EFF, ACLU Demolish "It’s Just Metadata" Claim in NSA Spying Appeal

Electronic Frontier Foundation Media Release
For Immediate Release: Wednesday, August 20, 2014
Contact:
Andrew Crocker
Legal Fellow
Electronic Frontier Foundation
an****@ef*.org
+1 415 436-9333 x139

EFF, ACLU Demolish “It’s Just Metadata” Claim in NSA Spying Appeal

Americans Deserve Full Protection of the Fourth Amendment
for their Telephone Records, Groups Argue

Washington, DC – The Electronic Frontier Foundation (EFF)
and the American Civil Liberties Union (ACLU) today filed
an amicus brief in Klayman v. Obama, a high-profile lawsuit
that challenges mass surveillance, arguing that Americans’
telephone metadata deserves the highest protection of the
Fourth Amendment.
Larry Klayman, conservative activist and founder of
Judicial Watch and Freedom Watch, was among the first
plaintiffs to sue the National Security Agency (NSA) over
the collection of telephone metadata from Verizon customers
that was detailed in documents released by Edward Snowden.
In December 2013, Judge Richard Leon issued a preliminary
ruling that the program was likely unconstitutional, and
the case is currently on appeal before the U.S. Court of
Appeals for the District of Columbia Circuit.
In the new amicus brief in Klayman v. Obama, the EFF and
ACLU lawyers repudiate arguments by U.S. officials that the
records are “just metadata” and therefore not as sensitive
as the contents of phone calls. Using research and new
case law, the civil liberties groups argue that metadata
(such as who individuals called, when they called, and how
long they spoke) can be even more revealing than
conversations when collected en masse.
“Metadata isn’t trivial,” EFF Legal Fellow Andrew Crocker
says. “Collected on a massive scale over a broad time
period, metadata can reveal your political and religious
affiliations, your friends and relationships, even whether
you have a health condition or own guns. This is exactly
the kind of warrantless search the Fourth Amendment was
intended to prevent.”
The brief explains that changes in technology, as well as
the government’s move from targeted to mass surveillance,
mean that the holding of the 1979 Supreme Court case Smith
v. Maryland that the government relies on (often called the
“third-party doctrine”) does not apply. Instead, EFF and
the ACLU point to a series of recent key
decisions–including the Supreme Court decisions in United
States v. Jones in 2012 and Riley v. California in 2014–in
which judges ruled in favor of requiring a warrant for
electronic search and seizure.
“Dragnet surveillance is and has always has been illegal in
the United States,” says ACLU Staff Attorney Alex Abdo.
“Our country’s founders rebelled against overbroad searches
and seizures, and they would be aghast to see the liberties
they fought hard to enshrine into our Constitution
sacrificed in the name of security. As even the president
himself has recognized, we can keep the nation safe without
surrendering our privacy.”
EFF and the ACLU have each litigated numerous First and
Fourth Amendment lawsuits related to NSA surveillance and
together represent Idaho nurse Anna Smith in a similar case
currently on appeal in the Ninth Circuit Court of Appeals
called Smith v. Obama. The ACLU is a plaintiff in a case
currently pending before the Second Circuit Court of
Appeals, ACLU v. Clapper, to be heard on Sept. 2. EFF has
two cases–Jewel v. NSA and First Unitarian Church of Los
Angeles v. NSA–before the U.S. District Court for Northern
District of California.
For the amicus brief:
https://www.eff.org/document/eff-and-aclu-amicus-brief-klayman
For this release:
https://www.eff.org/press/releases/eff-aclu-demolish-its-just-metadata-claim-nsa-spying-appeal
 

XRay, first step in understanding how personal data is being used on web services

New tool makes online personal data more transparent

8/18/14 Columbia Engineering researchers develop XRay, first step in understanding how personal data is being used on web services like Google, Amazon, and YouTube

New York, NY—August 18, 2014—The web can be an opaque black box: it leverages our personal information without our knowledge or control. When, for instance, a user sees an ad about depression online, she may not realize that she is seeing it because she recently sent an email about being sad. Roxana Geambasu and Augustin Chaintreau, both assistant professors of computer science at Columbia Engineering, are seeking to change that, and in doing so bring more transparency to the web. Along with their PhD student, Mathias Lecuyer, the researchers have developed XRay, a new tool that reveals which data in a web account, such as emails, searches, or viewed products, are being used to target which outputs, such as ads, recommended products, or prices. They will be presenting the prototype, which is designed to make the online use of personal data more transparent, at USENIX Security on August 20. The researchers have posted the open source system, as well as their findings, online for other researchers interested in studying how web services use personal data to leverage and extend.
“Today we have a problem: the web is not transparent. We see XRay as an important first step in exposing how websites are using your personal data,” says Geambasu, who is also a member of Columbia’s Institute for Data Sciences and Engineering’s Cybersecurity Center.
We live in a “big data” world, where staggering amounts of personal data—our locations, search histories, emails, posts, photos, and more—are constantly being collected and analyzed by Google, Amazon, Facebook, and many other web services. While harnessing big data can certainly improve our daily lives (Amazon offerings, Netflix suggestions, emergency response Tweets, etc.), these beneficial uses have also generated a big data frenzy, with web services aggressively pursuing new ways to acquire and commercialize the information.
“It’s critical, now more than ever, to reconcile our privacy needs with the exponential progress in leveraging this big data,” says Chaintreau, a member of the Institute for Data Sciences and Engineering’s New Media Center. Geambasu adds, “If we leave it unchecked, big data’s exciting potential could become a breeding ground for data abuses, privacy vulnerabilities, and unfair or deceptive business practices.”
Determined to provide checks and balances on data abuse, XRay is designed to be the first fine-grained, scalable personal data tracking system for the web. For example, one can use the XRay prototype to study why a user might be shown a specific ad in Gmail. Geambasu and Chaintreau found, for example, that a Gmail user who sees ads about various forms of spiritualism might have received them because he or she sent an email message about depression.
Developing XRay was challenging, say the researchers. “The science of understanding the use of personal web data at a fine grain—looking at individual emails, photos, posts, etc.—is largely non-existent,” Geambasu notes. “There really isn’t anything out there that can accurately pinpoint which specific input—which search query, visited site, or viewed product—or combination of inputs explains which output. It was clear that we needed to come up with a new, robust auditing tool, one that can be applied effectively to many different services.”
How it Works
“We knew from the start that our biggest challenge in achieving transparency would be scale—how do we continue to track more data while using minimum resources?” Chaintreau says. “The theoretical results were encouraging, but seemed too good to be true. So we tested XRay in actual situations, learning from experiments we ran on Gmail, Amazon, and YouTube, and refining the design multiple times. The final design surprised us: XRay succeeded in all the experiments we ran, and it matched our theoretical predictions in increasingly complex cases. That is when we finally thought that achieving web transparency at large is not a dream in a distant future but something we can start building toward now.”
The current XRay system works with Gmail, Amazon, and YouTube. However, XRay’s core functions are service-agnostic and easy to instantiate for new services, and they can track data within and across services. The key idea in XRay is to use black-box correlation of data inputs and outputs to detect data use.
To assess XRay’s practical value, the researchers created an XRay-based demo service that continuously collects and diagnoses Gmail ads related to a set of topics, including various diseases, pregnancy, race, sexual orientation, divorce, debt, etc. They created emails that included keywords closely related to one topic and then launched XRay’s Gmail ad collection and examined the targeting associations. XRay’s data is now available online to anyone interested in sensitive-topic ad targeting in Gmail.
“We’ve just started to peek into XRay’s targeting data and even at this early stage, we’ve seen a lot of interesting behaviors,” Geambasu says. “We know that we need larger-scale experience to formalize and quantify our conclusions, but we can already make several interesting observations.”
The researchers note that (1) It is definitely possible to target sensitive topics in users’ inboxes, including cancer, depression, or pregnancy. (2) For many ads, targeting was extremely obscure and non-obvious to end-users, which opens them up to abuses. (3) The researchers have already seen signs of such abuses, for instance, a number of subprime loan ads for used cars targeting debt in users’ inboxes. Examples of ads and their targeted topics can be found on the XRay website.
The tool can be used to increase user awareness about how their data is being used, as well as provide much needed tools for auditors, such as researchers, journalists, and investigators, to keep that use under scrutiny. Geambasu and Chaintreau, who recently won a Magic Grant from the Brown institute for Media Innovation to build better transparency tools, have made the XRay prototype available for auditors at http://xray.cs.columbia.edu.
“Our work calls for and promotes the best practice of voluntary transparency,” says Chaintreau, “while at the same time empowering investigators and watchdogs with a significant new tool for increased vigilance, something we need more of every day.”

#
Big Data, Internet Surveillance, and 4th Amendment.
Who watches the watchers? Big Data goes unchecked Washington


Educational CyberPlayGround: Surveillance Technology in the Work Place .
networking would presumably be the domain of PRISM. How Much Big


Parents fight Big Data Collection and Surveillance
Education Surveillance and Big Data Big Data If you’re OK with


Privacy Concerns over selling K-12 Student Datainformation is a common practice.
Department has been a major proponent of big data . It has used


Educational CyberPlayGround: Knowledge Management
Crunch your way through big data on your iPad? Lucky Sort , is


Learn how to protect your privacy when you are online.
The ethics of data and power. BIG DATA The data all of these


Educational CyberPlayGround: State Associations of School Administrators Alabama ,…
Who watches the watchers? Big Data goes unchecked Washington
Educational CyberPlayGround: Future Trends in Computing.
makezine.com/ 2012 BIG DATA When scientists publish their


Federal K12 Department of Education in America FAIL.
Education Surveillance and Big Data Is your company product or


Predictive Technology – Darpa develops cognitive fingerprint.
Big Data And You: How Your ‘Likes’ Reveal Sexuality, Race, Drug

 

7 Pages That Gave President Obama Cover to Kill Americans

7 Pages That Gave President Obama Cover to Kill Americans
A newly released memo from the Office of Legal Counsel calls the wisdom of David Barron’s lifetime appointment to a federal judgeship into question.
Before David Barron was confirmed this year to a lifetime seat on the United States Court of Appeals for the First Circuit, his critics objected that the cover he gave President Obama to carry out extrajudicial killings of American citizens ought to disqualify him from the bench. “I rise today to oppose the nomination of anyone who would argue that the president has the power to kill an American citizen not involved in combat and without a trial,” Senator Rand Paul declared in remarks opposing the nomination. “I rise to say that there is no legal precedent for killing citizens not involved in combat and that any nominee who rubber stamps and grants such power to a president is not worthy of being one step away from the Supreme Court.”
Barron, who wrote his controversial memo while at the Office of Legal Counsel, was confirmed anyway, before the public was permitted to see the legal reasoning he used to weaken the Fifth Amendment as well as an executive order banning assassinations and a statute prohibiting the murder of American citizens abroad. Now that analysis is available for review.
One memo was released with significant redactions on June 23. Charlie Savage ofThe New York Times, who has fought alongside the ACLU for the release of all such memos, set forth what it revealed about Team Obama’s legal reasoning. Then on Friday, the administration released an even earlier Office of Legal Counsel memo. Also heavily redacted, it nevertheless gives us insight into Barron’s initial attitude toward one of the most fraught questions in American constitutional law. The memo, co-written with Marty Lederman, is here. And it coveys disturbing information about an Obama-appointed federal judge.
//

I’m a cop. If you don’t want to get hurt, don’t challenge me.

I’m a cop. If you don’t want to get hurt, don’t challenge me.
http://www.washingtonpost.com/posteverything/wp/2014/08/19/im-a-cop-if-you-dont-want-to-get-hurt-dont-challenge-me/
It’s not the police, but the people they stop, who can prevent a detention from turning into a tragedy. By Sunil Dutta August 19
Sunil Dutta, a professor of homeland security at Colorado Tech University, has been an officer with the Los Angeles Police Department for 17 years. The views presented here are his own and do not represent the LAPD or CTU.

<MINDSET>
Even though it might sound harsh and impolitic, here is the bottom line: if you don’t want to get shot, tased, pepper-sprayed, struck with a baton or thrown to the ground, just do what I tell you. Don’t argue with me, don’t call me names, don’t tell me that I can’t stop you, don’t say I’m a racist pig, don’t threaten that you’ll sue me and take away my badge. Don’t scream at me that you pay my salary, and don’t even think of aggressively walking towards me.

VS
Policing by consent
http://kottke.org/14/08/policing-by-consent
Compare and contrast that with Kottke’s post discussing the core principles of the original Bobbies:
At the heart of the Metropolitan Police’s charter were a set of rules either written by Peel or drawn up at some later date by the two founding Commissioners: The Nine Principles of Policing. They are as follows:
1. To prevent crime and disorder, as an alternative to their repression by military force and severity of legal punishment.
2. To recognise always that the power of the police to fulfil their functions and duties is dependent on public approval of their existence, actions and behaviour, and on their ability to secure and maintain public respect.
3. To recognise always that to secure and maintain the respect and approval of the public means also the securing of the willing co-operation of the public in the task of securing observance of laws.

Ken White at PopeHat has an excellent take on this:
http://www.popehat.com/2014/08/19/sunil-dutta-tells-it-like-it-is-about-american-policing/The money quote from Ken:

[Dutta’s] core message is this:
Even though it might sound harsh and impolitic, here is the bottom line: if you don’t want to get shot, tased, pepper-sprayed, struck with a baton or thrown to the ground, just do what I tell you.

The outrageous thing is not that he says it. The outrageous thing is that we accept it.

Would we accept
“if you don’t want to get shot, just do what the EPA regulator tells you”?
Would we yield to
“if you don’t want your kid tased, do what the Deputy Superintendent of Education tells you”?
Would we accept
“if you don’t want to get tear gassed, just do what your Congressman tells you?” No.

Our culture of individualism and liberty would not permit it.
Yet somehow, through generations of law-and-order rhetoric and near-deification of law enforcement, we have convinced ourselves that cops are different, and that it is perfectly acceptable for them to be able to order us about, at their discretion, on pain of violence.
It’s not acceptable. It is servile and grotesque.
Chris Beck