The FBI has backed down on a secret request for information about a user of the Internet Archive digital library, thanks to a legal challenge from two prominent advocacy groups.
The case, which was brought by the Electronic Frontier Foundation and the American Civil Liberties Union on behalf of the archive, dates to last year but only became public on Wednesday. That's because the type of request involved, known as a national security letter (NSL), is accompanied by a gag order that forbids the recipient from disclosing its existence or discussing it with anyone except his attorneys, who are also gagged. As a result of a settlement, the FBI agreed to withdraw the national security letter and to lift the gag order.
Internet Archive founder and digital librarian Brewster Kahle
(Credit: Internet Archive)The 2001 Patriot Act and its subsequent reauthorization dramatically expanded the FBI's ability to use NSLs, which do not require a court order and are supposed to be used only in investigations related to terrorism. Investigators are able to use the tactic to obtain customer records and logs from Internet service providers, telephone companies, financial institutions, but Congress in 2006 imposed limits on the FBI's ability to use NSLs on libraries. The EFF said this is the first known case to challenge an NSL served upon a library since those legal changes took effect.
The situation with the Internet Archive began last November, when the FBI served founder Brewster Kahle with an NSL (PDF) seeking an unspecified individual's name, address, and "any electronic communication transactional records" (i.e., not the content of communications, but logs of activity) pertaining to the user. Kahle, who is an EFF board member, believed the request was overbroad and decided to challenge the query in court, handing over only publicly available documents in the mean time.
"The free flow of information is at the heart of every library's work," Kahle said in a statement Wednesday. "That's why Congress passed a law limiting the FBI's power to issue NSLs to America's libraries. While it's never easy standing up to the government--particularly when I was barred from discussing it with anyone--I knew I had to challenge something that was clearly wrong."
The Internet Archive, founded in 1996, is a repository for archived Web sites, public domain books, concert recordings, and films, among other things. It has about half a million registered patrons and, according to the EFF, does not collect IP addresses of those who submit items to the collections or of those who read, view, or listen to its collections.
The Bush administration is hardly a stranger to lawsuits targeting its use of NSLs, and its challengers have met with some success in recent years. Last fall, for instance, a federal judge ruled the surreptitious requests for information were unconstitutional. A federal appeals court is expected to hear the government's appeal next month, the EFF said.
In addition, the FBI has taken heat two years in a row from the Department of Justice's inspector general--and, by extension, members of Congress--for misusing its NSL powers, including making attempts to seek and get information that would otherwise require a court order. The FBI says it has since instituted more internal checks on the process.
The police agency on Wednesday was quick to defend its actions in the Internet Archive case and the NSL approach more broadly. Here's a snippet from a statement released by spokesman John Miller:
"The information requested in the National Security Letter was relevant to an ongoing, authorized national security investigation. National Security Letters remain indispensable tools for national security investigations and permit the FBI to gather the basic building blocks for our counterterrorism and counterintelligence investigations. Internet Archive voluntarily provided publicly available information to the FBI, and identified for the FBI that information it possessed which was not publicly available. Internet Archive's refusal to disclose this information formed the basis of its civil suit, which the parties have now resolved through settlement."
Attorneys for Kahle said they considered the settlement a great victory. But they again voiced concern that untold numbers of improper NSLs have gone unchallenged because of their secretive nature.
"It appears that every time a national security letter recipient has challenged an NSL in court and forced the government to justify it, the government has ultimately withdrawn its demand for records," Melissa Goodman, an ACLU staff attorney who worked on the case, said in a statement. "In the absence of much needed judicial oversight--and with recipients silenced and the public in the dark--there is nothing to stop the FBI from abusing its NSL power."
The Federal Communications Commission (FCC) approved a plan on Thursday to team up with wireless carriers for emergency text message alerts.
Cellular service providers can opt into the new system, called the Commercial Mobile Alert System (CMAS); then, their customers will receive three varieties of text message from a not-yet-specified government agency.
There will be "presidential alerts" for major national emergencies like terrorist attacks, "imminent threat alerts" for localized emergencies like hurricanes and tornadoes, and Amber Alerts for missing children--which have been broadcast to cell phones since 2005.
A release from the agency hinted that as mobile technology evolves, audio and video alerts may be implemented as well.
"No one questions the value that an effective Commercial Mobile Alert System will have on the safety and welfare of the American public," FCC Chairman Kevin Martin said in a statement issued Thursday, admitting that there is not yet a federal agency in place to handle the messages (PDF).
When there is, carriers that choose to participate will have 10 months to comply with the FCC's rules. "We are hopeful that we have initiated the dialogue that will allow an appropriate federal entity to assume that central role in an expeditious manner."
CNN reported that T-Mobile, Verizon Wireless, Sprint Nextel, and AT&T indicated that they would be likely to sign up for the FCC's system.
Meanwhile, nongovernment groups like Google.org have also embarked upon projects to use text messaging, as well as services like Twitter, for both disaster awareness and rescue.
The Bush administration plans to fight a recent court decision that threatens to curb its powers to obtain logs of Americans' Internet activities without court approval.
As expected, the U.S. Department of Justice on Monday filed a notice that it plans to appeal a September federal court ruling that declared the surveillance tactic, known as a national security letter, to be unconstitutional. The government's filing was one paragraph long and came with no additional comment, according to the Associated Press.
The power to use national security letters has been around for a few decades, but it was effectively expanded by the controversial Patriot Act after the September 11 terrorist attacks. The law allows FBI agents to send Internet service providers secret demands for logs of things like e-mail correspondence and search queries, without obtaining a judge's approval in advance. That authority, which can also be used to obtain bank and telephone records, is only supposed to be used for investigations related to terrorism.
The letters are typically accompanied by gag orders restricting the recipient's ability to disclose their contents. In the case at hand, U.S. District Judge Victor Marrero in New York ruled those gag orders aren't "sufficiently narrowly tailored" and therefore trample on the First Amendment.
Unlawful use of national security letter powers by the FBI has already been documented by internal auditors. Earlier this year, the Justice Department inspector general issued a report documenting "serious misuse" of the technique, drawing congressional ire but no concrete penalties, since unlawful of national security letters isn't technically a felony.
The American Civil Liberties Union filed the lawsuit challenging the national security letters on behalf of an anonymous Internet service provider. The president of that unnamed company spoke out against the gag order provision in a statement released by the ACLU on Monday.
"Perhaps the most harmful consequence of the gag provisions is that they make it difficult or impossible for people like me--people who have firsthand experience with the NSL statute--to discuss their specific concerns with the public, the press, and Congress," the "John Doe" plaintiff said in a statement. "This seems to be counterintuitive to everything I assumed about this country's commitment to free speech and the value of political discourse."
Jameel Jaffer, director of the ACLU's National Security Project, said he was confident the appellate court would back the lower court's conclusions.
Finally, here's a phone plan that allows you to switch from the U.S. government's Secret Internet Protocol Router Network to the Unclassified but Sensitive Internet Protocol Router Network with a single keystroke.
(Credit:
General Dynamics)
The National Security Agency has authorized military and government personnel to order up a bunch of General Dynamics' Sectera Edge secure, wireless smartphones, which will not only allow them to make secure calls but also to e-mail and Web-browse in either classified or unclassified mode.
The phones will still operate right along with everyone else on the existing high-speed Global System for Mobile Communications (GSM), code division multiple access (CMDA) and Wi-Fi commercial cellular networks.
Although it looks like a regular phone, the company says the Sectera Edge is designed to rugged military specs, allowing for the wear and tear of both the office and "war fighters completing a tactical mission." And it comes with a personal organizer that includes contacts, calendar, tasks, alarms and notes so you won't forget your loved ones' birthdays in the midst of a covert operation.
Deliveries are scheduled for later this year, with sales estimated as high as $300 million over the next 5 years, according to the company. The Sectera Edge is part of the NSA's Secure Mobile Environment Portable Electronic Device program, but there are civilian models available. Did we mention the secret handshake?
News.com Poll
Judging from recent events in Washington concerning peer-to-peer file-sharing software and allegations that it threatens national security, there's some doubt about Congressional competency in creating sound policy governing a technology they may not thoroughly understand. Following up on the scads of readers who responded to recent coverage of Senators seeming to blame security problems on P2P sites, CNET News.com editors decided it was time to get down to business and clarify the issue at hand, in case it wasn't plain enough: Is Congress really clueless about the relationship between P2P and national security?
CNET News.com writers Anne Broache and Declan McCullagh Wednesday produced a piece of Capitol Hill reporting whose central subject is a recent legislative gambit regarding peer-to-peer file-sharing applications.
"Politicians call peer-to-peer networks a 'national security threat' because they enable federal employees to accidentally share sensitive or classified documents."
News.com Poll
The subject has been burning up blogwaves and comments sections all over the Web.
The general consensus among network geeks, security pundits and other observers seems to be that the U.S. Government should be way more cautious in their internal security practices and not try to pin the blame on software which makes sharing information possible. A lot of bloggers liken a P2P ban to a telephone ban, or a pen-and-paper ban. Since when does a single communication tool get the blame for an epidemic of information leakage?
Another class of commentary runs along these lines: This legislative move is more-or-less obviously a ploy by the RIAA and MPAA to stifle file-sharing, Waxman (Los Angeles), Cooper (Nashville), et al. must really like their film- and music-industry sponsors if they're willing to act the fool on this one, and they're only making themselves out to be ignoramuses to do someone a favor.
Blog community response:
"Politicians blame P2P software for not stopping gov't employee stupidity-- Would you elect as your Congressional representative someone who blamed automakers because a bad driver crashed a car through his or her own negligence? Would you elect as your Congressional representative someone who claimed that e-mail was a threat to national security because it can (and has) been used by spies to transmit confidential data? Probably not. Why? Because that's clearly misplaced blame.
"
--Mike Masnick, Techdirt
"(Previous) legislation (Government Network Security Act, October 2003) was enacted to require Federal agencies to develop and implement plans to protect the security and privacy of government computer systems from the risks posed by peer-to-peer file sharing. The committee is not getting to the root of the problem, nor will they. The P2P networks are a tool, and--for those unwilling to educate and protect themselves re. the risks associated with file sharing--a dangerous one. Without a small amount of care they can be VERY easily exploited.
"--LiveJournal user saltzmaj
"I know explaining firewalls and port blocking would go over the heads of the ones in charge of regulating technology, of which they are the least competent body of people to carry out such a task. I thought my mother's bridge club would be less competent, until I read this article of course. So I will do my best to make this as simple as possible for someone like a US Senator or a congressman. The government should not hire people that install file sharing on the same machines that they have classified information on. This would be equivalent of having someone taking home a bunch of classified documents they printed out and stuffed in a backpack with a broken zipper. Congress, would this mean that backpacks with broken zippers are a threat to national security?
"
--CNET News.com Talkback user wewereright1054
"If the law allows an internet-capable computer to store information that could compromise national security, then the problem is Congress."
--CNET News.com Talkback user dvthex
"You can't blame P2P as much as the network administrators. If a computer has sensitive information on it, it should be locked down so that only approved software can be installed on it. The problem I have seen in many places is that too many so-called Admins have no clue about network security. If a laptop is used for company business, then it needs to be locked down so that no unapproved software can be installed on it."
--CNET Talkback user DragonSlayer69_1999
Apparently even dire warnings about the threat of snooping by American spies aren't enough to keep some top French government officials from nursing CrackBerry addictions on the sly.
(Credit:
CNET Networks)
According to a report to be published in Wednesday's edition of the French newspaper Le Monde, bureaucrats continue to lament--and in some cases, quietly ignore--a warning dispatched 18 months ago from the head of France's national defense agency. Reissued recently, the notice reportedly bars certain categories of government officials from using their Research in Motion BlackBerries to circulate sensitive government information.
French security officials are still working on finding an alternative tool, but it hasn't been easy, the story said.
Meanwhile, an unnamed member of the prime minister's cabinet admitted that after one failed attempt at replacing the devices with something else, certain people have opted to continue using the smartphones "in secret." A secretary to one cabinet minister griped that it has become necessary for officials to "relearn" how to cope with older technologies.
Alain Juillet, a senior official in charge of economic intelligence for the French government, justified the plan by saying the BlackBerry poses "a problem of data security."
The rules came about because some of the main BlackBerry mail servers reside in the United States, where French security officials fear the messages are vulnerable to being swept up and perused by none other than the National Security Agency, according to the Le Monde report.
"The risks of interception are real," Juillet was quoted as saying.
Restrictions on BlackBerry use aren't unique to France. The Australian government also prohibits agencies from using the devices to transmit confidential, secret or top secret information--or with systems that involve such categories of data.
One of the four terror suspects in an alleged plot to blow up fuel tanks and a gas pipeline at New York City's John F. Kennedy International Airport recommended Google Earth as a way to obtain detailed aerial photographs, according to a court complaint obtained by The Smoking Gun.
The "JFK plot" made headlines on Saturday when U.S. officials announced that they had charged four men, one of whom remains at large, in a nascent plot to target fuel tanks and a gas pipeline at the high-traffic airport. The court document in question describes a May 11 meeting in Guyana, in which one of the four defendants, Abdul Kadir, said that the surveillance video they had "was not sufficiently detailed for operational purposes, and told them to use Google Earth software to get more detailed pictures of JFK after they returned to New York."
According to a statement from Google on Monday, the search and information giant has "paid close attention to concerns that Google Earth creates new security risks." Additionally, it's willing to be cooperative. "Google takes security concerns very seriously, and is always willing to discuss them with public agencies and officials. Our experience is that security concerns can best be addressed through dialog with the relevant governmental experts." The statement then cited U.S. government studies that determined that the benefits of making imaging data (like the images found on Google Earth) publicly available outweigh the risks, and that the government can likewise limit availability if it chooses to.
The Google statement pointed out that while Google Earth might be one of the most popular and accessible sources of detailed aerial views, it's by no means the only one. "The imagery visible on Google Earth and Google Maps is not unique: commercial high-resolution satellite and aerial imagery of every country in the world is widely available from numerous sources," the release read. "Indeed, anyone who flies above or drives by a piece of property can obtain similar information. Accordingly, we expect security concerns to be addressed primarily by the companies and governmental agencies that gather and distribute the images."
That's true, but Google Earth and other online satellite mapping databases certainly do make it easier for a would-be terrorist to obtain such maps anonymously. Prior to the availability of services like Google Earth, it would've been tough to get your hands on satellite imagery without asking for it--and potentially drawing attention to yourself if you were asking for aerial views of something like an airport.
The U.S. Department of Defense issued a memo Friday that states it intends to begin blocking network access--including that of soldiers serving overseas--to several popular "Internet entertainment sites" on Monday, according to the Associated Press. The 12 total sites to be blocked include several large social networking and media sharing sites like MySpace, YouTube, MTV, Pandora, and Photobucket.
Earlier this month, the U.S. Army cracked down on soldiers' personal blogs, citing security concerns. Operational security, according to the memo from the DoD that was cited in Monday's AP article, is also a reason behind the new ban on MySpace, YouTube, and other social media sites. But that's not all--"recreational traffic," the memo says, is a drain on bandwidth.
DoD network operations, the memo said, "(have) noted a significant increase in use of DoD network resources tied up by individuals visiting certain recreational Internet sites."
But the AP article cited some perspectives from critics of the new policy, who stated that social media sites are not only an important way for many young people to keep in touch with families and friends, but they're also important news sources in today's world.
"This is as much an information war as it is bombs and bullets," Wired defense blogger Noah Shachtman is quoted as saying. "And they are muzzling their best voices."
- prev
- 1
- next
