Archive for the ‘FOIA’ Category

Advertisements

c/o Privacy and Security Fanatic @PrivacyCamp

“You don’t want to be pulled over by the police in Michigan. When law enforcement wants half a million dollars to produce documents for a FOIA request, something is not right. And since the high-tech mobile forensic device in question can grab data in one-and-a-half minutes off more than 3,000 different cell phone models, it could be used during minor traffic violations to conduct suspicionless and warrantless searches without the phone owner having any idea that all their phone data was now in the hands of authorities.” 

DNA report and pre-crime

The House of Commons Home Affairs Select Committee has published a report into The National DNA Database. In it they point out that the detection rate of DNA is not all that the government claim it is and go on to suggest that the database is actually used for pre-crime. The report states: “It is currently impossible to say with certainty how
many crimes are detected, let alone how many result in convictions, due at least in part to the matching of crime scene DNA to a personal profile already on the database, but it appears that it may be as little as 0.3%—and we note that the reason for retaining personal profiles on a database is so that the person can be linked to crimes he/she commits later”.


See
http://www.publications.parliament.uk/pa/cm200910/cmselect/cmhaff/222/222i.pdf

ID propaganda sent to guinea pig regions

The government continues to roll out the ID card con to selected guinea pigs, trying to drum up trade by sending propaganda leaflets to households in selected regions. The leaflet features a smiley fingerprint character with the slogan: “idsmart, ID at your fingertips”. What follows is a letter presenting a list of half truths, signed by the
‘Head of Product Marketing’. The leaflet sweeps aside the thorny issue of how voluntary ID cards will be, stating: “Applying for an identity card is entirely voluntary. However, once you do so, you’ll discover that it’s a safer, more convenient way to prove who you are – as well as to help protect yourself against identity fraud.” In fact there are many other things that guinea pigs would discover, such as the database behind the card or the fines that will be imposed for not keeping their information up to date.


See the leaflet at
http://i39.tinypic.com/kapru0.jpg

Scaremongering over ID card jobs

A number of politicians have recently turned to scaremongering about job losses they claim would result from scrapping the ID scheme. However, Freedom of Information (FOI) requests to both Blackburn and Durham
Identity and Passport (IPS) offices have shown that no new job roles have been created from the scheme. Workers within IPS could simply be deployed back into issuing passports.


James Elsdon-Baker, NO2ID’s North of England co-ordinator said, “The claim that we need the £230,000 a day ID scheme for jobs is madness when the government is readily announcing cuts in front-line services. When the scheme is scrapped I’m sure the civil servants that have been made to work on ID cards would be happy to go back to working on useful things that people want.”

Yahoo Issues Takedown Notice for Spying Price List

Wired.com


BTC – Cryptome.org needs an award.

Yahoo isn’t happy that a detailed menu of the spying services it provides law enforcement agencies has leaked onto the web.

IN OTHER WIRED ACCOUNTS: YAHOO! , VERIZON: “Our spy capabiltes would “shock”, “confuse” customers

Shortly after Threat Level reported this week that Yahoo had blocked the FOIA release of its law enforcement and intelligence price list, someone provided a copy of the company’s spying guide to the whistleblower site Cryptome.

The 17-page guide describes Yahoo’s data retention policies and the surveillance capabilities it can provide law enforcement, with a pricing list for these services. Cryptome also published lawful data-interception guides for Cox Communications, SBC, Cingular, Nextel, GTE and other telecoms and service providers.

But of all those companies, it appears to be Yahoo’s lawyers alone who have issued a DMCA takedown notice to Cryptome demanding the document be removed. Yahoo claims that publication of the document is a copyright violation, and gave Cryptome owner John Young a Thursday deadline for removing the document. So far, Young has refused.

Yahoo’s letter was sent on Wednesday, within hours of the posting of Yahoo’s Compliance Guide for Law Enforcement at Cryptome. In addition to copyright infringement, the letter accuses the site of revealing Yahoo’s trade secrets and engaging in “business interference.” According to the letter, disclosure of its surveillance services (.pdf) would help criminals evade surveillance.

The Compliance Guide reveals, for example, that Yahoo does not retain a copy of e-mails that an account holder sends unless that customer sets up the account to store those e-mails. Yahoo also cannot search for or produce deleted e-mails once they’ve been removed from a user’s trash file.

The guide also reveals that the company retains the IP addresses from which a user logs in for just one year. But the company’s logs of IP addresses used to register new accounts for the first time go back to 1999. The contents of accounts on Flickr, which Yahoo also owns, are purged as soon as a user deactivates the account.

Chats conducted through the company’s Web Messenger service may be saved on Yahoo’s server if one of the parties in the correspondence set up their account to archive chats. This pertains to the web-based version of the chat service, however. Yahoo does not have the content of chats for consumers who use the downloadable Web Messenger client on their computer.

Instant message logs are retained 45 to 60 days and includes an account holder’s friends list, and the date and times the user communicated with them.

Young responded to Yahoo’s takedown request with a defiant note:

I cannot find at the Copyright Office a grant of copyright for the Yahoo spying document hosted on Cryptome. To assure readers Yahoo’s copyright claim is valid and not another hoary bluff without substantiation so common under DMCA bombast please send a copy of the copyright grant for publication on Cryptome.

Until Yahoo provides proof of copyright, the document will remain available to the public for it provides information that is in the public interest about Yahoo’s contradictory privacy policy and should remain a topic of public debate on ISP unacknowledged spying complicity with officials for lucrative fees.

—–

Note: Yahoo’s exclamation point is surely trademarked so omitted here.

The company responded that a copyright notice is optional for works created after March 1, 1989 and repeated its demand for removal on Thursday. For now, the document remains on the Cryptome site.

Threat Level reported Tuesday that muckraker and Indiana University graduate student Christopher Soghoian had asked all agencies within the Department of Justice, under a Freedom of Information Act (FOIA) request, to provide him with a copy of the pricing list supplied by telecoms and internet service providers for the surveillance services they offer government agencies. But before the agencies could provide the data, Verizon and Yahoo intervened and filed an objection on grounds that the information was proprietary and that the companies would be ridiculed and publicly shamed were their surveillance price sheets made public.

Yahoo wrote in its objection letter that if its pricing information were disclosed to Soghoian, he would use it “to ’shame’ Yahoo! and other companies — and to ’shock’ their customers.”

“Therefore, release of Yahoo!’s information is reasonably likely to lead to impairment of its reputation for protection of user privacy and security, which is a competitive disadvantage for technology companies,” the company added.

The price list that Yahoo tried to prevent the government from releasing to Soghoian appears in one small paragraph in the 17-page leaked document. According to this list, Yahoo charges the government about $30 to $40 for the contents, including e-mail, of a subscriber’s account. It charges $40 to $80 for the contents of a Yahoo group.

Cindy Cohn for EFF

EFF today released an Interim Report on the Automated Targeting System (ATS) through which the Department of Homeland Security monitors and assigns risk assessment scores to Americans and others who cross into or out of the United States. The data reviewed under the ATS system includes seven large government databases, plus the Passenger Name Record data from the airlines (which includes data like whether you’ve ordered a Muslim or Hindu or Jewish special meal). Effectively, if you travel internationally, ATS creates an instant, personal and detailed dossier on you that CBP officers use to decide whether you get to enter the country, or will be subject to an enhanced (and potentially invasive) search. EFF’s report details what we’ve learned about the ATS program from the over 2,000 pages released by the government so far. We note that because of government’s very heavy redacting and refusal to release key information Americans remain in dark about how this powerful system is used on travelers. EFF’s Interim report was written by Shana Dines.

DHS has continued to release documents to EFF so we’ll update the report as additional useful information comes out.

FOIA Litigation for Accountable GovernmentTravel Screening