The FBI's Digital Collection System connects FBI offices and telecom providers around the country to coordinate collection of phone taps for investigations of all sorts.
There’s plenty of reason to be concerned Big Brother is watching.
We’re paranoid not because we have grandiose notions of our self-importance, but because the facts speak for themselves.
Here’s our short list of nine reasons that Wired readers ought to wear tinfoil hats, or at least, fight for their rights and consider ways to protect themselves with encryption and defensive digital technologies.
We know the list is incomplete, so if you have better reasons that we list here, put them in the comments and we’ll make a list based off them.
Until then, remember: Don’t suspect a friend; report him.
The government refuses to acknowledge whether the National Security Agency is secretly siphoning the nation’s electronic communications to the National Security Agency without warrants, as the Electronic Frontier Foundation alleges. The lawsuit was based on evidence provided by a former AT&T technician Mark Klein that showed that AT&T had installed a secret spying room in an internet hub in San Francisco. The spying got so bad that Attorney General Ashcroft threatened to resign over it.
When a federal judge said a lawsuit on that issue could go forward, Congress passed legislation stopping the case in its tracks. Two American lawyers for an Islamic charity did, however, prevail in their suit that they were wiretapped without warrants, but the Administration is appealing. Much of the program was legalized in 2008 by the FISA Amendments Act.
The FBI has also built a nationwide computer system called the Digital Collection System, connected by fiber optic cables, to collect and analyze wiretaps of all types, including ones used in ultra-secret terrorism investigations.
Warrantless GPS Tracking
The Obama administration claims Americans have no right to privacy in their public movements. The issue surfaced this month in a landmark case before the U.S. Supreme Court to determine if law enforcement agents should be required to obtain a probable-cause warrant in order to place a GPS tracking device on a citizen’s car. The government admitted to the Supreme Court that it thinks it would have the power to track the justices’ cars without a warrant.
The invasive technology allows police, the FBI, the Drug Enforcement Administration and other agencies to engage in covert round-the-clock surveillance over an extended period of time, collecting vast amounts of information about anyone who drives the vehicle that is being tracked. The Justice Department has said that law enforcement agents employ GPS as a crime-fighting tool with “great frequency,” and GPS retailers have told Wired that they’ve sold thousands of the devices to the feds.
Tracking Devices in Your Pocket
That mobile phone in your pocket chronicles almost everything. Once-secret software developed by a private company pretty much chronicles all you do on your smartphone and sends it to the carriers. The carriers themselves keep a wealth of information, such as text messages, call-location data, and PINs — though none of them disclose to their customers what data they store or how long they keep the data.
Law enforcement can get at much of that historical data — and often get real-time tracking information without proving probable cause to a judge.
Fake Cell Phone Towers
You make a call on your cellphone thinking the only thing standing between you and the recipient of your call is your carrier’s cellphone tower. In fact, that tower your phone is connecting to just might be a boobytrap set up by law enforcement to ensnare your phone signals and maybe even the content of your calls.
So-called stingrays are one of the new high-tech tools that authorities are using to track and identify you. The devices, about the size of a suitcase, spoof a legitimate cellphone tower in order to trick nearby cellphones and other wireless communication devices into connecting to the tower, as they would to a real cellphone tower.
The government maintains that the stingrays don’t violate Fourth Amendment rights, since Americans don’t have a legitimate expectation of privacy for data sent from their mobile phones and other wireless devices to a cell tower. While the technology sounds ultra-new, the feds have had this in their arsenal for at least 15 years, and used a stingray to bust the notorious hacker Kevin Mitnick in 1995.
The Border Exception
The Fourth Amendment doesn’t exist along the U.S. border. You know that if you’re a close supporter of WikiLeaks or a friend of alleged WikiLeaks leaker Bradley Manning. You’re no doubt very familiar with the U.S. government’s laptop border search policy, which allows Customs and Border Protection agents to seize and search a laptop belonging to anyone crossing a border into the U.S.
Agents can search through files on a traveler’s laptop, phone or other mobile device, read e-mail or view digital snapshots to uncover incriminating evidence, and they don’t need any reason to do so.
The government argues, and the 9th U.S. Circuit Court agrees that searching through a person’s laptop for copyright violations is no different than looking through their suitcase for cocaine — and thus fits squarely with what is known as the ‘border exception’ to the Fourth Amendment. That means a border agent doesn’t need reasonable suspicion, probable cause or even a hunch to open your laptop, seize it and make copies of your data.
At least three supporters of WikiLeaks, including security researcher Jacob Appelbaum. have been subject to the policy and had devices seized and searched as they re-entered the U.S. from foreign trips. U.S. Customs and Border Patrol seem to particularly like searching Appeblaum’s devices and questioning him, despite the fact that Wikileaks has never been charged with a crime in the U.S..
The “6 Months and It’s the Government’s” Rule
If you’re already not wanting a dose of Prozac, consider that the law allows the government to obtain Americans’ e-mails, without a warrant, if it’s stored on some other company’s servers for more than six months. The Electronic Communications Privacy Act, adopted in 1986, turned 25 this year. When written, the law assumed e-mails left on a server for that long were abandoned.
In the age of Gmail, that’s simply ridiculous. A proposal to demand a court warrant for any and all e-mail never got a Senate hearing and was opposed by the Obama administration.
The Patriot Act
No paranoia list would be complete without including the Patriot Act, the now 10-year-old law adopted in the wake of September 11. The act, which has remained largely the same since former president George W. Bush signed the legislation six weeks after 9/11, gives the government, among other things, the power to acquire phone, banking and other records via the power of a so-called “national security letter,” which does not require a court warrant.
National security letters, perhaps the most invasive facet of the law, are written demands from the FBI that compel internet service providers, financial institutions and others to hand over confidential records about their customers, such as subscriber information, phone numbers and e-mail addresses, bank records and arguably websites you have visited.
The FBI need merely assert, in writing, that the information is “relevant” to an ongoing terrorism or national security investigation. Nearly everyone who gets a national security letter is prohibited from even disclosing that they’ve received one. More than 200,000 letters have been issued by the FBI, despite a series of stinging reports from the Justice Department’s internal watchdog, who found FBI agents weren’t just routinely sloppy; they also violated the law.
Moreover, a decade after Bush’s signature, information is sketchy about how the law is being used in practice. For instance, Sen. Ron Wyden (D-Oregon) claims the government applies a far broader, and classified, legal interpretation of the Patriot Act’s power to let the government seize most anything it deems relevant to an investigation (Section 215).
“We’re getting to a gap between what the public thinks the law says and what the American government secretly thinks the law says,” the Senate Intelligence Committee member said in a recent interview with Wired. “When you’ve got that kind of a gap, you’re going to have a problem on your hands.”
It’s little known, but governments have their own malware/spyware that it deploys against suspected lawbreakers. The FBI’s version, the last time we checked, was called CIPAV. Once an FBI agent convinced a target to install it (by clicking an e-mail attachment or link on the web), the spyware reports back everything that computer does online.
German states recently came under fire for misusing a similar program that reportedly could turn on a computer’s camera and take screenshots. And a recent Wall Street Journal story catalogs a surveillance software company which trumpeted its ability to infect users via a fake iTunes update. The company sells its wares to governments around the world.
Former Secretary of Defense Donald Rumsfeld took an unfair amount of abuse for his deployment of the phrase “known unknowns.” And it’s these known unknowns that might be the most disturbing part of the list. For instance, does the government think the Patriot Act allows it to force Google to turn over information about anyone who has searched for certain keywords using orders that come with a gag order? Is the NSA sucking up everything we say on our phones and that we do online, under the theory it pushed in a court case that it’s not a search until a human actually looks at the data? How often do police investigating a crime ask wireless providers to give them a list of all the people whose phones were in use in the area when they think a crime was committed? What kind of sweeping surveillance orders have been issued under the 1998 law that Congress passed to legalize much of the warrantless wiretapping of Americans? And finally, how long is the government storing all this data, and how can we be sure that our future governments won’t start using this data to target Americans based on activities protected by the First Amendment?
And no — a tinfoil hat won’t help you at all.