Loss of Privacy

Keeping you informed on recent losses to privacy and civil rights worldwide.

Browsing Posts tagged Privacy

Tor-Anonymity-Tor-path

In a shocking story on the German site Tagesschau (Google translate), Lena Kampf, Jacob Appelbaum and John Goetz report on the rules used by the NSA to decide who is a “target” for surveillance.

You can read more at Boing Boing.

From Panorama:

The investigation discloses the following:

Two servers in Germany – in Berlin and Nuremberg – are under surveillance by the NSA.
Merely searching the web for the privacy-enhancing software tools outlined in the XKeyscore rules causes the NSA to mark and track the IP address of the person doing the search. Not only are German privacy software users tracked, but the source code shows that privacy software users worldwide are tracked by the NSA.
Among the NSA’s targets is the Tor network funded primarily by the US government to aid democracy advocates in authoritarian states.
The XKeyscore rules reveal that the NSA tracks all connections to a server that hosts part of an anonymous email service at the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) in Cambridge, Massachusetts. It also records details about visits to a popular internet journal for Linux operating system users called “the Linux Journal – the Original Magazine of the Linux Community”, and calls it an “extremist forum”.

The authors of the Tagesschau story have seen the “deep packet inspection” rules used to determine who is considered to be a legitimate target for deep surveillance, and the results are bizarre.

According to the story, the NSA targets anyone who searches for online articles about Tails — like this one that we published in April, or this article for teens that I wrote in May — or Tor (The Onion Router, which we’ve been posted about since 2004). Anyone who is determined to be using Tor is also targeted for long-term surveillance and retention.

Bruce Schneier thinks there may be a second leaker.

I do not believe that this came from the Snowden documents. I also don’t believe the TAO catalog came from the Snowden documents. I think there’s a second leaker out there.

EDITED TO ADD (7/3): More news stories. Thread on Reddit. I don’t expect this to get much coverage in the US mainstream media.

Hacker News and Slashdot threads. ArsTechnica and Wired articles.

There is also the live blog [in German] of William Binney in front of the German Parliament.

There is also another post on reddit. After reading all of these links the last few days, I’m probably on the NSA’s list now too.

The facts also bear out that all this surveillance to protect us is useless. You are eight times more likely to be killed by a police officer and 6 times more likely to die from hot weather than a terrorist attack.

Feel free to download Tor.

Read/download the XKeyscore rules.

flattr this!

Digital-Demise-Infographic

Source.

flattr this!

The smooth, perforated sheaths of metal are decorative, but their job is to protect and conceal a system of data-collection sensors that will measure air quality, light intensity, sound volume, heat, precipitation and wind. The sensors will also count people by measuring wireless signals on mobile devices.

Some experts caution that efforts like the one launching here to collect data from people and their surroundings pose concerns of a Big Brother intrusion into personal privacy.

In particular, sensors collecting cellphone data make privacy proponents nervous. But computer scientist Charlie Catlett said the planners have taken precautions to design their sensors to observe mobile devices and count contact with the signal rather than record the digital address of each device.

Many cities around the globe have tried in recent years to collect enormous piles of “big data” in order to better understand their people and surroundings, but scientists say Chicago’s project to create a permanent data collection infrastructure is unusual.

Sounds innocent enough, until you keep reading.

Data-hungry researchers are unabashedly enthusiastic about the project, but some experts said that the system’s flexibility and planned partnerships with industry beg to be closely monitored. Questions include whether the sensors are gathering too much personal information about people who may be passing by without giving a second thought to the amount of data that their movements — and the signals from their smartphones — may be giving off.

But such an effort could still lead to gathering more sensitive information than is intended, said Fred Cate, an expert on privacy matters related to technology who teaches at Indiana University’s law school.

“Almost any data that starts with an individual is going to be identifiable,” Cate said. When tracking activity from mobile phones, “you actually collect the traffic. You may not care about the fact that it’s personally identifiable. It’s still going to be personally identifiable.”

King, the Harvard sociologist and data expert, agreed that the Chicago scientists will inevitably scoop up personally identifiable data.

“If they do a good job they’ll collect identifiable data. You can (gather) identifiable data with remarkably little information,” King said. “You have to be careful. Good things can produce bad things.”

Researchers hope these sensors will eventually expand into neighborhoods.

flattr this!

Deborah C. Peel, MD is the world’s leading advocate for patients’ rights to control the use of personal health information in electronic systems. She is also a practicing physician and Freudian psychoanalyst. She became an expert and privacy warrior to stop patients from being harmed. The lack of health privacy causes millions of US citizens to avoid early diagnosis and treatment for cancer, depression, and STDs every year.

Her passion is informing the public about privacy-enhancing technologies and the major fixes needed in law and policy, so they can join the battle to restore our civil and human rights to health privacy.

Before you think this isn’t a big deal, think again. Hospitals have begun creating profiles on current and potential patients by tracking their consumer data to identify when a person may become ill.

Information compiled by data brokers from public records and credit card transactions can reveal where a person shops, the food they buy, and whether they smoke. The largest hospital chain in the Carolinas is plugging data for 2 million people into algorithms designed to identify high-risk patients, while Pennsylvania’s biggest system uses household and demographic data.

Carolinas HealthCare System operates the largest group of medical centers in North Carolina and South Carolina, with more than 900 care centers, including hospitals, nursing homes, doctors’ offices and surgical centers. The health system is placing its data, which include purchases a patient has made using a credit card or store loyalty card, into predictive models that give a risk score to patients.

While all information would be bound by doctor-patient confidentiality, he said he’s aware some people may be uncomfortable with data going to doctors and hospitals. For these people, the system is considering an opt-out mechanism that will keep their data private,

How about just making the system opt-in? Anyone who wants to be spied upon and have others making their lifestyle decisions for them can participate. Those who value their privacy wouldn’t have to do a thing.

Video.

flattr this!

Air Force base in El Segundo. Allegedly a guy with a backpack that had wires hanging from it was spotted so they shut down the neighborhood.

From Ars Technica:

A California man who has been arrested several times for recording police from the ground has now taken to the airways, using a drone to watch the watchers.

“It’s to try to promote transparency,” 42-year-old Daniel Saulmon told a Los Angeles news broadcast.

flattr this!