Posts Tagged ‘metadata’
Bruce Schneier | Security | 03.25.15 | 4:22 pm
A Must Read From wired.com:
The first news story to break based on the Snowden documents described how the NSA collects the cell phone call records of every American. One government defense,…the data they collected is “only metadata.”
This seemed to mollify many people, but it shouldn’t have. Collecting metadata on people means putting them under surveillance.
Imagine that you hired a private detective to eavesdrop on someone… Now imagine that you asked the detective to put that person under surveillance. Eavesdropping gets you the conversations; surveillance gets you everything else.
As former NSA General Counsel Stewart Baker said: “Metadata absolutely tells you everything about somebody’s life. If you have enough metadata you don’t really need content.” In 2014, former NSA and CIA director Michael Hayden remarked: “We kill people based on metadata.”
One experiment from Stanford University examined the phone metadata of about 500 volunteers over several months. The personal nature of what the researchers could deduce from the metadata surprised even them, and the report is worth quoting:
Participant A communicated with multiple local neurology groups, a specialty pharmacy, a rare condition management service, and a hotline for a pharmaceutical used solely to treat relapsing multiple sclerosis.
Participant B spoke at length with cardiologists at a major medical center, talked briefly with a medical laboratory, received calls from a pharmacy, and placed short calls to a home reporting hotline for a medical device used to monitor cardiac arrhythmia.
Participant C made a number of calls to a firearms store that specializes in the AR semiautomatic rifle platform. They also spoke at length with customer service for a firearm manufacturer that produces an AR line.
In a span of three weeks, Participant D contacted a home improvement store, locksmiths, a hydroponics dealer, and a head shop.
Participant E had a long early morning call with her sister. Two days later, she placed a series of calls to the local Planned Parenthood location. She placed brief additional calls two weeks later, and made a final call a month after.
That’s a multiple sclerosis sufferer, a heart attack victim, a semiautomatic weapons owner, a home marijuana grower, and someone who had an abortion, all from a single stream of metadata.
Web search data is another source of intimate information that can be used for surveillance. … Google’s CEO Eric Schmidt admitted as much in 2010: “We know where you are. We know where you’ve been. We can more or less know what you’re thinking about.”
Written by bothernews
March 25, 2015 at 11:40 pm
Tagged with American, CIA, corporation, Data, database, Google, government, metadata, Michael Hayden, National Security Agency, NSA, NSA electronic surveillance program, private detective, Stanford University, Stewart Baker, surveillance
Stockman asks NSA for Lois Lerner metadata after IRS claims ‘glitch’ erased all incriminating emails
Stockman asks NSA for Lois Lerner metadata after IRS claims ‘glitch’ erased all incriminating emails
Posted: Friday, June 13, 2014 4:28 pm
WASHINGTON, D.C. – Congressman Steve Stockman Friday asked the National Security Agency to turn over all its metadata on the email accounts of former Internal Revenue Service Exempt Organizations division director Lois Lerner for the period between January 2009 and April 2011.
The request comes just hours after the IRS claimed it “lost” all of Lerner’s emails to or from Lerner and outside agencies or groups during that period, in which she allegedly coordinated with the White House, House Democrats and political groups to harass and deny tax-exempt status to groups critical of the President. The IRS blames a “computer glitch” for erasing the emails which could have implicated Agency employees in illegal activity.
“I have asked NSA Director Rogers to send me all metadata his agency has collected on Lois Lerner’s email accounts for the period which the House sought records,” said Stockman. “The metadata will establish who Lerner contacted and when, which helps investigators determine the extent of illegal activity by the IRS.”
“The claim incriminating communications were erased by a glitch conjures memories of Rose Mary Woods,” said Stockman. “Barack Obama has brought us Jimmy Carter’s economy and Richard Nixon’s excuses.”
The text of the letter follows:
June 13, 2014
Admiral Michael S. Rogers
Director, National Security Agency
Fort Meade, MD 20755
First, thank you for your 33 years of, and continued service to, our country.
Second, as you probably read, the Internal Revenue Service informed the House Ways and Means Committee today they claim to “lost” all emails from former Exempt Organizations division director Lois Lerner for the period between January 2009 and April 2011.
According to chairman Camp, “The IRS claims it cannot produce emails written only to or from Lerner and outside agencies or groups, such as the White House, Treasury, Department of Justice, FEC, or Democrat offices” due to a “computer glitch.”
I am writing to request the Agency produce all metadata it has collected on all of Ms. Lerner’s email accounts for the period between January 2009 and April 2011.
The data may be transmitted to our Communications Director at Donny@mail.house.gov.
Your prompt cooperation in this matter will be greatly appreciated and will help establish how IRS and other personnel violated rights protected by the First Amendment.
Member of Congress
In defending the NSA’s telephony metadata collection efforts, government officials have repeatedly resorted to one seemingly significant detail: This is just metadata—numbers dialed, lengths of calls. "There are no names, there’s no content in that database," President Barack Obama told Charlie Rose in June.
No names; just metadata.
New research from Stanford demonstrates the silliness of that distinction. Armed with very sparse metadata, Jonathan Mayer and Patrick Mutchler found it easy—trivially so—to figure out the identity of a caller.
Between Intelius, Google search, and our three initial sources, we associated a name with 91 of the 100 numbers.
"If a few academic researchers can get this far this quickly, it’s difficult to believe the NSA would have any trouble identifying the overwhelming majority of American phone numbers," they conclude. It’s also difficult to believe they wouldn’t try. As federal district judge Richard Leon wrote in his decision last week, "There is also nothing stopping the Government from skipping the [National Security Letter] step altogether and using public databases or any of its other vast resources to match phone numbers with subscribers."
We’ve heard from lots of folks who are passionately concerned about the NSA’s mass spying, but are struggling to get their friends and family to understand the problem and join the over a half-million people who have demanded change through stopwatching.us and elsewhere.
Of course, you can show them the Stop Watching Us video and this great segment from Stephen Colbert. And if you’d like a detailed refresher on all the ways NSA is conducting mass surveillance, ProPublica has a handy explainer here.
But you also need to be prepared to respond to the common refrains of folks confused, nonplussed, or simply exhausted from the headlines. So here’s a cheat sheet to help you talk about the NSA spying when you’re with family and friends.
I have nothing to hide from the government, so why should I worry?
There are a few ways to respond to this, depending on what you think will work best for the person raising the question.
- Point out how mass surveillance leaves you at the mercy of not only the NSA, but also to the DEA, the FBI and even the IRS. We know that the government claims that any evidence of a “crime” can be sent to the appropriate law enforcement agencies.
- Tell them that, even if you don’t think you have something to hide, it’s possible the government thinks you do, or can create some concern about you (or your friends or loved ones). There are so many laws and regulations on the books, Rep. Jim Sensenbrenner said the Congressional Research Service did not have the resources to count them all. One legal expert has argued that the average person likely commits three felonies a day without ever realizing. So, you may be technically breaking a law you have no idea about.
- We all benefit from a system that allows privacy. For example, when journalists can speak to sources without the specter of surveillance, helping fuel investigative journalism and the free flow of information. And this is not just a hypothetical—the Department of Justice subpoenaed the phone records of Associated Press journalists in an effort to track down government whistleblowers. And it’s not just journalists. Activists, political organizers, lawyers, individuals conducting sensitive research, businesses that want to keep their strategies confidential, and many others rely on secure, private, surveillance-free communication.
Isn’t the NSA using the mass spying to stop terrorists?
Even the NSA cannot point to a single terrorist attack they’ve stopped using the Patriot Act phone surveillance program that sweeps up virtually every phone record in the United States. They’ve thrown out many numbers claiming that the information was helpful in some capacity, including repeatedly claiming that it thwarted some 54 attacks, but those numbers have been thoroughly debunked.
The only remaining example the NSA points to is known as the “Zazi case.” However, in that case, the Associated Press reported that the government could have easily stopped the plot without the NSA program, under authorities that comply with the Constitution. Sens. Ron Wyden and Mark Udall have been saying this for a long time.
That’s the point here: we can stop terrorists with law enforcement authorities that this country has been using for decades. We don’t need to upend the Constitution to keep the nation safe.
The government will not abuse its power.
Some people believe that the government will never abuse its power, especially when the party they support is in office. You should remind these people that the government has a long history of overstretching its surveillance powers and using that information to try to blackmail people. Example of this include the NSA spying on Martin Luther King Jr., Muhammad Ali, and even some sitting senators in the 1960s. Imagine how Sen. Joe McCarthy’s investigations might have gone if he had access to this kind of spying.
We already have evidence of abuse of power. We know that the NSA analysts were using their surveillance powers to track their ex-wives and husbands, and other love interests. They even had a name for it, LOVEINT. The FISA court has also cited the NSA for violating or ignoring court orders for years at a time. And those are just self-reported abuses. An independent investigation might reveal even more.
Allowing mass spying is patriotic.
Stopping untargeted seizure of information is one of the key reasons we fought the War of Independence and drafted the Fourth Amendment. During colonial times, the "crime" was tax evasion—remember the Boston Tea Party? The British crown issued Writs of Assistance, which were general warrants that allowed the British authorities to search through anyone’s papers in order to find those who were skirting the taxes. American patriot James Otis Jr. argued against the “hated writs” but lost his case in the British courts. John Adams noted that from that case, “the child independence was born.”
Since that time, warrants have had to specify the persons and places searched. Mass surveillance by the NSA does neither. In short, one of our countries’ founding principles is the prohibition on mass searches and seizures.
Kids today (or my friends) post everything they do on Facebook or Twitter, why should we care if the government can see too?
What people choose to put on Facebook or Twitter (or Instagram or Tumblr or some other service) is almost always curated. People put the best or sometimes the worst things that happen to them online, but studies show they still keep things private, and restrict the audience for other information. A new poll shows young people may even be more privacy conscious than older adults.
We all know someone whose Facebook feed continued to show happy pictures even as they went through a terrible breakup or divorce. The point of privacy is control over the information that is available about you. Some people choose to share more, some choose to share less, but nearly everyone wants the power to pick and choose what information is available about them to their friends and to strangers, like future employers or NSA agents.
Google and Facebook have my information, so why shouldn’t the NSA?
There are many privacy problems with how the giant Internet companies gather and use so much of your personal data. However, Google and Facebook do not have the power to arrest you and, unlike government surveillance, there are other choices for communication tools. For example, you can use DuckDuckGo instead of Google search.
Remember: while we may not like how companies collect a lot of our information, they are not under the same requirement to follow the Fourth Amendment. We need to protect the private information held by companies too, but the Constitution provides a foundation that always protects our communications from the prying eyes of government.
It’s just metadata, so why should I care?
For the mass phone record collection program, the NSA has said it is not “listening in” to telephone calls. Instead they are collecting a record of everyone you call, who calls you, when you’re on the phone, the length of your phone call, and at times, even your location.
This "metadata" can be as invasive as the content of your conversations. It can reveal your religious and political views, who you are dating (and when you break up), who your spouse and children are, your movements, and even information your closest friends and family don’t know, such as medical conditions.
Additionally, the government is getting more than just metadata. We also know the government has obtained online content, including email, under separate programs, and used the data based on a guess that you are 51 percent likely to be foreign, by scanning large a portion of the total number of emails entering and exiting the United States. Metadata is only a part of the government spying programs.
This sucks, but there’s nothing I can do!
Actually there is plenty you can do! First, join the over half-million others and sign our petition at stopwatching.us. Then call your representative in Congress—there are bills going through Congress right now that could curtail some of this spying and bring real transparency and accountability to the NSA. There are also some that need to be opposed so we don’t end up legalizing much of this illegal surveillance.
There’s lots you can do to fight NSA surveillance. But one of the most important things you can do is explain why this issue is important to friends and family. So please share this guide widely.