TIME Surveillance

Report: U.S. Spied on Prominent Muslim Americans

Latest report based on documents leaked by Edward Snowden

The NSA and FBI monitored the emails of five well-known Muslim Americans between 2002-2008, according to a new report based on documents leaked by former NSA contractor Edward Snowden.

The Intercept, a news organization started by the journalist who first broke the Snowden story, reports that a government spreadsheet detailing the email addresses of monitored citizens was included in “FISA recap,” which refers to the secretive court that approves wiretapping and other intelligence activities.

Among the 7,485 email addresses listed on the spreadsheet are those of Faisal Gill, who served as an intelligence policy adviser in the Department of Homeland Security under President George W. Bush; Hooshang Amirahmadi, a professor at Rutgers University; Nihad Awad, executive director of the Council on American-Islamic Relations (CAIR), the largest Muslim civil rights organization in the U.S.; Asim Ghafoor, a lawyer who has represented clients in terrorism cases; and Agha Saeed, a former political science lecturer at California State University.

The five have denied any connection with terrorist organizations and do not have criminal records.

The office of the Director of National Intelligence denied the report Wednesday.

“It is entirely false that U.S. intelligence agencies conduct electronic surveillance of political, religious or activist figures solely because they disagree with public policies or criticize the government, or for exercising constitutional rights,” the office said in a statement. “Unlike some other nations, the United States does not monitor anyone’s communications in order to suppress criticism or to put people at a disadvantage based on their ethnicity, race, gender, sexual orientation or religion.”

Faisal Gill, who was accused of falsifying records in the mid-2000s to gain his security clearance but was later cleared by the Department of Homeland Security, found it “troubling” that the NSA was monitoring his Yahoo! and AOL email accounts.

“I just don’t know why. I’ve done everything in my life to be patriotic,” Gill told Intercept. “I think that certainly goes to show how we need to shape policy differently than it is right now,” he added.

Although the ODNI denied the report, the FBI and the Justice Department declined to comment. The Intercept says the reasons why the five were monitored remain unknown.

TIME technology

NSA Spying Hurts Cybersecurity for All of Us Say Privacy Advocates

FILE PHOTO  NSA Compiles Massive Database Of Private Phone Calls
This undated photo provided by the National Security Agency (NSA) shows its headquarters in Fort Meade, Md. NSA/Getty Images

The surveillance debate has focused on the legality of spying on Americans but some say the biggest danger is in the methods the NSA uses

Privacy advocates Monday slammed the National Security Agency for conducting surveillance in a way they say undermines cybersecurity for everyone and harms U.S. tech companies.

“We have examples of the NSA going in and deliberately weakening security of things that we use so they can eavesdrop on particular targets,” said Bruce Schneier, a prominent cryptography writer and technologist. Schneier referenced a Reuters report that the NSA paid the computer security firm RSA $10 million to use a deliberately flawed encryption standard to facilitate easier eavesdropping, a charge RSA has denied. “This very act of undermining not only undermines our security. It undermines our fundamental trust in the things we use to achieve security. It’s very toxic,” Schneier said.

In the year since former NSA contractor Edward Snowden’s first leaks, attention has focused on the Agency’s surveillance itself, fueling debates over whether it is legal and ethical to spy on American citizens or to eavesdrop on the leaders of allied countries. NSA policies that intentionally undermine cybersecurity too often get left out of the debate, said panelists Monday at a New American Foundation event titled “National Insecurity Agency: How the NSA’s Surveillance Programs Undermine Internet Security.”

“If the Chinese government had proposed to put in a backdoor into our computers and then paid a company $10 million to make that the standard we would be furious,” said Joe Hall, chief technologist at the Center for Democracy and Technology. “That’s exactly what the NSA has become: the best hacker in the entire world.”

In a statement to TIME, the NSA denied it had made the Internet less secure.

“While we cannot comment on specific, alleged intelligence-gathering activities, NSA’s interest in any given technology is driven by the use of that technology by foreign intelligence targets. The United States pursues its intelligence mission with care to ensure that innocent users of those same technologies are not affected,” spokesperson Vanee’ Vines said. “Our participation in standards development has strengthened the core encryption technology that underpins the Internet. NSA cannot crack much of the encryption that guards global commerce – and we don’t want to.”

The tension arises due to the two competing missions of the National Security Agency: electronic surveillance and protecting U.S. systems from cyberattacks.

Nearly all of our online communications are encrypted in some way against cyberattack, to protect our bank accounts from thieves and our intimate lives from nosy neighbors. This poses a challenge for the NSA as the agency, since September 11, 2001, has focused less on agents of foreign governments and more on ferreting out terrorist threats. Inevitably the data of innocent people gets caught its dragnet. A Washington Post report Sunday estimated that 90 percent of those caught in the agency’s data surveillance net—including intimate communications like family photographs and emails between lovers—are everyday Internet users not suspected of wrongdoing, many of them American citizens.

The agency has sought to install “backdoors,” hardware and software systems with deliberately weakened security, into some of the most commonly used tech products, as it did in the program codenamed PRISM. American tech companies say this hurts their business in the international marketplace, where users aren’t keen to use software that comes bugged by an American intelligence agency. Major tech firms, including Google, supported an amendment to the defense budget in May to prohibit the NSA from using funds for this kind of backdoor surveillance.

“Maybe a year ago this sort of language might have seemed unnecessary,” Google Privacy Policy Counsel David Lieber said, “but now its actually really important to restore trust that these sorts of things are not being requested and/or required of companies.”

Critics, like panelist Amie Stepanovich, senior policy counsel for the web freedom group Access, say NSA has also worked to crack and undermine encryption standards set by the National Institute of Standards and Technology (the body that establishes the security standards that help protect our email accounts, banking websites, etc.), and hoarded indexes of computer bugs the agency uses to hack into machines rather than reveal the vulnerabilities so they can be fixed.

In the wake of apparently unfounded accusations that the NSA knew about the Heartbleed bug and didn’t help fix it, the administration announced this spring it has “re-invigorated” existing policy on how it decides whether or not to disclose or exploit security vulnerabilities it finds. “Building up a huge stockpile of undisclosed vulnerabilities while leaving the Internet vulnerable and the American people unprotected would not be in our national security interest. But that is not the same as arguing that we should completely forgo this tool as a way to conduct intelligence collection,” White House Cybersecurity Coordinator Michael Daniel wrote in April.

At its core the question comes down to a cost benefit analysis. “The fundamental issue,” Schneier said, “is should we compromise the security of everybody in order to access the data of the few.”

TIME National Security

Privacy Board Gives Approval to NSA Snooping

James Cole
Deputy Attorney General James Cole testifies on Capitol Hill in Washington, Thursday, June 5, 2014, before the Senate Intelligence Committee hearing on reforming the practice of bulk collection of telephone records by the National Security Agency and other government agencies. J. Scott Applewhite—AP

But highlights concerns about Americans getting caught in the surveillance net

The privacy oversight panel tasked with reviewing the National Security Agency’s mass surveillance activities says snooping on foreigners is legal and effective, according to a report released on Tuesday.

The Privacy and Civil Liberties Oversight Board ruled unanimously that Section 702 of the Foreign Intelligence Surveillance Act, which the NSA uses to snoop on data centers located inside the U.S.—like Google, for instance—to collect the communications of foreigners “reasonably believed” to be outside the country, “has been subject to judicial oversight and extensive internal supervision.”

The panel found “no evidence of intentional abuse.” Instead, it was deemed “clearly authorized” by Congress, “reasonable” under the Fourth Amendment and “an extremely valuable and effective intelligence tool.” The board added that the program “has led the government to identify previously unknown individuals who are involved in international terrorism, and it has played a key role in discovering and disrupting specific terrorist plots aimed at the United States and other countries.”

The program has been at the center of controversy over NSA documents revealed by former contractor Edward Snowden. The scope of this surveillance can potentially sweep up the communications of Americans, who can also be specifically targeted for surveillance if their communications yield information “about” a foreign target.

Tuesday’s report contrasts sharply with the panel’s earlier report that harshly scolded the agency and comes soon after Sen. Ron Wyden (D-Oregon) slammed the intelligence community for what he called a “huge gap in oversight” of the “backdoor searches.” Wyden had been sent a letter from the Director of National Intelligence that detailed the communications collected by the program in 2013 and revealed the FBI uses the NSA data to conduct surveillance on Americans, though the agency reports it does not keep a record of how many.

TIME intelligence

FBI Doesn’t Know How Many Americans It Spies On

John Brennan CIA Nomination Hearing
Sen. Ron Wyden, D-Ore., listens to U.S. Assistant to the President for Homeland Security and Counterterrorism testify at his nomination hearing to be the next Director of the Central Intelligence Agency before the Senate Intelligence Committee on Feb. 7, 2013. Chris Maddaloni—CQ-Roll Call,Inc.

Intel agencies dished on how many Americans get nabbed in the surveillance dragnet

New details emerged Monday on how many Americans are spied on by the National Security Agency and Central Intelligence Agency, in a letter that also revealed how few records on domestic surveillance are held by the Federal Bureau of Investigations.

A letter to surveillance-reform hawk Sen. Ron Wyden (D—Ore.) from the Office of the Director of National Intelligence made public Monday revealed that the NSA approved searches of the content of communications of 198 “U.S. person identifiers”—a number associated with the phone, computer, etc. of an American citizen or legal immigrant — and 9,500 searches of meta-data for U.S. person identifiers. The Central Intelligence Agency conducted “fewer than 1900″ queries associated with U.S. person identifiers, according to the letter.

But the FBI could present no hard numbers on how many American citizens it spies on, according to the letter. “The FBI does not track how many queries it conducts using U.S. person identifiers,” the letter says. In fulfilling its mandate as a domestic law enforcement agency, the letter says, “the FBI does not distinguish between U.S. and non-U.S. persons for purposes of querying Section 702 collection.”

Wyden slammed what he termed a “huge gap in oversight” in surveillance of American citizens. “When the FBI says it conducts a substantial number of searches and it has no idea of what the number is, it shows how flawed this system is and the consequences of inadequate oversight,” Wyden said in a statement.

The letter from ODNI comes after a June 5 hearing of the Senate Intelligence Committee to discuss the USA FREEDOM Act, a bill to reform domestic surveillance revealed by former NSA contractor Edward Snowden and others, in which Wyden pressed National Security Agency Deputy Director Rick Ledgett to say how many “warrantless searches for Americans’ communications have been conducted” under Section 702 of the Foreign Intelligence Surveillance Act.

Section 702 of FISA regulates the monitoring of foreign communications. Though the NSA is officially prohibited from targeting the communications of innocent Americans, due to the nature of global communication in the 21st century and the scale of the mass collection, American citizens’ communications can be swept up in the surveillance dragnet. Other intelligence and law enforcement agencies can query data collected by the NSA for information about their investigations.

As a vocal proponent of reform legislation to curtail the NSA’s surveillance of Americans, Wyden was displeased with the ODNI’s response to his request. “The findings transmitted to me raise questions about whether the FBI is exercising any internal controls over the use of backdoor searches including who and how many government employees can access the personal data of individual Americans,” Wyden’s statement said. “I intend to follow this up until it is fixed.”

TIME China

What the GSK Sex Tape Says About Surveillance in China

CHINA-BRITAIN-PHARMACEUTICAL-CORRUPTION-EARNINGS-GSK
A Glaxo Smith Kline signboard outside their facilities in Shanghai on July 25, 2013. GlaxoSmithKline expects its performance in China to take a hit from Beijing's probe into bribery allegedly carried out by senior staff AFP—AFP/Getty Images

Surveillance, or the threat of surveillance, is a constant

Years ago, when my husband and I were living in Shanghai, a crew of men came to change the smoke-alarm battery in our bedroom. It seemed a lot of people to change a single battery, and they took their time about it. The leader of the battery-changing brigade was a man in a dapper pin-stripe suit. The smoke alarm was above our bed.

The men, all but one in uniforms from our apartment building yet unfamiliar to us, eventually departed. We had a lunch to get to, so we too left a few minutes later. As we walked out the back door of our apartment building, we saw the suited gentleman riding away in a black Toyota Crown, then considered the favored car of the Public Security Bureau. For several nights, my husband and I stared up at that alarm, wondering whether it was doing more than just sensing smoke.

This past weekend, the Sunday Times reported that a video of unknown provenance had circulated showing a British pharmaceutical executive having very friendly relations with a Chinese woman. Mark Reilly is the former China head of GlaxoSmithKline, the British pharmaceutical company that has been accused by Beijing authorities of bribery involving nearly $500 million. Reilly has been barred from leaving China and charges against him made in May potentially carry a long prison sentence. Other foreign pharmaceuticals have also been targeted in graft probes, presumably part of a nationwide anticorruption sweep by China’s President Xi Jinping.

The sex video, according to the Sunday Times, was “filmed clandestinely in Reilly’s Shanghai flat, [and] was sent by email to senior Glaxo staff including the chief executive Sir Andrew Witty.” The film clip accompanied one of many anonymous emails alleging financial impropriety at Glaxo — emails that were, in some cases, sent to a Chinese regulatory agency as well as company officials. The British newspaper reported on speculation that a Chinese ex-Glaxo employee might have been linked to these whistle-blowing missives but no proof has turned up in the public sphere.

Surveillance — or the threat of surveillance — is a constant in China. As a journalist, I may be more interesting to the powers that be than some other foreigners here. But other expat friends who’ve been followed, hacked or otherwise tracked in China include diplomats, NGO staff and businesspeople. Also, artists and academics.

Sometimes, the scrutiny can yield helpful consequences. A diplomat in China remembers commenting to his wife in his then nearly empty apartment that they were out of toilet paper. A few minutes later, there was a knock on the door and a bearer of new rolls arrived.

In most instances, it is in no way reassuring to have your email auto-forwarding mysteriously activated or to be tailed by a black Audi while on assignment in the Chinese countryside. Nor are foreigners the only ones subject to such treatment. The days of communist neighborhood-committee grannies poking their noses into residents’ sex lives may be over, but it’s hard to feel completely private in China. Each Chinese citizen still has a dedicated personal file kept by local authorities. The contents are supposed to be secret but a friend who once gained accessed to hers found, among other things, an old high school paper and a copy of a letter from an ex-boyfriend.

As for the smoke alarm, my husband and I eventually paid it no heed. You can’t be on guard all the time or you’ll end up paranoid. Besides, we weren’t hiding anything. Like other foreign reporters, if I work on a sensitive story involving, say, dissidents, I’ll take precautions. But otherwise, my daily life proceeds without incident or spy-sparring guile — no matter who may be watching.

TIME Security

A ‘Nightmare Scenario:’ Vodafone Reveals Huge Global Snooping Program

A Vodafone sign on May 30, 2006.
A Vodafone sign on May 30, 2006. AP

If you're a Vodafone customer, chances are your government has the tools to listen in directly

Just a day after the first anniversary of Edward Snowden’s watershed surveillance leaks, the world’s second-largest mobile phone company has announced that numerous government agencies have direct and open access to the conversations of its 381 million customers across the globe.

Privacy advocates are calling it a “nightmare scenario.”

The Guardian reported on Friday that Vodafone, which has operations in 29 countries, is to release a document describing “secret wires” that allow governments to monitor and record phone calls, text messages, and Internet data use.

The wires, Vodafone says, are “widely used” by a number of agencies.

Stephen Deadman, Vodafone’s group privacy officer, told the Guardian that “These pipes exist, the direct access model exists.”

The 40,000 word document, entitled Law Enforcement Disclosure Report, will be released publicly on Friday.

U.K. civil liberties advocate Shami Chakrabarti said to the Guardian that the fact that governments were able to “access phone calls at the flick of a switch” created a situation that was “unprecedented and terrifying.”

Vodafone said it intends to call for an end to “direct access to an operator’s communications infrastructure without a lawful mandate.”

TIME National Security

NSA Collects Millions of Facial Photos Daily, Snowden Documents Say

The NSA collects around 55,000 facial-recognition-quality images each day

The National Security Agency (NSA) is collecting millions of images a day for facial-recognition purposes, according to classified documents obtained from Edward Snowden by the New York Times.

Of those millions of images, approximately 55,000 a day are “facial recognition quality images,” according to the documents. The documents reveal that the NSA is using new software to mine social media, emails, text messages and other digital communications for images. They also show the agency is capable of and interested in intercepting forms of communication beyond text and audio.

“It’s not just the traditional communications we’re after: It’s taking a full-arsenal approach that digitally exploits the clues a target leaves behind in their regular activities on the net to compile biographic and biometric information,” read one document from 2010. An NSA spokeswoman declined to tell the Times if the agency is collecting facial images from social media through means other than digital intercepts.

[NYT]

TIME National Security

Snowden: NSA’s Email Release Is Incomplete

NSA whistleblower Edward Snowden, an analyst with a U.S. defence contractor, is interviewed by The Guardian in his hotel room in Hong Kong
NSA whistle-blower Edward Snowden in a still image taken from video during an interview by the Guardian in his hotel room in Hong Kong on June 6, 2013 Glenn Greenwald and Laura Poitras—The Guardian/Reuters

The former intelligence contractor says he wrote many more emails that officials have chosen not to reveal, and that the single release after so many denials “shows the NSA feels it has something to hide”

The email released by the National Security Agency (NSA) that Edward Snowden sent to its Office of the General Counsel is only one of many, the whistle-blower said in an interview with the Washington Post.

“Today’s strangely tailored and incomplete leak only shows the NSA feels it has something to hide,” Snowden said.

On Thursday, the NSA released the email dated April 5, 2013, in which Snowden — who then worked as an intelligence contractor — asks whether regulations from different institutions take precedence over each other, and whether Executive Orders can outweigh federal statute.

The email’s release is the first acknowledgement that Snowden did contact officials before leaking information about widespread surveillance by the agency, though the NSA maintains that he did not raise concerns about mass data collection before going rogue.

“I’m glad they’ve shown they have access to records they claimed just a few months ago did not exist, and I hope we’ll see the rest of them very soon,” Snowden said.

As the release comes “after more than a year of denying any such contact existed,” he added, it “raises serious concerns” about the NSA.

“It reveals as false the NSA’s claim to Barton Gellman of the Washington Post in December of last year, that ‘after extensive investigation, including interviews with his former NSA supervisors and co-workers, we have not found any evidence to support Mr. Snowden’s contention that he brought these matters to anyone’s attention,’” the 30-year-old told the Post.

Snowden says he sent many more emails to other officials raising concerns about illegal surveillance.

[The Washington Post]

TIME justice

Rise of the Private Surveillance State

Street graffiti by elusive graffiti artist Banksy is seen on a wall in central London
Street graffiti by elusive graffiti artist Banksy is seen on a wall, next to a CCTV camera, in central London on Nov. 25, 2008. Toby Melville—Reuters

Secretive data brokers have amassed thousands of details on virtually every household in the country.

Think you get to surf the internet for free these days? Think again. There’s a good chance you’re paying for the privilege with a little piece of your privacy, according to a Federal Trade Commission report released Tuesday. The ads you see on web pages are often automatically chosen to reflect your interests, based on collected bits and pieces of information you have made public as you go about your life online, and off.

And who’s doing the collecting? Data brokers, the largely unregulated middlemen in the privacy-for-personalization transaction at the heart of the digital economy. The FTC’s report, based on the responses of nine major data brokers to orders issued to them by the commission in 2012, shows just how far those companies have gone in amassing a huge information mosaic of Americans’ lives.

Of the nine data brokers, one data broker’s database has information on 1.4 billion consumer transactions and over 700 billion aggregated data elements; another data broker’s database covers one trillion dollars in consumer transactions; and yet another data broker adds three billion new records each month to its databases. Most importantly, data brokers hold a vast array of information on individual consumers. For example, one of the nine data brokers has 3000 data segments for nearly every U.S. consumer.

Among those thousands of “data segments” are seemingly private details, the report finds, like:

  • What kind of clothes you buy
  • Which charities you give to
  • What kind of pets you own
  • What movies you like to see
  • How big your house is
  • What kind of car you drive
  • Whether you’re liberal or conservative
  • Where you’re thinking of going on vacation
  • What kind of stocks you invest in
  • Whether you smoke
  • What kind of over-the-counter drugs you buy

The FTC found that consumers benefit from many of the purposes for which data brokers collect and use data. “Data broker products help to prevent fraud, improve product offerings, and deliver tailored advertisements to consumers. Risk mitigation products provide significant benefits to consumers by, for example, helping prevent fraudsters from impersonating unsuspecting consumers. Marketing products benefit consumers by allowing them to more easily find and enjoy the goods and services they need and prefer. In addition, consumers benefit from increased and innovative product offerings fueled by increased competition from small businesses that are able to connect with consumers they may not have otherwise been able to reach. Similarly, people search products allow individuals to connect with old classmates, neighbors, and friends.”

But the dangers are real, too. Consumers could be “denied the ability to conclude a transaction based on an error in a risk mitigation product,” without having any recourse to correct the mistake. Lower marketing scores could result in “different levels of service from companies.” The FTC also concluded that stored data on consumers could be vulnerable to “unscrupoulous actors” who could use the private data “to predict passwords, challenge questions, or other authentication credentials.”

The FTC found “a fundamental lack of transparency about data broker industry practices.” The brokers collect thousands of pieces of information about individual Americans’ lives, creating detailed mosaics of who they are and what they do, analyzing and sharing it with clients in multiple industries. But “all of this activity takes place behind the scenes, without consumers’ knowledge.”

The FTC says there is little it can do to mitigate the danger other than report on it. The Fourth Amendment and multiple federal laws constrain what the National Security Agency can do with the masses of data Edward Snowden revealed the government collects on Americans and others. But the law governing the use of personal data by commercial entities doesn’t cover marketing. So while Snowden imagines a dystopian future in which the government uses its collected information to endanger Americans, it seems that future already exists in the commercial realm.

TIME Surveillance

The New Cop on the Beat May Be a Bot

Knightscope K5 promises enhanced policing capabilities, courts controversy

Have we as a species learned nothing from Robocop?

A Silicon Valley company called Knightscope is currently testing a prototype robot designed to detect and monitor criminal activity, much the way a police officer or a security guard would.

The Knightscope K5 is a five-foot-tall autonomous robot (one presumes that its resemblance to a Dalek is merely coincidental) that roams around your neighborhood, observing and gathering data and trying to predict where and when criminal activity will occur.

It carries no weaponry, but it has a pretty complete sensor package that includes thermal imaging, license plate reading and facial recognition.

This takes public surveillance a step beyond stationary cameras, and the challenges to personal privacy are clear. The K5 could do a whole lot of good by deterring crime, especially in neighborhoods that lack the resources to field an adequate police presence.

But where do you draw the line?

Your browser, Internet Explorer 8 or below, is out of date. It has known security flaws and may not display all features of this and other websites.

Learn how to update your browser