Access to the evidence on this blog is free with site registration.
Everyone has legitimate things they want to hide
Jesse Marx, 12-28, 20, Lessons From the Year in Surveillance Tech Debacles, https://www.voiceofsandiego.org/topics/government/lessons-from-the-year-in-surveillance-tech-debacles/
These people miss the point. Everyone has something to hide. Yes, everyone. There are things about you that others have no business knowing — like your sexual preferences or your political affiliations or the last time you went to a doctor and why. Wanting to carve out a little space in this cruel and competitive world of ours does not make you a criminal. It makes you human I regularly hear people say, “Well, if you’ve got nothing to hide, what’s the problem?” The Union-Tribune published several letters to this effect over the summer, making the case that more surveillance was a good thing. These people miss the point. Everyone has something to hide. Yes, everyone. There are things about you that others have no business knowing — like your sexual preferences or your political affiliations or the last time you went to a doctor and why. Wanting to carve out a little space in this cruel and competitive world of ours does not make you a criminal. It makes you human.
Can’t solve local and state surveillance
Mattew Cuagarlia, 12-25, 20, https://www.eff.org/deeplinks/2020/12/high-tech-police-surveillance-protests-and-activism-year-review-2020, High Tech Police Surveillance of Protests and Activism: Year in Review 2020
This summer’s Black-led protest movement against police violence was one of the largest political movements in the history of the United States–and with it, came a massive proliferation of government surveillance technology aimed at activists and demonstrators. EFF has been standing up for the right to protest without being surveilled for 30 years now, and this year was no different. As EFF Executive Director Cindy Cohn wrote earlier this year, “EFF stands with the communities mourning the victims of police homicide. We stand with the protesters who are plowed down by patrol cars. We stand with the journalists placed in handcuffs or fired upon while reporting these atrocities. And we stand with all those using their cameras, phones and digital tools to make sure we cannot turn away from the truth.” And we stood with protestors and provided support with lawsuits, by offering legal support to activists, through surveillance self defense education for protestors, reaffirming the right to film the police, by analyzing the latest surveillance tech, and by providing tools for people on the ground to know and understand what equipment their local police departments are using to spy on activists. We even uncovered police surveillance of protests in our own backyard. By using public records requests to see the correspondence between the San Francisco Police Department and the Union Square Business Improvement District, which operates several hundred surveillance cameras in the area, we exposed that the SFPD gained live access to over 400 cameras to spy on protestors. Because San Francisco has an ordinance prohibiting the police from gaining access to any new surveillance equipment without approval from the Board of Supervisors, EFF is now representing activists in a lawsuit against the city for violating this law. This may be the nation’s first test case to enforce a municipal CCOPS (community control of police surveillance) ordinance. When it comes to spying on protests, police have a lot of surveillance tools at their disposal to track, identify, and monitor demonstrators and people exercising their constitutional rights to assemble and protest. In 2020, reporters, civil rights advocates, and people on the ground documented government use of aerial surveillance, social media monitoring, and many more. As with the government surveillance of Occupy Wall Street or the 2015 demonstrations led by the Movement of Black Lives, it could take years for us to learn all of the myriad ways local, state, and federal law enforcement surveilled organizers.
FBI using tower data dumps
Sam Richards, 12-23, 20, POWERFUL MOBILE PHONE SURVEILLANCE TOOL OPERATES IN OBSCURITY ACROSS THE COUNTRY, https://theintercept.com/2020/12/23/police-phone-surveillance-dragnet-cellhawk/
UNTIL NOW, the Bartonville, Texas, company Hawk Analytics and its product CellHawk have largely escaped public scrutiny. CellHawk has been in wide use by law enforcement, helping police departments, the FBI, and private investigators around the United States convert information collected by cellular providers into maps of people’s locations, movements, and relationships. Police records obtained by The Intercept reveal a troublingly powerful surveillance tool operated in obscurity, with scant oversight. CellHawk’s maker says it can process a year’s worth of cellphone records in 20 minutes, automating a process that used to require painstaking work by investigators, including hand-drawn paper plots. The web-based product can ingest call detail records, or CDRs, which track cellular contact between devices on behalf of mobile service providers, showing who is talking to whom. It can also handle cellular location records, created when phones connect to various towers as their owners move around.Such data can include “tower dumps,” which list all the phones that connected to a given tower — a form of dragnet surveillance. The FBI obtained over 150,000 phone numbers from a single tower dump undertaken in 2010 to try and collect evidence against a bank robbery suspect, according to a report from the Brennan Center for Justice at NYU. Police use CellHawk to process datasets they routinely receive from cell carriers like AT&T and Verizon, typically in vast spreadsheets and often without a warrant. This is in sharp contrast to a better known phone surveillance technology, the stingray: a mobile device that spies on cellular devices by impersonating carriers’ towers, tricking phones into connecting, and then intercepting their communications. Unlike the stingray, CellHawk does not require such subterfuge or for police to position a device near people of interest. Instead, it helps them exploit information already collected by private telecommunications providers and other third parties. CellHawk’s surveillance capabilities go beyond analyzing metadata from cellphone towers. Hawk Analytics claims it can churn out incredibly revealing intelligence from large datasets like ride-hailing records and GPS — information commonly generated by the average American. According to the company’s website, CellHawk uses GPS records in its “unique animation analysis tool,” which, according to company promotional materials, plots a target’s calls and locations over time. “Watch data come to life as it moves around town or the entire county,” the site states. The tool can also help map interpersonal connections, with an ability to animate more than 20 phones at once and “see how they move relative to each other,” according to a promotional brochure.
FBI engaged in massive surveillance
ACLU, 12-22, 20, https://www.aclu.org/news/privacy-technology/the-fbi-is-secretly-breaking-into-encrypted-devices-were-suing/, The FBI is Secretly Breaking Into Encrypted Devices. We’re Suing.
The FBI is secretly breaking the encryption that secures our cell phones and laptops from identity thieves, hackers, and abusive governments, and it refuses to even acknowledge that it has information about these efforts — even though some details have been filed publicly in federal court. We’re suing to get some answers Between our emails, text messages, location information, social media activity, and more, our cell phones hold almost our entire lives. In recent years, governments have stepped up efforts to gain access to the information on our cell phones and personal computers. The federal government has been pressuring companies to build encryption backdoors that would severely undermine our digital privacy and security, and both federal and state governments have regularly paid third-party vendors to break into people’s encrypted devices. Now, it appears the FBI has built an in-house capability to break into these devices. Publicly available information indicates that the Electronic Device Analysis Unit (EDAU), a team within the FBI, has acquired or is in the process of acquiring software that allows the government to unlock and decrypt information that is otherwise securely stored on cell phones. Public court records also describe instances where the EDAU appeared capable of accessing encrypted information off of a locked iPhone. And beyond that, the EDAU even sought to hire an electronics engineer whose major responsibilities would include “perform[ing] forensic extractions and advanced data recovery on locked and damaged devices.” To learn more about the EDAU and its capabilities, we filed a request under the Freedom of Information Act asking that the Department of Justice and the FBI disclose records relating to the EDAU and its technological capabilities for retrieving information from locked electronic devices. The FBI responded in part by issuing what’s known as “Glomar” responses to two of our requests — which means that the agency refuses to even confirm or deny the existence of any records pertaining to the EDAU. A valid Glomar response is rare, as there are only extremely limited instances where its invocation is appropriate — that is, only where the existence or nonexistence of records is itself exempt under FOIA. The problem with the FBI’s Glomar response is that, as detailed above, we already know records pertaining to the EDAU exist because information about the unit is already public. The fact that all of this information is already publicly known deeply undercuts the FBI’s Glomar theory. The FBI itself has made clear that it is attempting to access and decrypt personal electronic devices, so the claim that it can’t even acknowledge whether these records exist is implausible Seeking some much-needed transparency, today we asked a federal court to intervene and order the DOJ and the FBI to turn over all responsive documents pertaining to the EDAU. We’re demanding the government release records concerning any policies applicable to the EDAU, its technological capabilities to unlock or access electronic devices, and its requests for, purchases of, or uses of software that could enable it to bypass encryption By invoking the Glomar response, the federal government is sending a clear message: It aims to keep the American public in the dark about its ability to gain access to information stored on our personal mobile devices. But it’s not that the FBI has just shut the door on this information — they’ve shut the door, closed the windows, drawn the shades, and refused to acknowledge whether the house that we’re looking at even exists. It’s imperative that the public gets meaningful access to these records regarding the federal government’s capabilities to access our phones and computers. Our privacy and security are at stake.
FBI engaged in massive surveillance
ACLU, 12-22, 20, https://www.aclu.org/news/privacy-technology/the-fbi-is-secretly-breaking-into-encrypted-devices-were-suing/, The FBI is Secretly Breaking Into Encrypted Devices. We’re Suing.
The FBI is secretly breaking the encryption that secures our cell phones and laptops from identity thieves, hackers, and abusive governments, and it refuses to even acknowledge that it has information about these efforts — even though some details have been filed publicly in federal court. We’re suing to get some answers.
Between our emails, text messages, location information, social media activity, and more, our cell phones hold almost our entire lives. In recent years, governments have stepped up efforts to gain access to the information on our cell phones and personal computers. The federal government has been pressuring companies to build encryption backdoors that would severely undermine our digital privacy and security, and both federal and state governments have regularly paid third-party vendors to break into people’s encrypted devices. Now, it appears the FBI has built an in-house capability to break into these devices. Publicly available information indicates that the Electronic Device Analysis Unit (EDAU), a team within the FBI, has acquired or is in the process of acquiring software that allows the government to unlock and decrypt information that is otherwise securely stored on cell phones. Public court records also describe instances where the EDAU appeared capable of accessing encrypted information off of a locked iPhone. And beyond that, the EDAU even sought to hire an electronics engineer whose major responsibilities would include “perform[ing] forensic extractions and advanced data recovery on locked and damaged devices.” To learn more about the EDAU and its capabilities, we filed a request under the Freedom of Information Act asking that the Department of Justice and the FBI disclose records relating to the EDAU and its technological capabilities for retrieving information from locked electronic devices. The FBI responded in part by issuing what’s known as “Glomar” responses to two of our requests — which means that the agency refuses to even confirm or deny the existence of any records pertaining to the EDAU. A valid Glomar response is rare, as there are only extremely limited instances where its invocation is appropriate — that is, only where the existence or nonexistence of records is itself exempt under FOIA. The problem with the FBI’s Glomar response is that, as detailed above, we already know records pertaining to the EDAU exist because information about the unit is already public. The fact that all of this information is already publicly known deeply undercuts the FBI’s Glomar theory. The FBI itself has made clear that it is attempting to access and decrypt personal electronic devices, so the claim that it can’t even acknowledge whether these records exist is implausible Seeking some much-needed transparency, today we asked a federal court to intervene and order the DOJ and the FBI to turn over all responsive documents pertaining to the EDAU. We’re demanding the government release records concerning any policies applicable to the EDAU, its technological capabilities to unlock or access electronic devices, and its requests for, purchases of, or uses of software that could enable it to bypass encryption By invoking the Glomar response, the federal government is sending a clear message: It aims to keep the American public in the dark about its ability to gain access to information stored on our personal mobile devices. But it’s not that the FBI has just shut the door on this information — they’ve shut the door, closed the windows, drawn the shades, and refused to acknowledge whether the house that we’re looking at even exists. It’s imperative that the public gets meaningful access to these records regarding the federal government’s capabilities to access our phones and computers. Our privacy and security are at stake
Department of Homeland Security surveillance
Fellipe De La Huz, 11-17, 20, DHS PLANS TO START COLLECTING EYE SCANS AND DNA — WITH THE HELP OF DEFENSE CONTRACTORS, https://theintercept.com/2020/11/17/dhs-biometrics-dna/
THROUGH A LITTLE-DISCUSSED potential bureaucratic rule change, the Department of Homeland Security is planning to collect unprecedented levels of biometric information from immigration applicants and their sponsors — including U.S. citizens. While some types of applicants have long been required to submit photographs and fingerprints, a rule currently under consideration would require practically everyone applying for any kind of status, or detained by immigration enforcement agents, to provide iris scans, voiceprints and palmprints, and, in some cases, DNA samples. A tangled web of defense and surveillance contractors, which operate with little public oversight, have already begun to build the infrastructure that would be needed to store these records After proposing the rule in September, DHS is currently reviewing, and must respond to, thousands of comments it received during the 30-day period in which the public could weigh in. The agency had signaled that the proposal would be coming when it announced last year that it would be retiring its legacy Automated Biometric Identification System, or IDENT, and replacing it with the Homeland Advanced Recognition Technology framework — stating explicitly that one of its objectives was to collect more types of biometric data and make searching and matching easier. Where HART was the vessel, the new proposed rule is the means of collecting all the new data types to populate it.
Customs & Border Patrol surveillance
Le Fang, 10-21, 20, https://theintercept.com/2020/10/21/google-cbp-border-contract-anduril/, GOOGLE AI TECH WILL BE USED FOR VIRTUAL BORDER WALL, CBP CONTRACT SHOWS
AFTER YEARS of backlash over controversial government work, Google technology will be used to aid the Trump administration’s efforts to fortify the U.S.-Mexico border, according to documents related to a federal contract. In August, Customs and Border Protection accepted a proposal to use Google Cloud technology to facilitate the use of artificial intelligence deployed by the CBP Innovation Team, known as INVNT. Among other projects, INVNT is working on technologies for a new “virtual” wall along the southern border that combines surveillance towers and drones, blanketing an area with sensors to detect unauthorized entry into the country. In 2018, Google faced internal turmoil over a contract with the Pentagon to deploy AI-enhanced drone image recognition solutions; the capability sparked employee concern that Google was becoming embroiled in work that could be used for lethal purposes and other human rights concerns. In response to the controversy, Google ended its involvement with the initiative, known as Project Maven, and established a new set of AI principles to govern future government contracts. I’m I The employees also protested the company’s deceptive claims about the project and attempts to shroud the military work in secrecy. Google’s involvement with Project Maven had been concealed through a third-party contractor known as ECS Federal.
Federal grants fund local surveillance
Kaitlyn Schwenck, 9-30, 20, OPERATION LEGEND IS BRINGING SURVEILLANCE TECH TO CITIES, https://theintercept.com/2020/09/13/police-surveillance-technology-operation-legend/
IN AUGUST, 40 federal agents arrived in Memphis. Some were already on the ground by the time U.S. Attorney Michael Dunavant announced the onset of Operation Legend and the city became, along with St. Louis, the seventh to be targeted by the Justice Department’s heavy-handed initiative to reduce violent crime. Many of the agents are on temporary assignment, working in collaboration with police; nearly half will relocate by November. But they will leave behind a city flush with grant money for local police — and heightened surveillance capabilities. In Memphis, organizers have long battled police surveillance. The fight came to a head in 2017, when a lawsuit against the city of Memphis revealed years of close surveillance of Black Lives Matter activists and union organizers. “We knew we were being watched and monitored and surveilled,” said Hunter Demster, an activist who was tracked on social media by MPD. The suit was successful, and in 2018, a federal judge ordered an independent monitor to oversee policing in the city. Now, activists there say that Operation Legend is a serious blow.I’m I Operation Legend and its December precursor, Operation Relentless Pursuit, are both funding surveillance technology in cities across the country. Through Operation Legend, Memphis and four other cities received grants for gunshot detection technology, which lines cities with sensors to detect gunfire, despite longstanding concerns about its efficacy. Other more opaque grants from the Justice Department, like a $1.4 million grant to Shelby County, which surrounds Memphis, in April and a $1 million grant in July to the city of Cleveland, are to be used in part for “technological solutions” or “support” for investigations. Awash in these federal funds, cities have doubled down on their surveillance investments, even as they face general budget shortfalls in the tens of millions. On August 4, two days before Operation Legend was formally announced in the city, Memphis signed a new contract with Cellebrite, an Israeli forensics manufacturer popular with law enforcement, whose products can hack and extract data from smartphones. The estimated $65,000 contract would double previous annual spending on the technology, per city procurement records. The Memphis police declined an interview request for this story and did not respond to several additional inquiries about the purchases.Through Operation Legend, Memphis and four other cities received grants for gunshot detection technology, despite longstanding concerns about its efficacy On August 12, the city of Detroit — another of the nine cities targeted by Operation Legend — also placed a $100,000 order with Cellebrite to acquire the company’s “premium” software package and, two weeks later, renewed an older Cellebrite license for another $22,000 — more than tripling 2018 and 2019 expenditures.Chicago, meanwhile, announced on August 14 that it would employ “enhanced” technology for “around-the-clock” monitoring of social media to identify looters. One hundred federal agents from the FBI, the Drug Enforcement Administration, and the Bureau of Alcohol, Tobacco, Firearms, and Explosives were sent to Chicago through Operation Legend in late July. Though Mayor Lori Lightfoot at first assumed a hostile attitude toward the initiative, in August she also announced a new task force on looting in partnership with the FBI. “This Task Force is already reviewing video camera footage and other evidence to identify perpetrators and develop strong cases against them,” she wrote.Just the presence of federal agents can undermine longstanding efforts for accountability on police surveillance. In Memphis, a unique consent decree from 1978 prohibits law enforcement from engaging in “political intelligence” — collecting information on individuals for political purposes. This decree was the backbone of the 2018 American Civil Liberties Union lawsuit, which held that Memphis had violated the law. City law enforcement has lobbied to amend and strike the decree, but so far, it has held.Yet the Memphis law does not apply to federal law enforcement. “That’s the harsh truth. The decree only covers the city,” explained Tom Castelli, legal director for the ACLU of Tennessee, though per the decree, the city cannot collaborate on unlawful surveillance with outside agencies.In the Face of Rising White Supremacist Violence, Police Continue to Investigate Victims and ActivistsStill, Memphis Police Director Michael Rallings has alluded to partnering with the FBI to get around some of the decree’s restrictions, later confirming through a city spokesperson that he “told [federal officials] that we are restricted by the consent decree and depend on them to catch threats articulated on social media.” As U.S. Attorney for the Southern District of Indiana Josh Minkler said, as he announced Operation Legend’s expansion to Indianapolis, federal agencies contribute “not just manpower, but technology that can help identify and arrest the individuals. And then they have access to federal courts.” For Joia Thornton, an organizer with Decarcerate Memphis, a group that formed in response to Operation Relentless Pursuit, the initiatives form part of a longer legacy of federal support for policing. “We believe this mirrors the three-strikes laws, the war on drugs — all of these types of tactics to drive up mass incarceration,” she told The Intercept. “We are on the front lines to resist that.”
Indeed, U.S. Attorney General William Barr has frequently defended Operation Legend by noting that it is a continuation of federal policing efforts, rather than a radical departure from the norm. These are “traditional crime-fighting activities” he told reporters in Detroit — just now “ratcheted-up.” Attorney General William Barr talks to the media during a news conference about Operation Legend, a federal task force formed to fight violent crime in several cities, on Aug. 19, 2020, in Kansas City, Mo.Attorney General William Barr talks to the media during a news conference about Operation Legend, a federal task force formed to fight violent crime in several cities, on Aug. 19, 2020, in Kansas City, Mo. Photo: Charlie Riedel/AP THE DEPARTMENT OF Defense’s 1033 program is perhaps the best-known example of federal investment in policing. In 2014, footage of military vehicles rolling down the streets of Ferguson drew national outcry, bringing scrutiny to the program. 1033 continues provide bayonets, grenade launchers, and other leftovers from U.S. wars overseas to police precincts across the country. But the Homeland Security and Justice departments also fund law enforcement to the tune of hundreds of millions of dollars a year. The DOJ’s Edward Byrne Memorial Justice Assistance Grant Program, which emerged in the post-9/11 era of rapidly inflated federal spending on policing, is one of the major grant programs for police and has been criticized for, in effect, funding mass imprisonment. Its grants also fund sophisticated policing technology. Memphis is a prime example: Over the last decade, the city’s license plate reader system, its “real-time crime center” — which houses a “video wall” of live surveillance camera feeds — and its gunshot recognition cameras were all funded, at least in part, through Byrne JAG grants. Years of federal investment in surveillance have resulted in what Faiza Patel, co-director of the Brennan Center’s Liberty and National Security Program, calls a “layering” effect: “These things don’t come all at once. They build up,” she said. “And when you start feeding one surveillance technology after another into a database, you give police departments the ability to track what people are doing very closely.” Technologies popular with federal agencies tend to make their way down to the local level. Take, for example, the new popularity of phone-hacking technology with police: The technology was first picked up more than a decade ago by federal agencies like Immigration and Customs Enforcement and the FBI. Now, a growing number of cities and state law enforcement have access to some kind of mobile data extraction software. “You’ve got cops and cruisers using it. The tools always trickle down,” a forensic scientist told Motherboard in 2016. Yet the federal government, for years, has funded phone-hacking tools directly. The Bureau of Justice Assistance, which has offered generous grants to Memphis, Detroit, and other cities through Operation Legend this summer, has previously funded Cellebrite products for police departments in Florida, Maryland, Kansas, and Idaho. It has also funded artificial intelligence-based data repositories, predictive analytics, and social media monitoring tools. “Much of this equipment and technology is given under the guise of either narcotics, policing, or counterterrorism. Ultimately, a lot of it gets used to monitor protests.vIn turn, the grants have created an industry of policing technology dependent on federal funding. ShotSpotter, the largest gunshot detection provider in the country and a major beneficiary of Operation Legend, illustrates this well. The company has spent nearly $2 million lobbying legislators over the past decade, according to records from the Center for Responsive Politics — most recently, on a bill that would permit the attorney general to dole out grants for gunshot detection tech.
Many federal agencies engage in extensive surveillance
Sue Udry, 11-30, 20, Selling Out the Fourth Amendment, https://rightsanddissent.org/news/selling-out-the-fourth-amendment/
US law enforcement and military agencies have been buying their way around the Fourth Amendment using loopholes in federal privacy laws to access vast troves of our personal data. As we all know, private companies like Facebook, Google, and Verizon, collect an almost limitless amount of information about us — where we are, what we like, what we do, how we feel. While government agencies are not allowed to buy that information directly from these consumer facing entities, once that information gets sold to data brokers (companies like Venntel, Locate X, X-Mode, Clearview AI and hundreds most of us have never heard of), it’s perfectly legal for ICE, the FBI, the CIA and the military to purchase any and all of it. Essentially, it’s data laundering, allowing the government to access information that would normally require a court order. According to Senator Ron Wyden (D-OR), “I think we’ve really reached the point where you have so much data floating around that governments can essentially buy their way around the Fourth Amendment.” Just a few ways our government is getting its hands on our most personal data without a warrant: Hundreds of police and government agencies have purchased access to a facial recognition service run by Clearview AI, allowing them to search through billions of photos Clearview downloaded from Facebook, LinkedIn, Twitter and YouTube. In June, we learned that the IRS was purchasing cell phone location data to “track and identify potential criminal suspects.” In July, we learned that Customs and Border Patrol “purchased access to a commercial database that allows the agency to look up the historical location of vehicles nationwide without a warrant,” to search “license plates of interest”. CBP itself noted that “The only way to opt out of such surveillance is to avoid the impacted area, which may pose significant hardships and be generally unrealistic.” In August, we learned that CBP “paid nearly half a million dollars to a company that sells a product based on location data harvested from ordinary apps installed on peoples’ phones”. Two weeks ago, we learned that the “U.S. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps.” Those apps included a Muslim prayer app, a Muslim dating site, and others. Related: DRAD executive director, Sue Udry, on Muslim Network TV It’s time for Congress to close this gaping loophole. Senator Wyden is promising to do that, aiming to introduce The Fourth Amendment Is Not For Sale Act this week. According to Wyden, “basically, it would outline a plan to ban the government from buying information that would otherwise require a court order or a warrant.”
Microsoft systems support extensive local police surveillance of minorities
Michael Kewt, 12-21, 20, https://www.aljazeera.com/features/2020/12/21/microsofts-iron-cage-prison-surveillance-and-e-carceral-state, Microsoft’s iron cage: Prison surveillance and e-carceration, `
What the email did not mention was that for years, Microsoft has partnered with a company called Tribridge to build a corrections management suite – based on a flagship product, Offender 360 – which includes an inmate surveillance and risk scoring solution, a “youth offender” management solution and risk assessment solutions for pretrial and the courts. Microsoft has also worked on electronic monitoring solutions with partners for persons under “community supervision”, and has its own Microsoft-branded “Digital Prison Management Solution”. Additionally, Microsoft partners with Morocco-based Netopia Solutions, which offers its own “Prison Management Solution” in Africa.Taken together, Microsoft and its partners’ carceral solutions cover the entire correctional pipeline, from “juvenile delinquency” to pretrial and probation, into prison, and after inmates are released on parole. Microsoft’s involvement in the carceral state reveals how tech corporations are expanding the scope of surveillance and high-tech tools that discipline and punish communities of colour and the poor. For Microsoft, incarceration is a lucrative opportunity, as “Digital transformation makes it possible to consider prison as a business. The Microsoft police stat Microsoft has a little-known law enforcement-focused division, Public Safety and Justice, which provides integrations and services on its Azure cloud in partnership with independent software vendors operating away from public view. Microsoft’s primary business in criminal justice is carried out with its partners, and it largely generates revenue by licensing software and/or renting out storage capacity, servers and software running on cloud infrastructure. In addition to an extensive partner ecosystem, Microsoft offers its own law enforcement solutions, such as its Domain Awareness System (DAS), called Microsoft Aware – a surveillance and analytics system first developed in tandem with the NYPD and unveiled publicly in 2012. Since then, Aware has been purchased by police forces in Atlanta, Washington, D.C., Singapore and Brazil. The last thing you need are surprises. Especially when it comes to your health plan WE HEAR YOU. Our disciplined approach offers the stability you need Ad by Tufts Health Plan See Mor With Aware, people are monitored by CCTV cameras and city sensor dragnets, subjected to facial recognition, video analytics, and surveillance-based police patrols, supplemented by Big Data analytics. As we will see later, Microsoft Aware forms the foundation for its own Digital Prison Management Software.In response to a request for comment about the software in this article, Microsoft stated, “Microsoft has nothing to share”.The regional headquarters of Microsoft in the Silicon Valley town of Sunnyvale, California [File: Smith Collection/Gado/Getty Images]Offender 360: To surveil, predict and analyse the correctional pipelineMicrosoft’s first flagship product for correctional services dates back to around 2009, when the Illinois Department of Corrections (IDOC) embarked on a multi-phase, $30-million overhaul of its antiquated computer systems. At the time, the IDOC managed 49,000 offenders in custody and 28,000 parolees across 28 facilities using more than 40 separate computer applications. Search inquiries required customisation and could take up to two weeks. Microsoft and its partner Tribridge, a tech company that specialises in business applications and cloud solutions, Microsoft built the IDOC a searchable web-based solution called Offender 360 to centralise databases in the cloud and upgrade its prison management capabilities.hen-Governor Patrick Quinn said at the time, Microsoft’s “cutting-edge technology will give Illinois one of the most advanced criminal justice information systems in the country.”An early brochure listed a variety of features that would integrate, index, and expand every bit of data available about inmates for computer-based functionality and analytics:Tracking capabilities include an inmate’s physical location – their movement history between specific locations, such as a prison, and within them – and identification by attributes such as height, weight, scars and marks (such as tattoos), religion, and known aliases Categorisation and classification features index attributes such as security characteristics (for example, aggression level and offender grade) and case and behavioural histories Search features allow prison authorities to locate inmates of interest and observe their profiles for ad-hoc queries and real-time data analysis. For example, prison authorities can search for “inmates under the age of 50 with a projected parole date within five years” or inmates “classified as highly aggressive, high escape risk, with known affiliations to one or many security threat groups” The constant stream of data collection becomes a form of behavioural surveillance that follows prisoners wherever they go.Prisoner advocates fears surveillance of prisoners has expanded as new technologies have been introduced to prisons [File: RJ Sangosti/The Denver Post via Getty Images]. Monica Cosby spent 20 years in Illinois prisons, and is now co-director of Organizing with Moms United Against Violence and Incarceration (MUAVI). She explained to me the problem with continuous prisoner profiling and its effects on the inmate population.
Everyone has a “Master File” kept by the IDOC “that has all your info in it,” Cosby explained. This includes your behavioural history, staff assaults (which, Cosby notes, could include false accusations), medical records, inmate property – they monitor basically everything you have and do while in prison, she said. The data collected can be used against the inmates. For example, the record of alleged inmate “misbehaviour” can be brought up at a parole hearing, and Big Data analytics can deem inmates as prone to violence or recidivism. However, the fine details about what is collected and evaluated by analytics are often not available to the public. Over time, each data point creates a record and with it a permanent chain to the past. “There is an inherent narrative in the data and the presentation of that data … that is always going to be held against Black, brown, and poor people [who are already suspected of being criminal],” Cosby said. Youth 36 In Illinois, the work of Microsoft and Tribridge was not limited to adult incarceration. The Youth 360 system was designed for the Illinois Department of Juvenile Justice (IDJJ), which manages the state’s five juvenile correctional facilities A schematic representation of Offender 360 and Youth 360 Microsoft cloud infrastructure. Information includes education data from the Department of Children and Family Services (DCFS), Illinois State Board of Education (ISBE), Illinois Department of Human Services (IDHS), Illinois Healthcare and Family Services (IHFS), Juvenile Assessment and Intervention System (JAIS), electronic medical records (EMR), Affordable Care Act (ACA), Illinois State Police (ISP), and the courts [Al Jazeera] Youth 360 is similar to Offender 360 in that ingests a wide range of data about its subjects. Youth 360 data can be linked to other data systems, such as school and public health systems, and it hosts Youth Assessment and Screening Instrument (YASI) data to profile “criminogenic risks, needs, and strengths.” YASI is used for every youth put on probation. For many youth – especially children of colour, disabled, lower-class and other marginalised groups – schools can be hostile sites of policing and surveillance. As a result, schools often become entry points into the carceral system, in what scholars and activists call the “school-to-prison pipeline”. Jesse Hagopian, a Seattle-based activist, teacher and editor of the magazine Rethinking Schools, explained to me that young people of colour are disproportionately subjected to a “school-to-prison nexus” in which schools “increasingly resemble jails themselves, so that you have metal detectors, and police, and random searches of students in the school building themselves, conditioning mostly BIPOC youth to accept a society that surveils them, that punishes them and that maintains gross inequality” “And then there’s an overlapping system of the school-to-prison pipeline that sends them from schools that are increasingly resembling prisons themselves into actual jails – whether that’s a youth jail for kids or getting them ready to go to an adult jail when they leave the school.”
Current cyber attacks haven’t accessed classified systems
Justine Coleman, 12-25, 20, The Hill, Senate Democrat says cyberattack on Treasury ‘appears to be significant’, https://thehill.com/policy/finance/531218-senate-democrat-says-cyberattack-on-treasury-appears-to-be-significant
Last week, the Cybersecurity and Infrastructure Security Agency gave an emergency order for federal departments to stop using SolarWinds products. Wyden and Senate Finance Committee Chairman Chuck Grassley (R-Iowa) requested the IRS brief the committee on whether sensitive taxpayer information was suspected to have been leaked in the hack. Wyden also partnered with Senate Banking Committee ranking member Sherrod Brown (D-Ohio) to call on Treasury Secretary Steven Mnuchin to provide more information on the breach of the department. Mnuchin told CNBC on Monday that the cyberattack involved “unclassified systems,” saying, “we do not see any break in into our classified systems.” Trump criticizes Senate Republicans ahead of election results vote,.. Economics expert says government deficits can be beneficia “Our unclassified systems did have some access,” he said. “I will say the good news is there’s been no damage, nor have we seen any large amounts of information displaced.” “This is something that … will be continued to be focused on, but we are – we are working with the National Security Council, we’re working with the Intel agencies and, and I can assure you, we are completely on top of this.”
FBI surveillance isn’t more protective of rights
Even Perez, 4-2, 20, https://www.cnn.com/2020/04/03/politics/fbi-surveillance-warrants-fisa-court/index.html, Surveillance court wants FBI to explain new reported shortcomings
The federal court that oversees national security surveillance wants the FBI to explain newly uncovered missteps in government warrants to eavesdrop on Americans after a recent internal audit found the FBI fell short of the standards required. The Justice Department inspector general said in recent days that after reviewing a sample of Foreign Intelligence Surveillance Act eavesdropping warrants from around the country, it “lacked confidence” that the FBI was adhering to its standards that require information presented to the court is “scrupulously accurate.” “It would be an understatement to note that such lack of confidence appears well founded,” the Foreign Intelligence Surveillance Court said in a Friday order in reaction to a memorandum detailing the new findings by the Justice Department inspector general “The OIG Memorandum provides further reason for systemic concern,” the court said. “It thereby reinforces the need for the court to monitor the ongoing efforts of the FBI and DOJ to ensure that, going forward, FBI applications present accurate and complete facts. The newly reported missteps added to the failures that the inspector general reported in December in the FBI’s use of secret surveillance warrants targeting former Trump campaign aide Carter Page The new inspector general report cited glaring issues in the so-called Woods files, which are attached to eavesdropping requests and present underlying evidence used to support allegations in court applications for surveillance.
US under continued threat of cyber attack
Maggie Miller, 12-19, 20, https://thehill.com/policy/technology/530934-us-government-caught-blindsided-over-sophisticated-cyber-hack-experts-say, US government caught blindsided over sophisticated cyber hack, experts say
Russia has long been viewed as a threat in cyberspace. But after one of the most successful cyber intrusion campaigns in U.S. history, questions are being raised over how the federal government was so completely blindsided by an attack many experts have seen coming. The successful hacking of multiple federal agencies and tens of thousands of individual federal and private entities — widely presumed to be a Russian intrusion and which federal officials warn is ongoing — managed to subvert sophisticated protections by targeting third-party software contractor SolarWinds. “We shouldn’t have been surprised, the Russians are very sophisticated, they are very dedicated and relentless, and this appeared to be a soft target they were able to exploit,” Christopher Painter, the former State Department cybersecurity coordinator under both the Trump and Obama administrations, told The Hill on Friday. Russia, alongside China, North Korea and Iran, is considered one of the pressing threats to the U.S. in multiple fields. Following the 2016 presidential election, when Russian agents launched a sweeping and sophisticated campaign designed to sway the election toward now-President Trump, top federal agencies began a four-year process designed to shore up the election and ensure this type of attack could never happen again. These officials, led by the two-year-old Cybersecurity and Infrastructure Security Agency (CISA), largely succeeded, with Election Day seeing few security incidents. However, some say the U.S. may have turned attention away from other attack vectors used by Russia. As of Friday, agencies including the Department of Energy and its National Nuclear Security Administration, the Department of Homeland Security, the State Department, and the Treasury Department had reportedly been breached as part of the espionage incident. SolarWinds has reported it believes at least 18,000 of its customers were compromised by the hack. The hackers accessed systems as early as March, and questions have mounted over how much they took or were able to access. “This is the most significant cyberattack in the history of the United States,” Tom Kellermann, a former member of an Obama administration cybersecurity commission and current head of cybersecurity at VMWare CarbonBlack, told The Hill. “It’s unprecedented in the 22 years I’ve been in the business.” Kellermann said he and his team believed that Russia had stepped up its cyberattacks against the U.S. in retaliation for the success of securing the 2020 elections and following the disruption of international botnet group “TrickBot” that targeted U.S. critical infrastructure with ransomware viruses. He noted that ransomware attacks on hospitals over the fall “should have been a signal and a red line that dramatic escalation is occurring.”K
The recent Russian cyber attack conducted through back door access
Kim Zetter, 12-14, 20, The Intercept, SOLARWINDS HACK INFECTED CRITICAL INFRASTRUCTURE, INCLUDING POWER INDUSTRY, https://theintercept.com/2020/12/24/solarwinds-hack-power-infrastructure/
THE HACKING CAMPAIGN that infected numerous government agencies and tech companies with malicious SolarWinds software has also infected more than a dozen critical infrastructure companies in the electric, oil, and manufacturing industries who were also running the software, according to a security firm conducting investigations of some of the breaches. In addition to the critical infrastructure companies, the SolarWinds software also infected three firms that provide services for such companies, says Rob Lee, CEO of Dragos, Inc., which specializes in industrial control system security and discovered some of the infections. The service companies are known within the industry as original equipment manufacturers, or OEMs. They sometimes have remote access to critical parts of customer networks, as well as privileges that let them make changes to those networks, install new software, or even control critical operations. This means that hackers who breached the OEMs could potentially use their credentials to control critical customer processes. “If an OEM has access to a network, and it’s bi-directional, it’s usually for more sensitive equipment like turbine control, and you could actually do disruptive actions,” Lee told The Intercept. “But just because you have access doesn’t mean you know what to do or how to do it. It doesn’t mean they can then flip off the lights; they have to do more after that.”But compromising an OEM does magnify the potential risks to infrastructure. “[I]t’s particularly concerning because … compromising one OEM, depending on where you compromise them, could lead to access to thousands of organizations,” said Lee, a former critical infrastructure threat intelligence analyst for the NSA. “Two of the … OEMs that have been compromised … have access to hundreds of ICS networks around the world.” “Compromising one OEM could lead to access to thousands of organizations. Lee notes that in some cases the OEMs don’t just have access to customer networks — they actually directly infected their customers with the SolarWinds software. That’s because some of them us SolarWinds not just on their own networks, but also have installed it on customer networks to manage and monitor those, sometimes without the customers being aware this was done. Lee wouldn’t identify the OEMs and doesn’t know if the SolarWinds hackers took an interest in them. SolarWinds was compromised in March, modified with a so-called “backdoor” to provide an attacker access to the network of anyone who downloaded it. Government officials have linked the hack to Russia. The backdoor, which security researchers at cybersecurity company FireEye have dubbed SUNBURST, gathers information about the infected network, then waits about two weeks before sending a beacon to a server owned by the hackers, along with information about the infected network, to signal that the infected system is open for them to surreptitiously enter. The hackers would have used that information to determine which targets they wanted to burrow into further. Once inside an infected system, the hackers could download more malicious tools and steal employee credentials to gain access to more critical parts of the network — collecting information or altering data or processes there. …. Although other intruders have been inside the U.S. electric grid before, Lee says this is different. If Iran or China compromises industrial control systems in critical infrastructure, “you assume they could [disrupt operations] but you don’t know [if they have the knowledge and ability],” Lee said. But if Russia is behind the SolarWinds attack, “Russia has shown an ability to go beyond access to disruption. So when they get access you no longer have the question could they use it? The question is how long would it take them and would they?”
No risk of nuclear terrorism
Eben Coatzee, 11-18, 20, Eben Coetzee is ’n senior lektor in die Universiteit van die Vrystaat se Departement vir Politieke Studie en Regeerkunde. Hy verwerf sy PhD in 2017 (in die vakgebied van die internasionale politiek), waarin hy ondersoek instel na die voortdurende tersaaklikheid van die strukturele realis Kenneth Waltz om die internasionale politiek te beskryf en te verklaar, Is the spectre of nuclear terrorism justified?, https://www.litnet.co.za/is-the-spectre-of-nuclear-terrorism-justified/
It is against this backdrop that the primary research question of this study emerges: Is the spectre of nuclear terrorism and, concurrently, the depiction of nuclear terrorism as an existential crisis by the media, government officials and nuclear experts, justified? The study is based on a literature study of nuclear weapons (with specific reference to nuclear deterrence), terrorism and nuclear terrorism, coupled with an analysis of data derived from the Global Terrorism Database (GTD) for the period 1998–2018. The conclusion reached from this analysis is that the threat of nuclear terrorism is highly exaggerated and, importantly, does not in any meaningful way constitute an existential crisis in international politics. Four key findings buttress this conclusion: Firstly, all terrorist groups – even so-called superterrorists – are pre-eminently motivated by political objectives. Although it is widely believed that superterrorists pursue religious objectives (and thus are unamenable to political constraints), this overly simplistic picture no longer holds water. In fact, research on the parochially defined religious objectives of superterrorists often lacks context. In studying terrorism, consideration of religious, ethnic and technological factors tell us something about how and why individuals resort to the use of force. However, the ultima ratio for the use of asymmetric methods of warfare is to accomplish some or other political objective. The desire to achieve political results remains a pre-eminent factor in decisions to wage irregular warfare. Secondly, although nuclear deterrence is inefficacious in deterring terrorists, this is a problem only if and where terrorists can easily obtain nuclear weapons. Importantly, all fears about nuclear terrorism – whether in the form of a nuclear-armed Al Qaeda, the Islamic State (ISIS) or a lone-wolf terrorist – are premised on prior possession of nuclear weapons. The conclusion reached is simple: No nuclear weapon, no nuclear terrorism. Thirdly, it is highly unlikely that nuclear states will transfer nuclear weapons to terrorist groups. In the post-9/11 world, fears abounded that so-called rogue regimes would transfer nuclear weapons to terrorists. However, nuclear states are unlikely to be willing to run the risk of being blamed and, more importantly, punished for the use of nuclear weapons by terrorists. Where nuclear states contemplate transferring nuclear weapons to terrorists, nuclear deterrence is likely to continue working its constraining effects. Data from the GTD (covering the period 1998–2018) further indicates that there are no grounds for believing that a terrorist group or a state sponsor of such a group would remain anonymous after an attack with a nuclear weapon. Nuclear forensics provide further constraints against nuclear terror, enabling states to draw connections between nuclear materials and their sources in the aftermath of a nuclear explosion. Finally, it is well-nigh impossible for terrorist groups to steal or buy a nuclear weapon and, even more so, to build one on their own. Fretting about terrorist access to nuclear material is nothing new. However, in the post-9/11 world, American intelligence officers were convinced that, provided they could get their hands on enriched uranium, Al Qaeda could build a crude nuclear device. For terrorists to buy a nuclear weapon or to gain access to nuclear material is, however, far more complicated than is widely thought. There exists no evidence that a commercial market (or even any real demand) for nuclear material exists today. At any rate, nuclear states take the safety of their arsenals very seriously, this notwithstanding the exaggerated claims in the media concerning lax nuclear safety standards of some nuclear states. Besides, even if a terrorist group could steal a nuclear weapon, it would surely know that the unauthorised detonation of a nuclear weapon is well-nigh impossible. Nuclear weapons are carefully designed to prevent unauthorised detonation. If it is well-nigh impossible for terrorists to buy or steal a nuclear weapon; to build one from scratch is even more so. Fears of a terrorist group building a nuclear weapon in some or other basement in New York, and subsequently detonating the weapon, are more typical of a Hollywood-type script than reality. All terrorist groups lack the knowledge, infrastructure and technical expertise to design nuclear weapons, let alone conduct the requisite tests to ensure that their device works. Notwithstanding widely held beliefs about the threat and imminence of nuclear terror, this analysis illustrated that there is very little substance in such fears. There is no reason to believe that nuclear states will transfer nuclear weapons to terrorist groups. Over against this, there are ample reasons why states would not transfer nuclear weapons to terrorists (and ample constraints on their doing so). Where such states contemplate transferring nuclear weapons to terrorists, they would be acutely aware that their actions would not go unnoticed or unpunished. In such cases, nuclear deterrence will remain remarkably efficacious. At the same time, terrorist groups guilty of nuclear terror would surely know that they could not remain anonymous. Neither buying nor stealing a nuclear weapon provides viable paths for terrorist groups wishing to go nuclear. Moreover, building their own bomb appears to be impossible. In international politics, conventional terror constitutes a recalcitrant problem; nuclear terror, by contrast, is hardly a problem to begin with.
Even if the risk of detonation is low, we must act to avoid the impact
William Moon, 11-4, 20, https://www.bloomberg.com/opinion/articles/2020-11-29/xi-jinping-scores-big-against-extreme-poverty-but-china-still-has-its-poor, WMD Threat Reduction Programs Suffer from Neglect
There has been a lot of discussion on the importance of supporting and heeding the advice of scientists as the world battles the COVID-19 pandemic. It is more important than ever to support our experts as they combat the outbreak. But there is another group that is also deserving of our attention — the government workers, supporting contractors, nongovernmental organizations and academics that work to prevent and mitigate potential catastrophes from weapons of mass destruction (WMD). This WMD threat reduction community is dedicated to addressing nuclear, chemical, biological, radiological and improvised threats, to include natural and manmade incidents and actions that would be far more devastating than anything seen from COVID-19. The individual threats of such disasters may be considered low-probability events, but the consequences of such incidents and the results of inaction could be extremely devastating. A nuclear attack, or any kind of nuclear detonation — whether an intentional military action, a terrorist attack, or an accident — could cause millions or tens of millions of deaths with far greater hospitalizations and economic impacts than the world is experiencing today. During this time of crisis, it’s more important than ever to continue the work to prevent and mitigate future cataclysmic events and avoid the inclination to think that this pandemic means that future high consequence incidents are now less likely or aren’t worth the time and attention. The public and policymakers need to review how they evaluate these essential programs. Support is urgently needed by the WMD threat reduction community to avoid and lessen the chances and effects of a future global disaster. The mission of preventing and mitigating low-probability/high-consequence events is a unique and essential federal governmental function that suffers from constant budget pressures and continuously eroding public and political support. Additionally, international cooperation efforts are often seriously underfunded and frequently criticized. Federal neglect for such events reached its most dangerous point in January 2020 in the fiscal year 2021 Defense-Wide Review report to Congress that explicitly “reduces the Cooperative Threat Reduction program by eliminating efforts for low-to-near zero probability threats.” Ironically, this issuance was promulgated just as the low-probability/high-consequence coronavirus pandemic was making its way to the United States. Those who work and dedicate their careers to these programs and missions do so with a strong sense of government and community service and an understanding that their efforts are not likely to receive support and recognition from outside this community. Lack of attention and recognition is expected and is not a problem when it comes to their motivations. Even though it is impossible to prove success when it comes to prevention programs, the experts, diplomats and specialists from this community know that their efforts are critically important and earn their satisfaction knowing that they are doing all they can to make the world safer. As a society we need to value risk-reduction efforts and provide them with the support they deserve. Prevention and risk reduction programs should not be evaluated by short-term outcomes. If there is not a nuclear disaster for five years, the reaction should be how to make that last longer instead of devaluing and cutting such programs. Senior leaders should not be asking when and how to complete or finish threat reduction pursuits; they need to ask how they can be continuously improved. The occurrence of one crisis does not mean that other crises are now less likely. The COVID-19 pandemic should not lead to reductions in efforts to prevent and mitigate a nuclear accident or incident. Yet the political reaction has often been to take money from the successful prevention programs to increase funding against the latest crisis. Pandemic and biological risk reduction program funding should not be taken from nuclear or chemical threat reduction and security programs. Difficulties, shortcomings and failures of cooperative programs shouldn’t cause an overreaction to cancel or cut such cooperation. If our objective is to gain information and understanding, it doesn’t make sense to cut off communication and engagement when we don’t get as much information as quickly as we would like. Efforts and pressures to prioritize prevention efforts need to be modified significantly. Instead of continuously evaluating them in terms of likelihood or probability, programs need to be valued in terms of the consequences they are seeking to prevent or mitigate. If programs that seek to prevent the high consequence events like a nuclear war are cut in favor of lower consequence events that are more likely, it increases vulnerability to the high consequence events. Risk involves both likelihood and consequences, and when it comes to weapons of mass destruction, the potential consequences are so catastrophically high they need special attention. In addition, efforts and attention to prioritize between high-consequence nuclear, chemical, biological and radiological crises are also misplaced. With such high consequence events, they need to be evaluated and supported according to the value of investing to prevent disasters that will be more catastrophic.
High risk of dirty bomb use in the US, and it would trigger lots of death and economic damage
General Accounting Office, 2019, Combatting Nuclear Terrorism: NRC Needs to Take Additional Actions toEnsure the Security of High-Risk Radioactiv Material, https://www.gao.gov/assets/700/698218.pdf
Radioactive material is used in thousands of locations throughout the United States for medical, industrial, and research purposes, such as treating cancer, sterilizing food and medical instruments, and detectingflaws in metal welds. However, in the hands of terrorists, radioactive material—such as americium-241, cesium-137, cobalt-60, and iridium192—could be used to construct a radiological dispersal device (RDD), also referred to as a “dirty bomb,” that uses conventional explosives to disperse radioactive material. Depending on the type, form, amount, and concentration of radioactive material used, an RDD could expose nearby individuals to radiation and increase their long-term risks of cancer. Inaddition, the evacuation and cleanup of contaminated areas could lead toserious socioeconomic costs, as individuals with homes and businessesin those areas may not be able to return for an extended period becauseof actual or feared contamination. Terrorist activity in the United States,Europe, and the Middle East has heightened concerns about RDDs andthe need to better secure certain radioactive material. Furthermore,according to NRC, there exists a general credible threat on themalevolent use of radioactive materials in the United States. In addition,the International Atomic Energy Agency (IAEA) reported 3,068unauthorized activities and events worldwide involving nuclear andradioactive material from 1993 to 2016, including incidents of traffickingand malicious use,