Spitfire List Web site and blog of anti-fascist researcher and radio personality Dave Emory.

For The Record  

FTR #774 The Adventures of Eddie the Friendly Spook, Part 14: The Corporate Connections and the Public vs. Private Dynamic

Dave Emory’s entire life­time of work is avail­able on a flash drive that can be obtained here. (The flash drive includes the anti-fascist books avail­able on this site.)

Listen: MP3

Side 1   Side 2

Introduction: Benito Mussolini, the world’s first fascist, defined fascism as “corporatism.” Ronald Reagan’s signature political aphorism was: “Government isn’t the solution to your problems. Government IS the problem.”

Looming very large in the context of “L’Affaire Snowden” are the corporate connections to this political phenomenon and what we call the “public versus private dynamic.”

The keynote element of this discussion is a revealing analysis of James Madison’s views on the intrusion into citizens privacy. As noted in this analysis, Madison was deficient in his prescription for protecting privacy. Madison was aware of the need to protect citizens’ privacy against governmental intrusion, but failed substantively to take into account the need to protect citizens against corporate intrusion into privacy. In the internet and cell phone age, that is of paramount significance.

The public vesus private dynamic and the corporate connections are particularly important in light of the decision to turn metadata over to a “third party” for safekeeping.

What we are seeing–to an extent–is privatization of the NSA.

In this ongo­ing series about L’Affaire Snow­den, we have dis­cussed the fact that the col­lec­tion of meta­data is rou­tine by Inter­net and cell­phone com­pa­nies, as well as retail out­lets that offer dis­count cards. (The har­vest­ing of meta­data is the focal point of what the NSA does and what lies at the cen­ter of the “controversy.”)

A recent post by PR Watch notes that Grover Norquist has been among the recip­i­ents of Google money.

Hav­ing opined that he wanted to “drown” gov­ern­ment in the “bath­tub,” Norquist is a lynch­pin of the “Shut­down GOP” and the founder of the Islamic Free Mar­ket Insti­tute. A syn­the­sis of the GOP and the Mus­lim Broth­er­hood, the Insti­tute is inex­tri­ca­bly linked with the Oper­a­tion Green Quest inves­ti­ga­tion into ter­ror­ist financing.

Against the back­ground of Google’s financ­ing of Norquist’s cru­sades and other right-wing causes, one can but won­der what Google may be doing with the vast amounts of meta­data they harvest. Why aren’t more people alarmed about what Google may be doing with their information?

In addition to an accurate observation by WikiLeaks hacker Jacob Applebaum about Google having the information to topple governments, we note that Google, Apple, EBay and other key Silicon Valley companies have engaged in heavy-handed monopolistic practices that have been the focal point of investigations by the Department of Justice.

A central point of analysis concerns just WHO authorized Edward Snowden, Bradley Manning, WikiLeaks and Citizen Greenwald to access the vast amounts of data that they have? What judicial or governmental authority oversees THEIR activities? Why is it OK for them to access vast amounts of data that might adversely affect the lives of millions?

Program Highlights Include:

  • Former NSA head Michael Hayden’s correct observation that citizens’ data is more secure when held by the NSA than it would be with a “third party.”
  • Hayden’s observation that the fourth amendment doesn’t apply to foreign citizens–it isn’t an international treaty.
  • Apple’s Iphone has an “app” that permits retail outlets to rigorously surveil customers shopping in their stores.
  • Speculation that Palantir might become the “third party” repository of metadata currently stored by NSA.
  • Edward Snowden and Bradley Manning’s use of web-crawling technology to vacuum-up hundreds of thousands of files–files that they could not possibly have read.
  • WikiLeaks’ profound association with the Russian phishing mafia–sophisticated internet criminals who steal people’s online information for the purpose of looting their assets.
  • WikiLeaks’ co-founder John Young’s observation that the group is acting like ” . . . a bunch of spies.” Young broke with the group over their behavior.

1. The keynote element of this discussion is a revealing analysis of James Madison’s views on the intrusion into citizens privacy. As noted in this analysis, Madison was deficient in his prescription for protecting privacy. Madison was aware of the need to protect citizens’ privacy against governmental intrusion, but failed substantively to take into account the need to protect citizens against corporate intrusion into privacy. In the internet and cell phone age, that is of paramount significance.

The need to factor corporate intrusion into people’s lives is particularly important with the decision to have a “third party” store metadata instead of the NSA.

“Madison’s Privacy Blind Spot” by James Rosen; The New York Times; 1/18/2014.

. . . Expect to hear a lot more about Madison in the coming year, as the issues surrounding the N.S.A. move toward what Justice Scalia has said will be a likely review by the Supreme Court. For that reason, it is important to explore what Madison does and doesn’t offer to this debate.

The apotheosis of Madison as an emblem for opposition to mass surveillance is welcome. But the reasoning behind his beliefs has been misunderstood. He believed that the preservation of people’s “different and unequal faculties of acquiring property” was “the first object of government,” but that a too-powerful government could undermine that goal. He was, therefore, more concerned with abuses of legislative and executive power than of unregulated commercial power.

As a result, the Bill of Rights, which he came to champion, constrains only government actors, not private ones. It applies to the government, not Google. Now that Google and AT&T can track us more closely than any N.S.A. agent, it appears that the Madisonian Constitution may be inadequate to defend our privacy and dignity in the 21st century. . . .

. . . . There is, therefore, a tension in modern libertarian appreciations of Madison. They exaggerate his opposition to abuse of federal power and ignore his failure to anticipate abuse of corporate power. . . .

. . . . But on the right, the Madisonian devotion to property rights, and Jeffersonian suspicion of regulation, are so strong that the same principled libertarians who oppose N.S.A. data collection shrink from efforts to regulate Google or AT&T.

In his speech on intelligence reform on Friday, President Obama called on Attorney General Eric H. Holder Jr. to develop options for how the bulk telephone data collection program could continue without the metadata being held by the government itself. But telecom companies have resisted being the repository for the data, and an anti-regulatory Congress is unlikely to require them to do so or to impose meaningful limits on what they can do with the data they hold.

As a result, Internet service providers and telecoms are constrained neither by the Constitution nor, in meaningful ways, by federal privacy statutes. And they are free to engage in just the kind of intrusive surveillance that Judge Leon insisted was an unreasonable search and seizure when conducted by the N.S.A.

In practice, the neo-Madisonian distinction between surveillance by the government and surveillance by Google makes little sense. It is true that, as Judge Pauley concluded, “People voluntarily surrender personal and seemingly private information to trans-national corporations which exploit that data for profit. Few think twice about it.”

But why? Why is it O.K. for AT&T to know about our political, religious and sexual associations, but not the government? . . .

. . . . That distinction is unconvincing. Once data is collected by private parties, the government will inevitably demand access.

More fundamentally, continuously tracking my location, whether by the government or AT&T, is an affront to my dignity. When every step I take on- and off-line is recorded, so an algorithm can predict if I am a potential terrorist or a potential customer, I am being objectified and stereotyped, rather than treated as an individual, worthy of equal concern and respect. . . .

. . . . . . . What Americans may now need is a constitutional amendment to prohibit unreasonable searches and seizures of our persons and electronic effects, whether by the government or by private corporations like Google and AT&T.

Perhaps even Madison, who unsuccessfully proposed a preamble to the Constitution declaring “that all power is originally rested in, and consequently derived from the people,” and that all people have basic natural rights, including “the enjoyment of life and liberty” and the right of “pursuing and obtaining happiness and safety,” might have realized that our rights to enjoy liberty, and to obtain happiness and safety at the same time, are threatened as much by corporate as government surveillance.

2. In that same con­text, it is worth not­ing that the quasi-populist ide­o­log­i­cal rhetoric sur­round­ing the Pirate Bay embraces a conflict between two right-wing views. (Pirate Bay and WikiLeaks are closely linked.)

“The Pirate Bay trial Is the Col­li­sion of ‘Can I?’ and ‘Should I?’ Cul­tures” by Andrew Brown; The Guardian; 2/26/2009.

. . . . Their atti­tude of sneer­ing enti­tle­ment towards the gov­ern­ment is all of a piece with their atti­tude towards the big con­tent companies. . . .

. . . I know that a lit­tle bit of the rhetoric around The Pirate Bay sounds left­wing – the idea that it is wrong for “inter­na­tional cap­i­tal” to push Swe­den around – but that’s just pop­ulist, and could be found in the rhetoric of the kind of par­ties that Carl Lund­ström has sup­ported too.

The over­whelm­ing impres­sion is of a clash between two rightwing views, one that says it is all right to steal from the state, and one which says it is sin­ful to steal from corporations. . . .

3a. WikiLeaks hacker Jacob Applebaum noted Google’s capabilities:

“The Amer­i­can Wik­ileaks Hacker” by Nathaniel Rich; Rolling Stone; 12/01/2010.

. . . . “It’s not just the state,” says Appel­baum. “If it wanted to, Google could over­throw any coun­try in the world. Google has enough dirt to destroy every mar­riage in America.”

But doesn’t Google pro­vide fund­ing for Tor?

“I love Google,” he says. “And I love the peo­ple there. Sergey Brin and Larry Page are cool. But I’m ter­ri­fied of the next gen­er­a­tion that takes over. A benev­o­lent dic­ta­tor­ship is still a dic­ta­tor­ship. At some point peo­ple are going to real­ize that Google has every­thing on every­one. Most of all, they can see what ques­tions you’re ask­ing, in real time. Quite lit­er­ally, they can read your mind.” . . . .

3b. In this ongo­ing series about L’Affaire Snow­den, we have dis­cussed the fact that the col­lec­tion of meta­data is rou­tine by Inter­net and cell­phone com­pa­nies, as well as retail out­lets that offer dis­count cards. (The har­vest­ing of meta­data is the focal point of what the NSA does and what lies at the cen­ter of the “controversy.”)

A recent post by PR Watch notes that Grover Norquist has been among the recip­i­ents of Google money.

Hav­ing opined that he wanted to “drown” gov­ern­ment in the “bath­tub,” Norquist is a lynch­pin of the “Shut­down GOP” and the founder of the Islamic Free Mar­ket Insti­tute. A syn­the­sis of the GOP and the Mus­lim Broth­er­hood, the Insti­tute is inex­tri­ca­bly linked with the Oper­a­tion Green Quest inves­ti­ga­tion into ter­ror­ist financing.

Against the back­ground of Google’s financ­ing of Norquist’s cru­sades and other right-wing causes, one can but won­der what Google may be doing with the vast amounts of meta­data they harvest.

“The Googliza­tion of the Far Right: Why is Google Fund­ing Grover Norquist, Her­itage Action and ALEC?” by Nick Surgey; prwatch.org; 11/27/2013.

Google, the tech giant sup­pos­edly guided by its “don’t be evil” motto, has been fund­ing a grow­ing list of groups advanc­ing the agenda of the Koch brothers.

Orga­ni­za­tions that received “sub­stan­tial” fund­ing from Google for the first time over the past year include Grover Norquist’s Amer­i­cans for Tax Reform, the Fed­er­al­ist Soci­ety, the Amer­i­can Con­ser­v­a­tive Union (best known for its CPAC con­fer­ence), and the polit­i­cal arm of the Her­itage Foun­da­tion that led the charge to shut down the gov­ern­ment over the Afford­able Care Act: Her­itage Action . . . .

. . . . More than any other group work­ing to repeal the Afford­able Care Act, Her­itage Action pushed for a sus­tained gov­ern­ment shut­down in the fall of 2013, tak­ing the coun­try to the brink of a poten­tially cat­a­strophic debt default.

Lay­ing the ground for that strat­egy, Her­itage Action held a nine-city “Defund Oba­macare Town Hall Tour” in August 2013, pro­vid­ing a plat­form for Texas Sen­a­tor Ted Cruz to address crowds of cheer­ing tea party supporters.

For Cruz, increas­ingly spo­ken of as a 2016 Pres­i­den­tial can­di­date, the gov­ern­ment shut­down helped raise his pro­file and build his sup­porter — and donor — base.

Notably, Her­itage Action received $500,000 from the Koch-funded and Koch-operative staffed Free­dom Part­ners in 2012. It is not yet known how much Her­itage Action received in 2013 from sources other than Google.

Per­haps sur­pris­ingly, Google has a his­tory of sup­port­ing Cruz. Via its Polit­i­cal Action Com­mit­tee – Google Inc. Net PAC – the PAC pro­vided the “Ted Cruz for Sen­ate” cam­paign with a $10,000 con­tri­bu­tion in 2012. Addi­tion­ally, despite being five years out from the fresh­man Senator’s next elec­tion, Google’s PAC has already made a $2,500 con­tri­bu­tion to the Cruz reelec­tion cam­paign for 2018, the largest amount that the PAC has given so far to any Sen­ate can­di­date run­ning that elec­tion year accord­ing to dis­clo­sures made by Google.

Amer­i­cans for Tax Reform (ATR), the anti-government group run by Repub­li­can oper­a­tive Grover Norquist, was another new recip­i­ent of fund­ing from Google in 2013. ATR is best known for its “Tax­payer Pro­tec­tion Pledge,” and for its fun­da­men­tal­ist attacks on any Repub­li­can who might dare to vote for any increase in taxes. Accord­ing to the Cen­ter for Respon­sive Pol­i­tics, ATR received 85% of its fund­ing in 2012 ($26.4 mil­lion) from the ultra-partisan Karl Rove-run Cross­roads GPS, another dark money group.

ATR Pres­i­dent Grover Norquist infa­mously said that he wants to shrink gov­ern­ment “down to the size where we can drown it in the bath­tub.” Google’s posi­tion on the rel­a­tive size of gov­ern­ment ver­sus bath­tubs is not known, but accord­ing to a Bloomberg analy­sis of Google’s U.S. cor­po­rate fil­ings, it avoids approx­i­mately $2 bil­lion dol­lars glob­ally in tax pay­ments each year through the use of cre­ative tax shelters. . . .

4. A new “app” for Apple’s Iphone permits retail outlets to monitor customers–effectively taking those people under surveillance.

“Privacy Advocates Worry over New Apple iPhone Tracking Feature” by Aaron Pressman [The Exchange]; Yahoo News; 1/10/2014. 

Barely noticed by most consumers, Apple’s (AAPL) latest software upgrade for iPhones, iOS 7, included a capability for malls, museums or stadiums to identify visitors and track their movements indoors with a startling degree of accuracy.

Known as iBeacons, the feature allows a store to pop up, say, a coupon offer for Coca Cola on a customer’s phone just as they pass by the soda aisle. It also allows the store to track and record a customer’s movements for later analysis.

The rapid growth of smartphone use has opened a huge new opportunity for marketers to collect detailed location data on consumers, so far mostly outdoors. But the sensitivity of the information has already sparked numerous controversies, including in 2011 when iPhone users discovered their phones were keeping a list of their movements in an unencrypted text file.

And Nordstrom (JWN) created a stir when it was caught last year secretly tracking shoppers’ mobile phones via Wifi in 17 stores. The department store chain quickly ended the practice, which did not include identifying the phones’ owners, after the controversy erupted.

With iBeacons, unlike some more-surreptitious retail location tracking systems that have come to light, however, iPhone users have to give their consent to be tracked by installing an app. So far, just Apple’s own Apple Store app on the iPhone, and coupon and rewards apps from a company called inMarket have disclosed they will use iBeacons for tracking customers.

The scope of risks

But some privacy advocates are concerned the simple explanations offered by the apps when they seek a consumer’s consent don’t come close to revealing just how much data could be collected or how it will be used.

“The scope and the risks and the sharing that takes place now is so far beyond the disclosures consumers typically see,” warns Fordham University law professor Joel Reidenberg. “They’re not in a position to really know.” . . . .

5. As we contemplate the integrity of high-tech corporations, note this article about monopolistic practices by Silicon Valley high-tech companies. Are these entities trustworthy? Do you trust them with your personal information?

“The Tech­to­pus: How Sil­i­con Valley’s Most Cel­e­brated CEOs Con­spired to Drive Down 100,000 Tech Engi­neers’ Wages” by Mark Ames; Pan­do­Daily; 1/23/2014.

In early 2005, as demand for Sil­i­con Val­ley engi­neers began boom­ingApple’s Steve Jobs sealed a secret and ille­gal pact with Google’s Eric Schmidt to arti­fi­cially push their work­ers wages lower by agree­ing not to recruit each other’s employ­ees, shar­ing wage scale infor­ma­tion, and pun­ish­ing vio­la­tors. On Feb­ru­ary 27, 2005, Bill Camp­bell, a mem­ber of Apple’s board of direc­tors and senior advi­sor to Google, emailed Jobs to con­firm that Eric Schmidt “got directly involved and firmly stopped all efforts to recruit any­one from Apple.”

Later that year, Schmidt instructed his Sr VP for Busi­ness Oper­a­tion Shona Brown to keep the pact a secret and only share infor­ma­tion “ver­bally, since I don’t want to cre­ate a paper trail over which we can be sued later?”

These secret con­ver­sa­tions and agree­ments between some of the biggest names in Sil­i­con Val­ley were first exposed in a Depart­ment of Jus­tice antitrust inves­ti­ga­tion launched by the Obama Admin­is­tra­tion in 2010. That DOJ suit became the basis of a class action law­suit filed on behalf of over 100,000 tech employ­ees whose wages were arti­fi­cially low­ered — an esti­mated $9 bil­lion effec­tively stolen by the high-flying com­pa­nies from their work­ers to pad com­pany earn­ings — in the sec­ond half of the 2000s. Last week, the 9th Cir­cuit Court of Appeals denied attempts by Apple, Google, Intel, and Adobe to have the law­suit tossed, and gave final approval for the class action suit to go for­ward. A jury trial date has been set for May 27 in San Jose, before US Dis­trict Court judge Lucy Koh, who presided over the Samsung-Apple patent suit.

In a related but sep­a­rate inves­ti­ga­tion and ongo­ing suit, eBay and its for­mer CEO Meg Whit­man, now CEO of HP, are being sued by both the fed­eral gov­ern­ment and the state of Cal­i­for­nia for arrang­ing a sim­i­lar, secret wage-theft agree­ment with Intuit (and pos­si­bly Google as well) dur­ing the same period.

The secret wage-theft agree­ments between Apple, Google, Intel, Adobe, Intuit, and Pixar (now owned by Dis­ney) are described in court papers obtained by Pan­do­Daily as “an over­ar­ch­ing con­spir­acy” in vio­la­tion of the Sher­man Antitrust Act and the Clay­ton Antitrust Act, and at times it reads like some­thing lifted straight out of the rob­ber baron era that pro­duced those laws. Today’s inequal­ity cri­sis is America’sworst on record since sta­tis­tics were first recorded a hun­dred years ago — the only com­par­i­son would be to the era of the rail­road tycoons in the late 19th century.

Shortly after seal­ing the pact with Google, Jobs strong-armed Adobe into join­ing after he com­plained to CEO Bruce Chizen that Adobe was recruit­ing Apple’s employ­ees. . . .

6. Bill Moyers has noted the sort of oppressive behavior that corproations are capable of manifesting.

“You Won’t Believe How One Chem­i­cal Com­pany Tried to Dis­credit a Scientist’s Research”; BillMoyers.com; 2/10/2014.

Rachel Aviv has a reported piece in The New Yorker that reads like pulp fic­tion. She tells the tale of a sci­en­tist who dis­cov­ered that a pop­u­lar her­bi­cide may have harm­ful effects on the endocrine sys­tem. As he con­tin­ued to inves­ti­gate the mat­ter, he came to believe that the chemical’s man­u­fac­turer was out to get him. He thought they were fol­low­ing him to con­fer­ences, tap­ping his phones and sys­tem­at­i­cally try­ing to drive a wedge between him and the sci­en­tific com­mu­nity. Many of his col­leagues believed that he was para­noid until a law­suit yielded a slew of inter­nal cor­po­rate doc­u­ments show­ing that every­thing he imag­ined the com­pany had been doing to dis­credit his work had in fact been true.

As Kath­leen Geier put it for the Wash­ing­ton Monthly, “This story reads like your most para­noid, far-out con­spir­a­to­r­ial left-wing night­mare come true.” . . .

7. In an inter­view with USA Today, for­mer NSA chief Michael Hay­den urged the rejec­tion of an advi­sory panel’s sug­ges­tions con­cern­ing the NSA.

He noted that meta­data would be far more secure with NSA than with inter­net and/or telecom­mu­ni­ca­tions com­pa­nies and/or “third par­ties.” (Such stor­age was among the rec­om­men­da­tions of the panel.)

Hayden’s point is very well taken. In a future episode of “The Adven­tures of Eddie the Friendly Spook,” we will dis­cuss the “pub­lic ver­sus pri­vate” dynamic at play here.

Hay­den also notes that the Fourth Amend­ment is not an inter­na­tional treaty. It does not, and never has, applied to U.S. citizens.

“For­mer NSA Chief: Reject Pro­pos­als” by Susan Page; USA Today; 12/31/2013; p. 4A.

In the inter­view with USA Today’s weekly video news­maker series. Hayden:

  • Said the vast data on Amer­i­cans phone records are “far safer and pri­vacy is far more secured with NSA hold­ing the data than some third party.” The com­mis­sion rec­om­mended that the phone com­pa­nies or a third party take over stor­ing the data.” . . . .
  • . . . . Ridiculed a pro­posal to increase pro­tec­tions for per­sonal data about non-citizens abroad. “The Fourth Amend­ment to our Con­sti­tu­tion is not an inter­na­tional treaty,” he said. For those who aren’t cov­ered by its pro­tec­tions, he said, “if your com­mu­ni­ca­tions con­tain infor­ma­tion that make Amer­i­cans more safe and more free, game on.”

8. Michael del Castillo takes stock of the possibiltiy that Palantir might become the repository for the metadata. We analyzed Palantir in FTR #757. Palantir’s largest stock holder is Peter Thiel, whom we analyzed in FTR #718–In Your Facebook: A Virtual Panopticon?

“Who will be Obama’s ‘Third Party?’” by Michael del Castillo; Upstart Busi­ness Jour­nal; 1/21/2014.

The UpTake: Cit­i­zens of the world who were tired of how much of their per­sonal data the U.S. gov­ern­ment con­trolled may soon have to get used to a dif­fer­ent dilemma: That same infor­ma­tion being con­trolled by a pri­vate company.

There’s a startup in the rafters that’s just been wait­ing for this moment.

Last Fri­day, Pres­i­dent Barack Obama announcedsweep­ing changes to the way the gov­ern­ment stores and ana­lyzes infor­ma­tion about tele­phone calls both in the United States and around the world.

Though he [Obama] made it very clear that the National Secu­rity Agency will soon cease keep­ing a store of all those ones and zeros, he left his options open as to whether the new gate­keep­ers will be the telecom­mu­ni­ca­tions com­pa­nies them­selves, or some mys­te­ri­ous “third party.”

From the moment he said those two words I couldn’t get one word out of my head: Palantir.

Cofounded in 2004 by Pay­Pal cofounder Peter Thiel, who is also an investor through his Founders Fund ven­ture cap­i­tal firm, the Palo Alto, California-based com­pany that raised $605 mil­lion in ven­ture cap­i­tal accord­ingto Crunch­base, took its seed round of fund­ing from In-Q-Tel, the ven­ture cap­i­tal branch of the U.S. intel­li­gence community.

Since then, Palantir’s tech­nol­ogy, which the Times called “the most effec­tive tool to date to inves­ti­gate ter­ror­ist net­works,” has been used to “detect and elim­i­nate sophis­ti­cated crim­i­nal activ­ity,” to “har­ness massive-scale cyber data to under­stand net­work activ­ity, limit expo­sure and harden secu­rity against cyber secu­rity threats,” and to “effi­ciently, effec­tively, and securely exploit and ana­lyze data to drive more informed oper­a­tion of plan­ning and strate­gic deci­sion mak­ing,” accord­ing to the company’s own site.

With employ­ees like for­mer CIA and FBI “coun­tert­er­ror­ist” Nada Nadim Prouty, who served the gov­ern­ment until it was dis­cov­eredshe wasn’t in the coun­try legally, for­mer U.S. Rep­re­sen­ta­tive Glenn Nye, and for­mer U.S. ambas­sador to Greece and Belarus Daniel Speck­hard all listed as cur­rent employ­ees of Palan­tir on LinkedIn, the com­pany would likely have few prob­lems serv­ing as a bridge between the pri­vate sec­tor and the public.

But what per­haps makes Palan­tir most inter­est­ing as a poten­tial “third party” to hold the telecom­mu­ni­ca­tions industry’s meta­data is the company’s founders’ stated lib­er­tar­ian leanings.

Palantir’s biggest rival, I2, was acquired by IBM in 2011, leav­ing pri­vate defense con­trac­tors and a hand­ful of other In-Q-Tel-funded big data star­tups as what we con­sider top con­tenders for the “third party” position.

Unless of course, the gov­ern­ment (and those who elected the gov­ern­ment) don’t mind hav­ing IBM or another mas­sive con­glom­er­ate hold­ing onto their pri­vate data.

Either way, some com­pany, or group of com­pa­nies, is about to take cen­ter stage in the pri­vacy debate in a pretty big way.

Per­haps the sin­gle most impor­tant ques­tion in the entire debate is this: Who would we really pre­fer holds onto all that meta­data that paints a per­sonal pic­ture of our lives, but can also be used to pro­tect us? The gov­ern­ment, the phone com­pa­nies, old-school big data firms, or a newby to the game with some seri­ous startup cred?

We reached out to Palan­tir for com­ment and will keep you posted as we learn more.

9. With regard to due legal process and judicial oversight, WHAT court of judicial body authorized Edward Snowden or Bradley Manning to do what they did? They are NOT whistleblowers! They used web-crawling technology to vacuum a number of files far too voluminous for them to have read. Who authorized THEM to do what they did?

What judicial authority oversees who gets that information or what is done with that!

“Snowden Used Low-Cost Tool to Best N.S.A.” by David E. Sanger and Eric Schmitt; The New York Times; 2/8/2014.

Intelligence officials investigating how Edward J. Snowden gained access to a huge trove of the country’s most highly classified documents say they have determined that he used inexpensive and widely available software to “scrape” the National Security Agency’s networks, and kept at it even after he was briefly challenged by agency officials.

Using “web crawler” software designed to search, index and back up a website, Mr. Snowden “scraped data out of our systems” while he went about his day job, according to a senior intelligence official. “We do not believe this was an individual sitting at a machine and downloading this much material in sequence,” the official said. The process, he added, was “quite automated.” . . . .

. . . . Similar techniques were used by Chelsea Manning, then known as Pfc. Bradley Manning, who was convicted of turning documents and videos over to WikiLeaks in 2010. . . .

10. John Young, an orig­i­nal Wik­iLeaks founder, on why he broke with the group:

Again, what judicial or governmental/civic authority has sanctioned WikiLeaks’ activities?

“Wikileaks’ Estranged Co-Founder Becomes a Critic (Q&A)” by Declan McCullagh; C/Net; 7/20/2010.

“. . . they’re act­ing like a cult. They’re act­ing like a reli­gion. They’re act­ing like a gov­ern­ment. They’re act­ing like a bunch of spies. They’re hid­ing their iden­tity. They don’t account for the money. They promise all sorts of good things. They sel­dom let you know what they’re really up to. . . There was sus­pi­cion from day one that this was entrap­ment run by some­one unknown to suck a num­ber of peo­ple into a trap. So we actu­ally don’t know. But it’s cer­tainly a stan­dard coun­ter­in­tel­li­gence tech­nique. . . .” 

11. WikiLeaks is partnered with the Russian “phishing mafia”–sophisticated internet criminals who datamine for criminal purposes.

Note, also, the enormous body of information that Assange claims he has amassed. What judicial or governmental authority has sanctioned WikiLeaks to utilize this information?

Notice in the following passage how much data WikiLeaks seems to have. Do YOU trust them with that information? What court authorization do they have to amass so much data about so many people?

http://cryptome.org/wikileaks/wikileaks-leak.htm

To: John Young
From: Wik­ileaks
Sub­ject: martha stu­art pgp
Date: Sun, 7 Jan 2007 12:20:25 –0500

J. We are going to fuck them all. Chi­nese mostly, but not entirely a feint. Inven­tion abounds. Lies, twists and dis­torts every­where needed for pro­tec­tion. Hack­ers mon­i­tor Chi­nese and other intel as they bur­row into their tar­gets, when they pull, so do we.

Inex­haustible sup­ply of mate­r­ial. Near 100,000 documents/emails a day. [Ital­ics are mine–D.E.] We’re going to crack the world open and let it flower into some­thing new. If fleec­ing the CIA will assist us, then fleece we will. We have pull­backs from NED, CFR, Free­dom­house and other CIA teats. We have all of pre 2005 Afghanistan. Almost all of India fed. Half a dozen for­eign min­istries. Dozens of polit­i­cal par­ties and con­sulates, World­bank, apec, UN sec­tions, trade groups, Tibet and Fulan Dafa asso­ci­a­tions and… Russ­ian phish­ing mafia who pull data every­where. We’re drown­ing. We don’t even know a tenth of what we have or who it belongs to. We stopped stor­ing it at 1Tb.” . . . .

12. More about the ele­ment of Russ­ian orga­nized crime involved with WikiLeaks–what Assange in an inter­view called “Russ­ian phish­ing mafia.” In what may be a log­i­cal devel­op­ment from WikiLeaks’ partnership with the “phishers,” a Russ­ian mafia data theft con­sor­tium is host­ing their OWN wik­iLeaks! And Assange and co are appar­ently not com­ment­ing on it or doing any­thing to redi­rect those look­ing for the “Real” Wik­iLeaks to the right sites.

“Wik­iLeaks Mir­ror Mal­ware Warn­ing” by Quentin Jenk­ins; Spamhaus; 12/14/2010.

…Spamhaus has for over a year regarded Hei­hachi as an out­fit run ‘by crim­i­nals for crim­i­nals’ in the same mould as the crim­i­nal Est­do­mains. The Panama-registered but Russian-run heihachi.net is highly involved in bot­net com­mand and con­trol and the host­ing of Russ­ian cyber­crime. We also note that the con­tent at mirror.wikileaks.info is rather unlike what’s at the real Wik­ileaks mir­rors which sug­gests that the wikileaks.info site may not be under the con­trol of Wik­ileaks itself, but rather some other group. You can find the real site at wikileaks.ch, wikileaks.is, wikileaks.nl, and many other mir­ror sites around the world.

…Cur­rently wikileaks.info is serv­ing leaked doc­u­ments to the world, from a server con­trolled by Russ­ian cyber­crim­i­nals, to an audi­ence that faith­fully believes any­thing with a ‘Wik­ileaks’ logo on it. That has got to send shiv­ers down the spines of ratio­nal minds.

…In a state­ment released today on wikileaks.info enti­tled “Spamhaus’ False Alle­ga­tions Against wikileaks.info”, the per­son run­ning the wikileaks.info site (which is not con­nected with Julian Assange or the real Wik­ileaks orga­ni­za­tion) called Spamhaus’s infor­ma­tion on his cyber­crime host “false” and “none of our busi­ness” and called on peo­ple to con­tact Spamhaus and “voice your opin­ion”. Con­se­quently Spamhaus has now received a num­ber of emails some ask­ing if we “want to be next”, some telling us to stop black­list­ing Wik­ileaks (obvi­ously they don’t under­stand that we never did) and oth­ers claim­ing we are “a pawn of US Gov­ern­ment Agencies”.

…Few of the peo­ple who con­tacted us realised that the ‘press release’ they had read was not writ­ten by Wik­ileaks and not issued by Wik­ileaks — but by the wikileaks.info site only — the very site we are warn­ing about (which by no coin­ci­dence is hosted on the same Russ­ian based cybercrime-run heihachi.net server as irc.anonops.net). Many peo­ple thought that the “press release” was issued “by Wik­ileaks”. In fact there has been no press release about this by Wik­ileaks and none of the offi­cial Wik­ileaks mir­rors sites even recog­nise the wikileaks.info mir­ror. We won­der how long it will be before Wik­ileaks sup­port­ers wake up and start to ques­tion why wikileaks.info is not on the list of real Wik­ileaks mir­rors at wikileaks.ch.

… Spamhaus con­tin­ues to warn Wik­ileaks read­ers to make sure they are view­ing and down­load­ing doc­u­ments only from an offi­cial Wik­ileaks mir­ror site. Mean­while, despite many attempts to con­tact the real Wik­ileaks, there has been no word from Wik­ileaks itself. . . .


Discussion

10 comments for “FTR #774 The Adventures of Eddie the Friendly Spook, Part 14: The Corporate Connections and the Public vs. Private Dynamic”

  1. Meet the new boss. Same as the old boss but with additional NSA-like capabilities:

    February 17, 2014 6:18 pm
    Data pioneers watching us work

    By Hannah Kuchler

    In a back street in San Francisco’s start-up dominated SoMa district, a rapidly growing business is busy studying how millions of employees behave each day. Its computers know in real time why a worker was hired, how productive they are and can even follow them as they move to a new job.

    Evolv is a leader in the nascent Quantified Workplace movement, where big data analytics companies are springing up to measure how we work. “Every week we figure out more things to track,” says Max Simkoff, Evolv’s co-founder and chief executive, who claims it can help improve productivity by at least 5 per cent in two-thirds of jobs.

    More than half of human resources departments around the world report an increase in the use of data analytics compared with three years ago, according to a recent survey by the Economist Intelligence Unit. But many employees are still blissfully unaware of how information they may deem private is being analysed by their managers.

    For its part, Evolv analyses more than half a billion “employee data points” from across 13 countries, seeking to identify patterns across companies and industries. These data points range from how often employees interact with their supervisor to how long it takes a worker to get to the office.

    Evolv’s clients use them to help guide their hiring decisions, as well as to evaluate an employee’s performance throughout his or her career.

    The company has so far focused on customer-facing industries such as retailers and call centres. One client is Kelly, an employment agency. It says it has seen a 7 per cent improvement in employee efficiency across the board by incorporating Evolv’s insights into its hiring policy.

    Novo1, a US company that runs customer call centres and has more than 2,000 employees, identified the characteristics of its most successful call operators and hired more people like them. This cut job interviews down to 12 minutes from an hour, reduced average call time by a minute and slashed attrition by 39 per cent.

    Another pioneering outfit is Sociometric Solutions, which puts sensors in name badges to discover social dynamics at work. The badges monitor how employees move around the workplace, who they talk to and in what tone of voice.

    One client, Bank of America, discovered that its more productive workers were those allowed to take their breaks together, in which they let off steam and shared tips about dealing with frustrated customers.

    The bank took heed and switched to collective breaks, after which performance improved 23 per cent and the amount of stress in workers’ voices fell 19 per cent.

    Ben Waber, Sociometric Solutions co-founder and chief executive, thinks the badges can be deployed far beyond sales and customer service. He sees big opportunities in pharmaceuticals, for instance, where productivity is hard to measure because new drugs might emerge only once in a decade: “The rest of the time, they have no idea.”

    Another company, Steelcase, which puts sensors in office furniture and buildings to see how workers interact, thinks the real opportunity for workplace monitoring is far from the call-centre floor – in opaque creative departments and even boardrooms, where time is especially precious.

    David Lathrop, its director of research and strategy, says the sensors are now so cheap they can be put “practically everywhere”, arguing that employees could benefit by tracking their own performance.

    Improving the productivity of top executives “has a disproportionate effect on the company”, he adds.

    Lew Maltby, president of the US National Workrights Institute, says electronic monitoring could be a “very valuable tool” for employers, by providing evidence for sexual harassment suits or assessing productivity in data entry jobs, for example.

    But he says most employees “haven’t got a clue” about the extent to which their emails are already monitored, or about the information their employer can access from their work computer and smartphone.

    Employees may have little in the way of legal grounds for challenging an extension of this data gathering. He says there was a spate of legal cases in the US a few years ago about the monitoring of work computers and employees lost every one of them.

    “No employee has ever won an in­vasion of privacy case based on an employer monitoring their computer,” he says.

    Even those who are involved in the growing industry believe there needs to be more discussion about when and how the data are used. Professor Andrew Knight from Washington University in St Louis works with data from both Evolv and Sociometric Solutions to study workplace behaviour.

    But he thinks constant monitoring is a “scary image for the future” that could “remove some of the authenticity of those [workplace] relationships”.

    Posted by Pterrafractyl | February 18, 2014, 2:36 pm
  2. Who is more likely to cause you harm? The NSA or anybody or everybody else?

    “Crowdpilot’ app lets strangers LISTEN to your PHONE CALLS”

    http://dailycaller.com/2014/02/20/crowdpilot-app-lets-strangers-listen-to-your-phone-calls/#ixzz2ttek0E72

    “The NSA isn’t the only ones capable of tapping phone calls anymore thanks to a new smartphone app called ‘Crowdpilot,’ which could potentially let anyone listen in on your calls without your knowledge.”

    Read more: http://dailycaller.com/2014/02/20/crowdpilot-app-lets-strangers-listen-to-your-phone-calls/#ixzz2txy0tnPN

    Posted by GK | February 21, 2014, 6:22 am
  3. Privacy advocates should probably take note of this: We’re learning more about why the Koch brothers recently bought Molex for $7.2 billion. They want to be key players in the ‘internet of everything’:

    Feb 28, 2014, 5:00am CST
    Charles Koch: business giant, bogeyman, benefactor and elusive (until now) — exclusive interview
    Daniel McCoy
    Reporter- Wichita Business Journal

    Charles Koch.

    To the American business world, he’s a giant — head of the nation’s second largest private company.

    To the political world, he is, by turns, the country’s No. 1 bogeyman and benefactor.

    To Wichita, he is the Wizard of Oz — ever-present yet rarely seen, influential but invisible.

    To the media, and by extension the public, Charles Koch is elusive and inscrutable.

    Until now.

    In a rare extended interview with the Wichita Business Journal, Koch spoke expansively with Editor in Chief Bill Roy and Reporter Daniel McCoy, explaining in detail his political convictions, his involvement in Americans for Prosperity and his disdain for what he calls rampant cronyism.

    He criticizes business leaders who say they believe in a free-market system, but do their best to manipulate that system by working to impose regulations on their competitors or going for “smash and grab, short-term profits.”

    Koch says he’s used to being on the receiving end of criticism and name calling, but he’s hoping that the country can get to a point of civil discourse.

    Koch also discussed his commitment to Wichita, his expanding interest in electronics and biotechnology and where those interests may take his beloved Koch Industries, where he became CEO 47 years ago.

    We met with Charles Koch in his office Feb. 18, 2014.

    (Koch Industries is adding a new 210,000-square-foot building on its campus.) What does the local expansion mean for your operations here in Wichita?

    It mainly keeps all our people in Wichita on the same campus, so it improves communications, collaboration, cooperation. We’re full now, so this will give us capacity for about 750 people. That should hold us for another couple of years.

    What is the short-term and long-term value of the Molex purchase for Koch Industries?

    Short term, they are way ahead of us in transforming their business processes to fully incorporate information technology. For example, knowing where there products are, being tied in to their customers on their inventory — what their needs are, how they’re changing — and we try very hard to do that on a personal level. But we’re not up to where they are in having information technology really guide all aspects of our business. So that’s the first thing we’re doing. We’re bringing people in from there over to lead that effort in getting us caught up throughout Koch Industries. We have some businesses that are pretty far along, some are quite behind. So they’ve got a big job here to do that. That’s the short-term how they can help us. Then how we can help them, as a public company with limited capital they did very little in acquisitions. So they need help in business development. We’re supplying that capability to them to integrate that with their businesses. Then, really broadening their vision. I would say they have (some) particularly outstanding capabilities. One is in connectors, another is in cables, and another is in microtechnology. And another is innovation. The lifecycle in their products is typically two to seven or eight years. They can’t fool around with innovation. They’ve got to get an idea built and commercialized immediately. And some of our stuff takes too long. We have a lot of great innovation, but we don’t have the sense of urgency through our organization or the systems to drive it as quickly as they do. That’s another thing we can learn from them. And then another thing, they make so many parts. If we’re making cases of toilet paper we may make a few million. But they make billions (of parts). So high-speed production is another capability. Then another one that we’re adding for them is economic thinking. All the different businesses and different options we’ve had, that’s been one of my central interests going back 50 years and something that we’ve really developed. So that’s one they’re looking forward to. How to do Marshall Analysis better, how to understand the profitability, understand opportunity costs, understand those things much better.

    Then longer term, and this is what I think if we can pull it off is the home run, and that’s the Internet of everything. And this is part of broadening their vision, which they really couldn’t do as a relatively small, public company with their limited resources. That’s to take their base capabilities, find others, either through acquisitions, or a combination of acquisitions and internal development, and be able to create systems that will bring products and processes alive. The Internet of things is creating things that learn. One of the things we’ll be doing is having their people that are best at these kinds of systems visit our plants — here’s how to have your equipment tell you when it needs maintenance better, and tell you when it’s not being fully optimized and re-optimize itself. Guardian is doing this with glass. You tell it what temperature you want, how much light you want to come through, and it will automatically change. Or how do you build a computer right into your mirror so that you just touch it and get … whatever? There is a lot of this out there, and there is so much more that can be done. We think the future is smart everything. We believe the combination of their capabilities and what we’re trying to do, I mean, the sky is the limit. It’s really exciting. And what that will do for peoples’ lives, what it will do for the standard of living for everybody … And then as you learn, the learning curve is so steep, it gets cheaper and cheaper so virtually everybody can afford it.

    Yep, consumer products giant Koch Industries wants to invest heavily in smart products that learn that will also, presumably, be connected to the internet. Smart products like computers in our mirrors. Sounds ideal!

    Actually, upon reflection, smart mirrors hooked up to the internet may not be very ideal.

    Posted by Pterrafractyl | March 1, 2014, 7:15 pm
  4. License plate scanning: it’s real world meta-data floating around in the public sphere that’s not in any way encrypted:

    Beta Boston
    A vast hidden surveillance network runs across America, powered by the repo industry
    Shawn Musgrave
    Big Data is Watching
    Shawn Musgrave 3/5/2014

    Few notice the “spotter car” from Manny Sousa’s repo company as it scours Massachusetts parking lots, looking for vehicles whose owners have defaulted on their loans. Sousa’s unmarked car is part of a technological revolution that goes well beyond the repossession business, transforming any ­industry that wants to check on the whereabouts of ordinary people.

    An automated reader attached to the spotter car takes a picture of every ­license plate it passes and sends it to a company in Texas that already has more than 1.8 billion plate scans from vehicles across the country.

    These scans mean big money for Sousa — typically $200 to $400 every time the spotter finds a vehicle that’s stolen or in default — so he runs his spotter around the clock, typically adding 8,000 plate scans to the database in Texas each day.

    “Honestly, we’ve found random apartment complexes and shopping ­plazas that are sweet spots” where the company can impound multiple vehicles, explains Sousa, the president of New England Associates Inc. in Bridgewater.

    But the most significant impact of Sousa’s business is far bigger than locating cars whose owners have defaulted on loans: It is the growing database of snapshots showing where Americans were at specific times, information that everyone from private detectives to ­insurers are willing to pay for.

    While public debate about the license reading technology has centered on how police should use it, business has eagerly adopted the $10,000 to $17,000 scanners with remarkably few limits.

    At least 10 repossession companies in Massachusetts say they mount the scanners on spotter cars or tow trucks, and Digital Recognition Network of Fort Worth, Texas, claims to collect plate scans of 40 percent of all US vehicles annually.

    Today, a legislative committee in Boston is scheduled to hold a hearing on a bill that would ban most uses of license plate readers, including the vehicle repossession business, making exceptions only for law enforcement, toll collection, and parking regulation.

    “We have technology rapidly moving ahead in terms of its ability to gather information about people,” said state Representative Jonathan Hecht, a Watertown Democrat who filed the bill, “We need to have a conversation about how to balance ­legitimate uses of this technology with protecting people’s ­legitimate expectation of privacy.”

    But Digital Recognition and other so-called “data brokers” who collect plate scans are fighting Hecht’s bill, arguing that repo agents are not invading privacy when they scan a ­license plate, which is available for all to see. The data brokers do not disclose the owner of the plates, they point out, though customers such as banks, insurers, and private investigators have ready access to that information.

    Brian Shockley — vice president of marketing at Vigilant, corporate parent of Digital Recognition — plans to warn legislators that Massachusetts risks getting left behind in the use of a new tool that helps fight crime.

    “I fear that the proposed legislation would essentially create a safe haven in the Commonwealth for certain types of criminals, it would reduce the safety of our officers, and it could ultimately result in lives lost,” Shockley is scheduled to say in testimony prepared for the hearing before the Joint Transportation Committee.

    License plate scanning technology has been around for ­decades — the British police originally adopted it in the 1970s to track the Irish Republican Army members — but it only came into wide use in the last decade as cheaper but highly effective models became available. These scanners use high-speed cameras and optical character recognition technology to capture up to 1,800 plates per minute, even at high rates of speed and in difficult driving conditions. The scanner also ­records the date, time, and GPS location of each scan.

    Since 2008, more than 60 Massachusetts police departments have started using scanners to track down drivers with unpaid tickets, no insurance, or driving stolen vehicles, but the trend has raised concern about potential privacy invasions. In December, Boston police suspended their use of plate scanners altogether after a Globe investigation reported questionable data management, including the accidental public release of more than 69,000 ­license plate numbers that had been scanned over six months.

    Meanwhile, private companies were quietly and rapidly finding ways to profit from much larger databases with little public discussion. Digital Recognition Network, with the help of about 400 repossession companies across the United States, has increased the number of ­license scans in its database tenfold since September 2010, and the firm continues to add another 70 million scans per month, according to company disclosures. Digital Recognition’s top rival, Illinois-based MVTRAC, has not disclosed the size of its database, but claimed in a 2012 Wall Street Journal interview to have scans of “a large majority” of vehicles registered in the United States.

    Unlike law enforcement agencies, which often have policies to purge their computers of license records after a certain period of time, the data brokers are under no such obligation, meaning their databases grow and gain value over time as a way to track individuals’ movements and whereabouts.

    Massachusetts private investigator Jay Groob said he uses the license plate database kept by a third data broker, TLOxp, paying $25 for a comprehensive report from the Florida-based company’s “very impressive” database of a billion-plus scans.

    “It helps generate other leads,” said Groob, president of American Investigative Services in Brookline. “If a vehicle has been missing, or you need to ­locate a person, this gives us ­another locus to investigate.”

    Groob said he would use the database to track a missing person or conduct background investigations for child custody or marital infidelity litigation. Groob said he “absolutely” foresees vehicle location data becoming part of private investigators’ standard toolkit.

    Chris Metaxas, chief executive of Digital Recognition, has promoted his database as a useful tool for anyone else who has to confirm a person’s real address “because most of the time people are near where their cars are.” He told the Globe that his database is already helping the auto insurance industry cut down on fraud in which where applicants falsely claim to live in a place where insurance rates are lower.

    “Some people have a condo in Florida but actually live in New York ten months out of year,” said Metaxas. “Insurers need help to keep this kind of fraud under control.”

    But the main commercial use of license plate scanners ­remains the auto finance and auto repossession industries, two professions that work closely together to track down people who default on their loans. Digital Recognition lists Bank of America Corp., JPMorgan Chase & Co., HSBC Holdings, and Citibank among its clients, while MVTRAC boasts that it serves 70 percent of the auto finance industry.

    Liran Cohen — owner of Massa­chusetts Recovery ­Bureau, a repossession company in Lynn — said most banks he works with now require repossession contractors to use ­license plate readers because it is so much easier to find vehicles eligible for repossession.

    “The banks want it,” said ­Cohen, who mounted his ­license scanner on an unmarked tow truck. “All of them make a big deal out of it, since it gives them so much value.”

    But the use of scanners has grown so fast that there has been little discussion of what limits, if any, to place on repossession agents as they trawl for vehicles to impound. A number of such companies contacted by the Globe confirmed that they often send their spotter cars to commercial lots, such as shopping mall parking lots, because those tend to be hotspots for ­vehicles to repossess.

    In fact, on its website Digital Recognition described what it calls good “target environments” for repossession agents, including “malls, movie ­theaters, sporting events, and numerous other locations.” In marketing materials, the firm has indicated that it suggests routes for repossession companies that focus on workplaces and commercial lots during the day and apartment complexes and residential areas at night.

    The burgeoning private data­bases of license plates may ultimately be a boon to law, as well, giving them access to a trove of license plates that many are not ­allowed to keep themselves, ­because of data-purging requirements. Hecht’s bill would require law enforcement statewide to purge its license plate data after 48 hours.

    Digital Recognition already provides its entire data pool to more than 3,000 law enforcement agencies nationwide, free of charge for most searches. The Massachusetts State Police is a registered subscriber, as are the Boston, Cambridge, Somerville, Brookline, and Quincy ­police departments. Even ­Boston College and Brandeis police have access to the firm’s entire scan database.

    License plate reader companies have defeated proposals similar to the one before the Legislature’s Joint Transportation Committee, and they sued the state of Utah after it enacted a ban on commercial use of license plate scanning. In its filing, Digital Recognition asserts that its field agents have a First Amendment right to collect pictures of license plates in public places.

    But privacy advocates say the databases are far more intrusive than the data brokers admit, arguing that private businesses can easily translate anonymous-sounding license plate numbers into owners’ names just by obtaining information from states’ motor vehicle registries. In Massachusetts, for example, private inves­tigators can get access to the Registry of Motor Vehicles directly, and insurance companies and banks may already know the plate number for a given individual.

    “Right now, it’s the wild West in terms of how companies can collect, process, and sell this kind of data,” says Kade Crockford of the American Civil Liberties Union of Massachusetts. “The best legal minds, best public policy thinkers, and ordinary people whose lives are affected need to sit down and think of meaningful ways we can regulate it.”

    This story reminds us of one more reason why the balance between privacy and security can’t rely on better encryption alone: you can’t encrypt reality very easily. But wouldn’t it be kind of neat if we could encrypt reality? No?

    Posted by Pterrafractyl | March 5, 2014, 9:20 am
  5. Here’s a story folks in the US should probably keep an eye on in order to understand why so many flying eyes might be on us in the future: According to a federal judge’s ruling, as long as a drone is tiny enough it can’t be regulated by the FAA:

    FAA has no jurisdiction over small commercial drones, judge rules

    BY Joan Lowy, Associated Press March 7, 2014 at 10:32 AM EST

    WASHINGTON — A federal judge has dismissed the Federal Aviation Administration’s only fine against a commercial drone user on the grounds that the small drone was no different than a model aircraft, a decision that appears to undermine the agency’s power to keep a burgeoning civilian drone industry out of the skies.

    Patrick Geraghty, a National Transportation Safety Board administrative law judge, said in his order dismissing the $10,000 fine that the FAA has no regulations governing model aircraft flights or for classifying model aircraft as an unmanned aircraft.

    FAA officials said they were reviewing the decision and had no further comment. The agency can appeal the decision to the full five-member safety board.

    The FAA levied the fine against aerial photographer Raphael Pirker for flying the small drone near the University of Virginia to make a commercial video in October 2011. Pirker appealed the fine to the safety board, which hears challenges to FAA decisions.

    FAA officials have long taken the position that the agency regulates access to the national airspace, and therefore it has the power to bar drone flights, even when the drone weighs no more than a few pounds.

    “There are no shades of gray in FAA regulations,” the agency says on its website. “Anyone who wants to fly an aircraft —manned or unmanned —in U.S. airspace needs some level of FAA approval.”

    There is increasing demand to use small drones for a wide array of commercial purposes. The FAA has identified the dividing line between a model aircraft and a small drone as more one of intent, rather than of technology. If it is used for commercial purposes, it’s a drone. If it’s used purely for recreational purposes, it’s a model aircraft.

    The agency has issued guidelines for model aircraft operators, but they are voluntary and therefore cannot be enforced, Geraghty said.

    Smile!

    Posted by Pterrafractyl | March 7, 2014, 3:22 pm
  6. Here’s an article about the problems the Pentagon is running into in its hacker-hiring attempts. the article contains a pretty big admission at the end. One of the key problems the Pentagon runs into is the lower pay scale relative to the private sector. Another problem? The private sector’s pay is also too low to incentivize enough people to go into IT security careers in the first place:

    Bloomberg
    The U.S. Government Wants 6,000 New ‘Cyber Warriors’ by 2016
    By Dune Lawrence April 15, 2014

    The Pentagon plans to triple its cybersecurity staff by 2016, U.S. Secretary of Defense Chuck Hagel announced recently.

    A few days later, FBI Supervisory Special Agent Charles Gilgen said at a conference on cybercrime that his agency’s cyber division plans to hire 1,000 agents and 1,000 analysts in the coming year.

    Just those two agencies are looking for 6,000 people with cybersecurity skills in the next two years. That’s a very tall order. A look at one way the government has tried to build and recruit such talent—offering university scholarships—shows why.

    The biggest such program, called CyberCorps, or Scholarship for Service, started in 2000. The scholarship covers tuition, books, and professional development and includes a cash stipend of $20,000 to $30,000 a year, depending on whether the student is pursuing a bachelor’s, a master’s, or a doctorate. After school, recipients serve in government for the same length of time as they received funding, two to three years, usually. Unlike many government programs, it has seen its budget triple to $45 million a year in the past three fiscal years, says Victor Piotrowski, lead program director for CyberCorps at the National Science Foundation. As of January, CyberCorps had produced 1,554 graduates, with 463 more currently in school.

    “You would think, with all those benefits and a hot area, cybersecurity, that people would just be pouring into the program,” says Piotrowski. “We have a very, very tiny pipeline.”

    One hurdle is that participants must be U.S. citizens. Right off the bat, that eliminates more than 70 percent of those receiving master’s degrees in computer engineering at U.S. schools, he says.

    Another factor: The government can’t offer as much pay as the private sector. An online posting for a cyber-analyst job at the Federal Bureau of Investigation in early 2013—there aren’t any more current listings on the federal government’s job site—advertised a salary of $33,979 to $54,028.

    A listing this month for an information security specialist in the U.S. Marine Corps’s cybersecurity division gave a range of $89,924 to $116,901 a year.

    That’s just not competitive, particularly for people with in-demand technical skills in malicious software analysis and reverse engineering, according to Golden Richard, a professor with the University of New Orleans Information Assurance Program.

    “If you couldn’t break $100,000 as a starting salary, I think you’d have trouble attracting those guys,” he says. Richard said one of his students got a government scholarship to fund his master’s degree but was quickly lured away from his government job by a private company offering him about $150,000 a year.

    The government also hurts its chances by allowing contractors who do cybersecurity work for federal agencies to offer higher salaries than the government does for similar jobs, says Seymour Goodman, co-director of the Georgia Tech Information Security Center at the Georgia Institute of Technology.

    It’s not just government agencies that are desperate for cybersecurity specialists. Almost four in 10 IT security positions went unfilled in 2013, according to a survey of more than 500 organizations by the Ponemon Institute, which studies privacy, data protection, and information-security policy. The figure was almost six in 10 for senior security jobs.

    “Market forces aren’t happening fast enough in security,” says Art Gilliland, general manager of enterprise security products at Hewlett-Packard (HPQ), which funded the Ponemon research. “The typical security person is paid the same as a typical IT person, and yet the demand is way higher. The salaries are not increasing fast enough to attract more people.”

    So there’s an ever growing demand for IT security expertise and yet “market forces” aren’t creating the kind of salaries that would lead to growth in the numbers of people interested in going into IT security. Especially in the “senior” security jobs, where 6 in 10 positions aren’t getting filed. Could the ‘Techtopus’, with its “I thought we agreed not to recruit any senior level employees…. I would propose we keep it that way” philosophy, be wrapping its tentacles around this sector of the job market and distorting the whole IT security market?

    That’s one of the fun things about something like the Techtopus: It’s not just a many-tentacled giant beast. It’s an invisible many-tentacled giant beast so we’d don’t really get to know how far its reach goes. We just know those tentacle aren’t helping. That would require a different invisible giant tentacled beast.

    Posted by Pterrafractyl | April 15, 2014, 2:21 pm
  7. You know how when you call a company you often hear “this call will be recorded for training purposes”. You have to wonder if that’s all they’re going to be using it for:

    Voiceprints being harvested by the millions
    By RAPHAEL SATTER
    Oct. 13, 2014 3:10 PM EDT

    LONDON (AP) — Over the telephone, in jail and online, a new digital bounty is being harvested: the human voice.

    Businesses and governments around the world increasingly are turning to voice biometrics, or voiceprints, to pay pensions, collect taxes, track criminals and replace passwords.

    “We sometimes call it the invisible biometric,” said Mike Goldgof, an executive at Madrid-based AGNITiO, one of about 10 leading companies in the field.

    Those companies have helped enter more than 65 million voiceprints into corporate and government databases, according to Associated Press interviews with dozens of industry representatives and records requests in the United States, Europe and elsewhere.

    “There’s a misconception that the technology we have today is only in the domain of the intelligence services, or the domain of ‘Star Trek,'” said Paul Burmester, of London-based ValidSoft, a voice biometric vendor. “The technology is here today, well-proven and commonly available.”

    And in high demand.

    Dan Miller, an analyst with Opus Research in San Francisco, estimates that the industry’s revenue will roughly double from just under $400 million last year to between $730 million and $900 million next year.

    Barclays PLC recently experimented with voiceprinting as an identification for its wealthiest clients. It was so successful that Barclays is rolling it out to the rest of its 12 million retail banking customers.

    “The general feeling is that voice biometrics will be the de facto standard in the next two or three years,” said Iain Hanlon, a Barclays executive.

    Vendors say the timbre of a person’s voice is unique in a way similar to the loops and whorls at the tips of someone’s fingers.

    Their technology measures the characteristics of a person’s speech as air is expelled from the lungs, across the vocal folds of the larynx, up the pharynx, over the tongue, and out through the lips, nose, and teeth. Typical speaker recognition software compares those characteristics with data held on a server. If two voiceprints are similar enough, the system declares them a match.

    The Vanguard Group Inc., a Pennsylvania-based mutual fund manager, is among the technology’s many financial users. Tens of thousands of customers log in to their accounts by speaking the phrase: “At Vanguard, my voice is my password” into the phone.

    “We’ve done a lot of testing, and looked at siblings, even twins,” said executive John Buhl, whose voice was a bit hoarse during a telephone interview. “Even people with colds, like I have today, we looked at that.”

    The single largest implementation identified by the AP is in Turkey, where mobile phone company Turkcell has taken the voice biometric data of some 10 million customers using technology provided by market leader Nuance Communications Inc. But government agencies are catching up.

    In the U.S., law enforcement officials use the technology to monitor inmates and track offenders who have been paroled.

    Activists worry that the popularity of voiceprinting has a downside.

    “It’s more mass surveillance,” said Sadhbh McCarthy, an Irish privacy researcher. “The next thing you know, that will be given to border guards, and you’ll need to speak into a microphone when you get back from vacation.”

    Uh oh.

    Posted by Pterrafractyl | March 21, 2015, 6:20 pm
  8. Imagine a world where personalized ads based on your browsing/purchasing history don’t simply show up on the web pages you’re reading but actually show up on a billboard with facial recognition technology so everyone in town can see the ads deemed most appropriate for you. Sounds like something you would like you see? Hopefully it is because Microsoft has already patented the idea. And in terms of harnessing the incredible potential commercial value of facial recognition technology, Microsoft has a lot of catching up to do, although it probably doesn’t want to catch up with Facebook’s facial recognition lawsuit:

    Washington Post
    Facial recognition technology is everywhere. It may not be legal.

    By Ben Sobel June 11 at 1:12 PM

    Ben Sobel is a researcher and incoming Google Policy Fellow at the Center on Privacy & Technology at Georgetown Law.

    Being anonymous in public might be a thing of the past. Facial recognition technology is already being deployed to let brick-and-mortar stores scan the face of every shopper, identify returning customers and offer them individualized pricing — or find “pre-identified shoplifters” and “known litigious individuals.” Microsoft has patented a billboard that identifies you as you walk by and serves ads personalized to your purchase history. An app called NameTag claims it can identify people on the street just by looking at them through Google Glass.

    Privacy advocates and representatives from companies like Facebook and Google are meeting in Washington on Thursday to try to set rules for how companies should use this powerful technology. They may be forgetting that a good deal of it could already be illegal.

    There are no federal laws that specifically govern the use of facial recognition technology. But while few people know it, and even fewer are talking about it, both Illinois and Texas have laws against using such technology to identify people without their informed consent. That means that one out of every eight Americans currently has a legal right to biometric privacy.

    The Illinois law is facing the most public test to date of what its protections mean for facial recognition technology. A lawsuit filed in Illinois trial court in April alleges Facebook violates the state’s Biometric Information Privacy Act by taking users’ faceprints “without even informing its users — let alone obtaining their informed written consent.” This suit, Licata v. Facebook, could reshape Facebook’s practices for getting user consent, and may even influence the expansion of facial recognition technology.

    How common—and how accurate—is facial recognition technology?

    You may not be walking by ads that address you by name, but odds are that your facial geometry is already being analyzed regularly. Law enforcement agencies deploy facial recognition technology in public and can identify someone by searching a biometric database that contains information on as many as one-third of Americans..

    Companies like Facebook and Google routinely collect facial recognition data from their users, too. (Facebook’s system is on by default; Google’s only works if you opt in to it.) Their technology may be even more accurate than the government’s. Google’s FaceNet algorithm can identify faces with 99.63 percent accuracy. Facebook’s algorithm, DeepFace, gets a 97.25 percent rating. The FBI, on the other hand, has roughly 85 percent accuracy in identifying potential matches—though, admittedly, the photographs it handles may be harder to analyze than those used by the social networks.

    Facebook and Google use facial recognition to detect when a user appears in a photograph and to suggest that he or she be tagged. Facebook calls this “Tag Suggestions” and explains it as follows: “We currently use facial recognition software that uses an algorithm to calculate a unique number (“template”) based on someone’s facial features…This template is based on your profile pictures and photos you’ve been tagged in on Facebook.” Once it has built this template, Tag Suggestions analyzes photos uploaded by your friends to see if your face appears in them. If its algorithm detects your face, Facebook can encourage the uploader to tag you.

    With the boom in personalized advertising technology, a facial recognition database of its users is likely very, very valuable to Facebook. The company hasn’t disclosed the size of its faceprint repository, but it does acknowledge that it has more than 250 billion user-uploaded photos — with 350 million more uploaded every day. The director of engineering at Facebook’s AI research lab recently suggested that this information was “the biggest human dataset in the world.”

    Eager to extract that value, Facebook signed users up by default when it introduced Tag Suggestions in 2011. This meant that Facebook calculated faceprints for every user who didn’t take the steps to opt out. The Tag Suggestions rollout prompted Sen. Al Franken (D-Minn.) to worry that “Facebook may have created the world’s largest privately held data base of faceprints— without the explicit consent of its users.” Tag Suggestions was more controversial in Europe, where Facebook committed to stop using facial identification technology after European regulators complained.

    The introduction of Tag Suggestions is what’s at issue in the Illinois lawsuit. In Illinois, companies have to inform users whenever biometric information is being collected, explain the purpose of the collection and disclose how long they’ll keep the data. Once informed, users must provide “written release” that they consent to the data collection. Only after receiving this written consent may companies obtain biometric information, including scans of facial geometry.

    Facebook declined to comment on the lawsuit and has not filed a written response in court.

    It’s unclear whether today’s paradigm for consent — clicking a “Sign Up” button that attests you’ve read and agreed to a lengthy privacy policy — fulfills the requirements written into the Illinois law. It’s also unclear whether the statute will cover the Tag Suggestions data that Facebook derives from photographs. If the law does apply, Facebook could be on the hook for significant financial penalties. This case is one of the first applications of the Illinois law to facial recognition, and it will set a hugely important precedent for consumer privacy.

    Why biometric privacy laws?

    Biometric information like face geometry is high-stakes data because it encodes physical properties that are immutable, or at least very hard to conceal. Moreover, unlike other biometrics, faceprints are easy to collect remotely and surreptitiously by staking out a public place with a decent camera.

    On the other hand, the Illinois law was galvanized by a few high-profile incidents of in-state collection of fingerprint data. Most notably, a company called Pay By Touch had installed machines in supermarkets across Illinois that allowed customers to pay by a fingerprint scan, which was linked to their bank and credit card information. Pay By Touch subsequently went bankrupt, and its liquidation prompted concerns about what might happen to its database of biometric information. James Ferg-Cadima, a former attorney with the ACLU of Illinois who worked on drafting and lobbying for the BIPA, told me that “the original vision of the bill was tied to the specific issue that was presenting itself across Illinois, and that was the deploying of thumbprint technologies…”

    “Oddly enough,” Ferg-Cadima added, “this was a bill where there was little voice from the private business sector.” This corporate indifference might be a thing of the past. Tech companies of all stripes have grown more and more interested in biometrics. They’ve become more politically powerful, too: For instance, Facebook’s federal lobbying expenditures grew from $207,878 in 2009 to $9,340,000 in 2014.

    Testing the Illinois law

    The crucial question here is whether the Illinois and Texas laws can be applied to today’s most common uses of biometric identifiers. What real-world business practices would meet the standard of informed consent that Illinois law requires for biometric data collection?

    When asked about the privacy law cited in the Licata case, Jay Edelson, the managing partner of the firm representing the plaintiff, said, “The key thing to understand is that almost all privacy statutes are really consent statutes.” The lawsuit stands to determine precisely what kind of consent the Illinois law demands.

    If the court finds that Facebook can be sued for violating the Illinois biometrics law, and that its opt-out consent framework for Tag Suggestions violated the law, it may upend the practices of one of the world’s largest Internet companies, one that is possibly the single largest user of commercial facial recognition technology. And if the lawsuit fails for one reason or another, it would emphasize that regulation of facial recognition needs to take place on a federal level if it is to happen at all. Either way, there’s a chance this lawsuit will end up shaping the future of facial recognition technology.

    So Licata v. Facebook is going to be a case to watch. Fashionistas, in particular, should be following this case closely.

    Posted by Pterrafractyl | June 12, 2015, 7:03 pm
  9. Pew recently conducted a poll asking Americans who they trust more to protect their personal data: The government or your [cellphone provider/email service provider/Search engine provider, etc]? Only 31% said they trust the government to protect their data, a slightly higher level of trust than respondents put in various tech sectors.

    So that wasn’t particularly great news for Silicon Valley’s public image. Stories like this probably aren’t going to help with that lack of trust:

    Pando Daily
    Silicon Valley and the Ingestible Bilderberg ID Chips

    By Mark Ames
    On June 12, 2015

    >
    Peter Thiel (Bilderberg member) gave Ron Paul 2.5 million! Red Flag anyone?

    DailyPaul.com, June 11, 2012

    If someone says “Bilderberg Group” with a straight face, most respectable folks reach for their canister of Bear Mace spray—only to check themselves because odds are, if someone is talking “Bilderberg” they’re probably packing something far more lethal than pepper fog.

    And yet—our paranoid reactions to paranoiacs’ obsessions with Bilderberg are so unnecessary. There is, of course, a real Bilderberg Group—it’s not like Bilderberg is some delusional fantasy, like the chupacabra or amazon.com profits. Bilderberg is basically like a Davos or Jackson Hole—only a bit whiter, crustier, and evil-er. But the idea is essentially the same: An annual pow-wow bringing together a cross-section of western power-elites from banking, politics, defense, energy, and industry.

    What made Bilderberg an obsession with the Bircher/Ron Paul crowd was the key role David Rockefeller played over the years in handing out Bilderberg invitations. Which is an irrational hatred even by irrational hate standards, given the fact that David Rockefeller was trained in economics by the Yoda of the Bircher/libertarian crowd, Friedrich von Hayek—but then again, people have hated for far dumber reasons.

    This week, the Bilderberg Group is gathering in Austria for their annual bull session, and in the benevolent spirit of transparency (or to rub it in our uninvited faces), they’ve released their “final list of participants.” The expected villains’ names are there: Henry Kissinger, David Petraeus, Robert Rubin, NATO Secretary General Jens Stoltenberg, Richard “Prince of Darkness” Perle. . . . But for our purposes at Pando, it’s the select few Bilderbergers from Silicon Valley whose names cry out for our attention.

    A scan through the list of Bilderbergers over the years shows that Silicon Valley has only recently established a clique within the clique. This year’s list features three Google participants: Eric Schmidt; Demis Hassabis, the AI whiz behind Google DeepMind; and Regina Dugan, the former head of DARPA turned Google executive whom Alex Jones warns invented “ingestible ID chips” that the Bilderbergers will want to force us all to swallow, because Henry Kissinger wants nothing more than to keep tabs on our dreary, monotonous lives.

    More serious and significant here is the fact that Google is so well-represented, with three participants. Three names from one company is a rarity, something you might’ve seen in the past from a Goldman Sachs or Lazard—but not Silicon Valley. It shows not just Big Tech’s continued takeover of older established institutions of power, but specifically, Google’s—and it tracks with Google’s new role as the biggest lobbyist spender in Washington.

    Next to Google’s three participants, there’s Palantir with two big names on the Bilderberg list: Peter Thiel [Disclosure: A Pando investor via Founders Fund], and Alex Karp. This is where things get a little complicated for the Ron/Rand Paul libertarian cultists and NWO conspiracists. Peter Thiel, as we’ve reported, was the main funder of Ron Paul’s 2012 presidential SuperPAC; Thiel has also been a rainmaker for Rand Paul’s campaign financing efforts, and Thiel has donated lavishly to a number of libertarian outfits, including Students For Liberty, which honored both Thiel and Edward Snowden (and Snowden honored SFL in kind). Thiel and Palantir also set up the Seasteading Institute, which co-organized a libertarian cruise a few years ago with the libertarian Reason magazine.

    And yet, even as Thiel serves on the Bilderberg Group’s elite steering committee, Ron Paul, who took millions from Thiel, believes that Thiel’s friends control the world:

    >
    “They probably get together and talk about how they’re going to control the banking systems of the world and natural resources.”

    There’s more: Napster/Facebook billionaire Sean Parker — who co-sponsored Rand Paul’s recent “Disrupt Democracy” shindig in SOMA and “invested heavily in Rand Paul’s political operation” according to Politico — is listed as a Bilderberg “participant” at the group’s 2010 meeting in Spain.

    Another Facebook billionaire, New Republic publisher Chris Hughes, went Bilderberg in 2011.

    But of all the Facebook bilderbergillionaires, Peter Thiel has been at it the longest—a “participant” every year since at least 2007. That’s one year longer than Eric Schmidt, who got his Bilderberg on in 2008. While Palantir CEO and co-founder Alex Karp is a relative newbie, Bilderbergering since 2012.

    Another surprise is the unusually low Bill Gates Factor. Microsoft long ago proudly staked its claim to Big Tech Corporate Evil—and yet Gates’ name only shows up on the Bilderberg list once, in 2010. Instead, his spurned Microsoft successor, Craig Mundie, makes regular Bilderberg appearances going back to at least 2006.

    Who else? Jeff Bezos made an appearance in 2013, along with that golden retriever of Big Tech optimism, Larry Lessig. Going back further, before Thiel and Schmidt technofied the Bilderberg Group, one of the few standout Silicon Valley names who participated was Esther Dyson, former chair of the Electronic Frontier Foundation, whose name appears on the Bilderberg list in 2007 and 2000.

    Jeez, what’s next for Silicon Valley’s descent into the upper echelons of the global power?

    Well, whatever it is, it probably isn’t going to close Silicon Valley’s public trust gap. Especially if all these Bilderbergers get caught doing something as crazy as, say, donating large checks to terrifying anti-science demagogues like Senator Ted Cruz. That probably won’t help.

    Posted by Pterrafractyl | June 13, 2015, 12:58 pm
  10. Courtesy of commenters at Little Green Footballs, here are a couple of interesting links:

    1. This one is about role Snowden docs may have played in hack of Federal Employees data by China:

    http://abcnews.go.com/US/feds-eye-link-private-contractor-massive-government-hack/story?id=31717372

    2. This one is story about Russia and China hacking Snowden docs and its effects on British intelligence:

    http://www.thedailybeast.com/cheats/2015/06/13/russia-china-got-snowden-files.html?via=twitter_page

    http://www.bbc.com/news/uk-33125068?ns_mchannel=social&ns_campaign=bbc_breaking&ns_source=twitter&ns_linkname=news_central

    3. This one is John Schindler’s rebuttal to the Snowald cult:

    http://20committee.com/2015/06/12/snowden-is-a-fraud/

    Posted by Kathleen | June 13, 2015, 5:25 pm

Post a comment