Big Brother is using smartphone metadata to track your every move
Washington, D.C. - If you tweet a picture from your living room using your smartphone, you’re sharing far more than your new hairdo or the color of the wallpaper. You’re potentially revealing the exact coordinates of your house to anyone on the Internet.
The GPS location information embedded in a digital photo is an example of so-called metadata, a once-obscure technical term that’s become one of Washington’s hottest new buzzwords.
The word first sprang from the lips of pundits and politicians earlier this month, after reports disclosed that the government has been secretly accessing the telephone metadata of Verizon customers, as well as online videos, emails, photos and other data collected by nine Internet companies. President Barack Obama hastened to reassure Americans that “nobody is listening to your phone calls,” while other government officials likened the collection of metadata to reading information on the outside of an envelope, which doesn’t require a warrant.
But privacy experts warn that to those who know how to mine it, metadata discloses much more about us and our daily lives than the content of our communications.
So what is metadata? Simply put, it’s data about data. An early example is the Dewey Decimal System card catalogs that libraries use to organize books by title, author, genre and other information. In the digital age, metadata is coded into our electronic transmissions.
“Metadata is information about what communications you send and receive, who you talk to, where you are when you talk to them, the lengths of your conversations, what kind of device you were using and potentially other information, like the subject line of your emails,” said Peter Eckersley, the technology projects director at the Electronic Frontier Foundation, a digital civil liberties group.
Powerful computer algorithms can analyze the metadata to expose patterns and to profile individuals and their associates, Eckersley said.
“Metadata is the perfect place to start if you want to troll through millions of people’s communications to find patterns and to single out smaller groups for closer scrutiny,” he said. “It will tell you which groups of people go to political meetings together, which groups of people go to church together, which groups of people go to nightclubs together or sleep with each other.”
Metadata records of search terms and webpage visits also can reveal a log of your thoughts by documenting what you’ve been reading and researching, Eckersley said.
“That’s certainly enough to know if you’re pregnant or not, what diseases you have, whether you’re looking for a new job, whether you’re trying to figure out if the NSA is watching you or not,” he said, referring to the National Security Agency. Such information provides “a deeply intimate window into a person’s psyche,” he added.
The more Americans rely on their smartphones and the Internet, the more metadata is generated.
Metadata with GPS locations, for example, can trace a teenage girl to an abortion clinic or a patient to a psychiatrist’s office, said Karen Reilly, the development director for The Tor Project, a U.S.-based nonprofit that produces technology to provide online anonymity and circumvent censorship.
Metadata can even identify a likely gun owner, she said.
“Never mind background checks, if you bring your cellphone to the gun range you probably have a gun,” Reilly said.
“People don’t realize all the information that they’re giving out,” she said. “You can try to secure it – you can use some tech tools, you can try to be a black hole online – but if you try to live your life the way people are expecting it, it’s really difficult to control the amount of data that you’re leaking all over the place.”
A former senior official of the National Security Agency said the government’s massive collection of metadata allowed the agency to construct “maps” of an individual’s daily movements, social connections, travel habits and other personal information.
“This is blanket. There is no constraint. No probable cause. No reasonable suspicion,” said Thomas Drake, who worked unsuccessfully for years to report privacy violations and massive waste at the agency to his superiors and Congress.
Metadata “is more useful than the content” of a telephone call, email or Internet search, Drake said in an interview. “It gets you a map over time. I get to map movements, connections, communities of interest. It’s also a tracking mechanism.”
The NSA “can easily associate” a phone number with an identity, he added. “All location information comes from a (cellular) tower. There are tower records. They are doing this every single day. It’s basically a data tap on metadata, and I can build a profile (of an individual) instantly.”
The agency has programs that also can mine the metadata of emails and other electronic information, Drake said.
A leading NSA expert James Bamford - the Washington Investigative Producer for ABC’s World News Tonight with Peter Jennings for almost a decade, winner of a number of journalism awards for coverage national security issues, whose articles have appeared in dozens of publications, including cover stories for the New York Times Magazine, Washington Post Magazine, and the Los Angeles Times Magazine, and the only author to write any books (he wrote 3) on the NSA – reports, the NSA was also tapping the 9/11 hijackers’ phone calls inside the U.S.
Specifically, hijackers Khalid al-Mihdhar and Nawaf al-Hazmi lived in San Diego, California, for 2 years before 9/11. Numerous phone calls between al-Mihdhar and Nawaf al-Hazmi in San Diego and a high-level Al Qaeda operations base in Yemen were made in those 2 years.
The NSA had been tapping and eavesdropping on all calls made from that Yemen phone for years. The NSA recorded all of these phone calls.
Indeed, the CIA knew as far back as 1999 that al-Mihdhar was coming to the U.S. Specifically, in 1999, CIA operatives tailing al-Mihdhar in Kuala Lumpur, Malaysia, obtained a copy of his passport. It contained visas for both Malaysia and the U.S., so they knew it was likely he would go from Kuala Lumpur to America.
NSA whistleblower William Binney – a highly-credible 32-year NSA veteran with the title of senior technical director, who headed the agency’s digital data gathering program (featured in a New York Times documentary, and the source for much of what we know about NSA spying) was asked what he thought of the government’s claim that mass surveillance of Americans would have caught Mihdhar and prevented 9/11.
Binney responded:
Of course they could have and did have data on hijackers before 9/11. And, Prism did not start until 2007. But they could get the data from the “Upstream” collection. This is the Mark Klein documentation of Narus equipment in the NSA room in San Francisco and probably other places in the lower 48. They did not need Prism to discover that. Prism only suplemented the “Upstream” material starting in 2007 according to the slide.
Details here and here.
http://www.mcclatchydc.com/2013/06/20/194505/government-could-use-metadata.html#.UcRQJN7D-Um
http://www.washingtonsblog.com/2013/06/bush-and-obama-administrations-911-justification-for-nsa-spying-has-been-debunked.html
Former Facebook chief signs up to work with NSA:
In a strange reversal, the man who used to be responsible for keeping our Facebook information private and secure is now working for the National Security Agency, the government agency currently under scrutiny over its information-gathering practices.
Max Kelly left Facebook in 2010, where he had been Chief Security Officer and headed for the NSA.
Kelly's move from the world's largest social network to the world's largest spying agency suggests a commonality in the aims of both the government and Silicon Valley - acquire and exploit large amounts of personal information about Americans.
Kelly would have been working at Facebook when the company joined the NSA's Prism program, and it seems the government is actively seeking technology and hacking experts.
'In its recruiting in Silicon Valley, the N.S.A. sends some of its most senior officials to lure the best of the best. No less than Gen. Keith B. Alexander, the agency’s director and the chief of the Pentagon’s Cyber Command, showed up at one of the world’s largest hacker conferences in Las Vegas last summer... His main purpose at Defcon, the conference, was to recruit hackers for his spy agency,' reports The New York Times.
The links between private tech companies and the government are getting closer and closer, although many companies are trying to distance themselves by saying they only hand over their customer's information when legally compelled.
The New York Times, which first reported Kelly's career move, says companies are more than willing to play along with the NSA.
'…Current and former industry officials say the companies sometimes secretly put together teams of in-house experts to find ways to cooperate more completely with the NSA. and to make their customers’ information more accessible to the agency.
The companies do so, the officials say, because they want to control the process themselves. They are also under subtle but powerful pressure from the NSA. to make access easier.'
The line between social media companies and intelligence agencies is becoming increasingly blurred, especially now that the government is recruiting directly from Silicon Valley.
The NSA is 'one of Silicon Valley’s largest customers for that is known as data analytics, one of the valley’s fastest-growing markets,' The Times reported.
http://www.dailymail.co.uk/news/article-2347047/Former-Facebook-security-chief-working-NSA.html
Reassured by NSA's internal procedures? Don't be. They still don't tell the whole story:
The targeting and minimization documents released yesterday are dated a few months after the first publicly known scandal over the new FAA procedures: In April 2009, the New York Times reported that Section 702 surveillance had “intercepted the private e-mail messages and phone calls of Americans . . . on a scale that went beyond the broad legal limits established by Congress." In June 2009, the Times reported that members of Congress were saying NSA's "recent intercepts of the private telephone calls and e-mail messages of Americans are broader than previously acknowledged." Rep. Rush Holt described the problems as "so flagrant that they can't be accidental."
Presumably, following these "flagrant" abuses (and likely in response to the Congressional criticism of the original procedures), the government refined the procedures. The documents released yesterday are the "improved" targeting and minimization procedures, which appear to have been reused the following year, in 2010, in the FISC's annual certification.
But these amended procedures still didn't stop illegal spying under Section 702.
Unless the government substantially changed the procedures between August 2010 and October 2011, these are the mimization rules that the FISC eventually found to result in illegal and unconstitutional surveillance. In October 2011, the FISC issued an 86-page opinion finding that collection carried out under the NSA's minimization procedures was unconstitutional. The opinion remains secret, but it is likely that yesterday's leaked NSA documents show the very procedures the Director of National Intelligence admitted had been found to result in surveillance that was “unreasonable under the Fourth Amendment" and "circumvented the spirit of the law."
And for good reason: the procedures are unconstitutional.
EFF has been litigating to uncover this critical FISC opinion through the Freedom of Information Act and to uncover the "secret law" the government has been hiding from the American public. And EFF isn't alone in fighting for the release of these documents. A bipartisan coalition of Senators just announced legislation that would require the Attorney General to declassify significant FISC opinions, a move they say would help put an end to precisely this kind of "secret law."
When the government, and others, claim these procedures ensure your privacy is respected, know this: they're only telling you half the story. Take action now -- to put an end to secret law, to demand the American public gets the full story, and to finally put an end to the NSA's domestic spying program.
https://www.eff.org/deeplinks/2013/06/recently-revealed-nsa-procedures-likely-ones-found-unconstitutional-fisa-court