Tag: mass surveillance

Apple Just Confirmed Governments Are Spying on People’s Phones With Push Notifications

Governments are spying on U.S. smartphone users through the push notifications that they receive from apps, Senator Ron Wyden wrote in a letter to the Department of Justice on Wednesday and Apple confirmed. 

Wyden wrote that the federal government had restricted Apple and other companies’ ability to share information about this process. The Senator’s office “received a tip” last year that “government agencies in foreign countries were demanding smartphone ‘push’ notification records from Google and Apple,” Wyden, a Democratic senator from Oregon, wrote in the letter to Attorney General Merrick Garland. “My staff have been investigating this tip for the past year, which included contacting Apple and Google. In response to that query, the companies told my staff that information about this practice is restricted from public release by the government.” 

Apple confirmed in a statement to Reuters on Wednesday that, “In this case, the federal government prohibited us from sharing any information. Now that this method has become public we are updating our transparency reporting to detail these kinds of requests.”

The process by which push notifications are generated requires the phone company to serve as a “digital post office,” Wyden wrote. Push notifications are sent through Apple and Google’s servers, which means that the companies “serve as intermediaries in the transmission process,” and can therefore be made to hand over information to governments that request it. 

According to Wyden’s letter, the information that can be gleaned from push notification requests is mostly metadata. This includes information “detailing which app received a notification and when, as well as the phone and associated Apple or Google account to which that notification was intended to be delivered,” Wyden wrote. In some cases, requesters may even receive unencrypted content such as the text that was delivered in the notification. 

The senator said that companies can therefore “be secretly compelled by governments to hand over this information.” 

An unnamed source confirmed to Reuters that both foreign and U.S. government agencies had been asking the companies for push notification data, for example to tie anonymous users of messaging apps to specific accounts. They did not say which government agencies had participated in this, or for how long. 

Apple advises its developers to encrypt any sensitive data sent through a push notification, but does not require this practice. 

Keep reading

Congress Prepares To Reauthorize a Warrantless Domestic Spying Program the FBI Abused

Congress is gearing up for a potential showdown over the expected reauthorization of a warrantless domestic spying program that’s been misused by the FBI and widely criticized by civil libertarians.

That surveillance program—authorized by Section 702 of the Foreign Intelligence Surveillance Act (FISA)—was created after 9/11 with the intention of tracking foreign spies and potential terrorists. But it has predictably morphed into a way for law enforcement agencies to get a warrantless peek at Americans’ phone records, emails, and other electronic communications—the FBI ran more than 3.3 million queries through the Section 702 database in 2021, according to an annual transparency report.

With the program set to expire at the end of this year, Congress has a rare opportunity to reform Section 702 by, at the very least, prohibiting law enforcement from using it to snoop on Americans. So far, that doesn’t seem to be happening.

The Senate voted Thursday to advance the annual National Defense Authorization Act (NDAA), and the 3,000-page bill contains a “clean” reauthorization of Section 702, according to Sen. Mike Lee (R–Utah), a longtime critic of the surveillance program.

“After all we’ve learned about the FBI in recent years, the fact that some members of Congress are still willing to reauthorize FISA 702 without reforms—not even a warrant requirement for “backdoor” surveillance of Americans—makes me wonder if they’re illiterate,” Lee posted to X (formerly Twitter) on Thursday.

Lee says he intends to vote against the NDAA when it comes to the Senate floor for a final vote. He likely won’t be the only Republican to do so, but rolling the Section 702 reauthorization into the larger military spending bill means it will be difficult to prevent its passage.

Instead, the fight will be over the language that gets added to the NDAA. While the Senate is moving forward will full reauthorization, there are competing proposals drafted in the House.

The House Judiciary Committee approved a bill on Wednesday to reauthorize Section 702 with the added requirement that the FBI and other intelligence agencies obtain a warrant before using the program to obtain information about Americans.

“The overwhelming, bipartisan vote in favor of this legislation confirms a mutual interest in protecting our Fourth Amendment privacy rights from rogue intelligence actors,” Rep. Andy Biggs (R–Ariz.), chairman of the House subcommittee on federal surveillance issues, said in a statement. “Any effort to stall consideration or pass a clean extension of the current FISA authorities is a punishment of the American people.”

However, the House Intelligence Committee passed its own version of a Section 702 reauthorization on Thursday. That bill would only require that the FBI establish probable cause before searching the Section 702 database for information about Americans, Roll Call reported.

Keep reading

Due to AI, “We are about to enter the era of mass spying,” says Bruce Schneier

In an editorial for Slate published Monday, renowned security researcher Bruce Schneier warned that AI models may enable a new era of mass spying, allowing companies and governments to automate the process of analyzing and summarizing large volumes of conversation data, fundamentally lowering barriers to spying activities that currently require human labor.

In the piece, Schneier notes that the existing landscape of electronic surveillance has already transformed the modern era, becoming the business model of the Internet, where our digital footprints are constantly tracked and analyzed for commercial reasons. Spying, by contrast, can take that kind of economically inspired monitoring to a completely new level:

“Spying and surveillance are different but related things,” Schneier writes. “If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the end, I would get a report of all the conversations you had and the contents of those conversations. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did.”

Schneier says that current spying methods, like phone tapping or physical surveillance, are labor-intensive, but the advent of AI significantly reduces this constraint. Generative AI systems are increasingly adept at summarizing lengthy conversations and sifting through massive datasets to organize and extract relevant information. This capability, he argues, will not only make spying more accessible but also more comprehensive.

“This spying is not limited to conversations on our phones or computers,” Schneier writes. “Just as cameras everywhere fueled mass surveillance, microphones everywhere will fuel mass spying. Siri and Alexa and ‘Hey, Google’ are already always listening; the conversations just aren’t being saved yet.”

Keep reading

Documents Show DHS Agency “Real-Time Narrative Tracking” of Social Media Posts in 2020

Judicial Watch has come forward with newly acquired evidence of an intriguing alliance during the US 2020 election. The investigative body was able to obtain, via a Freedom of Information Act (FOIA) suit, a series of records demonstrating a comprehensive synergy between the Department of Homeland Security’s Cybersecurity and Information Security Agency (CISA) and a controversial entity, the Election Integrity Partnership (EIP).

These files reveal a concerted effort to execute “real-time narrative tracking” on principal social media networks during the critical days leading up to the 2020 election. Interestingly, these records illustrate instances of social media post “takedowns” and an intentional avoidance of creating public records that would be subject to the FOIA process.

These records also allow us a peek into the operations of EIP. Originally known as the Election Misinformation Partnership, it invested in monitoring online election discourse round the clock, especially prioritizing “disinformation that is going viral.”

Keep reading

Secret Surveillance Program: White House Goes Rogue, Breaking All Laws

The government wants us to believe that we have nothing to fear from its mass spying programs as long as we’ve done nothing wrong.

Don’t believe it.

It doesn’t matter whether you obey every law. The government’s definition of a “bad” guy is extraordinarily broad, and it results in the warrantless surveillance of innocent, law-abiding Americans on a staggering scale.

For instance, it was recently revealed that the White House, relying on a set of privacy loopholes, has been sidestepping the Fourth Amendment by paying AT&T to allow federal, state, and local law enforcement to access—without a warrant—the phone records of Americans who are not suspected of a crime.

This goes way beyond the NSA’s metadata collection program.

Operated during the Obama, Trump and now the Biden presidencies, this secret dragnet surveillance program (formerly known as Hemisphere and now dubbed Data Analytical Services) uses its association with the White House to sidestep a vast array of privacy and transparency laws.

According to Senator Ron Wyden, Hemisphere has been operating without any oversight for more than a decade under the guise of cracking down on drug traffickers.

This is how the government routinely breaks the law and gets away with it: in the so-called name of national security.

Keep reading

Authorities Demand Access To Private Social Media Conversations To Spy On Anti-Mass Migration Sentiment

Authorities in Ireland are set to be given access to private social media conversations in order to spy on anti-mass migration sentiment following the riots in Dublin.

After an Algerian migrant stabbed three children outside a primary school, fiery but mostly peaceful protests broke out in the Irish capital.

Authorities reacted by being more outraged at the protesters than the actual would-be child murderer, who should have been deported 20 years ago and was previously released after being arrested for carrying a knife.

Now Irish people who share spicy memes in WhatsApp chat groups are going to be under government surveillance should this new ‘hate speech’ legislation pass.

“Gardai will be able to access and intercept private conversations on social media sites under new legislation, as the Justice Minister promised to crack down on crime following the riots in Dublin,” reports the Irish Times.

Keep reading

A Secret Phone Surveillance Program is Spying on Millions of Americans

According to a letter obtained by WIRED, a little-known surveillance program called Data Analytical Services (DAS) has been secretly collecting and analyzing more than a trillion domestic phone records within the U.S. each year. The program, which was formerly known as Hemisphere, is run by the telecom giant AT&T in coordination with federal, state and local law enforcement agencies.

The program uses a technique known as chain analysis, which targets not only those in direct phone contact with a criminal suspect but anyone with whom those individuals have been in contact as well. This means that innocent people who have no connection to any crime can have their phone records swept up and scrutinized by the authorities.

The program allows law enforcement agencies to access the records of any calls that use AT&T’s infrastructure, which covers a large portion of the country. The records include the phone numbers, dates, times, durations and locations of the calls, as well as the names and addresses of the subscribers.

The DAS program raises serious concerns about the privacy and civil liberties of millions of Americans. It operates without any judicial oversight or public accountability and violates the Fourth Amendment, which protects people from unreasonable searches and seizures.

Keep reading

LEXISNEXIS SOLD POWERFUL SPY TOOLS TO U.S. CUSTOMS AND BORDER PROTECTION

THE POPULAR DATA broker LexisNexis began selling face recognition services and personal location data to U.S. Customs and Border Protection late last year, according to contract documents obtained through a Freedom of Information Act request.

According to the documents, obtained by the advocacy group Just Futures Law and shared with The Intercept, LexisNexis Risk Solutions began selling surveillance tools to the border enforcement agency in December 2022. The $15.9 million contract includes a broad menu of powerful tools for locating individuals throughout the United States using a vast array of personal data, much of it obtained and used without judicial oversight.

Through LexisNexis, CBP investigators gained a convenient place to centralize, analyze, and search various databases containing enormous volumes of intimate personal information, both public and proprietary.

“This contract is mass surveillance in hyperdrive,” Julie Mao, an attorney and co-founder of Just Futures Law, told The Intercept. “It’s frightening that a rogue agency such as CBP has access to so many powerful technologies at the click of the button. Unfortunately, this is what LexisNexis appears now to be selling to thousands of police forces across the country. It’s now become a one-stop shop for accessing a range of invasive surveillance tools.”

Keep reading

5 WAYS TO PREPARE FOR THE ONLINE PRIVACY CRACKDOWN

The internet is about to change. In many countries, there’s currently a coordinated legislative push to effectively outlaw encryption of user uploaded content under the guise of protecting children. This means websites or internet services (messaging apps, email, etc.) could be held criminally or civilly liable if someone used it to upload abusive material. If these bills become law, people like myself who help supply private communication services could be penalized or put into prison for simply protecting the privacy of our users. In fact, anyone who runs a website with user-uploaded content could be punished the same way. In today’s article, I’ll show you why these bills not only fail at protecting children, but also put the internet as we know it in jeopardy, as well as why we should question the organizations behind the push.

Let’s quickly recap some of the legislation.

Keep reading

Police Circumventing Warrant Requirements By Purchasing Data from Private Vendors

John Adams warned us that if we give government an inch, it will take a mile.

“The nature of the encroachment upon the American Constitution is such, as to grow every day more and more encroaching. Like a cancer, it eats faster and faster every hour.”

We’ve seen this play out dramatically when it comes to the Fourth Amendment.

The courts have created all kinds of exceptions to the Fourth Amendment. But the government continues to push for more and look for ways to circumvent the restrictions on searches and seizures currently in place.

In the latest ploy to gobble up as much personal information as possible, state and federal law enforcement agencies have turned to buying information from private data miners. According to a report from LawFare Media, buyers of private data include the Department of Homeland Security, the Internal Revenue Service’s Criminal Investigations Division, the Defense Intelligence Agency, and police departments across the country.

If government agents collect the same data directly from cell phones or internet providers, they would have to get a warrant. However, government attorneys argue that purchasing data from private brokers does not violate the Fourth Amendment because once the data becomes “public,” the expectation of privacy disappears. Furthermore, most user agreements stipulate that third parties may collect data. Since customers agree to the TOS, government lawyers contend that they effectively give up their right to privacy.

Keep reading