!
    First, there is no definition of “Service” on their site (they need to find a more detailed oriented internet attorney to draft their terms (Twitpic, call me)), so your photo could be used throughout the Internet. More troubling is that your photos and videos may be reprinted and used in anything without your getting paid a dime – books, magazines, movies, TV shows, billboards — you get the picture!
    Second, Twitter can create derivative works from your creations. A derivative work is anything that is built upon your work (like adding your video to a TV show, putting your photo in a montage, etc.).
    Third, even after you delete your photos from Twitpic, Twitter and Twitpic can still use your creations for a “reasonable” amount of time afterwards. So what would be a reasonable amount of time to continue using your photo after you terminate the “license” if your photo or video is incorporated by Twitter or Twitpic in a larger work — perhaps forever if it would cost them money to remove!
    Lastly, since Twitter/Twitpic can grant others to use your photos (and make money from it without paying you (remember the nasty word “œroyalty-free”)), even if you terminate your Twitter/Twitpic account, the rights they grant to others can never be terminated! Twitter has a deal with World Entertainment News Network permitting them to sell Twitpic content with no money to you!
    Celebrities and celebrities-to-be, beware! Your right to publicity (e.g. your right to get paid when others use your name, likeness, voice for commercial gain like product or sports endorsements) is stripped away each and every time you post on Twitter! You or your intellectual property attorney should read the fine print before you post your photos or videos on Twitter or Facebook!
    December 19, 2012 UPDATE
    Instagram
    Well Facebook was at it again (changing their terms of service for their latest acquisition, Instagram). The proposed changes are to take place on January 16, 2013. Basically, Instagram had a brilliant idea to generate money off the backs of their members. The proposed terms of service explicitly state “To help us deliver interesting paid or sponsored content or promotions, you agree that a business or other entity may pay us to display your username, likeness, photos (along with any associated metadata), and/or actions you take, in connection with paid or sponsored content or promotions, without any compensation to you. If you are under the age of eighteen (18), or under any other applicable age of majority, you represent that at least one of your parents or legal guardians has also agreed to this provision (and the use of your name, likeness, username, and/or photos (along with any associated metadata)) on your behalf.”
    This means that Instagram can make money from advertisers that want to use your face or pictures of your loved ones on any advertising (TV, web, magazines, newspapers, etc.) and never pay you a penny! Even worse, if you are under 18 (which means you don’t have the legal capacity to enter into a contract) you are making a contractual agreement that you have asked your parents permission to agree to the Instagram terms. This not only is an egregious position (see discussion above about rights of publicity), but defies logic — Instagram acknowledges that minors can’t enter into a contract, but nevertheless for the under-18, force them to agree by (unenforceable) contract that they have permission anyway. Go figure! [Finally there is a reason to go back to the old 2-hour Kodak Carousel slide shows of aunt Sally’s vacation.]
    [December 21, 2012 UPDATE]
    Instagram announced today that it was backing off of its proposed T&C’s to be able to sell content without paying the members. But a closer look of their replacement terms of use are just as bad. “Instagram does not claim ownership of any Content that you post on or through the Service. Instead, you hereby grant to Instagram a non-exclusive, fully paid and royalty-free, transferable, sub-licensable, worldwide license to use the Content that you post on or through the Service, subject to the Service’s Privacy Policy. . .” This means that Instagram can still sublicense your photos to any company for a fee (without paying the member)! And it gets worse. For instance, let’s say a posted photo is of a celebrity. Instagram then licenses that picture to an advertiser. But then the advertiser gets sued by the celebrity for violation of their right of privacy (who in turn sues Instagram). You the poster would have to indemnify Instagram because in section 4(iii) of the terms, “(iii) you agree to pay for all royalties, fees, and any other monies owed by reason of Content you post on or through the Service.” Bottom line – Instagram stil gets to sell your pictures without paying you and you can be liable in the event they have to return that money to the advertiser!

    Find this story at december 2012

    © 2012 Law Offices of Craig Delsack, LLC

    Your Facebook Data File: Everything You Never Wanted Anyone to Know

    A group of Austrian students called Europe v. Facebook recently got their hands on their complete Facebook user data files – note, this is not the same file Facebook sends if you request your personal history through the webform in Account Settings.

    See, Facebook wants you to feel safe and warm and fuzzy about controlling your own privacy. As we move into the era of the Open Graph and apps that autopost your activities, users are raising serious questions about data collection and privacy.

    To help quell these fears, Facebook lets users download their their own data, as they said in an official statement to the Wall Street Journal blog Digits:

    “We believe that every Facebook user owns his or her own data and should have simple and easy access to it. That is why we’ve built an easy way for people to download everything they have ever posted on Facebook, including all of their messages, posts, photos, status updates and profile information. People who want a copy of the information they have put on Facebook can click a link located in ‘Account Settings’ and easily get a copy of all of it in a single download. To protect the information, this feature is only available after the person confirms his or her password and answers appropriate security questions.”

    Phew, that’s good. But wait… how come the students over at Europe v. Facebook got a different, more complete file when requested through Section 4 DPA + Art. 12 Directive 95/46/EG, a European privacy law? The carefully crafted statement above says they will give you access to everything you’ve put on Facebook – but what about the data Facebook collects without your knowledge?

    What You May Not Get in Your Copy of Your Facebook File

    facebook-message-report

    On their website, Europe v. Facebook lists their primary objective as transparency, saying, “It is almost impossible for the user to really know what happens to his or her personal data when using facebook. For example ‘removed’ content is not really deleted by Facebook and it is often unclear what Facebook exactly does with our data.”

    Indeed, the complete user file they received when requested through Section 4 DPA + Art. 12 Directive 95/46/EG is the same one available to attorneys and law enforcement via court order. It contains more information than the one Facebook sends users through their webform, according to Europe v. Facebook founder and law student Max Schrems, including:

    Every friend request you’ve ever received and how you responded.
    Every poke you’ve exchanged.
    Every event you’ve been invited to through Facebook and how you responded.
    The IP address used each and every time you’ve logged in to Facebook.
    Dates of user name changes and historical privacy settings changes.
    Camera metadata including time stamps and latitude/longitude of picture location, as well as tags from photos – even if you’ve untagged yourself.
    Credit card information, if you’ve ever purchased credits or advertising on Facebook.
    Your last known physical location, with latitude, longitude, time/date, altitude, and more. The report notes that they are unsure how Facebook collects this data.
    One of Europe v. Facebook’s chief objections is that Facebook offers “no sufficient way of deleting old junk data.” Many of the complaints they’ve filed with the Irish Data Protection Commissioner* involve Facebook’s continued storage of data users believe they have deleted. Copies of the redacted files received through their requests are published on the Europe v. Facebook website.

    Better Hope You’ve Behaved Yourself…

    Ever flirted with someone other than your spouse in a Facebook chat? You had better hope your message records don’t end up in the hands of a divorce lawyer, because they can access even the ones you’ve deleted.

    That day you called your employer in Chicago and begged off work, as you were sick? You logged in to Facebook from an IP address in Miami. Oops.

    A few weeks ago, Australian hacker exposed Facebook’s practice of tracking logged out users and they quickly “fixed” the problem (after trying to defend it, initially). But the extent to which they collect and keep information users may not even realize they are giving Facebook in the first place – or believe they’ve deleted – is worrisome for privacy watchdogs.

    The truly questionable thing is, the average user has no idea what their file contains and in North America, at least, have no right to access it. ITWorld’s Dan Tynan requested his, citing the U.S. Constitution, but received only an autoresponse telling him the form is only applicable in certain jurisdictions. In other words, if they’re not required to release your data to you by law, don’t hold your breath.

    But then, maybe you’ll be one of the “lucky” ones who will have your activities brought up in court or a police investigation. There will be little left to the imagination, then.

    What You Can Do About It

    We contacted Max Schrems and asked whether Europe v. Facebook is able to help users, even those in other jurisdictions, to access their personal files. Though they receive emails from around the world, he said, their focus is on the 22 active complaints they currently have registered with the Irish Data Protection Commission. Residents of the European Union can fill out the online form on Facebook’s website (this is not the Account Settings form, but a request for the full file).

    Schrems did offer tips for all users who want to curb the amount of information they’re handing over to Facebook from this point forward. “I would frequently check my privacy settings, turn everything to ‘Friends only’ and turn off ‘Platform.’ Users have to realize that you don’t just share with your Friends, but you always share with your Friends AND Facebook.”

    Judging by the sheer difference in file sizes, comparing the personally requested vs. legally requested files Schrems and Europe v. Facebook received, there’s a lot of data left on the table. For the same user, the file sizes varied enormously. Schrems described the file obtained through a legal request as a 500MB PDF including data the user thought they had deleted. The one sent through a regular Facebook request was a 150MB HTML file and included video (the PDF did not) but did not have the deleted data.

    We reached out to Facebook for comment but had not received a response by the time of publication.

    *Europe v. Facebook files their complaints in Ireland, as Facebook’s User Terms list their Ireland office as headquarters for all Facebook affairs outside of Canada and the U.S.

    Miranda Miller, October 3, 2011

    Find this story at 3 October 2011

    © 2014 Incisive Interactive Marketing LLC.

    What Facebook Knows

    The company’s social scientists are hunting for insights about human behavior. What they find could give Facebook new ways to cash in on our data—and remake our view of society.

    Cameron Marlow calls himself Facebook’s “in-house sociologist.” He and his team can analyze essentially all the information the site gathers.

    If Facebook were a country, a conceit that founder Mark Zuckerberg has entertained in public, its 900 million members would make it the third largest in the world.

    It would far outstrip any regime past or present in how intimately it records the lives of its citizens. Private conversations, family photos, and records of road trips, births, marriages, and deaths all stream into the company’s servers and lodge there. Facebook has collected the most extensive data set ever assembled on human social behavior. Some of your personal information is probably part of it.

    And yet, even as Facebook has embedded itself into modern life, it hasn’t actually done that much with what it knows about us. Now that the company has gone public, the pressure to develop new sources of profit (see “The Facebook Fallacy”) is likely to force it to do more with its hoard of information. That stash of data looms like an oversize shadow over what today is a modest online advertising business, worrying privacy-conscious Web users (see “Few Privacy Regulations Inhibit Facebook”) and rivals such as Google. Everyone has a feeling that this unprecedented resource will yield something big, but nobody knows quite what.

    FEW PRIVACY REGULATIONS INHIBIT FACEBOOK

    Laws haven’t kept up with the company’s ability to mine its users’ data.
    Even as Facebook has embedded itself into modern life, it hasn’t done that much with what it knows about us. Its stash of data looms like an oversize shadow. Everyone has a feeling that this resource will yield something big, but nobody knows quite what.

    Heading Facebook’s effort to figure out what can be learned from all our data is Cameron Marlow, a tall 35-year-old who until recently sat a few feet away from ­Zuckerberg. The group Marlow runs has escaped the public attention that dogs Facebook’s founders and the more headline-grabbing features of its business. Known internally as the Data Science Team, it is a kind of Bell Labs for the social-networking age. The group has 12 researchers—but is expected to double in size this year. They apply math, programming skills, and social science to mine our data for insights that they hope will advance Facebook’s business and social science at large. Whereas other analysts at the company focus on information related to specific online activities, Marlow’s team can swim in practically the entire ocean of personal data that Facebook maintains. Of all the people at Facebook, perhaps even including the company’s leaders, these researchers have the best chance of discovering what can really be learned when so much personal information is compiled in one place.

    Facebook has all this information because it has found ingenious ways to collect data as people socialize. Users fill out profiles with their age, gender, and e-mail address; some people also give additional details, such as their relationship status and mobile-phone number. A redesign last fall introduced profile pages in the form of time lines that invite people to add historical information such as places they have lived and worked. Messages and photos shared on the site are often tagged with a precise location, and in the last two years Facebook has begun to track activity elsewhere on the Internet, using an addictive invention called the “Like” button. It appears on apps and websites outside Facebook and allows people to indicate with a click that they are interested in a brand, product, or piece of digital content. Since last fall, Facebook has also been able to collect data on users’ online lives beyond its borders automatically: in certain apps or websites, when users listen to a song or read a news article, the information is passed along to Facebook, even if no one clicks “Like.” Within the feature’s first five months, Facebook catalogued more than five billion instances of people listening to songs online. Combine that kind of information with a map of the social connections Facebook’s users make on the site, and you have an incredibly rich record of their lives and interactions.

    “This is the first time the world has seen this scale and quality of data about human communication,” Marlow says with a characteristically serious gaze before breaking into a smile at the thought of what he can do with the data. For one thing, Marlow is confident that exploring this resource will revolutionize the scientific understanding of why people behave as they do. His team can also help Facebook influence our social behavior for its own benefit and that of its advertisers. This work may even help Facebook invent entirely new ways to make money.

    Contagious Information

    Marlow eschews the collegiate programmer style of Zuckerberg and many others at Facebook, wearing a dress shirt with his jeans rather than a hoodie or T-shirt. Meeting me shortly before the company’s initial public offering in May, in a conference room adorned with a six-foot caricature of his boss’s dog spray-painted on its glass wall, he comes across more like a young professor than a student. He might have become one had he not realized early in his career that Web companies would yield the juiciest data about human interactions.

    In 2001, undertaking a PhD at MIT’s Media Lab, Marlow created a site called Blogdex that automatically listed the most “contagious” information spreading on weblogs. Although it was just a research project, it soon became so popular that Marlow’s servers crashed. Launched just as blogs were exploding into the popular consciousness and becoming so numerous that Web users felt overwhelmed with information, it prefigured later aggregator sites such as Digg and Reddit. But Marlow didn’t build it just to help Web users track what was popular online. Blogdex was intended as a scientific instrument to uncover the social networks forming on the Web and study how they spread ideas. Marlow went on to Yahoo’s research labs to study online socializing for two years. In 2007 he joined Facebook, which he considers the world’s most powerful instrument for studying human society. “For the first time,” Marlow says, “we have a microscope that not only lets us examine social behavior at a very fine level that we’ve never been able to see before but allows us to run experiments that millions of users are exposed to.”

    Marlow’s team works with managers across Facebook to find patterns that they might make use of. For instance, they study how a new feature spreads among the social network’s users. They have helped Facebook identify users you may know but haven’t “friended,” and recognize those you may want to designate mere “acquaintances” in order to make their updates less prominent. Yet the group is an odd fit inside a company where software engineers are rock stars who live by the mantra “Move fast and break things.” Lunch with the data team has the feel of a grad-student gathering at a top school; the typical member of the group joined fresh from a PhD or junior academic position and prefers to talk about advancing social science than about Facebook as a product or company. Several members of the team have training in sociology or social psychology, while others began in computer science and started using it to study human behavior. They are free to use some of their time, and Facebook’s data, to probe the basic patterns and motivations of human behavior and to publish the results in academic journals—much as Bell Labs researchers advanced both AT&T’s technologies and the study of fundamental physics.

    It may seem strange that an eight-year-old company without a proven business model bothers to support a team with such an academic bent, but ­Marlow says it makes sense. “The biggest challenges Facebook has to solve are the same challenges that social science has,” he says. Those challenges include understanding why some ideas or fashions spread from a few individuals to become universal and others don’t, or to what extent a person’s future actions are a product of past communication with friends. Publishing results and collaborating with university researchers will lead to findings that help Facebook improve its products, he adds.

    Eytan Bakshy experimented with the way Facebook users shared links so that his group could study whether the site functions like an echo chamber.

    For one example of how Facebook can serve as a proxy for examining society at large, consider a recent study of the notion that any person on the globe is just six degrees of separation from any other. The best-known real-world study, in 1967, involved a few hundred people trying to send postcards to a particular Boston stockholder. Facebook’s version, conducted in collaboration with researchers from the University of Milan, involved the entire social network as of May 2011, which amounted to more than 10 percent of the world’s population. Analyzing the 69 billion friend connections among those 721 million people showed that the world is smaller than we thought: four intermediary friends are usually enough to introduce anyone to a random stranger. “When considering another person in the world, a friend of your friend knows a friend of their friend, on average,” the technical paper pithily concluded. That result may not extend to everyone on the planet, but there’s good reason to believe that it and other findings from the Data Science Team are true to life outside Facebook. Last year the Pew Research Center’s Internet & American Life Project found that 93 percent of Facebook friends had met in person. One of Marlow’s researchers has developed a way to calculate a country’s “gross national happiness” from its Facebook activity by logging the occurrence of words and phrases that signal positive or negative emotion. Gross national happiness fluctuates in a way that suggests the measure is accurate: it jumps during holidays and dips when popular public figures die. After a major earthquake in Chile in February 2010, the country’s score plummeted and took many months to return to normal. That event seemed to make the country as a whole more sympathetic when Japan suffered its own big earthquake and subsequent tsunami in March 2011; while Chile’s gross national happiness dipped, the figure didn’t waver in any other countries tracked (Japan wasn’t among them). Adam Kramer, who created the index, says he intended it to show that Facebook’s data could provide cheap and accurate ways to track social trends—methods that could be useful to economists and other researchers.

    Other work published by the group has more obvious utility for Facebook’s basic strategy, which involves encouraging us to make the site central to our lives and then using what it learns to sell ads. An early study looked at what types of updates from friends encourage newcomers to the network to add their own contributions. Right before Valentine’s Day this year a blog post from the Data Science Team listed the songs most popular with people who had recently signaled on Facebook that they had entered or left a relationship. It was a hint of the type of correlation that could help Facebook make useful predictions about users’ behavior—knowledge that could help it make better guesses about which ads you might be more or less open to at any given time. Perhaps people who have just left a relationship might be interested in an album of ballads, or perhaps no company should associate its brand with the flood of emotion attending the death of a friend. The most valuable online ads today are those displayed alongside certain Web searches, because the searchers are expressing precisely what they want. This is one reason why Google’s revenue is 10 times Facebook’s. But Facebook might eventually be able to guess what people want or don’t want even before they realize it.

    Recently the Data Science Team has begun to use its unique position to experiment with the way Facebook works, tweaking the site—the way scientists might prod an ant’s nest—to see how users react. Eytan Bakshy, who joined Facebook last year after collaborating with Marlow as a PhD student at the University of Michigan, wanted to learn whether our actions on Facebook are mainly influenced by those of our close friends, who are likely to have similar tastes. That would shed light on the theory that our Facebook friends create an “echo chamber” that amplifies news and opinions we have already heard about. So he messed with how Facebook operated for a quarter of a billion users. Over a seven-week period, the 76 million links that those users shared with each other were logged. Then, on 219 million randomly chosen occasions, Facebook prevented someone from seeing a link shared by a friend. Hiding links this way created a control group so that Bakshy could assess how often people end up promoting the same links because they have similar information sources and interests.

    He found that our close friends strongly sway which information we share, but overall their impact is dwarfed by the collective influence of numerous more distant contacts—what sociologists call “weak ties.” It is our diverse collection of weak ties that most powerfully determines what information we’re exposed to.

    That study provides strong evidence against the idea that social networking creates harmful “filter bubbles,” to use activist Eli Pariser’s term for the effects of tuning the information we receive to match our expectations. But the study also reveals the power Facebook has. “If [Facebook’s] News Feed is the thing that everyone sees and it controls how information is disseminated, it’s controlling how information is revealed to society, and it’s something we need to pay very close attention to,” Marlow says. He points out that his team helps Facebook understand what it is doing to society and publishes its findings to fulfill a public duty to transparency. Another recent study, which investigated which types of Facebook activity cause people to feel a greater sense of support from their friends, falls into the same category.

    Facebook is not above using its platform to tweak users’ behavior, as it did by nudging them to register as organ donors. Unlike academic social scientists, Facebook’s employees have a short path from an idea to an experiment on hundreds of millions of people.

    But Marlow speaks as an employee of a company that will prosper largely by catering to advertisers who want to control the flow of information between its users. And indeed, Bakshy is working with managers outside the Data Science Team to extract advertising-related findings from the results of experiments on social influence. “Advertisers and brands are a part of this network as well, so giving them some insight into how people are sharing the content they are producing is a very core part of the business model,” says Marlow.

    Facebook told prospective investors before its IPO that people are 50 percent more likely to remember ads on the site if they’re visibly endorsed by a friend. Figuring out how influence works could make ads even more memorable or help Facebook find ways to induce more people to share or click on its ads.

    Social Engineering

    Marlow says his team wants to divine the rules of online social life to understand what’s going on inside Facebook, not to develop ways to manipulate it. “Our goal is not to change the pattern of communication in society,” he says. “Our goal is to understand it so we can adapt our platform to give people the experience that they want.” But some of his team’s work and the attitudes of Facebook’s leaders show that the company is not above using its platform to tweak users’ behavior. Unlike academic social scientists, Facebook’s employees have a short path from an idea to an experiment on hundreds of millions of people.

    In April, influenced in part by conversations over dinner with his med-student girlfriend (now his wife), Zuckerberg decided that he should use social influence within Facebook to increase organ donor registrations. Users were given an opportunity to click a box on their Timeline pages to signal that they were registered donors, which triggered a notification to their friends. The new feature started a cascade of social pressure, and organ donor enrollment increased by a factor of 23 across 44 states.

    Marlow’s team is in the process of publishing results from the last U.S. midterm election that show another striking example of Facebook’s potential to direct its users’ influence on one another. Since 2008, the company has offered a way for users to signal that they have voted; Facebook promotes that to their friends with a note to say that they should be sure to vote, too. Marlow says that in the 2010 election his group matched voter registration logs with the data to see which of the Facebook users who got nudges actually went to the polls. (He stresses that the researchers worked with cryptographically “anonymized” data and could not match specific users with their voting records.)

    Sameet Agarwal figures out ways for Facebook to manage its enormous trove of data—giving the company a unique and valuable level of expertise.

    This is just the beginning. By learning more about how small changes on Facebook can alter users’ behavior outside the site, the company eventually “could allow others to make use of Facebook in the same way,” says Marlow. If the American Heart Association wanted to encourage healthy eating, for example, it might be able to refer to a playbook of Facebook social engineering. “We want to be a platform that others can use to initiate change,” he says.

    Advertisers, too, would be eager to know in greater detail what could make a campaign on Facebook affect people’s actions in the outside world, even though they realize there are limits to how firmly human beings can be steered. “It’s not clear to me that social science will ever be an engineering science in a way that building bridges is,” says Duncan Watts, who works on computational social science at Microsoft’s recently opened New York research lab and previously worked alongside Marlow at Yahoo’s labs. “Nevertheless, if you have enough data, you can make predictions that are better than simply random guessing, and that’s really lucrative.”

    Doubling Data

    Like other social-Web companies, such as Twitter, Facebook has never attained the reputation for technical innovation enjoyed by such Internet pioneers as Google. If Silicon Valley were a high school, the search company would be the quiet math genius who didn’t excel socially but invented something indispensable. Facebook would be the annoying kid who started a club with such social momentum that people had to join whether they wanted to or not. In reality, Facebook employs hordes of talented software engineers (many poached from Google and other math-genius companies) to build and maintain its irresistible club. The technology built to support the Data Science Team’s efforts is particularly innovative. The scale at which Facebook operates has led it to invent hardware and software that are the envy of other companies trying to adapt to the world of “big data.”

    In a kind of passing of the technological baton, Facebook built its data storage system by expanding the power of open-source software called Hadoop, which was inspired by work at Google and built at Yahoo. Hadoop can tame seemingly impossible computational tasks—like working on all the data Facebook’s users have entrusted to it—by spreading them across many machines inside a data center. But Hadoop wasn’t built with data science in mind, and using it for that purpose requires specialized, unwieldy programming. Facebook’s engineers solved that problem with the invention of Hive, open-source software that’s now independent of Facebook and used by many other companies. Hive acts as a translation service, making it possible to query vast Hadoop data stores using relatively simple code. To cut down on computational demands, it can request random samples of an entire data set, a feature that’s invaluable for companies swamped by data. Much of Facebook’s data resides in one Hadoop store more than 100 petabytes (a million gigabytes) in size, says Sameet Agarwal, a director of engineering at Facebook who works on data infrastructure, and the quantity is growing exponentially. “Over the last few years we have more than doubled in size every year,” he says. That means his team must constantly build more efficient systems.

    One potential use of Facebook’s data storehouse would be to sell insights mined from it. Such information could be the basis for any kind of business. Assuming Facebook can do this without upsetting users and regulators, it could be lucrative.

    All this has given Facebook a unique level of expertise, says Jeff Hammerbacher, Marlow’s predecessor at Facebook, who initiated the company’s effort to develop its own data storage and analysis technology. (He left Facebook in 2008 to found Cloudera, which develops Hadoop-based systems to manage large collections of data.) Most large businesses have paid established software companies such as Oracle a lot of money for data analysis and storage. But now, big companies are trying to understand how Facebook handles its enormous information trove on open-source systems, says Hammerbacher. “I recently spent the day at Fidelity helping them understand how the ‘data scientist’ role at Facebook was conceived … and I’ve had the same discussion at countless other firms,” he says.

    As executives in every industry try to exploit the opportunities in “big data,” the intense interest in Facebook’s data technology suggests that its ad business may be just an offshoot of something much more valuable. The tools and techniques the company has developed to handle large volumes of information could become a product in their own right.

    Mining for Gold

    Facebook needs new sources of income to meet investors’ expectations. Even after its disappointing IPO, it has a staggeringly high price-to-earnings ratio that can’t be justified by the barrage of cheap ads the site now displays. Facebook’s new campus in Menlo Park, California, previously inhabited by Sun Microsystems, makes that pressure tangible. The company’s 3,500 employees rattle around in enough space for 6,600. I walked past expanses of empty desks in one building; another, next door, was completely uninhabited. A vacant lot waited nearby, presumably until someone invents a use of our data that will justify the expense of developing the space.

    One potential use would be simply to sell insights mined from the information. DJ Patil, data scientist in residence with the venture capital firm Greylock Partners and previously leader of LinkedIn’s data science team, believes Facebook could take inspiration from Gil Elbaz, the inventor of Google’s AdSense ad business, which provides over a quarter of Google’s revenue. He has moved on from advertising and now runs a fast-growing startup, Factual, that charges businesses to access large, carefully curated collections of data ranging from restaurant locations to celebrity body-mass indexes, which the company collects from free public sources and by buying private data sets. Factual cleans up data and makes the result available over the Internet as an on-demand knowledge store to be tapped by software, not humans. Customers use it to fill in the gaps in their own data and make smarter apps or services; for example, Facebook itself uses Factual for information about business locations. Patil points out that Facebook could become a data source in its own right, selling access to information compiled from the actions of its users. Such information, he says, could be the basis for almost any kind of business, such as online dating or charts of popular music. Assuming Facebook can take this step without upsetting users and regulators, it could be lucrative. An online store wishing to target its promotions, for example, could pay to use Facebook as a source of knowledge about which brands are most popular in which places, or how the popularity of certain products changes through the year.

    Hammerbacher agrees that Facebook could sell its data science and points to its currently free Insights service for advertisers and website owners, which shows how their content is being shared on Facebook. That could become much more useful to businesses if Facebook added data obtained when its “Like” button tracks activity all over the Web, or demographic data or information about what people read on the site. There’s precedent for offering such analytics for a fee: at the end of 2011 Google started charging $150,000 annually for a premium version of a service that analyzes a business’s Web traffic.

    Back at Facebook, Marlow isn’t the one who makes decisions about what the company charges for, even if his work will shape them. Whatever happens, he says, the primary goal of his team is to support the well-being of the people who provide Facebook with their data, using it to make the service smarter. Along the way, he says, he and his colleagues will advance humanity’s understanding of itself. That echoes Zuckerberg’s often doubted but seemingly genuine belief that Facebook’s job is to improve how the world communicates. Just don’t ask yet exactly what that will entail. “It’s hard to predict where we’ll go, because we’re at the very early stages of this science,” says ­Marlow. “The number of potential things that we could ask of Facebook’s data is enormous.”

    Tom Simonite is Technology Review’s senior IT editor.
    By Tom Simonite on June 13, 2012 20 COMMENTS

    Find this story at 13 June 2012

    copyright http://www.technologyreview.com/

    How Facebook Uses Your Data to Target Ads, Even Offline

    If you feel like Facebook has more ads than usual, you aren’t imagining it: Facebook’s been inundating us with more and more ads lately, and using your information—both online and offline—to do it. Here’s how it works, and how you can opt out.

    For most people, Facebook’s advertising system is insider-baseball that doesn’t really affect how we use the service. But as the targeted ads—the advertisements that take the data you provide to offer ads specific to you—get more accurate and start pulling in information from other sources (including the stuff you do offline), it’s more important than ever to understand their system. To figure out how this all works, I spoke with Elisabeth Diana, manager of corporate communication at Facebook. Let’s kick it off with the basics of how the targeted ads work online before moving on to some of the changes we’ll see with the recent inclusion of offline shopping data.

    How Facebook Uses Your Profile to Target Ads

    How Facebook Uses Your Data to Target Ads, Even Offline
    We’ve talked before about how Facebook uses you to annoy your friends by turning your likes into subtle ads. This method of sponsored posts is deceptively simple.

    The most obvious example of a targeted ad uses something you like—say Target—and then shows an ad on the right side or in the newsfeed that simply says, “[Name] likes Target.” What you and your friends like helps determine what everyone on your friends list sees for ads. Any ad you click on then increases the likelihood of another similar ad.

    It’s not just what you and your friends are doing that generates ads though; it’s also basic demographic information. Diana notes that this also includes “major life events like getting engaged or married.” So, if you’re recently engaged and note that on Facebook, you’ll see ads about things like wedding planning.

    When an advertiser creates an ad on Facebook, they can select all sorts of parameters so they reach the right people. A simple example of a parameter would be: “Someone engaged to be married, who lives in New York, between the ages of 20-30.” That’s simple, but advertisers can actually narrow that down to insane specifics, like “Someone engaged to be married, who lives in New York, between the ages of 20-30, who likes swimming, and who drives a BMW.” If your profile fits those parameters, you’ll likely see the ad. If you want to see how it works, you can even try your hand at creating an ad.

    It boils down to this: the more information you put about yourself on Facebook—where you live, your age, where (and if) you graduated college, the companies, brands, and activities you like, and even where you work—determines what kind of ads you’ll see. In theory, it makes it so targeted ads are more relevant to you.

    What Happens When You Don’t Like or Share Anything

    How Facebook Uses Your Data to Target Ads, Even Offline
    The way Facebook targets ads is based a lot around the information you provide. Using your likes, location, or age, Facebook puts you in a demographic and advertises to you. But what happens when you don’t include any of that information on your profile? It turns out that your friends are used to fill in the gaps.

    Chances are, even a barebones profile has a few bits of information about you. You probably at least have where you live and your age. That combined with the information your friends provide creates a reasonable demographic that advertisers can still reach you at. The ads won’t be as spookily accurate to you as if you provide a lot of data, but they’ll at least be about as accurate as a television ad on your favorite show.

    How to Keep Facebook from Targeting Ads Online

    We know Facebook has an idea of what you’re doing online. That can be unsettling if you’re concerned about your privacy and you don’t want your online habits contributing to advertisements, or if you don’t like the idea of Facebook collecting data about you that you’re not willfully providing. You’ll “miss out” on targeted ads, but here here are a few tools to keep that from happening online:

    Facebook Disconnect for Chrome and Firefox: Facebook gets notified when you visit a page that uses Facebook Connect (the little “Like” button you find on most web sites, including ours), and that data can be used to target ads. Facebook Disconnect stops that flow of data.
    Facebook Privacy List for Adblock Plus: This subscription for Adblock Plus blocks Facebook plugins and scripts from running all over the web so your browsing data doesn’t get tied to your Facebook account.
    DoNotTrackMe: DoNotTrackMe is another extension that blocks trackers and anyone who wants to collect your browsing data to create targeted ads.
    Finally, you want to opt out of the Facebook Ads that use your actions (liking a page, sharing pages, etc) to promote ads to your friends:

    Click the lock icon when you’re logged into Facebook and select “see more settings”.
    Click the “Ads” tab on the sidebar.
    Click “Edit” under “Third Party Sites” and change the setting to “No one.”
    Click “Edit” under “Ads & Friends” and select “No One.” This disables Social Ads.
    So, that takes care of the online advertising. Be sure to check out our guide to Facebook privacy for more information about all that. You can also hide your likes from your profile so they’re not as prominant. If you don’t actually mind the advertising, but want to improve the ads shown to you, you can always click the “X” next to any ad to get rid of it.

    The Always Up-to-Date Guide to Managing Your Facebook Privacy
    Keeping your Facebook info private is getting harder and harder all the time—mostly because…
    Read more
    How Facebook Uses Your Real World Shopping to Target Ads

    How Facebook Uses Your Data to Target Ads, Even Offline
    EXPAND
    Of course, you probably knew about a lot of that already. Using information in Facebook profile to target ads is old news, but with a few recent partnerships, Facebook is also going to use what you buy in real life stores to influence and track the ads you see. It sounds spooky, but it’s also older than you may realize.

    To do this, Facebook is combining the information they have with information from data collection companies like Datalogix, Acxiom, Epsilon, and BlueKai. These companies already collect information about you through things like store loyalty cards, mailing lists, public records information (including home or car ownership), browser cookies, and more. For example, if you buy a bunch of detergent at Safeway, and use your Safeway card to get a discount, that information is cataloged and saved by a company like Datalogix.

    How much do these data collecting companies know? According to The New York Times: way more than you’d think, including race, gender, economic status, buying habits, and more. Typically, they then sell this data to advertisers or corporations, but when it’s combined with your information from Facebook, they get an even better idea of what you like, where you shop, and what you buy. As Diana describes it, Facebook is “trying to give advertisers a chance to reach people both on and off Facebook,” and make advertisements more relevant to you. Photo by Joe Loong.

    How Real-Life Ad Targetting Works

    How Facebook Uses Your Data to Target Ads, Even Offline

    The most shocking thing you’re going to find on Facebook is when something you do in the real world—say, buy a car, go shopping with a loyalty card at a grocery store, or sign up for an email list—actually impacts the ads you see. This is no different than any other direct marketing campaign like junk mail, but seeing it on Facebook might be a little unsettling at first. There are a couple reasons this might happen: custom audiences, and the recent partnerships with data collection companies we talked about earlier.

    Custom audiences are very simple and it basically allows an advertiser to upload an email list and compare that data (privately) with who’s on Facebook. Diana offered the simple example of buying a car. Let’s say you purchase a car from a dealership, and when you do so, you give them your email address. That dealership wants to advertise on Facebook, so they upload a list of all the email addresses they have. That data is then made private, and Facebook pairs the email address with the one you registered on Facebook. If they match, you might see an ad from that dealership on Facebook for a discounted tune-up or something similar. Additionally, Lookalike audiences might be used to advertise to people similar to you because you purchased a car there. That might mean your friends (assuming you’re all similar) will see the same ad from the dealership.

    The custom audiences can be used by any company advertising on Facebook. So, if you’re on your dentist’s email list, or that small bakery around the corner snagged your email for a free slice of pie, they can potentially reach you through this system.

    The partnership with other data collection agencies like Acxiom and Datalogix is going to look a little different. This means that when you use something like a customer loyalty card at a grocery store, you might see a targeted ad that reflects that. The New York Times offers this example:

    At the very least, said Ms. Williamson, an analyst with the research firm eMarketer, consumers will be “forced to become more aware of the data trail they leave behind them and how companies are putting all that data together in new ways to reach them.” She knows, for instance, that if she uses her supermarket loyalty card to buy cornflakes, she can expect to see a cornflakes advertisement when she logs in to Facebook.
    A new targeting feature, Partner categories, takes the data collected by these third-party data brokers and puts you into a group. So, if you’re in a group of people who buys a lot of frozen pizza at Safeway, you’ll see ads for frozen pizza, and maybe other frozen foods.

    It sounds a little weird at a glance, but it’s important to remember that this is all information that you’re already providing. Facebook is using data collected by outside companies to create a more accurate portrayal of you so marketers can advertise to you directly.

    How Your Data Is Kept Private

    How Facebook Uses Your Data to Target Ads, Even Offline
    All of this information being exchanged should make the hairs on the back of your neck stand up a little. If anything goes wrong, it could leak a bunch of your private information all over the place. Or, at the very least, marketers would get a lot more information about you then you want like your username, email, and location data. To keep your information private, Facebook uses a system called hashing.

    First, your personal information like email and name is encrypted. So, your name, login info, and anything else that would identify you as a person goes away. Then, Facebook turns the rest of the information into a series of numbers and letters using hashing. For example, Age: 31, Likes: Lifehacker, Swimming, BMW’s, Location: New York, turns into something like, “342asafk43255adjk.” Finally, this information is combined with what the data collection companies have on you to create a better picture of your shopping habits so they can target ads. Slate describes the system like so:

    What they came up with was a Rube Goldbergian system that strips out personally identifiable information from the databases at Facebook, Datalogix, and the major retailers while still matching people and their purchases. The system works by creating three separate data sets. First, Datalogix “hashes” its database—that is, it turns the names, addresses and other personally identifiable data for each person in its logs into long strings of numbers. Facebook and retailers do the same thing to their data. Then, Datalogix compares its hashed data with Facebook’s to find matches. Each match indicates a potential test subject-someone on Facebook who is also part of Datalogix’s database. Datalogix runs a similar process with retailers’ transaction data. At the end of it all, Datalogix can compare the Facebook data and the retail data, but, importantly, none of the databases will include any personally identifiable data—so Facebook will never find out whether and when you, personally, purchased Tide, and Procter & Gamble and Kroger will never find out your Facebook profile.
    From the actual advertisers point of view, the flow of information doesn’t reveal personal details. It just tells them how many potential customers might see an ad. “An advertiser would learn something like, ‘about 50% of your customers are on Facebook,'” says Diana, “But they don’t know who you are.” Image by Jorge Stolfi.

    How to Opt Out of Offline Targetting

    How Facebook Uses Your Data to Target Ads, Even Offline
    EXPAND
    Unlike the internal advertising system that uses the information you already provide to Facebook to give you ads, these new partnerships with real world data collection agencies go way beyond that. Now, they’re able to see what you’re buying at stores offline, and that’s disconcerting for a lot of people. The goal, of course, is more relevant ads, but that comes at the price of privacy and security. With all this data out there, it would be easy to get a very clear image of who you are, where you live, what you like, and even if you’re pregnant. Thankfully, opting out of the data collection companies also gets you out of the integration with Facebook (and everywhere else).

    This process is a lot more complicated than it should be, but the Electronic Frontier Foundation has a step-by-step guide for each of the data brokers. Basically, you’ll need to opt out in three different places: Acxiom, Datalogix, and Epsilon in order to ensure your shopping data in the real world isn’t used on Facebook (and beyond). BlueKai, unfortunately, has no direct way to opt out so you’ll need to use the browser extensions listed in the first section.

    If you really want to keep those loyalty cards from tracking you, just use Jenny’s number (867-5309) at the checkout lane instead of setting up an account.

    Use “Jenny’s Number” to Get Club Discounts at Stores Without Providing Personal Information
    When you go to the grocery store you’re always asked to sign up for a rewards card, which…
    Read more
    Those are the basics of how Facebook’s various targeted advertising systems work. Of course, a lot of complex math and algorithms are in place to actually generate this data, but it really boils down to how much information you’re making public—whether you’re aware of it or not—that makes the system tick. If you like the targeted ads, they should improve even more as the years go on. If you don’t, opting out is always an option.

    Thorin Klosowski
    4/11/13 8:00am

    Find this story at 4 November 2013

    copyright http://lifehacker.com/

    Facebook Tests Software to Track Your Cursor on Screen

    Facebook Inc.FB -0.24% is testing technology that would greatly expand the scope of data that it collects about its users, the head of the company’s analytics group said Tuesday.

    The social network may start collecting data on minute user interactions with its content, such as how long a user’s cursor hovers over a certain part of its website, or whether a user’s newsfeed is visible at a given moment on the screen of his or her mobile phone, Facebook analytics chief Ken Rudin said Tuesday during an interview.

    Facebook’s Ken Rudin
    Mr. Rudin said the captured information could be added to a data analytics warehouse that is available for use throughout the company for an endless range of purposes–from product development to more precise targeting of advertising.

    Facebook collects two kinds of data, demographic and behavioral. The demographic data—such as where a user lives or went to school—documents a user’s life beyond the network. The behavioral data—such as one’s circle of Facebook friends, or “likes”—is captured in real time on the network itself. The ongoing tests would greatly expand the behavioral data that is collected, according to Mr. Rudin. The tests are ongoing and part of a broader technology testing program, but Facebook should know within months whether it makes sense to incorporate the new data collection into the business, he said

    New types of data Facebook may collect include “did your cursor hover over that ad … and was the newsfeed in a viewable area,” Mr. Rudin said. “It is a never-ending phase. I can’t promise that it will roll out. We probably will know in a couple of months,” said Mr. Rudin, a Silicon Valley veteran who arrived at Facebook in April 2012 from Zynga Inc.ZNGA -0.31%, where he was vice president of analytics and platform technologies.

    As the head of analytics, Mr. Rudin is preparing the company’s infrastructure for a massive increase in the volume of its data.

    Facebook isn’t the first company to contemplate recording such activity. Shutterstock Inc.SSTK +0.11%, a marketplace for digital images, records literally everything that its users do on the site. Shutterstock uses the open-source Hadoop distributed file system to analyze data such as where visitors to the site place their cursors and how long they hover over an image before they make a purchase. “Today, we are looking at every move a user makes, in order to optimize the Shutterstock experience….All these new technologies can process that,” Shutterstock founder and CEO Jon Oringer told the Wall Street Journal in March.

    Facebook also is a major user of Hadoop, an open-source framework that is used to store large amounts of data on clusters of inexpensive machines. Facebook designs its own hardware to store its massive data analytics warehouse, which has grown 4,000 times during the last four years to a current level of 300 petabytes. The company uses a modified version of Hadoop to manage its data, according to Mr. Rudin. There are additional software layers on top of Hadoop, which rank the value of data and make sure it is accessible.

    The data in the analytics warehouse—which is separate from the company’s user data, the volume of which has not been disclosed—is used in the targeting of advertising. As the company captures more data, it can help marketers target their advertising more effectively—assuming, of course, that the data is accessible.

    “Instead of a warehouse of data, you can end up with a junkyard of data,” said Mr. Rudin, who spoke to CIO Journal during a break at the Strata and Hadoop World Conference in New York. He said that he has led a project to index that data, essentially creating an internal search engine for the analytics warehouse.

    October 30, 2013, 7:15 AM ET
    By STEVE ROSENBUSH

    Find this story at 30 October 2013

    Copyright ©2014 Dow Jones & Company, Inc

    The Bahamas Wants to Know Why the NSA is Recording Its Phone Calls

    Government officials in the Bahamas want their U.S. counterparts to explain why the National Security Agency has been intercepting and recording every cell phone call taking place on the island nation.

    Responding to a report published by The Intercept on Monday, which revealed that the NSA has been targeting the Bahamas’ entire mobile network and storing the audio of every phone call traversing the network for up to 30 days, Bahamian officials told the Nassau Guardian that they had contacted the U.S. and vowed to release a statement regarding the revelations.

    In a front-page story published Tuesday, Bahamian Minister of Foreign Affairs Fred Mitchell told the Guardian that his government had reached out to the U.S. for an explanation. Mitchell said the cabinet was set to meet to discuss the matter and planned to issue a statement on the surveillance. The Bahamian minister of national security told the paper he intended to launch an inquiry into the NSA’s surveillance but did not provide a comment.

    A source familiar with the situation told The Intercept that the cabinet meeting had indeed taken place, but an official in Mitchell’s office said there would be no comment Tuesday. “You’ll have to call back,” said the official, who did not identify herself.

    Calls to the office of the prime minister went unanswered, as did a call to Bahamas Telecommunications Company, the Bahamas’ largest communications provider.

    U.S. officials at the embassy in the Bahamian capital of Nassau, meanwhile, told the Guardian it would not comment on “every specific alleged intelligence activity.”

    “The United States values its relationship with the Bahamas,” Neda Brown, a U.S. embassy spokesperson, told the paper. Contacted by The Intercept, Brown directed inquires to the State Department’s Bureau of Western Hemispheres. The bureau did not return a request for comment made late Tuesday.

    In addition to the Bahamas, The Intercept‘s report also revealed NSA’s targeting of mobile networks in Mexico, Kenya and the Philippines. Calls and emails to the embassies of each country were not returned Tuesday.

    By Ryan Devereaux20 May 2014, 5:58 PM EDT 151

    Find this story at 20 May 2014

    © 2014 First Look Productions, Inc.

    WikiLeaks ignores ‘deaths’ warning, threatens to name NSA-targeted country

    Internet, Mass media, Security, USA, WikiLeaks
    Despite warnings that doing so “could lead to increased violence” and potentially deaths, anti-secrecy group WikiLeaks says it plans to publish the name of a country targeted by a massive United States surveillance operation.

    On Monday this week, journalists at The Intercept published a report based off of leaked US National Security Agency documents supplied by former contractor Edward Snowden which suggested that the NSA has been collecting in bulk the contents of all phone conversations made or received in two countries abroad.

    Only one of those nations, however — the Bahamas — was named by The Intercept. The other, journalists Ryan Devereaux, Glenn Greenwald and Laura Poitras wrote this week, was withheld as a result of “credible concerns that doing so could lead to increased violence.”

    WikiLeaks has since accused The Intercept and its parent company First Look Media of censorship and says they will publish the identity of the country if the name remains redacted in the original article. The Intercept’s Greenwald fired back over Twitter, though, and said his outlet chose to publish more details than the Washington Post, where journalists previously reported on a related call collection program but chose to redact more thoroughly.

    “We condemn Firstlook for following the Washington Post into censoring the mass interception of an entire nation,” WikiLeaks tweeted on Monday.

    “It is not the place of Firstlook or the Washington Post to deny the rights of an entire people to know they are being mass recorded,” WikiLeaks added. “It is not the place of Firstlook or WaPo to decide how a people will [choose] to act against mass breaches of their rights by the United States.”

    When Greenwald defended his decision to publish the names of four countries where telephony metadata is collected by the NSA but withhold a fifth where content is recorded as well, WikiLeaks said it could be interpreted as meaning that the unknown country doesn’t deserve to know they’re being surveilled, but Greenwald said The Intercept was “very convinced” it could lead to deaths. Later, WikiLeaks equated this as an act of racism.

    But as the conversation escalated, the WikiLeaks Twitter announced it would disclose the nation’s identify if The Intercept did not, despite requests from the US government to leave that information redact over fears of what the response could be.

    “When has true published information harmed innocents?” WikiLeaks asked. “To repeat this false Pentagon talking point is to hurt all publishers.”

    “We will reveal the name of the censored country whose population is being mass recorded in 72 hours,” WikiLeaks wrote at 6:35 p.m. EST Tuesday evening. If the organization intends to uphold that promise, that the identity of the country could be revealed before the weekend.

    As RT reported earlier this week, The Intercept story made claims that the NSA has used a program codenamed MYSTIC to collect basic phone records in at least five countries, similar to the metadata that has been controversially collected in bulk domestically as revealed in one of the first documents released by Snowden last year. In the Bahamas and one more locale, though, The Intercept reported that NSA documents reveal another program, codenamed SOMALGET, is deployed in order to process “over 100 million call events per day.”

    SOMALGET, the document reads, is a “program for embedded collection systems overtly installed on target networks, predominantly for the collection and processing of wireless/mobile communications networks.” According to The Intercept, the decision to wiretap all calls in and out of the Bahamas was made unilaterally and without the knowledge of the island’s government or its quarter-of-a-million people.

    Published time: May 20, 2014 18:38
    Edited time: May 22, 2014 11:17 Get short URL

    Find this story at 20 May 2014

    © Autonomous Nonprofit Organization “TV-Novosti”, 2005–2014

    Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas

    The National Security Agency is secretly intercepting, recording, and archiving the audio of virtually every cell phone conversation on the island nation of the Bahamas.

    According to documents provided by NSA whistleblower Edward Snowden, the surveillance is part of a top-secret system – code-named SOMALGET – that was implemented without the knowledge or consent of the Bahamian government. Instead, the agency appears to have used access legally obtained in cooperation with the U.S. Drug Enforcement Administration to open a backdoor to the country’s cellular telephone network, enabling it to covertly record and store the “full-take audio” of every mobile call made to, from and within the Bahamas – and to replay those calls for up to a month.

    SOMALGET is part of a broader NSA program called MYSTIC, which The Intercept has learned is being used to secretly monitor the telecommunications systems of the Bahamas and several other countries, including Mexico, the Philippines, and Kenya. But while MYSTIC scrapes mobile networks for so-called “metadata” – information that reveals the time, source, and destination of calls – SOMALGET is a cutting-edge tool that enables the NSA to vacuum up and store the actual content of every conversation in an entire country.

    All told, the NSA is using MYSTIC to gather personal data on mobile calls placed in countries with a combined population of more than 250 million people. And according to classified documents, the agency is seeking funding to export the sweeping surveillance capability elsewhere.

    The program raises profound questions about the nature and extent of American surveillance abroad. The U.S. intelligence community routinely justifies its massive spying efforts by citing the threats to national security posed by global terrorism and unpredictable rival nations like Russia and Iran. But the NSA documents indicate that SOMALGET has been deployed in the Bahamas to locate “international narcotics traffickers and special-interest alien smugglers” – traditional law-enforcement concerns, but a far cry from derailing terror plots or intercepting weapons of mass destruction.

    “The Bahamas is a stable democracy that shares democratic principles, personal freedoms, and rule of law with the United States,” the State Department concluded in a crime and safety report published last year. “There is little to no threat facing Americans from domestic (Bahamian) terrorism, war, or civil unrest.”

    By targeting the Bahamas’ entire mobile network, the NSA is intentionally collecting and retaining intelligence on millions of people who have not been accused of any crime or terrorist activity. Nearly five million Americans visit the country each year, and many prominent U.S. citizens keep homes there, including Sen. Tom Harkin (D-Iowa), Bill Gates, and Oprah Winfrey.

    In addition, the program is a serious – and perhaps illegal – abuse of the access to international phone networks that other countries willingly grant the United States for legitimate law-enforcement surveillance. If the NSA is using the Drug Enforcement Administration’s relationship to the Bahamas as a cover for secretly recording the entire country’s mobile phone calls, it could imperil the longstanding tradition of international law enforcement cooperation that the United States enjoys with its allies.

    “It’s surprising, the short-sightedness of the government,” says Michael German, a fellow at New York University’s Brennan Center for Justice who spent 16 years as an FBI agent conducting undercover investigations. “That they couldn’t see how exploiting a lawful mechanism to such a degree that you might lose that justifiable access – that’s where the intelligence community is acting in a way that harms its long-term interests, and clearly the long-term national security interests of the United States.”

    The NSA refused to comment on the program, but said in a statement that “the implication that NSA’s foreign intelligence collection is arbitrary and unconstrained is false.” The agency also insisted that it follows procedures to “protect the privacy of U.S. persons” whose communications are “incidentally collected.”

    Informed about the NSA’s spying, neither the Bahamian prime minister’s office nor the country’s national security minister had any comment. The embassies of Mexico, Kenya, and the Philippines did not respond to phone messages and emails.

    In March, The Washington Post revealed that the NSA had developed the capability to record and store an entire nation’s phone traffic for 30 days. The Post reported that the capacity was a feature of MYSTIC, which it described as a “voice interception program” that is fully operational in one country and proposed for activation in six others. (The Post also referred to NSA documents suggesting that MYSTIC was pulling metadata in some of those countries.) Citing government requests, the paper declined to name any of those countries.

    The Intercept has confirmed that as of 2013, the NSA was actively using MYSTIC to gather cell-phone metadata in five countries, and was intercepting voice data in two of them. Documents show that the NSA has been generating intelligence reports from MYSTIC surveillance in the Bahamas, Mexico, Kenya, the Philippines, and one other country, which The Intercept is not naming in response to specific, credible concerns that doing so could lead to increased violence. The more expansive full-take recording capability has been deployed in both the Bahamas and the unnamed country.

    MYSTIC was established in 2009 by the NSA’s Special Source Operations division, which works with corporate partners to conduct surveillance. Documents in the Snowden archive describe it as a “program for embedded collection systems overtly installed on target networks, predominantly for the collection and processing of wireless/mobile communications networks.”

    1
    A top-secret description of the MYSTIC program written by the NSA’s Special Source Operations division

    If an entire nation’s cell-phone calls were a menu of TV shows, MYSTIC would be a cable programming guide showing which channels offer which shows, and when. SOMALGET would be the DVR that automatically records every show on every channel and stores them for a month. MYSTIC provides the access; SOMALGET provides the massive amounts of storage needed to archive all those calls so that analysts can listen to them at will after the fact. According to one NSA document, SOMALGET is “deployed against entire networks” in the Bahamas and the second country, and processes “over 100 million call events per day.”

    SOMALGET’s capabilities are further detailed in a May 2012 memo written by an official in the NSA’s International Crime and Narcotics division. The memo hails the “great success” the NSA’s drugs and crime unit has enjoyed through its use of the program, and boasts about how “beneficial” the collection and recording of every phone call in a given nation can be to intelligence analysts.

    Rather than simply making “tentative analytic conclusions derived from metadata,” the memo notes, analysts can follow up on hunches by going back in time and listening to phone calls recorded during the previous month. Such “retrospective retrieval” means that analysts can figure out what targets were saying even when the calls occurred before the targets were identified. “[W]e buffer certain calls that MAY be of foreign intelligence value for a sufficient period to permit a well-informed decision on whether to retrieve and return specific audio content,” the NSA official reported.

    “There is little reason,” the official added, that SOMALGET could not be expanded to more countries, as long as the agency provided adequate engineering, coordination and hardware. There is no indication in the documents that the NSA followed up on the official’s enthusiasm.

    2
    A 2012 memo written by the NSA’s International Crime & Narcotics division

    The documents don’t spell out how the NSA has been able to tap the phone calls of an entire country. But one memo indicates that SOMALGET data is covertly acquired under the auspices of “lawful intercepts” made through Drug Enforcement Administration “accesses”– legal wiretaps of foreign phone networks that the DEA requests as part of international law enforcement cooperation.

    When U.S. drug agents need to tap a phone of a suspected drug kingpin in another country, they call up their counterparts and ask them set up an intercept. To facilitate those taps, many nations – including the Bahamas – have hired contractors who install and maintain so-called lawful intercept equipment on their telecommunications. With SOMALGET, it appears that the NSA has used the access those contractors developed to secretly mine the country’s entire phone system for “signals intelligence” –recording every mobile call in the country. “Host countries,” the document notes, “are not aware of NSA’s SIGINT collection.”

    “Lawful intercept systems engineer communications vulnerabilities into networks, forcing the carriers to weaken,” says Christopher Soghoian, the principal technologist for the American Civil Liberties Union. “Host governments really should be thinking twice before they accept one of these Trojan horses.”

    The DEA has long been in a unique position to help the NSA gain backdoor access to foreign phone networks. “DEA has close relationships with foreign government counterparts and vetted foreign partners,” the manager of the NSA’s drug-war efforts reported in a 2004 memo. Indeed, with more than 80 international offices, the DEA is one of the most widely deployed U.S. agencies around the globe.

    But what many foreign governments fail to realize is that U.S. drug agents don’t confine themselves to simply fighting narcotics traffickers. “DEA is actually one of the biggest spy operations there is,” says Finn Selander, a former DEA special agent who works with the drug-reform advocacy group Law Enforcement Against Prohibition. “Our mandate is not just drugs. We collect intelligence.”

    What’s more, Selander adds, the NSA has aided the DEA for years on surveillance operations. “On our reports, there’s drug information and then there’s non-drug information,” he says. “So countries let us in because they don’t view us, really, as a spy organization.”

    Selander’s first-hand experience is echoed in the 2004 memo by the manager of the NSA’s drug-war efforts, which was titled “DEA: The Other Warfighter.” The DEA and the NSA “enjoy a vibrant two-way information-sharing relationship,” the memo observes, and cooperate so closely on counternarcotics and counterterrorism that there is a risk of “blurring the lines between the two missions.”

    Still, the ability to record and replay the phone calls of an entire country appears to be a relatively new weapon in the NSA’s arsenal. None of the half-dozen former U.S. law enforcement officials interviewed by The Intercept said they had ever heard of a surveillance operation quite like the NSA’s Bahamas collection.

    “I’m completely unfamiliar with the program,” says Joel Margolis, a former DEA official who is now executive vice president of government affairs for Subsentio, a Colorado-based company that installs lawful intercepts for telecommunications providers. “I used to work in DEA’s office of chief counsel, and I was their lead specialist on lawful surveillance matters. I wasn’t aware of anything like this.”

    3
    A 2012 memo written by the NSA’s International Crime & Narcotics division

    For nearly two decades, telecom providers in the United States have been legally obligated under the 1994 Communications Assistance for Law Enforcement Act to build their networks with wiretapping capabilities, providing law enforcement agencies with access to more efficient, centrally managed surveillance.

    Since CALEA’s passage, many countries have adopted similar measures, making it easier to gather telecommunications intelligence for international investigations. A 2001 working group for the United Nations Office on Drugs and Crime went so far as to urge countries to consider permitting foreign law enforcement agencies to initiate international wiretaps directly from within their own territories.

    The process for setting up lawful intercepts in foreign countries is largely the same as in the United States. “Law enforcement issues a warrant or other authorization, a carrier or a carrier’s agent responds to the warrant by provisioning the intercept, and the information is sent in sort of a one-way path to the law enforcement agency,” says Marcus Thomas, a former FBI assistant director who now serves as chief technology officer for Subsentio.

    When U.S. drug agents wiretap a country’s phone networks, they must comply with the host country’s laws and work alongside their law enforcement counterparts. “The way DEA works with our allies – it could be Bahamas or Jamaica or anywhere – the host country has to invite us,” says Margolis. “We come in and provide the support, but they do the intercept themselves.”

    The Bahamas’ Listening Devices Act requires all wiretaps to be authorized in writing either by the minister of national security or the police commissioner in consultation with the attorney general. The individuals to be targeted must be named. Under the nation’s Data Protection Act, personal data may only be “collected by means which are both lawful and fair in the circumstances of the case.” The office of the Bahamian data protection commissioner, which administers the act, said in a statement that it “was not aware of the matter you raise.”

    Countries like the Bahamas don’t install lawful intercepts on their own. With the adoption of international standards, a thriving market has emerged for private firms that are contracted by foreign governments to install and maintain lawful intercept equipment. Currently valued at more than $128 million, the global market for private interception services is expected to skyrocket to more than $970 million within the next four years, according to a 2013 report from the research firm Markets and Markets.

    “Most telecom hardware vendors will have some solutions for legal interception,” says a former mobile telecommunications engineer who asked not to be named because he is currently working for the British government. “That’s pretty much because legal interception is a requirement if you’re going to operate a mobile phone network.”

    The proliferation of private contractors has apparently provided the NSA with direct access to foreign phone networks. According to the documents, MYSTIC draws its data from “collection systems” that were overtly installed on the telecommunications systems of targeted countries, apparently by corporate “partners” cooperating with the NSA.

    One NSA document spells out that “the overt purpose” given for accessing foreign telecommunications systems is “for legitimate commercial service for the Telco’s themselves.” But the same document adds: “Our covert mission is the provision of SIGINT,” or signals intelligence.

    The classified 2013 intelligence budget also describes MYSTIC as using “partner-enabled” access to both cellular and landline phone networks. The goal of the access, the budget says, is to “provide comprehensive metadata access and content against targeted communications” in the Caribbean, Mexico, Kenya, the Philippines, and the unnamed country. The budget adds that in the Bahamas, Mexico, and the Philippines, MYSTIC requires “contracted services” for its “operational sustainment.”

    SSO_Dictionary_Excerpt
    Definitions of terms related to the MYSTIC program, drawn from an NSA glossary

    The NSA documents don’t specify who is providing access in the Bahamas. But they do describe SOMALGET as an “umbrella term” for systems provided by a private firm, which is described elsewhere in the documents as a “MYSTIC access provider.” (The documents don’t name the firm, but rather refer to a cover name that The Intercept has agreed not to publish in response to a specific, credible concern that doing so could lead to violence.) Communications experts consulted by The Intercept say the descriptions in the documents suggest a company able to install lawful intercept equipment on phone networks.

    Though it is not the “access provider,” the behemoth NSA contractor General Dynamics is directly involved in both MYSTIC and SOMALGET. According to documents, the firm has an eight-year, $51 million contract to process “all MYSTIC data and data for other NSA accesses” at a facility in Annapolis Junction, Maryland, down the road from NSA’s headquarters. NSA logs of SOMALGET collection activity – communications between analysts about issues such as outages and performance problems – contain references to a technician at a “SOMALGET processing facility” who bears the same name as a LinkedIn user listing General Dynamics as his employer. Reached for comment, a General Dynamics spokesperson referred questions to the NSA.

    According to the NSA documents, MYSTIC targets calls and other data transmitted on Global System for Mobile Communications networks – the primary framework used for cell phone calls worldwide. In the Philippines, MYSTIC collects “GSM, Short Message Service (SMS) and Call Detail Records” via access provided by a “DSD asset in a Philippine provider site.” (The DSD refers to the Defence Signals Directorate, an arm of Australian intelligence. The Australian consulate in New York declined to comment.) The operation in Kenya is “sponsored” by the CIA, according to the documents, and collects “GSM metadata with the potential for content at a later date.” The Mexican operation is likewise sponsored by the CIA. The documents don’t say how or under what pretenses the agency is gathering call data in those countries.

    In the Bahamas, the documents say, the NSA intercepts GSM data that is transmitted over what is known as the “A link”–or “A interface”–a core component of many mobile networks. The A link transfers data between two crucial parts of GSM networks – the base station subsystem, where phones in the field communicate with cell towers, and the network subsystem, which routes calls and text messages to the appropriate destination. “It’s where all of the telephone traffic goes,” says the former engineer.

    Punching into this portion of a county’s mobile network would give the NSA access to a virtually non-stop stream of communications. It would also require powerful technology.

    “I seriously don’t think that would be your run-of-the-mill legal interception equipment,” says the former engineer, who worked with hardware and software that typically maxed out at 1,000 intercepts. The NSA, by contrast, is recording and storing tens of millions of calls – “mass surveillance,” he observes, that goes far beyond the standard practices for lawful interception recognized around the world.

    The Bahamas Telecommunications Company did not respond to repeated phone calls and emails.

    If the U.S. government wanted to make a case for surveillance in the Bahamas, it could point to the country’s status as a leading haven for tax cheats, corporate shell games, and a wide array of black-market traffickers. The State Department considers the Bahamas both a “major drug-transit country” and a “major money laundering country” (a designation it shares with more than 60 other nations, including the U.S.). According to the International Monetary Fund, as of 2011 the Bahamas was home to 271 banks and trust companies with active licenses. At the time, the Bahamian banks held $595 billion in U.S. assets.

    But the NSA documents don’t reflect a concerted focus on the money launderers and powerful financial institutions – including numerous Western banks – that underpin the black market for narcotics in the Bahamas. Instead, an internal NSA presentation from 2013 recounts with pride how analysts used SOMALGET to locate an individual who “arranged Mexico-to-United States marijuana shipments” through the U.S. Postal Service.

    marijauna
    A slide from a 2013 NSA Special Source Operations presentation

    The presentation doesn’t say whether the NSA shared the information with the DEA. But the drug agency’s Special Operations Divison has come under fire for improperly using classified information obtained by the NSA to launch criminal investigations – and then creating false narratives to mislead courts about how the investigations began. The tactic – known as parallel construction – was first reported by Reuters last year, and is now under investigation by the Justice Department’s inspector general.

    So: Beyond a desire to bust island pot dealers, why would the NSA choose to apply a powerful collection tool such as SOMALGET against the Bahamas, which poses virtually no threat to the United States?

    The answer may lie in a document that characterizes the Bahamas operation as a “test bed for system deployments, capabilities, and improvements” to SOMALGET. The country’s small population – fewer than 400,000 residents – provides a manageable sample to try out the surveillance system’s features. Since SOMALGET is also operational in one other country, the Bahamas may be used as a sort of guinea pig to beta-test improvements and alterations without impacting the system’s operations elsewhere.

    “From an engineering point of view it makes perfect sense,” says the former engineer. “Absolutely.”

    Beyond the Bahamas, the other countries being targeted by MYSTIC are more in line with the NSA’s more commonly touted priorities. In Kenya, the U.S. works closely with local security forces in combating the militant fundamentalist group Al-Shabab, based in neighboring Somalia. In the Philippines, the U.S. continues to support a bloody shadow war against Islamist extremists launched by the Bush administration in 2002. Last month, President Barack Obama visited Manila to sign a military pact guaranteeing that U.S. operations in Southeast Asia will continue and expand for at least another decade.

    Mexico, another country targeted by MYSTIC, has received billions of dollars in police, military, and intelligence aid from the U.S. government over the past seven years to fight the war on drugs, a conflict that has left more than 70,000 Mexicans dead by some estimates. Attorney General Eric Holder has described Mexican drug cartels as a U.S. “national security threat,” and in 2009, then-CIA director Michael Hayden said the violence and chaos in Mexico would soon be the second greatest security threat facing the U.S. behind Al Qaeda.

    Photo credit: Marcelo A. Salinas/MCT/Zumapress.com
    Photo credit: Marcelo A. Salinas/MCT/Zumapress.com

    The legality of the NSA’s sweeping surveillance in the Bahamas is unclear, given the permissive laws under which the U.S intelligence community operates. Earlier this year, President Obama issued a policy directive imposing “new limits” on the U.S. intelligence community’s use of “signals intelligence collected in bulk.” In addition to threats against military or allied personnel, the directive lists five broad conditions under which the agency would be permitted to trawl for data in unrestricted dragnets: threats posed by foreign powers, terrorism, weapons of mass destruction, cybersecurity, and “transnational criminal threats, including illicit finance and sanctions evasion.”

    SOMALGET operates under Executive Order 12333, a Reagan-era rule establishing wide latitude for the NSA and other intelligence agencies to spy on other countries, as long as the attorney general is convinced the efforts are aimed at gathering foreign intelligence. In 2000, the NSA assured Congress that all electronic surveillance performed under 12333 “must be conducted in a manner that minimizes the acquisition, retention, and dissemination of information about unconsenting U.S. persons.” In reality, many legal experts point out, the lack of judicial oversight or criminal penalties for violating the order render the guidelines meaningless.

    “I think it would be open, whether it was legal or not,” says German, the former FBI agent. “Because we don’t have all the facts about how they’re doing it. For a long time, the NSA has been interpreting their authority in the broadest possible way, even beyond what an objective observer would say was reasonable.”

    “An American citizen has Fourth Amendment rights wherever they are,” adds Kurt Opsahl, an attorney with the Electronic Frontier Foundation. “Nevertheless, there have certainly been a number of things published over the last year which suggest that there are broad, sweeping programs that the NSA and other government agencies are doing abroad that sweep up the communications of Americans.”

    Legal or not, the NSA’s covert surveillance of an entire nation suggests that it will take more than the president’s tepid “limits” to rein in the ambitions of the intelligence community. “It’s almost like they have this mentality – if we can, we will,” says German. “There’s no analysis of the long-term risks of doing it, no analysis of whether it’s actually worth the effort, no analysis of whether we couldn’t take those resources and actually put them on real threats and do more good.”

    It’s not surprising, German adds, that the government’s covert program in the Bahamas didn’t remain covert. “The undermining of international law and international cooperation is such a long-term negative result of these programs that they had to know would eventually be exposed, whether through a leak, whether through a spy, whether through an accident,” he says. “Nothing stays secret forever. It really shows the arrogance of these agencies – they were just going to do what they were going to do, and they weren’t really going to consider any other important aspects of how our long-term security needs to be addressed.”

    Documents published with this article:

    SOMALGET memo
    SIDToday: DEA – The “Other” Warfighter
    SSO Dictionary Excerpt
    MYSTIC
    SSO March 14, 2013
    SSO April 18, 2013 – What’s New
    SSO May 2, 2013
    SSO May 3, 2013 – MYSTIC
    SSO May 3, 2012
    Black Budget

    By Ryan Devereaux, Glenn Greenwald and Laura Poitras19 May 2014, 12:37 PM EDT 395

    Find this story at 19 May 2014

    © 2014 First Look Productions, Inc

    Greenwald: Washington Post ‘suppressed’ foreign countries under NSA eavesdropping program

    It’s been a couple of months since the Washington Post published a scoop on the extraordinary overseas eavesdropping capabilities of the U.S. government. Under the bylines of Barton Gellman and Ashkan Soltani, the paper revealed that the National Security Agency (NSA) had amassed a system — known as “MYSTIC” — enabling it to “rewind and review” all of the telephone conversations of a foreign country.

    From the story: “A senior manager for the program compares it to a time machine — one that can replay the voices from any call without requiring that a person be identified in advance for surveillance.” Details on the program came from documents supplied by NSA whistleblower Edward Snowden as well as from sources familiar with the program.

    A really juicy scoop, with one desiccating caveat: The Post withheld a detail critical to understanding the scope and capabilities of the program:

    At the request of U.S. officials, The Washington Post is withholding details that could be used to identify the country where the system is being employed or other countries where its use was envisioned.

    Ah, a legacy media outlet acceding to a request from the U.S. government. Or, in other words, the raison d’etre of Glenn Greenwald, the former Guardian columnist and current First Look Media talent who has long criticized American media outlets for wimping out on disclosure of sensitive information. In a recent interview with Amy Goodman of Democracy Now, Greenwald riffed, “[t]he editors at The Washington Post are very much old-style, old-media, pro-government journalists, the kind who have essentially made journalism in the U.S. neutered and impotent and obsolete.”

    Following the Post’s story on MYSTIC, the Erik Wemple Blog waited a couple of weeks and then asked Greenwald, essentially, where’s your story on this thing? He responded, “I can’t comment on that yet, except to say that, obviously, if we were to publish something that the WashPost has announced it thinks shouldn’t be published, it would take work (and thus time) with editors, lawyers and the like.”

    Time, indeed. Yesterday, The Intercept, First Look Media’s magazine on national security matters, published its version of the Post’s MYSTIC story. In the very headline of the piece, it drew a distinction between its piece and that of the Washington Post: “Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas.”

    The Bahamas? The what?

    Under the bylines of Ryan Devereaux, Greenwald and Laura Poitras, The Intercept reports that the NSA worked with the Drug Enforcement Agency (DEA) to secure a “backdoor” to the cell phone network of the island nation, “without the knowledge or consent of the Bahamian government.” Noting that the agency commonly cites such life-and-death imperatives as anti-terrorism to justify its eavesdropping program, in this case it’s going after drug traffickers and smugglers, “a far cry from derailing terror plots or intercepting weapons of mass destruction,” notes the story.

    If the Bahamas sounds like an odd place on which to focus such a spy initiative, that’s perhaps by design, notes the story: It could well be a “sort of guinea pig to beta-test improvements and alterations without impacting the system’s operations elsewhere.”

    As for the “elsewhere,” Greenwald and The Intercept go there, to a point. Here’s the big reveal of the story: “Documents show that the NSA has been generating intelligence reports from MYSTIC surveillance in the Bahamas, Mexico, Kenya, the Philippines and one other country, which The Intercept is not naming in response to specific, credible concerns that doing so could lead to increased violence. The more expansive full-take recording capability has been deployed in both the Bahamas and the unnamed country.”

    John Cook, The Intercept’s editor-in-chief, declined an interview request about the decisions behind the story, instead leaving the matter to Twitter. Which provides a rich back-and-forth for this case.

    Following publication of the story, Wikileaks ripped The Intercept for failing to embrace a more radical form of transparency:

    The principals then went off to the races:

    And then some input from The Intercept’s priest of adversarial press-government relations:

    Compare that sentiment with what Greenwald tweeted the day the Washington Post published its MYSTIC story:

    As part of the back-and-forth Wikileaks made a bid for renewed relevance with this boast:

    The exchange proves that in the world of radical media-government adversarialists, purity is a prerequisite. Here, Greenwald apparently thought his publication was sticking to its governing principles in publishing the names of four countries, only to get shouted down by Wikileaks for not going far enough (Greenwald couldn’t be reached for comment). In a previous post, Greenwald has criticized the NSA for allegedly spilling details of top-secret programs when it suits its propaganda mission, only to turn around and insist to media outlets that lives will be endangered if they publish sensitive information.

    The Intercept’s partial defiance of the NSA in publishing the names of four countries surely adds contour to the story of MYSTIC — the example of the Bahamas alone fleshes out various legal and diplomatic considerations involved in foreign surveillance. The more careful Washington Post version of the story was interesting yet unsatisfying: Absent a specific country, it was more difficult to reach hard conclusions on the program’s legitimacy, legality and efficacy. Those are the dangers of scaling back detail in consideration of security concerns. When asked if naming just the Bahamas as a way of explaining NSA capabilities would have been a tolerably cautious approach, Washington Post Executive Editor Martin Baron replied, “You make some assumptions here, but I’m not going to address them.”

    There are also perils to The Intercept’s approach. It may have touched off a macho-transparentist scramble to out that one country whose secretness The Intercept genuinely wants to protect.

    Whatever the outcome, each outlet apparently got the same pitch from the government: “We shared with both news outlets the very same concerns about risks to human life and national security,” says NSA spokeswoman Vanee’ Vines in a statement to this blog. She also sent along this statement:

    Every day, NSA provides valuable intelligence on issues of concern to all Americans – such as international terrorism, cyber crime, international narcotics trafficking, and the proliferation of weapons of mass destruction. The fact that the U.S. government works with other nations, under specific and regulated conditions, mutually strengthens the security of all.

    NSA’s efforts are focused on ensuring the protection of the national security of the United States, its citizens, and our allies through the pursuit of valid foreign intelligence targets. Moreover, all of NSA’s efforts are strictly conducted under the rule of law and provide appropriate protection for privacy rights.

    The Agency collects data to meet specific security and intelligence requirements such as counterintelligence, counterterrorism, counterproliferation, cyber security, force protection for U.S. troops and allies, and combating transnational crime.

    Erik Wemple writes the Erik Wemple blog, where he reports and opines on media organizations of all sorts.

    BY ERIK WEMPLE May 20

    Find this story at 20 May 2014

    © 1996-2014 The Washington Post

    Glenn Greenwald: how the NSA tampers with US-made internet routers

    The NSA has been covertly implanting interception tools in US servers heading overseas – even though the US government has warned against using Chinese technology for the same reasons, says Glenn Greenwald, in an extract from his new book about the Snowden affair, No Place to Hide

    For years, the US government loudly warned the world that Chinese routers and other internet devices pose a “threat” because they are built with backdoor surveillance functionality that gives the Chinese government the ability to spy on anyone using them. Yet what the NSA’s documents show is that Americans have been engaged in precisely the activity that the US accused the Chinese of doing.

    Tell us what you think: Star-rate and review this book
    The drumbeat of American accusations against Chinese internet device manufacturers was unrelenting. In 2012, for example, a report from the House Intelligence Committee, headed by Mike Rogers, claimed that Huawei and ZTE, the top two Chinese telecommunications equipment companies, “may be violating United States laws” and have “not followed United States legal obligations or international standards of business behaviour”. The committee recommended that “the United States should view with suspicion the continued penetration of the US telecommunications market by Chinese telecommunications companies”.

    The Rogers committee voiced fears that the two companies were enabling Chinese state surveillance, although it acknowledged that it had obtained no actual evidence that the firms had implanted their routers and other systems with surveillance devices. Nonetheless, it cited the failure of those companies to cooperate and urged US firms to avoid purchasing their products: “Private-sector entities in the United States are strongly encouraged to consider the long-term security risks associated with doing business with either ZTE or Huawei for equipment or services. US network providers and systems developers are strongly encouraged to seek other vendors for their projects. Based on available classified and unclassified information, Huawei and ZTE cannot be trusted to be free of foreign state influence and thus pose a security threat to the United States and to our systems.”

    The constant accusations became such a burden that Ren Zhengfei, the 69-year-old founder and CEO of Huawei, announced in November 2013 that the company was abandoning the US market. As Foreign Policy reported, Zhengfei told a French newspaper: “‘If Huawei gets in the middle of US-China relations,’ and causes problems, ‘it’s not worth it’.”

    But while American companies were being warned away from supposedly untrustworthy Chinese routers, foreign organisations would have been well advised to beware of American-made ones. A June 2010 report from the head of the NSA’s Access and Target Development department is shockingly explicit. The NSA routinely receives – or intercepts – routers, servers and other computer network devices being exported from the US before they are delivered to the international customers.

    The agency then implants backdoor surveillance tools, repackages the devices with a factory seal and sends them on. The NSA thus gains access to entire networks and all their users. The document gleefully observes that some “SIGINT tradecraft … is very hands-on (literally!)”.

    Eventually, the implanted device connects back to the NSA. The report continues: “In one recent case, after several months a beacon implanted through supply-chain interdiction called back to the NSA covert infrastructure. This call back provided us access to further exploit the device and survey the network.”

    It is quite possible that Chinese firms are implanting surveillance mechanisms in their network devices. But the US is certainly doing the same.

    Warning the world about Chinese surveillance could have been one of the motives behind the US government’s claims that Chinese devices cannot be trusted. But an equally important motive seems to have been preventing Chinese devices from supplanting American-made ones, which would have limited the NSA’s own reach. In other words, Chinese routers and servers represent not only economic competition but also surveillance competition.

    The Guardian, Monday 12 May 2014 22.39 BST

    Find this story at 12 May 2014

    © 2014 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    EXCLUSIVE: EMAILS REVEAL CLOSE GOOGLE RELATIONSHIP WITH NSA (2014)

    National Security Agency head and Internet giant’s executives have coordinated through high-level policy discussions

    Email exchanges between National Security Agency Director Gen. Keith Alexander and Google executives Sergey Brin and Eric Schmidt suggest a far cozier working relationship between some tech firms and the U.S. government than was implied by Silicon Valley brass after last year’s revelations about NSA spying.

    Disclosures by former NSA contractor Edward Snowden about the agency’s vast capability for spying on Americans’ electronic communications prompted a number of tech executives whose firms cooperated with the government to insist they had done so only when compelled by a court of law.

    But Al Jazeera has obtained two sets of email communications dating from a year before Snowden became a household name that suggest not all cooperation was under pressure.

    On the morning of June 28, 2012, an email from Alexander invited Schmidt to attend a four-hour-long “classified threat briefing” on Aug. 8 at a “secure facility in proximity to the San Jose, CA airport.”

    “The meeting discussion will be topic-specific, and decision-oriented, with a focus on Mobility Threats and Security,” Alexander wrote in the email, obtained under a Freedom of Information Act (FOIA) request, the first of dozens of communications between the NSA chief and Silicon Valley executives that the agency plans to turn over.

    Alexander, Schmidt and other industry executives met earlier in the month, according to the email. But Alexander wanted another meeting with Schmidt and “a small group of CEOs” later that summer because the government needed Silicon Valley’s help.

    “About six months ago, we began focusing on the security of mobility devices,” Alexander wrote. “A group (primarily Google, Apple and Microsoft) recently came to agreement on a set of core security principles. When we reach this point in our projects we schedule a classified briefing for the CEOs of key companies to provide them a brief on the specific threats we believe can be mitigated and to seek their commitment for their organization to move ahead … Google’s participation in refinement, engineering and deployment of the solutions will be essential.”

    Jennifer Granick, director of civil liberties at Stanford Law School’s Center for Internet and Society, said she believes information sharing between industry and the government is “absolutely essential” but “at the same time, there is some risk to user privacy and to user security from the way the vulnerability disclosure is done.”

    The challenge facing government and industry was to enhance security without compromising privacy, Granick said. The emails between Alexander and Google executives, she said, show “how informal information sharing has been happening within this vacuum where there hasn’t been a known, transparent, concrete, established methodology for getting security information into the right hands.”

    The classified briefing cited by Alexander was part of a secretive government initiative known as the Enduring Security Framework (ESF), and his email provides some rare information about what the ESF entails, the identities of some participant tech firms and the threats they discussed.

    The classified briefing cited by Alexander was part of a secretive government initiative known as the Enduring Security Framework (ESF), and his email provides some rare information about what the ESF entails, the identity of some participant tech firms and the threats they discussed.
    Alexander explained that the deputy secretaries of the Department of Defense, Homeland Security and “18 US CEOs” launched the ESF in 2009 to “coordinate government/industry actions on important (generally classified) security issues that couldn’t be solved by individual actors alone.”

    “For example, over the last 18 months, we (primarily Intel, AMD [Advanced Micro Devices], HP [Hewlett-Packard], Dell and Microsoft on the industry side) completed an effort to secure the BIOS of enterprise platforms to address a threat in that area.”

    “BIOS” is an acronym for “basic input/output system,” the system software that initializes the hardware in a personal computer before the operating system starts up. NSA cyberdefense chief Debora Plunkett in December disclosed that the agency had thwarted a “BIOS plot” by a “nation-state,” identified as China, to brick U.S. computers. That plot, she said, could have destroyed the U.S. economy. “60 Minutes,” which broke the story, reported that the NSA worked with unnamed “computer manufacturers” to address the BIOS software vulnerability.

    But some cybersecurity experts questioned the scenario outlined by Plunkett.

    “There is probably some real event behind this, but it’s hard to tell, because we don’t have any details,” wrote Robert Graham, CEO of the penetration-testing firm Errata Security in Atlanta, on his blog in December. “It”s completely false in the message it is trying to convey. What comes out is gibberish, as any technical person can confirm.”

    And by enlisting the NSA to shore up their defenses, those companies may have made themselves more vulnerable to the agency’s efforts to breach them for surveillance purposes.

    “I think the public should be concerned about whether the NSA was really making its best efforts, as the emails claim, to help secure enterprise BIOS and mobile devices and not holding the best vulnerabilities close to their chest,” said Nate Cardozo, a staff attorney with the Electronic Frontier Foundation’s digital civil liberties team.

    He doesn’t doubt that the NSA was trying to secure enterprise BIOS, but he suggested that the agency, for its own purposes, was “looking for weaknesses in the exact same products they’re trying to secure.”

    The NSA “has no business helping Google secure its facilities from the Chinese and at the same time hacking in through the back doors and tapping the fiber connections between Google base centers,” Cardozo said. “The fact that it’s the same agency doing both of those things is in obvious contradiction and ridiculous.” He recommended dividing offensive and defensive functions between two agencies.

    Google, NSA
    The government has asked for Silicon Valley’s help. Adam Berry / Getty Images
    Two weeks after the “60 Minutes” broadcast, the German magazine Der Spiegel, citing documents obtained by Snowden, reported that the NSA inserted back doors into BIOS, doing exactly what Plunkett accused a nation-state of doing during her interview.

    Google’s Schmidt was unable to attend to the mobility security meeting in San Jose in August 2012.

    “General Keith.. so great to see you.. !” Schmidt wrote. “I’m unlikely to be in California that week so I’m sorry I can’t attend (will be on the east coast). Would love to see you another time. Thank you !” Since the Snowden disclosures, Schmidt has been critical of the NSA and said its surveillance programs may be illegal.

    Army Gen. Martin E. Dempsey, chairman of the Joint Chiefs of Staff, did attend that briefing. Foreign Policy reported a month later that Dempsey and other government officials — no mention of Alexander — were in Silicon Valley “picking the brains of leaders throughout the valley and discussing the need to quickly share information on cyber threats.” Foreign Policy noted that the Silicon Valley executives in attendance belonged to the ESF. The story did not say mobility threats and security was the top agenda item along with a classified threat briefing.

    A week after the gathering, Dempsey said during a Pentagon press briefing, “I was in Silicon Valley recently, for about a week, to discuss vulnerabilities and opportunities in cyber with industry leaders … They agreed — we all agreed on the need to share threat information at network speed.”

    Google co-founder Sergey Brin attended previous meetings of the ESF group but because of a scheduling conflict, according to Alexander’s email, he also could not attend the Aug. 8 briefing in San Jose, and it’s unknown if someone else from Google was sent.

    A few months earlier, Alexander had emailed Brin to thank him for Google’s participation in the ESF.

    “I see ESF’s work as critical to the nation’s progress against the threat in cyberspace and really appreciate Vint Cerf [Google’s vice president and chief Internet evangelist], Eric Grosse [vice president of security engineering] and Adrian Ludwig’s [lead engineer for Android security] contributions to these efforts during the past year,” Alexander wrote in a Jan. 13, 2012, email.

    “You recently received an invitation to the ESF Executive Steering Group meeting, which will be held on January 19, 2012. The meeting is an opportunity to recognize our 2012 accomplishments and set direction for the year to come. We will be discussing ESF’s goals and specific targets for 2012. We will also discuss some of the threats we see and what we are doing to mitigate those threats … Your insights, as a key member of the Defense Industrial Base, are valuable to ensure ESF’s efforts have measurable impact.”

    A Google representative declined to answer specific questions about Brin’s and Schmidt’s relationship with Alexander or about Google’s work with the government.

    “We work really hard to protect our users from cyberattacks, and we always talk to experts — including in the U.S. government — so we stay ahead of the game,” the representative said in a statement to Al Jazeera. “It’s why Sergey attended this NSA conference.”

    Brin responded to Alexander the following day even though the head of the NSA didn’t use the appropriate email address when contacting the co-chairman.

    “Hi Keith, looking forward to seeing you next week. FYI, my best email address to use is [redacted],” Brin wrote. “The one your email went to — sergey.brin@google.com — I don’t really check.”

    May 6, 2014 5:00AM ET
    by Jason Leopold @JasonLeopold

    Find this story at 6 May 2014

    © 2014 Al Jazeera America, LLC.

    US tech giants knew of NSA data collection, agency’s top lawyer insists (2014)

    NSA general counsel Rajesh De says big tech companies like Yahoo and Google provided ‘full assistance’ in legally mandated collection of data

    The senior lawyer for the National Security Agency stated on Wednesday that US technology companies were fully aware of the surveillance agency’s widespread collection of data.

    Rajesh De, the NSA general counsel, said all communications content and associated metadata harvested by the NSA under a 2008 surveillance law occurred with the knowledge of the companies – both for the internet collection program known as Prism and for the so-called “upstream” collection of communications moving across the internet.

    Asked during a Wednesday hearing of the US government’s institutional privacy watchdog if collection under the law, known as Section 702 or the Fisa Amendments Act, occurred with the “full knowledge and assistance of any company from which information is obtained,” De replied: “Yes.”

    When the Guardian and the Washington Post broke the Prism story in June, thanks to documents leaked by whistleblower Edward Snowden, nearly all the companies listed as participating in the program – Yahoo, Apple, Google, Microsoft, Facebook and AOL – claimed they did not know about a surveillance practice described as giving NSA vast access to their customers’ data. Some, like Apple, said they had “never heard” the term Prism.

    De explained: “Prism was an internal government term that as the result of leaks became the public term,” De said. “Collection under this program was a compulsory legal process, that any recipient company would receive.”

    After the hearing, De added that service providers also know and receive legal compulsions surrounding NSA’s harvesting of communications data not from companies but directly in transit across the internet under 702 authority.

    The disclosure of Prism resulted in a cataclysm in technology circles, with tech giants launching extensive PR campaigns to reassure their customers of data security and successfully pressing the Obama administration to allow them greater leeway to disclose the volume and type of data requests served to them by the government.

    Last week, Facebook founder Mark Zuckerberg said he had called US president Barack Obama to voice concern about “the damage the government is creating for all our future.” There was no immediate response from the tech companies to De’s comments on Wednesday.

    It is unclear what sort of legal process the government serves on a company to compel communications content and metadata access under Prism or through upstream collection. Documents leaked from Snowden indicate that the NSA possesses unmediated access to the company data.

    The secret Fisa court overseeing US surveillance for the purposes of producing foreign intelligence issues annual authorisations blessing NSA’s targeting and associated procedures under Section 702.After winning a transparency battle with the administration in the Fisa court earlier this year, the companies are now permitted to disclose the range of Fisa orders they receive, in bands of 1,000, which presumably include orders under 702.

    Passed in 2008, Section 702 retroactively gave cover of law to a post-9/11 effort permitting the NSA to collect phone, email, internet and other communications content when one party to the communication is reasonably believed to be a non-American outside the United States. The NSA stores Prism data for five years and communications taken directly from the internet for two years.

    While Section 702 forbids the intentional targeting of Americans or people inside the United States – a practice known as “reverse targeting” – significant amounts of Americans’ phone calls and emails are swept up in the process of collection.

    In 2011, according to a now-declassified Fisa court ruling, the NSA was found to have collected tens of thousands of emails between Americans, which a judge on the court considered a violation of the US constitution and which the NSA says it is technologically incapable of fixing.

    Renewed in December 2012 over the objections of senate intelligence committee members Ron Wyden and Mark Udall, Section 702 also permits NSA analysts to search through the collected communications for identifying information about Americans, an amendment to so-called “minimisation” rules revealed by the Guardian in August and termed the “backdoor search loophole” by Wyden.

    De and his administration colleagues, testifying before the Privacy and Civil Liberties Oversight Board, strongly rejected suggestions by the panel that a court authorise searches for Americans’ information inside the 702 databases. “If you have to go back to court every time you look at the information in your custody, you can imagine that would be quite burdensome,” deputy assistant attorney general Brad Wiegmann told the board.

    De argued that once the Fisa court permits the collection annually, analysts ought to be free to comb through it, and stated that there were sufficient privacy safeguards for Americans after collection and querying had occurred. “That information is at the government’s disposal to review in the first instance,” De said.

    De also stated that the NSA is not permitted to search for Americans’ data from communications taken directly off the internet, citing greater risks to privacy.

    Section 702 is not the only legal authority the US government possesses to harvest data transiting the internet.

    Neither De nor any other US official discussed data taken from the internet under different legal authorities. Different documents Snowden disclosed, published by the Washington Post, indicated that NSA takes data as it transits between Yahoo and Google data centers, an activity reportedly conducted not under Section 702 but under a seminal executive order known as 12333.

    De and his administration colleagues were quick to answer the board that companies were aware of the government’s collection of data under 702, which Robert Litt, general counsel for the director of national intelligence, told the board was “one of the most valuable collection tools that we have.”

    “All 702 collection is pursuant to court directives, so they have to know,” De reiterated to the Guardian.

    • This article was amended on 20 March 2014 to remove statements in the original that the testimony by Rajesh De contradicted denials by technology companies about their knowledge of NSA data collection. It was also updated to clarify that the companies challenged the secrecy surrounding Section 702 orders. Other minor clarifications were also made.

    Spencer Ackerman in Washington
    theguardian.com, Wednesday 19 March 2014 18.40 GMT

    Find this story at 19 March 2014

    © 2014 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    Apple, Google and AT&T meet Obama to discuss NSA surveillance concerns (2013)

    Silicon Valley companies concerned at effect on business as revelations over US government spying spread more widely

    Barack Obama hosted a summit on government surveillance and digital privacy attended by Apple chief executive Tim Cook, Google vice-president Vint Cerf and the boss of US telecoms network AT&T on Thursday.

    The US president attended in person, sources told the Politico blog, as did other technology company executives. Additional attendees included representatives of the Center for Democracy and Technology and Gigi Sohn, leader of internet campaign group Public Knowledge.

    The meeting was apparently prompted by growing concerns among US technology companies that revelations from the Guardian and others about the extent and depth of surveillance by the National Security Agency, and the companies’ obligation to allow access to data under secret court rules, could be damaging their reputation and commercial interests abroad.

    The gathering followed a closed-doors meeting earlier this week with Obama’s chief of staff Denis McDonough and general counsel Kathy Ruemmler at the White House.

    On the agenda at Tuesday’s meeting were the surveillance activities of the NSA, commercial privacy issues and the online tracking of consumers.

    “This is one of a number of discussions the administration is having with experts and stakeholders in response to the president’s directive to have a national dialogue about how to best protect privacy in a digital era, including how to respect privacy while defending our national security,” one official told Politico.

    McDonough and Ruemmler met members of the Information Technology Industry Council, TechNet and Tech America, which represent a range of companies from defence contractors to digital giants Facebook, Google and Microsoft.

    Campaigners including the American Civil Liberties Union and the Electronic Privacy information Center were also present, Politico’s Tony Romm reported.

    The Guardian’s revelations about the breadth of the NSA’s access to data, particularly relating to foreign individuals, has created PR problems for US companies. Apple has set its sights on China as a huge potential growth market, but if people there fear eavesdropping by the US government it could harm sales. And Google stands to lose business in cloud computing to European rivals if customers fear similar eavesdropping. Cloud computing companies have estimated they could lose billions of dollars of business as a result.

    The White House is also battling to respond to growing unrest over surveillance of citizens by the state and the vast caches of data many digital giants are now storing about individual consumers.

    Obama has promised more public debate about the country’s counterterrorism activities and privacy safeguards in general amid signs of widespread support for NSA whistleblower Edward Snowden, but officials have so far declined to provide details about this week’s technology summits.

    The meetings came as a wave of Americans posted messages of support to the former security contractor, whose leaks exposed the extent of government sponsored surveillance in the US and Europe.

    A website launched by the digital rights group Fight for the Future on Wednesday has attracted more than 10,000 posts expressing support for Snowden’s actions. Billed as an exercise to put faces to statistics, the website features a combination of photographs of individuals holding up signs and written words of support.

    In June, Reuters/Ipsos found 31% of respondents believed Snowden was a patriot, while 23% thought he was a traitor. Another 46% said they did not know. Gallup found in June that 53% of respondents disapproved of government snooping programmes, while just 37% approved and 10% had no opinion.

    In a statement, Fight for the Future cofounder Tiffiniy Cheng said: “We’ve seen an unbelievable response already – the messages keep streaming in. The government reads the same polls that we do. They know that Snowden has the public’s support. But now we’re adding faces to those statistics. As someone who volunteered and worked for Obama’s election, I feel totally burned by the president’s civil liberties and human rights records. If he truly cares about representing the American people, he should turn his attention to shutting down the NSA’s illegal surveillance programs, and leave Mr Snowden alone.”

    The website was launched shortly before Obama pulled out of a presidential meeting with Russia’s leader Vladimir Putin in Moscow next month. This followed Russia’s decision to grant Snowden asylum.

    Juliette Garside
    theguardian.com, Friday 9 August 2013 17.37 BST

    Find this story at 9 August 2013

    © 2014 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    BT and Vodafone among telecoms companies passing details to GCHQ (2013)

    Fears of customer backlash over breach of privacy as firms give GCHQ unlimited access to their undersea cables

    Some of the world’s leading telecoms firms, including BT and Vodafone, are secretly collaborating with Britain’s spy agency GCHQ, and are passing on details of their customers’ phone calls, email messages and Facebook entries, documents leaked by the whistleblower Edward Snowden show.

    BT, Vodafone Cable, and the American firm Verizon Business – together with four other smaller providers – have given GCHQ secret unlimited access to their network of undersea cables. The cables carry much of the world’s phone calls and internet traffic.

    In June the Guardian revealed details of GCHQ’s ambitious data-hoovering programmes, Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. It emerged GCHQ was able to tap into fibre-optic cables and store huge volumes of data for up to 30 days. That operation, codenamed Tempora, has been running for 20 months.

    On Friday Germany’s Süddeutsche newspaper published the most highly sensitive aspect of this operation – the names of the commercial companies working secretly with GCHQ, and giving the agency access to their customers’ private communications. The paper said it had seen a copy of an internal GCHQ powerpoint presentation from 2009 discussing Tempora.

    The document identified for the first time which telecoms companies are working with GCHQ’s “special source” team. It gives top secret codenames for each firm, with BT (“Remedy”), Verizon Business (“Dacron”), and Vodafone Cable (“Gerontic”). The other firms include Global Crossing (“Pinnage”), Level 3 (“Little”), Viatel (“Vitreous”) and Interoute (“Streetcar”). The companies refused to comment on any specifics relating to Tempora, but several noted they were obliged to comply with UK and EU law.

    The revelations are likely to dismay GCHQ and Downing Street, who are fearful that BT and the other firms will suffer a backlash from customers furious that their private data and intimate emails have been secretly passed to a government spy agency. In June a source with knowledge of intelligence said the companies had no choice but to co-operate in this operation. They are forbidden from revealing the existence of warrants compelling them to allow GCHQ access to the cables.

    Together, these seven companies operate a huge share of the high-capacity undersea fibre-optic cables that make up the backbone of the internet’s architecture. GCHQ’s mass tapping operation has been built up over the past five years by attaching intercept probes to the transatlantic cables where they land on British shores. GCHQ’s station in Bude, north Cornwall, plays a role. The cables carry data to western Europe from telephone exchanges and internet servers in north America. This allows GCHQ and NSA analysts to search vast amounts of data on the activity of millions of internet users. Metadata – the sites users visit, whom they email, and similar information – is stored for up to 30 days, while the content of communications is typically stored for three days.

    GCHQ has the ability to tap cables carrying both internet data and phone calls. By last year GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.

    Each of the cables carries data at a rate of 10 gigabits per second, so the tapped cables had the capacity, in theory, to deliver more than 21 petabytes a day – equivalent to sending all the information in all the books in the British Library 192 times every 24 hours.

    This operation is carried out under clandestine agreements with the seven companies, described in one document as “intercept partners”. The companies are paid for logistical and technical assistance.

    The identity of the companies allowing GCHQ to tap their cables was regarded as extremely sensitive within the agency. Though the Tempora programme itself was classified as top secret, the identities of the cable companies was even more secret, referred to as “exceptionally controlled information”, with the company names replaced with the codewords, such as “GERONTIC”, “REMEDY” and “PINNAGE”.

    However, some documents made it clear which codenames referred to which companies. GCHQ also assigned the firms “sensitive relationship teams”. One document warns that if the names emerged it could cause “high-level political fallout”.

    Germans have been enraged by the revelations of spying by the National Security Agency and GCHQ after it emerged that both agencies were hoovering up German data as well. On Friday the Süddeutsche said it was now clear that private telecoms firms were far more deeply complicit in US-UK spying activities than had been previously thought.

    The source familiar with intelligence maintained in June that GCHQ was “not looking at every piece of straw” but was sifting a “vast haystack of data” for what he called “needles”.

    He added: “If you had the impression we are reading millions of emails, we are not. There is no intention in this whole programme to use it for looking at UK domestic traffic – British people talking to each other.” The source said analysts used four criteria for determining what was examined: security, terror, organised crime and Britain’s economic wellbeing.”The vast majority of the data is discarded without being looked at … we simply don’t have the resources.”

    Nonetheless, the agency repeatedly referred to plans to expand this collection ability still further in the future.

    Once it is collected, analysts are able to search the information for emails, online chats and browsing histories using an interface called XKeyscore, uncovered in the Guardian on Wednesday. By May 2012, 300 analysts from GCHQ and 250 NSA analysts had direct access to search and sift through the data collected under the Tempora program.

    Documents seen by the Guardian suggest some telecoms companies allowed GCHQ to access cables which they did not themselves own or operate, but only operated a landing station for. Such practices could raise alarm among other cable providers who do not co-operate with GCHQ programmes that their facilities are being used by the intelligence agency.

    Telecoms providers can be compelled to co-operate with requests from the government, relayed through ministers, under the 1984 Telecommunications Act, but privacy advocates have raised concerns that the firms are not doing enough to challenge orders enabling large-scale surveillance, or are co-operating to a degree beyond that required by law.

    “We urgently need clarity on how close the relationship is between companies assisting with intelligence gathering and government,” said Eric King, head of research for Privacy International. “Were the companies strong-armed, or are they voluntary intercept partners?”

    Vodafone said it complied with the laws of all the countries in which its cables operate. “Media reports on these matters have demonstrated a misunderstanding of the basic facts of European, German and UK legislation and of the legal obligations set out within every telecommunications operator’s licence … Vodafone complies with the law in all of our countries of operation,” said a spokesman.

    “Vodafone does not disclose any customer data in any jurisdiction unless legally required to do so. Questions related to national security are a matter for governments not telecommunications operators.”

    A spokeswoman for Interoute said: “As with all communication providers in Europe we are required to comply with European and local laws including those on data protection and retention. From time to time we are presented with requests from authorities. When we receive such requests, they are processed by our legal and security teams and if valid, acted upon.”

    A spokeswoman for Verizon said: “Verizon continually takes steps to safeguard our customers’ privacy. Verizon also complies with the law in every country in which we operate.”

    BT declined to comment.

    James Ball, Luke Harding and Juliette Garside
    The Guardian, Friday 2 August 2013 18.36 BST

    Find this story at 2 August 2013

    © 2014 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    Newly declassified documents on phone records program released (2013)

    Obama administration officials faced deepening political skepticism Wednesday about a far-reaching counterterrorism program that collects millions of Americans’ phone records, even as they released newly declassified documents in an attempt to spotlight privacy safeguards.

    The previously secret material — a court order and reports to Congress — was released by Director of National Intelligence James R. Clapper as a Senate Judiciary Committee hearing opened Wednesday morning in which lawmakers sharply questioned the efficacy of the collection of bulk phone records. A senior National Security Agency official conceded that the surveillance effort was the primary tool in thwarting only one plot — not the dozens that officials had previously suggested.

    Read the documents
    NSA
    Secret FISA court order to Verizon
    The Obama administration declassified government documents related to NSA collection of telephone metadata records on Wednesday.
    Graphic
    How the secret FISA court works Click Here to View Full Graphic Story
    How the secret FISA court works
    Click here to subscribe.

    In recent weeks, political support for such broad collection has sagged, and the House last week narrowly defeated a bipartisan bid to end the program, at least in its current form. On Wednesday, senior Democratic senators voiced equally strong doubts.

    “This bulk-collection program has massive privacy implications,” said Senate Judiciary Committee Chairman Patrick J. Leahy (Vt.). “The phone records of all of us in this room — all of us in this room — reside in an NSA database. I’ve said repeatedly, just because we have the ability to collect huge amounts of data does not mean that we should be doing so. . . . If this program is not effective, it has to end. So far, I’m not convinced by what I’ve seen.”

    Administration officials defended the collection effort and a separate program targeting foreigners’ communication as essential and operating under stringent guidelines.

    “With these programs and other intelligence activities, we are constantly seeking to achieve the right balance between the protection of national security and the protection of privacy and civil liberties,” Deputy Attorney General James Cole said. “We believe these two programs have achieved the right balance.”

    Cole nonetheless said the administration is open to amending the program to achieve greater public trust. Legislation is pending in the Senate that would narrow its scope.

    The NSA program collecting phone records began after the September 2001 terrorist attacks and was brought under the supervision of the Foreign Intelligence Surveillance Court in 2006. But its existence remained hidden until June, when the Guardian newspaper in Britain published a classified FISC order to a U.S. phone company to turn over to the NSA all call records. Former NSA contractor Edward Snowden leaked the order to the newspaper.

    On Wednesday, the Guardian published new documents provided by Snowden that outlined previously unknown features of an NSA data-retrieval system called XKeyscore. The newspaper reported that the search tool allowed analysts to “search with no prior authorization through vast databases containing emails, online chats and the browsing histories of millions of individuals.”

    NSA slides describing the system published with the Guardian article indicated that analysts used it to sift through government databases, including Pinwale, the NSA’s primary storage system for e-mail and other text, and Marina, the primary storage and analysis tool for “metadata.” Another slide described analysts using XKeyscore to access a database containing phone numbers, e-mail addresses, log-ins and Internet user activity generated from other NSA programs.

    The newspaper said the disclosures shed light on Snowden’s claim that the NSA’s surveillance programs allowed him while sitting at his desk to “wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal ­e-mail.” U.S. officials have denied that he had such capability.

    In a statement responding to the Guardian report, the NSA said “the implication that NSA’s collection is arbitrary and unconstrained is false. NSA’s activities are focused and specifically deployed against — and only against — legitimate foreign intelligence targets.” The agency further said: “Access to XKEYSCORE, as well as all of NSA’s analytic tools, is limited to only those personnel who require access for their assigned tasks. . . . Not every analyst can perform every function, and no analyst can operate freely. Every search by an NSA analyst is fully auditable, to ensure that they are proper and within the law.”

    On Wednesday, Clapper disclosed the FISA court’s “primary” order that spells out the program’s collection rules and two reports to Congress that discussed the program, which is authorized under Section 215 of the “business records” provision of the Foreign Intelligence Surveillance Act. Administration officials released the documents to reassure critics that the program is strictly supervised and minimally invasive.

    For instance, the primary order states that only “appropriately trained and authorized personnel” may have access to the records, which consist of phone numbers of calls made and received, their time and duration, but not names and content. Officials call this metadata. The order also states that to query the data, there must be “reasonable, articulable suspicion,” presumably that the number is linked to a foreign terrorist group.

    But the documents fueled more concern about the program’s scope among civil liberties advocates who are pressing the administration to release the legal rationale that might explain what makes such large numbers of records relevant to an authorized investigation. Perhaps most alarming to some critics was the disclosure, in the order, that queries of the metadata return results that are placed into a “corporate store” that may then be searched for foreign intelligence purposes with fewer restrictions.

    That disclosure takes on significance in light of Deputy NSA Director John C. Inglis’s testimony last month that analysts could extend their searches by “three hops.” That means that starting from a target’s phone number, analysts can search on the phone numbers of people in contact with the target, then the numbers of people in contact with that group, and then the numbers of people in contact with that larger pool. That is potentially millions of people, said Jameel Jaffer, deputy legal director of the American Civil Liberties Union, who also testified Wednesday.

    The Office of the DNI earlier released a statement that fewer than 300 numbers were queried in 2012. That could still mean potentially hundreds of millions of records, Sen. Richard J. Durbin (D-Ill.) said at the hearing.

    Also, according to the order, the NSA does not need to audit the results of searches of the corporate store.

    The order asserts that phone metadata could be obtained with a grand jury subpoena. That may be true for one person or even a group of people, but not for all Americans’ phone records, critics said.

    Privacy advocates criticized redactions in the reports to Congress of information about the NSA’s failure to comply with its own internal rules. That is “among the most important information that the American public needs to critically assess whether these programs are proper,” said Mark Rumold, a staff lawyer at the Electronic Frontier Foundation.

    At the hearing, Leahy voiced upset with the administration for suggesting that the program was as effective in thwarting terrorist plots as another NSA program, authorized under Section 702 of FISA and targeting foreigners’ communications. “I don’t think that’s a coincidence when we have people in government make that comparison, but it needs to stop,” he said of attempts to conflate the two programs’ utility.

    He noted that senior officials had testified that the phone logging effort was critical to thwarting 54 plots, but after reviewing NSA material, he said that assertion cannot be made — “not by any stretch.” Pressed by Leahy on the point, Inglis admitted that the program “made a contribution” in 12 plots with a domestic nexus, but only one case came close to a “but-for” or critical contribution.

    Carol D. Leonnig and William Branigin contributed to this report.

    By Ellen Nakashima, Published: July 31, 2013

    Find this story at 31 July 2013

    © 1996-2014 The Washington Post

    Telekom-Riesen helfen den Geheimdiensten (2013)

    Der britische Geheimdienst wurde bei Abhöraktionen umfangreicher von Telekommunikationsfirmen unterstützt als bislang bekannt. Das berichten “Süddeutsche Zeitung” und NDR. Sogar Programmierarbeit soll an die Firmen ausgelagert worden sein.

    Berlin – Laut übereinstimmenden Berichten des NDR und der “Süddeutschen Zeitung” (SZ) sind einige private Telekommunikationsunternehmen stärker in die Abhöraktionen ausländischer Geheimdienste verwickelt als bisher angenommen. Der britische Geheimdienst GCHQ etwa, ein enger Partner des US-Diensts NSA, arbeite beim Abhören des Internetverkehrs mit sieben großen Firmen zusammen.

    NDR und “Süddeutsche Zeitung” beziehen sich in ihren Berichten auf Dokumente des ehemaligen NSA-Vertragsmitarbeiters Edward Snowden, die sie einsehen konnten. Die interne Präsentation von 2009 nennt neben den internationalen Unternehmen British Telecom, Verizon und Vodafone auch die Netzwerkbetreiber Level 3, Interoute, Viatel und Global Crossing als Schlüsselpartner des GCHQ. Global Crossing wurde inzwischen von Level 3 gekauft.

    Gemeinsam spannen die Unternehmen laut NDR und “SZ” ein engmaschiges Datennetz über Europa und weite Teile der Welt. Einige Firmen wie Level 3 betreiben in Deutschland demnach große Datenzentren. Demnach betreibt Level 3 Rechenzentren in mehreren deutschen Städten, ein Transatlantikkabel von Global Crossing ist in Westerland auf Sylt mit deutschen Netzen verbunden. Das Unternehmen Interoute, das den Unterlagen zufolge auch mit dem GCHQ kooperiert, betreibt 15 Netzknoten in Deutschland.

    Teilweise sei die Kooperation mit dem Geheimdienst über den einfachen Zugang zu den Datennetzen hinausgegangen, berichten “SZ” und NDR. Einige Firmen sollen laut den Dokumenten sogar Computerprogramme entwickelt haben, um dem britischen Geheimdienst das Abfangen von Daten aus ihren Netzen zu erleichtern. Faktisch habe der GCHQ einen Teil seiner Ausspäharbeit an Privatunternehmen delegiert.

    Viatel bestreitet Zusammenarbeit

    Die meisten der Unternehmen verwiesen laut NDR und “SZ” auf Gesetze, die Regierungen erlaubten, Firmen unter bestimmten Umständen zur Herausgabe von Informationen zu verpflichten. Viatel widersprach den Angaben und erklärte, nicht mit dem GCHQ zu kooperieren und dem Geheimdienst auch keinen Zugang zur eigenen Infrastruktur oder zu Kundendaten zu gewähren.

    02. August 2013, 09:20 Uhr

    Find this story at 2 August 2013

    © SPIEGEL ONLINE 2013

    Agreements with private companies protect U.S. access to cables’ data for surveillance (2013)

    The U.S. government had a problem: Spying in the digital age required access to the fiber-optic cables traversing the world’s oceans, carrying torrents of data at the speed of light. And one of the biggest operators of those cables was being sold to an Asian firm, potentially complicating American surveillance efforts.

    Enter “Team Telecom.”

    In months of private talks, the team of lawyers from the FBI and the departments of Defense, Justice and Homeland Security demanded that the company maintain what amounted to an internal corporate cell of American citizens with government clearances. Among their jobs, documents show, was ensuring that surveillance requests got fulfilled quickly and confidentially.

    This “Network Security Agreement,” signed in September 2003 by Global Crossing, became a model for other deals over the past decade as foreign investors increasingly acquired pieces of the world’s telecommunications infrastructure.

    The publicly available agreements offer a window into efforts by U.S. officials to safeguard their ability to conduct surveillance through the fiber-optic networks that carry a huge majority of the world’s voice and Internet traffic.

    The agreements, whose main purpose is to secure the U.S. telecommunications networks against foreign spying and other actions that could harm national security, do not authorize surveillance. But they ensure that when U.S. government agencies seek access to the massive amounts of data flowing through their networks, the companies have systems in place to provide it securely, say people familiar with the deals.

    Negotiating leverage has come from a seemingly mundane government power: the authority of the Federal Communications Commission to approve cable licenses. In deals involving a foreign company, say people familiar with the process, the FCC has held up approval for many months while the squadron of lawyers dubbed Team Telecom developed security agreements that went beyond what’s required by the laws governing electronic eavesdropping.

    The security agreement for Global Crossing, whose fiber-optic network connected 27 nations and four continents, required the company to have a “Network Operations Center” on U.S. soil that could be visited by government officials with 30 minutes of warning. Surveillance requests, meanwhile, had to be handled by U.S. citizens screened by the government and sworn to secrecy — in many cases prohibiting information from being shared even with the company’s executives and directors.

    “Our telecommunications companies have no real independence in standing up to the requests of government or in revealing data,” said Susan Crawford, a Yeshiva University law professor and former Obama White House official. “This is yet another example where that’s the case.”

    The full extent of the National Security Agency’s access to fiber-optic cables remains classified. The Office of the Director of National Intelligence issued a statement saying that legally authorized data collection “has been one of our most important tools for the protection of the nation’s — and our allies’ — security. Our use of these authorities has been properly classified to maximize the potential for effective collection against foreign terrorists and other adversaries.”

    It added, “As always, the Intelligence and law enforcement communities will continue to work with all members of Congress to ensure the proper balance of privacy and protection for American citizens.”

    Collecting information

    Documents obtained by The Washington Post and Britain’s Guardian newspaper in recent weeks make clear how the revolution in information technology sparked a revolution in surveillance, allowing the U.S. government and its allies to monitor potential threats with a reach impossible only a few years earlier.

    Yet any access to fiber-optic cables allows for possible privacy intrusions into Americans’ personal communications, civil libertarians say.

    As people worldwide chat, browse and post images through online services, much of the information flows within the technological reach of U.S. surveillance. Though laws, procedural rules and internal policies limit how that information can be collected and used, the data from billions of devices worldwide flow through Internet choke points that the United States and its allies are capable of monitoring.

    This broad-based surveillance of fiber-optic networks runs parallel to the NSA’s PRISM program, which allows analysts to access data from nine major Internet companies, including Google, Facebook, Microsoft, Yahoo, AOL and Apple, according to classified NSA PowerPoint slides. (The companies have said the collection is legal and limited.)

    One NSA slide titled, “Two Types of Collection,” shows both PRISM and a separate effort labeled “Upstream” and lists four code names: Fairview, Stormbrew, Blarney and Oakstar. A diagram superimposed on a crude map of undersea cable networks describes the Upstream program as collecting “communications on fiber cables and infrastructure as data flows past.”

    The slide has yellow arrows pointing to both Upstream and PRISM and says, “You Should Use Both.” It also has a header saying “FAA 702 Operations,” a reference to a section of the amended Foreign Intelligence Surveillance Act that governs surveillance of foreign targets related to suspected terrorism and other foreign intelligence.

    Under that provision, the government may serve a court order on a company compelling it to reach into its networks for data on multiple targets who are foreigners reasonably believed to be overseas. At an Internet gateway, the government may specify a number of e-mail addresses of foreigners to be targeted without the court signing off on each one.

    When the NSA is collecting the communications of a foreign, overseas target who is speaking or e-mailing with an American, that American’s e-mail or phone call is considered to be “incidentally” collected. It is considered “inadvertently” collected if the target actually turns out to be an American, according to program rules and people familiar with them. The extent of incidental and inadvertent collection has not been disclosed, leading some lawmakers to demand disclosure of estimates of how many Americans’ communications have been gathered. No senior intelligence officials have answered that question publicly.

    Using software that scans traffic and “sniffs out” the targeted e-mail address, the company can pull out e-mail traffic automatically to turn over to the government, according to several former government officials and industry experts.

    It is unclear how effective that approach is compared with collecting from a “downstream” tech company such as Google or Facebook, but the existence of separate programs collecting data from both technology companies and telecommunications systems underscores the reach of government intelligence agencies.

    “People need to realize that there are many ways for the government to get vast amounts of e-mail,” said Chris Soghoian, a technology expert with the American Civil Liberties Union.

    Controlling the data flow

    The drive for new intelligence sources after the Sept. 11, 2001, attacks relied on a key insight: American companies controlled most of the Internet’s essential pipes, giving ample opportunities to tap the torrents of data flowing by. Even terrorists bent on destruction of the United States, it turned out, talked to each other on Web-based programs such as Microsoft’s Hotmail.

    Yet even data not handled by U.S.-based companies generally flowed across parts of the American telecommunications infrastructure. Most important were the fiber-optic cables that largely have replaced the copper telephone wires and the satellite and microwave transmissions that, in an earlier era, were the most important targets for government surveillance.

    Fiber-optic cables, many of which lie along the ocean floor, provide higher-quality transmission and greater capacity than earlier technology, with the latest able to carry thousands of gigabits per second.

    The world’s hundreds of undersea cables now carry 99 percent of all intercontinental data, a category that includes most international phone calls, as well, says TeleGeography, a global research firm.

    The fiber-optic networks have become a rich source of data for intelligence agencies. The Guardian newspaper reported last month that the Government Communications Headquarters, the British equivalent of the NSA, taps and stores data flowing through the fiber-optic cables touching that nation, a major transit point for data between Europe and the Americas. That program, code-named Tempora, shares data with the NSA, the newspaper said.

    Tapping undersea transmission cables had been a key U.S. surveillance tactic for decades, dating back to the era when copper lines carrying sensitive telephone communications could be accessed by listening devices divers could place on the outside of a cable’s housing, said naval historian Norman Polmar, author of “Spy Book: The Encyclopedia of Espionage.”

    “The U.S. has had four submarines that have been outfitted for these special missions,” he said.

    But the fiber-optic lines — each no thicker than a quarter — were far more difficult to tap successfully than earlier generations of undersea technology, and interception operations ran the risk of alerting cable operators that their network had been breached.

    It’s much easier to collect information from any of dozens of cable landing stations around the world — where data transmissions are sorted into separate streams — or in some cases from network operations centers that oversee the entire system, say those familiar with the technology who spoke on the condition of anonymity to discuss sensitive intelligence matters.

    Expanding powers

    In the aftermath of the Sept. 11 attacks, the NSA said its collection of communications inside the United States was constrained by statute, according to a draft report by the agency’s inspector general in 2009, which was obtained by The Post and the Guardian. The NSA had legal authority to conduct electronic surveillance on foreigners overseas, but the agency was barred from collecting such information on cables as it flowed into and through the United States without individual warrants for each target.

    “By 2001, Internet communications were used worldwide, underseas cables carried huge volumes of communications, and a large amount of the world’s communications passed through the United States,” the report said. “Because of language used in the [Foreign Intelligence Surveillance] Act in 1978, NSA was required to obtain court orders to target e-mail accounts used by non-U.S. persons outside the United States if it intended to intercept the communications at a webmail service within the United States. Large numbers of terrorists were using such accounts in 2001.”

    As a result, after White House and CIA officials consulted with the NSA director, President George W. Bush, through a presidential order, expanded the NSA’s legal authority to collect communications inside the United States. The President’s Surveillance Program, the report said, “significantly increased [NSA’s] access to transiting foreign communications.”

    Gen. Michael Hayden, then the NSA director, described that information as “the real gold of the program” that led to the identification of threats within the United States, according to the inspector general’s report.

    Elements of the President’s Surveillance Program became public in 2005, when the New York Times reported the government’s ability to intercept e-mail and phone call content inside the United States without court warrants, sparking controversy. The FISA court began oversight of those program elements in 2007.

    As these debates were playing out within the government, Team Telecom was making certain that surveillance capacity was not undermined by rising foreign ownership of the fiber-optic cables that the NSA was using.

    The Global Crossing deal created particular concerns. The company had laid an extensive network of undersea cables in the world, but it went bankrupt in 2002 after struggling to handle more than $12 billion in debt.

    Two companies, one from Singapore and a second from Hong Kong, struck a deal to buy a majority stake in Global Crossing, but U.S. government lawyers immediately objected as part of routine review of foreign investment into critical U.S. infrastructure.

    President Gerald Ford in 1975 had created an interagency group — the Committee on Foreign Investment in the United States, or CFIUS — to review deals that might harm U.S. national security. Team Telecom grew out of that review process. Those executive branch powers were expanded several times over the decades and became even more urgent after the Sept. 11 attacks, when the Defense Department became an important player in discussions with telecommunications companies.

    The Hong Kong company soon withdrew from the Global Crossing deal, under pressure from Team Telecom, which was worried that the Chinese government might gain access to U.S. surveillance requests and infrastructure, according to people familiar with the negotiations.

    Singapore Technologies Telemedia eventually agreed to a slate of concessions, including allowing half of the board of directors of a new subsidiary managing the undersea cable network to consist of American citizens with security clearances. They would oversee a head of network operations, a head of global security, a general counsel and a human resources officer — all of whom also would be U.S. citizens with security clearances. The FBI and the departments of Defense, Justice and Homeland Security had the power to object to any appointments to those jobs or to the directors who had to be U.S. citizens.

    U.S. law already required that telecommunications companies doing business in the United States comply with surveillance requests, both domestic and international. But the security agreement established the systems to ensure that compliance and to make sure foreign governments would not gain visibility into the working of American telecommunications systems — or surveillance systems, said Andrew D. Lipman, a telecommunications lawyer who has represented Global Crossing and other firms in negotiating such deals.

    “These Network Security Agreements flesh out the details,” he said.

    Lipman, a partner with Bingham McCutchen, based in Washington, said the talks with Team Telecom typically involve little give and take. “It’s like negotiating with the Motor Vehicle Department,” he said.

    Singapore Technologies Telemedia sold Global Crossing in 2011 to Level 3 Communications, a company based in Colorado. But the Singaporean company maintained a minority ownership stake, helping trigger a new round of review by Team Telecom and a new Network Security Agreement that added several new conditions.

    A spokesman for Level 3 Communications declined to comment for this article.

    By Craig Timberg and Ellen Nakashima, Published: July 7, 2013

    Find this story at 7 July 2013

    © 1996-2014 The Washington Post

    Microsoft handed the NSA access to encrypted messages (2013)

    • Secret files show scale of Silicon Valley co-operation on Prism
    • Outlook.com encryption unlocked even before official launch
    • Skype worked to enable Prism collection of video calls
    • Company says it is legally compelled to comply

    Microsoft has collaborated closely with US intelligence services to allow users’ communications to be intercepted, including helping the National Security Agency to circumvent the company’s own encryption, according to top-secret documents obtained by the Guardian.

    The files provided by Edward Snowden illustrate the scale of co-operation between Silicon Valley and the intelligence agencies over the last three years. They also shed new light on the workings of the top-secret Prism program, which was disclosed by the Guardian and the Washington Post last month.

    The documents show that:

    • Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;

    • The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;

    • The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;

    • Microsoft also worked with the FBI’s Data Intercept Unit to “understand” potential issues with a feature in Outlook.com that allows users to create email aliases;

    • In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;

    • Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a “team sport”.

    The latest NSA revelations further expose the tensions between Silicon Valley and the Obama administration. All the major tech firms are lobbying the government to allow them to disclose more fully the extent and nature of their co-operation with the NSA to meet their customers’ privacy concerns. Privately, tech executives are at pains to distance themselves from claims of collaboration and teamwork given by the NSA documents, and insist the process is driven by legal compulsion.

    In a statement, Microsoft said: “When we upgrade or update products we aren’t absolved from the need to comply with existing or future lawful demands.” The company reiterated its argument that it provides customer data “only in response to government demands and we only ever comply with orders for requests about specific accounts or identifiers”.

    In June, the Guardian revealed that the NSA claimed to have “direct access” through the Prism program to the systems of many major internet companies, including Microsoft, Skype, Apple, Google, Facebook and Yahoo.

    Blanket orders from the secret surveillance court allow these communications to be collected without an individual warrant if the NSA operative has a 51% belief that the target is not a US citizen and is not on US soil at the time. Targeting US citizens does require an individual warrant, but the NSA is able to collect Americans’ communications without a warrant if the target is a foreign national located overseas.

    Since Prism’s existence became public, Microsoft and the other companies listed on the NSA documents as providers have denied all knowledge of the program and insisted that the intelligence agencies do not have back doors into their systems.

    Microsoft’s latest marketing campaign, launched in April, emphasizes its commitment to privacy with the slogan: “Your privacy is our priority.”

    Similarly, Skype’s privacy policy states: “Skype is committed to respecting your privacy and the confidentiality of your personal data, traffic data and communications content.”

    But internal NSA newsletters, marked top secret, suggest the co-operation between the intelligence community and the companies is deep and ongoing.

    The latest documents come from the NSA’s Special Source Operations (SSO) division, described by Snowden as the “crown jewel” of the agency. It is responsible for all programs aimed at US communications systems through corporate partnerships such as Prism.

    The files show that the NSA became concerned about the interception of encrypted chats on Microsoft’s Outlook.com portal from the moment the company began testing the service in July last year.

    Within five months, the documents explain, Microsoft and the FBI had come up with a solution that allowed the NSA to circumvent encryption on Outlook.com chats

    A newsletter entry dated 26 December 2012 states: “MS [Microsoft], working with the FBI, developed a surveillance capability to deal” with the issue. “These solutions were successfully tested and went live 12 Dec 2012.”

    Two months later, in February this year, Microsoft officially launched the Outlook.com portal.

    Another newsletter entry stated that NSA already had pre-encryption access to Outlook email. “For Prism collection against Hotmail, Live, and Outlook.com emails will be unaffected because Prism collects this data prior to encryption.”

    Microsoft’s co-operation was not limited to Outlook.com. An entry dated 8 April 2013 describes how the company worked “for many months” with the FBI – which acts as the liaison between the intelligence agencies and Silicon Valley on Prism – to allow Prism access without separate authorization to its cloud storage service SkyDrive.

    The document describes how this access “means that analysts will no longer have to make a special request to SSO for this – a process step that many analysts may not have known about”.

    The NSA explained that “this new capability will result in a much more complete and timely collection response”. It continued: “This success is the result of the FBI working for many months with Microsoft to get this tasking and collection solution established.”

    A separate entry identified another area for collaboration. “The FBI Data Intercept Technology Unit (DITU) team is working with Microsoft to understand an additional feature in Outlook.com which allows users to create email aliases, which may affect our tasking processes.”

    The NSA has devoted substantial efforts in the last two years to work with Microsoft to ensure increased access to Skype, which has an estimated 663 million global users.

    One document boasts that Prism monitoring of Skype video production has roughly tripled since a new capability was added on 14 July 2012. “The audio portions of these sessions have been processed correctly all along, but without the accompanying video. Now, analysts will have the complete ‘picture’,” it says.

    Eight months before being bought by Microsoft, Skype joined the Prism program in February 2011.

    According to the NSA documents, work had begun on smoothly integrating Skype into Prism in November 2010, but it was not until 4 February 2011 that the company was served with a directive to comply signed by the attorney general.

    The NSA was able to start tasking Skype communications the following day, and collection began on 6 February. “Feedback indicated that a collected Skype call was very clear and the metadata looked complete,” the document stated, praising the co-operation between NSA teams and the FBI. “Collaborative teamwork was the key to the successful addition of another provider to the Prism system.”

    ACLU technology expert Chris Soghoian said the revelations would surprise many Skype users. “In the past, Skype made affirmative promises to users about their inability to perform wiretaps,” he said. “It’s hard to square Microsoft’s secret collaboration with the NSA with its high-profile efforts to compete on privacy with Google.”

    The information the NSA collects from Prism is routinely shared with both the FBI and CIA. A 3 August 2012 newsletter describes how the NSA has recently expanded sharing with the other two agencies.

    The NSA, the entry reveals, has even automated the sharing of aspects of Prism, using software that “enables our partners to see which selectors [search terms] the National Security Agency has tasked to Prism”.

    The document continues: “The FBI and CIA then can request a copy of Prism collection of any selector…” As a result, the author notes: “these two activities underscore the point that Prism is a team sport!”

    In its statement to the Guardian, Microsoft said:

    We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues. First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes.

    Second, our compliance team examines all demands very closely, and we reject them if we believe they aren’t valid. Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate.

    Finally when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That’s why we’ve argued for additional transparency that would help everyone understand and debate these important issues.

    In a joint statement, Shawn Turner, spokesman for the director of National Intelligence, and Judith Emmel, spokeswoman for the NSA, said:

    The articles describe court-ordered surveillance – and a US company’s efforts to comply with these legally mandated requirements. The US operates its programs under a strict oversight regime, with careful monitoring by the courts, Congress and the Director of National Intelligence. Not all countries have equivalent oversight requirements to protect civil liberties and privacy.

    They added: “In practice, US companies put energy, focus and commitment into consistently protecting the privacy of their customers around the world, while meeting their obligations under the laws of the US and other countries in which they operate.”

    • This article was amended on 11 July 2013 to reflect information from Microsoft that it did not make any changes to Skype to allow Prism collection on or around July 2012.

    Glenn Greenwald, Ewen MacAskill, Laura Poitras, Spencer Ackerman and Dominic Rushe
    The Guardian, Friday 12 July 2013

    Find this story at 12 July 2013

    © 2014 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    Microsoft soll seit Jahren mit US-Ermittlern kooperieren (2013)

    Microsoft arbeitet angeblich intensiv mit US-Geheimdiensten zusammen. Nach Informationen, die Edward Snowden dem “Guardian” zugespielt hat, soll der Konzern den Ermittlern Zugang zu E-Mails und Skype-Gesprächen gewährt und sogar die firmeneigene Verschlüsselung ausgehebelt haben.

    Hamburg/London – Edward Snowden hat mit seinen Enthüllungen über die globale Datenschnüffelei der US-Geheimdienste nicht nur die amerikanische Politik in helle Aufregung versetzt, sondern auch die dortige IT-Branche. Giganten wie Facebook, Apple, Google und Microsoft haben bisher versucht, den Eindruck zu erwecken, ihre Zusammenarbeit mit den US-Behörden beschränke sich auf das Nötigste.

    Jetzt aber berichtet der britische “Guardian”, wie Microsoft mit den Ermittlern kooperiert. Demnach zeigen Informationen von Snowden, dass das Unternehmen seit drei Jahren intensiv mit US-Geheimdiensten zusammenarbeitet.

    Die National Security Agency (NSA) habe etwa die Sorge geäußert, Web-Chats auf dem neuen Outlook.com-Portal nicht mitlesen zu können. Microsoft habe daraufhin der NSA geholfen, die konzerneigene Verschlüsselungstechnik zu umgehen. Dieses Vorgehen soll sich dem Bericht zufolge nicht auf die Web-Chats beschränkt haben: Die NSA soll auch Zugang zu E-Mails auf Outlook.com und Hotmail trotz der Verschlüsselung gehabt haben.

    Auch der Internettelefoniedienst Skype, den Microsoft im Oktober 2011 gekauft hat, geriet ins Visier der NSA: Laut “Guardian” hat die Firma Geheimdiensten ermöglicht, im Rahmen des “Prism”-Überwachungsprogramms sowohl Video- als auch Audio-Unterhaltungen mitzuschneiden.

    Microsoft begründete sein Vorgehen mit rechtlichen Zwängen: “Wenn wir Produkte verbessern, müssen wir uns weiterhin Anfragen beugen, die mit dem Gesetz in Einklang sind.” Das Unternehmen betonte, dass es Kundendaten nur auf Anfrage der Regierung herausgebe – und auch das nur, wenn es um spezifische Konten oder Nutzer gehe.

    Spannungen zwischen Silicon Valley und Obama-Regierung

    Aus den Unterlagen geht laut “Guardian” hervor, dass das durch “Prism” gesammelte Material routinemäßig an das FBI und den US-Auslandsgeheimdienst CIA geht. In einem NSA-Dokument sei von einem “Mannschaftssport” die Rede.

    Die neuen Informationen zeigen nach Angaben des “Guardian” auch, dass es Spannungen zwischen dem Silicon Valley, Standort zahlreicher Computerunternehmen, und der Regierung von US-Präsident Barack Obama gibt. Alle großen Technologiefirmen drängten die US-Regierung, ihnen zu erlauben, das Ausmaß der Zusammenarbeit mit den Behörden öffentlich zu machen, um den Datenschutzbedenken ihrer Kunden gerecht zu werden.

    11. Juli 2013, 23:34 Uhr

    Find this story at 11 July 2013

    © SPIEGEL ONLINE 2013

    Former Colombia intelligence chief sentenced to 10 years over illegal wiretapping

    A former executive of Colombia’s now-defunct intelligence agency DAS was sentenced to 9 years and 10 months in prison on Thursday for his role in the illegal wiretapping of Supreme Court justices and government critics during the Alvaro Uribe administrations (2002-2010).

    The ex-intelligence director of the DAS was found guilty of conspiracy to commit a crime, violation of communication equipment, illicit use of wiretapping equipment and abuse of power.

    Carlos Arzayus is one of a handful of former intelligence officials found guilty for the illegal surveillance on Supreme Court magistrates, journalists, human rights campaigners and government opponents during the Uribe years.

    Additionally, Arzayus was ordered to pay damages to the victims of the illegal wiretapping.

    According to newspaper El Pais, the former intelligence executive confessed in the investigation that is was Maria del Pilar Hurtado, the fugitive ex director of DAS, who had ordered the espionage arguing that the orders came from the presidential palace.

    Del Pilar Hurtado received political asylum in November 2010 after claiming she had fell victim to political persecution

    Mar 20, 2014 posted by Larisa Sioneriu

    Find this story at 20 March 2014

    Colombia Reports © 2014

    DAS wiretapping scandal

    The DAS wiretapping scandal unfolded in 2008 after opposition politicians, media and authorities discovered that Colombia’s now-defunct intelligence agency, the DAS, had been spying on the Supreme Court, journalists, human rights defenders and politicians. Later dubbed the “Colombian Watergate” scandal, it sparked a worldwide outrage as it not only implicated the Colombian president as the alleged force behind the illegal surveillance but also drew ties to the US — a close ally and financial contributor to Colombia.

    Main wiretapping targets

    Politicians

    Gustavo Petro (then-Senator for Demoratic Pole)
    Carlos Gaviria (then-Democratic Pole leader)
    Luis Eduardo Garzón (then-Green Party leader)
    Ernesto Samper (former president)
    Andres Pastrana (former president)
    Piedad Cordoba (then-senator)

    Supreme Court

    Ivan Velasquez (assistant judge)
    Cesar Julio Valencia (chief justice)
    Yesid Ramírez (former judge)

    Human Rights defenders, NGOs

    The José Alvear Restrepo Lawyers’ Collective
    CODHES
    San Jose de Apartado Peace Community
    UNHCR
    Human Rights Watch
    Washington Office on Latin America
    International Federation on Human Rights

    Journalists

    Hollman Morris
    Daniel Coronell
    Claudia Julieta Duque

    The DAS illegal wiretapping methods first surfaced in 2008 after then-Senator Gustavo Petro, received intelligence documents proving he had been shadowed and wiretapped.

    The scandal almost immediately cost the head of DAS director Maria del Pilar Hurtado who, in spite of initially denying her agency had been involved with illegal activities, was forced to leave her post. Del Pilar later fled to Panama where she received political asylum months before the Supreme Court ordered an arrest warrant.

    But this was just the beginning of an unfolding scandal that uncovered a boundless conspiracy that did not just target politicians, but even more controversially, the Supreme Court, Colombian and foreign human rights organizations, and journalists.

    In February 2009, weekly Semana revealed that the DAS was the main force behind a dark industry that served paramilitaries, guerrillas and corrupt political forces.

    The investigations unveiled a comprehensive and extensive surveillance and interception campaign that had been targeting the Supreme Court in order to discredit the country’s institution that was investigating links between paramilitaries and politicians, the majority being political allies of President Alvaro Uribe.

    The beginning: Uribe appoints DAS executive with paramilitary ties
    The DAS was founded in the 1960 to provide strategic intelligence, criminal investigations, control the external and internal security of the nation and served as Interpol’s liaison in Colombia and was a contact for the US Drug Enforcement Administration (DEA). With close to 6,500 members, the agency reported directly to the President’s Office.

    The DAS began spying on government opponents and critics after Uribe appointed now-convicted Jorge Noguera to run the DAS. Under Noguera, a number of intelligence agents with strong ties to the paramilitary AUC were appointed, and the agency formed the so-called g-3 unit that was in charge of the wiretapping that later became controversial.

    Narvaez, who was fired from the DAS after the breaking of the wiretap scandal, gave workshops at both paramilitary camps and controversial ranchers’ federation Fedegan, whose members have regularly been linked to paramilitary groups.

    The “Special Strategic Intelligence Group” G-3 was formed under Noguera and was assigned the primary responsibilities of monitoring human rights groups that had proven or could potential prove troublesome for Uribe.

    But the specialized unit dissolved in 2005 after Uribe assigned Noguera the position of consul-general in Milan and was replaced by the “National and International Observation Group” (GONI) who continued to carry out similar operations, but focused mainly on Uribe’s political oppositions and the Supreme Court.

    Documents confiscated at the DAS headquarters contained detailed information on magistrates’ families, children and political affiliations.

    Among the victims were Supreme Court magistrate Ivan Velasquez. In 2008 solely, DAS recorded more than 1,900 of Valasquez’s phone conversations who was leading an investigation to uncover ties between politicians and paramilitary groups.

    Other wiretapping victims were late-Presidents Ernesto Samper and Andres Pastrana, and candidates running in the 2006 elections.

    It remains unclear how far the interceptions campaign reached exactly. When prosecutors first searched the agency’s office, agents refused cooperation and security footage from January 2009 showed how computers and boxes had been removed from the office.

    Implicated officials
    DAS

    Jorge Noguera (former director)
    Jorge Noguera
    former director
    Maria del Pilar Hurtado (former director)
    Maria del Pilar Hurtado
    former director
    Jose Miguel Narvaez Former deputy director
    Jose Miguel Narvaez
    Former deputy director
    Fernando Tabares Former deputy director
    Fernando Tabares
    Former deputy director
    Jorge Alberto Lagos Former deputy director
    Jorge Alberto Lagos
    Former deputy director
    William Romero Former deputy director
    William Romero
    Former deputy director
    President’s Office

    Alvaro Uribe President
    Alvaro Uribe
    President
    Bernardo Moreno Chief of Staff
    Bernardo Moreno
    Chief of Staff
    Cesar Obdulio Gaviria Presidential adviser
    Cesar Obdulio Gaviria
    Presidential adviser
    Cesar Mauricio Velasquez Press Secretary
    Cesar Mauricio Velasquez
    Press Secretary
    DAS spying activities abroad
    The actions of DAS extended beyond Colombian borders.

    The agency monitored and shadowed several human rights defenders traveling abroad to attend meetings and conferences.

    MORE: DAS illegal spying in Europe

    In 2010, it was discovered that DAS had send agents to Belgium and Spain to spy on a judge and members of the European Parliament.

    Colombian authorities refused to cooperate following the uncovering of “Operation Europe” which intended to find information to delegitimize the work of European human rights advocates that worked in Colombia.

    MORE: Colombia fails to cooperate in European spying scandal: Report

    The strategy was to discredit such entities by creating press releases, website reports and by waging legal battles against them. DAS members attended NGO seminars, workshops and forums to compile confidential reports which included photographs and films of attendees.

    Evidence provided by the Prosecutor General’s Office showed that the intelligence agency spied on UN officials, including the former director of the Colombia Office of the UN High Commissioner for Human Rights, Michael Fruling.

    Documents on the international non-governmental group Human Rights Watch were also uncovered, with detailed information on the Americas Director Josa Miguel Vivanco.

    In 2008, a series of surveillance operations had reportedly been carried out to spy on Ecuadorean President Rafael Correa.

    The surveillance operations was allegedly launched after the Colombian army conducted a raid on a FARC camp on Ecuadorean territory. According to Semana, members of the security agency were stationed in the Ecuadorean capital in order to intercept both landline and cellphone calls made from Correa’s office.

    US Involvement
    The US fueled $6 billion dollars into the South American country under the Uribe administration for military aid.

    Former US Ambassador William Brownfield said that Washington did know have any knowledge that US-funded equipment that was used for unlawful surveillance. In 2010, the DAS funding was suspended and the funds were transferred to the National Police.

    The Washington Post reported that William Romero, a former director of the Human Resource department of DAS, received CIA training and said in an interview that DAS relied on “US-supplied computers, wiretapping devices, cameras and mobile phone interception systems, as well as rent for safe houses and petty cash for gasoline.”

    “We could have operated” without U.S. assistance, he told the US newspaper, “but not with the same effectiveness.”

    One unit that reportedly relied heavily on US equipment was in fact the GONI unit who’s main objective was spying on Supreme Court magistrates.

    MORE: US Bans Colombian Intelligence Agency As Aid Recipient

    Dismantling of DAS and court cases
    The revelations led to the resignation of more than 33 DAS agents and more than a dozen of arrests.

    Among them was Uribe’s Chief of Staff, Bernardo Moreno, who was barred from holding office and charged with conspiracy, unlawful violation of communications equipment, abuse of power and fraud.

    MORE: Uribe aides called to trial over illegal wiretapping

    Jorge Alberto Lagos, the former deputy director of counterintelligence was originally sentenced to 12 years in prison but received a reduced sentence after he agreed to testify. He later implicated another close aid of Uribe, Jose Obdulio Garviria, as a main promoter of the interception violations.

    Fernando Tabares, another former deputy director of DAS, was also convicted for his role in the illegal wiretapping of government opponents and is serving eight years in prison.

    Taberes spoke before the Supreme Court saying that he attended a meeting with then-DAS analysis chief Marta Leal and Uribe’s chief of staff in which he was told the president required intelligence regarding Supreme Court justices, congressmen, and journalists.

    MORE: Uribe gave orders during wiretap scandal: Former intelligence executive

    Uribe has not been formally charged for the DAS scandal and has continuously denied his involvement. Congress has been conducting a preliminary investigation since 2010.

    MORE: Congress Formally Opens Uribe Wiretap Investigation

    Maria del Pilar Hurtado fled Colombia in November 2011 and received political asylum by the Panamian administration of Ricardo Martinelli, a personal friend of Uribe.

    In 2011, President Juan Manuel Santos dissolved the DAS agency.

    Feb 24, 2014 posted by Maren Soendergaard

    Find this story at 24 February 2014

    Colombia Reports © 2014

    New Wiretapping Scandal Casts Doubt on Colombian Military’s Support for Peace Talks

    “It’s a relatively small place, near the Galerías shopping mall in western Bogotá. It now doesn’t have the sign outside that had idenfitied it, hanging over the two windows with glass that blocks the view of the interior. In a small terrace, under a black awning, there are eight tables and 24 chairs. Inside there are seven more tables, and a curved staircase that leads to a second floor, which has a large room with a gigantic television and computer workstations. …”

    “Despite the exotic combination of luncheonette and computer instruction center, a secret is hidden there: behind the facade is a National Army signals interception center.”

    The business described here was registered in Bogotá on September 12, 2012, just a few days after Colombian President Juan Manuel Santos announced the launch of talks with the FARC guerrilla group. From this room, reports an investigation published to the website (but not the paper version) of Colombia’s Semana newsmagazine, soldiers and civilian hackers working for Colombian military intelligence carried out illegal wiretaps and email intercepts.

    Their targets included “the same ones as always”–NGOs and leftist politicians. This is outrageous enough. But the Army unit was also tapping into the emails and text messages of the Colombian government team negotiating with the FARC in Havana, Cuba.

    “Jaramillo (Sergio Jaramillo [a negotiator and the high commissioner for peace]), Éder (Alejandro Éder [director of the presidential demobilization and reintegration office, and an alternate negotiator]) and De la Calle (Humberto de la Calle [the lead negotiator]) were some of those whom I remember. The idea was to try to obtain the largest amount of information about what they were talking about, and how it was going,…” a source told Semana.com.

    One of the most important, and most uncertain, questions about Colombia’s peace process with the FARC is the extent to which the country’s powerful military actually supports it. These new revelations multiply the uncertainty.

    President Juan Manuel Santos has gone to great lengths to keep the generals in the tent: defense and security are off the negotiating agenda, a prominent retired general is one of the negotiators, FARC calls for a bilateral cease-fire–which the military resists–have been flatly refused, and the Santos administration has tried (and so far failed) to give military courts greater jurisdiction over human rights cases, in what some analysts regard to be a quid pro quo.

    The chief of Colombia’s armed forces, Gen. Leonardo Barrero, insisted in a recent interview that “we feel very well represented in the dialogues.” But there is little doubt that a significant portion of the officer corps, who have all spent their entire career fighting the FARC, would prefer to end the conflict on the battlefield. It is for that reason that support for ex-president Álvaro Uribe, a fierce opponent of the negotiations, remains high among the officers. As María Isabel Rueda, a longtime reporter and columnist for Colombia’s most-circulated newspaper, El Tiempo, recently put it: “Soldiers have hearts too, and some of them still beat more for Uribe than for Santos.”

    If the armed conflict ends in Havana, Colombia’s military will be in for a rough time, institutionally. Officers and soldiers will be expecting gratitude, and there will be parades, medals, and ceremonies. But post-conflict Colombia will also hold the spectacle of officers accused of human rights abuses forced to undergo humiliating confessions as part of a transitional justice process. A truth commission will detail brutal behavior. And the armed forces, faced with a reality in which citizen security threats outrank national security threats, will find it very hard to justify a membership of 286,000 [PDF] soldiers, sailors, marines and airmen. Latin America’s second-largest armed forces, and its largest army, could shrink considerably. (Colombia’s 175,000-strong police, however, could grow.)

    If the armed forces choose to resist these post-conflict shifts–starting now, while talks continue–they have some assets to deploy. They are huge and politically popular. They have important allies in Colombia’s political establishment, Álvaro Uribe high among them. And they have a crucial ally in the United States, which has forged a deep and broad military-to-military relationship in the 14 years since “Plan Colombia” emerged. Military sources tell Semana that the Army intelligence unit that oversaw the spying operation gets generous support from the CIA. We do not know, though, whether any of the equipment used in the wiretap/luncheonette came from the United States.

    The U.S. role is very important. The Obama administration, the Department of Defense, and the U.S. Southern Command can do much to determine whether Colombia’s civil-military relationship is smooth or friction-filled over the next several years. The key is in the messages that they convey to their allies in the Colombian armed forces–and the central message should be that illegal or undemocratic behavior is counter-productive and will damage the bilateral relationship. And that undermining an elected civilian president’s effort to negotiate peace, or to reconcile the country afterward, counts as “illegal and undemocratic behavior.”

    As criminal investigators try to piece together this new military spying scandal, those messages from the Colombian military’s U.S. “partners” should be louder and clearer than ever.

    5 Feb 2014
    By Adam Isacson

    Find this story at 5 February 2014

    Copyright wola.org

    Colombian military and CIA accused of spying on peace talks

    Colombia’s Defense Minister announced Tuesday that an investigation will be opened into the alleged wiretapping of both the state and rebel delegations to ongoing peace talks between the government and the FARC rebel group.

    The move comes in the wake of revelations published by weekly Semana on Monday.

    Based on 15-months of reporting and testimony from an unnamed inside source, Semana concluded that a Colombian military intelligence unit funded and coordinated by the United States’ Central Intelligence Agency (CIA) used advanced online technology and hacking techniques to monitor the text messages and emails of opposition politicians and representatives of both the government and the FARC involved in the Havana peace negotiations.

    Phone calls, reportedly, were not recorded.

    Classified under the code name “Andromeda,” the military’s Technical Intelligence Battalion’s so-called “gray hall” operated from underneath a registered bar and restaurant in the Colombian capital of Bogota, according to Semana.

    An anonymous military source, said to be a captain in the Colombian military and the supervisor of the clandestine site, told Semana that the Andromeda project was run by Bitec-1, an elite intelligence unit instrumental in the Colombian government’s operations against the FARC, including 2008′s famous Operation Jaque, which resulted in the recovery of 15 hostages in the state of Guaviare, among them former Colombian presidential candidate Ingrid Betancourt, and in which the CIA also played a key role.

    According to the report, the secret intelligence center also recruited civilian hackers called ‘campus parties’ to collaborate with the military on cyber espionage tasks.

    On Tuesday, Defense Minister Juan Carlos Pinzon claimed via twitter that his office would be launching an investigation into “the alleged wiretapping of the negotiating team in Havana.” Senate President Juan Fernando Cristo, meanwhile, has since indicated that a congressional committee will also be assigned to look into the revelations.

    “To follow up on the episodes,” said Cristo, according to national media sources, “we will assign this committee to convene and evaluate the case and also meet with the Minister of Defense, Juan Carlos Pinzón and with the military leadership [involved].”

    Interior Minister Aurelio Iragorri Valencia, meanwhile, said in an interview with Blu Radio that while he questions the accuracy of the espionage allegations, “the complaint is very serious and should be clarified (…).”

    The government’s response is strange, in that if Semana’s reporting is accurate, the Minister of Defense himself would be implicated in the scandal he is now supposedly investigating, as would National Army Commander Juan Pablo Rodriguez Barragan, whom Pinzon publicly placed in charge of the investigation.

    This discrepancy has led opposition political leader Ivan Cepeda to call for the minister’s immediate resignation. Cepeda, a congressman said to be relatively close to the peace talks, is one of a number of opposition political figures who may have been subject to the alleged wiretapping.

    Fellow opposition leader and member of the Colombian Communist Party’s Central Executive Committee Carlos Lozano called the covert intelligence program part of the government’s “antidemocratic measures.” In an interview with Colombia Reports, Lozano went even further than Cepeda and suggested that secret intelligence gathering is part of the broader political targeting of opposition political parties by violent neo-paramilitary groups working in conjunction with the Colombian state.

    So far, Colombia Reports has not been able to obtain a response from the FARC or the Colombian government’s peace delegation regarding the revelations, but further updates will be forthcoming.

    Feb 4, 2014 posted by Maren Soendergaard

    Find this story at 4 February 2014

    Colombia Reports © 2014

    Uribe is behind peace talks wiretapping: FARC

    Colombia’s oldest and largest living rebel group, the FARC, on Wednesday accused former President Alvaro Uribe of being behind the military’s alleged spying on the government and rebel delegations currently engaged in peace talks.

    “Of course, Alvaro Uribe is behind all of this. Don’t forget that Alvaro Uribe is public enemy number one of peace in Colombia,” said the FARC’s number two leader and chief peace talks negotiator “Ivan Marquez” on Wednesday morning.

    This represents the first formal accusation of the former president in his involvement with this ongoing wiretapping scandal that has shaken Colombia.

    Colombian weekly magazine Semana published a 15-month investigative story with accusations that the Armed Forces have been wiretapping both the government’s and the rebel group FARC’s delegations in ongoing peace talks in Havana, Cuba. The report also asserted that the military had been receiving funding and support from the United States’ Central Intelligence Agency (CIA) in carrying out the alleged wiretapping.

    Socialist Colombian congressman Ivan Cepeda was quoted in newspaper La Republica suggesting as well that Uribe could have been behind this wiretapping scandal. When speaking with Colombia Reports, the lawmaker did not formally accuse the ex-president of having a hand in this. Instead, he said that ”this was an action very clearly intended to destabilize the peace process in Havana. I think this action has been publicly promoted by ex-President Alvaro Uribe, and that the ex-president should be investigated for this situation.”

    Just four years ago, Uribe himself was widely suspected of being involved in a large wiretapping scandal that included the illegal spying on and interceptions of calls and emails of opposition politicians, Supreme Court judges, human rights activists and journalists. This scandal ultimately led to the disbanding of the DAS, Colombia’s former security intelligence agency.

    Paralleling his claims during the last scandal, Uribe has denied all involvement or knowledge of this new ordeal after rapidly appearing on radio programs and writing press released to the effect.

    “The Democratic Center (Centro Democratico-CD) –Uribe’s political party– emphatically rejects the biased and malicious versions of [President Juan Manuel] Santos’ government, the FARC and political sectors that are trying to link the ex-president Alvaro Uribe Velez, with the ‘wiretappings of peace negotiators in Havana’ realized by elements of the National Army,” read a Wednesday morning press release.

    Uribe also shot back in an interview with radio station W Radio.

    “With an investigation of 15 months, the president had to have known what was happening!” said the former head of state, pointing out that the director of Semana is a family member of Santos.

    The FARC, in an official statement also released Wednesday expressed disappointment in the government for allowing this to happen, calling “corruption” and “scandals” and “dirty tactics of war” institutionalized in the country. “This will not achieve generating confidence,” read the statement.

    “Marquez” (the nom-de-guerre of Luciano Marin) called this news, “very serious” saying that, “They are not just spying on the government’s peace delegation, but also they are especially doing so on the FARC’s peace delegation.”

    Alvaro Uribe has been an avid dissident of the peace talks ever since their official start in November of 2012. The former president has criticized the fourth historic attempt at dialogues with the FARC on many levels, ranging from saying that the government should not be negotiating with terrorists, to releasing photos of some guerrillas lounging on boats during discussions in Havana.

    Though Uribe never testified in his initial wiretapping scandal, if more evidence besides accusations mounts against him in this case, he may have to testify before a court, or congress.

    Posted on Feb 5 2014 – 12:19pm by Editor

    Find this story at 5 February 2014

    Copyright todaycolombia.com

    U.S. aid implicated in abuses of power in Colombia (2011)

    The Obama administration often cites Colombia’s thriving democracy as proof that U.S. assistance, know-how and commitment can turn around a potentially failed state under terrorist siege.

    The country’s U.S.-funded counterinsurgency campaign against a Marxist rebel group — and the civilian and military coordination behind it — are viewed as so successful that it has become a model for strategy in Afghanistan.

    But new revelations in long-running political scandals under former president Alvaro Uribe, a close U.S. ally throughout his eight-year tenure, have implicated American aid, and possibly U.S. officials, in egregious abuses of power and illegal actions by the Colombian government under the guise of fighting terrorism and drug smuggling.

    American cash, equipment and training, supplied to elite units of the Colombian intelligence service over the past decade to help smash cocaine-trafficking rings, were used to carry out spying operations and smear campaigns against Supreme Court justices, Uribe’s political opponents and civil society groups, according to law enforcement documents obtained by The Washington Post and interviews with prosecutors and former Colombian intelligence officials.

    The revelations are part of a widening investigation by the Colombian attorney general’s office against the Department of Administrative Security, or DAS. Six former high-ranking intelligence officials have confessed to crimes, and more than a dozen other agency operatives are on trial. Several of Uribe’s closest aides have come under scrutiny, and Uribe is under investigation by a special legislative commission.

    U.S. officials have denied knowledge of or involvement in illegal acts committed by the DAS, and Colombian prosecutors have not alleged any American collaboration. But the story of what the DAS did with much of the U.S. aid it received is a cautionary tale of unintended consequences. Just as in Afghanistan and other countries where the United States is intensely focused on winning counterterrorism allies, some recipients of aid to Colombia clearly diverted it to their own political agendas.

    For more than a decade, under three administrations, Colombia has been Washington’s closest friend in Latin America and the biggest recipient of military and economic assistance — $6 billion during Uribe’s 2002-10 presidency. The annual total has fallen only slightly during the Obama administration, to just over a half-billion dollars in combined aid this year.

    Although significant gains were made against the rebels and drug-trafficking groups, former high-ranking intelligence agents say the DAS under Uribe emphasized political targets over insurgents and drug lords. The steady flow of new revelations has continued to taint Colombia’s reputation, even as a government led by Uribe’s successor and former defense minister, Juan Manuel Santos, has pledged to replace the DAS with a new intelligence agency this fall.

    Prosecutors say the Uribe government wanted to “neutralize” the Supreme Court because its investigative magistrates were unraveling ties between presidential allies in the Colombian congress and drug-trafficking paramilitary groups. Basing their case on thousands of pages of DAS documents and the testimony of nine top former DAS officials, the prosecutors say the agency was directed by the president’s office to collect the banking records of magistrates, follow their families, bug their offices and analyze their court rulings.

    “All the activity mounted against us — following us, intercepting our telephones — had one central purpose, to intimidate us,” said Ivan Velasquez, the court’s lead investigative magistrate and a primary target of the DAS surveillance.

    Gustavo Sierra, the imprisoned former DAS chief of analysis, who reviewed intelligence briefs that were sent to the presidency, said that targeting the court “was the priority” for the DAS under Uribe.

    “They hardly ever gave orders against narco-trafficking or guerrillas,” Sierra said in an interview.

    Resources and guidance

    Some of those charged or under investigation have described the importance of U.S. intelligence resources and guidance, and say they regularly briefed embassy “liaison” officials on their intelligence-gathering activities. “We were organized through the American Embassy,” said William Romero, who ran the DAS’s network of informants and oversaw infiltration of the Supreme Court. Like many of the top DAS officials in jail or facing charges, he received CIA training. Some were given scholarships to complete coursework on intelligence-gathering at American universities.

    Romero, who has accepted a plea agreement from prosecutors in exchange for his cooperation, said in an interview that DAS units depended on U.S.-supplied computers, wiretapping devices, cameras and mobile phone interception systems, as well as rent for safe houses and petty cash for gasoline. “We could have operated” without U.S. assistance, he said, “but not with the same effectiveness.”

    One unit dependent on CIA aid, according to the testimony of former DAS officials in depositions, was the National and International Observations Group.

    Set up to root out ties between foreign operatives and Colombian guerrillas, it turned its attention to the Supreme Court after magistrates began investigating the president’s cousin, then-Sen. Mario Uribe, said a former director, German Ospina, in a deposition to prosecutors. The orders came “from the presidency; they wanted immediate results,” Ospina told prosecutors.

    Another unit that operated for eight months in 2005, the Group to Analyze Terrorist Organization Media, assembled dossiers on labor leaders, broke into their offices and videotaped union activists. The United States provided equipment and tens of thousands of dollars, according to an internal DAS report, and the unit’s members regularly met with an embassy official they remembered as “Chris Sullivan.”

    “When we were advancing on certain activities, he would go to see how we were advancing,” Jose Gabriel Jimenez, a former analyst in the unit, said during a court hearing.

    The CIA declined to comment on any specific allegations or the description of its relationship with the DAS provided by Colombian officials. “The three letters CIA get thrown into the mix on a lot of things, and by a lot of people. That doesn’t mean that allegations about the agency are anything more than that,” said a U.S. intelligence official, speaking on the condition of anonymity.

    As initial DAS revelations emerged in the Colombian media during late summer 2009, then-U.S. Ambassador William Brownfield called an embassy-wide meeting and asked which U.S. agencies represented were working with the DAS, according to a secret State Department cable released by WikiLeaks. Representatives from eight agencies raised their hands — including the CIA, the Drug Enforcement Administration, the FBI and the Internal Revenue Service. All agencies, Brownfield reported in the Sept. 9 cable, “reaffirmed that they had no knowledge of or connection to the illegal activity and agreed to continue reducing their exposure to the agency.”

    Brownfield, in subsequent meetings with Uribe and other officials, urged the government to get out in front of the disclosures and warned that they could compromise the U.S.-Colombia partnership.

    “If another DAS scandal erupted, our Plan B was to terminate all association with DAS. Immediately,” Brownfield reported telling Francisco Santos, Uribe’s vice president, and DAS Director Felipe Munoz on Sept. 16, 2009.

    Still, the relationship continued for an additional seven months. In April 2010, Brownfield announced that all U.S. funds previously directed to the DAS would henceforth go to Colombia’s national police. Today, the 51-year-old DAS, with 6,000 employees, multiple roles and an annual budget of $220 million, still limps along. But Munoz has been under investigation, as have four other former DAS directors.

    Uribe, speaking through his lawyer, Jaime Granados, declined a request for an interview. But the former president has denied that he oversaw illegal activities and said officials from his government were being persecuted politically. Four of his top aides are under investigation, and his chief of staff, Bernardo Moreno, is jailed and awaiting trial on conspiracy and other charges.

    Years of trouble

    Interviews with former U.S. officials and evidence surfacing in the DAS investigation show that the agency has for years committed serious crimes, a propensity for illegal actions not unknown to embassy officials.

    The first DAS director in Uribe’s presidency, Jorge Noguera — whom the U.S. Embassy in 2005 considered “pro-U.S. and an honest technocrat” and recommended to be a member of Interpol for Latin America, according to WikiLeaks cables — is on trial and accused of having helped hit men assassinate union activists. Last year, prosecutors accused another former DAS director of having helped plan the 1989 assassination of front-running presidential candidate, Luis Carlos Galan.

    Myles Frechette, the U.S. ambassador to Colombia from 1994 to 1997, said that even in his tenure American officials believed that DAS units were tainted by corruption and linked to traffickers. But he said the embassy needed a partner to develop intelligence on drug smugglers and guerrillas.

    “All the people who worked with me at the embassy said to me, ‘You can’t really trust the DAS,’ ” said Frechette. adding that he thinks the DAS has some of the hallmarks of a criminal enterprise.

    Several senior U.S. diplomats posted to the embassy in more recent years said they had no knowledge that U.S. intelligence and law enforcement agencies were involved in DAS dirty tricks, but all said it would not surprise them.

    “There were concerns about some kinds of activities, but also a need in the name of U.S. interests to preserve the relationship,” said one diplomat who spoke on the condition of anonymity. “I’m reasonably confident our support was correct.”

    Duque is a freelance journalist based in Bogota, Colombia. Correspondent Juan Forero, also based in Bogota, contributed to this report.

    By Karen DeYoung and Claudia J. Duque, Published: August 21, 2011 E-mail the writer

    Find this story at 21 August 2011

    © 1996-2014 The Washington Post

    Wiretapping Scandal Shakes Colombia (2011)

    Former Colombian President Alvaro Uribe (left) speaks during a public congressional hearing in Bogota earlier this month about allegations that the country’s intelligence service spied on high court judges during his government.
    Former Colombian President Alvaro Uribe (left) speaks during a public congressional hearing in Bogota earlier this month about allegations that the country’s intelligence service spied on high court judges during his government.

    Eitan Abramovich/AFP/Getty Images
    In Colombia, a major scandal involving the country’s intelligence service is unfolding. Colombia’s chief prosecutor says the spy service bugged the Supreme Court, intercepted the phones of its justices and followed their every move.

    Prosecutors also say the illegal surveillance was directed from the offices of former President Alvaro Uribe, who in his eight years in power was Washington’s closest ally in Latin America.

    With hours of tape as evidence, prosecutors say the Department of Administrative Services (DAS), which is under the president’s control, targeted the court’s justices and the investigative magistrates, who function something like prosecutors.

    The purpose was to find ties between the criminal underworld and the court in order to discredit the country’s highest judicial body.

    “Through the intelligence agency, they tried to control, attack and discredit — actions that cannot be viewed as some isolated DAS plan, an entity that is dependent on the presidency of the republic,” prosecutor Misael Rodriguez said at a court hearing earlier this year.

    He says Bernardo Moreno, Uribe’s chief of staff, oversaw the effort. Moreno has been charged and is in jail awaiting trial. He denies the accusations.

    Former President Uribe, who left office last year and has not been charged, denies any involvement.

    Alba Luz Florez, a former Colombian intelligence agent, has avoided charges in the scandal by cooperating with prosecutors. She used court security people, chauffeurs and even the coffee ladies to plant bugs and gather intelligence.i
    Alba Luz Florez, a former Colombian intelligence agent, has avoided charges in the scandal by cooperating with prosecutors. She used court security people, chauffeurs and even the coffee ladies to plant bugs and gather intelligence.

    Juan Forero/NPR
    But prosecutors say the president’s office wanted to derail court investigations linking illegal armed groups and congressmen allied with Uribe.

    William Romero is among the former high-ranking DAS members who have told prosecutors that the agency collected information and shipped it to the president’s office.

    “What we were told was that this was a requirement of the director of the DAS and the president, to know how narco-traffickers were manipulating inside the Supreme Court,” Romero tells NPR.

    Romero and other former agents also say that DAS units used some American assistance in the illegal surveillance. The State Department in Washington says it has no knowledge of U.S. government equipment being misused in Colombia.

    In one court chamber, bugging devices were placed under tables where exchanges between judges and witnesses take place.

    The person responsible for the bugging was Alba Luz Florez, a 33-year-old former agent known to DAS as Y-66.

    “They made me see it as a national security [issue], that national security could be compromised by this possible connection,” Florez says, referring to possible underworld ties with judges. “So for me it was an honor [to undertake the operation].”

    Florez, who avoided charges by cooperating with prosecutors, used court security people, chauffeurs and even the coffee ladies to plant bugs and gather intelligence.

    Among those she recruited was the driver for the court’s top investigative magistrate, Ivan Velasquez.

    “I knew everything about his family, absolutely everything about his children,” Florez says, referring to the driver. “So I began to see what he liked, how I could perhaps fill his needs.”

    She learned the driver needed to pay child support for several children, so she paid him. And she learned that he admired Uribe, the then-president.

    “Let’s do it for the president,” she recalls telling him.

    The small office of Velasquez, the star investigative magistrate, had once been bugged.

    “Here I talk to all kinds of people, with lawyers, with eventual witnesses that can provide information, people who know about things that happen in their regions and want to help,” says Velasquez, sitting at his desk. “There are risks to these declarations. What I mean is that a microphone here could be very effective.”

    He says the surveillance was designed to intimidate him and witnesses.

    But to date, 30 congressmen — virtually all allies of Uribe — have been convicted after being investigated by the court.

    And the attorney general’s office has also been busy: Four of Uribe’s top aides are under investigation. The former president’s conduct is also under review, by a special legislative commission.

    by JUAN FORERO
    August 29, 2011 5:50 PM ET

    Find this story at 29 August 2011

    ©2014 NPR

    << oudere artikelen