Panoptican Tony

With Friends Like This, Enemies Are Redundant

The phrase, Panoptican State refers to a real threat.  Sadly, the threat is coming not from terrorists, nor criminals in general, but from our governments.

As a result of the threat of terrorist crimes, Western governments want to transform the State into one which observes citizens at all times.  In Australia, Prime Minister Tony Abbott foolishly and recklessly wants the Parliament to approve collecting “metadata” on all Australians, storing it for up to two years.  “It will help us interdict and catch the malefactors,” says Tony.  Yes, and so would stationing a member of the intelligence service at our right shoulder, observing all we do and say, twenty-four seven. But would that justify the horrendous invasion of government power into our lives.  Tony says it would. 

Fairfax media have done us all a service.  With the assistance of a Liberal Senator, David Leyonhjelm they have demonstrated just how much information on all citizens will be available to government spies.  Leyonhjelm “turned over” his metadata to the analysts and what they learned about him was significant indeed.

The federal government says its controversial mandatory metadata storage proposal – which will force telcos and internet providers to store phone and web data on all Australians for two years – is necessary to fight serious crime. Prime Minister Tony Abbott described metadata, which will be available to law enforcement without a warrant if the Data Retention Bill becomes law, as “not the content of the letter, it’s what’s on the envelope”.

But a Fairfax Media investigation into what metadata can reveal has shown the envelope is almost transparent. If the bill passes it will represent a significant loss of privacy for all Australians, with law enforcement being able to derive far-reaching information and associations left behind by our digital footprints.

Here’s how they went about it.

Liberal Democrat senator David Leyonhjelm gave permission for metadata from his business address in Sydney’s inner west, an agribusiness consulting company, to be captured and analysed.  NCC Group, an information assurance firm with more than  15,000 clients worldwide, agreed to perform the analysis for Fairfax Media. It was overseen by its Asia-Pacific general manager, Wade Alcorn.

They used off-the-shelf software  to intercept all the data to and from the internet via a laptop plugged into the office’s internet router.  Using free online tools they stripped out about 99 per cent of what was captured, including the content of communications, and the industry-standard definition of web history – http and https traffic, which is all the data sent between your computer and the web server, including web addresses . Communications Minister Malcolm Turnbull has said, “The act will expressly exclude a person’s web browsing history.”

What did they learn about David Leyonhjelm?

Alcorn’s report reveals the surprising scope of what could be gleaned from the metadata generated by the office outside of its day-to-day dealings with meat and livestock organisations in Australia.  “The metadata revealed communication to an airlines booking system and to specific hotels in the Whitsunday Islands,” wrote Alcorn. “This may indicate that someone in the office will be travelling in the near future and planning to visit that area of the country.” . . .

“We’d sift through the data and look for interesting things,” he explained. “For example, with the airline booking site, we started expanding backwards and forward in time to reveal what other information there is on what the airline bookings might be about. At that stage we found information about the Whitsundays, hotel bookings, etc … it went from airline bookings to hotel bookings and associated holiday information.”

They found clues suggesting someone was buying furniture – communication to the webpage of a furniture retailer and a subsequent call of four minutes and 12 seconds to the same store. One day there was an interest in jewellery, home improvements and renovations.

Metadata can reveal someone’s hobbies or interests without the need to see the content of messages. There was communication in the office with mail servers relating to the Inner West Hunters Club, a NSW approved hunting club. Leyonhjelm is a high-profile supporter of the relaxation of gun laws.  NCC analysts referenced other email metadata with public information resources to infer communication with organisations involved in hunting, consultancy, market research and the sale of contact lists for marketing purposes.  Metadata could enable future governments to monitor people with agendas other than their own. The potential for inferring links between people, leading to further investigation, is vast.

Analysis of sender and recipient email addresses identified people who were often involved in group email discussions. Despite neither subject nor content of emails being available, some inferences could be drawn.  Alcorn wrote, “The email metadata collected was suggestive that there was a common political agenda. Taking the email addresses and searching for the people in Google determined they were active in various political arenas. From this information it was possible to find common agendas.”

One group email discussion possibly centred around pro-gun reform, with active lobbyists in the area taking part – something NCC analysts determined by putting specific email addresses into a search engine. Other members of the discussion weren’t public supporters of changes to gun laws.  “An analyst may, rightly or wrongly, infer from this metadata that the other members of the discussion are privately supporting gun reform and for some reason don’t want it publicly known,” wrote Alcorn.

Traffic volume showed when staff were in the office, when they were working late or at the weekend and for how long. Metadata showed consistent spikes of several minutes’ activity on Facebook at 9am, around lunch and just before 5pm. One afternoon there was no Facebook activity, which could suggest an early knock-off for the day.

Metadata also showed someone was exploring CTP insurance renewal, had used Dropbox – a way of transferring files too large to be emailed – as well as Microsoft, Apple, Nvidia, AVG and Avast technologies.
“We’re not using the most sophisticated tools to analyse metadata,” Alcorn said. “There are faster ways to do it and more automated and mature processes. We also didn’t use tools for displaying graphical connections. With further time and more sophisticated tools, more habits and details could be extrapolated.” . . .

And Leyonhjelm’s reaction to the results of analysing his metadata:

Leyonhjelm called the results of the analysis “very revealing”.  He had no problems with targeted retention of metadata via a warrant or court order based on suspected criminal activity. “But to collect that data on everyone – my 84-year-old mother and my wife and my next-door neighbours who wouldn’t say boo to a goose – it’s wrong in principle,” he said. . . .”The government’s basically saying we’re going to spy on everybody in the country,” said Leyonhjelm. “It’s appalling, it’s absolutely appalling.”

He added, “If you’re going to invade people’s privacy and treat them all like criminals-in-waiting, then to what extent do you do that? Malcolm Turnbull has said it’s nothing more than phone data, to and from and time and location, but it’s a lot more than that. I don’t see how it can be limited to that and I don’t believe it will be, either.”

The old slogan runs, “Give me liberty or give me death.”  Now, due to the craven lust to do evil that good may come, the Australian government has unwittingly provoked a new slogan: “Give me death rather than your kind of liberty.”  Or, more tellingly we suggest to Australian citizens that they face up to the Prime Minister and his conspirators and say, “Stop being such cowards.” 

It is a small mercy that in order to “get the power” to store everyone’s metadata and take a huge stride towards a Panoptican State, Parliament gets to debate it in public and vote upon it.  Let’s hope there is a rebellion in the government’s parliamentary ranks. 

Constitutional Niceties

An Immoral Miscreant Shames the Nation

They say the price of liberty is eternal vigilance.  This truism points not to external so much as internal enemies.  Power corrupts and is addictive.  The apparatus of state always would elide into a tyranny, unless watched, checked, and more-often-than-not thwarted by checks and balances.

Elections are one bastion eternal vigilance can use to impede the drift towards tyranny.  The law and law courts are another.  A healthy and responsible media is another.  Unwritten constitutional conventions are another.  But all of these are weak and likely ineffective without having a more than just “a few good men” to stand upon the walls.  It is not until liberties are lost that people value what they have previously treated with disdain and neglect.

 Several years ago in New Zealand we were treated to the Leader of Her Majesty’s Loyal Opposition, Phil Goff being caught out lying in the midst of an election campaign.
  Not unusual in a culture which celebrates dissembling as sophisticated and clever.  But Goff’s breach was more sinister.  He had claimed he knew nothing of espionage activity by some foreign agents in the city of Christchurch.  It was pointed out that he had been indeed formally briefed by the head of the Security Intelligence Service of the very same.  He responded by digging deeper, excoriating the SIS head, Warren Tucker, whereupon Dr Tucker responded by releasing part of the briefing notes he had provided to Goff.  The Leader of the Opposition was thereby publicly exposed not just as a liar, but a liar about affairs and matters of state.

The media, largely in the tank for Goff and an anticipated Labour election victory, gave him a free pass and moved on.  Goff subsequently stumbled to electoral defeat.

To observe that the media and the Commentariat hushed over Goff’s duplicity would be an understatement. In fact, Goff proved at that moment he would break every constitutional convention in his lust to hold the country in his thrall.  He had also breached constitutional conventions against attacking state employees in the process, but that was relatively small beer.

Now Dr Tucker has been criticised by an independent report.  He handled the matter wrongly.  He should have sought legal advice.  He breached a legal obligation to remain studiedly neutral towards all politicians and political parties.  If he had sought legal advice at the time, he probably would have done a much better job.

Several wry observations demand our attention.  The first is a positive endorsement of the changes made to the way the Security Intelligence Services operate.  There are now in place mechanisms of internal and external review which did not exist when the Goff scandal unfolded.  In fact, the very reason we are able to learn about the actions of Dr Tucker and his shortcomings is due to the new checks and balances which have been put in place.  This is a sweet smelling bouquet. It establishes that the separation of powers have been strengthened, and the neutrality of the SIS has not only been affirmed, but now much more protected and insisted upon.

The media, of course, are all agog and aghast over Dr Tucker’s shortcomings.  But they fail to observe that the failings occurred four years ago, Dr Tucker no longer runs the SIS, and we are finding out about it because of successful efforts to clean house and make the cleansing institutional, and thus preserved.  That’s good new, but significantly less headline grabbing, so the demands of a good scandal require that one’s attention be directed elsewhere.  

Secondly, the media to this day still wallow in complicit silence over Goff’s dishonesty and his naked lust for power-at-any-price.  Goff is not a nice guy.  In our judgment he is completely unfit to hold any political office in this country ever again.  The media today is engaged in a persistent attempt to find wrongdoing on the part of the Prime Minister and his office in his handling of the SIS.  He is the Big Fish.  If that means Goff’s proven lies ought to be ignored (as yesterday’s never-quite-news) whilst they go for the “Big Story” so be it.

But, here, once again, they are making the news, not reporting it.  We are regaled daily with stories about their intrepid Search For the Smoking Gun, whilst they ignore the real stench of cordite right before their blocked noses.  In so doing, the media are involved and complicit in the very Dirty Politics they themselves hypocritically condemn at every turn.  The fact that Goff still warms a seat in Parliament today is testament to just how politicized the media has become.  He remains there, slurping at the taxpayers’ teat, because the media has given him a “free pass” preferring to deploy him as bait on the hook for bigger fish. 

Thirdly, there is plenty for the media to be legitimately focused upon.  Yes, there does appear there has been a blurring of the hard lines between politics and government in the Prime Minister’s office.  That also breaches a constitutional convention.  It would seem that Key has been far too casual over such important separations.  The real focus should be upon necessary changes to policy, procedures, and operational conventions there need be in the office of the Prime Minister.  Granted that things have got much better with respect to the governance of the SIS, but what about other government departments?

Moreover, Key’s drive to grant more powers to the SIS so as to “combat” ISIS terrorism is ill-advised, hasty, and altogether bearing hallmarks of unjustified panic.  The fact that some of our citizens may wish and plan to go overseas to Syria to lay down their lives in “holy” martyrdom does not constitute a clear and present danger to the rest of us.  Not if their passports are cancelled should they turn up in Syria.

Key’s drive for urgency seems to arise out of a half-baked scheme that we have some kind of duty to cancel the passports of those who are intending to go and join ISIS before they leave the country, which is folly indeed.  That is the real issue which should be debated long and hard, for its possible ramifications would be dangerous indeed. 

There is a shameful postscript to this story.  The report on Dr Tucker was pre-released to the handful of interested parties under strict legal embargo.  But it was leaked to the media more than twenty-four hours before its public release.  The leaker?  Why, Phil Goff, of course, who has admitted the breach, and has proven repeatedly that illegalities will  never be allowed to get in the way of political ambition nor his lust for power.  His role in this breach is now going to be investigated.  He is an immoral miscreant.  

Smoke, Mirrors, and Loopholes

Spying On One’s Own

The UK government has finally come out of the closet.  It has reluctantly confirmed publicly, for the first time, that its intelligence agencies conduct warrant-less spying upon its own citizens.  But there is a casuistic justification which outdoes the subtlety of a Medieval Schoolman: the electronic data upon which the UK agencies spy has to have been collected by one of the other “Five Eyes” nations (Canada, the US, Australia, or New Zealand.)  This from The Guardian: 

British intelligence services can access raw material collected in bulk by the NSA and other foreign spy agencies without a warrant, the government has confirmed for the first time.  GCHQ’s secret “arrangements” for accessing bulk material are revealed in documents submitted to the Investigatory Powers Tribunal, the UK surveillance watchdog, in response to a joint legal challenge by Privacy International, Liberty and Amnesty International. The legal action was launched in the wake of the Edward Snowden revelations published by the Guardian and other news organisations last year.

The government’s submission discloses that the UK can obtain “unselected” – meaning unanalysed, or raw intelligence – information from overseas partners without a warrant if it was “not technically feasible” to obtain the communications under a warrant and if it is “necessary and proportionate” for the intelligence agencies to obtain that information.

This, we believe, is yet another smoking gun.   For the record, we are not opposed to espionage.  Neither are we opposed to espionage upon our own citizens.  But it is imperative that there be checks and balances, limits and controls upon such activity.  The limits and are essential to the rule of law.  Without such limits, spying agencies and governments would be, by definition, lawless–that is, above and beyond the law and answerable to no-one.  The first basic limitation and control would require the spying agencies to demonstrate reasonable cause.  The second limitation would be for the spying activity to be specifically targeted at identified individuals.  Thirdly, the stipulation that these limitations are being adhered to needs to come from an independent judicial review and the issue of judicial warrants. 

In the UK it has been acknowledged that spy agencies can access unlimited data to spy on citizens without any judicial review or warrant whatsoever, provided the data has been captured by another country.  It follows, of course, that Five Eyes partners–if permitted by their enabling legislation–will likely regularly gather data upon the citizens of other four partner countries and pass it over, thereby subverting and skirting around lawful checks and balances.  

The Panoptican State

Texas Senator Gets Anonymous Phone Call

It seems that the Snowden revelations tell a far, far worse story than was imagined when they began.  Now it turns out the government spying agencies have been eavesdropping and watching private video exchanges between individuals.  No warrants.  No suspicion of spying.  Just snooping. Just testing out technical capabilities.  Imagine the local cop shop sneaking up to your house and peering the the windows at night just because they could.  We have a word for this–voyeurism.  But, far worse, is the realisation that the panoptican state is here, is now, and is operating.  All in the name of national security.  Does that make you feel any better? 

This, from The Guardian:

Britain’s surveillance agency GCHQ, with aid from the US National Security Agency, intercepted and stored the webcam images of millions of internet users not suspected of wrongdoing, secret documents reveal.  GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not.  In one six-month period in 2008 alone, the agency collected webcam imagery – including substantial quantities of sexually explicit communications – from more than 1.8 million Yahoo user accounts globally. [Emphasis, ours]

Snigger.  Snigger.  Snigger.  We are watching you!
  Just to remind ourselves–the US National Security Agency (“NSA”) is “supposed” to spy only on non-US citizens.  Ah, but when you hoover up millions of internet images of individuals communicating via webcams, what’s a bit of the collateral damage, huh?  It’s all in a good cause.  The state’s cause. 

GCHQ does not have the technical means to make sure no images of UK or US citizens are collected and stored by the system, and there are no restrictions under UK law to prevent Americans’ images being accessed by British analysts without an individual warrant.  The documents also chronicle GCHQ‘s sustained struggle to keep the large store of sexually explicit imagery collected by Optic Nerve away from the eyes of its staff, though there is little discussion about the privacy implications of storing this material in the first place. [Emphasis, ours.]

Here is where the spying system gets cute.  The US is prevented by law from spying on its own citizens.  But the vid-cam captures could not distinguish between US citizens and non-US citizens.  So the UK agency, which has no such legal restriction, did it–effectively spying on US citizens and its own without probable cause or warrants or any such protective legal hurdles.  Thus, it would appear, the Five Eyes collaboration has become a cute means of subverting and bypassing the law.  “Look”, says the NSA, “It’s not us spying on Alice Brown in Tuscaloosa.  It’s those unconscionable Brits.”  Snigger.  Snigger. Snigger.  Now, is that plausible deniability, or what?  Only in Kafka’s world. 

Programs like Optic Nerve, which collect information in bulk from largely anonymous user IDs, are unable to filter out information from UK or US citizens. Unlike the NSA, GCHQ is not required by UK law to “minimize”, or remove, domestic citizens’ information from its databases. However, additional legal authorisations are required before analysts can search for the data of individuals likely to be in the British Isles at the time of the search.  There are no such legal safeguards for searches on people believed to be in the US or the other allied “Five Eyes” nations – Australia, New Zealand and Canada. [Emphasis, ours.]

Yahoo is understandably apoplectic.  

In its statement to the Guardian, Yahoo strongly condemned the Optic Nerve program, and said it had no awareness of or involvement with the GCHQ collection.  “We were not aware of, nor would we condone, this reported activity,” said a spokeswoman. “This report, if true, represents a whole new level of violation of our users’ privacy that is completely unacceptable, and we strongly call on the world’s governments to reform surveillance law consistent with the principles we outlined in December.

“We are committed to preserving our users’ trust and security and continue our efforts to expand encryption across all of our services.”  Yahoo has been one of the most outspoken technology companies objecting to the NSA‘s bulk surveillance. It filed a transparency lawsuit with the secret US surveillance court to disclose a 2007 case in which it was compelled to provide customer data to the surveillance agency, and it railed against the NSA’s reported interception of information in transit between its data centers.

The intercepted webcams had so much nudity included that GCHQ staff were required to have protocols to “govern”  how much they looked at, to ensure compliance with restrictions against voyeurism and office porn. We are sure that’s comforting to Alice Brown. 

GCHQ did not make any specific attempts to prevent the collection or storage of explicit images, the documents suggest, but did eventually compromise by excluding images in which software had not detected any faces from search results – a bid to prevent many of the lewd shots being seen by analysts. 

The system was not perfect at stopping those images reaching the eyes of GCHQ staff, though. An internal guide cautioned prospective Optic Nerve users that “there is no perfect ability to censor material which may be offensive. Users who may feel uncomfortable about such material are advised not to open them”.  It further notes that “under GCHQ‘s offensive material policy, the dissemination of offensive material is a disciplinary offence”.

Nice to know.  The Guardian piece contains the standard denials, which are now way past credibility.  But the response is classic bureaucratic legalese issued by a bunch of folk who, by now, should probably be considered traitors because they have collectively weakened and undermined and eviscerated their respective nations–while the politicians in the know have oh-so-quietly clapped and cheered. 

The NSA declined to respond to specific queries about its access to the Optic Nerve system, the presence of US citizens’ data in such systems, or whether the NSA has similar bulk-collection programs.  However, NSA spokeswoman Vanee Vines said the agency did not ask foreign partners such as GCHQ to collect intelligence the agency could not legally collect itself.  “As we’ve said before, the National Security Agency does not ask its foreign partners to undertake any intelligence activity that the US government would be legally prohibited from undertaking itself,” she said.

“The NSA works with a number of partners in meeting its foreign intelligence mission goals, and those operations comply with US law and with the applicable laws under which those partners operate.  “A key part of the protections that apply to both US persons and citizens of other countries is the mandate that information be in support of a valid foreign intelligence requirement, and comply with US Attorney General-approved procedures to protect privacy rights. Those procedures govern the acquisition, use, and retention of information about US persons.”

OK.  Now we feel better.  Let’s imagine how this might run.  Let’s imagine some time in the future, like now, a general was having a spat with a thin-skinned president.  The general, let’s say his name was Betrayus, was suddenly exposed as having an extra-marital affair, and made to resign in disgrace.  Now, the NSA was “forbidden” to spy on Betrayus.  Moreover, it was forbidden from instructing or requesting any of its Five Eyes partners to spy on any of its citizens.  Imagine the myriad of ways informal messages could be conveyed that did not constitute an instruction or request to the Brits, to ensure the US spy officials got what they wanted.  “You know, My Limey Spy, we are a bit worried about General Betrayus.”  Wink.  Wink.  British spy responds.  Nod.  Nod. “May I suggest that you keep an eye on your in-box, old boy.”  Of course, just for the record, said conversation never happened.  No instructions or requests there.

But just think again about the final paragraph of that bureaucratic burble above:

“A key part of the protections that apply to both US persons and citizens of other countries is the mandate that information be in support of a valid foreign intelligence requirement, and comply with US Attorney General-approved procedures to protect privacy rights. Those procedures govern the acquisition, use, and retention of information about US persons.” [Emphasis, ours.]

We are to understand that under a “key part” of the protections, the UK was able to hoover up millions of private Yahoo carried webcam images of US citizens and store those images, along with those of its own citizens, on its databases.  There were many compromising or lewd images included.  The potential for blackmail and extortion is off the scale.  A new firebrand senator with a Latino name, let’s say from Texas, is getting under the skin of the current US administration.  Firebrand senator receives an anonymous message.  “We have photos.  Shut up.  Back off.” 

It was under those protections that supposedly are so effective in preventing abuse that such images have been captured in the first place.  We say again–these people–in fact the whole swamp–should be considered traitorous. 

Douglas Wilson’s Letter From Moscow

Let’s Watch Them for a Bit

Posted on Friday, January 24, 2014  

By Douglas Wilson 

Blog and Mablog

A policeman doesn’t need a warrant, and shouldn’t need a warrant, to look at your house. But there is more to it.

I have noted before that many contemporary Americans are demanding privacy when what they really want is anonymity. But these are not the same thing at all. If I am walking down a city street with thousands of others, I have anonymity. I don’t have privacy. Anybody who wants to can look at me — the next guy who passes by, the cop on the corner, or the surveillance camera outside the jewelry store. And the cop has every right to follow me if he saw that I have that look on my face.

But what the digital revolution has done is create a need for some radical extensions and applications of our definitions of “inside” and “outside,” not to mention “public” and “private.” Just as I don’t mind a cop seeing the outside of my house, I don’t mind him seeing the outside of my phone. But when is he “inside”? When does he need a warrant? When does he need to show a judge probable cause? If the answer is “we don’t really do that anymore,” the follow-up retort should be “because we are now slaves.”

But in order to have due process in this, we have to define the border between public and private. This is not a trifle — our future liberty depends upon it. How we define those lines, and how we enforce them, must not be left up to secret and unaccountable courts. This is because any state that catch terrorists all in secret can create terrorists all in secret.

This is what it looks like when there has been a breakdown of trust. There may be certain things that the magistrate could arguably have every legal right to do, but which draw suspicion (rightly) nonetheless. For example, police have the right to stake out a house without a warrant, so how could this ever cause suspicion? But what if they are doing so in order that they might know when the owner is away so that they can go in there and plant some evidence? That would be an abuse of their prerogative, and if we know the nature of man, we need to have some protections around that prerogative, to the extent that we still allow it.

So the problem is not the possession of the metadata itself, which is kind of out there, but whether or not it puts unaccountable authorities in possession of an ability to get into your cyber house without anybody ever knowing that they did so. If the cops are staking out your house from across the street, there is the possibility you might see them. Who doesn’t think that these people have the capacity to plant child porn on your computer so that they can have something to haul you away for?

And we live in a time when we have every reason to believe that if such security ginks abused their position in this sort of way and were caught, the political uproar that followed would have the same trajectory and outline as the IRS scandal has had. This means that we ought not to do it.

The defenders of metadata collection say that it is like looking at you walk down the street. If you didn’t want to be seen you shouldn’t have taken that stroll. If you didn’t want people to know that you had made a call, you shouldn’t have made it. Up to a point, they have a point.

But if they are watching, and no one knows they are watching, and they are accountable to no one for their watching, the first conclusion I come to is that somebody ought to be watching them.

Douglas Wilson’s Letter From Moscow

There’s A Dear,

Posted on Friday, January 17, 2014  
By Douglas Wilson 
Blog and Mablog

When it comes to your “personal data” and national security issues, there are two basic layers to the question. The first has to do with the nature of the world, and the second has to do with the nature of our particular moment in history. The first asks whether anybody should be trusted with this kind of information, and the second asks whether these people should be trusted with anything. The first is a constitutional question, the second a practical one.

You would answer the first correctly if you have been taught in line with biblical principles of civic liberty. You would answer the second correctly if you haven’t been hibernating under a rock for the last decade or so.
Start with the second issue, start with where we are. Start with those who are currently governing us.
I am conducting a thought experiment here, not making any accusations. Suppose a scandal broke with regard to the NSA data collection — not the mere fact of meta-collection, but a demonstrated actual and egregious abuse of it. Make it a bona fide scandal, where men in power were using the surveillance apparatus of the government in order to get dirt on their partisan enemies. Their gathering of information had nothing to do with national security, and everything to do with getting into divorce records, tax information, salacious and damaging emails, etc.

And let us say that there was an uproar about it — lots of yelling on television, and Twitter was just a burning. “What means this stir in Rome?” Now does anybody in their right mind think that such a scandal would be processed and handled any differently than the Benghazi scandal has been, or the IRS scandal? Does anybody seriously think that these men in power would now — because the letters on the scandal are NSA — be completely honest and forthcoming? Would they give up their sandbagging, stonewalling, and obfuscating foot-dragging ways simply because the information about the porn habits, say, of a Tea Party hack were acquired in some outrageous and unconstitutional way? If you really think that, then you really need to go and sit this culture war out, there’s a dear.

I can tell you what to expect. The aftermath of such a scandal would be the same solemn procession of “mistakes were made” by no one in particular, followed up by “reforms have even now been set in place” for the faceless bureaucrats of the future to get around. Always remember that the problematic laws and regulations we are constantly having to fix are actually the end product of our previous wave of reforms. Someone has wisely said that the state is a poison that masquerades as its own antidote.

The problem is this. I don’t trust these people. I don’t trust them in the morning and I don’t trust them at night. I don’t trust them with foreign policy and I don’t trust them with domestic policy. I don’t trust them in Maryland, and I don’t trust them in California. These people are like green eggs and ham to me. “I would not like them here or there. I would not like them anywhere.”

So why on earth would I expect them to draw an arbitrary line of self-restraint in the midst of all their tyrannical overreaching? Why would I think that we could ever hear them say, “No, no, we must not do that. That’s his private data.”

In saying this, I am simply talking about their motives, and am clearly suspecticating an evil intent. But we must also leave open the likelihood of gross incompetence. Take the lack of security firewalls over at that ramshackle Obamacare website. It now appears that if I were chump enough to sign up at Obamacare, then a competent hacker could get from there to the inside of my Kindle without ever touching the floor. So let us not accept the false dichotomy that is commonly circulated on the Right — wondering whether these people are evil or incompetent. Why not both? Why not a mix?

Now, let’s move from this to the broader question of civic liberty. A free government of a free people must have boundaries and limits that they cannot cross, and everyone involved must know where those boundaries are. This is how James Madison addressed the problem:

“If men were angels, no government would be necessary. If angels were to govern men, neither external nor internal controls on government would be necessary. In framing a government which is to be administered by men over men, the great difficulty lies in this: you must first enable the government to control the governed; and in the next place oblige it to control itself” (Federalist #51).

In Madison’s mind, this was to be accomplished primarily through having the government dependent upon the people, but he also noted the need for something else — “experience has taught mankind the necessity of auxiliary precautions.”

Auxiliary precautions. Now we’re talking.

What I would really like is for the establishment conservatives to shift their priorities. Stop protecting me from the Taliban. I grant that there are places and circumstances where such protection would really be welcome, but what I actually need is protection from the commies. You know, anybody to the left of Ted Cruz.

And stay out of my Kindle.

Big Brother’s Smothering Embrace

Not Just The Walls Have Ears

Things have become barrel scrapingly low when a majority of ordinary citizens no longer trust their governments.  Not that any citizen should extend trust to the government unilaterally.  “Trust, but verify” is an obligatory responsibility of all free citizens to demand and require from their governments.  Verification usually is through the oversight of separate powers of government, such as the judiciary, parliamentary committees, the courts, or special (independent) commissions.  In a free society, government agencies are mandated to watch other government agencies, reporting and accounting to separated governmental, representative powers.  Such things seem ancient history now.  Hence trust is evaporating faster than sweat in a Melbourne heat wave.  

We appear to have reached the bottom of the barrel in the trust stakes.  Here is the latest shakedown from the Snowden revelations, this time about the unwarranted, unauthorised collection of text messages, according to The Guardian:

The National Security Agency has collected almost 200 million text messages a day from across the globe, using them to extract data including location, contact networks and credit card details, according to top-secret documents.  The untargeted collection and storage of SMS messages – including their contacts – is revealed in a joint investigation between the Guardian and the UK’s Channel 4 News based on material provided by NSA whistleblower Edward Snowden.

The documents also reveal the UK spy agency GCHQ has made use of the NSA database to search the metadata of “untargeted and unwarranted” communications belonging to people in the UK.  The NSA program, codenamed Dishfire, collects “pretty much everything it can”, according to GCHQ documents, rather than merely storing the communications of existing surveillance targets. 

The NSA has made extensive use of its vast text message database to extract information on people’s travel plans, contact books, financial transactions and more – including of individuals under no suspicion of illegal activity.  An agency presentation from 2011 – subtitled “SMS Text Messages: A Goldmine to Exploit” – reveals the program collected an average of 194 million text messages a day in April of that year. In addition to storing the messages themselves, a further program known as “Prefer” conducted automated analysis on the untargeted communications.

An NSA presentation from 2011 on the agency’s Dishfire program to collect millions of text messages daily. Photograph: Guardian

The US National Security Agency collects information and data on millions of private text messages daily, and provides them to the UK spy agency (GCHQ), which then stores private communication data on ordinary UK citizens, not suspected, not being surveilled via warranted approval.  Big Brother is watching most definitely.

Yet, the routine denials continue to flood forth.  This from the NSA:

In a statement to the Guardian, a spokeswoman for the NSA said any implication that the agency’s collection was “arbitrary and unconstrained is false”. The agency’s capabilities were directed only against “valid foreign intelligence targets” and were subject to stringent legal safeguards, she said.

And this from the GCHQ:

A spokesman for GCHQ refused to respond to any specific queries regarding Dishfire, but said the agency complied with UK law and regulators.  “It is a longstanding policy that we do not comment on intelligence matters,” he said. “Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee.”

GCHQ also directed the Guardian towards a statement made to the House of Commons in June 2013 by foreign secretary William Hague, in response to revelations of the agency’s use of the Prism program.  “Any data obtained by us from the US involving UK nationals is subject to proper UK statutory controls and safeguards, including the relevant sections of the Intelligence Services Act, the Human Rights Act and the Regulation of Investigatory Powers Act,” Hague told MPs.

We simply don’t believe the government any longer.  The “plausibility” in the denials has long since gone.   That is why Vodafone, the UK phone giant has reacted the way it did to these latest revelations:

But Vodafone, one of the world’s largest mobile phone companies with operations in 25 countries including Britain, greeted the latest revelations with shock.   “It’s the first we’ve heard about it and naturally we’re shocked and surprised,” the group’s privacy officer and head of legal for privacy, security and content standards told Channel 4 News. “What you’re describing sounds concerning to us because the regime that we are required to comply with is very clear and we will only disclose information to governments where we are legally compelled to do so, won’t go beyond the law and comply with due process.

“But what you’re describing is something that sounds as if that’s been circumvented. And for us as a business this is anathema because our whole business is founded on protecting privacy as a fundamental imperative.”  He said the company would be challenging the UK government over this. “From our perspective, the law is there to protect our customers and it doesn’t sound as if that is what is necessarily happening.”

Let’s try a thought experiment.  How would we have reacted  thirty years ago if we found out that the government security services were permanently wire tapping and recording all telephone conversations in the country, and that they were systematically steaming open every mailed envelope, copying and filing its contents, before sending it on its way?  With justified fury, no doubt. 

What has changed?  Some minor things.  Firstly, there is the terrorism bogeyman, which Western governments have parlayed into a perpetual “clear and present danger” justifying perpetual comprehensive surveilling of all citizens and as many non-citizens as it can.  Governments are now self-righteous in the matter.  Secondly, there are technological developments which allow surveillance on all electronic communications to be conducted remotely and at relatively low expense.  Because governments can provides justification that they ought.

In a democracy, ultimately all comes back to the people–what they will permit and allow.  And here we reach the crux of the matter.  Successive Western governments have overpromised their competence and powers to their respective populations.  A messianic “nothing bad will happen to you on our watch” promise has resulted in the rapid development of the all-seeing, all-watching panoptican state.  It is a promise supine citizens have been all too ready to believe.  The State, after all, is the West’s functioning deity, its most universal idolatry. 

Imagine an aspiring government which had promised, “There will be no murders whilst we are in office”.  It would have been laughed out of the polling booth.  Its pledge would have been regarded as ridiculous.  Yet, for some reason, similar common-sense has not prevailed in the “no terrorist attacks on our watch” pledge.  The attempt to make good on that false-pledge has come at a great price–that of ordinary citizens being tacitly subjugated under the panoptican, ever-watching lidless eye of Sauron.  It’s a diabolical bargain.

Letter From the UK (About US Spying and the Vatican)

US ‘spied on future Pope Francis during Vatican conclave’

NSA spied on the future Pope Francis before and during the Vatican conclave at which he was chosen to succeed Benedict XVI 

The Telegraph 

By Nick Squires, Rome

6:35PM GMT 30 Oct 2013

[The unwarranted indiscriminate snooping and spying on phone and electronic conversations by the United States on anyone it chooses appears to be expanding by the month.  Now we learn that the US spied on the Vatican during the time of selecting a new pope. Ed]

The National Security Agency spied on the future Pope Francis before and during the Vatican conclave at which he was chosen to succeed Benedict XVI, it was claimed on Wednesday. The American spy agency monitored telephone calls made to and from the residence in Rome where the then Archbishop Jorge Mario Bergoglio stayed during the conclave, the secret election at which cardinals chose him as pontiff on March 13.

The claims were made by Panorama, an Italian weekly news magazine, which said that the NSA monitored the telephone calls of many bishops and cardinals at the Vatican in the lead-up to the conclave, which was held amid tight security in the Sistine Chapel.
The information gleaned was then reportedly divided into four categories — “leadership intentions”, “threats to financial system”, “foreign policy objectives” and “human rights”. 

At that time, Benedict XVI was Pope, suggesting that the Vatican may also have been monitored during the last few weeks of his papacy.

The allegations follow a report on Cryptome, a website that gathers intelligence on surveillance and national security, which claimed the US intercepted 46 million telephone calls in Italy between Dec 10 2012 and Jan 8 January 2013.  The monitoring of communications, including emails, continued after Benedict’s resignation in February and encompassed the election of Pope Francis.  “It is feared that the great American ear continued to tap prelates’ conversations up to the eve of the conclave,” the weekly magazine said.  It added that there were “suspicions that the conversations of the future Pope may have been monitored”, but provided no hard evidence or quoted sources for the claim. . . .

The revelations have seriously strained relations between the US and its European allies and trade partners.
Separately, reports claimed on Wednesday that the NSA secretly tapped into the main communications links that connect Yahoo and Google data centres around the world, enabling it to collect information from hundreds of millions of user accounts.  The NSA’s “acquisitions directorate” sends millions of records every day from Yahoo and Google networks to data warehouses at the agency’s headquarters at Fort Meade in Maryland, according to The Washington Post. It then analyses the information it gathers with a project called MUSCULAR, which is operated jointly with GCHQ, its British counterpart.

In a statement, Google said it was “troubled by allegations of the government intercepting traffic between our data centres, and we are not aware of this activity.”   A Yahoo spokesman said: “We have strict controls in place to protect the security of our data centres, and we have not given access to our data centres to the NSA or to any other government agency.”   Gen Keith Alexander, the NSA director, dismissed the report, saying the NSA is “not authorised” to do this and instead must go through a court process”.

Revolutionaries, Radical Ideologues and Mindless Sheep

Old and New Spies

The revised spying bill became law in New Zealand on the 21st of August.  Labour and the Greens have promised to repeal the legislation if they capture the Treasury benches in 2014.  A local blogger has helpfully completed a comparison/contrast chart between the legislation it replaced and new amendments.

The old legislation was drafted in haste by the Labour government (with concurrence from other parties) whilst the threat of planes flying into buildings was a decided risk.  It was during that mad time when not enough was known about Islamic terrorist groups and their methodologies, tools, and techniques.  Therefore, the risks were larger in the popular imagination than in reality.  Legislation drafted in fear and passed in haste is usually rued by those suffering the indignity of having to submit to it.  So it was in this case.  It turned out lawyers could not understand parts of it; the text of the law was equivocal in others, contradictory in yet other places.  As a consequence, the Government Communications and Security Bureau (our version of the National Security Agency [“NSA”] in the United States) subsequently broke the law, apparently because it mis-interpreted it.

The new legislation tidies a lot of that up, removing confusion.  In addition, and most importantly, the replacement legislation contains far more checks and balances than Labour’s panicked legislation back in 2003.  It is thus a far better piece of law.  Citizens in the US must be green with envy when they compare and contrast our legal protections with those which don’t exist in the United States.
 

Below is the comparison/contrast chart:

Helen Clark GCSB law 2003	John Key GCSB law 2013
Inspector-General sole independent oversight	Two person advisory panel to assist the Inspector-General of Intelligence and Security
Inspector-General has no staff resources	Inspector-General has a Deputy
Inspector-General role is essentially reactive	Inspector-General to proactively annually review GCSB procedures, policies and compliance and do unscheduled audits
Inspector General not informed when a warrant is put on the register relating to a New Zealander	Inspector General is informed when a warrant is put on the register relating to a New Zealander
GCSB can’t intercept the communications of a NZ citizen or permanent resident but can assist “any public authority” on any matter relevant to their functions, and unclear if the former prevents the latter	GCSB can’t intercept the communications of a NZ citizen or permanent resident but can assist (only the) Police, Defence Force or SIS even if it involves a NZer.
No reporting of assistance given to other agencies	GCSB will be required to report annually on the number of instances when it has provided assistance to the Police, SIS or NZ Defence Force
No reporting on number of warrants and authorisations	GCSB will also be required to report annually on the number of warrants and authorisations issued
Intelligence and Security Committee has secret hearings to discuss the financial reviews of the performance of the GCSB and the SIS	Intelligence and Security Committee will hold public hearings annually to discuss the financial reviews of the performance of the GCSB and the SIS
ISC does not have to publicly report to Parliament	ISC to report annually to Parliament on its activities
No regular reviews of GCSB	An independent review of the operations and performance the GCSB and the NZSIS and their governing legislation in 2015, and thereafter every 5-7 years
GCSB has a function to protect any information that any public authority or other entity produces, sends, receives, or holds in any medium	GCSB function to protect any communications that any public entity processed, stored, or communicated in or through information infrastructures
No specification of limits of GCSB assistance	Specifies that GCSB can assist Police, Defence Force and SIS, but only for lawful activities such as where warrants have been granted
IPCA has no jurisdiction	Gives the IPCA and the IGIS jurisdiction to review any assistance given to Police and SIS respectively
No references to according to human rights standards	Specifies all functions of GCSB must accord with NZ law, and all human rights standards recognised by NZ law.
No references to not undertaking partisan activity	Specifies GCSB can’t be involved in any action that helps or harms a political party
No requirement to brief the Leader of the Opposition	GCSB Director required to brief Leader of Opposition regularly on major activities of GCSB
Requires GCSB to destroy any records not relating to GCSB objectives or functions	Required GCSB to not retain any information on NZers collected incidentally as part of foreign intelligence operations unless relates to serious crime, loss of life or national security threats
No special protection for legally privileged communications	Legally privileged communications explicitly exempted from scope of an interception warrant
No requirement to have a policy on personal information retention and use	GCSB required to work with Privacy Commission to have a policy on personal information retention and use
No restrictions in GCSB Act on retaining personal information	GCSB can only retain personal information for a lawful purpose, and can’t keep longer than required for any lawful purpose

It is clear that the intelligence gathering agencies of state are today far more controlled, checked, and balanced than was the case previously. Under the previous law, the GCSB had no restraint on which agencies of government it could assist. Conceivably, it could have assisted Inland Revenue to surveil any and all citizens. No warrants were required. Moreover, and of great importance, the GCSB cannot hoover up mass electronic data upon citizens and store it in data-warehouses, just-in-case it should be needed some time in the future.

No spying legislation is perfect. The current (new) law is certainly not. But it is far, far better than the mess of pottage it replaces.

Only revolutionaries, radical ideologues, and mindless sheep would object.

Unrighteous Espionage

Doubts and Suspicions

We posted recently on the unavoidable necessity of espionage.  We also argued that those who spy and those who receive information from the espionage apparatus should not be trusted.  They need at all times to be checked and balanced by other powers.  “Trust but examine and verify” is the apt slogan.

The present spying legislation has been amended since first introduced to the House.  It is a better piece of legislation than it once was.  There are more checks and balances.  The issue of spying on behalf of other governments with whom we have espionage agreements is another matter.  As far as we can tell the Bill is silent or unclear when it comes to NZ espionage agencies spying on NZ citizens at the behest of the United States, Canada, Australia, and the United Kingdom (our “Five Eyes” partners).

To cut to the chase: if the US wanted to spy on a New Zealand citizen (say, just for argument’s sake, Kim Dotcom) would the NZ espionage agencies need a warrant under New Zealand law, and would those activities on behalf of a foreign power, be subject to the same checks and balances and disclosures that a New Zealand agency would require (for example, the NZ Police wanting to surveil a New Zealand citizen)?  We hope so.  We would argue strenuously that this ought to be the case.  We fear the worst, however.
 

The New Zealand government has conceded that metadata (names, addresses, dates, times of communication, etc) constitutes information (a good step).  The New Zealand espionage agencies will not be gathering and storing metadata on New Zealand citizens.  But will it be gathering and passing on metadata to be stored by the United States spying agencies?  Again, the matter is not clear.  We suspect the worst.  If we are to trust them in this matter, there needs be scrutiny and far more verification.

Chris Barton, writing in the NZ Herald, raises the relevant issues:

Can New Zealand say no to the United States of America? This is the difficult question at the heart of two pivotal and far reaching decisions about to be made.  Our parliament is deliberating whether it’s OK for the NSA to spy on all New Zealanders all of the time. And our Supreme Court is deliberating whether a United States request for extradition trumps the fair process of New Zealand law.

There is an argument which runs, Who cares?  Who cares if the United States or the UK knows things about us that our own government does not?  After all, we are not answerable to foreign governments.  Yes and no.   We don’t need care until we do–and by then, it’s too late.  Let’s conceive of actions, communications, or speech which violates US domestic law.  Let’s say, for example, one of us sent an e-mail to someone in the US or the UK or the Cayman Islands that averred that President Obama was a waste of space and the planet needed to be rid of bearing his useless weight.  In the United States we may be liable to investigation and indictment.  But what if the US sought to extradite us out of New Zealand because we had broken US law, as evidenced by our e-mail, which had been intercepted by NZ espionage agencies, and the contents delivered over to the United States as a matter of course.

Peter Dunne, MP has secured some helpful checks and balances to the current draft of the bill which will control the activities of the Government Communications Security Bureau (“GCSB”).  But upon this matter he has been hopelessly at sea.  He appears to have opted for the “too hard” basket.

On the one hand Dunne says there is truth to the claim that “there is still no mechanism in the new laws to ensure our private communications are not fed into any kind of global surveillance programme, like the NSA’s Prism“. On the other he says that’s beyond the scope of what GCSB does within New Zealand and is a debate that should be dealt with separately.

This is the irreconcilable aspect of the GCSB Bill that is so chilling – that it makes legal the indiscriminate spying on of New Zealanders, but remains silent on the mechanism under a Kafkaesque don’t-tell regime to protect national security. The illegal surveillance of New Zealand resident Kim Dotcom and others tells us, however, that the agency doing the spying is the GCSB and that metadata has indeed been harvested.

The threat of “global terror” has pushed governments on to a perpetual war footing–of emergency powers becoming the norm.  This is the clear and present danger, not global terrorism.   This is the crucial broader issue that must be addressed.  It is the debate we need to have in New Zealand

The question New Zealand citizens are being denied the chance to debate is whether we want to be a part of this routine mass surveillance dictated by Washington; whether such a wholesale surrender of privacy is necessary, or even desirable, to combat terrorism; and whether we can opt out of Five Eyes and still remain a friend of the United States. . . . Do we agree to allow the rights of people in New Zealand – such as the right to privacy or justice – to be diluted or ignored in favour of international obligations? It’s a question those MPs about to pass the GCSB bill should ask, keeping in mind, on a matter as important as this, they are elected to represent the people not their party.

Because the government is not prepared to be candid about the “meta-data” of our international spying obligations, but shrouds it under a cloak of secrecy, unwilling to divulge what is done and what obligations the government considers us to be under, suspicion grows.  They are hiding something.  They don’t want us to know.   They are not to be trusted.  They are never to be trusted.  Power corrupts.  We need more checks, more balances, more disclosure–much more.