November 7, 2013 in Russia
A draft order from the Russian Ministry of Communications written in coordination with the FSB that, if implemented, will require Russian internet service providers to retain all internet traffic and provide the FSB with access for 12 hours after the data is collected, including stored data, phone numbers, IP addresses, account names, social network activity and e-mail addresses. The proposed rule changes have concerned Russian telecommunications providers who say that the requirements violate the Russian constitution.
September 21, 2013 in European Union
This Briefing note provides the LIBE Committee with background and contextual information on PRISM/FISA/NSA activities and US surveillance programmes, and their specific impact on EU citizens’ fundamental rights, including privacy and data protection.
September 3, 2013 in Corporate
Two presentations from the Gamma Group describe the company’s FinFisher and 3G-GSM tactical interception and target location surveillance products. The presentations were anonymously posted online and are reportedly from 2011 discussions between Gamma and the German State Criminal Police Offices (Landeskriminalamts).
August 10, 2013 in Department of Justice
This white paper explains the Government’s legal basis for an intelligence collection program under which the Federal Bureau of Investigation (FBI) obtains court orders directing certain telecommunications service providers to produce telephony metadata in bulk. The bulk metadata is stored, queried and analyzed by the National Security Agency (NSA) for counterterrorism purposes. The Foreign Intelligence Surveillance Court (“the FISC” or “the Court”) authorizes this program under the “business records” provision of the Foreign Intelligence Surveillance Act (FISA), 50 U.S.C. § 1861, enacted as section 215 of the USA PATRIOT Act (Section 215). The Court first authorized the program in 2006, and it has since been renewed thirty-four times under orders issued by fourteen different FISC judges. This paper explains why the telephony metadata collection program, subject to the restrictions imposed by the Court, is consistent with the Constitution and the standards set forth by Congress in Section 215. Because aspects of this program remain classified, there are limits to what can be said publicly about the facts underlying its legal authorization. This paper is an effort to provide as much information as possible to the public concerning the legal authority for this program, consistent with the need to protect national security, including intelligence sources and methods. While this paper summarizes the legal basis for the program, it is not intended to be an exhaustive analysis of the program or the legal arguments or authorities in support of it.
July 9, 2013 in Department of Defense, Department of Homeland Security, Department of Justice, Federal Bureau of Investigation
A collection of Network Security Agreements (NSAs) entered into with foreign communications infrastructure providers ensuring U.S. government agencies the ability to access communications data when legally requested. The agreements range in date from 1999 to 2011 and involve a rotating group of government agencies including the Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), Department of Justice (DoJ), Department of Defense (DoD) and sometimes the Department of the Treasury. According to the Washington Post, the agreements require companies to maintain what amounts to an “internal corporate cell of American citizens with government clearances” ensuring that “when U.S. government agencies seek access to the massive amounts of data flowing through their networks, the companies have systems in place to provide it securely.”
July 1, 2013 in European Union
This study evaluates the oversight of national security and intelligence agencies by parliaments and specialised non-parliamentary oversight bodies, with a view to identifying good practices that can inform the European Parliament’s approach to strengthening the oversight of Europol, Eurojust, Frontex and, to a lesser extent, Sitcen. The study puts forward a series of detailed recommendations (including in the field of access to classified information) that are formulated on the basis of in-depth assessments of: (1) the current functions and powers of these four bodies; (2) existing arrangements for the oversight of these bodies by the European Parliament, the Joint Supervisory Bodies and national parliaments; and (3) the legal and institutional frameworks for parliamentary and specialised oversight of security and intelligence agencies in EU Member States and other major democracies.
June 6, 2013 in National Security Agency
More than 1700 pages of building specifications for the NSA/CSS facility at Fort Gordon, Georgia known as “Sweet Tea” dated February 5, 2010.
June 4, 2013 in United Nations
The present report analyses the implications of States’ surveillance of communications for the exercise of the human rights to privacy and to freedom of opinion and expression. While considering the impact of significant technological advances in communications, the report underlines the urgent need to further study new modalities of surveillance and to revise national laws regulating these practices in line with human rights standards.
November 3, 2012 in Corporate
Harris Corporation’s standard terms and conditions for the sale of their wireless surveillance products including the AmberJack, StingRay, StingRay II, Harpoon and KingFish products. The terms and conditions document was included in a contract signed with Tempe, Arizona on October 8, 2012 for $60,321.15 worth of surveillance software, equipment and training.
October 3, 2012 in Department of Homeland Security, United States
The Subcommittee investigation found that DHS-assigned detailees to the fusion centers forwarded “intelligence” of uneven quality – oftentimes shoddy, rarely timely, sometimes endangering citizens’ civil liberties and Privacy Act protections, occasionally taken from already-published public sources, and more often than not unrelated to terrorism. Congress directed the Department of Homeland Security (DHS) to lead this initiative. A bipartisan investigation by the Permanent Subcommittee on Investigations has found, however, that DHS’ work with those state and local fusion centers has not produced useful intelligence to support federal counterterrorism efforts.
September 25, 2012 in Department of Health and Human Services
A document produced by the Department of Health and Human Services as part of their “Now Trending Challenge” to develop applications for monitoring disease outbreaks via Twitter. The document contains lists of various terms that are associated with a number of diseases from the common cold to diphtheria.
September 25, 2012 in Iraq, U.S. Air Force
This Statement of Work (SOW) involves purchasing and installing a Lawful Intercept (LI) capability for the Government of Iraq (GOI). The capability shall include: providing installation, system engineering, system administration, terminal operations support, and mentoring/training Iraqi system operators. The solution should include a disaster recovery feature/configuration that would replicate (backup) the server and database storage at a physically separate facility. LI will provide the GOI a powerful communications intelligence tool to assist in combating criminal organizations and insurgencies by supporting evidence-based prosecutions, warrant-based targeting, and intelligence-based operations.
September 24, 2012 in European Union
This document contains detailed recommendations on how to implement the best practices identified in the Clean IT project. It will be developed further in the months ahead. After the end of the Clean IT project it will only be shared with organizations that have committed to implementing the best practices. It will be developed further with these organizations participating in the Clean IT permanent public-private dialogue platform.
September 14, 2012 in Federal Bureau of Investigation
‘Going Dark’ is a Law Enforcement (LE) initiative to address the gap between the legal authority and practical ability of LE to conduct lawfully-authorized electronic surveillance. Problems highlighted by the Going Dark initiative include LE’s difficulty in receiving information from some technology companies, and criminal’s use of advanced technologies and techniques that can complicate carrying out of lawfully-authorized court orders to conduct electronic surveillance.
September 9, 2012 in Featured
Last month, Cryptome quietly posted a 2007 draft of the Federal Bureau of Investigation’s vision statement for the Domestic Communications Assistance Center (DCAC). The document, which has received no media attention, offers the most in depth view yet of the DCAC and its functions. In May, CNET correspondent Declan McCullagh disclosed the existence of the DCAC, which he described as having a mandate “covering everything from trying to intercept and decode Skype conversations to building custom wiretap hardware or analyzing the gigabytes of data that a wireless provider or social network might turn over in response to a court order.” The vision statement obtained by Cryptome describes the general functions and organization of the DCAC as well as the FBI’s national electronic surveillance (ELSUR) strategy.
September 7, 2012 in Corporate, National Security Agency
With internet traffic growing exponentially, attacks on government and commercial computers by cyber terrorists and rogue states have escalated. Those wishing harm have espionage programs targeting the data systems used by the United States and allies. Drug traffickers and weapons dealers use the internet with encrypted communications. To counter these activities, the National Security Agency, an agency of the U.S. government, is building a fortified data center deep inside a mountain in Utah. This complex will house the world’s most sophisticated supercomputers dedicated to code breaking and data traffic analysis. Another site will eventually take delivery of the latest Cray supercomputer called Cascade to support the NSA’s need to crack codes faster to protect the nation and its allies.
August 16, 2012 in United States
Security guards at large facilities, such as airports, monitor multiple screens that display images from individual surveillance cameras dispersed throughout the facility. If a guard zooms with a particular camera, he may lose image resolution, along with perspective on the surrounding area. Embodiments of the inventive Imaging System for Immersive Surveillance (ISIS) solve these problems by combining multiple cameras in one device. When properly mounted, example ISIS systems offer up to 360-degree, 240-megapixel views on a single screen. (Other fields of view and resolutions are also possible.) Image-stitching software merges multiple video feeds into one scene. The system also allows operators to tag and follow targets, and can monitor restricted areas and sound an alert when intruders breach them.
August 11, 2012 in Featured
A number of hacked emails from the private intelligence firm Stratfor have shed light on a global suspicious activity surveillance system called TrapWire, that is reportedly in use in locations around the world from the London Stock Exchange to the White House. The emails, which were released yesterday by WikiLeaks, provide information on the extent and operations of a system designed to correlate suspicious activity reports and other evidence that may indicate surveillance connected with a potential terrorist attack.
August 10, 2012 in Corporate
Trap Wire dramatically increases the ability to detect pre-attack preparations and to take appropriate action to detect, deter and intercept tenorist attacks. A visual monitor of the entire system-a map with dynamic status indicators for each entity connected to the Trap Wire network- facilitates the ability of decisionmakers to absorb vast quantities of information quickly and efficiently. The dynamic status indicators show the threat level at each facility and highlight those that have moved to a higher threat level over the preceding 24 hours. Security officials can thus focus on the highest priorities first, taking a proactive and collaborative approach to defense against attacks. The information collected by Trap Wire can also be shared with law enforcement agencies to assist in their counterterrorism efforts.
April 25, 2012 in National Security Agency
A map and list of possible locations of NSA domestic interception points inside the United States. The list was presented by computer security researcher Jacob Appelbaum at a recent event held at the Whitney Museum in New York along with filmmaker Laura Poitras and ex-NSA employee William Binney. One of the addresses, an AT&T building on Folsom Street in San Francisco, is the location of Room 641A which was the subject of multiple lawsuits regarding warrantless surveillance of U.S. citizens. A recent article in Wired quoted Binney as estimating that there are likely ten to twenty of these locations around the country.
April 4, 2012 in Intelligence Advanced Research Projects Agency
Catalyst, a component of DDNI/A’s Analytical Transformation Program, will process unstructured, semistructured, and structured data to produce a knowledge base of entities (people, organizations, places, events, …) with associated attributes and the relationships among them. It will perform functions such as entity extraction, relationship extraction, semantic integration, persistent storage of entities, disambiguation, and related functions (these are defined in the body of the report). The objective of this study is to assess the state-of-the-art and state-of-the-practice in these areas.
April 2, 2012 in Corporate
A 2010 price list for Harris Corporation wireless surveillance products was included in contract documentation for the purchase of multiple KingFish Dual Mode wireless measurement systems that went to Maricopa County, Arizona.
February 24, 2012 in Department of Homeland Security
A manual for the Department of Homeland Security’s Media Monitoring Capability that was reportedly obtained by EPIC via a FOIA request. The manual has been slightly redacted by DHS to remove names and contact information and the URL of the Network Operations Center Media Monitoring Capability reporting website. This website has been listed in three of the four publicly available manuals as an example of a website monitored by DHS.
February 17, 2012 in Department of Homeland Security
Social media are web-based and mobile technologies that turn communication into an interactive dialogue in a variety of online fora. It may be appropriate for the government, including DHS, to use social media for a variety of reasons. The President has challenged his Administration to use technology and tools to create a more efficient, effective, and transparent government1. DHS recognizes that the use of social media by government actors must occur with appropriate privacy, civil rights, and civil liberties protections; whether DHS is disclosing its informationand press releases via social media platforms like Twitter and Facebook, reviewing news feeds for situational awareness, or researching identified, discrete targets for legitimate investigatory purposes. Accordingly, DHS has created Department-wide standards designed to protect privacy, civil rights, and civil liberties in each category of its use.