North American military drone policy update

The USA has established organized Pacific and Atlantic surveillance UAV squadrons (of 12-24 aircraft each) for the first time, for border and sea lane monitoring. These are a variant of the Northrop-Grumman MQ-4 drones I mentioned the other day, which Japan are also buying. The order establishing the program can be found via Cryptome here. Cryptome has also published the locations of the bases from which they will fly, Ventura Country naval base in California and and Mayport naval base near Jacksonville in Florida.

It is increasingly seeming like UAVs will continue to form the core of Obama’s military strategy, and it seems no coincidence that he has nominated John Brennan, described as the ‘architect’ of his drone policy, to be the new head of the Central Intelligence Agency.

Meanwhile, Canada is more likely to have widespread use of drones by police and the private sector before it gets any military models. It was reported just at the end of last year that the Canadian military drone program is now not likely to be in operation until 2017 and the cost has gone up to over $1Bn (Can). This doesn’t seem to have attracted anything like the attention that has been given to the ingoing farago surrounding the Canadian government’s attempt to purchase US Lockheed F-35 fighter jets, although admittedly that is no estimated as being something in the region of 50 times as expensive…

(Thanks to Chris Prince for keeping me updated on this!)


Greg’s Cable Map

Greg's Cable Map

There’s a fascinating interactive map of the world’s undersea communications cables here. It’s also a pretty good guesstimation guide as to where there are, or are likely to be, NSA or subordinate agencies’ (and other non-affiliated intelligence services’) field stations that funnel the data flowing through such cables through computer systems that analyse traffic and content data.

(via Gizmondo)

On the Internet, no-one knows you’re a dog

So the (now rather old) joke goes. In fact, this joke is now often seen as an example of how people early on in the history of the Internet misunderstood it. People, the argument goes, are just people on the Net, pretty much the same way they are in real life. No technological determinism here, no siree.

However there is increasing evidence that this new ‘common knowledge’ is dead wrong, but it isn’t necessarily individual ‘dogs’ pretending to be humans online, it is whole organised packs (don’t worry, I won’t take this metaphor any further). Various sources have been reporting the development call by the US military for software development to create artificial posters on Internet forums, chatrooms, and news sites. The US state it seems has woken up to the possibilities of what is often called ‘astroturfing’, the creation of fake grassroots movements, with fake members.

George Monbiot, a leading British investigative journalist with The Guardian newspaper knows about astroturfing more than most. He frequently writes about climate change denialists, and the comments under his stories are always filled with pseudonymous critics who seem to pop up every time the word ‘climate’ is mentioned and their responses often appear to be scripted and organised. He’s been digging deeper, and while his investigations are still ongoing, he has provided a useful summary of recent development here.

As well as the corporate interests (tobacco, oil, pharma etc.) it’s also worth pointing out that other states are far ahead of the US on this. China notoriously has its so-called ’50-Cent Party’, students and others who are recruited by the state and paid by the message to counter any anti-Chinese or pro-Tibetan, pro-Taiwan or pro-Uighur sentiment. Their early efforts were laughably obvious, but are becoming more and more subtle. Israel is open in its backing of such ‘online armies’, and advocates the use of a particular software tool, called Megaphone, which enables its users to respond quickly and widely to any reports or discussion seem as against the interests of the Israeli state.

Anonymity is also used by these organised groups as a form of individual intimidation through other ‘open’ channels, especially of those who lack the resources and sometimes the low cunning to be able to respond effectively. One is Freedom of Information legislation. In the area of climate change denial, we saw this with the systematic and organised petitioning of the University of East Anglia’s Climate Research Unit, in which FoI requests were really a form of harassment. More recently, as I have just heard from Chris Parsons, two professors from Ottawa, Errol Mendes and Amir Attaran, seen as ‘liberal’ and critical of the Canadian government, have similarly found themselves the subject of a huge upsurge in FoI requests, many of which seem to be deliberately requesting very intimate information. This would appear to be Freedom of Information as intimidation.

There are several responses one could have to this. One would be to withdraw from more public and open forms of interaction, to batten down the hatches, retreat into extreme forms of privacy. This would be a mistake: it really would, as some of the more alarmist reports have proposed, mean the death of Web2.0. The other would be to take the Anonymous route, to ferret out the spies and the fakes. This could be done with better forum and comment software, but would mean a lot of hacking effort and knowledge. How is a chatroom supposed to go up against the power of states and corporations? The real risk with this, as with more low-tech forms of ‘exposure’, is that we help create a culture of suspicion in which moles and spies are everywhere, and genuine political interaction is chilled. It may be coincidental, but it is not unrelated, that we are seeing a growing attention being called to this kind of thing just as we have seen the power of social media in the uprisings across the Arab world. In this area at least privacy is not the answer, a more radical political openness and transparency may well be required to facilitate the kind of social trust that can keep Web2.0 growing and changing in a positive direction.

US subversion in Norway

Norway has long been a close ally of the USA. Outside of the EU, but inside NATO, it provided bases and consistent support for the USA during the Cold War, unsurprisingly seeing neighbouring USSR as a serious threat to its interests. Yet… those days would seem to be long gone, at least as far as the US is concerned, if a story recently revealed is to be believed.

According to the Dagbladet newspaper, Norway’s TV2 News reported that 15-20 Norwegians, including ex-police, had been recruited by the US Embassy over 10 years to form a secret group, the Surveillance Detection Unit (SDU) that would apparently monitor terrorist threats in Norway. The group operated from a building near the embassy, and collected information on hundreds of Norwegian citizens, whose details were added to a database called SIMAS (Security Incident Management Analysis System).

This was all done apparently without the Norwegian government’s consent, although according to the report, the US Embassy has admitted carrying out the program. The question is – is this standard US practice, or simple a ‘rogue’ embassy group of bored spooks getting above themselves? The answer is that it is almost undoubtedly the former. SIMAS is the US diplomatic service’s global database. According to a Privacy Impact Assessment (!) submitted by the State Department on the system:

“Security Incident Management and Analysis System (SIMAS) is a worldwide Bureau of Diplomatic Security (DS) web-based application, which serves as a repository for all suspicious activity and crime reporting from U.S. Diplomatic Missions abroad (all U.S. embassies and consulates). Department of State personnel, including Diplomatic Security personnel, regional security officers, and cleared foreign nationals, enter Suspicious Activity Reports (SARs) into SIMAS as a central repository for all physical security incidents overseas. SIMAS Reports typically contain a detailed narrative description of the suspicious activity prompting the report, available suspicious person(s) and vehicle descriptors, and other identification data as may be available (e.g. photographs). Reports also indicate date, time and location of suspicious activity, and may include amplifying comments from relevant Bureau offices.”

The data entered into the system on individuals include:

“Citizenship Status and Information (source-documents)

  • DSP-11 (Passport Application)
  • OF-156 (VISA application)

Biometric Information (source-observation and photography)

  • Gender
  • Race
  • Height
  • Weight
  • Eye Color
  • Skin Tone
  • Hair Color
  • Hair Style
  • Images
  • Age or Estimated Age
  • Body Type (Build)
  • Scars, Marks, & Tattoos

Other (source-personal interview by authorities)

  • Name
  • Address
  • DOB
  • Telephone Number
  • Father’s Name
  • Mother’s Name”

It is supposed to be limited to “suspicious or potentially threatening incidents gathered from observations in the vicinity of a post” in order to protect the embassy, however it seems that far more was going on in the case uncovered in Norway, and it would not be surprising if the SDU was operating as a cover for a range of other intelligence activities.

Update: the Norwegian government is now complaining to the US government about this, saying that it breaks Norwegian privacy laws. But, but… they did a PIA! Surely everything is okay now? Oh, and the US claim that “Norwegian authorities had been informed in advance about the surveillance activities.” Hey, this means someone is lying to us! Surely not… 😉

New UK government to go ahead with old government plan on data retention

One of the many promises made by the new Conservative-Liberal Democrat coalition government was that it would “end the storage of internet and e-mail records without good reason.” The obvious flaw in this promise is that all the protection provided was only good so long as the government was unable to invent a ‘good reason.’

Now it appears according to The Guardian newspaper, that such a ‘good reason’ has been defined in the Strategic Defence and Security Review, to keep all web site visits, e-mail and phone calls made in the UK. And it is an old reason: basically, everything should be kept in case the police or intelligence services might find it useful in the prevention of a ‘terror-related crime’. Note: not actually terrorism, but terror-related, which is rather more vague and not so clearly defined in law, even given that ‘terrorism’ is already very broadly defined in the relevant laws.

This is pretty much exactly what the last Labour government were planning to do anyway with the proposed Communications Bill. Oh, and dont’t forget that the cost of this has been estimated at around 2Bn GBP ($3.5Bn) in a country that just announced ‘unavoidable’ welfare cuts of 7Bn GBP… that’s the reality of the ‘age of austerity’ for you’. It shows what David Gill argued in his book Policing Politics (1994) that the intelligence service constitute a ‘secret state’ that persists beyond the superficial front of the government of the day.