Meanwhile, relations are breaking down between the CIA and the Senate Intelligence Committee

I chose the Washington Post article about Senator Diane Feinstein's outraged speech accusing the CIA of breaking into the computers of the Senate Intelligence Committee. The speech, in fact, does much more than that. It airs the sheer fact that the U.S. intelligence community has operated pretty much without oversight since 9/11. Senator Feinstein describes the Senate Committee charged with overseeing the intelligence branches, and preventing abuses, as being blindsided again and again, lied and appalled at revelations when their staff painstakingly pulls together evidence of the torture involved in the "detention and interrogation program."

The resulting staff report was chilling. The interrogations and the conditions of confinement at the CIA detentions sites were far different and far more harsh than the way the CIA had described them to us.

Senator Feinstein explains the heart of the accusation against the CIA, as well as some background on how difficult the CIA has made the job of investigation:

... we sent a request for documents to all relevant executive branch agencies, chiefly among them the CIA. The committee's preference was for the CIA to turn over all responsive documents to the committee's office, as had been done in previous committee investigations.

Director Panetta proposed an alternative arrangement, to provide literally millions of pages of operational cables, internal emails, memos and other documents pursuant to a committee's document request at a secure location in northern Virginia. We agreed, but insisted on several conditions and protections to ensure the integrity of this congressional investigation.

Per an exchange of letters in 2009, then-Vice Chairman Bond, then-Director Panetta and I agreed in an exchange of letters that the CIA was to provide a, quote, stand-alone computer system, end quote, with a, quote, network drive segregated from CIA networks, end quote, for the committee that would only be accessed by information technology personnel at the CIA who would, quote, not be permitted to share information from the system with other CIA personnel, except as otherwise authorized by the committee, end quote.

It was this computer network that notwithstanding our agreement with Director Panetta was searched by the CIA this past January -- and once before, which I will later describe.

.... In May of 2010, the committee staff noticed that the documents had been provided for the committee -- that had been provided for the committee's review were no longer accessible.

Staff approached the CIA personnel at the off-site location, who initially denied that documents had been removed. CIA personnel then blamed information technology personnel, who were almost all contractors, for removing the documents themselves without direction or authority.

And then the CIA stated that the removal of the documents was ordered by the White House. When the White -- when the committee approached the White House, the White House denied giving the CIA any such order.

After a series of meetings, I learned that on two occasions CIA personnel electronically removed committee access to CIA documents after providing them to the committee. This included roughly 870 documents or page of documents that were removed in February 2010; and secondly, roughly another 50 that were removed in mid-May 2010. This was done without the knowledge or approval of committee members or staff, and in violation of our written agreements. Further, this type of behavior would not have been possible had the CIA allowed the committee to conduct the review of documents here in the Senate. In short, this was the exact sort of CIA interference in our investigation that we sought to avoid at the outset.

....

On May 17th, 2010, the CIA's then-director of congressional affairs apologized on behalf of the CIA for removing the documents. And that as far as I was concerned put the incidents aside. This event was separate from the documents provided that were part of the internal Panetta review, which occurred later and which I will describe next.

At some point in 2010, committee staff searching the documents that had been made available found draft versions of what is now called the internal Panetta review. We believe these documents were written by CIA personnel to summarize and analyze the materials that had been provided to the committee for its review. The Panetta review documents were no more highly classified than other information we had received for our investigation. In fact, the documents appeared based on the same information already provided to the committee. What was unique and interesting about the internal documents was not their classification level but rather their analysis and acknowledgement of significant CIA wrongdoing.

To be clear, the committee staff did not hack into CIA computers to obtain these documents, as has been suggested in the press.

The documents were identified using the search tool provided by the CIA to search the documents provided to the committee. We have no way to determine who made the internal Panetta review documents available to the committee. Further, we don't know whether the documents were provided intentionally by the CIA, unintentionally by the CIA or intentionally by a whistle-blower.

In fact, we know that over the years, on multiple occasions, the staff have asked the CIA about documents made available for our investigation. At times the CIA has simply been unaware that these specific documents were provided to the committee. And while this is alarming, it is also important to note that more than 6.2 million pages of documents have been provided. This is simply a massive amount of records.

....

Our work continued until December 2012, when the Intelligence Committee approved a 6,300-page committee study of the CIA's detention and interrogation program, and sent the executive report to the executive branch for comment. The CIA provided its response to the study on June 27th, 2013. As CIA Director Brennan has stated, the CIA officially agrees with some of our study, but has been reported the CIA disagrees and disputes important parts of it.

And this is important. Some of these important parts that the CIA now disputes in our committee study are clearly acknowledged in the CIA's own internal Panetta review. To say the least, this is puzzling. How can the CIA's official response to our study stand factually in conflict with its own internal review?

....

There are several reasons why the draft summary of the Panetta review was brought to our secure spaces at the Hart Building. Let me list them: One, the significance of the internal review, given disparities between it and the June 2013 CIA response to the committee study. The internal Panetta review summary, now at the secure committee office in Hart, is an especially significant document as it corroborates critical information in the -- in the committee's 6,300- page study, that the CIA's official response either objects to, denies, minimizes or ignores.

Unlike the official response, these Panetta review documents were in agreement with the committee's findings.

That's what makes them so significant and important to protect.

When the internal Panetta Review documents disappeared from the committee's computer system, this suggested once again that the CIA had removed documents already provided to the committee, in violation of CIA agreements and White House assurances that the CIA would cease such activities. As I have detailed, the CIA has previously withheld and destroyed information about its detention and interrogation program, including its decision in 2005 to destroy interrogation videotapes over the objections of the Bush White House and the director of national intelligence. Based on the above, there was a need to preserve and protect the internal Panetta Review in the committee's own secure spaces.

Now, the relocation of the internal Panetta Review was lawful and handled in a manner consistent with its classification. No law prevents the relocation of a document in the committee's possession from a CIA facility to secure committee offices on Capitol Hill. As I mentioned before, the document was handled and transported in a manner consistent with its classification, redacted appropriately, and it remains secured, with restricted access in committee spaces.

In December, during an open committee hearing, Senator Mark Udall echoed this request. In early January 2014, the CIA informed the committee it would not provide the internal Panetta review to the committee, citing the deliberative nature of the document. Shortly thereafter, on January 15th, 2014, CIA Director Brennan requested an emergency meeting to inform me and Vice Chairman Chambliss that without prior notification or approval, CIA personnel had conducted a search -- that was John Brennan's word -- of the committee computers at the off-site facility.

This search involved not only a search of documents provided by the committee by the CIA, but also a search of the standalone and walled-off committee network drive containing the committee's own internal work product and communications. According to Brennan, the computer search was conducted in response to indications that some members of the committee staff might already have had access to the internal Panetta review.

The CIA did not ask the committee or its staff if the committee had access to the internal review or we obtained it.

Instead the CIA just went and searched the committee's computers. The CIA has still not asked the committee any questions about how the committee acquired the Panetta review.

In place of asking any questions, the CIA's unauthorized search of the committee computers was followed by an allegation, which we now have seen repeated anonymously in the press, that the committee staff had somehow obtained the document through unauthorized or criminal means, perhaps to include hacking into the CIA's computer network.

....

I have asked for an apology and a recognition that this CIA search of computers used by its oversight committee was inappropriate. I have received neither.

Besides the constitutional implications, the CIA search may also have violated the Fourth Amendment, the Computer Fraud and Abuse Act, as well as Executive Order 12333, which prohibits the CIA from conducting domestic searches or surveillance.

Days after the meeting with Director Brennan, the CIA inspector general, David Buckley, learned of the CIA's search and began an investigation into CIA's activities. I have been informed that Mr. Buckley has referred the matter to the Department of Justice, given the possibility of a criminal violation by CIA personnel. ....

Weeks later, I was also told that after the inspector general reviewed the CIA's activities to the Department of Justice -- excuse me, referred the CIA's activities to the Department of Justice, the acting counsel general of the CIA filed a crimes report with the Department of Justice concerning the committee staff's actions. I have not been provided the specifics of these allegations, or been told whether the department has initiated a criminal investigation based on the allegations of the CIA's acting general counsel.

As I mentioned before, our staff involved in this matter have the appropriate clearances, handled this sensitive material according to established procedures and practice to protect classified information, and were provided access to the Panetta Review by the CIA itself.

As a result, there is no legitimate reason to allege to the Justice Department that Senate staff may have committed a crime. I view the acting counsel general's referral as a potential effort to intimidate this staff, and I am not taking this lightly.

I should note that for most if not all of the CIA's detention and interrogation program, the now-acting general counsel was a lawyer in the CIA's counterterrorism center, the unit within which the CIA managed and carried out this program. From mid-2004 until the official termination of the detention and interrogation program in January 2009, he was the unit's chief lawyer. He is mentioned by name more than 1,600 times in our study.

And now, this individual is sending a crimes report to the Department of Justice on the actions of Congressional staff -- the same Congressional staff who researched and drafted a report that details how CIA officers, including the acting general counsel himself, provided inaccurate information to the Department of Justice about the program.

.... The staff members who have been working on this study and this report have devoted years of their lives to it, wading through the horrible details of a CIA program that never, never, never should have existed.

They have worked long hours and produced a report unprecedented in its comprehensive attention to detail in the history of the Senate. They are now being threatened with legal jeopardy just as final revisions to the report and being made so that parts of it can be declassified and released to the American people.

Mr. President, I felt that I needed to come to the floor today to correct the public record and to give the American people the facts about what the dedicated committee staff have been working so hard for the last several years as part of the committee's investigation.

I also want to reiterate to my colleagues my desire to have all updates to the committee report completed this month and approved for declassification. We're not going to stop. I intend to move to have the findings, conclusions and the executive summary of the report sent to the president for declassification as release to the American people. The White House has indicated publicly and to me personally that it supports declassification and release.

So Sen. Feinstein serves notice that hardball pressure will not stop the Senate Intelligence Committee from declassifying its report, or continuing to investigate the CIA, at least. Maybe the committee will take its oversight duties more seriously with the other branches as well, now that they know they can be prey as much as any other target.

NSA decision, Klayman v. Obama

The exciting decision from the Federal District Court for the District of Columbia, Judge Richard Leon presiding, just came out, and it's quite powerful. You can see the full text at Scribd. Judge Leon writes a strongly worded opinion, that is rather narrow in actual scope, but contains a good deal of important reasoning. There are 2 cases joined here, so there are 2 petitioners. The judge is only ruling on petitioners' requests for an injunction against the NSA continuing to gather metadata about their telephone calls as part of their Bulk Telephony Metadata Program. Judge Leon further rules that the NSA must destroy any information they have already collected of this nature about the two petitioners.

However, in coming to this ruling, Judge Leon distinguishes the 1979 decision, Smith v. Maryland, 442 U.S. 735 which the FISC Court has ruled "squarely control[s]" on the issue of "telephone service provider metadata." Indeed, the government has so heavily relied on courts accepting the Smith case as controlling, that they have considered the issue as completely settled. In Smith, the police installed a pen register on a telephone without a warrant, after a robbery victim complained to them that she was receiving obscene and threatening phone calls. The FISC court accepted the Smith precedent in a decision that has been redacted and published at their website, In Re An Application of the [FBI] for an Order Requiring the Production of Tangible Things from [Redacted], BR13-109 at 6-9, (FISC, Aug. 29, 2013). Leon, however, writes that a short term, very limited pen register is a far cry from the long-running, wide-ranging modern technology being deployed n the Bulk Telephony Metadata Program, and furthermore notes that the Supreme Court recently called the Smith decision into some doubt in United States v. Jones, 132 U.S. 945 (2012), (attaching a GPS device to a vehicle) a 5-4 decision. Judge Leon notes that the Supreme Court took the Jones decision as an opportunity to revisit the Smith decision, because there was an earlier warrantless tracking device opinion, United States v. Knotts, 460 U.S. 276 (1983) which could have been used as precedent.

Judge Leon uses strong language about the NSA datagathering program, which enlists the nation's telecommunications giants (and, incidentally, the Internet search and social networking providers as well) to

"operate what is effectively a joint intelligence-gathering operation with the Government." Klayman, at 48. ... the almost Orwellian technology that enables the government to store and analyze the phone metadata of every telephone user in the United States is unlike anything that could have been conceived in 1979. ... The notion that the government could collect similar data on hundreds of millions of people and retain that data for a five-year period, updating it with new data every day in perpetuity, was at best in 1979, the stuff of science fiction. By comparison, the Government has at its disposal today the most advanced twenty-first century tools, allowing it to "store such records and efficiently mine them for information years into the future." Jones, 132 S.Ct. at 956 (Sotomayor, J., concurring). ... (Klayman at 49)

And finally and most importantly, not only is the Government's ability to collect, store and analyze phone data greater now than it was in 1979, but the nature and quantity of the information contained in people's telephone metadata is much greater as well.... But the ubiquity of phones has dramatically altered the quantity of information now available and, more importantly, what that information can tell the Government about people's lives. ... Records that once would have revealed a few scattered tiles of information about a person now reveal an entire mosaic, a vibrant and constantly updating picture of the person's life. ... (Klayman at 50, 54)

In sum, the Smith pen register and the ongoing NSA Bulk Telephone Metadata Program have so many significant distinctions between them that I cannot navigate these uncharted Fourth Amendment waters using as my North Star a case that predates the rise of cell phones. (Klayman, at 55)

[Judge Leon next examines the likelihood that the petitioners will succeed in showing that the searches are unreasonable. He does a very careful survey of the Supreme Court Fourth Amendment jurisprudence, and concludes:] ... To my knowledge, however, no court has ever recognized a special need sufficient to justify continuous, daily searches of virtually every American citizen without any particularized suspicion. In effect, the Government urges me to be the first non-FISC judge to sanction such a dragnet. (Klayman at 58)

The Government asserts that the Bulk Telephony Metadata Program serves the "programmatic purpose" of "identifying unknown terrorist operatives and preventing terrorist attacks." Govt.'s Opp'n at 51 -- an interest that everyone, including this Court, agrees is "of the highest order of magnitude," In re Directives Pursuant to Section 105B of the Foreign Intelligence Surveillance Act, 551 F3d 1004, 1012 (FISA Ct. Rev, 2008). ... A closer examination of the record, however, reveals that the Government's interest is a bit more nuanced -- it is not merely to investigate potential terrorists, but rather, to do so faster than other investigative methods might allow. ... (Klayman, at 59-60)

Yet, turning to the efficiency prong, the Government does not cite a single instance in which analysis of the NSA's bulk metadata collection actually stopped an imminent attack or otherwise aided the Government in achieving any object that was time-sensitive in nature. In fact, none of the three "recent episodes" cited by the Government which supposedly "illustrate the role that telephony metadata analysis can play in preventing and protecting against terrorist attack" involved any apparent urgency. (Klayman, at 61. Judge Leon describes the 3 examples laid out by the Government in the Holley Declarations, and finds none of the three persuasive). ... Given the limited record before me ... most notably, the utter lack of evidence that a terrorist attack has ever been prevented because searching the NSA database was faster than investigative tactics -- I have serious doubts about the efficacy of the metadata collection program as a means of conducting time-sensitive investigations in cases involving imminent threats of terrorism ... (Klayman at 62)

I cannot imagine a more "indiscriminate" and "arbitrary invasion" than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying and analyzing it without prior judicial approval. Surely, such a program infringes on "that degree of privacy" that the Founders enshrined in the Fourth Amendment. Indeed, I have little doubt that the author of our Constitution, James Madison, who cautioned us to beware "the abridgement of freedom of the people by gradual and silent encroachments by those in power," would be aghast. (Klayman at 64)

[Judge Leon then considers the Government's complaint of the burdensomeness of removing the two plaintiffs from its database and that this may cause a number of other such requests, degrading the utility of the program.] ... Of course the public has no interest in saving the Government from the burdens of complying with the Constitution! ... For reasons already explained, I am not convinced ... that the NSA's database has ever truly served the purpose of rapidly identifying terrorists in time-sensitive investigations, and so I am certainly not convinced that the removal of two individuals from the database will "degrade" the program in any meaningful sense. (Klayman at 66)

This case is the latest chapter in the Judiciary's continuing challenge to balance the national interests of the United States with the individual liberties of our citizens. The Government, in its understandable zeal to protect our homeland, has crafted a counterterrorism program with respect to telephone metadata that strikes the balance based in large part on a thirty-four year old Supreme Court precedent, the relevance of which has been eclipsed by technological advances and a cell phone-centric lifestyle heretofore inconceivable. ... (Klayman at 66-67)

The image of Judge Leon decorating this post is from Suffolk Law Review's Donahue Lecture series. Judge Leon spoke at our school in 2012, about his cases on the Guantanamo detainee litigation, balancing personal liberties against national security during the war on terror. Seeing the title of his talk, which I attended, makes it doubly interesting that he heard this case on the NSA.

More on US government data gathering: Project Hemisphere, Spying on Brazil & Mexico

Well, just as President Obama is asking the Congress to grant him extraordinary powers to attack Syria, a couple more stories are popping up about extensive data gathering or spying by the United States. 

Brazil and Mexico are both summoning U.S. ambassadors to discuss how their sovereignty has been violated by spying. This is more fallout from the revelations of Edward Snowden about National Security Agency (NSA) activities.

And, more disturbing to U.S. citizens, Drug Enforcement Administration (DEA) agents appear to have had access for six years to a database of telephone calls that dwarfs that used by the NSA.  The New York Times reported on the Hemisphere Project, where employees of AT&T were actually embedded with the DEA and would thus be available on short notice to use the AT&T database as soon as a subpoena was received. The database was owned and housed by AT&T, and not accessed directly by the government agents, which raises interesting questions under the Fourth Amendment for Search and Seizure afficionados. 

But the DEA agents had access to far more data than the NSA agents through the Hemisphere Project. The database includes every phone call that passed through an AT&T switch for the past 26 years, not just AT&T customers.  That is a huge swath of the telephone calls made in the world, and certainly across the North American continent.  The metadata includes the city and state of the caller, and is aimed largely at trying to identify and track the cell phones that criminals buy, discard and replace to avoid tracking by law enforcement.  

The database was actually available to other agencies besides the DEA, and was also largely used by Homeland security, and to a lesser extent by the FBI and several agencies in Washington state.  A portion of the PowerPoint slide show that was released, eventually, to the New York Times (probably accidentally), discusses the importance of protecting the program from discovery.  Project Hemisphere is not classified, but is "law enforcement sensitive."

While the slides show several success stories about arrests enabled by Project Hemisphere, we should ask at what price these arrests are coming.  How much access to records, to privacy, are we willing to cede to government officials?  In an era of increasing digital collection, we should consider, as a society, where we stand on the search and seizure, Fourth Amendment rights enshrined in a different age.

US Border Control Agents May Seize Laptops & Other E-devices

The US Department of Homeland Security's (DHS's) Office for Civil Rights and Liberties says that US border agents may seize electronic devices without a warrant or even suspicion of illegal activity. The agents may hold the device for more than 40 days after seizing it! 

You can imagine the havoc this wreaks on business travelers and academics alike!

The DHS office released an executive summary of its findings in which it concluded that, "imposing a requirement that officers have reasonable suspicion in order to conduct a border search of an electronic device would be operationally harmful without concomitant civil rights/civil liberties benefits," but adds that "recording more information about why searches are performed would help managers and leadership supervise the use of border search authority." The American Civil Liberties Union (ACLU) has filed a Freedom of Information Act (FOIA) request for the office's full report, which was completed sometime during the 2012 fiscal year. 

An article in the New York Times about ACLU challenges to these seizures is interesting. It reports  DHS statistics showing the digital device seizures happen about a dozen times a day,out of 36,000 daily 'secondary screenings.' The cases are not entirely complete yet, but the DHS seems to be getting some push-back on at least some aspects of this from the courts. For instance, the District Court in Massachusetts says, "What is up with holding those devices for 49 days, guys?!"









Tip of the OOTJ hat to my daughter who passed along this heads up to all who travel!

Italy Jails Former Officials for Extraordinary Rendition

The New York Times reported Feb. 12, 2013 that an appeals court in Milan, Italy sentenced Italy's former military intelligence chief, Niccolo Pollari, to a 10 year prison sentence for his part in the U.S. plot for extraordinary rendition kidnapping of Muslim cleric Hassan Mustafa Osama Nasr in 2003.  Recall that extraordinary rendition was used by the U.S. government to kidnap people suspected of terrorism and whisking them away to a territory where torture is common for questioning. Three Italian secret service officials who were involved in the plot were also sentenced to serve six years each.

Twenty-three Americans, including the former CIA base chief in Milan were tried in absentia in this case in 2009 and convicted.  Three other Americans in that case were acquitted as having diplomatic immunity, including the former CIA station chief in Rome.  This appeals court vacated the acquittals this month and convicted those three in absentia.

The 2009 decision was the first case successfully prosecuting rendition as a crime, and was viewed as a very courageous decision.  In that earlier decision, Mr. Pollari was given only 8 years' sentence, and the others got five year sentences. So the sentences on this appeal were raised, as well as adding more.

I know I was deeply troubled by my government's efforts at extraordinary rendition.  Now the drones are a somewhat similar ethical problem. According to a Justice Department memo, the President has authority to send drones to assassinate citizens.  The government, un-checked by courts, and behind closed doors, is declaring death sentences on citizens and non-citizens alike, and using unmanned drones to carry them out. There is also the use of drones for surveillance against citizens. The ACLU has filed suit to stop drone killings and drone surveillance.

I find several several federal and state bills to also stop drone surveillance within their borders --  Rand Paul's bill in the Senate; Fox news story that lists Virginia, Montana, California, Oregon, Texas, Nebraska, Missouri, North Dakota, Florida, Virginia, Maine and Oklahoma.  Here is a balancing story from the ACLU with some useful links noting that Florida's legislation seems the closest to passing as of Feb. 4, 2013.

Federal bills, from the 112th Congress, which have now been superseded by the 113th Congress.  Nothing comes up in the 113th Congress yet on the topic of drones (search Thomas website by text "drones").  Keep in mind that past bills can give you an idea of future bills.:
 1.  HR 6199 ( --> Preserving American Privacy Act of 2012, currently referred to both the House Judiciary, and the House Transportation and Infrastructure Committees) 
2.   HR 5925 ( --> Preserving Freedom from Unwarranted Surveillance Act of 2012 (Introduced in House, passed from the House committee on Judiciary to the House Committee on Crime, Terrorism, and Homeland Security. Has a companion bill in the Senate).
3.  S 3287 ( Preserving Freedom from Unwarranted Surveillance Act of 2012 (Introduced in Senate - IS, -- This is Senator Rand's bill.  Read twice and referred to the Senate Judiciary Committee).
4.  HR 5950 (NADA of 2012 or No Armed Drones Act of 2012;  Referred to the House Transportation and Infrastructure Committees and then to the subcommittee on Aviation.)
5. HR 6676 (Drone Aircraft Privacy and Transparency Act of 2012; Referred to the House Committee on Transportation and Infrastructure, and in addition to the Committee on Energy and Commerce, then to House Transportation and Infrastructure, then to House Energy and Commerce, and finally to the Subcommittee on Commerce, Manufacturing, and Trade, where it simply ran out of time on Dec. 19, 2012.)
 6.  HR 3467 ( --> To establish a moratorium on aerial surveillance conducted by the Administrator of the Environmental Protection Agency under the Federal Water Pollution Control Act. (Introduced in House - IH; This is related to the other drone limitation bills, but not quite the same in that it is aimed at a specific agency.  Read twice and referred to the Committee on Environment and Public Works. )

Here is a very handy link to the Drone Journalism Lab website which is tracking each state that introduces legislation to limit drone surveillance.  

It seems so ironic that this President used to teach Constitutional law and received a Nobel Peace Prize! The image at the top of the blog post is the shadow of a drone across the U.S. Constitution, of course.  Courtesy of Hammer of Truth blog post, Drones Across America.

FTC Works for Consumer Privacy Online

The New York Times reports today on a report, and a call from the FTC for new legislation from Congress, to rein in the huge industry that mines data collected from Internet consumers. The report, "Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers," is the result of many comments from people in the privacy consultation business as well as comments from people in the business of selling the data mined from consumers.

The FTC is withstanding pressure from the folks who are making tons of money with your data and mine, to call upon Congress to pass a law, which would allow them to regulate the industry further. It may not be a simple matter of track or do not track... Consumers may simply want more transparency about what data is collected and how it's used. And they may want some say about what data they allow to be collected and how it will be used, not simply ban all collecting.

After all, most of us understand that the targeted advertising that powers "free" websites like Google, depend upon some level of consumer data. And everybody likes "free" searching!

Google & its Discontents

Google has announced a new privacy policy. They are working hard to get you to read it. If you have not read it, you should. And you should think about what it means. If you have a gmail account, if you have an Android phone, or keep a Google calendar, if you have an account with any of the other Google services, it means that the information from one account will be available across ALL of the other accounts. This article from the British Daily Mail does an excellent job of giving examples that help the reader see just how chilling the possibilities are. Google users have long been used to seeing ads for hotels pop up if they have been searching for information about another city. We have stopped worrying about it (though perhaps we should not!). But with the integration of all our accounts' information, those ads could now access information from our meetings calendar, our phone list, our profile, our GooglePlus "circles" and the data attached to those people in our lives.

Gizmodo has no doubts at all about this. Their blog post is titled "Google's Broken Promise: the End of Don't be Evil." They do a very nice job of contrasting previous privacy policies with the new one, to help make the profound shift more obvious.

What this means for you is that data from the things you search for, the emails you send, the places you look up on Google Maps, the videos you watch in YouTube, the discussions you have on Google+ will all be collected in one place. It seems like it will particularly affect Android users, whose real-time location (if they are Latitude users), Google Wallet data and much more will be up for grabs. And if you have signed up for Google+, odds are the company even knows your real name, as it still places hurdles in front of using a pseudonym (although it no longer explicitly requires users to go by their real names).

All of that data history will now be explicitly cross-referenced. Although it refers to providing users a better experience (read: more highly tailored results), presumably it is so that Google can deliver more highly targeted ads. (There has, incidentally, never been a better time to familiarize yourself with Google's Ad Preferences.)

Gizmodo explains that they consider Google to be going back on its promise to users, on which it built its multi-million dollar business, that it would always place its users' first. The new privacy policy does away with users' fine-grained control of their personal information that previous policy iterations upheld. However, Google does give users time to opt out, so pay attention!

And Google keeps wondering why their social media efforts keep falling flat!

Could Your Cellphone Voice Mail be Hacked?

We are all watching the scandal about the British tabloid News of the World whose reporter hacked into the cellphone voice mail of a missing girl and deleted some of the messages while police were searching for the child. But have you considered the implications of hacking voice mail in cellphones? It means that it's dead easy to get into anybody's voice mail – unless they take a few precautions.

The Boston Globe has an article in today's paper by Hiawatha Bray, one of my tech heroes. The hack is done with a service anybody can find, called ID spoofing. Google it. It works like a pre-paid calling card or sometimes through a Web interface. You pay for a certain amount of time to have a PIN that represents to the telephone you are calling that you are calling from a different telephone number.

Spoofing can be used for legitimate purposes, as law enforcement sometimes uses it, or women fleeing from abusive situations have used this to conceal their location and phone number. But mostly, it is considered a malicious act, and bills have been introduced several times to outlaw the practice, beginning in 2006. Finally, in December, 2010, the Truth in Calling Actpassed Congress and was signed into law by President Obama, prohibiting spoofing “with the intent to defraud, cause harm, or wrongfully obtain anything of value...” Law enforcement is specifically exempted. The penalties are fines, and enforcement is under state jurisdiction.

But the important part of the Globe article is to explain how to protect yourself from having your voice mail hacked. Here is the information: Protect your voice mail

The image is courtesy of Entrepreneur website, which actually has a very helpful post about protecting your cellphone, adding a paragraph about the viruses that are becoming so rampant in a lot of the apps that people are adding outside of the official sites. See http://www.entrepreneur.com/blog/219961

Boston College Archives Subpoena is tip of an iceberg

Some time ago, I wrote a brief post here about a troubling story here in Boston. Boston College archives contain oral histories of some of the people involved in the "troubles" in Northern Ireland, a few still alive. Suddenly, they have been subpoenaed, despite the individuals who were interviewed for the oral histories being promised complete confidentiality. It turns out that the U.S. Department of Justice is helping the British government serve the subpoenas. The Chronicle of Higher Education has an excellent article following up on that short article (my link was to the Boston Globe).

It turns out that the subpoena is under a Mutual Legal Assistance Treaty (MLAT), which began to be entered into about 30 years ago, according to the Chronicle. These treaties create mutual obligations between the agreeing nations to assist in "criminal" investigations and prosecutions. The U.S. entered its first MLAT in 1976, with Switzerland. Before the rise of MLATs, police or investigators had to move through courts and diplomatic channels with letters rogatory. Now they can simply go police to police. Sounds really good when you are talking about following terrorists or drug smugglers or such evil doers. The problem comes, according to Senate Executive Report 104-22, titled "Treaty with the Republic of Korea on Mutual Legal Assistance on Criminal Matters," dated 1996, from the Senate Foreign Relations Committee. The report notes that the problem with these MLATs is that the crimes that the other country requests the U.S. assist with investigating need not be criminal under U.S. standards. So under MLATs, can the United States be pulled into investigating foreign nationals for activities which are political crimes only under the terms of another nation's draconian laws, but which would be perfectly legal under our own laws? The Senate report says political crimes are an exception. But Chris Bray, writing for the Chronicle, does a masterful job of analyzing how this example is sliding past the definition police.

The MLATs vary in how broad the terms can be -- some are broad enough to include civil and administrative proceedings in addition to criminal proceedings, so that forfeiture proceedings could be covered in drug investigations, for instance. All of the treaties have exemptions to the types of actions, but these tend to be based on the national security interest, not interest of individuals, or ethical guidelines, so that saying that individuals might be killed because you opened the archives would not be a reason for an exemption. In the U.S., MLATs are executed through the criminal division of the Justice Department, which seems to be exactly who was serving the subpoena on Boston College. Kudos to Chris Bray at the Chronicle for doing great research on the problem!

Cyber Gender Harassment and the New Campus Gossip Sites

University of Maryland law Professor Danielle Keats Citron has an interesting article on SSNR, "Law's Expressive Value in Combatting Cyber Gender Harassment." Also at vol. 108 Mich. L. Rev. (2009). (A nice coincidence that this pops up right after Marie's post about the new dean at U. Maryland!) The abstract reads:

The online harassment of women exemplifies twenty-first century behavior that profoundly harms women yet too often remains overlooked and even trivialized. This harassment includes rape threats, doctored photographs portraying women being strangled, postings of women’s home addresses alongside suggestions that they should be sexually assaulted and technological attacks that shut down blogs and websites. It impedes women’s full participation in online life, often driving them offline, and undermines their autonomy, identity, dignity, and well-being. But the public and law enforcement routinely marginalize women’s experience, deeming it harmless teasing that women should expect, and tolerate, given the Internet’s Wild West norms of behavior.

The trivialization of phenomena that profoundly impact women’s basic freedoms is nothing new. No term even existed to describe sexual harassment of women in the workplace until the 1970s. The refusal to recognize harms uniquely impacting women has an important social meaning — it conveys the message that abusive behavior towards women is acceptable and should be tolerated.

Grappling with the trivialization of cyber gender harassment is a crucial step to understanding and combating the harm that it inflicts. My previous work "Cyber Civil Rights" explored law’s role in deterring and punishing online abuse. This Essay emphasizes what may be law’s more important role: its ability to condemn cyber gender harassment and change the norms of acceptable online behavior. Recognizing cyber harassment for what it is — gender discrimination — is crucial to educate the public about its gendered harms, to ensure that women’s complaints are heard, to convince perpetrators to stop their bigoted online attacks, and ultimately to change online subcultures of misogyny to that of equality.

The article is important and timely, partly because campus gossip websites are proliferating. The granddaddy of them all, JuicyCampus, went under for lack of advertising revenue. But that has not deterred imitator sites from springing up, proclaiming their intentions to fight all attempts by attorneys generals or university general counsels to shut them down. According to the Chronicle of Higher Education Technology section for Aug. 31, 2009, "They're Back and They're Bad!" (in print at A-20). The various sites, such as CampusGossip, are planning back to school marketing stunts at different schools. One, CollegeACB, paid the owner of JuicyCampus $10,000 to redirect traffic to their website. Despite the fate of JuicyCampus, the new web entrepreneurs must anticipate making money with their ventures. These sites remind me of AutoAdmit, which caused quite a stir in law schools a couple years ago (see OOTJ post 3/27/07 on Cyberbullying and Virtual Rape which includes some discussion and links about Autoadmit).

When victims, school administrators, parents or reporters ask about the sites', the website owners often characterize them as spoofing celebrity tabloids, and attempting a light-hearted ranking of, say, Greek organizations by the best parties, or the best-looking members. But the always-anonymous posting leads to downright nasty entries that name individuals and make truly slanderous allegations -- too often about women.

A discussion thread on CollegeACB lists "sluts" at California State University at Chico, naming women on the campus whom the anonymous posters claim to have had sex with. A recent posting at Peoples Dirt expresses a wish that a group of girls listed in a discussion thread would "die in there sleep and everyone just forgets about them."

In some cases, postings on the sites may cause harm to reputations, with serious impacts on students if the messages are seen by future employers or potential suitors. Unlike slurs scrawled on bathroom walls, online posts can be more public, and more lasting.

"Internet shaming creates an indelible blemish on a person's identity," wrote Daniel J. Solove, a professor of law at George Washington University, in his 2007 book, The Future of Reputation: Gossip, Rumor, and Privacy on the Internet (Yale University Press). "It's similar to being forced to wear a digital scarlet letter or being branded or tattooed. People acquire permanent digital baggage. They are unable to escape their past, which is forever etched into Google's memory."

Site administrators for both Campus Gossip and CollegeACB say they will remove abusive comments and respond to complaints from readers—something JuicyCampus rarely did.

Peter Frank, a sophomore at Wesleyan University who runs CollegeACB, told me he tries to "minimize damage while still maintaining the site's purpose" by complying with such requests.

Just how responsive the sites are to take-down requests remains to be seen, since students are just now arriving on campuses for the fall semester. "We technically don't have to take anything down, based on what we've been told by our lawyers," a leader of Campus Gossip told me recently. He refused to give his real name, explaining that every employee of the site goes by the pseudonym Lance Lohan. "We choose to do that just to stay on the safe side of things."

In March, 2007, in the OOTJ post on Cyberbullying, and considering both a griefing attack on Second Life and the AutoAdmit sleaze-fests, excerpts from the post are still pertinent:

In both the Second Life griefing attack and the AutoAdmit trash-talk attacks, the perpetrators remain anonymous. In fact, on AutoAdmit, the "hottest law student" contest was abruptly called off, not after the women being posted without their consent protested (they were trashed even more when they asked to be removed) – it was called off when a male commentator was inadvertently outed. Oooh.

On the other hand, what is most appalling in both sets of attacks is the misogynistic nature. The griefing attack used penises to disrupt an interview. The attacks on AutoAdmit, while including racist, anti-semitic and homophobic comments, certainly displayed attitudes that devalued women as a group, and specific individuals. There were comments that considered sexual attacks and punishments against these women, and discussed their physical attributes in overtly sexual ways. These are both specific examples of cyberbullying of a sexual nature.

The women attacked both on Second Life and on the AutoAdmit chat have said they felt demeaned, devalued and threatened. Women law students who have been the subject of AutoAdmit attacks have said they felt they could no longer go to the gym, and had trouble attending class. They felt violated and threatened.

At a Yale.edu class website, the professors, Marcia Cohen and Sherrie H. McKenna describe women's reaction to rape:

" ... but all victims feel varying degrees of fear, guilt, embarrassment and anger. These emotions will not surface all at once but will effect the woman for a long time after the attack. It is important for all those close to her, especially the men to understand her feelings and support her through the crisis.
The fear a woman feels may weave through all aspects of her life. More than likely she was attacked going about her business, feeling safe in her world. Once that security is invaded the woman may be fearful about the once routine activities of her daily life. She may approach strangers and even friends and acquaintances with a new caution.
A woman may feel guilt, wondering why she was the victim. She may question whether she really did “ask for it” or lead someone to the wrong impression. She may also be embarrassed about what other people think of her. These feelings may cause her to avoid sexual relationships for a time."

On the Wikipedia article about rape, these comments about the psychological effects of rape:

"Rape has been regarded as "a crime of violence and control" since the 1970s. Psychological analysis literature identifies control as a key component in most definitions of privacy:
• "Privacy is not the absence of other people from one's presence, but the control over the contact one has with them." (Pedersen, D. 1997).
• "Selective control of access to the self." (Margulis, 2003)
Control is important in providing:
• what we need for normal psychological functioning;
• stable interpersonal relationships; and
• personal development. (Pedersen, D. 1997)
Violation of privacy or "control" comes in many forms, with sexual assault and the resulting psychological traumas being one of the most explicit forms. Many victims of sexual assault suffer from eating disorders such as anorexia nervosa and bulimia, which also center around control issues. Therefore, some argue that it makes more sense to look at the issue of sexual assault as an invasion of privacy" (Mclean, D. 1995)

(Wikipedia, Rape, visited 3/26/07)

I think we should consider how virtual worlds -- whether Massively Multi-Player games like Second Life or chat and listserves, enable such attacks on individuals. We should also recognize that the effects of such attacks, whether you call it cyberbullying or virtual rape, are very bad, attacking the victim's security and sense of self.

So this finally leads back to Professor Citron's thesis, that cyber harassment or cyber bullying should be treated as a civil rights violation. The continued trivialization of the problem is disturbing. In my original post in 2007, I commented that cyberbullying and even virtual rape could happen as easily to males as to females. But apparently, it is still a prevalently feminine issue. I considered whether the problem might be taken more seriously if men were harassed online. And the answer is apparently not. On the other hand, we have had one teenaged girl who committed suicide after being harassed online through text messages sent pseudonymously. According to the Wikipedia entry, a number of Missouri municipalities passed ordninances making online harassment a misdemeanor. The state of Missouri has a bill in process creating a felony for online harassment, and some unstated number of other states may be considering similar bills. On the federal level, Congresswoman Linda T. Sanchez introduced H.R. 6123 as the "Megan Meier Cyberbullying Prevention Act" to "amend title 18, United States Code, with respect to cyberbullying." The bill was introduced in the 111th Congress on April 2, 2009 as H.R. 1966. (link is to OpenCongress.org and will not only give you the official and wiki summaries, the text of the bill, it will let you send a note to your representative about how you feel about this or any other bill, and check news coverage about whatever bill you are looking at. Great site!)