Sunday, 25 November 2012
landmark ruling in January, the US Supreme Court held that law enforcement use of GPS trackers to monitor movements constitutes a “search.” That means the technology falls under the Fourth Amendment’s protections against unreasonable searches and seizures, making it difficult for police to put a tracker on a car without first obtaining a warrant. But for private individuals, laws around the use of GPS trackers remain patchy, differing state to state. Take California, Texas, Virginia, and Minnesota. These states allow private individuals to use tracking devices where the owner of a vehicle consents to it being monitored. Where there is no consent, it is considered a misdemeanor that can result in a fine and a jail sentence of six to 12 months. If a vehicle is jointly owned — say, by a husband and wife — and one owner wants to secretly track the other, it’s a murky area that’s as ethically dubious as it is legally contentious. However, that isn’t stopping private investigators — some of whom appear willing to track any vehicle regardless of its ownership. In a bid to find out whether private eyes are adhering to the law, earlier this month I decided to dabble in a bit of undercover investigating of my own. Posing as a suspicious wife and using a fake email address, I wrote to a number of PIs in the states with the strictest laws on the use of GPS surveillance trackers. Those I randomly selected were all advertising a GPS service openly on their websites, and I emailed to request a quote for how much it would cost to “GPS monitor movements of my husband's car” over a two-week period. Of the 20 investigators I contacted, 16 replied, and only one declined to offer me some sort of GPS tracking citing legal concerns. The majority of the PIs said they would do it on the condition that my name was on the title of the car, with some offering to provide a DVD of its movements and others offering “real-time” surveillance of the vehicle for me to watch live via cellphone or computer. Two separate investigators in California I approached expressed no immediate concern for the state’s GPS tracking law, which unequivocally outlaws tracking a car without the consent of its owner. Still using the fake name and email address, I asked whether the investigators would be willing and able to monitor more than one vehicle at a time. “There is another person who I believe is involved with my husband and it would be useful for me to check her car's movements at the same time as my husband's,” I wrote. The response from Irvine, Calif.-based Hudson Investigations was a straight yes. “I could do it for $1200 including install and removal,” company boss Rick Hudson, a former Orange County police officer, told me. I received a similarly affirmative answer from Western Investigations, a firm headquartered near San Diego that claims on its website to be one of the most experienced PI agencies in California. “You are looking at a total of $1,800 for 2 vehicles for 2 weeks of the tracking,” Western Investigations’ general manager wrote. “We will give you access to monitor it yourself during the entire course of the investigation. And if you would like a location history report at the conclusion of the investigation, we can do so as well.” When I subsequently contacted Western Investigations under my real name about this story, I asked whether it was aware the service I requested is classified as a misdemeanor under California’s penal code. “If I gave you the wrong impression then I was mistaken,” the GM wrote back in an email, insisting that the company would not install a tracking device without the consent of the registered owner. Western Investigations’ owner Patrick Schneemann then told me in a separate message, “I can assure you that our company policy is that we do not use GPS in our investigations unless we have consent from the owner of the vehicle.” Rick Hudson at Hudson Investigations said he was sure he had mentioned the legal constraints in his emails (he didn’t) and said that he wouldn’t put a tracker on any vehicle without signing a GPS agreement with the customer that says that they have the authorisation. Hudson added that he gets “so many calls regarding these tracking units that it's crazy.” Other PI companies were reluctant to directly help me track the vehicles but instead offered to sell or rent me GPS tracking equipment. This would mean any unlawful use of the tracker would be on my shoulders and not those of a PI. In one instance, even after I informed Texas-based LP Dynamics that I was looking to track two vehicles, one of which had no ownership connection to me, I was offered "2 passive GPS units" for $125 each. A company representative emailed: "Just place on a vehicle, remove when you want and download to your computer to see where they have been." When I later contacted the company for this story, CEO Michael Morrison emailed that "we are a licensed private investigation corporation and not an attorney." Morrison rightly stated that LP Dynamics follows Texas law "to the letter" because the penal code covers only the installation of tracking systems but not the sale of the devices. This could be considered something of a legal loophole. The solitary exception was California-based Orange Investigations, run by former military policeman Ryan Garrahy. Of the 16 that responded to me, Garrahy was the only PI to completely stonewall my request. Orange Investigations has previously provided GPS tracking for its clients, but Garrahy said he has stopped doing so “at this particular time” because of concerns about a possible rise in civil suits linked to the Supreme Court decision in January. ***** Overall, the impression I got was that it was not difficult to find companies willing to help me track any vehicle, which could potentially result in a misdemeanor being committed. Even the investigators who were more cautious, telling me that they would only track a vehicle I had an “ownership interest” in, were on shaky ground. Though a case in Minnesota last year ruled that it was acceptable to use a GPS tracker on your spouse if you co-own the car, there is far from a legal consensus on the matter in other states. Austin, Texas-based criminal lawyer Ian Inglis told me he thought that the Texas statute on tracking wasn’t constructed with joint ownership in mind. “Even if there’s no criminal liability, there could be some civil liability, and it might look bad in a divorce, too,” Inglis said. “Whether it’s your husband or wife, it’s a bad idea to track anybody’s car without their permission.” In California, similarly, it’s a gray area. Hanni Fakhoury, staff attorney at the Electronic Frontier Foundation, said he wasn’t aware of any statutory California law that addressed the joint ownership question. Fakhoury referred to Georgia v. Randolph, a Supreme Court case where it was ruled that there needed to be joint agreement for the lawful search of a jointly owned property. According to Fakhoury, the joint consent deemed necessary in Randolph is consistent with other California law and so could feasibly apply to the use of trackers on a jointly owned vehicle. (Californian wiretap law, for instance, requires both parties to a conversation to consent to having the conversation recorded — unlike federal wiretap law, which only requires one party to consent.) Contentious legal issues aside, what’s clear is that the use of GPS tracking devices is very far from being under control. While law enforcement agencies are now bound to consider the trackers as covered by the Fourth Amendment, in the private domain there’s a lack of clarity when it comes to the regulation. Where there are laws, in some cases they are being ignored, and where there is any ambiguity, it is being exploited — often by individuals who stand to make a profit. As is frequently the case in the realm of surveillance, the technology is out of step with the law. High-tech tracking tools that would a decade ago have rarely been used outside police and military circles are available today to anyone with a credit card and access to the Internet. The technology is continuing to advance and is simultaneously becoming cheaper. And that’s not going to change any time soon. SpyBase, a surveillance gadgets retailer based out of Torrance, Calif., has seen in recent years a rapid increase in sales of GPS trackers, a trend that’s continuing. The store’s owner, who didn’t want to be named, told me GPS trackers were his “best-sellers,” and that a sophisticated $299 real-time tracker called the PTX 5 was his customers’ favorite. “PIs, police, private citizens,” he said. “It’s a very big market.” This article first appeared at Slate.
Friday, 2 November 2012
goes down in Mission: Impossible, but without the smoke or fire. Silent Circle began as an idea Janke had after spending 12 years working for the US military and later as a security contractor. When traveling overseas, he realised that there was no easy-to-use, trustworthy encrypted communications provider available to keep in touch with family back home. Cellphone calls, text messages, and emails sent over the likes of Hotmail and Gmail can just be “pulled right out of the air,” according to Janke, and he didn’t think the few commercial services offering encryption — like Skype and Hushmail — were secure enough. He was also made uneasy by reports about increased government snooping on communications. “It offended what I thought were my God-given rights — to be able to have a free conversation,” Janke says. “And so I began on this quest to find something to solve it.” Janke assembled what he calls an “all-star team”: Phil Zimmermann, a recent inductee to the Internet’s Hall of Fame, who in 1991 invented PGP encryption, still considered the standard for email security. Jon Callas, the man behind Apple’s whole-disk encryption (which is used to secure hard drives in Macs across the world), became Silent Circle’s chief technology officer. Other employees were top engineers and ex-special-forces communications experts based in England, Latvia, and Germany. Together, they designed their own software, created a new encryption protocol called SCimp, registered their company offshore and outside US jurisdiction, then built up their own network in Canada. (They eventually plan to expand to Switzerland and Hong Kong.) Though many encryption options already exist, they are often difficult to use, which is a barrier for those without the skills, patience, or time to learn. Silent Circle helps remove these hurdles. As a result, organisations that have a real need for secure communications but have maybe not understood how to implement them are coming forward and expressing interest in Silent Circle. Janke says he’s already sold the technology worldwide to nine news outlets, presumably keen to help protect their journalists’ and sources’ safety through encryption. (ProPublica, for one, confirmed it’s had “preliminary discussions” with Silent Circle.) A major multinational company has already ordered 18,000 subscriptions for its staff, and a couple of A-list actors, including one Oscar winner, have been testing the beta version. The basic secure phone service plan will cost $20 a month per person, though Janke says a number of human rights groups and NGOs will be provided with the service for free. The company has also attracted attention from 23 special operations units, intelligence agencies, and law enforcement departments in nine countries that are interested in using Silent Circle to protect the communications of their own employees — particularly on the personal devices that they use at home or bring to work. Some of these same agencies, perhaps unsurprisingly, have contacted Janke and his team with concerns about how the technology might be used by bad guys. Because Silent Circle is available to just about anyone, Janke accepts there is a real risk that a minority of users could abuse it for criminal purposes. But he argues you could say the same thing about baseball bats and says if the company is ever made aware someone is using the application for “bad illegal things” — he cites an example of a terrorist plotting a bomb attack — it reserves the right to shut off that person’s service and will do so “in seven seconds.” The very features that make Silent Circle so valuable from a civil liberties and privacy standpoint make law enforcement nervous. Telecom firms in the United States, for instance, have been handing over huge troves of data to authorities under a blanket of secrecy and with very little oversight. Silent Circle is attempting to counter this culture by limiting the data it retains in the first place. It will store only the email address, 10-digit Silent Circle phone number, username, and password of each customer. It won’t retain metadata (such as times and dates calls are made using Silent Circle). Its IP server logs showing who is visiting the Silent Circle website are currently held for seven days, which Janke says the company plans to reduce to just 24 hours once the system is running smoothly. Almost every base seems to have been covered. Biannually, the company will publish requests it gets from law enforcement in transparency reports, detailing the country of origin and the number of people the request encompassed. And any payment a person makes to Silent Circle will be processed through third-party provider Stripe, so even if authorities could get access to payment records, Janke says, “that in no way gives them access to the data, voice, and video the customer is sending-receiving ... nor does it tie the two together.” If authorities wanted to intercept the communications of a person using Silent Circle, it is likely they’d have to resort to deploying Trojan-style tools — infecting targeted devices with spyware to covertly record communications before they become encrypted. Among security geeks and privacy advocates, however, there’s still far from consensus how secure Silent Circle actually is. Nadim Kobeissi, a Montreal-based security researcher and developer, took to his blog last month to pre-emptively accuse the company of “damaging the state of the cryptography community.” Kobeissi’s criticism was rooted in an assumption that Silent Circle would not be open source, a cornerstone of encrypted communication tools because it allows people to independently audit coding and make their own assessments of its safety (and to check for secret government backdoors). Christopher Soghoian, principal technologist at the ACLU's Speech Privacy and Technology Project, said he was excited to see a company like Silent Circle visibly competing on privacy and security but that he was waiting for it to go open source and be audited by independent security experts before he would feel comfortable using it for sensitive communications. When I asked Janke about this, he said he recognised the importance of the open-source principle. He says the company, contrary to Kobeissi’s assertion, will be using a noncommercial open-source license, which will allow developers to “do their own builds” of Silent Circle. “We will put it all out there for scrutiny, inspection, and audit by anyone and everyone,” he added. Another factor is that a number of countries are pushing for new surveillance laws that will force many communications providers to build in backdoors for wiretapping. The Silent Circle team has been following these developments closely, and it seems to have played into the decision to register offshore and locate its multimillion-dollar network outside US jurisdiction. Janke says he has consulted with Canada’s privacy commissioners and understands that the new effort to upgrade surveillance capabilities in Canada will not affect the company because its technology is encrypted peer-to-peer (making it technically incapable of facilitating a wiretap request even if it receives one). But what if, one day down the line, things change and Canada or another country where Silent Circle has servers tries to force them to build in a secret backdoor for spying? Janke has already thought about that — and his answer sums up the maverick ethos of his company. “We won’t be held hostage,” he says, without a quiver of hesitation. “All of us would rather shut Silent Circle down than ever allow a backdoor or be bullied into an ‘or else’ position.” In an age of ever-increasing surveillance, it’s a gutsy stance to take. Perhaps Big Brother has finally met its match. This article first appeared at Slate.
Tuesday, 16 October 2012
British National Party (BNP) had enjoyed a small growth in popularity in the years prior to 2010. But the birth of the anti-Islamism organisation the English Defence League (EDL) in 2009 gradually drew many away from the BNP and towards grassroots street protest. Today, both the BNP and the EDL are in decline – though not because those on the extreme right have changed their views. The BNP now accepts black and Asian members, and the EDL has formed a “Jewish division.” For many on the hard right, who are devoutly racist and anti-Semitic, that is intolerable. As a result, small factions are choosing to take matters into their own hands. “They are turning not to a popular Islamophobia so much as to real neo-Nazi extreme right wing,” says Dr Paul Jackson, director of the University of Northampton’s radicalism and new media unit. “Because the main EDL social movement itself has really lost its momentum, it has increasingly created the opportunity for these new groups to develop in localised pockets.” Calling themselves names like the Infidels and the Combined Ex Forces, the splinter groups frequently exhibit hatred of anyone non-white – particularly Asians. Based across England, with hubs in Liverpool and Greater Manchester, some members have strong ties to the neo-Nazi National Front, which became notorious in the 1970s for demanding that all “coloured immigrants” be shipped out of Britain. In previous decades other extreme far-right collectives, like the so-called Aryan Strike Force or Combat 18, have perpetrated and plotted acts of violence. However, the Internet has helped the latest incarnations of these far-right groups spread their ideas and build networks in new ways, according to Dr Jackson. “Disaffected people are vulnerable to it,” he says. “It’s so easily available online and can have quite a strong impact.” One of the most active groups in England is the North West faction of the Infidels. The shadowy group says it is made up of “right-wing patriots, loyalists, and nationalists” who will “stand with anyone willing to fight the enemies of Britain and for the right of its indigenous people.” The Infidels say they are against “the Islamic takeover of parts of the UK,” multiculturalism, immigration and “the militant left.” A Facebook page created by members of the Liverpool and Wirral branch of the Infidels displays a clear commitment to violence. The page, “liked” by more than 500 people, contains warnings about impending “civil unrest” alongside images of petrol bombs and men wielding rifles. Last month the group posted an image of the Houses of Parliament exploding in flames below the message “one day you lot will pay!” The group has also posted the home addresses of people apparently deemed legitimate targets for future vigilante attacks, such as, in one case, two Asian Rochdale councillors. Last year, the government helped launch a campaign called Measuring Anti-Muslim Attacks (MAMA), designed to encourage the reporting of hate crimes. Fiyaz Mughal, the campaign’s director, says he has recently witnessed an “unbelievable” increase in anti-Muslim sentiment. “It’s shocking because we’ve started to see over the last six months in particular is people being more violent in their threats online,” Mughal says. “It’s moving towards a much more violent and extreme outcome.” MAMA is receiving anything between ten and 25 reports of anti-Muslim extremism every day, with specific “cluster points” in Glasgow, West Yorkshire, West Midlands, Luton, Greater Manchester, and Derbyshire. The organisation says it has managed to get seven people convicted for spreading hatred online, with other cases involving EDL sympathisers in Luton ongoing. But according to Mughal, the police are still sometimes behind the curve when it comes to the far-right threat – with their resources focused more heavily on looking for potential terrorists among radical Islamist groups. Despite that criticism, the government insists it is focused on tackling right-wing extremism. “The government condemns extremism in all its forms,” a Home Office spokesperson says. “There is no place for violence, criminality and disorder in our society and police have a range of powers to tackle it.” The threat of serious far-right violence is certainly genuine. This was affirmed tragically in Norway on 22 July last year, when Anders Breivik launched a rampage that resulted in the deaths of 77 people. Breivik justified his massacre by blaming multiculturalism and politicians who had allowed high-levels of immigration. Among some members of the extreme-right in England, Breivik is seen as a hero – a soldier who performed an act of war they would like to see repeated elsewhere. Last month, Walsall-based kickboxer Darren Clifft started a petition to free Breivik from prison, describing the convicted killer’s massacre as “self defence” and “inspirational.” 23-year-old Clifft, who is affiliated with the Infidels, posted pictures of himself doing a Nazi salute while wearing a Ku Klux Klan outfit (see image above). In May he wrote that he had been dreaming about becoming a suicide bomber, in one post on Facebook writing: “I've had these dreams about blowing people up for weeks.” In other cases, EDL members have posed in photographs wielding guns and threatening bomb attacks. In April, Kenny Holden, a 30-year-old man from South Shields, warned that he was going to set off a “pipe bomb” in an Asian area of the city. He said that if he could obtain a gun, he was ready to go on a shooting spree “Olso style” – an apparent reference to Breivik. Holden was later arrested and charged with two counts of sending offensive or menacing messages. The controversy, however, is not only consigned to a fringe element of the far right. Prominent EDL supporter Michael Wood, who last year co-founded the British Freedom Party in a bid to challenge the BNP, caused upset following comments made about Breivik. In the aftermath of the massacre, he wrote on Twitter: “Couldn't care less that #Breivik went radio rental on leftist youths. He knew they would grow up to betray Norway #EDL." What did Wood mean exactly? “Breivik was a Frankenstein borne out of Scandinavian liberal attitudes towards mass immigration and the integration of Muslim migrants,” he says in an interview conducted by email. “What his attack has done, is forced Norwegians to rethink the course they're taking and to question whether Breivik has a point about immigration and the future that awaits Norway – in my view he is right on several points. So when I say that I don't care, I mean that it is not my responsibility to apologise for Anders Breivik, it is the EU and the Norwegian leftists who should apologise.” The viewpoint held by Wood is one shared by many of those on the far right. The position is that Breivik was somehow forced into his act of mass violence by the multiculturalism espoused by liberal politicians. On the far-right Internet forum StormFront, UK-based users commented after Breivik’s attacks that his victims, some of whom were as young as 14, were “not innocent” because they were political activists who would eventually go on to “encourage more and more Islamists into their country.” One user, named NickGrifford, wrote: “Many will suffer before the end, but the many have brought it upon themselves.” Given this level of sympathy for Breivik’s actions, the obvious question is whether a single “lone wolf” attack from a far-right fanaticist is possible on British shores. The heightening anti-Muslim sentiment, paired with the growth of a number of factions seemingly willing to perpetrate acts of violence, mean it is alarmingly difficult to rule out. “Although we haven’t seen any major terrorist attacks from the far-right yet, part of the thing about social media is that it enables them to encourage and communicate with each other – to engineer things to happen,” says Matthew Collins, a researcher for Hope Not Hate, a campaign group that monitors far-right extremism. “Some of these groups – they’re little more than racist drug gangs. And that’s exactly what makes them so dangerous.”
Friday, 28 September 2012
controversial clandestine drone strikes. And the government is keeping mum. Earlier this month, Ken Macdonald, former chief prosecutor for England and Wales, spoke out on the subject in an interview with the London Times. He told the newspaper he believed there was compelling evidence that Britain was providing the United States with information subsequently used to help with drone attacks in countries like Pakistan. Because the United Nations says that the CIA’s covert drone campaign possibly violates international law, the allegation was politically explosive. The implication is that the British government could itself be complicit in unlawful drone bombings, which in Pakistan alone since 2004 have killed up to an estimated 3,337 people, among them hundreds of civilians. Prior to Macdonald thrusting the issue into the spotlight, it had been simmering for some time. In May, a Pakistani student whose father was killed in a suspected U.S. drone attack launched legal action against the British government in a bid to expose whether it hands over intelligence for drone attacks on terrorist suspects. And a study published in March claimed the Menwith Hill base was being expanded to “support 'real-time' U.S. military actions, including drone attacks and those carried out by special operations forces.” What goes on inside the Menwith station is impossible to know for sure. However, according to a 2001 European Parliament report, it is part of a surveillance network called ECHELON, situated to intercept communications routed over the Indian and Atlantic oceans. Former NSA employee Margaret Newsham, who worked at Menwith Hill 20 years ago, told CBS it monitored Russian and Chinese communications (but on one occasion spied on U.S. Sen. Strom Thurmond). And the Federation of American Scientists has claimed it is capable of intercepting an astonishing two million communications an hour. If these reported capabilities are correct, it seems highly plausible that the base’s satellites are today intercepting at least some communications from the Middle East — which could help how the CIA picks its targets for drone strikes in countries such as Pakistan, Yemen and Somalia. It’s also plausible that any intercepts gathered at Menwith play a crucial — not just contributory — role. In April, the Washington Post revealed that the White House had approved drone strikes in Yemen based solely on intelligence signatures. These are defined, according to the Post, as patterns of behavior indicative of a plot against U.S. interests “detected through signals intercepts, human sources and aerial surveillance.” This brand of intelligence-led warfare has already led Germany to limit information it shares with the United States. The British government, however, does not take the same position — and is contributing to the secrecy that surrounds drone operations. Fabian Hamilton, a member of the British Parliament, asked the government earlier this month whether Menwith Hill plays a role in the planning and deployment of drones in Afghanistan, Pakistan, Yemen, and Somalia. The response? He was not permitted to know. “For operational and security reasons we do not comment on the specific activities carried out at RAF Menwith Hill,” said Andrew Robathan, minister of state for the armed forces. The secrecy is a problem, for basic democratic reasons if nothing else. It’s obvious that the British government wants to protect Menwith Hill’s activities on national security grounds, which might be justifiable to some extent. But if a foreign military is using a base in the English countryside to help conduct covert wars in far-flung lands, that’s a different matter altogether — and surely the British public has a right to know about it. This article first appeared at Slate.com
Monday, 17 September 2012
garnered media attention last year for expressing his indignation at the greed of the banking sector in a creative manner – by painting pictures of banks on fire. Schaefer is hugely frustrated at how little has been done in America to hold the financial sector to account for bringing the country’s economy to its knees, and he recently started a new trend that is beginning to catch on in various cities. He calls it “chalking” – a form of civil disobedience that involves drawing information about bank wrongdoing in chalk on pavements outside bank buildings. “It needs to be a constant reminder,” Schaefer says. “It’s a different protest than a march. This is a way to just casually do it consistently. I wish every bank would wake up to this on this sidewalk every morning.” So far Schaefer has been arrested once for vandalism, but the charges were eventually dropped. He says the tactic was in part borne out of a deep dissatisfaction that nothing was being done to address the issues raised by the Occupy movement. “Nothing has changed, it’s ridiculous,” he says. “Occupy is an uphill battle. The problem is that Occupy was only a fraction of the population. There are so many more people out there that need to get upset before a change is going to happen.” In England, activists speak of the same frustration. Occupy spread to London in October last year, with a large encampment established outside St Paul’s Cathedral near the city’s stock exchange. Small campsites eventually formed in a number of cities across Britain – from Glasgow and Edinburgh in Scotland to Liverpool, Manchester, Birmingham, and Sheffield in England. But most of the camps were either evicted or slowly disbanded as the cold bite of winter set in – and some protesters feel that they failed to agree on a coherent message across the different sites. “Even from London to the regions there was a huge difference in scope and aims,” says Daniel, 34, an activist from Liverpool who spent time at Occupy protests in England and America. “I felt aspects I was experiencing at occupations abroad, particularly in the US, did not translate locally. What we saw regionally was more a kind of nebulous protest, and the camps ended up quite detached from the global movement.” Daniel says that he found Occupy in London to be “quite brilliant” and well organised. An empty office block that was squatted by the activists in London’s financial district and turned into a giant makeshift community centre called the Bank of Ideas also impressed him. However, in Liverpool he says groups including the Socialist Workers’ Party “appeared intent on co-opting, while not overtly supporting the movement, which was predictable and divisive.” And at some Occupy camps he visited, the initial energy which had catalysed the movement became diluted. Other protesters had similarly negative experiences of camps outside London. In Birmingham, activist Tom Holness said the camp had included people who believed in “Jewish banking conspiracies” and a member of the far-right English Defence League, which dissuaded new people from joining. “The Facebook pages were a mess of arguments and conspiracy theories and that put a lot of people off,” he says. Yet despite its flaws, Occupy as a movement is likely to persist in some form at least for the foreseeable future. The issues driving it, such as rising unemployment and a growing disparity between rich and poor, have not been addressed. And many activists, though they are tired and frustrated, are still intent on pushing for change. In Spain, the movement that preceded Occupy may offer a glimpse of what is to come. Thousands took to the streets across the country last summer to protest against austerity measures, corporate power and political corruption, camping out in public squares and holding lengthy debates in a bid to find solutions to economic problems. Calling themselves the Indignados (the indignant) they continue to organise demonstrations and political actions, weary but energised by groups in other parts of the world. “It’s been absolutely inspiring to see how some other movements have been out in the States and in London and everywhere,” says Beatriz Pérez, a 31-year-old activist who has been involved with the Indignados movement since it began in May last year. “We share the sense of frustration and rage with a lot of other people.” As a result of the Indignados movement, locally organised public assemblies are now held regularly in cities including Madrid and Barcelona for anyone to come and address grievances. Though unemployment is soaring in Spain and the protesting has not managed to achieve substantive political changes, it has brought people together in a way that has in itself had a positive and lasting impact. “Life in Spain, in Madrid, has changed a little bit for everyone that has been in the movement,” says Pérez. “I feel like in my city there is a lot more love out there – it’s a romantic thing to say but that’s how I feel. It’s less individualistic here than it was. And I think that has got to be a very good thing for our lives.”
Friday, 31 August 2012
committing war crimes in the process. Members of the unmanned aircraft industry in Britain, however, are keen to present the aircraft in a new light – distancing them from warfare in a bid to win over the public. “The military determine how they use them in conflict zones and it does get bad press,” says John Moreland, general secretary of the Unmanned Aerial Systems Association, a trade group based in Middlesex. “But that doesn’t necessarily mean that we condone the actions that governments use them for. “As much as we deal with the military aspect of the vehicles that we get involved in, those are operated by the military under military rules and they’re nothing to do with civilians like ourselves that produce the equipment.” Currently, small “mini-drones” – similar in size to radio-controlled model aircraft – can legally be flown under existing UK regulations. Most of these are under 20kg, carry small cameras, and can only be flown up to 400 ft in areas that are not densely populated. In contrast, military-style drones are much larger, can soar at heights of more than 20,000 feet, and can only be flown in segregated military airspace for safety reasons. But technology being developed by BAE Systems in Warton is working on changing this, by integrating advanced “sense and avoid” technology so that the larger drones can be flown alongside manned aircraft in normal airspace. “The primary reason they will be used is to collect data,” Moreland says. “You won’t see them, they will be at high altitude. They will be in controlled airspace, working within all the rules of the aviation authority, and for all intents and purposes they will appear to everybody else, to all the controllers, as just another aircraft.” Not everyone shares Moreland’s relaxed attitude about drones. A concern for civil liberties campaigners is that police could use them to conduct secretive surveillance from an eye so high in the sky that it is invisible from the ground. Police forces across England have held meetings about introducing large drones, and the European Parliament is working on a plan to use the aircraft for border security purposes, tracking immigrants and smugglers attempting to enter countries on the continent illegally by boat. This follows the trend set in America, where drones known as “Predators” are deployed in states like Texas as part of border-security patrols. “I think that there are civil liberties and privacy issues that simply aren’t being dealt with,” says Chris Cole, an Oxford-based campaigner who runs a popular website called Drone Wars UK. “The problem is nobody is taking these issues on board and yet we are pushing ahead with enabling unmanned aircraft to fly over our heads without addressing these questions. The big military companies are not doing this for our own good – they just see future profits in this area. So I think that there are real concerns.” The sense and avoid technology being developed by BAE Systems is set to be tested in 2013, and experts working in the drone industry estimate that as early as 2015 they could be operational in civilian airspace alongside manned aircraft. Some are even predicting that, at some point in the not-so-distant-future, we will see unmanned aircraft flying passengers in the same way some trains today, like the Paris Metro, function without drivers. But a more pressing concern, particularly for activists such as Cole, is Britain’s ongoing role conducting drone attacks in conflict zones. Last month it was revealed that British pilots had flown drones over Libya during the uprising against Muammar Gaddafi, contradicting previous government claims that the RAF had only flown them in Afghanistan. This has raised questions about whether the Ministry of Defence (MoD) has been candid about the full extent of its involvement in drone strikes. “This is one of the most important ethical and legal questions of our time with regard to militarism and the armed forces – how drones are changing the nature of warfare,” Cole says. “The problem is they are not being very transparent about the use of drones. The public interest in this issue is so important, but the data about how drones are being used is not being disclosed by the MoD.” Pressure on the government to release information about how it uses drones in warzones is likely to heighten in the months ahead. Pilots of a fleet of ten “Reaper” drones that the RAF uses to conduct attacks in Afghanistan are to be relocated to England for the first time later this year. The pilots, currently based in Nevada, will relocate to RAF Waddington in Lincolnshire, where they will pilot the drones using joystick-like controls from behind large monitor screens. Already, anti-war activists have held demonstrations at the base to protest. 74-year-old veteran campaigner Helen John has set up a pre-emptive peace camp, vowing to stay indefinitely in “total defiance” over what she calls “murder by remote control.” “Having lived through WWII, I witnessed the destruction of my grandmother’s house, cut in two by a V2 rocket,” John says. “I feel deeply ashamed that in the 21st century we are bringing in a new generation of murderous technology to blight the future.” Since 2007 the MoD’s Reaper drones have fired more than 280 missiles and flown for 30,000 hours above Afghanistan, the equivalent of having flown from London to Sydney over 500 times. The government has been hesitant to release figures showing casualties inflicted by British drones. However, in December 2010 David Cameron said 124 insurgents had been killed in British drone strikes, while in April 2011 it emerged that four Afghan civilians were killed and two others injured in an attack by an RAF drone in Afghanistan’s Helmand province. The MoD has accepted there is a wider debate to be had about issues around the deployment of drones. It is also keen to distance itself from the style of drone attacks perpetrated by the United States, which take place covertly in multiple countries outside established laws of war. “I wouldn’t want you to confuse the way we operate drones with the way the Americans operate drones,” says Lex Oliver, an MoD spokesman. “They use them for wholly different missions. “The UK’s rules of engagement for using a drone are exactly the same as for using a manned aircraft. They’re still operated by a pilot it’s just that they are operated by a pilot remotely as opposed to a pilot who’s sat in the aircraft.” It is estimated that the MoD will have spent half a billion pounds sustaining its Reaper drones in Afghanistan by 2015. The government continues to fund and invest in developing more advanced unmanned technology, and has lent financial backing to an ambitious drone being developed by BAE Systems at its Warton base. “Taranis,” named after the Celtic god of thunder, is a stealth unmanned aircraft that has been described as resembling a spaceship out of Star Wars. The aim of Taranis, according to BAE Systems, is to test whether it is possible to build a remote controlled stealth drone capable of “precisely striking targets at long range, even in another continent.” It will be the first of its kind and, if testing next year proves successful, could mark a major step towards a day when manned fighter jets are considered a remnant of the past. A dream or a nightmare, depending on where you stand.
Tuesday, 21 August 2012
Mamfakinch.com is a citizen media project that grew out of the Arab Spring in early 2011. The popular website is critical of Morocco’s frequently draconian government, and last month won an award from Google and the website Global Voices for its efforts “to defend and promote freedom of speech rights on the internet.” Eleven days after that recognition, however, Mamfakinch’s journalists received an email that was not exactly designed to congratulate them for their work. The email, sent via the contact form on Mamfakinch.com, was titled “Dénonciation” (denunciation). It contained a link to what appeared to be a Microsoft Word document labeled “scandale (2).doc” alongside a single line of text in French, which translates as: “Please do not mention my name or anything else, I don't want any problems.” Some members of the website’s team, presumably thinking they’d just been sent a major scoop, tried to open the file. After they did so, however, they suspected their computers had become infected with something nasty. Mamfakinch co-founder Hisham Almiraat told me that they had to take “drastic measures” to clean their computers, before they passed on the file to security experts to analyze. What the experts believe they found was, they said, “very advanced”—something out of the ordinary. The scandale (2).doc file was a fake, disguising a separate, hidden file that was designed to download a Trojan that could secretly take screenshots, intercept e-mail, record Skype chats, and covertly capture data using a computer’s microphone and webcam, all while bypassing virus detection. Christened a variety of names by researchers, like “Crisis,” and “Morcut,” the spy tool would first detect which operating system the targeted computer was running, before attempting to infect it with either a Mac or Windows version. Once installed, the Trojan tried to connect to an IP address that was traced to a U.S. hosting company, Linode, which provides “virtual private servers” that host files but help mask their origin. Linode says using its servers for such purposes violate its terms of service, and confirmed the IP address in question was no longer active. The use of Linode was a clear attempt to make the Trojan hard to track, according to Lysa Myers, a malware researcher who analyzed it. But there were a couple of clues. The Trojan’s code repeatedly referenced the acronym “RCS” alongside occasional mentions of the Italian name “Guido.” This pointed straight to an Italian company called Hacking Team, one of the leading providers of spyware-style tools to governments and law enforcement agencies worldwide. Hacking Team’s flagship product is called “Remote Control Systems,” a Trojan it describes as “eavesdropping software which hides itself inside the target devices.” RCS can spy on Skype chats, log keystrokes, take webcam snapshots - identical to the Trojan used to target the Moroccans. It can also be tailored to infect a computer via “opening a document file,” according to marketing materials, and “can monitor from a few and up to hundreds of thousands of targets.” Hacking Team did not respond to repeated requests by phone and email for comment. Notably, however, during an interview last October the company’s co-founder David Vincenzetti told me that RCS had since 2004 been sold “to approximately 50 clients in 30 countries on all five continents.” (Most people today consider there to be seven continents - Africa, Antarctica, Asia, Australia/Oceania, Europe, North America, and South America - but in parts of Europe it used to be taught that there were only five: Africa, America, Asia, Australia, and Europe.) So while it’s not possible to say for sure whether Moroccan authorities are using RCS, it’s certainly being deployed by countries in that region of the world, by Vincenzetti’s own admission. The Moroccan case is not isolated, and it’s likely we’ll hear more about such attacks in the future. Last month, a number of Bahraini activists were targeted with a Trojan tool purportedly designed by a British spy tech company, Gamma Group, which is one of Hacking Team’s main competitors. Human rights organizations have been concerned for some time about Western companies selling high-tech surveillance equipment to countries in which it may be abused. Ever mounting evidence of the equipment being used to target pro-democracy activists and journalists could have repercussions for the companies involved and is likely to strengthen the case for stricter export controls. Thanks to Jean-Marc Manach for help with the French translation.
This article first appeared at: Slate.com
Saturday, 14 July 2012
United States, the United Kingdom, Canada, and Australia push for increased surveillance powers, one pioneering American is pushing back. New York-based entrepreneur Nicholas Merrill is making progress on a project he revealed in April: an encryption-based telecommunications provider designed to be “untappable.” After crowd-funding almost $70,000 in donations, Merrill says that he has held talks with a host of interested venture capitalists and a few “really big companies” apparently interested in partnering up or helping with financial support. Now the “surveillance-proof” software is in development, and he is on track to begin operating a limited service by the end of the year. Merrill’s ultimate aim is to create a telecommunications infrastructure that inhibits mass surveillance. First, he is building an Internet provider that will use end-to-end encryption for Web browsing and email. Then he plans to roll out a mobile phone service that will enable users to encrypt calls, making them difficult to intercept. The key to decrypt the communications would be held by each individual customer, not Merrill’s company. Because the telecom firm would be unable to access the communications, law enforcement agencies that want to read or listen to communications would be forced to serve warrants or court orders on individuals directly. “This would make it impossible to do blanket, dragnet surveillance of all the customers of a telecommunications carrier,” Merrill says. The idea for the project is not to help bad guys evade detection, though undoubtedly that’s how some critics will see it. Rather, Merrill is particularly keen to develop the technology to help journalists and human rights organizations—groups, he says, “whose right to confidentiality is more or less accepted under the law.” Merrill has a strong record of defending user privacy. In 2004, he became the first ISP executive to successfully challenge a secret FBI “national security letter” demanding he hand over customer information. His willingness to question the constitutionality of the secret letter at the time put him at odds with most major telecoms providers, which have a poor track record when it comes to protecting customer privacy. In 2005 and 2006, a number of companies were revealed to have handed over troves of customer data and opened up wiretaps to the National Security Agency, sometimes without a warrant. Today, Merrill admits prospective funders of his latest project have expressed concerns that it could lead to a confrontation with powerful actors (“It’s challenging to go up against some of the forces that are trying to open up all communications to wiretapping,” he says). But he is trying to address this by showing that government and law enforcement agencies could themselves benefit from his technology. Cybersecurity and privacy are part of the same problem but framed differently, he believes. Both could be addressed at once by ubiquitous encryption of communications and data transfer—protecting user privacy while also helping prevent malicious hackers from stealing information. Some establishment figures have already been won over by Merrill’s argument. The advisory board of his nonprofit research institute, Calyx, which is developing the technology, includes a former NSA technical director and a former federal prosecutor who is also ex-CIA. Whether he can get the backing of current members of the U.S. law enforcement community, though, is another matter altogether. Merrill’s technology could be seen as creating extra barriers for law enforcement and the authorities would likely oppose it for that reason. Existing U.S. wiretapping law, called CALEA, states that telecom providers "shall not be responsible for decrypting" communications if they don't possess "the information necessary to decrypt.” But that may change under reforms proposed by the FBI, which is actively seeking more surveillance powers. As governments increasingly move toward expanding their power to conduct electronic surveillance, it is inevitable that innovative technologists, software developers, and cryptographers will work to help people protect the privacy of their personal communications. Earlier this week the NSA’s chief tried to quell concerns over allegations that it is building a huge domestic surveillance center in Utah, dismissing whistle-blowers’ claims as “baloney.” Given the NSA’s recent history, however, it is likely many Americans will remain skeptical about the spy agency’s reassurances—and some will turn to encryption. Merrill aims to launch his telecommunications firm first in the United States before tackling the international market, where there are also mounting concerns about government surveillance schemes. “We’re not trying to force people to use our service,” Merrill says. “What we’re trying to do is re-envision how the telecommunications industry could work if privacy and encryption technology was built in from the beginning.” This article first appeared at Slate.com
Thursday, 5 July 2012
Monday, 4 June 2012
Saturday, 19 May 2012
links between British spy agencies and torture, unlawful abductions and dealings with dictators have been exposed in recent years, prompting investigations and major court cases. But now, in a historic move that could erode centuries-old principles of open justice, the government wants to limit sensitive material being disclosed publicly – enabling complicity in human rights abuses to be kept secret. The controversial plans are set to be included in the Justice and Security Bill, formally announced earlier this month in the Queen’s Speech. The Ministry of Justice says “common-sense” change is needed to protect national security and better equip courts to pass judgment in cases involving classified information. Because the new legislation would enable the government to present evidence to a judge without having to disclose it to the whole court, however, there are major concerns it could lead to cover-ups and put the government and other public bodies above the law. “The simple fact is that closed courts are inherently unfair,” says Clare Algar, executive director of human rights group Reprieve. “What the government is proposing is a system in which they can use whatever evidence they like against the citizen, but the citizen is unable to challenge or even to see that evidence. This is unacceptable in any circumstances. "Our current system is working well, and judges have always been extremely deferential to the government on matters of national security. Yet it appears that our security services are attempting to undermine our justice system because they are unwilling to be held accountable in a court of law." Justice secretary Ken Clarke argues that the government will have to reveal “damaging” secret security information or settle out of court unless ministers can order some cases to be conducted behind closed doors. Clarke says that Britain’s intelligence-sharing relationship with America was dented after a ruling in 2010 forcing ministers to reveal a document showing British complicity in the torture of West London resident Binyam Mohamed, who was held at US-run prison Guantanamo Bay over alleged links to terror groups. But last month the government’s claims that US authorities have withdrawn or reduced the amount of intelligence it shares with Britain were attacked by the joint parliamentary committee on human rights as being based on “spurious assertions”. And former officers from the US Central Intelligence Agency told the Daily Mail the US would “never hold back” information from British spies if it was “important to their domestic security.” Prominent critics argue that the reform, far from being motivated by a desire to protect national security, has more to do with preventing politically damaging details from being made public. “We should not sacrifice Britain’s open and transparent justice system simply to protect politicians and their officials from embarrassment,” said former director of public prosecutions Ken MacDonald in February. “After a decade in which we have seen our politicians and officials caught up in the woeful abuses of the War on Terror, the last thing the government should be seeking is to sweep all of this under the carpet. However, that is exactly what their disastrous secret justice proposals are likely to do.” Macdonald’s scathing remarks took on added significance last month, when it emerged spy agency MI6 had tried to avoid having to appear in open court by offering a payment of £1 million to Abdelhakim Belhadj, a Libyan dissident it helped hand over to Muammar Gaddafi’s regime in 2004 as part of America’s extraordinary rendition programme. Belhadj and his pregnant wife were abducted by US authorities in Bangkok after a tip-off from MI6. They were forced on a plane to Libya where they were mistreated by Gaddafi’s secret police – and are now suing Sir Mark Allen, an ex-senior member of MI6, for “complicity in torture" and "misfeasance in public office." If the Bill were to become law by the time Belhadj’s case makes it to a British courtroom, a government minister could sign off a “closed material procedure” (CMP) certificate vetoing sensitive information about MI6’s role being publicly disclosed. CMPs were first established by Labour in 1997 to be used mainly in a small number of immigration cases concerning the deportation of terror suspects. In 2010, for instance, alleged extremists based in Manchester and Liverpool were accused of having links to al-Qaida – but in subsequent deportation hearings CMPs were applied to keep evidence against them secret. Crucially, aside from cases involving terror suspects and torture, the newly proposed Bill has far wider ramifications. It would apply across all civil court cases or inquests and could potentially be used not only to protect the security services – but also to halt sensitive information involving the police, the army and other public bodies from being revealed. (The definition of “sensitive” information is broad, encompassing the disclosure of anything deemed contrary to the interests of national security, the international relations of the United Kingdom, or the detection and prevention of crime.) Inquest, a charity that provides support to bereaved people affected by contentious deaths, such as deaths in custody and police shootings, believes the government’s proposals “seriously undermine fundamental legal principles of natural justice and open justice.” The group, whose members number lawyers involved in high-profile cases including the Hillsborough disaster and the shooting of Jean Charles de Menezes, has warned that the Bill, if legislated, would “fuel fears that the state is attempting to deliberately prevent information about its own culpability in deaths becoming publicly known.” “It is deeply regrettable that the government is pursuing proposals to extend the use of closed material procedures,” says Helen Shaw, Inquest’s co-director. “It is abundantly clear that there is no need for such sweeping changes to the law.” But not all elements of the Bill have been subject to such intense criticism. While many argue it would be particularly detrimental to the accountability of the secret services in the courtroom, others point out that at the same time, in stark contrast, it also contains a proposal to enhance their accountability to parliament. Currently spy agencies MI6, MI5 and GCHQ are overseen by the intelligence and security committee (ISC), an executive-appointed group of nine parliamentarians, which reports directly to the prime minister. The government wants to improve the ISC by having it report formally to parliament for the first time. “I see this as a measure of making them more accountable,” says Anthony Glees, an expert in security and counter-terrorism at the University of Buckingham. “There is a problem with accountability in our secret agencies; too much secrecy fuels speculation and it leads to a lack of responsible behaviour. But we can’t expect that they can’t have full accountability because then they wouldn’t be secret agencies.” By enhancing parliamentary accountability while simultaneously planning to radically reduce judicial accountability, though, it is ultimately the overall impact that is of most significance, according to Hugh Bochel, professor of public policy at the University of Lincoln. “The proposals give greater parliamentary oversight but they reduce the amount of judicial oversight and to some extent civil society and the media,” Bochel says, adding that this is a “negative step.” “What you need is overlap between all those different forms of oversight and that should give you a good view as you can and accountability in all sorts of different ways.” Campaigners point out that the Ministry of Justice’s own impact assessment of its plans for secret court proceedings warned of a “reduction in confidence in court processes” and a “higher risk of potential security breaches,” costing up to £11 million every year. This was compounded last month by condemnation from the joint parliamentary committee on human rights, chaired by Dr Hywel Francis, which said in a report that the court plans were a “radical departure from our longstanding traditions of open justice” and “inherently unfair.” “The government has now tested the parliamentary waters and its proposal to expand secret evidence has been condemned as unfair and unjustified,” says Angela Patrick, director of human rights policy at campaign group Justice. “Proceeding in the face of these conclusions would undermine the coalition’s commitment to civil liberties and could damage public confidence in the justice system irreparably.”
Tuesday, 1 May 2012
Western firms that sold dictatorships in the Middle East mass-surveillance technology have been subject to intense scrutiny over the past year. But now a new exposé by journalists in Sweden has shed light on how the same tools are being used closer to home — in ex-Soviet republics across Europe and Central Asia, whose leaders were seemingly shaken by the revolutions of the Arab Spring. Last week an investigative documentary shown on Swedish public service broadcaster SVT revealed in fascinating depth the extent to which Stockholm-based telecommunications firm Teliasonera is linked to spy agencies in Azerbaijan, Kazakhstan, Uzbekistan, Tajikistan, and Georgia, facilitating crackdowns on dissident politicians and independent journalists. Citing a multitude of sources — including official government documents and whistle-blower testimony — SVT’s reporters documented how companies owned by Teliasonera had allowed “black box” probes to be fitted within their telecommunications networks. The black boxes allow security services and police to monitor, in real-time and without any judicial oversight, all communications passing through, including texts, Internet traffic and phone calls. (Similar so-called “monitoring centers” were set up in Muammar Gaddafi’s Libya and Bashar al-Assad’s Syria with the help of European companies.) SVT found some citizens who said they had been targeted for the strangest, most banal reasons. Several Azerbaijanis, for instance, said they had been summoned by police and subject to interrogation after phone records showed they had voted for a country other than their own during the televised Eurovision Song Contest in 2009. One man said he was told by officials working for Azerbaijan’s security agency that he was a “traitor” because he had voted for a song performed by musicians from Armenia, a neighbor with whom Azerbaijan has historically had tense relations. Other cases were far more serious and sinister. Documents obtained by SVT showed an Azerbaijani reporter had his phone tapped after he published a piece about being beaten at the hands of government security agents while covering a story. He was subsequently stabbed in a savage attack and had to flee to France, where he has since taken up a case against the security agency and Teliasonera-owned Azercell in the European Court of Justice. SVT also reported that the black-box surveillance was used in Belarus to track down, arrest, and prosecute protesters who attended an anti-government protest rally following the 2010 Belarusian presidential election. Similar stories were reported in relation to Kazakhstan, Uzbekistan, Tajikistan, and Georgia. In Azerbaijan and Uzbekistan, sources said security agencies had even been given their own offices within the telecom providers’ headquarters to snoop on communications. One whistle-blower who worked for Teliasonera told the reporters, “The Arab Spring prompted the regimes to tighten their surveillance... There’s no limit to how much wiretapping is done, none at all.” In response to the documentary, a spokeswoman for Teliasonera said that “police tap into information from telecom networks to fight crime” and “the rules for how far their authority goes are different from country to country.” When pressed about complicity in human rights violations, she looked shaky, refusing to comment on why security agencies were being given access to telecom buildings in Azerbaijan and Uzbekistan.
This article first appeared at: slate.com