another facet of The Administration's "We Hear You" efforts..
Wrong Direction on Privacy
Susan Landau
2-Aug-2010
http://www.huffingtonpost.com/susan-landau/wrong-direction-on-privac_b_666915.html
The White House wants to make it easier for the FBI to get at your email and
web browsing records; the plan is to make transactional information surrounding
your Internet communications --- the to/from information and the times and
dates of those communications --- subject to National Security Letters (NSLs),
meaning the FBI could get these records without going through a judge.
NSLs were created in 1978 to give FBI investigators an easy way to obtain
various business records, including the transactional information of phone
records (not the content, which is subject to more stringent protections). The
"easy" part of NSLs is that no courts are involved in issuing an NSL; the
bureau does so itself. FBI guidelines require NSLs to be issued only on a
written request of an FBI Special Agent in Charge (or other specially delegated
senior FBI official), and there are four approval steps in the process.
Originally NSLs were to be used against foreign powers and people believed to
be their agents. But proving someone was an agent of a foreign power was not
all that easy, and NSLs were rarely used. That situation changed with the
PATRIOT Act, which allowed NSLs to be used to gather information relevant to
international terrorism cases. In an Orwellian touch, under the PATRIOT Act the
bureau could require that the recipient of an NSL keep the order secret. NSL
numbers shot up; between 2003-2006, the FBI issued 192,000 NSLs. Many were to
phone companies. Why is clear; knowing who the bad guys are communicating with
leads to untangling plots, often before law enforcement understands exactly
what the plot might be. Such appears to be what happened, for example, in the
case of Najibullah Zazi, who recently pled guilty to a plot to bomb the New
York City subways.
At first in the initial aftermath of September 11th, telephone company workers
were sharing offices with the FBI Communications Assistance Unit, and many
times the required procedures went by the wayside. And instead of NSLs, the FBI
begun using "exigent letters'' requesting immediate access to telephone records
with claims to the phone companies that the appropriate subpoenas were in
process. Many times that wasn't true. Sometimes there wasn't even a paper trail
for the requests; they were just issued verbally. Dates and other specifics
were often missing from the requests, which meant law enforcement got many more
months of data than there was need for.
Why does this matter? It turns out that communications transactional
information is remarkably revelatory. When NSLs were created in 1978, phones
were fixed devices, and the information of who was calling whom provided a
useful past history of behavior. The information is much richer with mobile
devices; knowing who is calling whom, or whose cellphone is repeatedly located
in the same cellphone sector as whose, provides invaluable information ---
information that is simultaneously remarkably invasive. Transactional data
reveals who spends time together, what an organization's structure is, what
business or political deals might be occurring. ... <snip/>
---
end
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com