NSA Spying: Now It’s Personal

This article first appeared July 11 on the website of the Electronic Frontier Foundation.

By Eva Galperin and Nadia Kayyali

Imagine that you watched a police officer in your neighborhood stop ten completely ordinary people every day just to take a look inside their vehicle or backpack. Now imagine that nine of those people are never even accused of a crime. They just happened to be in the wrong place at the wrong time. Even the most law-abiding person would eventually protest this treatment. In fact—they have.

Now replace police officers with the NSA. The scenario above is what the NSA is doing with our communications, under cover of its twisted interpretation of Section 702 of the FISA Amendments Act. The Washington Post has revealed that “Nine of 10 account holders found in a large cache of intercepted conversations, which former NSA contractor Edward Snowden provided in full to The Post, were not the intended surveillance targets.” Additionally, “[n]early half of the surveillance files, a strikingly high proportion, contained names, e-mail addresses or other details that the NSA marked as belonging to U.S. citizens or residents.”

International Treaty Negotiations Go Further Underground with Unprecedented Secrecy Around Meetings in Canada

This post, written by EFF Global Policy Analyst Maria Sutton, was originally published on the foundation’s website July 8.

EFF is in Ottawa this week for the Trans-Pacific Partnership (TPP) negotiations, to influence the course of discussions over regressive digital policy provisions in this trade agreement that could lead to an increasingly restrictive Internet. But this round is different from the others—the secrecy around the talks is wholly unprecedented. The Canadian trade ministry, who is hosting this round of talks, has likely heightened the confidentiality due to the mass public opposition that is growing against this undemocratic, corporate-driven trade deal.

EFF: Is Your Android Device Telling the World Where You’ve Been?

This post, written by technology projects director Peter Eckersley and staff technologist Jeremy Gillula, was originally published on the EFF website.

Do you own an Android device? Is it less than three years old? If so, then when your phone’s screen is off and it’s not connected to a Wi-Fi network, there’s a high risk that it is broadcasting your location history to anyone within Wi-Fi range who wants to listen.

This location history comes in the form of the names of wireless networks your phone has previously connected to. These frequently identify places you’ve been, including homes (“Tom’s Wi-Fi”), workplaces (“Company XYZ office net”), churches and political offices (“County Party HQ”), small businesses (“Toulouse Lautrec’s house of ill-repute”), and travel destinations (“Tehran Airport wifi”). This data is arguably more dangerous than that leaked in previous location data scandals because it clearly denotes in human language places that you’ve spent enough time to use the Wi-Fi. Normally, eavesdroppers would need to spend some effort extracting this sort of information from the latititude/longitude history typically discussed in location privacy analysis. But even when networks seem less identifiable, there are ways to look them up.

NSA, Director Of National Intelligence Sued For Zero Day Disclosure Process

San Francisco – The Electronic Frontier Foundation (EFF) today filed a Freedom of Information Act (FOIA) lawsuit against the NSA and the Office of the Director of National Intelligence (ODNI) to gain access to documents showing how intelligence agencies choose whether to disclose software security flaws known as “zero days.”

A zero day is a previously unknown security vulnerability in software or online services that a researcher has discovered, but the developers have not yet had a chance to patch. A thriving market has emerged for these zero days; in some cases governments—including the United States—will purchase these vulnerabilities, which they can use to gain access to targets’ computers.

New York DA Employs 381 Secret Orders To Gather Complete Digital Dossiers From Facebook

This article by Kurt Opsahl originally appeared on the website of the Electronic Frontier Foundation.

Unfortunately, it appears that the lure of bulk surveillance is not just a temptation for the Federal government. Last summer, about a month after new leaks exposed the NSA’s bulk content PRISM program, Cyrus Vance, Jr., the District Attorney for Manhattan, decided to go secretly fishing through 381 Facebook accounts, and wanted to ensure no one was allowed to stop him.

The DA was looking for evidence of disability fraud, and saw Facebook as a treasure trove. Many people put their lives online, sharing their daily ups and downs with a steady stream of photos, comments, and wall posts to friends and family. Perhaps some of them, after claiming a disability, would post a windsurfing selfie or write about their marathon training, and evidence their fraud.

Smith v. Maryland Turns 35, But Its Health Is Declining

This article, written by EFF staff attorney Hanni Fakhoury, was originally published June 24 on the EFF website.

The U.S. Supreme Court’s 1979 decision of Smith v. Maryland turned 35 years old last week. Since it was decided, Smith has stood for the idea that people have no expectation of privacy in information they expose to others. Labeled the third party “doctrine” (even by EFF itself), Smith has come up over and over in the debates surrounding electronic surveillance and NSA spying.

But the idea that information exposed to others is no longer private has been oversold. Millions of Americans expect all sorts of things exposed to third parties remain private under state law. And as technology advances and the information we give to ISPs and telcos becomes more and more revealing, even federal courts are beginning to rethink whether Smith is the absolute rule the government claims it should be.

EFF: Wants You To Help Defeat The NSA

This post, written by activist nadia Kayyali, was originally published on the EFF website.

The NSA may seem like an intimidating giant, but it has a serious Achilles’ heel— the enormous budget it claims from taxpayer dollars every year. While change to the actual words of the laws that govern NSA surveillance seems to be a difficult task, a group of representatives have decided to take the battle to the bank.

Within the next few days, the House of Representatives will be considering the 2015 Department of Defense Appropriations bill, H.R. 4870. Rep. Thomas Massie and Rep. Zoe Lofgren have introduced a bipartisan amendment to the bill to prohibit use of appropriated funds for certain types of surveillance, creating real change to NSA spying. The amendment has the support of civil liberties advocates and Internet companies. But the House needs to hear from you. Tell your representative to vote yes on the Massie-Lofgren amendment.