Tag Archives: Fourth Amendment

State Surveillance Cannot Save Us From Mass Violence

160614001532-07-orlando-attack-vigil-0613-exlarge-169 (1)

After the appalling deaths of 49 people, and injuries to another 53, at a gay nightclub in Orlando this week, the presidential candidates leapt to push their own agendas. For Trump, it was about immigration; he magically transformed the US-born shooter into an Afghan, in order to emphasize that he was right about banning Muslim immigration. For Clinton, it was about gun control; she called for better background checks and limits on obtaining assault weapons. But when it came to surveillance, they might as well have been singing from the same hymn-sheet.

Clinton called for an “intelligence surge,” for increased internet surveillance and suppression of First Amendment-protected speech, to prevent “radicalization”; for propaganda promoting a US-government-seal-of-approval version of Islam; praised a “Countering Violent Extremism” (CVE) program that marks for intervention Muslims whose politics deviate from what the FBI thinks acceptable; and suggested that people on due-process-free terrorism watchlists should not be allowed to buy guns. Then, she wrapped her actual policy proposals in a cotton-wool language of diversity and inclusion, and claimed that this is not “special surveillance on our fellow Americans because of their religion.” She talked about “Islamism” rather than “Islam”, in order to claim to not be against Islam in itself—but in her world, the government gets to define who is a good and who is a bad Muslim. Perhaps the “bad Muslims” in her mind include citizens like Ayyub Abdul-Alim, imprisoned for refusing to inform on other Muslims for the FBI, who seems only have wanted to help strengthen his community; or Tarek Mehanna, imprisoned for translating al-Qaeda documents and posting them online, who held atrocious opinions but never planned or participated in a violent attack.

Trump, with a little less cotton-wool, actually says much the same about surveillance. Domestically, the “Muslim community” will “have to cooperate with law enforcement and turn in the people who they know are bad”, which is what CVE is intended to achieve, and what Mr. Abdul-Alim is in prison for resisting. Trump proposes an “intelligence gathering system second to none” that “includes better cooperation between state, local and federal officials,” and says that intelligence and law enforcement are “not being allowed to do their job.” And he wraps this up with vehement expressions of solidarity with the LGBT community.

There’s no evidence that mass surveillance, conducted and promoted by the government, works. In every country that is hit with any attack, large or small, there are calls for more surveillance, then more attacks, then more surveillance, then more attacks. It’s a vicious ratchet that we can only step off by becoming aware of it. France implemented its mass surveillance law before the Paris attacks: The law didn’t prevent them. France now lives under a state of near-martial law, where what we would call ordinary First and Fourth Amendment rights have been suspended. Britain is in the process of passing a new surveillance law that will enable the government to view your browsing history without a warrant, and already outlawed “glorifying terrorism.” They have gone farther along this ratchet than we have, but they are not reducing their chance of being attacked; instead, the purpose is to reduce the chance that a given politician will be blamed for “not doing enough” against terrorism. In truth, there is no perfect safety, and there is a small proportion of violent criminals in every country that the State is ultimately powerless to eliminate.

Our own mass surveillance systems led this “lone wolf” to be found and interviewed by the FBI, twice. But neither Clinton nor Trump articulate clearly what they thought the FBI should have done next, perhaps because there’s nothing more the FBI could lawfully have done regarding allegations of terrorist affiliation. If the aim of surveillance is for the FBI to interview suspected “radicals,” what should they do then to prevent an entirely hypothetical attack? Preventively detain them, without charge or trial, as happened to Jose Padilla? Preventively shoot them before they kill anyone else, as happened with Usaama Rahim? Do we want a State that, claiming to keep us safe, claims the right to do that to any of us? We are already part-way down that road; has it helped us so far?

State surveillance cannot save us from mass violence. It’s a poor guarantor of LGBT people’s safety. The sad truth is that there is a tendency to violence in every human being’s heart, irrespective of religion. Guns help violent people carry out their violent fantasies on a larger scale, and while comprehensive background checks wouldn’t have helped with this attack, the evidence suggests that they would probably help to prevent others. Mass surveillance doesn’t even enjoy that evidentiary advantage; last time the surveillance agencies were actually confronted on their assertion that mass surveillance had helped to prevent terrorist attacks, during the debate over the renewal of Section 215 of the PATRIOT Act, the agencies’ claims shriveled under scrutiny like an ice-cream in the sun.

More than that, the State perpetrates mass violence on a scale much vaster than a single violent, conflicted misogynist. On a daily basis, the lives the State takes in the name of the War on Terror far exceed the number of lives taken by terrorists. We’re busy implementing a cure that causes more pain than the disease, because the State does not value enough or see enough glory in a more peaceful path. Why, then, should we trust the State with more power over the lives of Muslims and other “extremists,” here or abroad?

Instead of the State, we should look to each other. We should consider how we can build bonds of friendship and support that will encourage kindness, courtesy, and an appreciation of our mutual humanity. As we volunteer together, worship together, take care of loved ones together, work on good causes and reach out across lines of race and religion to those in distress, we step by step build the thriving “beloved community” of which Martin Luther King spoke long ago, so that even when attacks happen, they cannot break our bonds to one another. And so long as we work to trust one another, we can guard safely our thoughts, our opinions, and our liberties, even against a State that urges us constantly, for the sake of “safety,” to abandon them.

Belgian Police Overwhelmed By…Mass Surveillance?


Buzzfeed’s Mitch Prothero reported on the day of the Brussels attacks that “Belgian Authorities [Are] Overwhelmed By Terror Investigations“. He quotes a “Belgian counterterrorism official”, talking prior to the attacks, as having told him that:

[D]ue to the small size of the Belgian government and the huge numbers of open investigations — into Belgian citizens suspected of either joining ISIS, being part of radical groups in Belgium, and the ongoing investigations into last November’s attacks in Paris, which appeared to be at least partially planned in Brussels and saw the participation of several Belgian citizens and residents — virtually every police detective and military intelligence officer in the country was focused on international jihadi investigations. “We just don’t have the people to watch anything else and, frankly, we don’t have the infrastructure to properly investigate or monitor hundreds of individuals suspected of terror links, as well as pursue the hundreds of open files and investigations we have,” the official, who spoke on condition of anonymity because he was not authorized to speak to the media, said. “It’s literally an impossible situation and, honestly, it’s very grave.”

This icorroborates a major part of this blog – and our group’s – analysis of the surveillance state: That it generates so many false leads that it drowns law enforcement in data they can’t reasonably analyze or follow up on.

As a comparison, consider this comment from Michael Downing, deputy LAPD police chief and head of their counterterrorism unit, in 2012:

“[suspicious activity reporting has] flooded fusion centers, law enforcement, and other security entities with white noise; [the profusion of SAR reports] complicates the intelligence process and distorts resource allocation and deployment decisions.”

Read More →

Rein In The Warrior Cops: State House, Tuesday March 8, 10:30am


Last year, across the country, over 1,100 people were shot by police.

In Massachusetts, we pride ourselves as being somehow different and more sophisticated than the rest of the country, but our police still shoot people at sixteen times the rate of people in Germany.

We have a situation so absurd that the police chief of the tiny town of Rehoboth can apply for, and receive, a $700,000 mine-resistant military assault vehicle, and the town doesn’t even bat an eye. They didn’t hold hearings, they didn’t take a vote, they just left it up to the police to decide how much to turn themselves into a military occupying force in that town.

Our police are trained, through initiatives like Urban Shield, to think of themselves as quasi-military, and the people as their enemies.

None of this is good enough.

This morning, Tuesday March 8, there will be a hearing at the State House on our bill to help deal with this, H. 2169. Come make your voice heard; head below the fold for the background.

H. 2169, “An Act assuring municipal control of military equipment procurement by local law enforcement”, sponsored by Rep. Denise Provost
Press Release
Digital Fourth’s Testimony to the Committee

Read More →

State House Police Reform Showdown 10am 2/4: Be There!


Tomorrow (Thursday, February 4), at 10am, the Massachusetts legislature’s Joint Committee on Public Safety will be holding a public hearing on all of the bills for the 2015-16 session that deal with police accountability, including Digital Fourth’s bill mandating bodycams and data collection on police stops. Join our gallant volunteers Sam T., Shekia S., Chris L., Jason L. and Robert C., in trying to make a difference; if you can make it, let us know and we can help you with your testimony!

The bills under consideration mostly propose improved training for police officers in de-escalation techniques, “emotional CPR”, and dealing with people with autism and mental illness. These are good things, but police training in departmental procedure alone can’t be the answer. Most police stops and shootings occur with police officers acting within the guidelines set by their departments; the problem is that those guidelines themselves can be very broad, and there’s essentially no accountability even if those guidelines are violated. If we’re going to get to a point where police officers routinely respect the constitutional rights of the people they stop on the street, there’s going to have to be meaningful accountability. Some officers should be deprived of their badges; some should be deprived of their liberty; and until that happens much more than it does now, we’ll keep seeing the parade of horrifying police shootings that cost over 1,100 members of the public their lives last year in the US.

Sign up at the Facebook event page
Read our Press Release
See all of the bills up for consideration

UPDATE: Here’s our testimony for the hearing.

Go Smart, Not Broad: A Constitutional Response To Violent Attacks


A former Middle East advisor to President Obama, Steven Simon, suggested in Saturday’s New York Times that the administration’s response to the Paris attacks was likely to include “Tighter border controls, more intensive surveillance in the U.S. and more outreach to local communities in the hope that extremists will be fingered by their friends and family. And a tightening of already intimate cooperation with European intelligence agencies.”

These proposals, if adopted, would be immensely counterproductive, and here’s why.

First, tighter border controls are irrelevant to this attack. It appears that all of the attackers so far identified, were EU citizens; none were refugees from Syria.

Second, France already had a draconian mass surveillance law, which came into effect at the beginning of October. It didn’t work to thwart these attacks. The reason is the “false positives” problem. Any system employing demographics, metadata, or past behavior, inevitably sweeps up a vast majority of innocent people, and diverts police and intelligence resources towards ruling them out. This LA Times study of “pre-crime” efforts to prevent violent crimes by US Army soldiers added every variable they could, and still, for every 15 people who did in fact commit violence in a given year in their set of suspects, 985 did not. Similarly, before the Boston Marathon attacks, the FBI had flagged Tamarlen Tsarnaev for interview; but they interview hundreds of flagged people every week, and have no way of knowing which among them will actually commit an attack. So, it appears that six weeks before the attacks, France’s intelligence agencies snowed themselves under with an ocean of false positives, and weren’t able to detect among that traffic the communications that were suspicious. They can’t be faulted for not being able to do so; it’s mathematically impossible. All mass surveillance allows is what’s happening now, which is to be able to go back into the system and see what you missed.

Third, Muslim and black communities were already under very heavy pressure in France, and are already under very heavy pressure here from the FBI, through its “Countering Violent Extremism” program, to “finger friends and family”. CVE uses models of radicalization with no solid academic basis to identify people as potentially radical simply because they have changed their dietary habits or become more devout about their religion. To make their numbers, the FBI has even resorted, in case after case, to creating their own terrorists out of young, poor, and mentally unstable young men, using confidential informants to lead them through every stage of devising a plot till they do something the FBI can arrest them for. We don’t need more of that either.

Fourth, when it comes to “more intimate cooperation” with European intelligence agencies, the fact is that such cooperation is already “intimate” – so intimate that the British systematically tap Internet traffic and hand us the contents; so intimate that we share “raw take” intelligence with Israeli security services; so intimate that the German intelligence agency helped the NSA spy on Europe’s top politicians in exchange for access to the latest in surveillance wizardry. Short of actually being in bed with one another, there’s no more “intimacy” to be had – and it still isn’t working.

This kind of mass surveillance is not working to thwart attacks. But in four important ways, it does work. Mass surveillance intimidates citizens in their ordinary conversations and activities of life. It allows bigoted politicians to curry favor with their base, and coast on a wave of anti-Muslim suspicion. It brings great profits to the private security firms smart enough to fill their cup at the never-failing spigot of federal counterterrorism funding. And it makes the general public feel that Something Is Being Done, convincing them to trade more of their rights away for a little temporary safety.

Last, if we react in this particular way, it also serves the ends of the violent criminals who committed this attack. Lacking resources themselves to wage war, they seek to provoke a backlash that will garner them support among the peaceful Muslim majority. Back in the day, the IRA posed as the defenders of the rights of peaceful Northern Irish Catholics against foreign oppression; today, the Islamic State poses as the defenders of the rights of peaceful Muslims against foreign oppression. A governmental backlash against Muslims in general will merely bolster their propaganda: See? We told you they’re out to get you! Come join us!

Instead, we should use the Constitution to solve the false positives problem. The Fourth Amendment bars mass surveillance, requiring, before surveillance is conducted, a warrant based on individualized probable cause of involvement in actual criminal activity. Imagine that, instead of having a “TIDE” terrorist database with 750,000+ names on it, it were limited to a maximum of one thousand, but that the one thousand were each investigated thoroughly on the basis of actual evidence. The surveillance agencies would waste a lot less time chasing fruitless leads, building data centers, or shoveling money to software vendors to try to solve this insoluble problem.

Foreign policy and economic solutions are beyond our remit, but it should be obvious that in order to drain the Islamic State of support, we have to provide those fleeing its rule with a credible chance at a better life. At the bare minimum, we should let them know that if they come to our country, they will be treated justly, not kept constantly under watch even if innocent of any crime.

MA, Feds Behind The Curve on Warrants for Email Searches

Back in the days of DEC and Wang Computer, there was serious doubt whether California’s Route 101 or Massachusetts’ Route 128 would be at the forefront of the digital economy. My aunt immigrated to Massachusetts to stake out her part of the new digital frontier. And round about that time, when I was seven years old, is also the last time Congress passed an email privacy bill. Called the “Electronic Communications Privacy Act“, by now it might as well be called the “Ordinance Describing Rules Regarding the Transportation of Speedy Telegrams Via Means Faster Than The Horse” for all the good it does. Among other ridiculously outdated provisions, it treated holding onto your emails for more than six months as a crazy-expensive thing only crazy people would ever do, so emails older than that are considered “abandoned” like your curbside trash. Law enforcement therefore don’t need to get a warrant to search it.

Fast-forward to now, and a federal bill to solve this, the Email Privacy Act, now has more than 300 sponsors in the House. That would be more than enough to pass it if it got to the floor, and is more cosponsors than any other bill still being held up in committee. It’s being held up essentially because the SEC and FTC want a free hand to not get warrants:

In a hearing before the Senate Judiciary Committee, representatives of the SEC and FTC claimed that other other types of court orders provide a comparable standard to a warrant based on probable cause. Nothing could be further from the truth. A search warrant – the standard in the constitution – allows access to information only when there is a strong likelihood it will show evidence of criminal violations of the law. That is a high standard that applies only in a narrow class of cases. By contrast the SEC and FTC are seeking access to email whenever it is relevant to civil violations of the law – such as mistakenly filling out a tax form. That is a low standard which applies in many cases. This rule would then apply to every agency – from the IRS to the local health inspector. Agencies shouldn’t be able to highjack reform to seek a digital power grab,” said Chris Calabrese, Vice President for Policy at the Center for Democracy & Technology (CDT)

In reaction to these roadblocks, organizers at the state level, including our fellow chapters of Restore The 4th – SF Bay Area and Restore The 4th- LA, have advocated for stronger state privacy laws, and in California, they just succeeded in passing Cal-ECPA, the strongest email privacy law in the nation.

In Massachusetts, our path to Warrant Protection for Email City has resembled so far, far more the federal path than the one California just chose. Last session, a bill was reported out favorably from committee, and got dropped only on the last day of the session, amid the usual flurry of the close of business. It just came up again at this week’s Judiciary Hearing, the ACLU testified on it, and we support it too. But California has now lit the path for us to follow, and it will matter greatly whether we follow it. Massachusetts residents should not enjoy lesser protections for their emails than California residents, any more than the Sox deserve to lose to the Giants.

MA Senate Maj. Leader Strongly Opposes Fusion Centers. So Do We.

In its October 7 hearing on “Protected Classes. Privacy, and Data Collection Legislation”, the Massachusetts legislature heard impassioned testimony on the fusion centers from Senate Majority Leader Sen. Harriette Chandler. She argued that they represent an illegitimate intrusion of federal surveillance into our everyday lives.

The fusion centers gather a vast array of data on law-abiding Massachusetts residents whom they believe to have been behaving “suspiciously” in some lawful way. This violates the Fourth Amendment, and is also bad policy. Right now, as far as we have been able to determine, no external body ever evaluates the accuracy or appropriateness of the data the fusion centers hold. DHS evaluates them every five years to certify their adherence to DHS procedures for fusion centers; the fusion centers self-certify annually that they are ramping up according to plan, and that they respect privacy and civil liberties. (They give themselves full marks, naturally). That’s it.

We too dislike the fusion centers, and also see them as sinisterly ensnaring Massachusetts residents in a web of surveillance. To us, the question is not so much whether we as a state should regulate the fusion centers, but whether we should fire all their employees, blow up their buildings, and then salt the earth beneath them as a mark of horror for future generations. Still, still, we love that there is a fusion center reform bill, and we warmly support it.

Our five-year vision for the Massachusetts fusion centers differs sharply from theirs.

The bill’s provisions make good, if incremental, sense. They require the fusion centers to audit themselves annually to determine whether they have investigations open that shouldn’t be, and make the report of that a public record; they empower an inspector-general to conduct outside audits; and they specify some metrics whereby the fusion centers can determine how well they are respecting people’s privacy. These are important first steps toward establishing whether anything that the fusion centers do, actually does the rest of us any good; and will prepare the ground better for us to have discussions in future years about closing them entirely.

How Much Does The Press Care About Race and Policing?


On October 7, the Joint Committee on the Judiciary of the Massachusetts legislature held a marathon hearing on “Protected Classes. Privacy, and Data Collection Legislation”.

To be fair, Boston.com and the Boston Herald both reproduced an AP wire report from Steven LeBlanc that there was a hearing. But the AP mentioned only the part of the agenda dealing with a bill to ban transgender discrimination in places of public accommodation.

I’m not going to argue that transgender rights aren’t important. They matter a lot. But it’s astounding that, in a year when race and policing have been, you know, kind of in the news, only the Bay State Banner gave decent coverage to the fact that the vast majority of the bills considered at the hearing were about police, profiling, warrants and race. In the Boston Globe’s “Politics” section, they had room for two fawning profiles of elected Democrats (Attorney-General Maura Healey has “indefatigable drive and charisma“, and House Speaker Bob DeLeo has a “slimmed-down and healthier” look), but race and policing didn’t get a look in this time.

So this is what happened regarding racial profiling.

Read More →

No Secret Laws: Ninth Circuit Weakens Secrecy Surrounding “National Security Letters”

Parts of the opinion were particularly pithy.

Parts of the opinion were particularly pithy.

When the USA FREEDOM Act passed on June 2, we criticized it as weak-tea reform that codified rather than changing surveillance agency practices. It’s still weak-tea reform that codified agency practices, but it has also now led to a new and valuable ruling on the infamous practice of “national security letters” (NSLs).

NSLs are issued by the FBI, mostly to companies, and ask them for information on their users. They originated in the late 1970s, but at that time the FBI couldn’t require compliance; enforcement mechanisms were added only in the late 1990s, after the Aldrich Ames spy scandal. The PATRIOT Act of 2001 loosened the rules, allowing, among other changes, NSLs to be issued without the specific approval of the FBI Director or Assistant Director. NSL use exploded from 8,500 in 2000 to 56,504 in 2004 and still runs at a rate of above 21,000 per year. NSL recipients are barred from discussing whether they have received them or what the NSL asks for. Companies aren’t even allowed under law to state that they have not received any NSLs. The argument the government has repeatedly made is that allowing companies to say this, would encourage terrorists to use those companies and not others; but this attitude also leaves the average privacy-conscious consumer in the same soup as the “terrorist.”

Until now, with a new ruling from the Ninth Circuit.

Read More →

Wikileaks Hacking Team Emails Implicate NJ Fusion Center


This week, Wikileaks released a searchable database of over a million internal emails from an Italian outfit called HackingTeam, which sells surveillance and hacking tools to dubious dictatorships around the world. Their software offerings include simple keyloggers all the way up to dragnet internet surveillance software.

I was willing to lay money that our friendly neighborhood fusion centers, the state-and-DHS-funded arms of the surveillance state, would be mixed up with HackingTeam somewhere. Looks like I win that bet.

Email #2640 shows the setup of a presentation from HackingTeam to the New Jersey fusion center’s most senior people, which apparently went ahead on November 1, 2013. The meeting was a success; by January, email #255362 shows that the fusion center was “interested in deploying” HackingTeam’s product. The subject line “DaVinci” shows what software is involved; “DaVinci” is the brand name for HackingTeam’s “remote control system” that promises to “break encryption and allow law enforcement agencies to monitor encrypted files and emails, Skype and other Voice over IP or chat communication […] It allows identification of the target’s location and relationships. It can also remotely activate microphones and cameras on a computer and works worldwide.” DaVinci has infamously been used by Middle Eastern governments to spy on Arab Spring activists.

It appears that the senior NJROIC figures were “excited about its capabilities.” I’ll bet they were.

The emails don’t go on to show whether NJROIC actually implemented DaVinci. Whether or not they did, it’s reasonable to deduce that NJROIC has a strong interest in being able to subvert NJ residents’ communications privacy. Reached for comment, an NJROIC spokesman was at pains to state that everything they do is under the guidance of the Attorney-General, conforms to applicable laws, and involves obtaining court orders and warrants as appropriate, but would not be drawn on the hypothetical question of whether encryption-subversion software would be treated as requiring a warrant.

Subverting encryption is, to an extent, a natural part of the arms race between users on one side, and the government and criminal hackers on the other. But if it’s done without the procedural safeguards embodied in the Fourth Amendment – safeguards that third-party firms like HackingTeam appear willing gleefully to ignore in pursuit of juicy contracts – it opens all of our communications to the government’s unsleeping eye, whether we try to encrypt them or not. The government should steer well away from this kind of “offensive cybersecurity”, and focus on keeping its elderly, hole-filled networks secure instead of exploring new ways to weaken yours and mine.

%d bloggers like this: