Don’t Worry: Area Counter-Terrorism Center Laser-Focused on Bicycling Cellphone Thief

Cellphone_Theft

If you like your mass surveillance steak sauced in a Keystone Kops level of organizational dysfunction, the Boston Regional Intelligence Center, or BRIC, could be your dream meal.

This story comes via a former Emmanuel College student, who received a BRIC “intelligence bulletin” to all students regarding a man stealing cell phones on his bicycle in the Fenway area (see below). Is it upsetting to have your cellphone stolen by an environmentally conscious thief? Yes. Is it at a level of criminality that warrants shoveling tens of millions of our dollars towards a gee-whiz high-tech surveillance center to gather information on all Massachusetts residents? Uh, probably not. Tell me again when we signed up for that?

Far from focusing on intelligence related to terrorism, in practice, the BRIC concentrates almost exclusively on criminal activity unrelated to any conceivable notion of what “terrorism” actually is. The truth is that the risk we face from terrorism is extremely low, but the continued existence of the BRIC, of 77 other “fusion centers” around the country, of the Department of Homeland Security itself, and of a whole ecosystem of security grifting companies, depends on taxpayers not working that out. So, to keep themselves going, BRIC has to use surveillance to disrupt a broad array of minimally criminal or even entirely non-criminal activity, and redefine that activity as much as possible as being terrorism. We have to be told, repeatedly, that the wolf is at the door, that things are getting worse, and that mass surveillance will actually help make things better. Here at Digital Fourth, we call this the “Bureaucratic Counterterrorism Imperative.”

With that in mind, here are the results of our latest Public Records Act request to the BRIC, which documents for the first time that BRIC does get data from intelligence agency sources.

Read More →

MA, Feds Behind The Curve on Warrants for Email Searches

Back in the days of DEC and Wang Computer, there was serious doubt whether California’s Route 101 or Massachusetts’ Route 128 would be at the forefront of the digital economy. My aunt immigrated to Massachusetts to stake out her part of the new digital frontier. And round about that time, when I was seven years old, is also the last time Congress passed an email privacy bill. Called the “Electronic Communications Privacy Act“, by now it might as well be called the “Ordinance Describing Rules Regarding the Transportation of Speedy Telegrams Via Means Faster Than The Horse” for all the good it does. Among other ridiculously outdated provisions, it treated holding onto your emails for more than six months as a crazy-expensive thing only crazy people would ever do, so emails older than that are considered “abandoned” like your curbside trash. Law enforcement therefore don’t need to get a warrant to search it.

Fast-forward to now, and a federal bill to solve this, the Email Privacy Act, now has more than 300 sponsors in the House. That would be more than enough to pass it if it got to the floor, and is more cosponsors than any other bill still being held up in committee. It’s being held up essentially because the SEC and FTC want a free hand to not get warrants:

In a hearing before the Senate Judiciary Committee, representatives of the SEC and FTC claimed that other other types of court orders provide a comparable standard to a warrant based on probable cause. Nothing could be further from the truth. A search warrant – the standard in the constitution – allows access to information only when there is a strong likelihood it will show evidence of criminal violations of the law. That is a high standard that applies only in a narrow class of cases. By contrast the SEC and FTC are seeking access to email whenever it is relevant to civil violations of the law – such as mistakenly filling out a tax form. That is a low standard which applies in many cases. This rule would then apply to every agency – from the IRS to the local health inspector. Agencies shouldn’t be able to highjack reform to seek a digital power grab,” said Chris Calabrese, Vice President for Policy at the Center for Democracy & Technology (CDT)

In reaction to these roadblocks, organizers at the state level, including our fellow chapters of Restore The 4th – SF Bay Area and Restore The 4th- LA, have advocated for stronger state privacy laws, and in California, they just succeeded in passing Cal-ECPA, the strongest email privacy law in the nation.

In Massachusetts, our path to Warrant Protection for Email City has resembled so far, far more the federal path than the one California just chose. Last session, a bill was reported out favorably from committee, and got dropped only on the last day of the session, amid the usual flurry of the close of business. It just came up again at this week’s Judiciary Hearing, the ACLU testified on it, and we support it too. But California has now lit the path for us to follow, and it will matter greatly whether we follow it. Massachusetts residents should not enjoy lesser protections for their emails than California residents, any more than the Sox deserve to lose to the Giants.

MA Senate Maj. Leader Strongly Opposes Fusion Centers. So Do We.

In its October 7 hearing on “Protected Classes. Privacy, and Data Collection Legislation”, the Massachusetts legislature heard impassioned testimony on the fusion centers from Senate Majority Leader Sen. Harriette Chandler. She argued that they represent an illegitimate intrusion of federal surveillance into our everyday lives.

The fusion centers gather a vast array of data on law-abiding Massachusetts residents whom they believe to have been behaving “suspiciously” in some lawful way. This violates the Fourth Amendment, and is also bad policy. Right now, as far as we have been able to determine, no external body ever evaluates the accuracy or appropriateness of the data the fusion centers hold. DHS evaluates them every five years to certify their adherence to DHS procedures for fusion centers; the fusion centers self-certify annually that they are ramping up according to plan, and that they respect privacy and civil liberties. (They give themselves full marks, naturally). That’s it.

We too dislike the fusion centers, and also see them as sinisterly ensnaring Massachusetts residents in a web of surveillance. To us, the question is not so much whether we as a state should regulate the fusion centers, but whether we should fire all their employees, blow up their buildings, and then salt the earth beneath them as a mark of horror for future generations. Still, still, we love that there is a fusion center reform bill, and we warmly support it.

Our five-year vision for the Massachusetts fusion centers differs sharply from theirs.

The bill’s provisions make good, if incremental, sense. They require the fusion centers to audit themselves annually to determine whether they have investigations open that shouldn’t be, and make the report of that a public record; they empower an inspector-general to conduct outside audits; and they specify some metrics whereby the fusion centers can determine how well they are respecting people’s privacy. These are important first steps toward establishing whether anything that the fusion centers do, actually does the rest of us any good; and will prepare the ground better for us to have discussions in future years about closing them entirely.

How Much Does The Press Care About Race and Policing?

racial-profiling

On October 7, the Joint Committee on the Judiciary of the Massachusetts legislature held a marathon hearing on “Protected Classes. Privacy, and Data Collection Legislation”.

To be fair, Boston.com and the Boston Herald both reproduced an AP wire report from Steven LeBlanc that there was a hearing. But the AP mentioned only the part of the agenda dealing with a bill to ban transgender discrimination in places of public accommodation.

I’m not going to argue that transgender rights aren’t important. They matter a lot. But it’s astounding that, in a year when race and policing have been, you know, kind of in the news, only the Bay State Banner gave decent coverage to the fact that the vast majority of the bills considered at the hearing were about police, profiling, warrants and race. In the Boston Globe’s “Politics” section, they had room for two fawning profiles of elected Democrats (Attorney-General Maura Healey has “indefatigable drive and charisma“, and House Speaker Bob DeLeo has a “slimmed-down and healthier” look), but race and policing didn’t get a look in this time.

So this is what happened regarding racial profiling.

Read More →

Boston Fusion Center Trying to Sneak Millions of $ More Into House Budget

jackson-fire

Those sneaky folks over at the Boston Regional Intelligence Center decided that we weren’t shoveling enough tax dollars towards their hard work of spying on protesters, harassing Twitter bloviators, and serving as a praetorian guard for major corporate interests. To remedy this injustice, they got the House to approve over two million dollars in extra funding for “technology and protocol upgrades” as part of H. 3773.

8000-1001 For the Boston Regional Intelligence Center to upgrade, expand, and integrate technology and protocols related to anti-terrorism, anti-crime, anti-gang, and emergency response; provided that intelligence developed shall be shared with the BRIC communities and other State municipal and federal agencies as necessary; provided further, that BRIC shall provide technology required to access the intelligence with its municipal partners, the State police, the MBTA, the Mass Port Authority, and appropriate federal agencies to assure maximum interagency collaboration for public safety and homeland security………………………………………………………………………..$2,250,000

It should be clear to everyone that there should not be an endless spigot of tax dollars going to fund counter-terrorism when we already vastly overspend on counter-terrorism, or to fund vaguely-worded “anti-crime and anti-gang” initiatives when crime is approaching historic lows. The Senate hasn’t passed its supplemental budget yet, so we’re asking Senators not to include this language.

If you, like us, feel uneasy about no-strings-attached funding going to your local spy center, please consider giving your state Senator a call; there’s a tool here for finding out who they are.

No Secret Laws: Ninth Circuit Weakens Secrecy Surrounding “National Security Letters”

Parts of the opinion were particularly pithy.

Parts of the opinion were particularly pithy.

When the USA FREEDOM Act passed on June 2, we criticized it as weak-tea reform that codified rather than changing surveillance agency practices. It’s still weak-tea reform that codified agency practices, but it has also now led to a new and valuable ruling on the infamous practice of “national security letters” (NSLs).

NSLs are issued by the FBI, mostly to companies, and ask them for information on their users. They originated in the late 1970s, but at that time the FBI couldn’t require compliance; enforcement mechanisms were added only in the late 1990s, after the Aldrich Ames spy scandal. The PATRIOT Act of 2001 loosened the rules, allowing, among other changes, NSLs to be issued without the specific approval of the FBI Director or Assistant Director. NSL use exploded from 8,500 in 2000 to 56,504 in 2004 and still runs at a rate of above 21,000 per year. NSL recipients are barred from discussing whether they have received them or what the NSL asks for. Companies aren’t even allowed under law to state that they have not received any NSLs. The argument the government has repeatedly made is that allowing companies to say this, would encourage terrorists to use those companies and not others; but this attitude also leaves the average privacy-conscious consumer in the same soup as the “terrorist.”

Until now, with a new ruling from the Ninth Circuit.

Read More →

Bodycams Delay Will Cost About Four Lives In Boston Per Year

Another kid’s DNA for our database!

Commissioner Evans of the Boston PD came before the Boston City Council last week to counter activists’ arguments that adopting an ordinance mandating police body-worn cameras would decrease police uses of force and complaints. His favored alternative solutions were (1) more ice-cream socials, because Boston is a “model” city for community policing; (2) delay, because more research is needed on whether they would work in Boston; and (3) in a sit-down interview with the Boston Herald, calling for laws requiring citizens filming police to keep their distance and for them to help police subdue suspects.

We’ll get to the ice-cream socials in a minute, shall we?

Read More →

Zen and the Art of Cybersecurity

data-retention-zen

In the hothouse of Congress, members have been sweating over the need to do something – anything – about “cybersecurity.” They were under pressure from the administration, the intelligence services, and the tech industry. But the latest news is that the Republican majority will be turning, in the few days left before the recess, from the contentious highways bill to a bill to defund Planned Parenthood, likely shifting the previously-catastrophically-urgent cybersecurity crisis through to the fall. So Congress, like my seven-year-olds in school assembly, can take a few deep breaths and imagine that they can smell a flower.

The truth is, there never was a “cybersecurity crisis.” Companies are already legally allowed to share information on hacking attempts with the government, and they usually do. This debate is not really about making US companies or the US government more secure; it’s about putting more of your information, that you have voluntarily shared with US companies, into the government’s hands, without companies being liable for violating their privacy policies for sharing personally identifiable information. All proposals on the table in Congress would immunize companies from suit in this way. In this sense, it would be perfectly all right for Congress to do nothing.

Nevertheless, there is a cybersecurity problem that is worth trying to solve. The government is not a good custodian of our data. Its networks are often poorly secured and vulnerable to outside intrusion. In the surveillance arena, there are now over five million people with security clearances, who are in a position to leak sensitive information. Cultivating a more disciplined approach to network protection and data retention would seem to be a good idea. That’s where the principle above comes in.

In this spirit, let’s calmly reflect on what a bill dealing with this real problem would look like.

Read More →

Your Police Dept May Spy On You “For Situational Awareness”

report-suspicious-activity

“Fusion centers” are intelligence-aggregation operations, created after the 9/11 Commission found that, had agencies (namely the FBI and CIA) engaged in more free and open sharing of information, the terrorist attacks could have been prevented. (The laws in 2001 permitted sharing that would have prevented the attacks; but the agencies were overly cautious about sharing data out of turf concerns.)

There are now at least 78 fusion centers dispersed throughout the United States. They claim to focus mostly on collecting intelligence of activity that may have a “nexus” to terrorism, but also criminal activity more broadly. But they operate in almost total darkness, with virtually no transparency. The little we do know suggests that fusion centers neither prevent terrorist acts nor respect First Amendment rights to free speech and free association.

The Intercept reported last week on the fusion centers’ targeting of Black Lives Matter protests, but there are also many other examples, going back to the fusion centers’ founding. The ACLU of Massachusetts found that the Boston Regional Intelligence Center — one of two fusion centers in the Bay State — was spying on antiwar groups; the Austin Regional Intelligence Center was caught monitoring peaceful animal rights activists protesting a circus (I reported on this for MuckRock); and a fusion center in Nebraska — the Nebraska Information Analysis Center — has a special network focusing on activists opposing the Keystone XL pipeline. They justify such activities by claiming that they are monitoring “for situational awareness”, and that this doesn’t constitute surveillance. In fact, that’s exactly what surveillance is; “For Your Situational Awareness” is military jargon for obtaining the intelligence needed to make appropriate battlefield decisions.

Given the lack of sunlight surrounding the everyday activities of the dozens of fusion centers throughout the country, we decided we want to find out more. Naturally, we filed a public records request. We wanted to find out where our other local fusion center — the Commonwealth Fusion Center run by the Massachusetts State Police — gets their intelligence; who has authorized access to their databases; whether any errors in their databases have been discovered; and what kind of information the CFC has on myself and Alex Marthews, the national chair of Restore the Fourth.

Here is what we found:

Read More →

Secretive “JTTF” Group Inspires Terror Plot In Western MA

jttf

Imagine this story. “A shadowy group referred to in the press as “the JTTF” has claimed responsibility for a planned attack on a college cafeteria. Aspiring martyr Alex Ciccolo, 23, of North Adams, MA, apparently fell under the influence of this group over a year ago. The JTTF has over one hundred cells located all over the country.

This is not the first time the JTTF has claimed responsibility for fomenting fear in our nation’s cities. It has a pattern of recruiting vulnerable, mentally ill young men, often playing on their religious feelings to incite them into criminal attacks on their fellow Americans.”

This reads like an absurd fiction, but it’s actually a fairly accurate description of the work done by the FBI’s Joint Terrorism Task Force on the recently announced Ciccolo case and in many other similar cases over the years.

First, to the facts. On July 14, it was announced that Alexander Ciccolo, 23, of North Adams, MA, had been arrested on July 4 for felony possession of four firearms previously used in interstate commerce. It was a felony because he had previously been convicted of a DUI in February of this year. The firearms had been delivered to him by a confidential FBI informant being paid by the FBI’s Western Massachusetts JTTF.

A supporting affidavit alleges, based on the testimony of a paid confidential informant, that Ciccolo intended to attack targets such as “college cafeterias”, maybe in Massachusetts and maybe elsewhere, and had expressed support for ISIS; and that Molotov cocktails, jihadist materials, and terror attack planning materials were found at his home. The FBI says they were tipped off by Ciccolo’s father, a police captain, that Ciccolo has had a history of mental illness and had been interested in Islam for about a year. The Western Mass Joint Terrorism Task Force took on the task of surveilling Ciccolo, and found a Facebook profile associated with him, which expressed an interest in martyrdom. It appears that the JTTF then arranged for a confidential informant to meet with Ciccolo and gain his trust. Wiretapped conversations then suggest that Ciccolo “spoke about his plans to travel to another state to conduct terrorist attacks on civilians, members of the U.S. military and law enforcement personnel”, a plan which later developed into a desire to attack an unspecified college cafeteria. Ciccolo bought a pressure cooker on July 3, and then was furnished with the guns by the confidential informant on July 4.

This case is worth probing because, horrifying as Ciccolo’s intentions may have been – we can all be glad that no such attack took place – it raises important questions about how counter-terrorism work is done in America today.

Read More →

%d bloggers like this: