Section 215 is designed to enable the FBI to acquire records that a business has in its possession, as part of an FBI investigation, when those records are relevant to the investigation. Yet the operation of the NSA’s bulk telephone records program bears almost no resemblance to that description. While the Board believes that this program has been conducted in good faith to vigorously pursue the government’s counterterrorism mission and appreciates the government’s efforts to bring the program under the oversight of the FISA court, the Board concludes that Section 215 does not provide an adequate legal basis to support the program. There are four grounds upon which we find that the telephone records program fails to comply with Section 215. First, the telephone records acquired under the program have no connection to any specific FBI investigation at the time of their collection. Second, because the records are collected in bulk — potentially encompassing all telephone calling records across the nation — they cannot be regarded as “relevant” to any FBI investigation as required by the statute without redefining the word relevant in a manner that is circular, unlimited in scope, and out of step with the case law from analogous legal contexts involving the production of records. Third, the program operates by putting telephone companies under an obligation to furnish new calling records on a daily basis as they are generated (instead of turning over records already in their possession) — an approach lacking foundation in the statute and one that is inconsistent with FISA as a whole. Fourth, the statute permits only the FBI to obtain items for use in its investigations; it does not authorize the NSA to collect anything.
Tag Archive for Privacy
Department of Justice
DoJ Funded Study: Automated License Plate Recognition Systems Guidance for Law Enforcement
Law enforcement officers are often searching for vehicles that have been reported stolen, are suspected of being involved in criminal or terrorist activities, are owned by persons who are wanted by authorities, have failed to pay parking violations or maintain current vehicle license registration, and any of a number of other factors. Law enforcement agencies throughout the nation are increasingly adopting automated license plate recognition (ALPR) technologies, which function to automatically capture an image of the vehicle’s license plate, transform that image into alphanumeric characters, compare the plate number acquired to one or more databases of vehicles of interest, and alert the officer when a vehicle of interest has been observed, all within a matter of seconds.
European Union
EU Parliament Report: Mass Surveillance of Personal Data in EU Member States
In the wake of the disclosures surrounding PRISM and other US surveillance programmes, this study makes an assessment of the large-scale surveillance practices by a selection of EU member states: the UK, Sweden, France, Germany and the Netherlands. Given the large-scale nature of surveillance practices at stake, which represent a reconfiguration of traditional intelligence gathering, the study contends that an analysis of European surveillance programmes cannot be reduced to a question of balance between data protection versus national security, but has to be framed in terms of collective freedoms and democracy. It finds that four of the five EU member states selected for in-depth examination are engaging in some form of large-scale interception and surveillance of communication data, and identifies parallels and discrepancies between these programmes and the NSA-run operations. The study argues that these surveillance programmes do not stand outside the realm of EU intervention but can be engaged from an EU law perspective via (i) an understanding of national security in a democratic rule of law framework where fundamental human rights standards and judicial oversight constitute key standards; (ii) the risks presented to the internal security of the Union as a whole as well as the privacy of EU citizens as data owners, and (iii) the potential spillover into the activities and responsibilities of EU agencies. The study then presents a set of policy recommendations to the European Parliament.
News
The Nationwide Network Working to Bring Mobile Biometrics to Your Community
A federal law passed in February 2012 to help middle class families by creating jobs and cutting payroll taxes included a section mandating the creation of a nationwide interoperable broadband communications system for law enforcement and first responders. The system, which is being created under the direction of the First Responder Network Authority (FirstNet), seeks to create a nationwide broadband network capable of being used for a variety of law enforcement purposes including remote surveillance, mobile biometric applications like field fingerprint scanning and facial recognition, as well as automated license plate reading. The system is currently in a pilot phase with less than a dozen locations around the country participating in the initial rollout of the FirstNet network. However, comments from FirstNet board members indicate that the future goals of the system include an interoperable network operating in all 56 states and territories of the U.S. that is capable of integration at the state, local and federal level.
Russia
Russia Ministry of Communications and FSB Internet Monitoring Draft Order
A draft order from the Russian Ministry of Communications written in coordination with the FSB that, if implemented, will require Russian internet service providers to retain all internet traffic and provide the FSB with access for 12 hours after the data is collected, including stored data, phone numbers, IP addresses, account names, social network activity and e-mail addresses. The proposed rule changes have concerned Russian telecommunications providers who say that the requirements violate the Russian constitution.
Washington D.C.
Washington, D.C. CCTV Camera Locations
An excerpt from the Washington D.C. Metropolitan Police Department 2012 Annual Report listing the locations of surveillance cameras throughout the district as well as every activation of the Department’s Joint Operations Command Center (JOCC) that occurred in 2012
News
Feds Say Possession of “Large Amounts” of Weapons May Indicate Terrorist Activity
A joint bulletin issued in early August by the Department of Homeland Security and FBI warns state and local law enforcement agencies to look out for people in possession of “large amounts” of weapons and ammunition, describing the discovery of “unusual amounts” of weapons as a potential indicator of criminal or terrorist activity.
Federal Bureau of Investigation
FBI Next Generation Identification Video Presentations
Department of Energy
Sandia National Laboratories Mobile Biometric Device Technology Study
Mobile biometric devices (MBDs) capable of both enrolling individuals in databases and performing identification checks of subjects in the field are seen as an important capability for military, law enforcement, and homeland security operations. The technology is advancing rapidly. The Department of Homeland Security Science and Technology Directorate through an Interagency Agreement with Sandia sponsored a series of pilot projects to obtain information for the first responder law enforcement community on further identification of requirements for mobile biometric device technology. Working with 62 different jurisdictions, including components of the Department of Homeland Security, Sandia delivered a series of reports on user operation of state-of-the-art mobile biometric devices. These reports included feedback information on MBD usage in both operational and exercise scenarios. The findings and conclusions of the project address both the limitations and possibilities of MBD technology to improve operations. Evidence of these possibilities can be found in the adoption of this technology by many agencies today and the cooperation of several law enforcement agencies in both participating in the pilot efforts and sharing of information about their own experiences in efforts undertaken separately.
Virginia
Lavabit LLC Unsealed Court Filings
Court documents related to the U.S. government’s efforts to force Lavabit LLC, an encrypted email provider used by Edward Snowden, to hand over encryption keys to decode all secure traffic flowing through the site. The documents were originally obtained and released by Kevin Poulsen of Wired.com after being unsealed by a judge on October 2, 2013.
Corporate
Gamma Group FinFisher Governmental IT Intrusion and Surveillance Presentations
Two presentations from the Gamma Group describe the company’s FinFisher and 3G-GSM tactical interception and target location surveillance products. The presentations were anonymously posted online and are reportedly from 2011 discussions between Gamma and the German State Criminal Police Offices (Landeskriminalamts).
Drug Enforcement Administration, White House
DEA Hemisphere Project Call Detail Record Retention Presentation
The Hemisphere Project is coordinated from the Los Angeles Clearinghouse and is funded by ONDCP and DEA. Hemisphere provides electronic call detail records (CDRs) in response to federal, state, and local administrative/grand jury subpoenas. The Hemisphere database contains CDRs for any telephone carrier that uses an AT&T switch to process a telephone call. Hemisphere is an unclassified program. Hemisphere provides de-confliction within the Hemisphere database. 4 billion CDRs populate the Hemisphere database on a daily basis.
California, Intelligence Fusion Centers
Oakland Domain Awareness Center Project Status Presentation May 2013
Department of Defense
(U//FOUO) DoD Procedures for Wire, Electronic and Oral Interceptions for Law Enforcement
United Nations
UN Human Rights Council Report: Impact of State Surveillance on Privacy and Freedom of Expression
The present report analyses the implications of States’ surveillance of communications for the exercise of the human rights to privacy and to freedom of opinion and expression. While considering the impact of significant technological advances in communications, the report underlines the urgent need to further study new modalities of surveillance and to revise national laws regulating these practices in line with human rights standards.
Drug Enforcement Administration
DEA General Principles for Payment of Records Requested via Administrative Subpoenas
This memorandum summarizes the basic payment principles. Title 21 U.S.C. § 876 authorizes the use of administrative subpoenas to obtain information relating to Title 21 investigations. DEA is under no obligation to pay for information provided in response to its issuance of an administrative subpoena unless a separate Federal statute or regulation specifically states that reimbursement is required.
Home Office
U.K. Home Office Draft Statutory Guidance on National Security Retention of Biometric Data
This guidance is to provide direction to any police force or other law enforcement authority regarding the retention and use of biometric material for national security purposes through the making or renewing of a national security determination.
California
San Francisco Public Utilities Commission Surveillance Streetlights Request for Participants
A request for participants (RFP) issued by the San Francisco Public Utilities Commission on June 8, 2012. The RFP concerns the construction of a wireless control and communications network for managing the city’s planned upgrade to dimmable LED streetlights. The RFP states that future uses for the secure wireless network may include street surveillance, gunshot monitoring, public information broadcasts, electric meter reading and pollution monitoring.
Corporate
Verizon Patent: DVR That Watches Users to Target Advertising
The advent of set-top box devices and other media content access devices (“access devices”) has provided users with access to a large number and variety of media content choices. For example, a user may choose to experience a variety of broadcast television programs, pay-per-view services, video-on-demand programming, Internet services, and audio programming via a set-top box device. Such access devices have also provided service providers (e.g., television service providers) with an ability to present advertising to users. For example, designated advertisement channels may be used to deliver various advertisements to an access device for presentation to one or more users. In some examples, advertising may be targeted to a specific user or group of users of an access device.
Department of Homeland Security
DHS Social Media Monitoring and Situational Awareness Initiative Privacy Compliance Review
The Office of Operations Coordination and Planning (OPS), National Operations Center (NOC), has statutory responsibility to (1) provide situational awareness and establish a common operating picture for the federal government, and for state, local, and tribal governments as appropriate, in the event of a natural disaster, act of terrorism, or other man-made disaster, and (2) ensure that critical terrorism and disaster-related information reaches government decisionmakers. Traditional media sources and, more recently, social media sources such as Twitter, Facebook, and a vast number of blogs provide public reports on breaking events with a potential nexus to homeland security. By examining open source traditional and social media information, comparing it with many other sources of information, and including it where appropriate into reports, the NOC can provide a more comprehensive picture of breaking or evolving events.
Corporate
Harris Corporation Wireless Surveillance Products Standard Terms and Conditions of Sale
Harris Corporation’s standard terms and conditions for the sale of their wireless surveillance products including the AmberJack, StingRay, StingRay II, Harpoon and KingFish products. The terms and conditions document was included in a contract signed with Tempe, Arizona on October 8, 2012 for $60,321.15 worth of surveillance software, equipment and training.
United States
ICANN Law Enforcement Recommendations for Domain Registration and WHOIS Data Collection Revisions
Documentation from the Internet Corporation for Assigned Names and Numbers (ICANN) on suggested amendments to domain registration agreements and due diligence recommendations for ICANN to adopt in accrediting registrars supported by the Australian Federal Police, U.S. Department of Justice, Federal Bureau of Investigation, New Zealand Police, Royal Canadian Mounted Police and Serious Organised Crime Agency.
Department of Homeland Security, United States
Senate Permanent Subcommittee on Investigations Federal Support for Fusion Centers Report
The Subcommittee investigation found that DHS-assigned detailees to the fusion centers forwarded “intelligence” of uneven quality – oftentimes shoddy, rarely timely, sometimes endangering citizens’ civil liberties and Privacy Act protections, occasionally taken from already-published public sources, and more often than not unrelated to terrorism. Congress directed the Department of Homeland Security (DHS) to lead this initiative. A bipartisan investigation by the Permanent Subcommittee on Investigations has found, however, that DHS’ work with those state and local fusion centers has not produced useful intelligence to support federal counterterrorism efforts.
Department of Homeland Security
DHS National Operations Center Operations Counterterrorism Desk (NCOD) Database Privacy Impact Assessment
The National Operations Center (NOC), within the Office of Operations Coordination and Planning (OPS), operates the NOC Counterterrorism Operations Desk (NCOD) and serves as the primary DHS point of contact to streamline counterterrorism Requests for Information (RFIs). The NCOD Database is a tracking tool used by NCOD Officers to track all counterterrorism related incoming and outgoing inquiries. OPS has conducted this Privacy Impact Assessment (PIA) because the NCOD Database contains personally identifiable information (PII).
Intelligence Advanced Research Projects Agency
(U//FOUO) IARPA Catalyst Entity Extraction and Disambiguation Study Final Report
Catalyst, a component of DDNI/A’s Analytical Transformation Program, will process unstructured, semistructured, and structured data to produce a knowledge base of entities (people, organizations, places, events, …) with associated attributes and the relationships among them. It will perform functions such as entity extraction, relationship extraction, semantic integration, persistent storage of entities, disambiguation, and related functions (these are defined in the body of the report). The objective of this study is to assess the state-of-the-art and state-of-the-practice in these areas.