Brindle

We've been discussing how law enforcement organizations have started ramping up their war on the Google-owned, traffic info crowdsourcing app, Waze, in the belief that it's hindering local revenue generation. More specifically, they've been trying to stop the app and its users from reporting police speed trap locations, going so far as to make the absurd argument that the app allows citizens to become police "stalkers." Of course as noted previously, these officers are usually in plain sight and obviously marked, meaning if you really had an insane hankering to annoy a cop you can certainly do it without an app. It's also worth reminding officers that Waze users are simply having a perfectly legal conversation (just like flashing headlights or even holding up signs is legal), at least for now.

With the "mean old citizens are stalking us" defense apparently not working so well, some law enforcement agencies are turning to another, more clever (or so they think) solution: pollute Waze's data with false police speed trap locations. Officers in Miami have apparently taken to downloading the Waze app themselves just so they can flood the app with inaccurate data:

"Hundreds of officers in the Miami area have downloaded the app, which lets users provide real-time traffic information and identify areas where police are conducting speed enforcement. The local NBC affiliate says the officers are flooding Waze with false information on their activity in an attempt to make the app's information less useful to drivers. Disclosing the location of police officers "puts us at risk, puts the public at risk, because it's going to cause more deadly encounters between law enforcement and suspects," Sgt. Javier Ortiz, president of the Miami Fraternal Order of Police, tells the news outlet."

This was apparently something some Los Angeles homeowners tried as well late last year, when they reported false congestion to the app in the hopes of lessening local traffic load. Of course the very nature of crowd-sourced apps like this involves repeated false reports and unreliable users being weeded out not only by the system itself, but by more trustworthy reports from reliable Waze users with higher scores. Even if this dumb idea worked, and all Miami Waze users were confused into thinking speed traps were everywhere, wouldn't they drive slower and ruin revenue generation (what this is really about) anyway?

All the Miami police force is doing is wasting time and taxpayer money in a war on perfectly legal conversation. In fact, you could argue they're doing something worse by eroding their own safety. As it stands the Waze app isn't specifically singling out speed traps -- it allows users to mark any police location. As in, it allows users to mark any emergency vehicle at the side of the road for any reason, notifying Waze users that they should slow down. If this was truly about public safety and not revenue generation, you'd think this would at least be part of the conversation.

Still, law enforcement associations are increasing pressure on politicians (like Chuck Schumer), and Google's shown at least some flexibility on this. For me personally, it's all kind of a moot point anyway. I drove from New York to Seattle and back again last summer and found that police move positions so frequently, Waze probably indicated an accurate speed trap location around a third of the time anyway. Still, you'd hate to see any app made less useful just because it hurts a police department's ability to turn public protection into a major revenue stream.

Permalink | Comments | Email This Story

A new senate report reveals that most modern cars are vulnerable to hacking and that the industry is not even close to having a grasp on what to do about it.

The post Senate Report Slams Automakers for Leaving Cars Vulnerable to Hackers appeared first on WIRED.

This is probably both the saddest and most shocking thing you’ll read today. A 16-year-old teen was murdered last week by a classmate. The reasoning is unknown at the moment, but it’s what the murderer did immediately following the heinous crime that has us more puzzled: he took a selfie with the victim and sent it out through Snapchat.

That’s the story Pittsburgh police delivered to the Tribune-Review. The killer thought it a good idea to publicize what he’d done, and considering Snapchat deletes photos “forever” after they’ve been viewed he probably figured he wouldn’t be caught. What he didn’t know is that it’s ridiculously easy to save images sent through Snapchat, and it’s that very reason police were able to track him down so easily.

If that weren’t enough, anyone who’s bothered to read through Snapchat’s terms of use and privacy policy knows they don’t immediately delete the files from their server if it hasn’t been viewed by every recipient:

Delete is our default. That means that most messages sent through our Services will be automatically deleted once they have been viewed or have expired. But—and this is important—you should understand that users who see your messages can always save them, either by taking a screenshot or by using some other image-capture technology (whether that be software or even something as old-fashioned as a camera to take a photo of your device’s screen). If we’re able to detect that a recipient took a screenshot of a message you sent, we’ll try to notify you. But the same common sense that applies to the Internet at large applies to Snapchat as well: Don’t send messages that you wouldn’t want someone to save or share.

In most cases, once we detect that all recipients have viewed a message, we automatically delete it from our servers. And again in most cases, the Services are programmed to delete the message from the recipients’ device as well.

The terms go on to list other cases where they won’t immediately delete a photo, such as if you save it as part of a “Snapchat Story” or if you allow people to view a snap more than once. It sounds like police could have just as easily requested the info from Snapchat if someone didn’t think to save the photo.

A warrant to search his home turned up a hidden 9mm pistol that seemed to match a 9mm bullet casing found at the murder scene, though ballistics have yet to confirm it as the murder weapon. There’s no problem on that front, though, considering the teen admitted to the crime. We suppose it’d be pretty hard to deny having anything to do with the dead body you foolishly took a selfie with.,

You have to be pretty sick to not only murder someone, but also to take an image with the body to glorify the action. That, or you’re just plum dumb. Either way, thank you for making it easy to pin you to a cell for the rest of your life to make sure you don’t do it again.

[via The Verge]

Scientists may say that brakes save lives, but virtually every car-wreck co-occurs with panicked braking -- did you know that in the old days, cars didn't have brakes? Read the rest

The nanny-state arms race marches on, apparently. Whereas the previous intersection of overbearing government and technology has resulted in politicians attempting to ban the use of headphones while walking across the street, governments introducing all manner of silly policies in the name of "protecting the children", and even municipalities attempting to run psy-ops on citizens to keep them from smoking, Taiwan appears to be taking an even more direct approach with plans to fine the parents of children the government has deemed spend too much time with electronics.

Under rules passed last Friday by Taiwanese politicians, children under the age of two should be completely banned from using electronic devices, Xinhua, China's official news agency reported. Meanwhile under-18s should not be allowed to "constantly use electronic products for a period of time that is not reasonable". It means electronic products are now listed alongside cigarettes and alcohol as potentially dangerous vices.

And you can see their point, assuming you're a crazy person. Because electronics are tools primarily of communication and productivity, even if they're also used for entertainment, and government intrusion on young people's ability to communicate, learn, and be entertained is so far removed from alcohol and tobacco that one wonders how the argument was made with a straight face to begin with. The prospective "too much time" part of this legal equation has yet to be ironed out, but the brainchild for the law is, shall we say, more than slightly aggressive on the topic.

The new regulation is the brainchild of Lu Shiow-yen, a Taiwanese member of parliament who said his intention was to protect young people by stopping them using electronic devices for more than 30 minutes at a time. Parents who break the rules can be hit with fines of up to about £1,000 although it remains unclear how authorities will determine what amount of time is unreasonable.

There's a million reasons why this is stupid, but I'll boil it down to one specific reason: baseball. Baseball is huge in Taiwan. Baseball is enjoyed primarily on television and streaming electronic devices. And baseball, for all its wonderful aspects, takes roughly as much time as it takes for a mountain to form in the Nebraska prairie. Thirty-minute stretches of time as a limit effectively outlaws youngsters watching baseball. Put in that context, and really any other context, these sorts of artificial limitations on the electronics that dominate our lives (in a good way) are ludicrous.

Expect either the backlash here to be huge, or the law to go largely ignored. Either way, this is a political non-starter.

Permalink | Comments | Email This Story

This is a beautiful time-lapse of an acorn sprouting into a teensy oak tree over the course of eight months. The film was made by Neil Bromhall, who created a special underground set so the acorn could be seen while it germinated. FACTOID: I sneezed on the bus this morning and germinated the guy's hair sitting in front of me.

The acorn was collected in September and filmed in an underground set using a 2 hour interval between exposures. The acorn split soon after it was planted and continued to split during the winter months. In January the first sign of root growing could be seen followed in February by the emergence of shoot. In March the shoot broke through the soil surface. The leaves formed between March and April. This is an example of hypogeal germination.

Remember: the greatest oak was once a little nut that held its ground. I remember seeing that on a motivational poster once. It had a picture of this giant oak tree on it, and I thought to myself, My god what I wouldn't give to fall out of that tree and break my arm. Maybe both of them. Think of all the sympathy I'll get at school. Keep going for the video. Thanks to Lizzy, who agrees somebody should make it their life's work to do this for every single kind of seed.

Guess who's eavesdropping on you now? It's not some nefarious government agency (although, rest assured, there has been no downturn in surveillance). Nope, it's that smart TV you paid good money for and invited into your home.

The "now" is misleading. Smart TVs have been doing this ever since manufacturers decided customers preferred to order their electronics around orally, rather than using the remote they can never find. And that's just the "eavesdropping" part. Most smart TVs are harvesting plenty of data on top of that, including viewing habits, search terms, browsing history… pretty much anything that makes a TV "smart" is collected and transmitted not just to the manufacturer, but to plenty of unknown third parties. Usually, this information is used to send "relevant ads" to TV owners, as if the several hundred dollars spent on the device wasn't enough of a revenue stream.

Samsung -- which is currently catching a lot of internet heat for its so-called "Privacy Policy" -- is no exception. It's the wording used that's making it the target du jour, turning other recent privacy policy villains (LG: "agree to share damn near everything or enjoy your super-expensive 'stupid' TV"; Microsoft: "why don't we just treat your living room like a movie theater and use our camera technology to count heads and charge increased VOD 'admission'") into distant memories.

Under "Voice recognition," Samsung's privacy policy says this:

To provide you the Voice Recognition feature, some voice commands may be transmitted (along with information about your device, including device identifiers) to a third-party service that converts speech to text or to the extent necessary to provide the Voice Recognition features to you. In addition, Samsung may collect and your device may capture voice commands and associated texts so that we can provide you with Voice Recognition features and evaluate and improve the features. Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.

Obviously, some very temporary "collection" and "transmission" needs to take place to allow a third party service to "recognize" the user's voice and ensure the smart TV does what it's told. But Samsung also collects and captures these communications... and it doesn't really say how, where or for how long these are stored.

The EFF's Parker Higgins noted that Samsung's voice recognition policy sounds eerily like the description of "telescreens" from George Orwell's really-not-supposed-to-be-a-blueprint-for-the-future 1984.

Left: Samsung SmartTV privacy policy, warning users not to discuss personal info in front of their TV Right: 1984 pic.twitter.com/osywjYKV3W

— Parker Higgins (@xor) February 8, 2015

Compare Samsung's wording...

Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition.

with Orwell's:

The telescreen received and transmitted simultaneously. Any sound that Winston made, above the level of a very low whisper, would be picked up by it, moreover, so long as he remained within the field of vision which the metal plaque commanded, he could be seen as well as heard. There was of course no way of knowing whether you were being watched at any given moment…

You had to live--did live, from habit that became instinct--in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.

Fun stuff. The only thing missing from the scenario is a government intermediary. But it's not much a stretch to insert one.

It could certainly be construed that any personal communications collected and stored by Samsung would fall under the Third Party Doctrine. If a government agency (local law enforcement, FBI, etc.) wishes to acquire these, they wouldn't face much of a challenge because of the lowered expectation of privacy. If Suspect X is viewed carrying a Samsung smart TV into his home, law enforcement could issue a subpoena to Samsung to acquire any voice recordings it had collected from that device. Eavesdropping by proxy. Discuss a drug deal in front of the TV? Here come the cops. No warrants or wiretaps needed.

This hypothetical would require law enforcement to know the device's ID number, something that would be hard to obtain without an actual search warrant. In the most likely scenario, the voice recognition data would be collected after a regular search had been completed. Now, previous conversations people thought no one heard could be introduced as evidence against them, thanks to the widescreen narc installed on the premises.

Here's a hypothetical that's even more "fun" to consider: a law enforcement agency is aware certain smart TVs collect and store voice recordings (along with viewing habits, internet browsing history, search terms, etc.) So, officers kick off a gun amnesty program where unregistered weapons can be turned in for free big screen TVs. Now, this law enforcement agency has a small army of hi-def confidential informants installed in numerous homes. All data can be collected at the agency's convenience, using little more than the "unregistered guns must belong solely to criminals" rationale.

But Samsung isn't the only device manufacturer collecting, storing and transmitting its customers' everyday conversations. Others do it, too. Some just hide it better. In LG's 50+ pages of smart TV fine print, it says the following about voice recognition:

I agree that LG Electronics Inc. ("LGE") may process Voice Information in the manner set out in the Privacy Policy and below.

Voice Information refers to the recording of voice commands and associated data, such as information about the input device that is used to record commands (e.g., Magic Remote or built-in microphone), OS information, TV model information, content provider, channel information and service results.

I understand and agree that Voice Information may be use for the purpose of powering the voice activation feature when used to control, receive, and improve LG Smart TV Services and as described in the Privacy Policy.

I further understand and agree that LGE may share Voice Information with third parties, including providers of voice analytics.

I understand and agree that Voice Information may be transferred to, and used by, third party service providers on LGE's behalf in various countries around the world (including Korea), some of which may not offer the same level of data protection, for the purposes set out in the Privacy Policy.

And there's your Third Party Doctrine. All anyone arguing for the right to subpoena voice information has to do is point to the User Agreement as clear evidence that the person in question is voluntarily turning over voice recordings to a third party. And away goes the expectation of privacy.

We don't expect our devices to send overheard conversations to anyone other than the voice recognition technology provider. But they do. And they send it (and store it) without providing any specifics about the unnamed third parties, where they're located, how secure these transmissions are (to protect them from criminals -- the other unwanted "third parties") or how long the manufacturer itself retains this data.

The transparency level of these manufacturers rivals that of the government. And that's not a good thing, because it makes it far too easy for them to become willing partners with agencies that thrive on the abuse of the Third Party Doctrine. Samsung -- and manufacturers like it -- need to provide more than vague assurances. They need to explicitly explain what's happening to all the data they're collecting, especially when the collection involves entertainment devices listening in on private conversations... and calling it a "feature."

Permalink | Comments | Email This Story

The NYPD has created yet another special unit to handle the myriad problems that arise from being terrorists' occasional target. The SRG (Strategic Response Group) will be tasked with handling certain situations, most of which did not occur in New York City.

“It is designed for dealing with events like our recent protests, or incidents like Mumbai or what just happened in Paris,” the commissioner [Bill Bratton] said.

So… it's designed for dealing with protests -- the most recent of which were kicked off by the clearing of a cop who choked an unarmed man to death. The other two incidents have nothing to do with New York other than the fact that the NYPD sent its own officers overseas at the request of nobody.

Apparently, the new unit will be armed to the teeth, as behooves riot protest cops.

“They’ll be equipped and trained in ways that our normal patrol officers are not,” Bratton said. “They’ll be equipped with all the extra heavy protective gear, with the long rifles and machine guns — unfortunately sometimes necessary in these instances.”

Or not, said the department when its new counterprotest unit began taking heat for Bratton's conflation of terrorism and tying up traffic.

When asked if New Yorkers should expect to see police officers with “machine guns” at city protests, a spokesman for the NYPD told The Intercept, “No. They’re not carrying them at protests.” In general, however, the spokesman said officers would have access to the weapons “either on them or in their vehicles.”

So, they won't carry machine guns while policing protests, but they'll be in easy reach. Bratton stated that responding to protests and terrorist attacks require "overlapping skills," hence the creation of a single unit. There has been no further clarification on what these "skills" might be, other than possibly being able to discern whether it's a protest or terrorist attack they're dealing with and, consequently, whether the machine gun stays in the squad car.

This new unit must be something special. Or its already-existing counterpart must be something awful.

SRG also will supplement the 1,000-officer NYPD counterterrorism program, which has also been trained in heavy-weapons tactics, a police official said.

In addition to the 1,350 counterterrorist cops, there will be more surveillance. The NYPD's push to turn the city into the next London continues, with the promised addition of cameras in every subway car, accessible to both the conductor and "offsite" viewers within the PD.

Bratton is also pushing for something less lethal than "long rifles" to be carried by his cops.

The commissioner said he will also ask Mayor Bill de Blasio for more funding to buy more Tasers as an alternative to the use of force. Bratton reportedly wants at least 450 cops — five or six at each of the city’s 77 precincts — to carry Tasers on them, not leave them in their cars…

Well, I'd say Bratton need to fix the second part first. There's no reason to buy new Tasers if you can't get cops to carry them. Locking them up in the glovebox pretty much ensures that the only force officers can deploy will be of the "deadly" variety. The difference between tasing someone into submission and shooting someone into submission is often the difference between life and death. Of course, NYPD officers are also fond of other such "less-lethal" tactics like chokeholds and unprovoked beatings. Adding a Taser just means some citizen's going to have electricity pumped into his system on top of anything else the officers feel like deploying.

Using the word "terrorism" in a sentence is an easy way to route funds to your law enforcement agency. New York -- being both highly populated and an American icon -- is certainly high on the list of terrorist targets. But years of counterterrorist investigations have done very little to reduce the threat. The NYPD has been overselling and under-delivering on the "imminent terrorist threat" front for years. Because it has so little to police at home, it's been sending its officers around the world to actual terrorist attacks -- a tactic that has earned it little more than the irritated scorn of those actually charged with policing much more dangerous parts of the world.

Above and beyond all of this, there's Bratton's assertion that the same special unit should be tasked with counterterrorism and handling protests, as if the two were remotely related in any way. The message is clear: civil disobedience is an attack on New York City itself -- and Bratton's boys and girls trained in the art of counterterrorism will be on hand to break up the next one. To dissent is to strike terror into the NYPD -- itself a pleasant thought. But once the SRG hits the streets, it probably won't end well for those would-be terrorists and their evil protests.

Permalink | Comments | Email This Story

I don't care who you are (even, say… the government), but if you're going to tell two different versions of a story, it helps to not have both in print and publicly available.

Trevor Timm of the Freedom of the Press Foundation caught the DOJ spinning two different yarns for two different entities about its familiarity with the CIA Torture Report.

DOJ told NYT they read the full torture report. http://t.co/euLgn20u3l Then, DOJ swore in court they didn't. http://t.co/Lw0fjrEe2d Huh?

— Trevor Timm (@trevortimm) February 3, 2015

If you can't see the tweet, it says:

DOJ told NYT they read the full torture report

Then, DOJ swore in court they didn't.

Huh?

Included were links to the source material. In arguing for the continued withholding of the full version of the CIA report from the NYT, here's the DOJ telling the paper of record one thing:

The Justice Department said in a statement on Tuesday that its investigators had looked at the full version of the Senate Intelligence Committee report “and did not find any new information that they had not previously considered in reaching their determination,” adding that Mr. Durham’s “inquiry was extraordinarily thorough and we stand by our previously announced decision not to initiate criminal charges.”

And here it is in court, defending its withholding of the report from a different FOIA requester:

"None of the defendant agencies have freely used the Full Report; they have kept it stored in a [sensitive compartmented information facility], with limited access," the government’s declaration reads. "Neither [the Department of Justice] nor [the Department of State], moreover, has even opened the package with the disc containing the full Report. And CIA and [the Department of Defense] have carefully limited access to and made only very limited use of the Report."

In both cases, the DOJ is justifying continued secrecy, but in only one case does it claim to be intimately familiar with the subject matter. So, which version of the DOJ's story is true? One would hope the declaration before the court would be the truthful statement, but you know what they say about "wishing with one hand." By the time you've worked your way through that process, your faith in the government dies a little more and you've defecated in your own hand -- neither of which are pleasant outcomes.

The only certainty here is that the DOJ will say whatever it wants to say in order to further its position. And that position is: shut up and stop asking. We're not going to let you see the full Torture Report. Another powerful blow against for government secrecy has been struck by the Most Transparent Administration in History. You may now continue your wholly sarcastic chants of "USA! USA! USA!"

Permalink | Comments | Email This Story

Own a Chromecast or in the market to get one soon? You won’t want to miss out on some free cash that could come along with it. Google is dishing out $6 in Google Play credit for anyone who has bought one of the hottest multimedia devices in the past couple of years.

Even better is that the credit applies for how many different Chromecast units in your home, so if you’ve already gotten 3 of these bad boys for your house you could be looking at $18 in free credit. It’s not the $20 credit some promotions touted throughout the holiday season, but if you are going to buy one then you can’t be too mad at any bit of added value.

To get in on it you simply need to head here while your Chromecast is connected to your network, and you’ll see your $6 credit (and a wealth of other standard Chromecast offers) waiting for you.

OsmocomBB is an Free Software / Open Source GSM Baseband software implementation. It intends to completely replace the need for a proprietary GSM baseband software, such as drivers for the GSM analog and digital baseband (integrated and external) peripherals the GSM phone-side protocol stack, from layer 1 up to layer 3 In short: By using OsmocomBB on a compatible phone, you are able to make and receive phone calls, send and receive SMS, etc. based on Free Software only. This project is doing amazing work, but despite all the effort, it only supports very small number of phones based on one particular baseband chip because this one happens to accept unsigned firmware. It only supports 2G (and not even completely), so 3G and 4G are completely out of the question. Don't expect to flash this on your Samsung Galaxy Whatever any time soon. Aside from the immense technical knowledge, expertise, and dedication required to code your own baseband software, there's a huge legal barrier - it's pretty much illegal to use a baseband like this without explicit approval. In fact, the people behind the project do not use their software on carrier networks. Despite the fact that the need for a properly open source baseband firmware is obvious to everyone, the cold and harsh truth remains that we're not even close.

Californians may find their cars being converted to government informants at some point in the future, thanks to the state's push to curb emissions. As always, a trip to the land of Unintended Consequences begins at the Port of Good Intentions. Cleaner air and vehicles will come at a cost, and that cost may include an extensive collection of driving data. (via Cato)

The On Board Diagnostics computer systems on all of our late-model cars now collect a wide range of information mostly related to a car’s emissions. When something is amiss, your dashboard flashes with a “check engine” light and you head to a repair shop to fix it. The goal is to assure cars aren’t polluting the air.

But now the California Air Resources Board (CARB) is proposing regulations(for a May board hearing) requiring manufacturers to significantly expand the kind of information on-board computer software collects about our driving habits.

The software could track miles per gallon, driving distances, how often one stops and starts the car, and how fast one drives. Newer cars already tell us most of this information on those nifty trip computers in the dashboard. The difference, of course, is the regulations would require our cars to also tell government officials the information.

Right now, CARB is only collecting this sort of information in aggregate, and then only after the vehicle has been on the road for at least six years. This data is compiled during state-required emissions checks. So far, so good, and CARB states on its website that it isn't (yet) pursuing the collection of this data singularly and in an ongoing fashion by using transponders.

“(N)o such program has been adopted by ARB nor have any decisions been made by ARB to pursue such an approach in California.”

But other states are pushing for even more stringent emissions standards than California's, and the only way to enforce these appears to be the use of a tracking device. Washington wants a 50% reduction in emissions by 2050. Oregon has mandated a 20% reduction in per capita urban driving. To hit these goals, manufacturers will need to track additional data about vehicle usage and make it accessible to state governments.

The data parameters listed in CARB's proposal are extensive (p. 42). And it starts with this statement:

Track MPG/CO2 in the real-world

Not just enable easier data logging but actually provide historical data

In practical terms, this means logging of miles driven, fuel used, stops and starts, engine run time, and air conditioner usage. Certainly this data will help manufacturers build more efficient vehicles, but it really has no business being in the government's hands.

If it does, the abuse of this data is almost guaranteed. If this was being tracked solely by manufacturers for use in development, it would be one thing. But if it's being used to track down drivers who aren't driving quite as efficiently as the local government believes they should be, that's quite another. Say goodbye for aggregate data about classes of vehicles and hello to onboard surveillance.

Steven Greenhut points out in his article that the government already has plenty of vehicle tracking options at its disposal, including red light cameras and toll roads that require a government-supplied transponder to be accessed. The latter has already been used to "control" driving by denying toll lane access to speeders ratted out by the required transponders.

With the government tracking this information (and requiring manufacturers to collect it and provide access), law enforcement will no longer need to seek warrants for GPS usage. Instead, they'll just be able to ask another government agency for driving records or demand them from manufacturers under the Third Party Doctrine. And on top of everything else, it will be argued that traveling in your vehicle has no expectation of privacy, even if most drivers will be unaware that their vehicle is tracking all sorts of information and handing it over to the government.

This data collection -- when tied to emissions restrictions -- could have another unintended side effect: taking away citizens' freedom to choose where they live.

Of course, for many it really isn’t about greenhouse gas emissions. Mobility allows (or, as anti-auto groups would say, forces) people to living in low-density “sprawl” where they can escape taxation by cities eager to subsidize stadiums, convention centers, and light-rail lines. All they have to do is ramp down people’s monthly driving rations–something like a cap-and-trade system that steadily reduces the caps–and suburbanites will eventually find that they have to move back to the cities.

Certainly no one expects driving to be a "private" activity. But they also don't expect their government to have an active interest in their personal comings and goings, especially for indefinite periods of time. Gathering this info and handing over control to governments is going to encourage a certain amount of misuse. It's inevitable. These governments need to find another way to attack the emissions problem -- one that doesn't involve turning peoples' vehicles into personal diaries government employees can flip through at their discretion.

Permalink | Comments | Email This Story

If you’re a savvy internet user you’re probably using some sort of ad blocker (though hopefully not on your favorite sites). The most popular ad blocker is called AdBlock Plus, which boasts over 300 million downloads worldwide. That’s a lot of advertising dollars that are going unseen by internet users. Google, along with Amazon, Microsoft and Taboola, have decided to do something about it.

The Financial Times is reporting that these companies have paid AdBlock Plus to allow their ads to pass through the blocking software. AdBlock makes money by allowing companies to pay for their ads to go unblocked as long as they comply with AdBlock’s “acceptable ads” policy. It’s unclear whether Google and co. are simply abiding by this policy or just throwing money around to get their way.

Obviously a service such as AdBlock Plus is a big threat to Google, a company who makes a lot of money on online advertising. In 2013 Google even removed the AdBlock app from the Play Store. Everyone hates to see ads, but often times they are the only thing keeping a website alive. A lawsuit against AdBlock is currently being considered by the French Internet Advertising Bureau.

Where do you stand on this issue? Should companies be able to pay for their ads to go unblocked? Should ad blockers even be allowed? Do you use AdBlock, and do you whitelist your favorite sites?

You may have heard the news recently about how a drunk employee of the National Geospatial-Intelligence Agency (can't make this crap up) accidentally flew a DJI Phantom II drone onto White House property, leading to a general collective freakout over the security implications of these personal helicopters. In response to this, President Obama has called for more drone regulations -- which may or may not make sense -- but it needs to be remembered that the FAA has been refusing to actually release any rules for quite some time.

But beyond the call for regulations, the drone's maker, DJI has decided to do a little self-regulation in the form of automatically pushing out some new firmware that blocks the drone from flying in downtown DC:

"The updated firmware (V3.10) will be released in coming days and adds a No-Fly Zone centered on downtown Washington, DC and extends for a 25 kilometer (15.5 mile) radius in all directions. Phantom pilots in this area will not be able to take off from or fly into this airspace."

Even if you think it's perfectly reasonable to ban drone flights in downtown DC (a different discussion for a different day...), it should be very concerning that the company you bought your product from can magically make it that much less useful on demand without you being able to do a damn thing about it. What if you happen to live in that no-fly zone, and you bought it to use for personal reasons at a local park. You're completely out of luck because an overreaction resulted in the company breaking something you thought you bought.

Sometimes, the fact that devices you buy can be updated on the fly has benefits -- like the stories of Tesla upgrading its cars to make them better even long after people bought them. That's neat. But, it still seems immensely troubling that something you bought can be turned into a paperweight (in certain areas) by the company you bought it from.

Permalink | Comments | Email This Story

Due process? In this "justice" system? It is to LOL.

A San Francisco deputy public defender was handcuffed and arrested at the Hall of Justice after she objected to city police officers questioning her client outside a courtroom…

Here's the video:


The two responses gathered by SFGate show the divide between those who represent the accused and those who haul inconvenient people away so they can continue their "work" unimpeded.

...an incident that her office called outrageous and police officials defended as appropriate.

The public defender, Jami Tillotson, was charged with the one-size-fits-all-who-give-us-any-lip crime of "resisting arrest." This charge doesn't work the way people expect it would, much to their anger, dismay and surprise. One would think that the police would need to be arresting you for a different crime and, after encountering some resistance, add "resisting arrest" to the charges. But no, apparently "resisting arrest" simply means not doing what cops say to do, no matter the legality of the request.

Tillotson was representing her client in a misdemeanor theft case. The police wanted to chat with him about an unrelated case in which he was "a person of interest." Presumably the photo-taking was part of building a lineup.

Now, the Sixth Amendment only guarantees the right to an attorney during criminal prosecution. But being a "person of interest" presents its own problems, what with it usually leading to questioning centered on gathering incriminating evidence -- either against the person being questioned or someone else on the list of suspects.

As an American citizen, you can always refuse to answer questions, especially when you're not in custody. Easier said than done, though, which is why the option of referring law enforcement to a lawyer is always on the table. Of course, police officers will try to avoid this possiblity, usually by framing the questioning as an innocuous, purely voluntary chat. They get irritated, though, when people realize this and tell them to talk to their lawyer or continually ask if they're free to go.

So, while Tillotson's attempt to defend her client from questioning related to a different crime may not have fallen under guaranteed Sixth Amendment protections, her willingness to protect her client from additional police questioning certainly falls within the bounds of what she (and her client) are legally allowed to do in a situation like this (i.e., "Talk to my lawyer.")

But the police weren't interested in speaking to a lawyer. They wanted to take pictures and ask questions without the "interference" of someone who knew how the system works. So, they arrested her for resisting arrest -- which, as the video shows, she was very clearly NOT DOING BEFORE, AFTER OR DURING THE ARREST.

Tillotson objected to the arrest, but she placed her hands behind her back and allowed police to cuff her. She never struggled or otherwise impeded the officers in their duty -- which was [WARNING: circular reasoning ahead] TO ARREST HER FOR RESISTING ARREST.

It's a mindbending, oxymoronic, ugly display of force, where might = right and anyone standing in the way of an investigation needs to GTFO. With cuffs.

Here's how Gideon at A Public Defender sums up this incident:

It’s one thing for officers to get their way by removing civilians from the scene who object to their searches and seizures, but it takes quite another level of totalitarianism and disregard for the law to arrest and make absent an officer of the court.

Even the law prof [Is it impossible to get quotes from actual lawyers with "in the trenches" experience? Are there really that few of them?] quoted by SFGate -- who believes Tillotson erred by inserting herself between police and their "person of interest" -- had this to say about the PD's actions.

[Hadar Aviram] added, “Regardless of where the constitutional disposition is, the attorney was in no way being violent or resisting arrest or being disruptive in any way. It’s extreme and it’s bad press for (the police). I’m surprised.”

I'm not. Many officers -- far too many -- simply don't care what the public thinks of them or their actions. The detective captured here on video is among that number.

Permalink | Comments | Email This Story

Michael Hayden, the former CIA and NSA director, has revealed what most people already suspected -- to him, the Constitution is a document that he can rewrite based on his personal beliefs at any particular time, as noted by Conor Friedersdorf at the Atlantic. Specifically, he admits that after September 11th, 2001, he was able to totally reinterpret the 4th Amendment to mean something entirely different:

In a speech at Washington and Lee University, Michael Hayden, a former head of both the CIA and NSA, opined on signals intelligence under the Constitution, arguing that what the 4th Amendment forbids changed after September 11, 2001. He noted that "unreasonable search and seizure," is prohibited under the Constitution, but cast it as a living document, with "reasonableness" determined by "the totality of circumstances in which we find ourselves in history."

He explained that as the NSA's leader, tactics he found unreasonable on September 10, 2001 struck him as reasonable the next day, after roughly 3,000 were killed. "I actually started to do different things," he said. "And I didn't need to ask 'mother, may I' from the Congress or the president or anyone else. It was within my charter, but in terms of the mature judgment about what's reasonable and what's not reasonable, the death of 3,000 countrymen kind of took me in a direction over here, perfectly within my authority, but a different place than the one in which I was located before the attacks took place. So if we're going to draw this line I think we have to understand that it's kind of a movable feast here."

While it's true that the 4th Amendment does ban "unreasonable search and seizure," it seems like quite an interpretation to argue that "reasonableness" depends on what some third party does to us. That seems morally dangerous -- and it seems like a direct admission to terrorists that if they want to eviscerate the rights of Americans, they just need to keep on attacking, because folks like Hayden will just interpret it to mean that they should take away more and more rights from Americans.

Then there was this other rather stunning admission. Hayden admits that the NSA wants to listen to anyone it finds "interesting," not just those they think are doing something bad:

"I am not a law enforcement officer. I don't suspect anybody. I am simply going out there to retrieve information that helps keep my countrymen free and safe. This is not about guilt. In fact, let me be really clear. NSA doesn't just listen to bad people. NSA listens to interesting people. People who are communicating information."

This is a rather refreshing admission -- as most of those who normally defend the surveillance state like to pretend that they're only listening to "bad" people. They trot out the "if you're not doing anything wrong, you have nothing to fear" argument all the time. Even Hayden himself has argued along those lines in the past. Yet here he is, more accurately saying that "if you're boring, you have nothing to fear" but "if we think you're interesting, you should be very afraid." And "interesting" is subject to a lot more vague interpretations than "reasonableness."

You can see his whole speech below, and while it's nice that he's finally admitting how malleable his own morals are, it's depressing that he ever had the power to use his flexible morals to spy on all of us -- and then did so.

Permalink | Comments | Email This Story

A Georgia state senator has announced a bill to limit the use of no-knock warrants. These warrants have gone from the exception to the rule over the past several years, as our nation's drug warriors apparently labor under the assumption that drug dealers keep banker's hours.

Of course, no-knock raids have resulted in plenty of collateral damage -- both to cops and civilians -- as the element of surprise tends to be bullet-and-flashbang heavy. It's the use of flashbang grenades that has prompted this new legislation, which unfortunately puts it into the category of "Laws Named After Victims," most of which are written badly and hastily.

The incident prompting this bill involved a 19-month-old toddler who was badly burned by a flashbang that landed in his crib. The police claimed they had no idea children might be present in the home, despite nearly tripping over the toys scattered around the yard in their haste to raid a house over a $50 drug purchase from a person who didn't even live at the residence.

The law would forbid the use of no-knock warrants during nighttime hours… or so you would think before you read the exceptions.

House Bill 56, sponsored by Rep. Kevin Tanner, R-Dawsonville, would, in most cases, bar the use of no-knock warrants between 10 p.m. and 6 a.m.

It also requires law enforcement agencies to develop written policies and training for the use of the warrants, require a supervising officer to present when the warrant is executed, and requires police to swear that not using a no-knock warrant would pose “a significant and imminent danger to human life or imminent danger of evidence being destroyed.”

The last part of that sentence is the loophole. All it takes to acquire the "forbidden" no-knock warrant is for an officer to swear that "because reasons, most likely drugs/officer safety," no other type of warrant will do. If it passes the way it's written, it will end up preventing nearly nothing. Scott Greenfield sees this legislation as nothing more than a preemptive strike against further regulation of warrant service.

While one might applaud Tanner for doing anything, perhaps this is offered as a stop-gap measure to prevent more significant, more real, limitations on the execution of warrants that put citizens lives at risk for the sake of protecting cops.

Context:

Tanner spent 18 years as a Dawson County sheriff’s deputy and has executed no-knock warrants himself.

Considering the overall uselessness of this "ban" on no-knock warrants, you'd think the police union would just keep its mouth shut and just be grateful no one has pushed for real oversight and reform. But no, the reps just can't help themselves. Any additional requirements are unwelcome… always.

"I don't think any changes are needed because it is not easy now," Mills said.

Define "easy," International Brotherhood of Police Officers union rep Carrie Mills. There's practically no oversight as it is. Most magistrate judges -- with few exceptions -- are more than happy to sign off on anything a cop puts in front of them. And higher courts oblige this rubberstamping by carving up even more "good faith" territory when granting immunity to law enforcement officers who screw up (accidentally or intentionally) their warrant apps.

Then Mills delivers this unbelievable statement, which is supposed to make us feel bad for poor cops facing a very slim possibility of having to cut back on their no-knocking, flashbanging raids.

"You have to draw the line between your right as a citizen to privacy and a community's right to live in a crime-free environment. You can't have them both," Mills said.

Oh, the old "freedom or security, but not both" argument, but badly paraphrased to fit the current situation. The protection of a right that doesn't actually exist ("right to live in a crime-free environment") supersedes a right acknowledged (and protected) by the Fourth Amendment.

Or to put it even more graphically -- considering the impetus for this proposed legislation: "You can live in a safe neighborhood or live a life free of horrific flashbang injuries, but not both." Those are your options as long as there's a war on drugs. And at the rate that war is going, it will be forever before law enforcement agencies agree to limit their use of no-knock warrants.

Permalink | Comments | Email This Story

Back in 2003, we wrote about Verizon CEO Ivan Seidenberg's big bet to actually offer fiber-to-the-home for Verizon internet subscribers. Wall Street absolutely despised this move. While it was actually about offering consumers a better service (i.e., real broadband), short-sighted Wall Street folks don't like projects that cost a lot to build. Seidenberg ignored them and pushed forward with the FiOS buildout. Of course, the second that Seidenberg retired, Verizon suddenly made it clear that it would finish its planned buildouts, but wouldn't expand any further. That was five years ago. And, in the last few years, it's even looked for ways to get out of the wired broadband business entirely, selling off pieces here and there, and focusing on wireless instead. Late last week, it was reported that Verizon was now nearing completion of its promised fiber buildout, and wouldn't be doing any more. Well, some of its promised fiber buildout. The promises that it made to state officials about 100% coverage to get tax breaks and subsidies? Those it's backed out of (without giving back the billions it got in subsidies, of course).

So? For all that effort, what did the American public get? Well, Verizon doesn't like to show it, but here's the map of all FiOS buildouts, thanks to the folks at Fiber For All: There's an awful lot of gray on that map. You can click through for a more interactive version on the Fiber for All website. To be fair, most of the focus is on areas with high population density around the NY metro area and Los Angeles. Fiber for All notes that it covers about 12% of the population, if much less geographically. And, in case you're wondering, the blue sections are parts that Verizon sold off to Frontier, but it's still called FiOS. Of course, there are a few others offering fiber services in different areas, from private companies like Sonic and Google Fiber to municipalities (even as Verizon, AT&T, Time Warner Cable and Comcast fought to block those).

Still, the simple fact is that if we want true broadband today, fiber is the way to go, but the big broadband players basically don't care. Verizon used to care, but Wall Street hated the idea of investing to offer what the public wanted, and thus, that option is now gone. And that big gray map is what we have to show for it. Lucky you, if you live in one of those counties. For the rest of us stuck on pokey slow connections, well, too bad.

Permalink | Comments | Email This Story

The DHS's Inspector General has finally released a report [pdf link] on the agency's control of TSA information systems at JFK International Airport. It's been delayed several times, mainly because of (now former) TSA head John Pistole's refusal to communicate with the Inspector General's office.

This report -- which has a release date of January 16, 2015 -- was actually completed on July 22, 2014. It was turned over to the TSA's CIO for a review, which should have been concluded within 30 days. The DHS Chief of Staff asked for additional time after failing to meet this deadline. The Inspector General granted another 30 days, making the new deadline September 17.

This revised due date came and went without a response from the TSA. On October 20th, the TSA finally produced its approved version of the IG's report, but not without several redactions of supposed SSI (Sensitive Security Information). The IG formally challenged the redactions in a November memo to John Pistole. Pistole never responded. Another memo was issued in December, which was also ignored by the TSA chief.

Finally, five months after its sensitive information review, the report was returned to the IG's office. All of the challenged redactions remained.

The IG's letter, which opens up the report, expresses his displeasure at the TSA's stalling tactics and secrecy.

I am disappointed in both the substance of the decision as well as its lack of timeliness. In 2006, Congress, concerned about delays in appeals of this nature, directed the Department to revise DHS Management Directive 11056.1 to require TSA to require timely SSI reviews. Given the clear requirement for timely SSI reviews in response to requests from the public, we hoped that TSA would approach an SSI appeal from the Inspector General with similar diligence, especially because TSA was aware of our deadlines.

Now, to meet our reporting requirement, we are compelled to publish a redacted report with SSI markings and will again ask the head of TSA to overrule the SSI program office's decision.

I believe that this report should be released in its entirety in the public domain. I challenged TSA's determination because this type of information has been disclosed in other reports without objection from TSA, and because the language marked SSI reveals generic, non-specific vulnerabilities that are common to virtually all systems and would not be detrimental to transportation security. My auditors, who are experts in computer security, have assured me that the redacted information would not compromise transportation security. Our ability to issue reports that are transparent, without unduly restricting information, is key to accomplishing our mission.

So, here we have a clear case of the TSA thwarting its own oversight in order to withhold information from the public. These are the sorts of things the TSA doesn't want you to see.




The TSA believes that exposing this information (such as the locations of its unsecured areas) will create a security risk, but it doesn't explain how that would be any different from the state the areas were in when the OIG inspected them. Unless JFK's TSA staff haven't taken any steps, the issues pointed out in the report like exposing the location of these areas (and, I don't know, CLOSING AND LOCKING DOORS), shouldn't matter.

As for redacting the number of vulnerabilities found in the TSA's servers, the only plausible explanation is that every number in those blacked-out charts is higher than agency feels comfortable disclosing. Whether the number is 2 or 9 really doesn't matter. (In one total column, it's obviously a two-digit number.) It only takes one hole to compromise a system.

While the TSA managed to withhold some information, much of what's left untouched isn't exactly flattering. The TSA's "security theater" apparently extends to its internal operations. We know the TSA generally "catches" terrorists by allowing airborne passengers do all the heavy lifting. This same "work ethic" applies to securing its own systems. From the looks of what the IG found, TSA agents at JFK apparently believe internal security is someone else's job and even the most basic of controls haven't been implemented.

At JFK, TSA did not have visitor logs in any of its communication rooms to document the entry and exit of visitors to these rooms that contain sensitive IT equipment.

[...]

Fire protection, detection, and suppression controls were not present in many TSA communication rooms. Specifically, 14 of the 21 rooms inspected that contained sensitive equipment did not have fire extinguishers…

Compounding the issue of fire detection and mitigation, only 7 of 21 the rooms inspected contained smoke detectors. Smoke detectors alert the appropriate personnel of a potential fire and possible hazard.

[...]

Several TSA communication closets located in the JFK terminals contained storage items and cleaning supplies. For example, we found TSA equipment on top of an unlocked TSA telecommunication cabinet surrounded by a ladder, boxes, trash, and cleaning supplies. The ladder, boxes, and cleaning supplies are all harmful to IT equipment. Additionally, there was no sign in sheet, and non-TSA personnel used the room for equipment storage.

TSA did not have an operable uninterruptible power supply (UPS) in three communication cabinets…

A sensitive equipment cabinet located in a public area was unlocked and left open to run an extension cord to a nearby electrical outlet for power.

The door to the secure Explosive Detection Systems room, where TSA reviews x-ray images of luggage to determine if suspicious checked luggage requires additional inspection, was propped open to vent a portable air conditioning unit, violating physical security controls.

The IG makes several recommendations, most of which can be boiled down to four words: FOLLOW EXISTING DHS POLICIES.

Since this report contains inspections of every other DHS agency with operations at the JFK airport, similar faults were found for both CBP (Customs and Border Protection) and ICE (Immigrations and Customs Enforcement). However, one agency managed to pass inspection: the Secret Service.

USSS fully complied with DHS operational, technical, and management operational policies for its telecommunication room at JFK. We audited IT security controls of the USSS telecommunication room located at the JFK on-site building number 75. This location had a DHS OneNet connection and a network switch device. The telecommunications room was clean and well maintained. Visitor’s logs were also maintained. Humidity and temperature sensor readings were within DHS policy guidelines. Since, the JFK location did not have an on-site server, vulnerability scans were not applicable.

Say what you will about its inability to secure the White House, but the Secret Service -- which oversees travel of dignitaries and government officials on over 800 flights per year -- has its JFK operations locked down tight.

What we have detailed here is another security agency making an effort to thwart its oversight. The TSA managed to delay a critical report by 6 months and withhold supposedly "sensitive" information over the repeated protests of the Inspector General. In doing so, it has shown Americans who really holds the power in Washington -- and it isn't these agencies' internal and external oversight.

Permalink | Comments | Email This Story

The Supreme Court's recent track record on the Fourth Amendment has been inconsistent, to say the least. For every win -- like the warrant requirement for cellphone searches incident to arrest (Riley v. California) -- there's been a loss -- the court's granting of permanent forgiveness for officers who predicate stops on nonexistent laws (Heien v. North Carolina), as long as the mistake is determined to be "objectively reasonable."

The oral arguments in Rodriguez v. United States [pdf link] deal with another attempted expansion of law enforcement powers at the expense of the Fourth Amendment. Here's a the backstory, as summarized by Evan Bernick of HuffPo (and the Institute for Justice):

On March 27, 2012, Nebraska police officer Morgan Struble stopped Dennys Rodriguez for swerving once towards the shoulder of the road. After questioning Rodriguez and issuing him a written warning, Struble asked permission to walk his drug-sniffing dog around the outside of Rodriguez's vehicle. When Rodriguez refused, Struble made him exit the vehicle and wait for backup to arrive. Roughly eight minutes later, a second officer showed up, and Struble led his dog around the car. The dog gave an "alert" for illegal drugs, and a subsequent search turned up a bag of methamphetamine.

A previous decision by the Supreme Court (Illinois v. Caballes) concluded that the use of a drug-sniffing dog during a regular traffic stop was not a Fourth Amendment violation, provided the stop was not prolonged past the point of "completing that mission [the traffic stop]." Prolonged stops have been argued before, but in this particular case, there was no question that the "mission" had been "completed." It was only after the officer told Rodriguez he would let him off with warning that he brought up the subject of searching the vehicle.

The DOJ's lawyer, Ginger Anders, argued that officers should have some leeway in determining the "sequence of the stop." Applied to this situation, the DOJ is basically arguing that a cop can tell you you're free to go and then ask you to wait while he brings in a drug dog to search your vehicle. Anders' theory is that this contradictory sequence still respects the Fourth Amendment so long as the length of the stop doesn't exceed the nebulous standard of "routine time needed."

It's this slippery "routine time" that most of the argument is focused on. Both sides attempted to determine where that lies exactly on the space-time continuum, but Rodriguez's lawyer (reasonably) pointed out that the key issue should be the "completion of the mission," not the amount of time it takes to reach that point.

This attempt to reduce the Fourth Amendment to a specific number of minute-hand movement reaches its simultaneous zenith/nadir during this exchange with the DOJ's lawyer.

JUSTICE BREYER: Okay. But that's where ­­ I thought that position that I've tried to -- ­­let me state it more clearly, I think. It is unlawful to have the dog sniff where the dog sniff unreasonably prolongs the stop, is that -- ­does --­­ is that okay if I write with the government -- ­­ if I write those words in an opinion?

MS. ANDERS: That's right. But we don't think that a dog sniff performed right after the ticket per se unreasonably prolongs the stop. And if I could give you a hypothetical that ­­--

JUSTICE BREYER: Ah. Well, how ­ if the ticket­writing is over and there is nothing else to do and the policeman says, hey, this is over, at that point has it not unreasonably prolonged the stop if the sniff takes place afterwards?

MS. ANDERS: I don't think so. I mean, just imagine ­­--

JUSTICE BREYER: Because?

JUSTICE SCALIA: Because that takes only two minutes and that's not unreasonable, right?

MS. ANDERS: That's right. And it doesn't take into account how he stops ­­--

JUSTICE SCALIA: Big deal. The dog walks around the car for two minutes. That's ­­--

CHIEF JUSTICE ROBERTS: It's only a violation of the Fourth Amendment for two minutes, right?

(Laughter.)

Presumably, Scalia was being facetious. But the underlying thrust of the government's position is clear: it wants the leeway to perform extraneous searches so long as it can fit it in under a vague time limit determined by an even vaguer "reasonable standard."

And if that's not feasible because the 2005 Caballes decision theoretically limits stops to a "reasonable" length of time, the government proposes another solution: just stick a K-9 in every cop car. Justice Sotomayor steps up to shut down this line of thinking.

MS. ANDERS: So the hypothetical that I propose is that if you imagine you have two officers conducting a stop and the first officer is explaining the ticket and what's happening with the ticket to the person, to the driver. While he's doing that, the second officer is performing the dog sniff around the car. If the officer who's explaining the ticket ends first and the dog sniff takes another 30 seconds, I don't think there's any reason to say that that stop, which maybe lasted a total of ten minutes has -- has gone on for longer than reasonably required to complete the traffic ticket.

JUSTICE SOTOMAYOR: Well, I have a ­­-- I have a real fundamental question, because this line drawing is only here because we've now created a Fourth Amendment entitlement to search for drugs by using dogs, whenever anybody's stopped. Because that's what you're proposing. And is that really what the Fourth Amendment should permit?

MS. ANDERS: I don't think it's an entitlement, Justice Sotomayor. I think once the Court said in Caballes that ­-- that it is permissible in some circumstances to perform a dog sniff during a traffic stop, then ­­--

JUSTICE SOTOMAYOR: Well, in some circumstances. So why don't ­-- why don't we keep it cabined to Caballes, which is when it's being done simultaneous with writing the ticket. If it's not, then it's unlawful.

MS. ANDERS: Well, because that leads to arbitrary results as I was explaining with Justice Breyer, I think in that hypothetical ­­--

JUSTICE SOTOMAYOR: It's not arbitrary. The Fourth Amendment is arbitrary by its nature. It says you can't search unless you have probable cause to search.

Later on, as this particular angle is argued further, Sotomayor comes down even more harshly on the government's assertions, noting that what it's attempting to do is grant itself more power at the expense of citizens' rights.

But the way Justice Breyer has said this -- what he's saying is you can't unreasonably prolong. You can't hold a person any -- any measurable time that would allow to get the dog. And, yes, it has to do with the resources of the police department, but we can't keep bending the Fourth Amendment to the resources of law enforcement. Particularly when this stop is not -- is not incidental to the purpose of the stop. It's purely to help the police get more criminals, yes. But then the Fourth Amendment becomes a useless piece of paper.

This appears to be the DOJ's goal, if its arguments in this case -- and previous cases like Riley -- are to be believed. In its eyes, the Fourth Amendment is something that should be subject to law enforcement's needs and wants, rather than something to be respected and complied with.

Permalink | Comments | Email This Story

What is up with the DEA? For all the focus on the NSA, the CIA and even the FBI, it really seems like the agency that is absolutely out of control is the DEA. In just the last few months, we've written about the DEA having its own giant database of metadata on phone calls (with less oversight than the NSA), how it has embedded telco employees who are able to snoop on subscribers in real-time for the DEA, how the DEA is deeply involved in parallel construction (using intelligence info collected under questionable means to arrest someone and then to hide or lie to judges about that information), how it paid a secretary at Amtrak $850,000 to give them all of Amtrak's passenger lists, how it was (with the NSA) recording every single phone call in the Bahamas and, finally, how it was impersonating people on Facebook.

And now, the latest is that the DEA has been building a massive database of your travel habits using automatic license plate readers. These license plate readers have been used increasingly by law enforcement, and the ACLU has been tracking their growing usage for years. A year ago, we wrote about Homeland Security putting out a call for a national license plate reader program, resulting in public outrage. While it eventually scrapped those public plans, we noted at the time that DHS still had access to plenty of other databases of license plate reader data, including one in ICE (Immigrations and Customs Enforcement).

But the latest news is that the DEA also had a huge database of this info as well:

The new DEA records that we received are heavily redacted and incomplete, but they provide the most complete documentation of the DEA’s database to date. For example, the DEA has previously testified that its license plate reader program began at the southwest border crossings, and that the agency planned to gradually increase its reach; we now know more about to where it has grown. The DEA had previously suggested that “other sources” would be able to feed data into the database; we now know about some of the types of agencies collaborating with the DEA.

The documents uncovered by our FOIA request provide additional details, but their usefulness is limited by the DEA’s decision to provide only documents that are undated or years old. If the DEA’s collection of location information is as extensive as the agency has suggested in its limited comments to legislatures, the public deserves a more complete and comprehensive explanation than the smattering of records we have obtained can provide.

These records do, however, offer documentation that this program is a major DEA initiative that has the potential to track our movements around the country. With its jurisdiction and its finances, the federal government is uniquely positioned to create a centralized repository of all drivers’ movements across the country — and the DEA seems to be moving toward doing just that. If license plate readers continue to proliferate without restriction and the DEA holds license plate reader data for extended periods of time, the agency will soon possess a detailed and invasive depiction of our lives (particularly if combined with other data about individuals collected by the government, such as the DEA’s recently revealed bulk phone records program, or cell phone information gleaned from U.S. Marshals Service’s cell site simulator-equipped aircraft ). Data-mining the information, an unproven law enforcement technique that the DEA has begun to use here, only exacerbates these concerns, potentially tagging people as criminals without due process.

Among the information the ACLU's new documents show, is that the DEA already taps into other agencies' license plate reader databases, including local law enforcement and federal agencies like those in DHS. The records the ACLU obtained note that there were over 343 million records in the database (but the redactions on the document obscure the date of that finding, so it's likely much larger today).

Oh, and then there's this: one of the main points of the program is to help law enforcement steal seize things from the public: And, of course, the DOJ is trying to downplay the whole thing:

A spokesman for Justice Department, which includes the DEA, said the program complies with federal law. “It is not new that the DEA uses the license-plate reader program to arrest criminals and stop the flow of drugs in areas of high trafficking intensity,’’ the spokesman said.

That's a bullshit response on any number of levels. It may not be new that the DEA is using the technology, but the extent of its usage, and the efforts it has taken to keep it secret are new. On top of that, the fact that its primary purpose is to help with seizures is a pretty big deal, especially given the rest of what the DEA has been doing lately. It makes you wonder if there's any oversight at all on this stuff.

Permalink | Comments | Email This Story

Although calls to ban or backdoor encryption have been made in the past, David Cameron's rather vague threats against crypto clearly mark the start of a new, concerted campaign to weaken online privacy. Thanks to a leaked paper, written by the EU Counter-Terrorism Co-ordinator and obtained by Statewatch, we now have a clear statement of what the European authorities really want here (pdf):

Since the Snowden revelations, internet and telecommunications companies have started to use often de-centralized encryption which increasingly makes lawful interception by the relevant national authorities technically difficult or even impossible. The Commission should be invited to explore rules obliging internet and telecommunications companies operating in the EU to provide under certain conditions as set out in the relevant national laws and in full compliance with fundamental rights access of the relevant national authorities to communications (i.e. share encryption keys).

The set-phrase "in full compliance with fundamental rights" is just a fig leaf: there is no real intention of complying with basic rights here. That this is a just a cynical exploitation of people's concerns in the wake of recent events is shown by the following paragraph from the beginning of the document:

Europe is facing an unprecedented, diverse and serious terrorist threat. The horrific attacks that took place in Paris between 7 and 9 January 2015 were followed by an unprecedented show of unity by millions of citizens in France and across Europe as well as a show of solidarity and political will by many EU and world leaders. In addition to action from the national governments, citizens are looking to the European Union to provide an ambitious response. Core European values have been attacked, in particular freedom of speech. The EU has to respond with meaningful action. Failure to do so could result in disillusionment of citizens with the EU.

Yes, the millions of European citizens who joined marches in support of liberty and freedom of speech would be bitterly disappointed if the EU didn't react by undermining those self-same core values. Nor is the idea to weaken all encryption in Europe the only deeply troubling proposal in the document. Here's another one:

Consideration should be given to a role for Europol in either flagging or facilitating the flagging of content which breaches the platforms’ own terms and conditions. These often go further than national legislation and can therefore help to reduce the amount of radicalising material available online.’ In this context, Europol's Check the Web project could be beefed up to allow for monitoring and analysis of social media communication on the internet.

That's a really great idea: get Europe's main law enforcement agency, Europol, spending its valuable time checking out if Internet users are breaching Facebook's terms and conditions, and generally spying on social networks. After all, that's much more important than doing other things like, oh, I don't know, actually trying to catch murderers and criminals....

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Permalink | Comments | Email This Story

Last month, dashcam video of a 23-year-old (Victoria) Texas cop throwing a 76-year-old man to the ground and tasing him emerged, leading to plenty of outrage across the web. The imagined "crime" was the lack of an inspection sticker on the vehicle the elderly man was driving. Of course, had the officer known the law, he would have known that inspection stickers aren't needed on vehicles with dealer plates -- something that could have been confirmed by anyone inside the car dealership where the incident occurred.

Here's the video:

As a side note, Scott Greenfield notes that this is a good example of why the Supreme Court's recent decision to cut law enforcement officers additional slack is a bad idea. Thanks to its Heien v. North Carolina decision, stops and searches predicated on nonexistent laws are perfectly legal, thanks to a very fluid interpretation of the word "reasonable."

Reasonable suspicion arises from the combination of an officer’s understanding of the facts and his understanding of the relevant law. The officer may be reasonably mistaken on either ground. Whether the facts turn out to be not what was thought, or the law turns out to be not what was thought, the result is the same: the facts are outside the scope of the law. There is no reason, under the text of the Fourth Amendment or our precedents, why this same result should be acceptable when reached by way of a reasonable mistake of fact, but not when reached by way of a similarly reasonable mistake of law.

The young cop didn't understand the law, but he wasn't about to let a citizen who did explain it to him. So, he shoved, tased and threw the uncooperative citizen to the ground. He had no legal reason to make this stop (the law he enforced wasn't actually a law) but he was "reasonable" in his belief that every Texas vehicle should have an inspection sticker.

But is it a good idea to tase elderly men who won't immediately kowtow to someone who clearly isn't interested in hearing the "illegal" act he's getting all excited about isn't actually legal? Photography Is Not A Crime tried to find out.

[W]e figured it couldn’t take that long to read through the use of force policy, so we made a public records request, only to be told by the city’s legal department that releasing the policy “could impair an officer’s ability to arrest a suspect by placing individuals at an advantage in confrontations with police.”

This rationale is deployed far too frequently in order to keep law enforcement documents locked up. PINAC points out that other police departments have released use of force policies to the public and somehow managed to still effectively enforce the law. Why not the Victoria PD? Perhaps it felt the release of the document would give the 76-year-old Pete Vasquez an unfair advantage the next time he's approached by an officer for a crime he didn't commit. Can't have the public redefining the terms of engagement by using the police officer's own terms of engagement against him.

And it's not as if though policies are followed closely or strictly enforced. Past abuses show that police officers frequently use more force than is necessary and rarely, if ever, suffer any long-term consequences for these actions.

Despite the department's stupid refusal to release the policy, it has at least manned up about the young officer's behavior.

Chief Craig has determined based on the evidence, that Officer Robinson violated three areas of policy and sustained allegations regarding violations of the following departmental policies.

1) Policy 0.216 - Conduct and Performance, Section 2.15
2) Policy 03.03 - Use of Force Section 1
3) Policy 0.0305- Arrest without a Warrant Section 3

Based on the findings of the administrative investigation, Nathaniel Robinson’s employment with the Victoria Police Department has been terminated.

Now that he's been dismissed, Robinson won't be in any hurry to explain why he felt it necessary to resort to violence over a "missing" (but not really, according to the actual law) inspection tag. Is this really the sort of crime where use of force policies need to come into play, especially when the perp is four times the age of the officer? I guess we'll never know. The Victoria PD doesn't want to talk about its policies. It did the right thing by dumping a dangerous officer, but its accountability doesn't end there. If those being policed are going to develop any further understanding of the PD's use of force, they need to have access to that document. Pretending the release will help perps escape cops is a cheap dodge.

Permalink | Comments | Email This Story

It was only last week we caught wind of Google’s plans to become an MVNO to provide affordable wireless service and we’ve already gotten some early details. According to a report by the Wall Street Journal, Google’s use of both T-Mobile and Sprint’ s towers won’t make for awkward hand-offs or the need to buy phones specific to your market.

That is thanks to new cellular technology Google will utilize that can measure the quality of networks in your area — including any available WiFi hotspots — and hop onto the best one. T-Mobile and Sprint’s networks aren’t superstars alone, but combining the two with technology like this should squelch the fears of anyone who hopes to sign up for the service once it’s made available.

That’s as much as we know by now. It’s coming, it’s coming soon, and we hope it’ll be every bit as good as we’ve imagined a Google-made wireless carrier could be.

If you've tinkered with Waze at all you know the app allows users to post road conditions, lane closures, police locations, and other pertinent driving hazards with a heavy emphasis on the gamification of that information (i.e., you get points for reporting accurate information). I generally find the feature to be marginally useful if not annoying. Police move positions so quickly I find that crowdsourcing isn't particularly effective. As such, I generally just stick to my long-standing practice of flirting with a speed that's around six to seven miles over the speed limit (I know, I'm an absolute wild man).

Eager to protect a revenue generator, law enforcement has long wanted speed trap warning disabled in the app, though as we've noted, warning others of speed traps (whether that's flashing your lights or otherwise) is effectively protected speech. With previous arguments not working so well, the latest claim by the law enforcement community is that Waze is dangerous for police because it effectively facilitates stalking of officers. Or at least that's the argument being pushed forth by the National Sheriffs Association in their quest to make Waze much less useful to motorists:

"Sheriff Mike Brown of Bedford County, Virginia, said the police-reporting feature, which he called the "police stalker,'' presents a danger to law enforcement. "The police community needs to coordinate an effort to have the owner, Google, act like the responsible corporate citizen they have always been and remove this feature from the application even before any litigation or statutory action,'' said Brown, who also serves as the chairman of the National Sheriffs Association technology committee."

Of course, the police officers being "stalked" are parked in obvious line of sight on public motorways, and if a mentally-unstable person did want to cause problems, it's not too hard to find an opportunity. At the same time, the citizens using the app are simply having a perfectly-legal conversation. Combined with the fact that the quoted officers can't be bothered to cite a single instance where this sort of technology has ever been a problem in this regard, that's a pretty feeble justification for crippling an application by any measure. Regardless, it appears Google has already been making concessions; when it started porting Waze data into Google Maps earlier this year, police reporting data was notably absent.

Whatever, just as long as we're not talking about how much Waze location data gets shared with the law enforcement and intelligence communities, right?

Permalink | Comments | Email This Story

While law enforcement has been using license plate readers to track vehicles for a while, they never formed into a unified network. In fact, the Department of Homeland Security posited a 29-page document about a vehicle-tracking network, but the idea...

You'll recall that the CTIA recently argued that the wireless industry doesn't need to be governed by net neutrality rules (or any rules, really) because it's a sector that's just so gosh-darned competitive. And while it's true T-Mobile has been shaking things up of late (thanks in part to regulators blocking the AT&T acquisition), the market's big four players continue to make it clear that once you dig past a number of largely cosmetic promotions, the sector still isn't really all that competitive. That's especially true when it comes to seriously competing on price, something all four major carriers repeatedly make clear they intend to avoid at any cost.

Case in point is T-Mobile's latest effort to offer rollover data, or letting users store unused bits and bytes at the end of the month for future use. I already noted how AT&T's competitive response to this was to offer a rollover service of its own that's largely a joke; rolled over data allotments only having a shelf life of one month, and that data being unusable until you finish your normal data allotment. Yet that's better than Verizon Wireless, which responded to the growing trend toward rollover data by refusing to participate entirely:

"We're a leader, not a follower," (Verizon CFO Fran Shammo) said in an interview on Thursday..."We did not go to places where we did not financially want to go to save a customer," Shammo said. "And there's going to be certain customers who leave us for price, and we are just not going to compete with that because it doesn't make financial sense for us to do that."

Of course, when a market is truly competitive, you're not supposed to have a choice in the matter. While Verizon pretends it doesn't compete on price because it offers a "premium experience," the reality is Verizon doesn't compete on price because it has used regulatory capture to build a market that ensures it never has to. The result is a Verizon-AT&T duopoly that owns most of the nation's spectrum, dominates 80% of the retail market, and enjoys a stranglehold on the special access (fiber backhaul) market. As a result, Sprint's been barely hanging on for years, and T-Mobile's owner Deutsche Telekom isn't sure T-Mobile can survive long-term. What the media calls a "price war" is more like a "light price scuffle."

It's something worth remembering the next time someone (usually a wireless industry lobbyist) tries to tell you the wireless industry is ultra-competitive (or doesn't need net neutrality protections) simply because there are four companies in play. What we usually see, with the occasional exception, is a pantomime of real competition. In this case, Verizon can't even be bothered to go that far.

Permalink | Comments | Email This Story

This is KFC's Double Down Dog, a hotdog with a fried chicken for a bun and drizzled with a cheese sauce that looks like mustard. Obviously, they blew it by not adding chili and diced onions. I would still eat one. Unfortunately, they've only been introduced to South Korea and the Philippines so far, with select restaurants only making 50 a day. That is not nearly enough. Not even for me. You know how many hotdogs I've eaten in a day before? Guess. "Ten?" Six. "Then why wouldn't 50 be enough?" Because I have friends. "Good one." Fine, because I like to pretend I have friends. Thanks to lilco, who agrees the best hotdogs are my armpits because they smell like chili-cheese dogs with extra onions if I don't shower for a day.

The TSA is disappointed that so few Americans have opted out of its bottle-tossing, package-groping screenings by signing up for its PreCheck program. For a few years now, the TSA has been selling travelers' civil liberties back to them, most recently for $85 a head, but it's now making a serious push to increase participation. The TSA can't do it alone, so it's accepting bids on its PreCheck expansion proposal. (h/t to Amy Alkon)

The Transportation Security Administration (TSA) is seeking vendors for TSA Pre√® Application Expansion initiative to develop, deliver, and deploy private sector application capabilities expanding the public's enrollment opportunities for TSA Pre✓® through an Other Transactional Agreement (OTA) awarded by TSA. The Government plans to award an OTA to multiple vendors. The Government will evaluate the proposed ready-to-market solutions' application capabilities against this TSA Pre√® Expansion Initiative Solicitation and Statement of Work.

This will involve a new pre-screening process to weed out terrorists by looking through a variety of "commercial data" sources. The proposal [pdf link] is very vague on the details of what "commercial data" will be used by these third parties.

Contractors may use commercial data to conduct an eligibility evaluation (also known as pre-screening) of potential applicants. The eligibility evaluation shall include, at a minimum, validating identity and performing a criminal history records check to ensure that applicants do not have disqualifying convictions in conjunction with the TSA Pre✓® disqualifying offenses…

The proposal goes on to say something that sounds like the TSA safeguarding PreCheck applicants' privacy by standing between them and any crazy ideas third party contractors might have about "commercial data."

As a second component to the eligibility evaluation, TSA may also consider approving an option to use additional private sector processes to conduct a provisional risk assessment (based on an algorithm developed by the Contractor) for the purposes of assisting in identifying those individuals believed to pose a low risk to transportation security. TSA must approve any commercial data inputs proposed for use by contractors to include those which validate identity and determine provisional low-risk status.

More protections here:

Risk assessments may not be based on race, ethnicity, religion, national origin, age, financial status (e.g., credit ratings/scores, liens, bankruptcies, foreclosures, annual income), health records, constitutionally protected activity, or other records reflecting an individual’s socio-economic status.

So far, so good. But while the TSA has pointed out a few examples of what won't be permitted to be used to separate the threats from the travelers, it really never goes on to detail what will be permitted… at least not in the proposal itself. Those sources (and there are several) are tucked away inside the agreement boilerplate [pdf link] to be signed by winning contractors.

Here's everything that's open to inspection by PreCheck applicant screeners.

For purposes of this private sector enrollment initiative for the TSA Pre√® Application Program, “commercial data” includes: public record data, such as criminal history and real estate records produced by federal, state, and local governments; other publicly available information, such as directories, press reports, location data and information that individuals post on blogs and social media sites; and wide ranging data such as purchase information, customer lists from registration websites, and self-reported information provided by consumers that is obtained by commercial data sources such as data brokers.

So, the TSA is authorizing contractors to use social media posts in the screening process -- which, yes, are by default public but tend to generate more noise than signal when it comes to spotting the terrorists in PreCheck approval queue.

[And I suppose my Facebook page -- containing pictures I added a few months ago -- will put me in the "questionable" group.]


The TSA is looking to hire on third-party haystackers in order to pre-profile travelers. There's a lot of "public/commercial data" out there, and very little of it has any relevance to the "threat level" of potential flyers. And the part about "purchase information" is particularly disturbing, considering the DHS would really like to have access to that data.

Homeland Security Secretary Jeh Johnson said his department will be issuing new guidance to retailers this week giving them pointers on how to spot potential terrorists among their customers by looking at what they're buying.

While saying the government cannot prohibit sales of some everyday materials, Mr. Johnson said retailers should be trained to look for anyone who buys a lot from what he described as a "long list of materials that could be used as explosive precursors."

He said it was an extension of the "If you see something, say something" campaign launched by his predecessor, former Secretary Janet Napolitano, which tries to enlist average Americans to be aware of their immediate environment.

Couple Johnson's statements with this proposal sentence (which immediately follows the "Risk assessments may not be based on…" sentence from the paragraph above), and you get an idea where this PreCheck database is headed.

Any algorithm used must receive DHS approval, which will be based upon a DHS evaluation requiring testing and review of commercial data inputs during that process.

Whatever data the contractors grab will be viewed by the DHS first, before it makes its decision to keep or discard it. And this will be in addition to the huge amount of data these two agencies already dip into to determine how many "S's" to print on your boarding pass. The TSA's role in the PreCheck program will be mainly limited to waving successful applicants through. (Something it has previously done to alleviate congestion with no apparent concern about PreCheck approval and all of its "safeguards".) So, this is really the DHS's program, one that allows it partake of third-party data hoovering and add anything it deems relevant to its databases.

That's a lot of info to turn over for shorter waits at the airport. Generally speaking, the government has little interest in your purchases and social media activities, but by applying for PreCheck, you give them the green light to go digging. Sure, most of what's there isn't necessarily private, but it's still information most people wouldn't assume the government would find to be relevant to airport security. Factor in the TSA/DHS's ever-mounting paranoia, and you've got a recipe for a slew of false positives, especially when the latter considers photography of public buildings to be "suspicious activity."

Permalink | Comments | Email This Story