Since the Cold War, more than 120 countries reportedly trusted a Swiss company Crypto AG to safeguard their most secret messages. However, few of them knew that, according to a leaked report published last week by the Washington Post, the encrypted communications device maker was actually controlled by the CIA and its German counterpart.

The two intelligence agencies reportedly rigged the devices to let them listen in on political and military leaders, other spies, and even private companies and make millions of dollars in profit along the way. Crypto AG helped them spy on uprisings in Latin American countries, Middle Eastern dictators, the Vatican and even the United Nations.

While the CIA report called the operation "the intelligence coup of the century," other major leaks over the past decade have shed light on some closely held state secrets.

Whistleblowers like Edward Snowden and Chelsea Manning, by sharing confidential documents with journalists and organizations like WikiLeaks, have helped expose everything from the NSA's surveillance of millions of American citizens to offshore tax havens used by world leaders and the ultra wealthy.

Here are just some of the most significant things we've learned as a result of recent leaks.

More:
From Snowden to Crypto AG: the biggest leaks since 2010 - Business Insider - Business Insider

Perhaps no city cares about the privacy of its residents as much as Oakland.

Last year, the California city became one of just a handful around the country that have banned municipal use of facial recognition technology. That came on top of an earlier ordinance that put limits on surveillance technology.

Those laws were largely the handiwork of Oaklands Privacy Advisory Commission, a citizen-led board that can review any and all city policies and regulations through a privacy lens. Other cities have privacy policies or staff in place, while a few have ad hoc groups to address particular issues, such as smart city policies. No other city has a standing group with such a broad charter.

We know the activities that are going on in the city of Oakland, says Tracy Rosenberg, advocacy director for Oakland Privacy, a nonprofit watchdog group. Oakland is considering buying some drones. Im not happy about it, but I know about it, I can weigh in on it, and theres a body looking at the issues. Its not like were going to find out just by looking up when theyre already flying over our heads.

Tracy Rosenburg, advocacy director for Oakland Privacy.

In 2020, data privacy bills are being debated in numerous states many modeled on a California law that took effect this year. Meanwhile, the tech industry is lobbying Congress to put a national standard in place. The European Union already has stricter data protection policies in place than the U.S.

While privacy can seem like an issue thats national or even international in scope, issues such as surveillance often play out at the local level, particularly in law enforcement.

There is a really important role for local institutions, says Chris Calabrese, vice president for policy at the Center for Democracy and Technology, a civil liberties group based in Washington. That is, figuring out how their localities are using surveillance technologies. Its actually not unusual for a state or a town to get a grant from DHS [Department of Homeland Security] to get a drone or surveillance without any discussion by the city council.

Thats exactly what happened in Oakland. The city had received DHS funding for a Domain Awareness Center (DAC), which collected and analyzed surveillance data from throughout the city. It began as a security project at the port and airport, but crept out to encompass the entire city, collecting information from 700 cameras in public housing and schools, outdoor gun detection microphones, license plate readers and other sensors.

News about the DAC broke thanks to someone with a temp job in the citys technology office. If that sounds like Oakland had its own version of Edward Snowden, the National Security Agency contractor who made international news with revelations of mass data collection at the federal level well, the Oakland story happened to break just after Snowden himself burst on the scene.

They have the great fortune of hitting the public safety agenda in the middle of June 2013, which was two weeks after somebody named Edward Snowden hit the front pages of newspapers, says Brian Hofer, who chairs the Oakland Privacy Advisory Commission.

Realizing that the issues Snowden had brought to the fore were playing out right in their own hometown had a galvanizing effect in Oakland. City officials were already highly familiar with the large aggregation of activist groups who call Oakland home. Many of those groups were already on high alert. At the time, the Occupy movement was still fresh. The city had also been rocked by the killing of Oscar Grant by a transit officer, which formed the basis of the 2013 movie Fruitvale,and anticipated the complaints about police violence that would erupt in 2014 in Ferguson, Mo.

There was just all this activist energy in Oakland at that exact time, Hofer recalls, and it was just like the match that lit the gasoline fire.

Brian Hofer, chair of the Oakland Privacy Advisory Commission.

At that time, Hofer had never before set foot in Oakland City Hall, but he became part of the coalition of opposition that grew in response to the Domain Awareness Center, which entailed not just lobbying but street protests. The citys project ended up dying a slow death, becoming limited to the port, which pulled all its funding and staffing for it.

Activists then pushed for a standing body to deal with privacy matters so that such a project couldnt sneak up on them again. These kinds of technological projects, smart city projects in some form or another keep coming and you cant always mobilize the entire city to react, Rosenberg says. We were lucky, but in the future it might be harder.

After a long struggle, the city council narrowly agreed in 2016 to create the standing commission. Hofer now consults formally and informally with other cities that are looking to put policies in place safeguards as concerns about the potential dark sides of technology use garners more attention. Through monthly conference calls, he trades ideas with municipal privacy professionals in several cities.

Im still flying around to conferences where the Domain Awareness Center is still the case study, and that was from 2014, Hofer says. Its still the shot heard round the world like you can actually say no to the surveillance state, and also come up with a reasonable solution that still addresses public safety concerns.

The ban on facial recognition and limits on surveillance have attracted most of the attention, but the commission has also worked on a broad range of policies, clarifying general data usage rules and reviewing agreements with outside agencies such as DHS, ATF and the FBI.

Each member of the city council appoints a commissioner. That has sometimes made recruitment a challenge, since members have to come from within relatively small districts. The commission has nevertheless attracted people with a range of backgrounds, including civil rights attorneys, a retired police officer and the occasional technology company employee. In drafting some policies, the commission has relied on outside expertise from entities such as the University of California, Berkeley and the American Civil Liberties Union.

The commission constantly encounters pushback, both from technology companies who warn that constraints will hamper innovation and from city staff who worry about increased paperwork or other administrative burdens. Hofer does his best to address such concerns, arguing that an insistence on transparency and an airing of issues does not mean projects will fail to move forward.

He feels that his most convincing argument comes from building consensus, both within the commission and among city staff. Since the commission started four years ago, its seen a grand total of one no vote and three abstentions. Every other position has been taken unanimously.

Ive always said that Im going to resign as chair if theres ever a 5-4 vote that I have to send to the council, Hofer says. Were an advisory body, were supposed to be subject matter experts, and if I send a 5-4 vote up, that means we didnt do our job.

The commmission is now working on an umbrella set of privacy principles that will govern all kinds of non-law-enforcement activities, such as business licensing and tax collection. Hes concerned, given the ever-evolving technological landscape, that information collected innocuously at first could eventually be used in ways that put people in harms way.

Thats certainly been a theme with various uses of technology. License plate readers were initially brought in for parking enforcement, but the data they collect is then stored and used for broader surveillance. The same with smart streetlights, which may first be seen as just a way to cut the electricity bill, but can be equipped with surveillance cameras and sensors. Oakland's commission can ask vendors who come in promising labor and cost savings for the city about the potential privacy issues raised by their products and services.

Four years after its founding, the Oakland privacy commission remains unique in allowing citizens to help draw the lines when it comes to the full range of privacy concerns. In many cities, privacy remains under the purview of government officials themselves, which may or may not provide a forum for hearing citizens concerns. There can also be turf protection, with police commissions, for example, insisting that they should handle any privacy issues that might arise.

The list of technologies that will affect privacy at the local level, from biometrics to doorbell cameras, will only continue to grow. Governments tend to be reactive, but it might be time for cities and counties to try to get out in front.

Our argument is its really a lot easier if you do it on the front end and set up a system for what you can see coming, Rosenberg says. If youre not actively doing something to be on top of it, youre going to throw up your hands, let everything come through and be dealing with privacy and usage concerns on the back end.

View original post here:
What Cities Can Learn from the Nation's Only Privacy Commission - Governing

The European Commission has told its staff to switch to the encrypted Signal messaging app in a move thats designed to increase the security of its communications. Politico reports that, earlier this month, a message on the commissions internal messaging boards notified employees about the change. Signal has been selected as the recommended application for public instant messaging, the message to the EUs executive branch says.

According to Politico, Signal will not be used for all communication. Encrypted emails will be used to send non-classified but sensitive information, and classified documents use tighter security measures still. Signal, meanwhile, is intended to be used for external communications between staff and people outside the organization.

The initiative comes as the EU is attempting to lock down the security of its communications in the wake of high-profile hacks. In June 2018, BuzzFeed News reported that the European Unions embassy in Moscow had been hacked and had information stolen from its network. Later that year, The New York Times reported that the EUs diplomatic communications network had been hacked over the course of a three-year period in a display of the remarkably poor protection given to official communications.

The European Commission is not the only governmental body to tell its staff to switch to Signal. Last December, The Guardian reported that the UKs ruling party, the Conservatives, told its MPs to switch to the service from WhatsApp. At the time, there was speculation that the switch was done in order to take advantage of Signals disappearing messages feature to stop leaks like those the party saw while using WhatsApp. However, a party spokesperson claimed it was because its recent influx of newly elected MPs meant that it had exceeded WhatsApps maximum group size.

Signal is generally considered to be one of the most secure messaging apps available. Its open source, uses end-to-end encryption by default, and unlike WhatsApp, it doesnt store any message metadata or use the cloud to back up messages. Edward Snowden said at one point that he uses it every day, and it even has the backing of one of WhatsApps original co-founders.

The rest is here:
Signal becomes European Commissions messaging app of choice in security clampdown - The Verge

What happens to your bitcoin after you die?

This is more than just a philosophical question: It could involve a substantial amount of currency.

The question of crypto and the Great Beyond is what prompted about 20 or so developers to get together in London recently to experiment with repurposing the current lightning protocol to send private messages as a dead mans button, a system that cant be censored and would keep your crypto safe for your heirs.

Related: Bitcoins Coronavirus Selloff Throws Cold Water on Safe-Haven Argument

Lightning Labs infrastructure engineer Joost Jager has been exploring using lightning for messaging over the past year. At the Advancing Bitcoin conference in London, Jager hosted a workshop to explore building a dead mans button with lightning. The mission was to show that lightning can be used as messaging system as well as a payment network.

These buttons are not new. At the workshop, Jager noted Edward Snowden, the National Security Agency whistleblower, used one in case he died before journalists could reveal the contents of the documents he wanted to make public.

The goal of the workshop was to explore one of lightnings relatively new features, keysend (formerly known as spontaneous payments). Its so experimental it isnt even described in the lightning specifications yet. But it does offer a way to send data (called custom records in LND, the lightning implementation Jager works on) along with a transaction.

Heres how it might work: Imagine a user who wants to pass on a bitcoin (BTC) inheritance. That user would communicate with a service, pushing a button that would send a message every week or so to signify that the user is still alive.

Related: $10K Proving a Tough Nut to Crack for Bitcoins Bulls

If the button isnt pressed one week, it is assumed the bitcoin user is dead or incapacitated and its time for the bitcoin to be passed on, at which point the service automatically dispenses a secret, which can be used to retrieve the crypto.

Beyond that, Jager thought some additional features should be added, even if they could make the program trickier to implement. The program should maintain the privacy of the sender and the receiver, he said, and should allow the sender to get proof the service still has the secret.

Developers split into small groups to think about how to build a service that would meet all of these and other goals. The workshop developers came up with some ideas, which Jager published to GitHub. He included a rough implementation, which puts several of the ideas into practice, though he said the code is extremely limited and does not implement everything described.

This design isnt necessarily the best way forward, Jager said, but its a proof of concept he hopes can inspire other implementations.

Jager told CoinDesk the primary reason he chose the dead mans button for the workshop was it is complex enough of a use case that it can show off what lightning can do as a messaging system.

But he also thinks a dead mans button could be a real use case for lightning down the road.

Many people try to arrange their crypto inheritance and need to make up their minds about who they trust. This could be an alternative, assuming that wrinkles are ironed out and the whole process is hidden underneath a user-friendly shell, he said. This is unlikely to happen short term, but I hope people see the possibilities.

Lawyer Pamela Morgan, an expert on crypto inheritance and author of a book dedicated to helping people develop a plan to pass on their crypto, agrees with Jager the technology is far from ready. But she said she would not encourage users to put any money into any experimental dead mans button systems just yet.

Dead mans switches are fun projects that excite our imaginations but fail to solve the complex and multidisciplinary challenges of crypto asset inheritance distribution. Relying on such solutions for something as important as inheritance is likely to cause catastrophic loss, she told CoinDesk.

However, she said the technology has promise. Since few crypto enthusiasts have any sort of a plan for what to do with their currencies after they are gone, shes happy to see people exploring ways to make crypto inheritance a more common practice.

If adding a dead mans switch makes more people actually do inheritance planning for their bitcoin, then Im all for it because so few people actually do anything, she told CoinDesk.

In the meantime, Jager is pressing on with beefing up lightnings messaging system to make it easier to send messages across the network.

Correction (Feb. 24, 22:52 UTC): This article has been updated to clarify the intent of the workshop.

See the original post here:
How to Protect Bitcoin for Your Heirs With the Push of a Dead Mans Button - Yahoo Finance

Many Democrats are still acquiescing to a George W. Bush-era policy that has been in place for nearly 20 years.

There is still broad bipartisan support for the CDR program, bringing significant risk that Democrats could cut a deal for reforms with significantly less teethand more loopholesthan SAPRA.

Three key provisions of the USA Patriot Act, which give the Trump administration broad surveillance powers, are set to expire on March 15 unless Congress votes to reauthorize them. Sen. Bernie Sanders (I-Vt.) is the only leading democratic presidential candidate in Congress who is publicly opposing them.

I voted against the Patriot Act in 2001, 2006, 2011 and 2015. I strongly oppose its reauthorization next month, he tweeted on February 11. I believe that in a democratic and constitutional form of government, we cannot sacrifice the civil liberties that make us a free country.

One provision is section 215, the bulk metadata collection program exposed by Edward Snowden. This provision underwent modest post-Snowden reforms in 2015, but its essence remains largely intact in the call detail records (CDR) program. The program authorizes the NSA to seize call records of people deemed a targetand the people those targets communicate with. In 2017 and 2018, this provision allowed the government to collect more than 968 million records. The government recently shut down the CDR program, admitting to its overreach, but the legal authority to reinstate it at any time remains.

This CDR program was shuttered by the government because of massive over-collection of millions of Americans records, Sandra Fulton, government relations director for Free Press, tellsIn These Times. At this point, eliminating the CDR program is low-hanging fruit for any reform that is at all acceptable. According to Fulton, even if the CDR program is currently shuttered, keeping it on the books is a problem, because the government could reactivate it at any time. If we find a program that's being an abuse, the government doesn't just get to keep it, she says.

The other two senators among the leading Demoratic candidates, Elizabeth Warren (D-Mass.) and Amy Klobuchar (D-Minn.), have not made similar statements publicly opposing the reauthorization, and neither returned In These Times request for comment.

Sen. Klobuchar voted to reauthorize the Patriot Act in 2011, while Sanders did not (Warren was not yet in the Senate). Both Klobuchar and Warren voted in favor of the USA Freedom Act in 2015, which imposed limited reforms on the Patriot Act; Sanders voted no, citing the inadequacy of the reforms. Warren did, however, vote no on2018 on a bill to extend the NSAs powers to carry out warrantless surveillance for another six years, as did Sanders. Klobuchar voted yes.

Speaking publicly against the Patriot Act could have a significant impact at a time Democrats are still acquiescing to a George W. Bush-era policy that has been in place for nearly 20 years. Last November, Democrats voted overwhelmingly for a measure granting a three-month extension of the three Patriot Act provisions, included in a House resolution to prevent a government shutdown, infuriating civil rights activists. Only 10 Democrats in the House voted against the reauthorization, among them Reps. Alexandria Ocasio-Cortez (N.Y.), Ilhan Omar (Minn.), Ayanna Pressley (Mass.) and Rashida Tlaib (Mich.), known as the squad. But Congressional Progressive Caucus (CPC) co-chairs Reps. Pramila Jayapal (D-Wash.) and Mark Pocan (D-Wisc.), and vice chairs, Reps. Ro Khanna (Calif.) and Barbara Lee (Calif.),all voted for it. (Neither Sanders, Warren nor Klobuchar were present for the Senate vote.)

As Sam Adler-Bell previously reported, the CPC said the extension was necessary to negotiate for better reforms, butthose progressives who voted yes caught considerable heat from activists. While we would oppose these authorities under any administration, history demonstrates that mass surveillance disproportionately impacts communities of color, immigrants, and other marginalized groups that Donald Trump is actively targeting, the activist organization Demand Progress said in a statement.

Likely in response to criticism, the CPC now says it doesnt plan to acquiesce to Bush-era spy powers so easily in mid-March.

For far too long, Congress has permitted blatant, unconstitutional violations of Americans Fourth Amendment rights under the PATRIOT Act, co-chairs Jayapal and Pocan told In These Times via email. Any long-term reauthorization of this legislation must contain meaningful and substantial reforms to these legal authorities, as proposed in the Safeguarding Americans Private Records Act (SAPRA), in order to secure our support.

Introduced by Sens. Ron Wyden (DOre.) and Steve Daines (RMont.) and Reps. Zoe Lofgren (DCalif.), Warren Davidson (ROhio), and Pramila Jayapal (DWash.),SAPRA, introduced in the House by on January 24 by Rep. Zoe Lofgren (D-Calif.), would rescind authority for the CDR program. It has attracted support from a coalition of civil rights and privacy organizations, among them Color Of Change, Committee of Concerned Scientists and Indivisible.

However, the organizations note that the reform has shortcomings. In a letter, the coalition said that SAPRA does not, for instance, prohibit backdoor searches under Section 702, a loophole that poses a dangerous threat to Americans privacy by allowing the government to search through communications collected under Section 702 of FISA seeking information about Americans without a warrant. Further, it reauthorizes the so-called lone wolf authority, which has never been used and should be repealed just like the Section 215 CDR program. This lone wolf authority allowsthe government to wiretap someone who is not a U.S. personand not a part of a terrorist organizationbut deemed by the United States to be helping international terrorism (it is believedthat this provision has never been used).

Nonetheless, David Segal, the executive director of Demand Progress, tells In These Timesthat SAPRA is the only genuine reform bill in play.

Whatever this bills shortcomings, its almost certain to face opposition not only from the Trump administration, but from the Democratic Party leadership. House Speaker Nancy Pelosi (D-Calif.) played a significant role in November in pushing Democrats to endorse a reauthorization of the Patriot Actwith no reformsby slipping it into the funding bill. And impeachment manager Rep. Adam Schiff (D-Calif.), who boosted his public profile by emphatically declaring that President Trump is dangerous to this country, was among the yes votes for full reauthorization of that presidents spy powers.

There is still significantbipartisan support for the CDR program, bringing significant risk that Democrats could cut a deal for reforms with less teethand more loopholesthan SAPRA.

A Sanders spokesperson noted to In These Times that the senator has been a supporter of Wyden's efforts to reform the Patriot Act and cosponsored his bipartisan USA RIGHTS Act. The spokespersonindicated that Sanders opposes the current iteration of the Patriot Act but would likely support Wyden's SAPRA legislation in the Senate, as it goes much further to protect privacy and civil liberties than a sunset of Section 215.

By coming out now against the mass surveillance powers, Sanders appears to besignaling to the CPC that it should find its backbone on this issue. And those who stay silent are implicitly encouraging the opposite.

This piece has beenupdated to include remarks from a spokesperson for Sanders that was sent following publication.

Visit link:
Bernie Sanders Is the Only Leading Presidential Candidate Publicly Opposing the Patriot Act - In These Times

By U.S. Rep. Warren DavidsonR-Ohio

When our Founding Fathers established this American republic, a wise group insisted that our Constitution include the Bill of Rights to ensure that the federal government they created could not infringe on the natural rights of Americans.

The First and Second Amendments protect speech and the right to bear arms, respectively. After these essential freedoms, however, comes an amendment that most consider obsolete: the Third, which prohibits the federal government from quartering soldiers in Americans homes during peacetime.

On its face, Americans shouldnt have to worry about the Third Amendment. The Founding Fathers ban on quartering addresses a problem we no longer encounter. But considered in tandem with the Fourth Amendment the right to keep private property and documents secure against illegal searches a different picture emerges.

Taken together, the Third and Fourth Amendments dovetail to form a right to privacy as it applies to the home, your property and your person. The government cannot take up residence in your home, and it cannot look through your private effects without a warrant.

Yet, thats exactly what the government has done. Technology developed for national security purposes has worked its way into phones, computers, and tablets, compromising not only the American right to privacy but also the sanctity of our homes.

In less than a month, Congress can make our Founding Fathers proud and reverse this invasive legal trend. Section 215 of the Foreign Intelligence Surveillance Act (FISA) is set to expire on March 15. FISA was originally created in 1978 and massively expanded after 9/11 under the USA Patriot Act. The emphasis is on foreign there are supposed to be safeguards to protect American citizens from being targeted with these statutes. However, the U.S. government secretly has secretly taken up residence in Americans smartphones and laptops.

The scope of abuse from this troublesome law gained notoriety in 2013 when whistleblower Edward Snowden went public about the National Security Agencys warrantless warehousing of millions of Americans phone records and geolocation data. Congress attempted to fix the obvious legal problems by passing the USA Freedom Act in 2015, but we know the story of abuse doesnt end there.

In 2016, the FBI spied on a member of President Trumps campaign staff, abusing the lax standards and selective enforcement mechanisms of FISA, using stories of Russian meddling in the general election to prop up Clinton-sourced opposition research linked to Russia.

Separately, an October 2018 Foreign Intelligence Surveillance Court (FISC) found more widescale abuse. The FISC opinion was declassified on Oct. 8, 2019. Among other findings, it shows that the FBI made 3.1-million warrantless searches of Americans data in 2017 alone. Some 57,000 individuals were subject to illegal searches by the FBI in April 2018. The year before, the FBI searched over 70,000 email addresses and phone numbers. At no point did a court issue a warrant and these individuals were never notified that they were subject to such a search.

Worse, no one batted an eye after the FISA court made these abuses public -- despite the fact that such abuses strike at the very heart of our civil liberties and the spirit of our constitutional republic.

Fortunately, an unlikely group of legislators from both chambers in Congress has banded together to introduce legislation that will finally protect the 3rd and 4th Amendments and overhaul FISA.

In the House, I joined my colleagues Reps. Zoe Lofgren, D-Calif., Pramila Jayapal D-Wash., Matt Gaetz, R-Fla., Earl Blumenauer, D-Ore. and Ted Yoho, R-Fla., to work with Sens. Ron Wyden, D-Ore., and Steve Daines, R-Mont., to introduce the Safeguarding Americans Private Records Act (SAPRA).

This bipartisan legislation ends the National Security Agency's mass phone record program and prohibits warrantless searches of GPS, web browsing, and search engine history. It also makes the FISA court more accountable by requiring the court to notify American citizens if theyve been investigated under FISA and forcing the court to disclose all opinions within six months of issuance.

SAPRA also creates public reporting requirements about the extent to which intelligence agencies illegally used FISA to surveil Americans or target activity protected under the First Amendment.

My fellow cosponsors and I can only hope that as the evidence has piled on that more of our colleagues will support our bipartisan legislation. With the March 15 deadline approaching, we are in a unique position to correct this prior constitutional malpractice and systemic abuse.

For too long, Congress has allowed an overzealous intelligence community to operate with limited oversight in the name of national security. America can (and must) sustain the worlds preeminent intelligence capabilities without infringing on the rights of American citizens. SAPRA will help bring this era of congressional negligence to an end and usher in a newfound appreciation for the power and purpose of those oft-forgotten Third and Fourth Amendments.

Go here to read the rest:
highlandcountypress.com - The Highland County Press