Calling the Israel-based spyware maker NSO Group an “in-plain-sight national security threat,” one expert warned that “a multi-agency investigation is immediately needed.”
Multiple news outlets revealed Friday that Apple notified at least 11 U.S. State Department officials that their iPhones were recently hacked by an unknown party or parties with spyware developed by the private Israeli firm NSO Group.
The “bombshell,” first reported by Reuters, comes after Apple sued NSO Group last month in an effort to protect iPhone users from its Pegasus spyware, which the Israeli company claims to only sell to government law enforcement and intelligence agencies and was the focus of a major reporting project earlier this year. Continue reading →
“When it’s time to finally put workers first, big businesses are spending millions to maintain their advantage and preserve the status quo,” said Kyle Herrig of Accountable.US.
Members of the Patriotic Millionaires hold a federal tax filing day protest in New York City. Photo: Michael Kink/Twitter
Major U.S. companies that got a “stealth bailout” thanks to congressional pandemic relief legislation are now lobbying against President Joe Biden’s proposal to hike taxes on wealthy individuals and corporations through the Build Back Better package, according to a new Accountable.US analysis provided exclusively to Common Dreams.
Accountable.US takes aim at the recent lobbying activities—and in some cases, statements from top executives—of Apple, Baxter International, Bristol-Myers-Squibb, DuPont de Nemours, FedEx, Johnson & Johnson, Oracle, Walgreens Boots Alliance, and Walmart. Continue reading →
La Quadrature du Net, whose complaint led to the Luxembourg fine, called the penalty a “first step,” but said that “we need to remain vigilant” in the face of Amazon’s ongoing violations.
Amazon/AWS offices in Luxembourg. Photo: -wuppertaler, CC BY-SA 4.0 via Wikimedia Commons
Digital rights advocates on Friday applauded a €746 million fine levied against Amazon by a Luxembourg regulator for the tech giant’s violation of European Union data privacy laws.
The record penalty—which converts to about U.S. $886 million—was imposed on July 16 by CNPD, Luxembourg’s data protection agency, and disclosed in an Amazon regulatory filing (pdf) on Friday, according toBloomberg. Continue reading →
The Orroral Valley Fire viewed from Tuggeranong, Australia on the evening of January 20, 2020. Photo: Nick-D/CC
World leaders aren’t doing enough to address the human-caused climate crisis.
That seemed to be the main message of United Nations Secretary-General António Guterres’ speech on Saturday at the Climate Ambition Summit 2020, hosted by the U.N., the United Kingdom, and France in partnership with Chile and Italy to mark the fifth anniversary of the Paris agreement.
“Paris promised to limit temperature rise to as close to 1.5 degrees as possible. But the commitments made in Paris were far from enough to get there. And even those commitments are not being met,” Guterres said. “Carbon dioxide levels are at record highs. Today, we are 1.2 degrees hotter than before the industrial revolution. If we don’t change course, we may be headed for a catastrophic temperature rise of more than 3 degrees this century.” Continue reading →
Cellphone tower | Picture by Peter Bjorndal / pixabay.com. Public Domain
Regime-directed surveillance has taken new forms within the Middle East as governments have been forced to adapt to new technological and social environments. While government surveillance of its citizens is not new to the region, this old authoritarian impulse has been revamped in the attempt to subvert opposition and monitor dissidence amid widespread use of social media and access to smartphones within the region.
New forms of targeted hackings and espionage have therefore become commonplace throughout the region, and often extend across borders into the international arena. Western companies, governments, and individuals have provided extensive assistance to the surveillance efforts of these governments, often by supplying them with the necessary technology and expertise needed to conduct such sweeping operations. However, regional countries – particularly Israel – have increasingly constructed and exported their own indigenous operations and platforms designed to surveil their publics. Conducted on a mass scale and bolstered by western technological support, these new and sophisticated forms of surveillance have supplied these governments with the tools necessary to go on the offensive against all who seek to challenge the status quo. Continue reading →
All across the United States people are spending a lot more time in their homes and will be there for the foreseeable future.
As such, many people are looking for new activities to occupy their time, including ways of staying fit. Thankfully the Federal Bureau of Investigation (FBI) has an app for that.
Those of us who simply can’t do sit-ups and push-ups on our own and are somehow unable to download one of the numerous fitness apps out there that aren’t associated with the U.S. government finally have an option. Continue reading →
More than two dozen consumer groups are urging the Senate Commerce Committee to reconsider its witness list—which only includes industry representatives—for an upcoming hearing on data privacy policy. (Photo: Blogtrepreneur/flickr/cc)
While representatives for Apple, AT&T, Amazon, Charter Communications, Google, and Twitter are all slated to testify at a Sept. 26 Senate hearing about safeguarding consumer data privacy, the nation’s leading consumer advocacy groups weren’t invited—and they’re not happy about it.
In a letter (pdf) to the leaders of the Senate Committee on Commerce, Science & Transportation on Wednesday, 28 groups expressed their “surprise and concern that not a single consumer representative was invited to testify” and called on committee Chairman John Thune (R-S.D.) and Ranking Member Bill Nelson (D-Fla.) to reconsider the witness list. Continue reading →
According to Forbes, which spoke with sources close to local and federal investigations, it’s becoming standard operating procedure for cops to use dead people’s fingerprints to unlock their Apple iPhones.
FBI forensic specialist Bob Moledor detailed for Forbes the first known instance of law enforcement making such an attempt, during an investigation into the motives of an attacker killed by Ohio police back in 2016. Continue reading →
“No constitutional doctrine should presume that consumers assume the risk of warrantless government surveillance simply by using technologies that are increasingly integrated into modern life.”
In a Supreme Court case beginning Wednesday, the ACLU is arguing that Americans should not be expected to give up privacy rights every time they use a cell phone that pings phone towers nearby, as analog-era legal arguments would hold. (Photo: Mike Mozart/Flickr/cc)
The Supreme Court will hear the first arguments in a landmark case regarding digital privacy rights on Wednesday as civil liberties advocates, joined by tech companies and journalists, argue the court must acknowledge that privacy rights and free speech protections should align with the reality of 21st century technology.
The case, known as Carpenter vs. United States centers around Timothy Carpenter, who was convicted in 2011 of several robberies after the police, without a probable cause warrant, gathered data from his cell phone company. Months of records were turned over, showing that he had been near cell towers close to the sites of the robberies when they took place. Continue reading →
Fear of hackers reading private emails in cloud-based systems like Microsoft Outlook, Gmail or Yahoo has recently sent regular people and public officials scrambling to delete entire accounts full of messages dating back years. What we don’t expect is our own government to hack our email – but it’s happening. Federal court cases going on right now are revealing that federal officials can read all your email without your knowledge.
The federal government is getting access to the contents of entire email accounts by using an ancient procedure – the search warrant – with a new, sinister twist: secret court proceedings.
The earliest search warrants had a very limited purpose – authorizing entry to private premises to find and recover stolen goods. During the era of the American Revolution, British authorities abused this power to conduct dragnet searches of colonial homes and to seize people’s private papers looking for evidence of political resistance.
To prevent the new federal government from engaging in that sort of tyranny, special controls over search warrants were written into the Fourth Amendment to the Constitution. But these constitutional provisions are failing to protect our personal documents if they are stored in the cloud or on our smartphones.
Fortunately, the government’s efforts are finally being made public, thanks to legal battles taken up by Apple, Microsoft and other major companies. But the feds are fighting back, using even more subversive legal tactics.
Searching in secret
To get these warrants in the first place, the feds are using the Electronic Communications Privacy Act, passed in 1986 – long before widespread use of cloud-based email and smartphones. That law allows the government to use a warrant to get electronic communications from the company providing the service – rather than the true owner of the email account, the person who uses it.
You might never know that the government has been reading all of your email – or you might find out when you get charged with a crime based on your messages.
But relatively little notice has come to a similar Microsoft effort on behalf of customers that began in April 2016. The company’s suit argued that search warrants delivered to Microsoft for customers’ emails are violating regular people’s constitutional rights. (It also argued that being gagged violates Microsoft’s own First Amendment rights.)
This search warrant clearly spells out who the government thinks controls email accounts – the provider, not the user. U.S. District Court for the Southern District of New York
It’s very difficult to get a copy of one of these search warrants, thanks to orders sealing files and gagging companies. But in another Microsoft lawsuit against the government a redacted warrant was made part of the court record. It shows how the government asks for – and receives – the power to look at all of a person’s email.
On the first page of the warrant, the cloud-based email account is clearly treated as “premises” controlled by Microsoft, not by the email account’s owner:
“An application by a federal law enforcement officer or an attorney for the government requests the search of the following … property located in the Western District of Washington, the premises known and described as the email account [REDACTED]@MSN.COM, which is controlled by Microsoft Corporation.”
The Fourth Amendment requires that a search warrant must “particularly describe the things to be seized” and there must be “probable cause” based on sworn testimony that those particular things are evidence of a crime. But this warrant orders Microsoft to turn over “the contents of all e-mails stored in the account, including copies of e-mails sent from the account.” From the day the account was opened to the date of the warrant, everything must be handed over to the feds.
The warrant orders Microsoft to turn over every email in an account – including every sent message. U.S. District Court for the Southern District of New York
Reading all of it
In warrants like this, the government is deliberately not limiting itself to the constitutionally required “particular description” of the messages it’s looking for. To get away with this, it tells judges that incriminating emails can be hard to find – maybe even hidden with misleading names, dates and file attachments – so their computer forensic experts need access to the whole data base to work their magic.
If the government were serious about obeying the Constitution, when it asks for an entire email account, at least it would write into the warrant limits on its forensic analysis so only emails that are evidence of a crime could be viewed. But this Microsoft warrant says an unspecified “variety of techniques may be employed to search the seized emails,“ including “email by email review.”
The right to read every email. U.S. District Court for the Southern District of New York
As I explain in a forthcoming paper, there is good reason to suspect this type of warrant is the government’s usual approach, not an exception.
If Microsoft wins, then citizens will have the chance to see these search warrants and challenge the ways they violate the Constitution. But the government has come up with a clever – and sinister – argument for throwing the case out of court before it even gets started.
The government has asked the judge in the case to rule that Microsoft has no legal right to raise the Constitutional rights of its customers. Anticipating this move, the American Civil Liberties Union asked to join the lawsuit, saying it uses Outlook and wants notice if Microsoft were served with a warrant for its email.
The government’s response? The ACLU has no right to sue because it can’t prove that there has been or will be a search warrant for its email. Of course the point of the lawsuit is to protect citizens who can’t prove they are subject to a search warrant because of the secrecy of the whole process. The government’s position is that no one in America has the legal right to challenge the way prosecutors are using this law.
Far from the only risk
The government is taking a similar approch to smartphone data.
For example, in the case of U.S. v. Ravelo, pending in Newark, New Jersey, the government used a search warrant to download the entire contents of a lawyer’s personal cellphone – more than 90,000 items including text messages, emails, contact lists and photos. When the phone’s owner complained to a judge, the government argued it could look at everything (except for privileged lawyer-client communications) before the court even issued a ruling.
Where does this all leave us now? The judge in Ravelo is expected to issue a preliminary ruling on the feds’ arguments sometime in October. The government will be filing a final brief on its motion to dismiss the Microsoft case September 23. All Americans should be watching carefully to what happens next in these cases – the government may be already watching you without your knowledge.
