Archives October 2014

Shhh… The BBC "Forgotten" List (& Forgotten Company Directors?)

The BBC plans to publish a regularly updated list of articles removed from the search engine Google following the controversial “right to be forgotten rule”.

Google has so far received some 153,000 requests which have involved about half a million different link and 40 percent of these links have been removed. However, according to associate professor David Glance, director of the Center for Software Practice at the University of Western Australia:

… there is a great deal of concern about the sorts of things that are being removed. So, for example, information about former company directors have been removed. So various people are now asking for that type of information to be restored because it’s part of the public record and important information when you are considering the effectiveness or the background of a company or the directors.”

Shhh… Snowden Awarded Russian Private Literary Prize

Former NSA contractor-turned-fugitive Edward Snowden has bagged another award earlier this week on Monday: a private literary prize from the Zinovyev Institute, a private foundation for the study of creative writings of Russian writer and philosopher Alexander Zinovyev.

Snowden was not in attendance to receive the award given his need to keep a low profile since his asylum in Russia in August last year though he has been appearing actively at various events globally via live broadcast.

Snowden, a 2014 Nobel Peace Prize nominee, also received the Right Livelihood Award 2014 in late September.

Shhh… More NSA Shakeup Following Another Conflict of Interest?

More personnel problems at the National Security Agency…

Another conflict of interest matter has led the agency’s top spy Teresa Shea to leave her position as director of signals intelligence (SIGINT), which the NSA said last week was a “routine” transition “planned well before recent news articles”.

Shea as the SIGINT head was behind some of the most controversial mass surveillance programs disclosed by former NSA contractor Edward Snowden.

The shakeup followed a recent BuzzFeed report (below) on the financial interests of Shea and her husband James Shea. The latter was a contractor with a SIGINT “contracting and consulting” company – Telic Networks – registered to the couple’s home. He is also the vice president of another SIGINT contractor – DRS Signals Solutions – that “appears to do business with the NSA”. The sleuth Shea herself had also incorporated an “office and electronics” business at her home.

These headlines came hot on the heels of recent reports on former NSA director Keith Alexander, who had business dealings with potential conflicts of interest during and after his NSA reign in March. Furthermore, a recent Reuters report found Alexander also hired another top NSA official, chief technology officer Patrick Dowd, to work at his new cyber-security company when Dowd was still on NSA payroll.

Find out more from the following Buzzfeed report:

Exclusive: Shakeup At NSA After BuzzFeed News Reports On Potential Conflict Of Interest

Top National Security Agency official Teresa Shea is leaving her position after BuzzFeed News reported on her and her husband’s financial interests. The move comes as the NSA faces more questions about the business dealings of its former director Keith Alexander, and potential ethics conflicts. This post has been updated to include a response from the NSA.

posted on Oct. 24, 2014, at 12:28 p.m.

Aram Roston
BuzzFeed Staff

WASHINGTON — One of the nation’s top spies is leaving her position at the National Security Agency (NSA), a spokesman confirmed Friday, amid growing disclosures of possible conflicts of interest at the secretive agency.
The shakeup comes just a month after BuzzFeed News began reporting on the financial interests of the official, Teresa Shea, and her husband.

Shea was the director of signals intelligence, or SIGINT, which involves intercepting and decoding electronic communications via phones, email, chat, Skype, and radio. It’s widely considered the most important mission of the NSA, and includes some of the most controversial programs disclosed by former contractor Edward Snowden, including the mass domestic surveillance program.

The NSA provided a statement Friday that said Teresa Shea’s “transition” from the SIGINT director job was routine and “planned well before recent news articles.” The agency indicated she would remain employed, but did not provide specifics.

The Sheas did not respond to a message left at their home telephone number.

In September, BuzzFeed News reported that a SIGINT “contracting and consulting” company was registered at Shea’s house, even while she was the SIGINT director at NSA. The resident agent of the company, Telic Networks, was listed as James Shea, her husband.

Mr. Shea is also the vice president of a major SIGINT contractor that appears to do business with the NSA. The company, DRS Signals Solutions, is a subsidiary of DRS Technologies, which itself is a subsidiary of Italian-owned Finmeccanica SPA.

Last week BuzzFeed News also reported Shea herself had incorporated an “office and electronics” business at her house, and that the company owned a six-seat airplane and a condominium in the resort town of Hilton Head, South Carolina.

Over the past month, Teresa and James Shea haven’t returned phone calls, and the NSA has declined to comment about any specifics, beyond explaining how the agency tries to address conflict of interest issues in general, and to say that “the agency takes Federal ethics laws quite seriously.”

In April, Adm. Michael Rogers took over as director of the NSA, and it was expected he might shuffle staff. One intelligence source said Shea’s departure from her job appeared to be due in part to the “optics” of a top NSA official coming under scrutiny by the press for her and her husband’s business dealings. The other said the press disclosures may have nothing to do with her leaving.

In a statement Friday, NSA spokesman Michael Halbig said that “NSA considers regular rotations of senior leaders as a catalyst for achieving diverse, fresh perspectives on the nation’s critical national security challenges.”

He added that “We value her leadership as a senior leader and look forward to her continued contribution to the mission to help defend the nation.”

Since she would no longer be director of SIGINT, presumably potential conflicts stemming from her husband’s role as a SIGINT contractor, with a SIGINT company at their home, would be alleviated.

Shea, as SIGINT director, presided over most of the NSA operations disclosed by Snowden. The most controversial of those is the mass domestic surveillance program, under which the agency collects data on virtually every phone call Americans make, domestically or overseas, from a cell phone or a landline. But other operations included disclosures that calls by the leaders of foreign allies were intercepted, and that a vast amount of electronic communications were collected from American internet companies such as Google and Yahoo.

Last week, the NSA came under increasing pressure because of the business dealings of former director Keith Alexander, who left the agency in March.

Reuters disclosed that Alexander hired another top NSA official to work at his company, even while the scientist continued to work at the NSA. Reuters said the NSA had begun a review of the unusual agreement, under which NSA Chief Technology Officer Patrick Dowd was to work 20 hours a week at Alexander’s company, Ironnet Cybersecurity, while still working for the U.S. government.

This week, after the controversy erupted, the company said Dowd would no longer work there.

Shhh… FTC New Appointee Ashkan Soltani Irks NSA Top Guns

The US Federal Trade Commission announced last week the appointment of Ashkan Soltani as the FTC’s chief technologist starting November, where he would advise on technology and policy issues for the same agency where he had previously served as a technical expert and staff technologist.

But what made his appointment stands out was other aspects of his resume. Soltani is a renowned and outspoken security researcher and has served as a technical expert for several state attorney general. Most notably, he was recently involved in investigative journalism, as a media consultant at the Washington Post helping Barton Gellman and other reporters on the technical and security aspects of the Snowden documents – and sharing their 2014 Pulitzer Prize for Public Service – plus other spells at The Wall Street Journal and The New York Times.

His latest appointment has upset NSA top guns, drawing criticisms from former NSA director Michael Hayden (and CIA director from 2006 to 2009):

I’m not trying to demonize this fella, but he’s been working through criminally exposed documents and making decisions about making those documents public.

and former NSA general counsel Stewart Baker:

I don’t think anyone who justified or exploited Snowden’s breach of confidentiality obligations should be trusted to serve in government.

In the same report on these reactions, there’s an interesting reader’s comment:

Applesauce-Oath

Hayden and Baker seem to think they took a different oath: to protect the American people from “terrorists” at all costs. And maybe to profit from investing in surveillance companies“? See my earlier posts on Keith Alexander’s business ventures during and after his NSA tenure.

Shhh… Keith Alexander An Active Commodities Player At the NSA

Shhh-cretly last reported about former NSA director Keith Alexander and his private sector aspirations – when he sought in July as many as nine new patents for a computer security system he’s building at the private security firm he has co-founded, IronNet Cybersecurity, Inc., raising questions whether he was cashing in on classified information he has learned at the NSA where he has stepped down in March.

A new Foreign Policy report released Wednesday showed the former spymaster has moved his pawns on the chessboard much earlier – trading in commodities linked to China and Russia, two countries which the NSA was spying on intensely – to seize the acute advantage he enjoyed with his privileged access to highly classified information. A new class of insider trading?

“U.S. officials have long insisted that the information that intelligence agencies steal from foreign corporations and governments is only used to make political and strategic decisions and isn’t shared with U.S. companies. But whether that spying could benefit individual U.S. officials who are privy to the secrets being collected, and what mechanisms are in place to ensure officials don’t personally benefit from insider knowledge, haven’t been widely discussed,” according to the report.

In answering questions on his post NSA ventures back in August:

“If I retired from the Army as a brain surgeon, wouldn’t it be OK for me to go into private practice and make money doing brain surgery?” Alexander said. “I’m a cyber guy. Can’t I go to work and do cyber stuff?”

Now it would be interesting to hear what he has to say about his (undisclosed) commodities trading activities during his NSA tenure.

Here is the full report from Foreign Policy:

Why Was the NSA Chief Playing the Market?

Newly released documents show the NSA chief was investing his money in commodities so obscure that most financial pros stay away.

BY Shane Harris
OCTOBER 22, 2014

At the same time that he was running the United States’ biggest intelligence-gathering organization, former National Security Agency Director Keith Alexander owned and sold shares in commodities linked to China and Russia, two countries that the NSA was spying on heavily.

At the time, Alexander was a three-star general whose financial portfolio otherwise consisted almost entirely of run-of-the-mill mutual funds and a handful of technology stocks. Why he was engaged in commodities trades, including trades in one market that experts describe as being run by an opaque “cartel” that can befuddle even experienced professionals, remains unclear. When contacted, Alexander had no comment about his financial transactions, which are documented in recently released financial disclosure forms that he was required to file while in government. The NSA also had no comment.

Alexander’s stock trades were reviewed by a government ethics official who raised no red flags, and there are no indications the former spymaster did anything wrong. There are also no indications that the trades did much for Alexander’s personal wealth. Disclosure documents show that he earned “no reportable income” from the sale of commodity company stocks, meaning either that it was less than a few hundred dollars or that possibly he lost money on the deals.

Still, the trades raise questions about whether Alexander’s job gave him insights into corporations and markets that may have influenced his personal financial investments. The NSA, which Alexander ran for more than eight years, routinely spies on foreign governments and businesses, including in Russia and China, where the agency has attempted to gain insights into political decision-making, economic strategy, and the countries’ plans for acquiring natural resources.

The financial disclosure documents, which were released to investigative journalist Jason Leopold and published this month by Vice News, reveal nothing explicitly about why Alexander sold the shares when he did. On Jan. 7, 2008, Alexander sold previously purchased shares in the Potash Corp. of Saskatchewan, a Canadian firm that mines potash, a mineral typically used in fertilizer. The potash market is largely controlled by companies in Canada, as well as in Belarus and Russia. And China was, and is, one of the biggest consumers of the substance, using it to expand the country’s agricultural sector and produce higher crop yields.

“It’s a market that’s really odd, involving collusion, where companies essentially coordinate on prices and output,” said Craig Pirrong, a finance professor and commodities expert at the University of Houston’s Bauer College of Business. “Strange things happen in the potash market. It’s a closed market. Whenever you have Russians and Chinese being big players, a lot of stuff goes on in the shadows.”

On the same day he sold the potash company shares, Alexander also sold shares in the Aluminum Corp. of China Ltd., a state-owned company headquartered in Beijing and currently the world’s second-largest producer of aluminum. U.S. government investigators have indicated that the company, known as Chinalco, has received insider information about its American competitors from computer hackers working for the Chinese military. That hacker group has been under NSA surveillance for years, and the Justice Department in May indicted five of its members.

Alexander may have sold his potash company shares too soon. The company’s stock surged into the summer of that year, reaching a high in June 2008 of $76.70 per share, more than $30 higher than the price at which Alexander had sold his shares five months earlier.

He may also have dodged a bullet. Shares in the company plunged in the second half of 2008, amid turmoil in the broader potash market. In 2009, “the bottom fell out of the market,” Pirrong said. Alexander may not have made a lot of money, but he also didn’t lose his shirt.

That didn’t keep the intelligence chief out of the trading game. In October 2008, in the midst of the potash downturn, Alexander purchased shares in an American potash supplier, the Mosaic Company, based in Plymouth, Minnesota. It was a good time to buy: On the day of the purchase, the stock closed at $33.16, having plummeted from highs of more than $150 per share during the summer.

But inexplicably, Alexander sold the shares less than three months later, in January 2009. The stock had barely appreciated in value, and Alexander again disclosed “no reportable income.”

The timing of both the potash and aluminum sales in January 2008 is also intriguing for political reasons. In the spring of 2008, shortly after Alexander sold his positions, senior U.S. officials began to speak on the record for the first time about the threat of cyber-espionage posed by Russia and especially China. Public attention to the intelligence threat was higher than it had been in recent memory. The optics of the NSA director owning stock in a company that his own agency believed may have been receiving stolen information from the Chinese government would have been embarrassing, to say the least.

In May 2008, four months after Alexander sold the shares, Joel Brenner, who at the time was in charge of all counterintelligence for the U.S. government and had previously served as the NSA’s inspector general, gave an interview to me when I was with National Journal and accused China of stealing secrets from American companies “in volumes that are just staggering.” Brenner’s comments came just three months ahead of the opening of the 2008 Olympic Games in Beijing. He eventually went on national U.S. television to warn Americans attending the games that they were at risk of having their cell phones hacked.

U.S. officials at the time said that computer hackers in both China and Russia were routinely breaking into the computers of American businesses to steal proprietary information, such as trade secrets, business strategy documents, and pricing information. Eventually, Alexander himself went on to call state-sponsored cyber-espionage “the greatest transfer of wealth” in American history, blaming it for billions of dollars in losses by U.S. businesses and a loss of competitive advantage.

By 2009, Alexander held no more direct shares in any foreign companies, his records show. His financial transactions while in government apparently garnered no additional scrutiny beyond a standard review by ethics officials, who found no violations. Under official rules governing conflicts of interest, a government employee is prohibited from owning more than $15,000 in holdings of a company “directly involved in a matter to which you have been assigned.” For Alexander, spying on foreign governments and protecting the United States from cyber-espionage would seem to meet that criteria. But his records indicate that he never owned in excess of $15,000 in any foreign company.

The financial disclosure forms don’t say when Alexander bought his shares. Citing ethics rules, the NSA told Leopold that it was only required to release six years’ worth of information, leaving a gap between 2005, when Alexander started at the NSA, and 2008, the first year for which the agency released his financial information. But there’s nothing in the documents that states Alexander used a blind trust, suggesting that he either made the trading decisions himself or was aware of them if they were handled by a broker or advisor.

U.S. officials have long insisted that the information that intelligence agencies steal from foreign corporations and governments is only used to make political and strategic decisions and isn’t shared with U.S. companies. But whether that spying could benefit individual U.S. officials who are privy to the secrets being collected, and what mechanisms are in place to ensure officials don’t personally benefit from insider knowledge, haven’t been widely discussed.

Alexander has arguably blurred the lines between his private interests and public obligations before. In July, Foreign Policy reported that he had filed patents for what he described in an interview as a “unique” approach to detecting malicious hackers and intruders on computer networks. But that technology was directly informed by the years Alexander spent at the NSA and as the head of U.S. Cyber Command, when he was responsible for detecting cyber-intrusions on military and intelligence agency computer networks.

“There is no easy black-and-white answer to this,” Scott Felder, a partner with the law firm Wiley Rein in Washington, said at the time, adding that it’s not uncommon for government employees to be granted patents to their inventions.

But another of Alexander’s business deals has also raised questions about whether he continues to benefit from classified information and access to top players at his old agency.

In an employment deal that prompted an internal investigation at the NSA and inquiries from Capitol Hill, Alexander arranged for the agency’s chief technology officer, Patrick Dowd, to work part time for a new cybersecurity consulting firm that Alexander started this year after leaving the NSA and retiring from the Army with a fourth star. Experts said the public-private setup was highly unusual and possibly unprecedented.

Reuters revealed the arrangement last week, and on Tuesday, Oct. 21, with pressure building from lawmakers to investigate, Alexander said that he was severing the relationship with Dowd. “While we understand we did everything right, I think there’s still enough issues out there that create problems for Dr. Dowd, for NSA, for my company,” Alexander told Reuters when explaining why he scuttled the deal. Alexander’s company, IronNet Cybersecurity, is based in Washington, and he has said he might charge clients as much as $1 million per month for his expertise and insights into cybersecurity.

Shhh… Tim Cook in China to Discuss Data Protection & iCloud Hacks

Apple CEO Tim Cook tweeted his photo Wednesday during a China “road trip” where he visited Foxconn and also met Chinese vice premier Ma Kai in Beijing to discuss recent targeted attacks on iCloud originating from the country – The activist group GreatFire.org has reportedly alleged Chinese government involvement.

Meanwhile, Apple has published a guide on how one can verify the authenticity of the iCloud website in Safari, Chrome and Firefox.

Shhh… Udo Ulfkotte: CIA Used Journalists to Push for War in Russia

Udo Ulfkotte, a former editor of German newspaper Frankfurter Allgemeine Zeitung, told Russia Today (RT) that he had worked for the CIA and he’s not alone – most so-called journalists in America and Europe are on “non-official cover” to run stories aimed to manipulate readers and create propaganda against Russia.

“The German and American media tries to bring war to the people in Europe, to bring war to Russia,” he said.

Shhh… FBI's Comey Hints Action Against Apple & Google Over Encryption

The FBI director James Comey has been busy making his rounds pressurizing the Congress to force Apple and Google to do away with their new default smartphone encryption.

“Perhaps it’s time to suggest that the post-Snowden pendulum has swung too far in one direction — in a direction of fear and mistrust,” Comey reportedly told the Brookings Institution in a speech last week, where he hinted that the administration might consider new laws and regulations to force companies to offer the government some ways to unlock personal data stored on the phones, such as photos, videos, emails, messages and contacts list “so that those of us in law enforcement, national security and public safety can continue to do the job you have entrusted us to do, in the way you would want us to.”

Here are some video clips to amplify his views on the subject:

Shhh… Sandworm Team Turned Microsoft Windows Flaw into Russian Cyber-espionage Campaign

http://www.npr.org/v2/?i=356167086&m=356177255&t=audio

A group of hackers known as the “Sandworm Team”, allegedly from Russia, has found a fundamental flaw in Microsoft Windows (a zero-day vulnerability impacting all supported versions of Microsoft Windows and Windows Server 2008 and 2012) and turned it into a Russian cyber-espionage campaign targeting NATO, European Union, telecommunications and energy sectors – by pulling emails and documents off computers from NATO, Ukrainian government groups, Western European government officials, and also the energy sector and telecommunications firms, according to new research from iSight Partners, a Dallas-based cybersecurity firm.

iSIGHT_Partners_sandworm_timeline_13oct2014

Photo credit: iSight Partners.

Shhh… Privacy: Tor Guide on Browsing Anonymously

Here’s an interesting chart on how to use Tor to browse the web anonymously:

TorInfographics

The Tor Project is a free software and an open network that shields your online identity and thus helps you maintain privacy by defending against network surveillance:

But Tor can still be compromised and multiple layers of security is recommended:

Shhh… Top 10 Flashlight Apps Major Privacy Breach & Windfall for CyberCriminals

“I think this is bigger than Ebola right now because 500 million people are infected and they don’t know it. But it’s not them, it’s their smartphone,” said Gary Miliefsky, CEO of SnoopWall, a counterveillance software company focused on helping consumers and enterprises protect their privacy on all of their computing devices including smartphones, tablets and laptops.

“The top 10 flashlight apps today that you can download from the Google Play Store are all malware. They’re malicious, they’re spying, they’re snooping and they’re stealing.”

The personal data stolen from our smartphones – including contacts, emails, messages, bank account details, photos, video, etc – are then sold to cybercriminals in 3 countries: China, India and Russia, according to Miliefsky, a founding member of the US Department of Homeland Security who has advised two White House Administrations on cybersecurity matters.

More information below from SnoopWall press release:

SnoopWall-PR1

SnoopWall-PR2

SnoopWall-PR3

SnoopWall-PR4

SnoopWall-PR5

SnoopWall-PR6

Shhh… Dropbox Hacked?

Dropbox reportedly “appears” to have been hacked after anonymous hackers claimed to have compromised some 7 million accounts with several hundreds of usernames and passwords leaked in plain text so far, and with full leak promised if they received donations to their bitcoin address.

Dropbox, however, has denied claims of any data breach:

“Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.”

Advice: Change your password immediately. And just like the recent iCloud hack, think hard before you post anything personal and confidential online.

Shhh… Japan's "Forget" Ruling on Google

The Tokyo District Court ordered Google Japan last Thursday to follow Europe’s recent “right to be forgotten” ruling and remove the search results of a Japanese man’s past relations with a criminal organization following his complaint of violation into his privacy.

According to the judge preceding the case, some of the Google results “infringe personal rights” and had harmed the plaintiff.

The European Court of Justice ruled in May that anyone living in the European Union and Europeans living outside the region could ask search engines to remove links if they believed the online contents breached their right to privacy and are “inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed.”

But despite the uproar and headlines in the aftermath, the dirty little secret is that nothing has really changed. What Google has effectively done is to remove results from name search of those names approved to be deleted but only on its European websites. The same results remain on the Google US homepage and all its non-European sites.

Furthermore, Google is only removing the results but not the links. Its European sites may have deleted the results for a search on a specific name but a search for the same name accompanied by other key words may still churn out the same results.

In an earlier Shhh-cretly column, I explained with examples why there is a limit on the extent of privacy and any attempt to manually and selectively remove the Google search contents, successful or otherwise, is like playing God.

Shhh… Snowden Attacks UK's “Anything Goes” Privacy Intrusions

In his first UK public appearance via satellite link from Moscow at the Observer Ideas festival on Sunday, Edward Snowden warned that British spy agencies are using digital technology to conduct mass population surveillance without any checks and balances at all and thus overreaching and encroaching on privacy rights in a way that he characterized as even worse than the US NSA had managed.

Shhh… NSA Disguised as Facebook Servers

The National Security Agency has been disguising itself as Facebook servers in order to gain access to the computers of intelligence targets, according to a new report by The Intercept:

“In one man-on-the-side technique, codenamed QUANTUMHAND, the agency disguises itself as a fake Facebook server. When a target attempts to log in to the social media site, the NSA transmits malicious data packets that trick the target’s computer into thinking they are being sent from the real Facebook. By concealing its malware within what looks like an ordinary Facebook page, the NSA is able to hack into the targeted computer and covertly siphon out data from its hard drive.”

http://video-api.wsj.com/api-video/player/iframe.html?guid=7461F51E-CA36-44CC-9973-D2BD20524647

Shhh… Laura Poitras' Documentary "CitizenFour" on Snowden Revelation to be Released

Mark your calendar. The 24th of October has been set for the official release of “Citizenfour”, a long anticipated ground-breaking documentary by Laura Poitras, premiered at the New York Film Festival on Friday night, which reveals a behind-the-scene and intimate portrait of Edward Snowden and his leak of NSA documents as it unfolded at the Mira hotel in Hong Kong last year.

citizenfour_poster

Poitras and former Guardian columnist Glenn Greenwald flew from New York to Hong Kong early June 2013 to meet Snowden for the first time. This documentary captures minute by minute their tense initial encounters and the many days of questioning, cross-examining and waiting for the Guardian greenlight to their explosive exposé that changed the world to this day.

Shhh-cretly to Feature in "Citizen B": A Documentary on Surveillance & Privacy

Shhh-cretly was interviewed by renowned and award-winning director Werner Boote, who was in Hong Kong with his Austrian crew this week to film Citizen B, a 90-minute documentary on surveillance and privacy to be released in 2015.

IMG_20141009_161005

IMG_20141009_161920

CitizenB

CitizenB2

Shhh… The Government Can Legally Set Up A Fake Facebook In Your Name Without Your Knowledge?

Here’s an interesting story from BuzzFeed about a “little-noticed” court ruling from the US Justice Department – that the government has the right to impersonate someone’s identity, create a phony Facebook account in that person’s name, post racy photos found on that person’s seized phone – all without that person’s knowledge – in order to reach out to suspected criminals.

The world is still coming to grips with the snooping of personal information by the NSA, GCHQ and the likes in this post-Snowden era. But to commandeer one’s identity, without one’s knowledge, to catch criminals (or terrorists for that matter)? Has that gone too far, endangering one’s life?

(Btw check out this article on how to detect fake Facebook profiles.)

Government Set Up A Fake Facebook Page In This Woman’s Name

A DEA agent commandeered a woman’s identity, created a phony Facebook account in her name, and posted racy photos he found on her seized cell phone. The government said he had the right to do that.

Chris Hamby BuzzFeed Staff
Posted on Oct. 7, 2014, at 7:16 a.m.

The Justice Department is claiming, in a little-noticed court filing, that a federal agent had the right to impersonate a young woman online by creating a Facebook page in her name without her knowledge. Government lawyers also are defending the agent’s right to scour the woman’s seized cellphone and to post photographs — including racy pictures of her and even one of her young son and niece — to the phony social media account, which the agent was using to communicate with suspected criminals.

The woman, Sondra Arquiett, who then went by the name Sondra Prince, first learned her identity had been commandeered in 2010 when a friend asked about the pictures she was posting on her Facebook page. There she was, for anyone with an account to see — posing on the hood of a BMW, legs spread, or, in another, wearing only skimpy attire. She was surprised; she hadn’t even set up a Facebook page.

BuzzFeed-DEA1

The account was actually set up by U.S. Drug Enforcement Administration special agent Timothy Sinnigen.

Not long before, law enforcement officers had arrested Arquiett, alleging she was part of a drug ring. A judge, weighing evidence that the single mom was a bit player who accepted responsibility, ultimately sentenced Arquiett to probation. But while she was awaiting trial, Sinnigen created the fake Facebook page using Arquiett’s real name, posted photos from her seized cell phone, and communicated with at least one wanted fugitive — all without her knowledge.

The Justice Department’s headquarters in Washington, D.C., referred all questions to the DEA, which then declined to answer questions and, in turn, referred inquiries to the local U.S. attorney’s office in Albany, New York. That office did not respond to multiple requests for an interview.

A Facebook spokesman declined to comment on the case. The site’s “Community Standards” say, “Claiming to be another person, creating a false presence for an organization, or creating multiple accounts undermines community and violates Facebook’s terms.” The spokesman said there is no exception to this policy for law enforcement.

Meanwhile, the bogus Facebook page remains accessible to the public, BuzzFeed News found.

Leading privacy experts told BuzzFeed News they found the case disturbing. “It reeks of misrepresentation, fraud, and invasion of privacy,” said Anita L. Allen, a professor at University of Pennsylvania Law School.

The experts also agreed that the case raises novel legal and ethical questions. There is a long tradition of deceptive practices by police that are legal, they noted. For example, officers assume a false identity to go undercover. “What’s different here,” said Ryan Calo, a professor at the University of Washington School of Law, is that the agent assumed the identity of a real person without her explicit consent.

“The technologies we have now are enabling all sorts of new uses,” said Neil Richards, a professor at the Washington University School of Law. “There are a whole bunch of new things that are possible, and we don’t have rules for them yet.”

BuzzFeed-DEA2

The DEA’s actions might never have come to light if Arquiett, now 28, hadn’t sued Sinnigen, accusing him in federal district court in Syracuse, New York, of violating her privacy and placing her in danger.

In a court filing, a U.S. attorney acknowledges that, unbeknownst to Arquiett, Sinnigen created the fake Facebook account, posed as her, posted photos, sent a friend request to a fugitive, accepted other friend requests, and used the account “for a legitimate law enforcement purpose.”

The government’s response lays out an argument justifying Sinnigen’s actions: “Defendants admit that Plaintiff did not give express permission for the use of photographs contained on her phone on an undercover Facebook page, but state the Plaintiff implicitly consented by granting access to the information stored in her cell phone and by consenting to the use of that information to aid in an ongoing criminal investigations [sic].”

That argument is problematic, according to privacy experts. “I may allow someone to come into my home and search,” said Allen, of the University of Pennsylvania, “but that doesn’t mean they can take the photos from my coffee table and post them online.”

“I cannot imagine she thought that this would be a use that she consented to,” the University of Washington’s Calo said.

“That’s a dangerous expansion of the idea of consent, particularly given the amount of information on people’s cell phones,” said Elizabeth Joh, a professor at the University of California, Davis, School of Law.

The government’s court filing confirms that Sinnigen posted a photo of Arquiett “wearing either a two-piece bathing suit or a bra and underwear,” but denies “the characterization of the photograph as suggestive.”

This picture is no longer on the Facebook page, but others are. An album called “Sosa,” her nickname, shows her in a strapless shirt and large hoop earrings or, in another, lying face-down on the hood of the BMW, legs kicked up behind her. “At least I still have this car!” reads a comment supposedly posted by her.

BuzzFeed-DEA3

The DOJ also acknowledges that Sinnigen posted photos of Arquiett’s son and niece, who were then clearly young children.

BuzzFeed-DEA4

Arquiett’s current attorneys declined requests to interview her. But court documents tell much of her story.

She was arrested in July 2010 and accused of participating in a conspiracy to distribute cocaine, an offense that could carry up to a life sentence. She pled guilty in February 2011, and, in a court filing, federal prosecutors recommended a reduced sentence, noting that she was not a significant player in the conspiracy and had promptly accepted responsibility.

Arquiett grew up in Watertown, New York, according to a motion on sentencing by her attorney in her criminal case. Her father was imprisoned when she was an infant. Her mother was an alcoholic and drug user, and her stepfather abused both Arquiett and her mother.

By 2008, Arquiett was dating Jermaine Branford, who authorities believed to be the head of a drug trafficking ring, the criminal complaint against Arquiett says. He also physically abused her, according to the sentencing motion her lawyer filed.

The government accused Arquiett of allowing Branford and his associates to process and store cocaine in her apartment and helping them contact other members of the drug ring and arrange transactions. Branford later pled guilty in federal court to conspiracy to distribute cocaine and received a sentence of almost 16 years.

Arquiett’s lawyer argued that Branford and his crew took advantage of her vulnerabilities. “To her, because they ‘took care’ of her, she considered them like family,” attorney Kimberly Zimmer wrote. “In fact, they preyed upon and used her.”

Arquiett, Zimmer wrote, wasn’t paid like other members of the drug ring, just given money on occasion to buy gas or other items. “At the time, although she knew that her co-defendants were distributing drugs and that she was helping them to do so, she considered the things that she did for Branford and the other co-defendants as ‘favors,’ ” Zimmer wrote.

Zimmer also noted Sinnigen’s actions. “Ms. Arquiett never intended for any of the pictures on her phone to be displayed publicly, let alone on Facebook, which has more than 800 million active users,” she wrote in the motion addressing sentencing. “More disturbing than the fact that the DEA Agents posted a picture of her in her underwear and bra is the fact that the DEA agents posted a picture of her young son and young niece in connection with that Facebook account, which the DEA agents later claim was used for legitimate law enforcement purposes, that is, to have contact with individuals involved in narcotics distribution.”

Taking all of this into account, a judge sentenced Arquiett to five years of probation, including six months of weekend incarceration and six months of home detention. This March, a probation officer certified that she had complied with the terms of her sentence and terminated her probation.

Shhh… iCloud Hack Victims to Sue Google for $100 million

Photo credit: http://www.pitstopmedia.com/

Hollywood lawyer Marty Singer, of Los Angeles-based law firm Lavely & Singer, has written to Google chairman Eric Schmidt and founders Larry Page and Sergey Brin threatening to sue Google for US$100 million if the US search giant failed to remove the naked photos of their clients that were recently hacked and posted online.

Their clients include a dozen of Hollywood celebrities like Kate Upton, Amber Heard, Rihanna, Jennifer Lawrence, Ariana Grande and Cara Delevingne whose nude photos have been hacked and distributed online after hackers took advantage of a flaw in Apple’s password recovery system to gain access to their iCloud accounts.

Singer has accused Google of “blatantly unethical behavior” – as takedown requests were sent to the company days after the photos were leaked but those images remained on YouTube and blogs – and its failure “to act expeditiously, and responsibly to remove the images, but in knowingly accommodating, facilitating, and perpetuating the unlawful conduct. Google is making millions and profiting from the victimization of women”.

“The seriousness of this matter cannot be overstated. If Google continues to thumb its nose at my clients’ rights – and continues to both allow and facilitates the further victimization of these women – and disregards the demands of this letter, it does so at its own peril,” according to the letter (see below).

Google is no stranger to takedown requests.

A landmark ruling that originated from a Spanish court has led the European Court of Justice to rule last May that anyone living in the European Union and Europeans living outside the region could ask search engines to remove links if they believed the online contents breached their right to privacy and are “inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed”.

Following this controversial European “right to be forgotten” ruling, Google has started removing results from its search engine since late June.

Hacked celebrities threaten to sue

https://www.scribd.com/embeds/241694649/content?start_page=1&view_mode=scroll&show_recommendations=true

Shhh… MI6 New M is (Alex) Younger

Career intelligence officer Alex Younger is the new chief of MI6 Secret Intelligence Service (SIS), according to the British Foreign and Commonwealth Office (FCO) Friday.

The 51-year old Younger is now the new “M”, popularized in James Bond movies but otherwise known as “C” after the first head Sir George Mansfield Smith-Cumming, replacing Sir John Sawers who is stepping down after 5 years as chief of the country’s spy agency. The appointment is a sign of continuity of policy and strategy as Younger has served as the right-hand man for Sawers.

Younger has oversaw the agency’s worldwide intelligence operations the past 2 years. He had overseas postings in Europe and the Middle East and was the senior SIS officer in Afghanistan. He also led MI6’s work on counter-terrorism in the run up to the London Olympic Games 2012, according to the FCO.

The SIS, commonly known as MI6 (Military Intelligence, Section 6), is the British intelligence agency that supplies foreign intelligence to the British government. It was founded in 1909 and currently employs around 3,200 people with its headquarters in Vauxhall Cross, central London.

Shhh… Phone Apps Disguised to Spy on Hong Kong Protesters

With the widespread use of social media during the week-long protests in Hong Kong, including attempts to find phone apps capable of defying potential shutdown of the power grid, this story from The Associated Press below (Credits to The Associated Press) is a timely stern reminder:

The Associated Press
Published: October 2, 2014

HONG KONG — The Chinese government might be using smartphone apps to spy on pro-democracy protesters in Hong Kong, a U.S. security firm said.

The applications are disguised as tools created by activists, said the firm, Lacoon Mobile Security. It said that once downloaded, they give an outsider access to the phone’s address book, call logs and other information.

The identities of victims and details of the servers used “lead us to believe that the Chinese government are behind the attack,” said a Lacoon statement.

China is, along with the United States and Russia, regarded as a leader in cyber warfare research. Security experts say China is a leading source of hacking attacks aimed at foreign governments and companies to computers in China.

The Chinese government has denied engaging in cyberspying and says China is among the biggest victims of hacking attacks.

Lacoon said it found two similar “malicious, fake” apps that appeared to be related. One targets phones that run Apple Inc.’s iOS operating system; the other is meant for phones using Google Inc.’s Android system.

The “very advanced software,” known as an mRAT, or multidimensional requirements analysis tool, “is undoubtedly being backed by a nation state,” the company said. Lacoon said it was calling the software Xsser.

“The Xsser mRAT represents a fundamental shift by nation-state cybercriminals from compromising traditional PC systems to targeting mobile devices,” the company said.

Such “cross-platform attacks” that target both Apple and Android phones are rare, which adds to signs a government is involved, Lacoon said. It said the app might be the first spyware for iOS created by a Chinese government entity.

In May, U.S. prosecutors charged five Chinese military officers with cyberspying and stealing trade secrets from major American companies. A security firm, Mandiant, said last year it traced attacks on American and other companies to a military unit in Shanghai.

Shhh… The Guardian Bagged An Emmy

Congratulations to The Guardian for winning an Emmy award in New York Tuesday night for its groundbreaking coverage on the Snowden revelations.

The multimedia interactive feature NSA Decoded by The Guardian emerged the winner in the new approaches: current news category at the news and documentary Emmy awards.

The interactive coverage, which includes interviews and discussions with key players like journalist Glenn Greenwald, former NSA employees, senators and members of US congress, helps the audience understand the facts and implications of Edward Snowden’s disclosures last year about the NSA’s mass surveillance program.

The Guardian has also won in April, along with the Washington Post, the Pulitzer prize for public service for their groundbreaking coverage of the Snowden revelations.