• SurveillanceComputer searches at border subject to case-by-case reasonableness: Court

    A Washington, D.C. District Court has upheld a ruling that U.S. intelligence and border security agents must have “reasonable suspicion” to seize and search any computer or storage media at the border – especially if the computer and storage media belong to an individual about to leave the country. A South Korean businessman, suspected of buying missile parts for China, was stopped at LAX on his way back to Korea. He was allowed to leave, but his laptop and storage media were seized by agents. Judge Amy Berman Jackson stressed that in border searches, the government has a more compelling interest in searching things that are being brought into the country than things that are about to leave the country. Kim’s lawyers asked the judge to suppress any incriminating evidence found on Kim’s laptop during a warrantless search conducted by the case agents, and she granted to lawyers’ motion. DHS says it will appeal her decision.

  • EncryptionUSMobile launches Scrambl3 mobile, Top Secret communication-standard app

    Irvine, California-based USMobile, a developer of private mobile phone services, yesterday launched Scrambl3, a smartphone app that enables users to create their own Private Mobile Network. When Scrambl3 users communicate with each other, Scrambl3 creates a Dark Internet Tunnel between their smartphones. This Tunnel cloaks the calls and texts by making them invisible on the Internet. Scrambl3 App for Android-based phones is available for a 60-day free beta offering from the Google Play Store.

  • SurveillanceThe FBI violated its own rules in surveillance of anti-Keystone XL pipeline activists

    More than eighty pages of internal FBI documents dated from November 2012 to June 2014, obtained under the Freedom of Information Act, reveal that the FBI breached its own investigation rules when it spied on protesters opposing the controversial Keystone XL pipeline. Agents in the FBI’s Houston field office failed to get approval before they cultivated informants and opened files on pipeline protesters — a violation of guidelines designed to prevent the agency from becoming excessively involved in sensitive political issues.

  • AviationNew airport security technologies raise privacy concerns

    Researchers are developing surveillance technologies better to help airport security officials scan passengers and luggage for contraband and suspicious behavior. Privacy advocates say these expensive and ambitious projects, meant to increase public safety and ease air travel delays, risk intruding on passengers’ privacy.“What starts in the airport doesn’t stay there,” says a technology expert at the ACLU.

    • view counter

  • SurveillanceCourt rules NSA bulk metadata collection exceeded Patriot Act’s Section 215

    On Thursday, a three-judge panel from the New York-based 2nd Circuit U.S. Court of Appeals overturned an earlier ruling by Judge William Pauley, which found that the controversial NSA bulk collection of domestic phone metadata was legal and could not be subject to judicial review. That section, which the appeals court ruled the NSA program exceeded, will expire on 1 June. The judges did not address the issue of whether the NSA program violated the Constitution, instead waiting for Congress to decide how to proceed after the program’s 1 June expiration.

  • CybersecurityLawmakers reintroduce “Aaron’s Law” to curb CFAA abuses

    A bipartisan group of lawmakers have reintroduced a bill known as “Aaron’s Law,” which aims to reform the Computer Fraud and Abuse Act (CFAA). CFAA has been cited by civil libertarians (EFF) as having been abused to the point where it now stifles research and innovation, as well as civil liberties. the measure is intended to honor Aaron Swartz, the Reddit co-founder who was apprehended after downloading millions of scholarly articles from a Massachusetts Institute of Technology database in 2011. Following his arrest, with charges under the CFAA which might lead to a maximum sentence of thirty-five years in prison, Swartz committed suicide at age 26, leading some to charge that the aggression of prosecutors led to the his decision.

    • view counter

  • CybersecurityBreach of background-checks database may lead to blackmail

    Newly released documents show how hackers infiltrated servers used by US Investigations Services(USIS), a federal contractor which conducts background checks for DHS. In a House Oversight and Government Reform Committeehearing last week, Representative Elijah Cummings (D-Maryland) said more than 27,000 personnel seeking security clearances likely were affected by the USIS breach. Similar hacks also affected servers at the Office of Personnel Management(OPM), which holds information on security clearance investigations. Once hackers have a list of employees who possess government security clearances, they can exploit other aspects of those employees’ lives for malicious gain.

  • CybersecurityEfforts to improve cyber information sharing between the private sector, government

    Lately, Obama administration officials having been venturing West to encourage tech firms to support the government’s efforts to improve cyber information sharing between the private sector and government agencies. The House of Representatives last week passed two bills to advance such effort. The Protecting Cyber Networks Act and the National Cybersecurity Protection Advancement Act of 2015 authorize private firms to share threat data such as malware signatures, Internet protocol addresses, and domain names with other companies and the federal government. To the liking of the private sector, both bills offer companies liability protection for participating in cyberthreat information sharing.

  • Emerging threatsEmerging threats require a new social contract between the state, citizens: Study

    Technological advancements create opportunities for governments and the private sector, but they also pose a threat to individual privacy and individual – and public — safety, which most Americans look to the government to protect. The authors of a new book on emerging threats argue that while, at one time, “the government used to be our sole provider of security,” companies which store troves of private information are also key to Americans’ privacy and security. They say that the United States may need a new social contract between the state and its citizens on matters of security and privacy. “The old social contract has its roots in the security dilemmas of the Enlightenment era,” they write. “In our new era, everyone is simultaneously vulnerable to attack and menacing to others. That requires a different, more complex social contract — one that we are just starting to imagine.”

  • SurveillanceFBI, NSA want surveillance measures to remain in reauthorized Patriot Act

    On 1 June, Section 215 of the U.S.A Patriot Act, which permits law enforcement and intelligence agencies to collect certain customers’ records from U.S. businesses including communications and credit card firms, is set to expire. Congress has been debating whether to reauthorize the section of the act or pass measures that will curb the level of surveillance it currently grants. In recent days, representatives from the NSA and the FBI have been meeting with legislators to inform them of the importance of Section 215, still both chambers of Congress seem to be uncertain on how to move forward.

  • SurveillancePolice use of Stingray technology raises privacy advocates’ ire

    Detective Emmanuel Cabreja, a member of the Baltimore Police Department’s Advanced Technical Team, recently testified that the unit owns and operates a Hailstorm cell site simulator, the latest version of the Stingray — a device which mimics a cellphone tower to force phones within its range to connect. For years, law enforcement agencies have used Stingrays to find wanted suspects, but until recently, the technology was largely unknown to the public, partly because law enforcement officers were banned from revealing such information to judges and defense attorneys.

  • Data protectionNew privacy technologies protect personal data better

    In Estonia, the public and private sector have databases, the merging and analysis of which could help the state and enterprises make better management decisions. Such consolidation of data, however, would be a serious threat to privacy and violate data protection rules. A researcher suggests a more convenient way of analyzing very sensitive data without the fear of data leak. The new approach would be appropriate for preserving privacy in genome-wide association studies, satellite collision prediction analysis, and conducting labor market studies.

  • License plate readersAs law enforcement increases use of license plate readers, privacy advocates fret

    Law enforcement agencies across the country have adopted license plate readers (LPRs) to monitor vehicles driving on roads and to locate wanted suspects or suspended drivers.After canceling plans last year to operate its own LPR database, DHS announced last week, through a bid request, that the agency’s ICE is seeking a private sector firm to provide access to already functioning LPR databases for a subscription fee.Privacy advocates argue that the gains made with LPR systems, do not justify the mass monitoring of Americans who drive.

  • Data protectionDo you know where your data is?

    Bitglass, a data protection company, undertook an experiment aiming to gain better understanding of what happens to sensitive data once it has been stolen. In the experiment, stolen data traveled the globe, landing in five different continents and twenty-two countries within two weeks. Overall, the data was viewed more than 1,000 times and downloaded forty-seven times; some activity had connections to crime syndicates in Nigeria and Russia. “This experiment demonstrates the liquidity of breached data, underscoring the importance of discovering data breaches early,” said Nat Kausik, Bitglass CEO.

  • SurveillanceDHS seeking license plate readers (LPRs) technology -- again

    A year after privacy concerns led DHS to recall its solicitation for bids by private companies to help the department create a national license-plate database which would allow unlimited access to information obtained from commercial and law enforcement license plate readers (LPRs), the agency has renewed its solicitation on the basis that privacy concerns raised by civil liberties groups and lawmakers could be addressed and managed.