Archive for the ‘Privacy’ Category

Article: US Govt secretly snoops on your email

Tuesday, December 20th, 2011


How the US government secretly reads your email
The Guardian, 11/12 October 2011

Secret orders forcing Google and Sonic to release a WikiLeaks volunteer’s email reveal the scale of US government snooping

Somewhere, a US government official is reading through a list of those who sent or received an email from Jacob Appelbaum, a 28-year-old computer science researcher at the University of Washington who volunteered for WikiLeaks. Among those listed will be my name, a journalist who interviewed Appelbaum for a book about the digital revolution.

Appelbaum is a spokesman for Tor, a free internet anonymising software that helps people defend themselves against internet surveillance. He’s spent five years teaching activists around the world how to install and use the service to avoid being monitored by repressive governments. It’s exactly the sort of technology Secretary of State Hilary Clinton praised in her famous “Internet Freedom” speech in January 2010, when she promised US government support for the designers of technology that circumvented blocks or firewalls. Now, Appelbaum finds himself a target of his own government as a result of his friendship with Julian Assange and the fact WikiLeaks used the Tor software.

Appelbaum has not been charged with any wrongdoing; nor has the government shown probable cause that he is guilty of any criminal offence.

That matters not a jot, because, as the law stands, government officials don’t need a search warrant to access our digital data. Searching someone’s home requires a (more…)

Who’s laughing now: Lulzsec & census leak

Tuesday, June 21st, 2011

Update: Hacking collective Lulzsec have claimed the posting with their logo was not an ‘official’ hack by them but may have been the work of others getting on board their #AntiSec campaign. See http://www.guardian.co.uk/technology/2011/jun/21/lulzsec-census-2011-denial-twitter

Back in April I reported for the BBC’s Daily Politics show about the UK Census and why it was not only a waste of money as the data would already be outdated by the time it was useable, but also a security breach waiting to happen.

Yesterday, Lulz Security (LulzSec) a hacking group who describe themselves as “the world’s leaders in high-quality entertainment at your expense”, apparently claimed to have committed such a security breach, with an announcement posted on Pastebin of the acquisition of records of “every single citizen” who filled in the Census form. The anonymous hackers claimed they would reformat the data and make it available via The Pirate Bay.

Yesterday, LulzSec’s twitterfeed stated:

“Your tax money is being used to pay for things to not be secured so that people like us can take what you expect to be kept inaccessible.”

The group have previously released the X Factor contestants database and information from Fox.com and Sonypictures.com on their website.

The Met Police have confirmed reports that a 19-year-old they claim is one of the hackers behind LulzSec has been arrested in Wickford, Essex, though the group deny he was a leader.

The Office for National Statistics issued a weasely and vague statement that reveals some of the technical incompetence of this government organization. It seems they don’t even know whether or not they’ve been hacked:

We are aware of the suggestion that census data has been accessed. We are working with our security advisers and contractors to establish whether there is any substance to this. The 2011 Census places the highest priority on maintaining the security of personal data. At this stage we have no evidence to suggest that any such compromise has occurred.

To re-state the obvious. The only way information is truly secure is to not keep it in the first place. The Census should only have collected the absolute minimum needed to perform its function and most of this data was already available to government. Creating a central database of all UK citizen’s personal data (including their religion, race and sexual orientation) has served only to provide a convenient one-stop shop for miners of our personal information.

Superinjunctions video

Tuesday, May 24th, 2011

Discussing superinjunctions and Twitter on Sky News.

Can superinjunctions survive the internet?

Monday, May 9th, 2011

“Injunction-busting” Twitter accounts stepped into the spotlight over the weekend, and have successfully whipped up the building storm on social networks and internet forums – with a helping hand from the media.

Judges and lawyers across the country must be scratching their heads this morning, perhaps wondering how information can be restricted once it gets onto the internet, to be replicated over and over again, usually by members of the public who feel little of the legal threat hanging over newsrooms. The flow of free speech that the internet allows is breaking down previously unwavering barriers of control. What good are one nation’s laws when information flows across a global jurisdiction? It becomes impossible to take action against hundreds of Twitter users simply for retweeting an allegation that is a contempt of Court in England.

Recently names have been flying around social networks with users speculating about who has an injunction. Wikipedia was forced to take action when information relating to superinjuctions was posted on individual celebrity pages.

Both Gabby Logan and Jemima Khan have furiously denied allegations that they have taken out injunctions. A popular anti-injunction sentiment says that if secrecy continues, more innocent parties could fall victim to erroneous name-and-shame campaigns, while those hiding behind genuine injunctions remain unscathed.

Opinion seems largely split between those who see injunctions as necessary to protect the private lives of celebrities and public figures from the prying eyes of the tabloid press, and those who see any prior restraint on media stories as dangerous – whether it concerns the sex life of a footballer or the secret dealings of a multinational company. It’s safe to assume that the right to privacy created by the Human Rights Act wasn’t designed to protect the sexual indiscretions of the rich and famous, although that seems to be its primary role in the UK court system.

Celebrity sex lives may be none of our business and potentially cloud a ‘public interest’ defence for breaking injunctions, but they are a national fascination. The air of mystery surrounding potential splash stories has the public gagging for more details, whether people are happy to admit personal interest or not.

Journalists at the national newspapers are rubbing their hands with glee, and the Daily Mail and Telegraph in particular have sailed close to the wind with innuendo-laden comment pieces. The Daily Mail went so far as to put the injunction fiasco on their front page this morning.

While the media may be bound by the shackles of legal restraint, the internet remains beyond the control of English judges. The great debate is whether or not that is such a bad thing. As the uprisings in the Middle East show, free flows of information beyond the control of established authority can lead to surprising results.

Two sides of online censorship

Wednesday, April 6th, 2011

Communications minister Ed Vaizey recently commented on the planned additions to the EU data protection directive saying changes need to be both “practical and proportionate”. The additions focus on the right to be forgotten online, particularly for users of social networking sites. That could require websites to delete data held about individuals and inform people how their personal information is handled.

Vaizey says he’s concerned the directive could give people false expectations, saying: ‘No government can guarantee that photos shared with the world will be deleted by everyone when someone decides it’s time to forget.’ The minister is worried that implementing revisions could “stifle innovation”, although he doesn’t explain how allowing users to control their personal information could result in hindering international business development.

Internet users do need more information about how their data is stored and used – and that should be readily provided by website owners – but giving individuals a right to delete personal data from the internet is obviously the more contentious point, perhaps stemming from an idea that people will use a right to be forgotten to edit personal history to the detriment of free speech.

Interestingly, Vaizey is also one of the main players in the proposed ‘Great Firewall of Britain’, a self-regulatory scheme which would allow the government to block websites that music and film companies accuse of copyright infringement. Several civil liberties groups, including The Open Rights Group (ORG), have raised concerns that this could lead to a heavy-handed approach resulting in excessive legal claims and censorship of legitimate material.

Jim Killock of ORG called this proposal a backdoor private arrangement between the government and rights-holders without the scrutiny that judges or a formal act of parliament would require. The democracy of the scheme is certainly called into question – who will decide which sites can be blocked and why? Who will oversee these decisions to make sure they are democratic? It seems that ISPs would be allowed to blacklist censored sights with no judicial review.

Vaizey is concerned that implementing a right to be forgotten could stifle innovation. But the proposed firewall has been accused of leading to a situation where censorship could be done at will. The message seems to be that giving individuals the right to block or delete online is dangerous, while large corporations and the state can go right ahead.

Council meetings secretly filmed by security spies

Friday, April 1st, 2011

Yesterday the Ham & High newspaper revealed that security officers for Barnet Council have been wearing hidden cameras to spy on residents and “amass evidence”.

The cameras were used as officers patrolled town hall meetings and guarded council property, including at a budgetary meeting in March where seven officers from the firm MetPro prevented members of the public from entering the building.

One 85-year-old resident told the paper the security staff were an “intimidating presence” who created a “menacing element” in the meeting room. He compared the officers to Hitler’s SS force, and added, ‘I had no sense of being involved in a democratic occasion whatsoever.’

Apparently MetPro’s secretary Kevin Sharkey drove up to a resident’s forum in a blacked-out security car and ‘boasted of filming residents and monitoring blog and twitter activity’ at the March meeting.

Barnet council responded to the article by claiming they did not authorise the cameras and have since terminated their contract with the firm, which has been in place since 2006. A spokesperson said: ‘Unlike some other London boroughs, the setting of the budget in Barnet at cabinet and council was held with the public present and at the advertised time and place.’

As campaign group Big Brother Watch points out, the company still carries testimonials from Barnet council on its website.