If you read the catalogue of spy tools and digital weaponry provided to us by Edward Snowden, you’ll see that firmware on your device is the NSA’s best friend. Your biggest mistake might be to assume that the NSA is the only institution abusing this position of trust – in fact, it’s reasonable to assume that all firmware is a cesspool of insecurity courtesy of incompetence of the worst degree from manufacturers, and competence of the highest degree from a very wide range of such agencies
– Mark Shuttleworth
For any who have not seen it already, there is a very good interview with Edward Snowden on the Guardian website.
My understanding is there was an argument inside government between the two halves of the coalition and that argument has gone on for three months. So what the coalition cannot decide in three months this House has to decide in one day. This seems to me entirely improper because of the role of Parliament – we have three roles:
One is to scrutinise legislation, one is to prevent unintended consequences, and one is to defend the freedom and liberty of our constituents.
This undermines all three and we should oppose this motion.
– David Davis MP
…he is the one the Stupid Party rejected for Cameron.
Suddenly we’re told there’s a brand new bill that looks like it was written by the National Security Agency that has to be passed in the same manner that a surveillance bill in the United States was passed in 2007, and it has to happen now. And we don’t have time to debate it, despite the fact that this was not a priority, this was not an issue that needed to be discussed at all, for an entire year. It defies belief.
– Edward Snowden
As the rest of the world becomes more skeptical about mass surveillance, there is one country where it is seldom ever mentioned, except to babble about the need for more of it. The country that the romantic conservative Daniel Hannan says “invented freedom“: Britain.
The latest symptom of the “polite and commercial people” of Britain’s complacent unconcern with freedom and privacy is emergency legislation to be passed through all parliamentary stages early next week, the Data Retention and Investigatory Powers Bill or Act, as we shall have to call it almost immediately. There is little doubt this will happen. All three major parties are agreed they will drive it through.
The “emergency” is a confection. It is ostensibly because of a legal challenge to regulations under an EU directive which was invalidated by the European Court of Justice – which took place in April. So obviously it has to be dealt with by hurried legislation to be passed without scrutiny and not even adumbrated in public till Wednesday. This is the order of events:
- 8th April – ECJ declares Data Retention Directive 2006/24/EC invalid – in theory telcos and ISPs no longer required to gather certain data
- …wait for it…
- 7th July – Rumours surface in the press that “something will be done”
- 9th July – The Sun in the afternoon carries a “security beat privacy” piece boosting the scheme as the only way to beat terrorists and paedophiles.
- 10th July, 8am – Emergency cabinet meeting briefs senior ministers.
- 10th July, 11.18am – Bill becomes available on gov.uk website (still not available via parliament), Home Secretary makes statement in parliament.
- 11th July (Friday), 4pm – Draft regulations to be made under the Bill as soon as it is enacted made available.
- 15th July (Tuesday) – All House of Commons Stages of the Bill (normally about 4 months).
The pretext, reinstating these regulations (which the Home Office has claimed are still subsisting in the UK anyway) is hard to accept as “vital”. Other countries manage fine without them, and they only existed at all because of some bullying by the UK of other EU states after the 7th July 2005 bombings. I covered this background in an article for City AM written on Thursday. But since then we have had a chance to read what is proposed.
Reinstating the regulations – or anchoring them against legal challenge, since they are still operating – would be simple. The new Bill need only say that parliament enacts the content of the regulations as primary Act of the UK parliament. I wouldn’t be pleased. But it would be doing what was required by the ostensible emergency. That however is not what is happening. The new Bill would broaden the regulations and the scope of the Regulation of Investigatory Powers Act under which most state snooping in Britain is conducted and give the Home Secretary powers radically to expand the data required, by further regulations. It is a move in the direction of the supercharged surveillance regime set out in the Communications Data Bill, which was dropped as too controversial ante-Snowden. The clearest detailed analysis is by David Allen Green in the FT, he says:
The removals of civil liberties, and the encroachments of the state, are rarely sudden and dramatic. It is often a subtle change of legal form here, and the deft widening of legal definitions there. And before one knows it, the overall legal regime has changed to the advantage of officials and the otherwise powerful, and all we have done is nod-along as it happens.
I fear it is worse than that. Politicians and press have been so comprehensively suckered that some who would normally stand up for civil liberties are burbling about how “it offers [the] chance to bring rise of surveillance state under democratic control”. DRIP.
The Liberal Democrat politicians who have been most reliable n this topic all appear to have been bought off with a sunset clause and the ludicrous promise of “a review”, even though they have now had several years of experience of arrant avoidance of their questions by the intelligence services. DRIP
Even this cannot persuade them that the security state (sometimes called the “deep state”, though that flatters its dysfunctional smugness) is mocking them. DRIP.
Our permanent establishment in Whitehall treats ministers with condescension, and mere parliamentarians with the same contempt it reserves for ordinary citizens. But those in public life need to believe the state is their honest servant. DRIPS!
Oliver Stone, a man who is nothing less than a fountain of lies and inanities, is looking to make a movie about Edward Snowden. Frankly even that later day Ed Wood, Uwe Boll, would be preferable.
Hopefully Barbara Broccoli would do a better job… though as the Snowden story is very much still ‘a work in progress’ I cannot help thinking it is a tad premature to be trying to tell a tale whose outcome is far from obvious.
The United States Government, feeling that it does not have a sufficient worldwide reputation for completely lacking self awareness, has decided to indict members of the Chinese PLA for conducting computer based espionage against US commercial targets.
Note that the Snowden releases have revealed that the US has engaged in precisely the same behavior, including numerous attacks against Chinese equipment maker Huawei.
Indeed, we currently lack evidence that the Chinese state has conducted wholesale interception of calls from entire countries, but the NSA has done precisely that. We have no evidence that the Chinese have intercepted US equipment shipments and sabotaged them, but the NSA has done precisely that. We have no evidence that the Chinese have systematically undermined internet standards or bribed security companies to sabotage their own software to make communications less secure, but the NSA had done precisely that. Indeed, I could reiterate dozens of Snowden revelations here, but I won’t waste everyone’s time by doing so. (Note that I do not claim the Chinese government has not done such things, only that we do not have evidence of it, while we know for certain that the US government has done such things.)
Today’s rhetorical question is therefore this: if foreign countries begin indicting and arresting US officials for espionage and industrial sabotage, will the US government protest?
The government lost the crypto-wars. Crypto is now freely available, but in a sense they won because there are so many ways at people’s data that bypass the cryptography. What we’re learning from the Snowden documents is not that the NSA and GCHQ can break cryptography but that they can very often render it irrelevant… They exploit bad implementations, bugs in hardware and software, default keys, weak keys, or they go in and break systems and steal data.
– Bruce Schneier
What are the odds that the NSA, GCHQ, etc. do not spy on the elected officials that oversee them?
What prevents subsequent blackmail of said officials by said agencies, other than policies that would be utterly trivial for agency officials to violate at whim?
“Company officials will be trapped in a catch-22. They can lay off as many people as they want because of Obamacare. But because they’ll have to swear to the IRS that their decisions had nothing to do with Obamacare, they can’t speak publicly about what’s happening. What a great way to silence the people who are on the front lines of dealing with Obamacare’s horrific effects.”
On the continuing delightful rollout of the Affordable Care Act in the US. Giving politically sensitive stuff to the Internal Revenue Service: what could possibly go wrong? Again, as many others have observed, the saga comes straight out of Ayn Rand’s Atlas Shrugged.
As for the way in which this whole disaster has progressed, perhaps one of the worst aspects has been how Obama has more or less junked any pretence at worrying about the rule of law to minimize the political damage to himself. But should any of this be surprising to anyone now? Tim Sandefur has some thoughts on the constitutional damage done by ACA, and Obama’s conduct before, during and since the passage of this legislation.
My reservation about the quote at the top is that surely any ban on stating why a person has been made redundant violates the First Amendment. It might be nice to see this issue tested. (Please try not to giggle at the back of the class.)
Do you think Apple helped [the NSA] build that? I don’t know. I hope Apple will clarify that… Here’s a problem: I don’t really believe that Apple didn’t help them. I can’t really prove it, but they [the NSA] literally claim that anytime they target an iOS device, that it will succeed for implantation. Either they have a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves. Not sure which one it is. I’d like to believe that since Apple didn’t join the PRISM program until after Steve Jobs died, that maybe it’s just that they write shitty software.
– Jacob Applebaum
A colleague of mine sent me this item, from the BBC:
Some HSBC customers have been prevented from withdrawing large amounts of cash because they could not provide evidence of why they wanted it, the BBC has learnt. Listeners have told Radio 4’s Money Box they were stopped from withdrawing amounts ranging from £5,000 to £10,000. HSBC admitted it has not informed customers of the change in policy, which was implemented in November. The bank says it has now changed its guidance to staff.
How jolly decent of them.
Mr Cotton cannot understand HSBC’s attitude: “I’ve been banking in that bank for 28 years. They all know me in there. You shouldn’t have to explain to your bank why you want that money. It’s not theirs, it’s yours.”
Well, he now knows differently. A person with a bank account does not own the cash contained by the bank and has total control over it. (I am not aware of any line in my bank contract saying as such.) A deposit is a credit to the bank, and under modern banking laws, with the system as it operates, a bank is not obliged to instantly hand that over, no questions asked. (Under fractional reserve banking, the only kind of guarantee is by deposit protection, but that is usually only up to a certain limit.) In a full free market of course, people could make whatever kind of agreements with banks that they wanted, even consenting in some cases, perhaps, to having to give information to a banker to prevent fraud. However, government regulations in the UK (and certain other nations) being what they are (such as controls to stop money laundering and tax dodging), banks are increasingly operating as proxies for government agencies.
According to HSBC, the issue is to combat financial crime. Maybe that is true but this is not the whole picture:
HSBC has said that following customer feedback, it was changing its policy: “We ask our customers about the purpose of large cash withdrawals when they are unusual and out of keeping with the normal running of their account. Since last November, in some instances we may have also asked these customers to show us evidence of what the cash is required for.”
“The reason being we have an obligation to protect our customers, and to minimise the opportunity for financial crime. However, following feedback, we are immediately updating guidance to our customer facing staff to reiterate that it is not mandatory for customers to provide documentary evidence for large cash withdrawals, and on its own, failure to show evidence is not a reason to refuse a withdrawal. We are writing to apologise to any customer who has been given incorrect information and inconvenienced.”
One of the ironies of the situation is that HSBC last year was hit by a massive fine for anti-money laundering offences (stuff to do with Iranian sanctions and drugs); hitting long-standing clients with this sort of intrusive crap will not do much for that bank’s brand reputation. It is right to stop fraudsters taking money out of accounts of clients, but perhaps the bank should be more frank with clients on why it makes these kind of demands and what is driving this situation. To a considerable extent, banks are no longer really part of any free market, capitalist system.