NSA has direct access to tech giants' systems for user data, secret files reveal

Edward Snowden's Boss at Booz Allen Hamilton Speaks comments by Bruce Schneier

-- Tom

 

Well, he did make some mistakes. Which, for us, were a good thing.

 

By Glenn Greenwald

Three New Scandals Show How Pervasive and Dangerous Mass Surveillance is in the West, Vindicating Snowden

 

Donald Trump will control the NSA – what this means for your privacy by Pierluigi Paganini

-- Tom

 

"CIA, NSA ordered to reveal to judge whether they were involved in Occupy Philly surveillance...

...Responding to a Freedom of Information Act lawsuit filed by a lawyer for the demonstrators, U.S. District Judge Berle M. Schiller gave the agencies until early next year to submit a list of any records detailing the agencies' potential surveillance activities, along with a justification of why those documents should be withheld from public disclosure..."

http://www.philly.com/philly/news/2...e_involved_in_Occupy_Philly_surveillance.html

 

Man oh man... this is truly some scary stuff. Hadnt done anything violent and still being watched over and investigated...

 

Lawmakers seek to delay new rule allowing mass hacking by federal agents

http://www.usatoday.com/story/news/...llowing-mass-hacking-federal-agents/94032004/

 

Focusing on laws seems misguided. Because NSA ignores them, and shares information with FBI etc, which then does parallel construction. So laws are largely irrelevant. Legality does simplify using information, I suppose. But it's also a wakeup call to practice better OpSec. So hey

 

New NSA Stories

https://www.schneier.com/blog/archives/2016/12/new_nsa_stories.html

 

The European Court of Justice (the EU's highest court) has ruled that the “General and indiscriminate retention” of emails and electronic communications by governments is illegal. Only targeted interception of traffic and location data in order to combat serious crime is justified.

The case was bought in relation to GCHQ's mass surveillance under the "Dripa" legislation, and almost certainly means that the UK's IPA, just introduced, will also be in breach. Regardless of what the UK decides to do about that, it is highly significant to the extent to which it binds European countries, and would cause conflict with other jurisdictions that interacted with the EU's email and website visits, searches etc, and flouted that.

https://www.theguardian.com/law/2016/dec/21/eus-highest-court-delivers-blow-to-uk-snoopers-charter

 

That's the good news .

But the latest is that UK Gov plc is going to appeal the judgement , and in the meantime , nothing will change .
Feet will be dragged , and post Brexit , EU law will no longer take precedence.

Sorry , but I can't post a link right now , I've only just heard it on BBC Radio online .

Update :-
http://www.bbc.co.uk/news/uk-politics-38390150

More :-
https://www.liberty-human-rights.or...ng-law-collecting-everyones-internet-and-call

 

They ALWAYS appeal, regardless of the chances of success. And even when the final ruling is made, they ignore it for as long as possible - recall the DNA retention judgement by the ECHR. Given the long list of public bodies (and huge numbers of people) who can gain access to the ICRs under the IPA, it's my view that the IPA is almost certainly similarly in breach.

However, presuming the appeal fails, EU countries will be bound by the judgement, and that would at least have a knock-on impact on UK practices, ability to host services and so on. In addition, unless they repeal the HRA (which has large ramifications), it's very likely that a UK court would rule exactly the same. Mind you, recent evidence seems to indicate that they don't like British Courts gainsaying them either.

In respect of what can be done about it by Jo User, the legal position changes very little, except that I think it makes it harder for them to tighten the thumbscrews on VPNs and VPN providers.

 

Good points , all .
And you are right of course ; even if the appeal fails the court judgements will still be ignored until a major legal challenge
is brought by groups or individuals , and a legal precedent can be established .

Look on the bright side .... The Food Standards Agency will also have access to the data !
I will sleep easier knowing that the burger supply is in safe hands

 

Yes they sure do "demand".
If you don't compile they use strong-arm tactics - case in point: Lavabit mail
https://lavabit.com/

 

They want our lives to be "The Truman Show"

 

Lawmakers reintroduce popular Email Privacy Act

https://threatpost.com/lawmakers-reintroduce-popular-email-privacy-act

 

NSA Given More Ability to Share Raw Intelligence Data

https://www.schneier.com/blog/archives/2017/01/nsa_given_more_.html

 

I really think you should start a new thread with this (and the NY times article on the same subject) since not everyone will check this thread.

I'd do it for you, but I dont want to steal your thunder.

This development has downright nasty potential...

 

@Anonfame1
You can start new thread if you think news deserves it. You won't "steal" anything from me

 

Microsoft wants to tell users when the government is reading their data.

https://www.onmsft.com/news/microsoft-wants-to-tell-users-when-a-government-is-reading-their-data

 

I don't know what to make of Microsoft presenting themselves as advocates for privacy. They seem to be just the opposite.

 

Microsoft must present itself that way to have any hope of retaining non-US customers. Ditto for Apple, Google, Facebook, Twitter, etc. Except for Yahoo, anyway, which just doesn't seem to care

 

I think it's also so that MS (and others) can continue to maintain the "EU-US Privacy Shield" (the fudge after Safe Harbor was declared invalid) pretence in Europe. I can see tensions developing further over that class of agreement, particularly in Germany.

 

https://www.theregister.co.uk/2017/02/01/former_ftc_com_brill_says_privacy_shield_not_impacted/