Privacy Digest

EFF Answers Your Questions About Border Searches - Via EFF: Deep Links:

Readers of my deeplink on safeguarding your laptop and digital devices from warrantless searches at the border responded with both questions and answers. Some readers wondered whether you have an obligation not to destroy information on your laptop. Others pointed out that U.S. citizens may be detained, but not turned away, at the U.S. border. Many technologists wrote to offer cryptographic solutions, or warnings about encryption schemes that are not as secure as they should be. In this post, I answer the question about destruction of information and reproduce or summarize, with permission, others' suggestions about protecting your laptop from arbitrary searches. I haven't done any independent analysis of these techniques or tools, so your mileage may vary.  read more »

No-go on GOFA - Via CDT - PolicyBeta:

Today, CDT posted an updated memorandum on the most recent version of the Global Online Freedom Act (”GOFA”). GOFA was first introduced by Rep. Christopher Smith (R-NJ) several years ago in response to troubling reports of company complicity in Internet censorship and cooperation in prosecutions of dissidents who posted political material online. The late Rep. Tom P. Lantos, (D-Ca) took up the cause last year and the bill was reported out of the Committee on Foreign Affairs late last year. Industry opposition to the bill has been fierce and efforts to bring the bill to the floor on suspension have thus far been thwarted.

CDT strongly believes that technology companies doing business in countries that broadly surveil and censor the Internet must take serious steps to identify and minimize the human rights risks associated with providing services and technology solutions in those countries. For several years, we have been co-facilitating a multi-stakeholder initiative aimed at developing global principles to guide ICT companies facing free expression and privacy challenges.  We remain hopefully that these principles will grow into a global industry standard that will give the industry a road map for collective action in this area.

We also believe that companies must not hide from these challenges. They should advocate for changes in public policy that protect the rights of their users, challenge laws where possible and collaborate with human rights groups and other stakeholders to build support for an open Internet that supports human rights.  read more »

Internet Mysteries: How Much File Sharing Traffic Travels the Net? - Via Threat Level:

How much of the traffic on the internet is peer-to-peer file trading?

Everyone seems to agree it represents a lot of the traffic, but the truth is no one knows (with the possible exception of the ISPs and backbone providers in the middle, and they aren't telling or sharing raw data).

One of the most recent reports on P2P traffic came from a traffic optimization firm called Ellacoya in June 2007. Their report said that http-based web traffic had overtaken peer-to-peer traffic on the net, thanks to streaming media sites like YouTube.  read more »

NZ cops get 'COFEE' to capture PC evidence - New Zealand's source for technology news on - Via Stuff.co.nz :

New Zealand police have been given a small plug-in device that investigators can use to quickly extract forensic data from computers that may have been used in crimes.

The COFEE, which stands for Computer Online Forensic Evidence Extractor, is a prototype of a USB "thumb drive" that Microsoft has quietly distributed to a few law-enforcement agencies around the world.

A spokesman at police national headquarters said today: "Police have been issued with the COFEE tool by Microsoft and the E-Crime Lab's digital forensic analysts have been trained in the use of it".

New Zealand police had an excellent relationship with the software company, which had provided specialist training to digital forensic analysts and investigators, he said.  read more »

The Freenet Project - Freenet 0.7.0 release candidate 2 now available:

24th Apr, 2008 - Freenet 0.7.0 release candidate 2 now available

Freenet version 0.7 Release Candidate 2 is now available for public testing. Release Candidate 2 features many bugfixes and a number of usability improvements.

Freenet is a global peer-to-peer network designed to allow users to publish and consume information without fear of censorship. To use it, you must download the Freenet software, available for Windows, Mac, Linux and other operating systems. Once you install and run Freenet, your computer will join a global, decentralized P2P network. You will be able to publish and consume information anonymously, either through your web browser, or through a variety of third party applications.  read more »

Slashdot | Freenet Releases 0.7.0rc2 - Via Tech at Slashdot:

evanbd writes
"The Freenet Project has announced Freenet 0.7.0rc2. From the announcement: 'Freenet is a global peer-to-peer network designed to allow users to publish and consume information without fear of censorship. Freenet 0.7 is a ground-up rewrite of Freenet. The key user-facing feature in Freenet 0.7 is the ability to operate Freenet in a "darknet" mode, where your Freenet node will only talk to other Freenet users that you trust. This makes it much more difficult for an adversary to discover that you are using Freenet, let alone what you are doing with it. 0.7 also includes significant improvements to both security and performance.' Of course, for those of us who don't know anyone else running Freenet, or simply prefer it, there's also a non-darknet mode available."

(Read Original Article - Via Tech at Slashdot.)

One Step Forward, Two Steps Back for Genetic Privacy - Via ACLU Blog - Privacy & Technology:

Yesterday, the House passed H.R. 493, the Genetic Nondiscrimination Act (GINA), and the bill is now headed to President Bush for his signature.
This is a victory for all Americans who value their genetic privacy: GINA prevents employers and health insurance companies from discriminating against applicants based on their genetic code, which, thanks to modern science, reveals a lot about your body's predisposition towards illness and disease.  read more »

Red Alert! Mandela Wants In! - Via ACLU Blog - Privacy & Technology:

USA Today reports:

Nobel Peace Prize winner and international symbol of freedom Nelson Mandela is flagged on U.S. terrorist watch lists and needs special permission to visit the USA. Secretary of State Condoleezza Rice calls the situation "embarrassing…"

Shocking that this has happened considering how well-organized and error-free the watchlist is otherwise.  read more »

White House Plans Proactive Cyber-Security Role for Spy Agencies - Via washingtonpost.com - Technology:

America's spy agencies for the first time would be tasked with gathering intelligence on threats to the nation's computer networks under a policy that could be detailed by the White House as early as next week, a senior administration official said Wednesday.

Speaking at a security conference in Washington, the official said the Bush administration wants to harness the intelligence community's offensive capabilities in defense of government and civilian computer systems.

"We've never looked at how all the unique things this government wages against others could be used to inform our defensive posture," said the official, who asked not to be named because the White House has not yet released details about the plan. "We really need to move from [the reality that] the advantage is always with the attacker to how we can have our offense better inform our defense to shrink that gap."  read more »

Protecting Yourself From Suspicionless Searches While Traveling - Via EFF: Deep Links:

The Ninth Circuit's recent ruling (pdf) in United States v. Arnold allows border patrol agents to search your laptop or other digital device without limitation when you are entering the country. EFF and many civil liberties, travelers’ rights, immigration advocacy and professional organizations are concerned that unfettered laptop searches endanger trade secrets, attorney-client communications, and other private information. These groups have signed a letter asking Congress to hold hearings to find out what protocol, if any, Customs and Border Protection (CBP) follows in searching digital devices and copying, storing and using travelers’ data. The letter also asks Congress to pass legislation protecting travelers’ laptops and smart phones from unlimited government scrutiny.

If privacy at the border is important to you, contact Congress now and ask them to take action!

In the meantime, how can international travelers protect themselves at the U.S. border, short of leaving their laptops and iPhones at home?  read more »

Congress Must Investigate Electronic Searches at U.S. Borders - Via EFF: Breaking News:

San Francisco - The Electronic Frontier Foundation (EFF) and a broad coalition, including civil rights groups, professional associations and technologists, called on Congress today to hold oversight hearings on the Department of Homeland Security's search and seizure of electronic devices at American borders.

The press has widely reported disturbing stories about U.S. citizens subject to intrusive searches of their laptops and cell phones. But a recent court decision found that customs officials can search travelers' computers at the border without suspicion or cause. In a letter sent to the House and Senate Homeland Security and Judiciary committees today, the coalition urges lawmakers to consider passing legislation to prevent abusive search practices by border agents and to protect all Americans from suspicionless digital border inspections.

"Our computers, cell phones, and other electronic devices hold a vast amount of personal information like financial data, health histories, and personal emails and letters," said EFF Staff Attorney Marcia Hofmann. "In a free country, the government cannot have unlimited power to read, seize, and store this information without any oversight."

So far, the Department of Homeland Security has refused to release its policies and procedures for conducting these intrusive searches. EFF and the Asian Law Caucus have filed suit against the Department of Homeland Security to obtain the information through the Freedom of Information Act.  read more »

Letters Give C.I.A. Tactics a Legal Rationale - Via New York Times:

WASHINGTON — The Justice Department has told Congress that American intelligence operatives attempting to thwart terrorist attacks can legally use interrogation methods that might otherwise be prohibited under international law.

The legal interpretation, outlined in recent letters, sheds new light on the still-secret rules for interrogations by the Central Intelligence Agency. It shows that the administration is arguing that the boundaries for interrogations should be subject to some latitude, even under an executive order issued last summer that President Bush said meant that the C.I.A. would comply with international strictures against harsh treatment of detainees.

While the Geneva Conventions prohibit “outrages upon personal dignity,” a letter sent by the Justice Department to Congress on March 5 makes clear that the administration has not drawn a precise line in deciding which interrogation methods would violate that standard, and is reserving the right to make case-by-case judgments.  read more »

No Cause Needed to Search Laptops at the Border - Via EFF: Deep Links:

On April 21st, the Ninth Circuit held in United States v. Arnold that the Fourth Amendment does not require government agents to have reasonable suspicion before searching laptops or other digital devices at the border, including international airports. Customs and Border Patrol are likely to use the opinion to argue that almost every property search at the border is constitutionally acceptable.

EFF filed an amicus brief in the case, arguing that laptop searches are so revealing and invasive that the Fourth Amendment requires agents to have some reasonable suspicion to justify the intrusion. Not only are laptops capable of storing vast amounts of information, the information tends to be of the most personal sort, including letters, finances, diaries, photos, and web surfing histories. Prior border search cases distinguished between "routine" suspicionless searches and invasive "non-routine" searches that require reasonable suspicion. Our amicus brief and the lower court opinion relied on these cases to say that the government must also have some cause to search laptops. The Ninth Circuit panel rejected our argument that the privacy invasion resulting from searching computers is qualitatively different from, and requires higher suspicion than, searching luggage or other physical items.  read more »

Border Agents Can Search Laptops Without Cause, Appeals Court Rules - Via Threat Level:

Federal agents at the border do not need any reason to search through travelers' laptops, cell phones or digital cameras for evidence of crimes, a federal appeals court ruled Monday, extending the government's power to look through belongings like suitcases at the border to electronics.

The unanimous three-judge decision reverses a lower court finding that digital devices were "an extension of our own memory" and thus too personal to allow the government to search them without cause. Instead, the earlier ruling said, Customs agents would need some reasonable and articulable suspicion a crime had occurred in order to search a traveler's laptop.

On appeal, the government argued that was too high a standard, infringing upon its right to keep the country safe and enforce laws. Civil rights groups, joined by business traveler groups, weighed in, defending the lower court ruling.

The 9th U.S. Circuit Court of Appeals sided with the government, finding that the so-called border exception to the Fourth Amendment's prohibition on unreasonable searches applied not just to suitcases and papers, but also to electronics.  read more »

Wi-Fi users to be monitored in Russia - Via Network World on Privacy:

Business travellers to Russia might want to keep their laptops and iPhones well-concealed - not from muggers,necessarily, but from the country's recently formed regulatory super-agency, Rossvyazokhrankultura (short for the Russian Mass Media, Communications and Cultural Protection Service).

In the U.K., Ofcom made deregulation one of its first priorities upon coming into existence, but the Russian equivalent is doing just the reverse, including an ominous-sounding policy of requiring registration for every Wi-Fi device and hotspot, according to a report this week from news agency Fontanka.

Rossvyazokhrankultura's interpretation of current law holds that users must register any electronics that use the frequency involved in Wi-Fi communications, said Vladimir Karpov, the deputy director of the agency's communications monitoring division, according to an English commentary provided by website The Other Russia.  read more »

Europeans: U.S. is Spying on You, Too! - Via ACLU Blog - Privacy & Technology:

Last week, Barry Steinhardt, Director of the ACLU's Technology and Liberty Project, wrote a letter to the Article 29 Working Party of the European Commission. Article 29 specifically addresses personal data protection issues, and how data is used in our current information society.  read more »