Category: intelligence

Transparent Lives: Surveillance in Canada

The New Transparency project is coming to an end, and we are launching our major final report, Transparent Lives: Surveillance in Canada / Vivre à nu: La surveillance au Canada, in Ottawa on Thursday 8th May (which is also my birthday!). The report is being published as a book by Athabasca University Press, so it is available in all formats including a free-t0-download PDF. We want as many people in Canada (and elsewhere) to read it as possible.

The launch will be covered by the Canadian press and was already blogged in the Ottawa Citizen a few days ago.

A website with resources and summaries will be here very soon, and there is also a promotional video / trailer here in Youtube.

 

Hot Air on the Surveillance Industry from the UK

Privacy International has produced a much-needed survey of the state of the surveillance industry, following its other excellent report on the use of development aid to push surveillance technologies on developing countries. The British government’s response, voiced by the Chair of the Parliamentary Committee on Arms Export Controls, Sir John Stanley,  has been a typically limp one, largely concerned with the possibility of such systems being sold to ‘authoritarian regimes’ yet blustered and talked of ‘grey areas’ when it came to Britain’s responsibility for this trade.

But this is all way too little too late. I warned of the danger of the increased technological capabilities and decreasing costs of ‘surveillance-in-a-box’ systems as far back as 2008 (see my post here which refers to that). Instead of taking horizon-scanning and pre-emptive action to limit this, Britain, the USA and many other states have encouraged this trade with state aid – as they have with military and security industries more broadly – and, not least, encouraged the use of surveillance on a global scale themselves. Their own extensive breaches of human rights through programs like PRISM and TEMPEST give them no real moral high ground to talk about what authoritarian regimes might do, when they are already pursuing the same actions.

Illegal UK blacklists now being shared with the USA?

I’ve written here in the past about British blacklisting organisations that compile lists of ‘troublemakers’ (mainly union activists) and sell them to building firms and share them with police. This has led to people being unable to get jobs and all kinds of hassle. In theory, the notorious Economic League which started this activity back in the 1920s is now disbanded but their mantle was taken up by a number of other private bodies, including the Consulting Association, which was the subject of an unusual raid by the Information Commissioner’s Office (ICO) back in 2009.

Now it seems that in the era of transnational information sharing for ‘security’, such lists have found their way to the US Homeland Security complex. According to a report in the London Evening Standard, his certainly seems to be the case for major British mainstream environmental campaigner, John Stewart, formerly of the anti-road building lobby, Alarm UK and now of the Heathrow Association for the Control of Aircraft Noise (HACAN).

If such private politically motivated lists are now circulating internationally and being treated as reasonable grounds for refusing entry to other countries, it makes a mockery of the fact that they have already been found to be in breach of British and European laws, and it is likely that such data will continue to circulate entirely decontextualized from the circumstances and motivation of their collection. So an illegal anti-democratic trawling operation to stop legitimate political activity becomes the basis for security decisions to err… safeguard democracy. It would be funny if it wasn’t already so common and will continue to be so as security relies increasingly on risk assessments derived from the indiscriminate mashing together of information into ‘big data’.

US drone based in Saudia Arabia revealed?

003Wired’s Danger Room blog has published pictures of what may be the hitherto secret CIA drone base in Saudi Arabia, revealed as part the confirmation hearings for John Brenner as proposed Director of the CIA…

Obama’s drone wars in question

So much has been happening over the US drone warfare program over the last few weeks that it’s hard to keep up.

First, the United Nations Special Rapporteur for Human Rights and Counter-Terrorism, instigated an inquiry into the targeted killing programs operated by the USA, largely using drones, and focusing on the issue of civilian casualties. The rapporteur, Ben Emmerson, made it clear that the inquiry would pull no punches and might result in war crimes charges against the US, should evidence be discovered of such crimes.

Second, NBC television in the USA revealed a leaked Justice Department document laying out the legal justification for the targeted assassination of US citizens using drones. The full memo is also available from this link and assembles a tortuous argument about how US citizens can be killed by their own government from above if there an “informed, high-level” official decides that the person has “recently” been involved in undefined “activities” threatening a violent attack against the US and “there is  no evidence suggesting that he has renounced or abandoned such activities.”

And now, the Washington Post is reporting that the nomination of President Obama’s counter-terrorism guru, John Brennan, to head the CIA, has led to all sorts of revelations and difficult questions for Brennan to answer about the CIA’s targeted assassination program, including the acknowledgement of a secret drone base, at a still undisclosed location, in Saudi Arabia.

A while ago it looked like Obama’s drone strategy was unassailable despite increasing public knowledge via the Bureau of Investigative Journalism and criticisms from groups like the International Committee for Robot Arms Control. Now, this is going mainstream and it’s not looking so good for what former CIA Director, Leon Panetta, called the ‘only game in town’.

 

North American military drone policy update

The USA has established organized Pacific and Atlantic surveillance UAV squadrons (of 12-24 aircraft each) for the first time, for border and sea lane monitoring. These are a variant of the Northrop-Grumman MQ-4 drones I mentioned the other day, which Japan are also buying. The order establishing the program can be found via Cryptome here. Cryptome has also published the locations of the bases from which they will fly, Ventura Country naval base in California and and Mayport naval base near Jacksonville in Florida.

It is increasingly seeming like UAVs will continue to form the core of Obama’s military strategy, and it seems no coincidence that he has nominated John Brennan, described as the ‘architect’ of his drone policy, to be the new head of the Central Intelligence Agency.

Meanwhile, Canada is more likely to have widespread use of drones by police and the private sector before it gets any military models. It was reported just at the end of last year that the Canadian military drone program is now not likely to be in operation until 2017 and the cost has gone up to over $1Bn (Can). This doesn’t seem to have attracted anything like the attention that has been given to the ingoing farago surrounding the Canadian government’s attempt to purchase US Lockheed F-35 fighter jets, although admittedly that is no estimated as being something in the region of 50 times as expensive…

(Thanks to Chris Prince for keeping me updated on this!)

 

Greg’s Cable Map

Greg's Cable Map

There’s a fascinating interactive map of the world’s undersea communications cables here. It’s also a pretty good guesstimation guide as to where there are, or are likely to be, NSA or subordinate agencies’ (and other non-affiliated intelligence services’) field stations that funnel the data flowing through such cables through computer systems that analyse traffic and content data.

(via Gizmondo)

On the Internet, no-one knows you’re a dog

So the (now rather old) joke goes. In fact, this joke is now often seen as an example of how people early on in the history of the Internet misunderstood it. People, the argument goes, are just people on the Net, pretty much the same way they are in real life. No technological determinism here, no siree.

However there is increasing evidence that this new ‘common knowledge’ is dead wrong, but it isn’t necessarily individual ‘dogs’ pretending to be humans online, it is whole organised packs (don’t worry, I won’t take this metaphor any further). Various sources have been reporting the development call by the US military for software development to create artificial posters on Internet forums, chatrooms, and news sites. The US state it seems has woken up to the possibilities of what is often called ‘astroturfing’, the creation of fake grassroots movements, with fake members.

George Monbiot, a leading British investigative journalist with The Guardian newspaper knows about astroturfing more than most. He frequently writes about climate change denialists, and the comments under his stories are always filled with pseudonymous critics who seem to pop up every time the word ‘climate’ is mentioned and their responses often appear to be scripted and organised. He’s been digging deeper, and while his investigations are still ongoing, he has provided a useful summary of recent development here.

As well as the corporate interests (tobacco, oil, pharma etc.) it’s also worth pointing out that other states are far ahead of the US on this. China notoriously has its so-called ’50-Cent Party’, students and others who are recruited by the state and paid by the message to counter any anti-Chinese or pro-Tibetan, pro-Taiwan or pro-Uighur sentiment. Their early efforts were laughably obvious, but are becoming more and more subtle. Israel is open in its backing of such ‘online armies’, and advocates the use of a particular software tool, called Megaphone, which enables its users to respond quickly and widely to any reports or discussion seem as against the interests of the Israeli state.

Anonymity is also used by these organised groups as a form of individual intimidation through other ‘open’ channels, especially of those who lack the resources and sometimes the low cunning to be able to respond effectively. One is Freedom of Information legislation. In the area of climate change denial, we saw this with the systematic and organised petitioning of the University of East Anglia’s Climate Research Unit, in which FoI requests were really a form of harassment. More recently, as I have just heard from Chris Parsons, two professors from Ottawa, Errol Mendes and Amir Attaran, seen as ‘liberal’ and critical of the Canadian government, have similarly found themselves the subject of a huge upsurge in FoI requests, many of which seem to be deliberately requesting very intimate information. This would appear to be Freedom of Information as intimidation.

There are several responses one could have to this. One would be to withdraw from more public and open forms of interaction, to batten down the hatches, retreat into extreme forms of privacy. This would be a mistake: it really would, as some of the more alarmist reports have proposed, mean the death of Web2.0. The other would be to take the Anonymous route, to ferret out the spies and the fakes. This could be done with better forum and comment software, but would mean a lot of hacking effort and knowledge. How is a chatroom supposed to go up against the power of states and corporations? The real risk with this, as with more low-tech forms of ‘exposure’, is that we help create a culture of suspicion in which moles and spies are everywhere, and genuine political interaction is chilled. It may be coincidental, but it is not unrelated, that we are seeing a growing attention being called to this kind of thing just as we have seen the power of social media in the uprisings across the Arab world. In this area at least privacy is not the answer, a more radical political openness and transparency may well be required to facilitate the kind of social trust that can keep Web2.0 growing and changing in a positive direction.

US subversion in Norway

Norway has long been a close ally of the USA. Outside of the EU, but inside NATO, it provided bases and consistent support for the USA during the Cold War, unsurprisingly seeing neighbouring USSR as a serious threat to its interests. Yet… those days would seem to be long gone, at least as far as the US is concerned, if a story recently revealed is to be believed.

According to the Dagbladet newspaper, Norway’s TV2 News reported that 15-20 Norwegians, including ex-police, had been recruited by the US Embassy over 10 years to form a secret group, the Surveillance Detection Unit (SDU) that would apparently monitor terrorist threats in Norway. The group operated from a building near the embassy, and collected information on hundreds of Norwegian citizens, whose details were added to a database called SIMAS (Security Incident Management Analysis System).

This was all done apparently without the Norwegian government’s consent, although according to the report, the US Embassy has admitted carrying out the program. The question is – is this standard US practice, or simple a ‘rogue’ embassy group of bored spooks getting above themselves? The answer is that it is almost undoubtedly the former. SIMAS is the US diplomatic service’s global database. According to a Privacy Impact Assessment (!) submitted by the State Department on the system:

“Security Incident Management and Analysis System (SIMAS) is a worldwide Bureau of Diplomatic Security (DS) web-based application, which serves as a repository for all suspicious activity and crime reporting from U.S. Diplomatic Missions abroad (all U.S. embassies and consulates). Department of State personnel, including Diplomatic Security personnel, regional security officers, and cleared foreign nationals, enter Suspicious Activity Reports (SARs) into SIMAS as a central repository for all physical security incidents overseas. SIMAS Reports typically contain a detailed narrative description of the suspicious activity prompting the report, available suspicious person(s) and vehicle descriptors, and other identification data as may be available (e.g. photographs). Reports also indicate date, time and location of suspicious activity, and may include amplifying comments from relevant Bureau offices.”

The data entered into the system on individuals include:

“Citizenship Status and Information (source-documents)

  • DSP-11 (Passport Application)
  • OF-156 (VISA application)

Biometric Information (source-observation and photography)

  • Gender
  • Race
  • Height
  • Weight
  • Eye Color
  • Skin Tone
  • Hair Color
  • Hair Style
  • Images
  • Age or Estimated Age
  • Body Type (Build)
  • Scars, Marks, & Tattoos

Other (source-personal interview by authorities)

  • Name
  • Address
  • DOB
  • Telephone Number
  • Father’s Name
  • Mother’s Name”

It is supposed to be limited to “suspicious or potentially threatening incidents gathered from observations in the vicinity of a post” in order to protect the embassy, however it seems that far more was going on in the case uncovered in Norway, and it would not be surprising if the SDU was operating as a cover for a range of other intelligence activities.

Update: the Norwegian government is now complaining to the US government about this, saying that it breaks Norwegian privacy laws. But, but… they did a PIA! Surely everything is okay now? Oh, and the US claim that “Norwegian authorities had been informed in advance about the surveillance activities.” Hey, this means someone is lying to us! Surely not… 😉

New UK government to go ahead with old government plan on data retention

One of the many promises made by the new Conservative-Liberal Democrat coalition government was that it would “end the storage of internet and e-mail records without good reason.” The obvious flaw in this promise is that all the protection provided was only good so long as the government was unable to invent a ‘good reason.’

Now it appears according to The Guardian newspaper, that such a ‘good reason’ has been defined in the Strategic Defence and Security Review, to keep all web site visits, e-mail and phone calls made in the UK. And it is an old reason: basically, everything should be kept in case the police or intelligence services might find it useful in the prevention of a ‘terror-related crime’. Note: not actually terrorism, but terror-related, which is rather more vague and not so clearly defined in law, even given that ‘terrorism’ is already very broadly defined in the relevant laws.

This is pretty much exactly what the last Labour government were planning to do anyway with the proposed Communications Bill. Oh, and dont’t forget that the cost of this has been estimated at around 2Bn GBP ($3.5Bn) in a country that just announced ‘unavoidable’ welfare cuts of 7Bn GBP… that’s the reality of the ‘age of austerity’ for you’. It shows what David Gill argued in his book Policing Politics (1994) that the intelligence service constitute a ‘secret state’ that persists beyond the superficial front of the government of the day.