Saturday, May 20, 2006

Mission accomplished in New Orleans?

Photo: Michael Weschler

Photo: Ben Rush

Photo: Times Picayune

Hmm, no, I don't think so.

The scary part? Hurricane season officially begins June 1st.

Update: The Washiington Post has an article here about the earmarking of Katrina recovery funds.

Tuesday, May 16, 2006

The War on Privacy so far has started up a new blog, 27B Stroke 6, devoted to exploring the issues around electronic data gathering.

27B Stroke 6 refers to a piece of bureaucratic paperwork featured in Terry Gilliam's film, Brazil, and in the geek world refers to the government's ability to invoke "state secrecy" laws.

Here's their summary of this administration's War on Privacy so far (near as we can tell):


You can't understand yesterday's news without thinking of it as one more known component of an architecture of surveillance. Here are some of the known and alleged pieces:
  • A terrorist watch list some 340,000 names long which is shared with other governments, checked by state troopers and local cops when they pull you over, used to determine your eligibility to drive a commercial truck or work at a seaport, and decide what level of screening you get at the airport

  • A massive NSA database comprising the phone records of nearly every American stretching back almost 4 years
  • An NSA international eavesdropping program that is likely monitoring every email and phone call that crosses the border and which allows a staff technician to decide when a call is to be listened to or emails read

  • A massive FBI data mining operation which is fed with information from wiretaps conducted through the FISA process (more than 2,000 of these applications were submitted and approved last year)

  • FBI agents also have the power to compel business and communications records by writing themselves a subpoena (known as a National Security Letter). Last year, the FBI issued 9,254 NSLs to get information on 3,501 U.S. persons. An undisclosed number of NSL were issued to get information on non-U.S. persons (presumably FBI didn't tell Congress this since the law didn't require it to), though the Washington Post has reported that the FBI issues some 30,000 NSLs in total every year

  • The Pentagon also has its own surveillance teams and databases

  • Private companies such as ChoicePoint serve as privatized intelligence services for the government, compiling dossiers on nearly every American and selling them to a dizzying acronym soup of federal investigatory agencies

  • Telecom companies in accordance with federal law have modified their networks to federal wiretapping standards, so federal investigators don't have to figure out how to tap a network -- they simply have to provide the subpoena and possibly reimburse the company

  • Soon almost all internet telephony providers, as well as nearly all Internet Service Providers -- including colleges, will have to also build in eavesdropping capabilities as specified by the government

  • The Supreme Court has recognized ability of the President to unilaterally declare a citizen an "enemy combatant" and put him on trial in a military court

  • The CIA has the ability to grab a person, put them on a secret plane and fly them to a secret prison or turn them over for questioning to a government that is known to torture its prisoners

Monday, May 15, 2006

NSA is operating outside its charter

You may have heard the term, No Such Agency? Well, that would be the bad boys of recent headline fame, also known as the Agency That Cannot Be Named. It was originally a project so secret that most members of Congress had never even heard of it, yet today you can Google lines of code from one of their old, out-of-control projects.

Back in the day, while I was still in basic training at San Diego, I took the Foreign Language Aptitude Test (FLAT) and apparently scored well, because the minute they had finished grading the test, the proctor told me to report to Room XYZ (follow the yellow line painted on the floor), and with an "Aye, aye, sir," off I went.

Imagine my surprise when I ended up reporting to a man smoking a pipe in a walnut-panelled room (and wearing a tweed jacket and sporting a bow tie) with a huge plaque hanging on the wall over his head that read: National Security Agency.

I declined the job, as I knew that the Israelis had blown our spy ship, the USS Liberty, out of the water during the Sinai war in 1967. The Liberty was, of course, a US Navy SIGINT ship, chock-full of NSA-trained "communications" personnel. While I had volunteered to defend America, I wanted no part of being a potential victim of one of our "allies." I turned down the job with the NSA, whatever it was.

But my interest was piqued, and I have followed the career of the NSA with mild curiosity ever since. So it comes as no surprise to learn that the NSA no longer operates within its charter, which derives from Truman's National Security Act of 1947, tasking the agency with the gathering of the electronic communications of foreign governments. Further, the NSA (and the President) have broken the law by acting in a manner not consistent with the original charter of the NSA.

1.b.(b.) The COMINT mission of the National Security Agency (NSA) shall be to provide an effective, unified organization and control of the communications intelligence activities of the United States conducted against foreign governments, to provide for integrated operational policies and procedures pertaining thereto. As used in this directive, the terms "communications intelligence" or "COMINT" shall be construed to mean all procedures and methods used in the interception of comunications other than foreign press and propaganda broadcasts and the obtaining of information from such communications by other than intended recipients, but shall exclude censorship and the production and dissemination of finished intelligence.

Not domestic communications. Foreign. Governments.

Put away your legal arguments, your practical arguments, your expediency arguments, and your "9/11 changed everything" arguments. The agency is presently operating (you legal eagles will recognize and understand the implications of the following phrase) ultra vires.

Translated from the legal French: "Outside of their charter."

Ultra vires is a well-established rule of business and municipal law. Plainly speaking, it means that the owners (stockholders) of a company can sue the executives of a company or corporation when the company is no longer doing the business it was chartered to do.

For example, McDonald's is chartered to sell hamburgers. If they start selling guns and ammo, say, the stockholders can sue the company (CEO, board of directors, whatever), for doing business outside their mandate.

This is the legal situation that NSA is presently in. They are chartered to intercept the communications of foreign governments only.

By engaging in domestic intelligence they have exceeded their charter, thus they are engaging in unchartered activity, and the officals in charge, including the President, can and should be sued, fined, and publiclly pilloried, by the stockholders of that enterprise, namely, the US taxpayer.

ABC News reports their lines are tapped

So Brian Ross and Richard Esposito are sitting in the press room of ABC News a couple of hours ago and one guy's phone rings:


"Yeah, who is this?"

"I really can't tell you that ... call me a 'Confidential Informant,' but you might want to know that you guys need to buy new cell phones."


"New cell phones. You and Rich, too."

"Excuse me, what the hell are you talking about?"

"OK, look, Brian, I only have about thirty seconds here ... your phones are being tapped by the Agency That Cannot Be Named!"

"Oh, dear."

"Yeah, look, you didn't hear this from me, but you might want to get one of those throw-away phones, but quick. Both you guys. Bye now."


Brian checks the Caller ID and his eyebrows shoot up. Yikes, this CI probably knows what's what.

Ho ho ho. Maybe now these schmucks calling themselves reporters might want to press their editors to front-page this crap and keep it there.

Update: Raw Story has the transcript of an interview with Brian Ross with Air America's Ed Schultz.

Sunday, May 14, 2006

Yes, Virginia, they are data-mining you

There's been a lot of head-scratching about just what the hell the NSA is actually doing with all these phone records. Cell-phones, touch-tone or dialup? See, even I get confused about it. (Touch tone??). Ok, well, ZDNet - folks who know a thing or two about electrical gizmos computer thingies - have posted a few FAQs on their website, which we reproduce here in part.

Capitol Hill politicians reacted angrily this week to a new report about how the National Security agency is involved in not merely surveillance of phone calls, but also an extensive data mining program.

"We need to know what our government is doing in its activities that spy upon Americans," said Sen. Patrick Leahy, a Vermont Democrat. Republican Sen. Arlen Specter of Pennsylvania vowed to hold hearings to get to the bottom of how the NSA's data mining works and whether Americans' privacy rights were affected.To answer some questions about the program and how it likely works, CNET has created the following list of answers to frequently asked questions. Keep reading.

Q: What new information came out this week?

USA Today published an article on Thursday that said AT&T, Verizon and BellSouth turned over records of millions of phone calls to the National Security Agency. These are not international calls--they're apparently records of all calls that those companies' customers made.

Two things are worth noting. First, based on the newspaper's description, contents of phone calls were not divulged. Second, customers' names, street addresses and other personal information were not handed over.

Q: When you say records of phone calls were turned over, what does that mean?

That's a reference to "call detail records," or CDRs, which are database entries that record the parties to the conversation, the duration of the call and so on. This appears to include local phone calls and not just long-distance calls.

CDRs are stored in massive telephone company databases. Cisco Systems' Unified CallManager lets customers use SQL queries to dig up information about each call. Those internal databases have either been opened up to outside queries from the NSA or (more likely) duplicated and handed over to the NSA on a regular basis.

Q: If the NSA has my phone number, can it get my name and address?

Yes. The NSA can cross-check other databases to obtain that information. Many commercial data vendors, such as Yahoo People Search and LexisNexis' People Locator, do just that--and count many federal agencies among their customers.

Q: How about cell phones? It would be a bit more difficult.

There's no central directory for cell phones, for instance. And there's not much information that can be gleaned about owners of disposable cell phones who happened to buy them with cash.

Q: How is this different from what we knew before?

A series of disclosures, starting with The New York Times' report in December, outlined how the NSA conducted surreptitious electronic surveillance of phone calls and e-mail traffic when one party was outside the United States. The president and other members of his administration have stuck to that claim--saying that domestic phone calls were not part of the dragnet. In January, for instance, Bush assured Americans that "one end of the communication must be outside the United States."

The latest revelation is different. It says the scope of the NSA's efforts is far broader than listening in on a few hundred conversations. Instead, the vast majority of Americans have probably had information on their phone calls turned over. (Another difference is that the contents of the conversations was not divulged, at least as far as we know.)

Q: When Attorney General Alberto Gonzales was testifying a few months ago, he seemed careful to specify that he was talking only about the "Terrorist Surveillance Program." Does that mean he knew about the phone data mining effort and refused to reveal it earlier? It seems likely, but we don't know.

During his appearance before the Senate Judiciary Committee and in a subsequent letter to senators, Gonzales' careful wording seemed to imply that there may be additional domestic surveillance programs beyond the one revealed by The New York Times.

(Testifying before senators, Gonzales referred to that program as "the program that the president has confirmed.") But Gonzales later reassured concerned politicians that the administration is not currently conducting any additional domestic surveillance programs, Rep. Jane Harman, the senior Democrat on the House Intelligence Committee, told The Washington Post in a March interview. Of course, Gonzales could have been parsing his words carefully--and might eventually claim that data mining is not surveillance.

Q: Now that the NSA has this mountain of data, what is the agency doing with it?

The two-word summary: data mining. That's a loose term that generally means directing a computer program to sift through large amounts of data in hopes of extracting previously unknown information.

In theory, useful patterns can emerge and future terrorist plots could be thwarted. In practice, though, The New York Times has reported that FBI sources say many of the tips provided by the NSA led to dead ends.

Q: What other data mining efforts has the NSA been involved with?

Details are classified, of course. But a few hints have become public, and we know that the NSA has funded or been otherwise involved in dozens of programs in the past.

The ZDNet article continues here.

While I hate to dredge up the past, allow me to refer you back to two of my previous posts on this topic:

ADVISE - Another massive government spy program
ECHELON is data-mining you

Update: From Media Matters: Myths and falsehoods on the NSA domestic call-tracking program

Heritage Foundation has reasonable plan on immigration

Believe it or not, the Heritage Foundation actually has people who can think about issues without getting all frothy at the mouth.

On immigration for instance, a couple of their chromedomes has a plan that could work, if Congress would get some rabies shots first.