Resources

“If YOU think you are not being analysed while browsing websites, it could be time to reconsider. A creepy new website called clickclickclick has been developed to demonstrate how our online behaviour is continuously measured.

The site, which observes and comments on your behaviour in detail, and is not harmful to your computer, contains nothing but a white screen and a large green button. From the minute you visit the website, it begins detailing your actions on the screen in real-time.

The site also encourages users to turn on their audio, which offers the even more disturbing experience of having an English voice comment about your behaviour.

Designer Roel Wouters said the experiment was aimed to remind people about the serious themes of big data and privacy. “It seemed fun to thematise this in a simple and lighthearted way,” he said.

Fellow designer Luna Maurer said the website her own experiences with the internet had helped with the project. “I am actually quite internet aware, but I am still very often surprised that after I watched something on a website, a second later I get instantly personalised ads,” she said.”

“Roughly two-thirds of the world’s internet users live under regimes of government censorship, according to a report from Freedom House, a pro-democracy think tank. The report adds that internet freedom declined worldwide for a sixth consecutive year in 2016 with the governments increasingly crack down on social media services and messaging apps.

In a new development, the most routinely targeted tools this year were instant messaging and calling platforms, with restrictions often imposed during times of protests or due to national security concerns,” the report says. WhatsApp emerged as the most-blocked app, facing restrictions in 12 of the 65 studied countries. The report’s scope covers the experiences of some 88 percent of the world’s Internet users. And of all 65 countries reviewed, Internet freedom in 34 — more than half — has been on a decline over the past year. Particular downturns were marked in Uganda, Bangladesh, Cambodia, Ecuador and Libya. Facebook users were arrested in 27 countries, more than any other app or platform. And such arrests are spreading. Since June of last year, police in 38 countries have arrested people for what they said on social media — surpassing even the 21 countries, where people were arrested for what they published on more traditional platforms like blogs and news sites. “Some supposed offenses were quite petty, illustrating both the sensitivity of some regimes and the broad discretion given to police and prosecutors under applicable laws,” the report says.”

“Conrey said the district simply wanted to keep its students safe. “It was really just about student safety; if we could try to head off any potential dangerous situations, we thought it might be worth it,” he said.

“An online surveillance tool that enabled hundreds of U.S. law enforcement agencies to track and collect information on social media users was also marketed for use in American public schools, the Daily Dot has learned.

Geofeedia sold surveillance software typically bought by police to a high school in a northern Chicago suburb, less than 50 miles from where the company was founded in 2011. An Illinois school official confirmed the purchase of the software by phone on Monday.

Ultimately, the school found little use for the platform, which was operated by police liaison stationed on school grounds, and chose not to renew its subscription after the first year, citing cost and a lack of actionable information. “A lot of kids that were posting stuff that we most wanted, they weren’t doing the geo-tagging or making it public,” Conrey said. “We weren’t really seeing a lot there.”

No prosecutions. Instead, those in power are pushing to pass a law to legitimise and continue the same.

“British security agencies have secretly and unlawfully collected massive volumes of confidential personal data, including financial information, on citizens for more than a decade, senior judges have ruled.

The investigatory powers tribunal, which is the only court that hears complaints against MI5, MI6 and GCHQ, said the security services operated an illegal regime to collect vast amounts of communications data, tracking individual phone and web use and other confidential personal information, without adequate safeguards or supervision for 17 years.

Privacy campaigners described the ruling as “one of the most significant indictments of the secret use of the government’s mass surveillance powers” since Edward Snowden first began exposing the extent of British and American state digital surveillance of citizens in 2013.

The tribunal said the regime governing the collection of bulk communications data (BCD) – the who, where, when and what of personal phone and web communications – failed to comply with article 8 protecting the right to privacy of the European convention of human rights (ECHR) between 1998, when it started, and 4 November 2015, when it was made public.

It added that the retention of of bulk personal datasets (BPD) – which might include medical and tax records, individual biographical details, commercial and financial activities, communications and travel data – also failed to comply with article 8 for the decade it was in operation until it was publicly acknowledged in March 2015.”

Yahoo has filed a patent for a type of smart billboard that would collect people’s information and use it to deliver targeted ad content in real-time.

To achieve that functionality, the billboards would use a variety of sensor systems, including cameras and proximity technology, to capture real-time audio, video and even biometric information about potential target audiences.

But the tech company doesn’t just want to know about a passing vehicle. It also wants to know who the occupants are inside of it.

That’s why Yahoo is prepared to cooperate with cell towers and telecommunications companies to learn as much as possible about each vehicle’s occupants.”

“Various types of data (e.g., cell tower data, mobile app location data, image data, etc.) can be used to identify specific individuals in an audience in position to view advertising content. Similarly, vehicle navigation/tracking data from vehicles equipped with such systems could be used to identify specific vehicles and/or vehicle owners. Demographic data (e.g., as obtained from a marketing or user database) for the audience can thus be determined for the purpose of, for example, determining whether and/or the degree to which the demographic profile of the audience corresponds to a target demographic.”

“Baltimore Police on Friday released data showing that a surveillance plane secretly flew over the city roughly 100 times, taking more than 1 million snapshots of the streets below.

Police held a news conference where they released logs tracking flights of the plane owned and operated by Persistent Surveillance Systems, which is promoting the aerial technology as a cutting-edge crime-fighting tool.

The logs show the plane spent about 314 hours over eight months creating the chronological visual record.

The program began in January and was not initially disclosed to Baltimore’s mayor, city council or other elected officials. Now that it’s public, police say the plane will fly over the city again as a terrorism prevention tool when Fleet Week gets underway on Monday, as well as during the Baltimore Marathon on Oct. 15.

The logs show that the plane made flights ranging between one and five hours long in January and February, June, July and August. The flights stopped on Aug. 7, shortly before the program’s existence was revealed in an article by Bloomberg Businessweek.

The program drew harsh criticism from Baltimore residents, activists and civil liberties groups, who said it violates the privacy rights of an entire city’s people. The city council is planning to hold a hearing on the matter; the ACLU and some state lawmakers are considering introducing legislation to limit the kinds of surveillance programs police can utilize, and mandate public disclosure and discussion beforehand.

Baltimore has been at the epicenter of an evolving conversation about 20th century policing. Last spring, its streets exploded in civil unrest after a young black man’s neck was broken inside a police van.

Freddie Gray’s death added fuel to the national Black Lives Matter movement and exposed more problems in a police department that has been dysfunctional for decades. The department’s shortcomings and tendencies toward discrimination and abuse were later laid bare in a 164-page patterns and practices report by the U.S. Justice Department.

This is not the first time Baltimore has served as a testing ground for surveillance technology. Cell site simulators, also known as Stingray devices, were deployed in the city for years without search warrants to track the movements of suspects in criminal cases. The technology was kept secret under a non-disclosure agreement between the FBI and the police department that barred officers from disclosing any details, even to judges and defense attorneys. The Supreme Court recently ruled that warrantless stingray use is unconstitutional.”

Newly published documents have shed more light on the dubious surveillance operations of the United States operating in the UK. The documents detail how the NSA and GCHQ used information gathered by Menwith Hill Station—a massive but tightly sealed facility that intercepts satellite data transmissions worldwide—for targeted killings with drones:

“The files reveal for the first time how the NSA has used the British base to aid “a significant number of capture-kill operations” across the Middle East and North Africa, fueled by powerful eavesdropping technology that can harvest data from more than 300 million emails and phone calls a day.

The NSA has pioneered groundbreaking new spying programs at Menwith Hill to pinpoint the locations of suspected terrorists accessing the internet in remote parts of the world. The programs — with names such as GHOSTHUNTER and GHOSTWOLF — have provided support for conventional British and American military operations in Iraq and Afghanistan. But they have also aided covert missions in countries where the U.S. has not declared war. NSA employees at Menwith Hill have collaborated on a project to help “eliminate” terrorism targets in Yemen, for example, where the U.S. has waged a controversial drone bombing campaign that has resulted in dozens of civilian deaths.

The disclosures about Menwith Hill raise new questions about the extent of British complicity in U.S. drone strikes and other so-called targeted killing missions, which may in some cases have violated international laws or constituted war crimes.

Successive U.K. governments have publicly stated that all activities at the base are carried out with the “full knowledge and consent” of British officials.”

A slide from a presentation about a secretive information-sharing program run by the U.S. Drug Enforcement Administration’s Special Operations Division (SOD) is seen in this undated photo. REUTERS/John Shiffman

“A secretive U.S. Drug Enforcement Administration unit is funneling information from intelligence intercepts, wiretaps, informants and a massive database of telephone records to authorities across the nation to help them launch criminal investigations of Americans.

Although these cases rarely involve national security issues, documents reviewed by Reuters show that law enforcement agents have been directed to conceal how such investigations truly begin – not only from defense lawyers but also sometimes from prosecutors and judges.

The undated documents show that federal agents are trained to “recreate” the investigative trail to effectively cover up where the information originated, a practice that some experts say violates a defendant’s Constitutional right to a fair trial. If defendants don’t know how an investigation began, they cannot know to ask to review potential sources of exculpatory evidence – information that could reveal entrapment, mistakes or biased witnesses.”

“First came the assault on privacy. Name, address, telephone, DOB, SSN, physical description, friends, family, likes, dislikes, habits, hobbies, beliefs, religion, sexual orientation, finances, every granular detail of a person’s life, all logged, indexed, analyzed and cross-referenced. Then came the gathering of location and communication data. Cell phones, apps, metro cards, license plate readers and toll tags, credit card use, IP addresses and authenticated logins, tower info, router proximity, networked “things” everywhere reporting on activity and location, astoundingly accurate facial recognition mated with analytics and “gigapixel” cameras and, worst of all, mindlessly self-contributed posts, tweets, and “check-ins,” all constantly reporting a subject’s location 24-7-365, to such a degree of accuracy that “predictive profiling” knows where you will likely be next Thursday afternoon. Today we are experiencing constant efforts to shred anonymity. Forensic linguistics, browser fingerprinting, lifestyle and behavior analysis, metadata of all types, HTML5, IPv6, and daily emerging “advances” in surveillance technologies – some seemingly science fiction but real – are combining to make constant, mobile identification and absolute loss of anonymity inevitable. And, now, predictably, the final efforts to homogenize: the “siloing” and Balkanization of the Internet. As Internet use becomes more and more self-restricted to a few large providers, as users increasingly never leave the single ecosystem of a Facebook or a Google, as the massive firehose of information on the Internet is “curated” and “managed” by persons who believe that they know best what news and opinions you should have available to read, see, and believe, the bias of a few will eventually determine what you believe. What is propaganda? What is truth? You simply won’t know. In a tradition dating back to the first HOPE conference, for three full hours Steven Rambam will detail the latest trends in privacy invasion and will demonstrate cutting-edge anonymity-shredding surveillance technologies. Drones will fly, a “privacy victim” will undergo digital proctology, a Q&A period will be provided, and fun will be had by all.”

“With widespread adoption among law enforcement, advertisers, and even churches, face recognition has undoubtedly become one of the biggest threats to privacy out there.

By itself, the ability to instantly identify anyone just by seeing their face already creates massive power imbalances, with serious implications for free speech and political protest.”

Microsoft pitches technology that can read facial expressions at political rallies.

“But more recently, researchers have demonstrated that even when faces are blurred or otherwise obscured, algorithms can be trained to identify people by matching previously-observed patterns around their head and body.

In a new paper uploaded to the ArXiv pre-print server, researchers at the Max Planck Institute in Saarbrücken, Germany demonstrate a method of identifying individuals even when most of their photos are un-tagged or obscured. The researchers’ system, which they call the “Faceless Recognition System,” trains a neural network on a set of photos containing both obscured and visible faces, then uses that knowledge to predict the identity of obscured faces by looking for similarities in the area around a person’s head and body.”

“In the past, Facebook has shown its face recognition algorithms can predict the identity of users when they obscure their face with 83% accuracy, using cues such as their stance and body type. But the researchers say their system is the first to do so using a trainable system that uses a full range of body cues surrounding blurred and blacked-out faces.”

In a very COINTELPRO-esque context, the ACLU has received more than 18 hours of video from surveillance cameras installed on FBI aircraft that flew over Baltimore in the days after the death of Freddie Gray in police custody in 2015. The footage offers a rare insight into the workings of a government surveillance operation targeting protests.

“The cache is likely the most comprehensive collection of aerial surveillance footage ever released by a US law enforcement agency… The footage shows the crowds of protesters captured in a combination of visible light and infrared spectrum video taken by the planes’ wing-mounted FLIR Talon cameras. While individual faces are not clearly visible in the videos, it’s frighteningly easy to imagine how cameras with a slightly improved zoom resolution and face recognition technology could be used to identify protesters in the future. ”

The collection of aerial surveillance footage of Baltimore protests from April 29, 2015 to May 3, 2015, from FBI archives is available on their website, or better yet, the Internet Archive.

“Records from the Federal Aviation Administration showed that the FBI’s aircraft, which were registered to front companies to conceal their ownership, carried sophisticated camera systems on board, complete with night-vision capabilities.”

The FBI says they’re only using the planes to track specific suspects in “serious crime investigations,” and that “the FBI flew their spy planes more than 3,500 times in the last six months of 2015, according to an analysis of data collected by the aircraft-tracking site FlightRadar24.”

“The FBI has been criticized in the recent past for its actions regarding domestic advocacy groups. A 2010 report by the Department of Justice Inspector General found the FBI opened investigations connected to organizations such as Greenpeace and the Catholic Worker movement that classified possible “trespassing or vandalism” as domestic terrorism cases. The report also found the FBI’s National Press Office “made false and misleading statements” when questioned by the media about documents obtained by public records requests.”

In 2013, Privacy International announced the Surveillance Industry Index, a comprehensive publicly available database about the capabilities, technologies and mindset of the private surveillance sector.

Also relevant is BuggedPlanet.info, a wiki in the public domain about “Signals Intelligence (SIGINT), Communication Intelligence (COMINT), Tactical and Strategical Measures used to intercept Communications and the Vendors and Governmental and Private Operators of this Technology.”

Likewise with Project PM, a wiki of a “centralized, actionable data set regarding the intelligence contracting industry, the PR industry’s interface with totalitarian regimes, the mushrooming infosec/”cybersecurity” industry, and other issues constituting threats to human rights, civic transparency, individual privacy, and the health of democratic institutions.” Entities of particular interest are PRISM, Trapwire, In-Q-Tel, and Stratfor.

“The BBC is to spy on internet users in their homes by deploying a new generation of Wi-Fi detection vans to identify those illicitly watching its programmes online.

The BBC vans will fan out across the country capturing information from private Wi-Fi networks in homes to “sniff out” those who have not paid the licence fee.

The corporation has been given legal dispensation to use the new technology, which is typically only available to crime-fighting agencies, to enforce the new requirement that people watching BBC programmes via the iPlayer must have a TV licence.”

“A crashed metal drone disguised as a bird has been discovered in Mogadishu, the troubled capital of Somalia.

Both governments [Somalia and the United States] and drone companies are experimenting with different types of aircraft, including nanobots and swarm-style technology.”

“Tim Berners-Lee has said that the internet has fallen into the hands of large corporations and governments and become the “world’s largest surveillance network”.

Berners-Lee explained in an interview with The New York Times that his invention has steadily come under the control of powerful interests.

“It controls what people see. It creates mechanisms for how people interact. It’s been great, but spying, blocking sites, repurposing people’s content, taking you to the wrong websites completely undermines the spirit of helping people create,” he said.”

“A document obtained by New Scientist reveals that the tech giant’s collaboration with the UK’s National Health Service goes far beyond what has been publicly announced. The document — a data-sharing agreement between Google-owned artificial intelligence company DeepMind and the Royal Free NHS Trust — gives the clearest picture yet of what the company is doing and what sensitive data it now has access to. The agreement gives DeepMind access to a wide range of healthcare data on the 1.6 million patients who pass through three London hospitals.

It includes logs of day-to-day hospital activity, such as records of the location and status of patients – as well as who visits them and when. The hospitals will also share the results of certain pathology and radiology tests.

As well as receiving this continuous stream of new data, DeepMind has access to the historical data that the Royal Free trust submits to the Secondary User Service (SUS) database – the NHS’s centralised record of all hospital treatments in the UK. This includes data from critical care and accident and emergency departments.

Google says it has no commercial plans for DeepMind’s work with Royal Free and that the current pilots are being done for free. But the data to which Royal Free is giving DeepMind access is hugely valuable. It may have to destroy its copy of the data when the agreement expires next year, but that gives ample time to mine it for health insights.”

“Alphabet’s [Google] executive chairman, Eric Schmidt, recently joined a Department of Defense advisory panel. Facebook recently hired a former director at the U.S. military’s research lab, Darpa. Uber employs Barack Obama’s former campaign manager David Plouffe and Amazon.com tapped his former spokesman Jay Carney. Google, Facebook, Uber and Apple collectively employ a couple of dozen former analysts for America’s spy agencies, who openly list their resumes on LinkedIn.

These connections are neither new nor secret. But the fact they are so accepted illustrates how tech’s leaders — even amid current fights over encryption and surveillance — are still seen as mostly U.S. firms that back up American values. Christopher Soghoian, a technologist with the American Civil Liberties Union, said low-level employees’ government connections matter less than leading executives’ ties to government. For instance, at least a dozen Google engineers have worked at the NSA, according to publicly available records on LinkedIn. And, this being Silicon Valley, not everyone who worked for a spy agency advertises that on LinkedIn. Soghoian, a vocal critic of mass surveillance, said Google hiring an ex-hacker for the NSA to work on security doesn’t really bother him. “But Eric Schmidt having a close relationship with the White House does…”

UK’s intelligence agencies such as MI5, MI6, and GCHQ have been collecting personal information from citizens who are “unlikely to be of intelligence or security interest” since the 1990s, previously confidential documents reveal. The documents were published as a result of a lawsuit filed by Privacy International, and according to the files, GCHQ and others have been collecting bulk personal data sets since 1998.

Emphasis added:

“These records can be “anything from your private medical records, your correspondence with your doctor or lawyer, even what petitions you have signed, your financial data, and commercial activities,” Privacy International legal officer Millie Graham Wood said in a statement. “The information revealed by this disclosure shows the staggering extent to which the intelligence agencies hoover up our data.”

Nor, it seems, are BPDs only being used to investigate terrorism and serious crime; they can and are used to protect Britain’s “economic well-being”—including preventing pirate copies of Harry Potter books from leaking before their release date.

BPDs are so powerful, in fact, that the normally toothless UK parliament watchdog that oversees intelligence gathering, the Intelligence and Security Committee (ISC), recommended in February that “Class Bulk Personal Dataset warrants are removed from the new legislation.”

These data sets are so large and collect so much information so indiscriminately that they even include information on dead people.”

The Intercept has obtained a secret, internal U.S. government catalogue of dozens of cellphone surveillance devices used by the military and by intelligence agencies. The document, thick with previously undisclosed information, also offers rare insight into the spying capabilities of federal law enforcement and local police inside the United States.

The catalogue includes details on the Stingray, a well-known brand of surveillance gear, as well as Boeing “dirt boxes” and dozens of more obscure devices that can be mounted on vehicles, drones, and piloted aircraft. Some are designed to be used at static locations, while others can be discreetly carried by an individual. They have names like Cyberhawk, Yellowstone, Blackfin, Maximus, Cyclone, and Spartacus. Within the catalogue, the NSA is listed as the vendor of one device, while another was developed for use by the CIA, and another was developed for a special forces requirement. Nearly a third of the entries focus on equipment that seems to have never been described in public before.

Slides of the catalogue available here, while a stylised version is available here.