|
|
|
|
| 29th December 2015
|
|
|
Thanks to soft touch oversight. Privacy International battle exposes bulk warrants See article from theregister.co.uk
|
|
Theresa May states the internet snooping powers won't be restricted to serious crimes but will be used to target internet insults, trolling and bullying
|
|
|
| 26th
December 2015
|
|
| See article from dailymail.co.uk
|
The governments invasive mass snooping laws will be used to bring online bullies and trolls to justice, the Home Secretary says. Theresa May reportedly says that surveillance powers, unveiled under the Investigatory Powers Bill last month, will be
used by police and spooks to track down and identify anonymous cyberbullies. The Times reports that 'officials' will be able to unmask users going by various aliases. Previously the government has maintained that the far reaching Snooper's
Charter would be restricted to tracking serious crimes such as terrorism and child abuse. Offsite Article: Theresa May wants to see your internet history, so we thought it was only fair to ask for hers 26th December
2015. See article from independent.co.uk
The Independent requested the Home Secretary's work browsing history for the last week of October under the Freedom of Information Act. The Home Office has refused to make Theresa May's internet
browsing history public under freedom of information rules, arguing that a request to do so is vexatious .
... Read the full
article from independent.co.uk |
|
|
|
|
| 23rd December
2015
|
|
|
How the Investigatory Powers Bill will affect ISPs See article from openrightsgroup.org
|
|
Apple asks if the risk of your bank account being cleared out by hackers is a price worth paying for the government being able to snoop on your personal messages
|
|
|
| 22nd December
2015
|
|
| See article from
theguardian.com |
Apple has called for changes to the UK government's investigatory powers bill, over fears it would weaken the security of personal data of millions of law-abiding citizens . In a submission to the bill committee the company expressed major
concerns and called for wholesale changes before the bill is passed. It siad: We believe it would be wrong to weaken security for hundreds of millions of law-abiding customers so that it will also be weaker for the
very few who pose a threat. In this rapidly evolving cyber-threat environment, companies should remain free to implement strong encryption to protect customers
Apple highlighted the main areas of the bill that it wants to see changed.
It told the committee that passages in the bill could give the government the power to demand Apple alters the way its messaging service, iMessage, works. The company said this would weaken encryption and enable the security services to eavesdrop on
iMessage for the first time. In its submission, Apple said: The creation of backdoors and intercept capabilities would weaken the protections built into Apple products and endanger all our customers. A key left under
the doormat would not just be there for the good guys. The bad guys would find it too.
Apple said it was worried about the scope of the bill as many of the provisions in the bill apply to companies regardless of where they are based,
giving the bill international scope, despite being a purely domestic piece of legislation. It also runs the risk of placing companies in a damned if they do, damned if they don't position. The company said: Those
businesses affected will have to cope with a set of overlapping foreign and domestic laws. When these laws inevitably conflict, the businesses will be left having to arbitrate between them, knowing that in doing so they might risk sanctions. That is an
unreasonable position to be placed in.
|
|
|
|
|
| 18th December 2015
|
|
|
The history of the establishment of UK communication snooping facilities See article from
theregister.co.uk |
|
|
|
|
| 17th December 2015
|
|
|
The EFF debates encryption with the White House See article from eff.org |
|
Thailand will add income details to the National ID card database for police use but decides not to encode it on the card for public access
|
|
|
| 14th December 2015
|
|
| See article from bangkokpost.com
|
Thailand's Interior Minister Anupong Paojinda has responded to public criticism and scrapped the dreadful idea to include occupation and salary details on people's ID cards. Social media exploded on Saturday after the military ruler, prime minister
Prayut Chan-o-cha, suggested that inclusion of wage and occupation data should be included on Thai ID cards by 2017. Today, however, General Anupong clarified that such information would only be included in an internal ministry database. He
claimed that use of the data would not violate people's rights and the extra information was somehow being collected solely for the name of the public interest. Human rights advocates opposed Gen Prayut's idea, calling it an invasion of privacy
and violation of basic human rights. They argued people's salary and occupation were personal data and should not be displayed on ID cards, even to electronic readers. The disclosure of such sensitive information could spur discrimination and put people
at risk of exploitation by criminals. Gen Anupong said minimal additional funds would be needed to collect salary and occupation data, as only surveys were required, not the production of new ID cards or reader systems. Gen Prayut on Monday said
minimum-wage earners would remain exempt from taxes, but their incomes would still need to be recorded. |
|
European Automobile federations get together to campaign about another Brexit inducing EU policy that will see snooping devices inflicted on drivers from 2018
|
|
|
| 10th December 2015
|
|
| See
article from independent.co.uk See
mycarmydata.eu |
Thousands of Europe's drivers will be spied upon by their cars from 2018 when every vehicle sold could alert advertisers, insurers, councils, tax authorities, traffic wardens and police to their habits and locations, a European motoring
organisation is warning. The Federation International de l'Automobile (FIA), a Brussels-based consumer body representing 111 motoring and touring clubs and 38 million drivers, has launched a campaign urging greater safeguards for the use of
information on drivers gathered by tracking devices that will soon become compulsory in all new cars. FIA spokeswoman Andrea Campbell said its: My car, my data campaign reflected the fact that information gleaned from
cars is not protected by European data legislation. From 2018, every new car will have a wireless box for road safety, and there is talk of retro-fitting telematics boxes into older cars. It's only a small step to offering
infotainment, traffic information and rest stop promotions. Manufacturers can track you, and lock you in to their terms and conditions. So we are pushing for dedicated privacy legislation for consumer data protection, greater
consumer awareness, and a fair after-market for services.
Britain's AA motoring organisation is to join the campaign. Its president, Edmund King, said: Connected cars offer drivers a vast array of
new and exciting services and they can also help with breakdowns and crashes. But drivers may be unaware of just what information is collected, how it is used, who owns it and how is it protected. We support the FIA's campaign aimed at ensuring greater
transparency.
Data-connected cars gather information on driving styles, including the duration of journeys, speeds, acceleration and sudden braking, as well as details of where cars park, refuel or charge their batteries, and latest
destinations entered into on-board navigation systems. Smart systems can identify driving violations and mobile phone use, record the number of passengers and relay information about engine trouble to emergency services. Such data can be sold to
third parties. |
|
France looks to ramping up state surveillance
|
|
|
| 7th
December 2015
|
|
| See article from theregister.co.uk
|
The French government is looking towards some of the powers enabled by the current state of emergency and is proposing several ideas to increase state surveillance, including blocks on encrypted Internet connections and a ban on public Wi-Fi networks.
According to the newspaper, Le Monde, the extension of the state of emergency could also stretch to requiring all rental cars to carry GPS, expansion of public video surveillance, two-year telecommunications data retention, and approval for police
to use IMSI-catchers (like the Stingray devices used in America to intercept mobile communications). French news site Numerama.com adds that the matters under debate also include forced provision of messaging encryption keys. The proposals could
be up for enacting in law as soon as January, Numerama says. The proposals stretch beyond shutting off the Wi-Fi at Parisian cafes to banning shared connections with criminal sanctions as enforcement. It would seem that the French
authorities want to be better able to correlate individuals with their internet communications by making sure that knowledge of an IP address ties down the communication to known and identified individual. The proposals also indicate a desire to
snoop on VoIP conversations, again with encryption keys to be given to the police.
|
|
|
|
|
| 2nd December 2015
|
|
|
Thanks to soft touch oversight. Privacy International battle exposes bulk warrants See article from theregister.co.uk
|
|
|
|
|
| 1st December 2015
|
|
|
Banks, insurers and even the taxman are trawling Facebook and other sites looking for information about you See
article from telegraph.co.uk |
|
Offsite articles outlining details of the Snooper's Charter
|
|
|
| 13th November 2015
|
|
| |
The Tory war on privacy 13th November 2015. See article from spiked-online.com The Investigatory Powers Bill should be
ripped up. By Tom Slater What the Investigatory Powers Bill will mean for your internet use 10th November 2015. See
article from theregister.co.uk So who REALLY knows what
I access?
The Register details what ISPs will and will not be able to determine from your internet usage. However the article should be read with a little caution. Eg just because an ISP cannot determine which of your family members is accessing the websites on
the log doesn't mean the authorities can't. In fact the bill mentions specific capabilities to use context and tracking cookies etc to determine which family member access which sites.
UK surveillance bill could bring very dire consequences , warns Apple chief 10th November 2015. See article from theguardian.com
Any back door is a back door for everyone, says Tim Cook of proposals to allow authorities to track citizens' internet use without requiring warrant
UK Surveillance
Bill a Threat to Privacy 9th November 2015. See article from hrw.org
Key aspects of the bill include:
The bill would preserve current blanket data retention requirements for communications data and add a new requirement for communications service providers to retain users' "Internet connection records" for up to 12
months. As described in the government's explanatory notes, this requirement means that the government could get a list of all the websites a person visits or online services they use for up to a year. Even though this would not provide access to the
specific pages of a website the person visited, it would be highly revealing of a person's online activity and could result in self-censorship with a chilling effect on free expression. It would also breach the right to privacy and to information, given
that it applies to all users regardless of whether they are under suspicion. Intelligence agencies and police would be able to access such communications data without a warrant or review by a judge. Although judicial approval is required for police to
gain access to journalists' sources, it would not be required for intelligence agencies to get this access.
Request Filters... 5th November 2015. See article from theregister.co.uk
T
he Snooper's Charter Bill reveals how the state will maintain a separate datebase entry for every internet user, even when they share an internet connection Commenting on the government spin about the snooper's
charter... 5th November 2015. See article from theguardian.com .
The surveillance bill is as big a threat to state security as to personal liberty. By Simon Jenkins Surveillance Q&A what web data is affected – and how to foil the snoopers... 5th November 2015. See
article from theguardian.com .
Critics call it a revived snooper's charter, because the government wants police and spies to be given access to the web browsing history of everyone in Britain. However, Theresa May says her measures would require internet
companies to store data about customers that amount to simply the modern equivalent of an itemised phone bill . Who is right? And is there anything you can do to make your communications more secure?
Will UK spy bill risk exposing people's porn habits? ...
5th November 2015. See article from bbc.co.uk . So, the bill proposes the authorities be given the right to retrospectively
check people's internet connection records without having to obtain a warrant. That means, for example, they would be allowed to learn someone had used Snapchat at 07:30 on their smartphone at home and then two hours later
visited Facebook's website via their laptop at work. It may sound fairly innocuous - but of course many people have internet habits that are legal but nevertheless very private. So, is their privacy being put at risk?
|
|
More propaganda from Theresa May and co shown to be bollox
|
|
|
|
4th November 2015
|
|
| 3rd November 2015. See article from telegraph.co.uk |
Internet and social media companies will be banned from putting customer communications beyond their own reach under new laws to be unveiled on Wednesday. Companies such as Apple, Google and others will no longer be able to offer encryption so
advanced that even they cannot decipher it when asked to, the Daily Telegraph can disclose. Measures in the Investigatory Powers Bill will place in law a requirement on tech firms and service providers to be able to provide unencrypted
communications to the police or spy agencies if requested through a warrant. A Home Office spokessnoop said: The Government is clear we need to find a way to work with industry as technology develops to ensure that,
with clear oversight and a robust legal framework, the police and intelligence agencies can access the content of communications of terrorists and criminals in order to resolve police investigations and prevent criminal acts. That
means ensuring that companies themselves can access the content of communications on their networks when presented with a warrant, as many of them already do for their own business purposes, for example to target advertising. These companies' reputations
rest on their ability to protect their users' data.
Update: The impact of a ban on encryption 4th November 2015. See
article from publicaffairs.linx.net Contrary
to recent promises by Ministers that the government will not attempt to weaken or undermine encryption, the new obligation would require companies to ensure that they had the capability to decrypt any data they stored. This would particularly impact
cloud-based companies like Apple and Facebook, which have won consumer trust for the integrity of their Facetime and WhatsApp communications services by designing them with encryption that protects customer data even from the company itself.
End-to-end encryption means, for communications, that the message is encrypted by the sender with a key known only to the intended recipient. Thus Alice can Facetime Bob safe in the knowledge that Apple cannot access the
communication, even though Facetime communications need to be sent through servers run by Apple. End-to-end encryption also applies for data storage in the cloud: a business storing its corporate data in a cloud service like Amazon S3 or Google Glacier
will encrypt that data with a key that it knows and Amazon or Google does not. The ability to support end-to-end encryption has been a crucial factor enabling adoption of cloud-based services as a viable alternative to traditional
applications run by corporate IT departments. Quite apart from any consumer backlash, prohibiting this capability would give pause to more security-sensitive businesses, that have a duty to protect the integrity of their customer data: if storing data in
the cloud means exposing customer data to the cloud-service provider, use of cloud services becomes much riskier. Recent high-profile breaches at TalkTalk, Vodafone and credit-rating agency Experian have greatly raised sensitivity to risk.
|
|
Time to write a bot to visit millions of random sites to obscure your actual browsing
|
|
|
| 2nd November 2015
|
|
| See article from telegraph.co.uk |
Councils, the taxman and dozens of other public bodies will be able to search the internet and social media activity of everyone in Britain, The Telegraph can disclose. Technology firms will be required to keep records of the websites and apps
which people have used and details of when they accessed them for 12 months under new powers unveiled this week. The new powers, contained in legislation which is published on Wednesday , will primarily be used by police and the security services
in pursuit of suspected terrorists and serious criminals. Nominally they will not be allowed to see which pages people have viewed or their searches while on the websites and apps, or the content of any messages, without a warrant, however it
would seem likely obtaining a warrant will be a rubber stamp exercise. The Telegraph understands that a total of 38 bodies will also be entitled to access the records for the purpose of detecting or preventing crime . A government
source claims that access will be limited, targeted and strictly controlled and overseen by a new Investigatory Powers Commissioner, but such 'oversight' has never ever done anything to reign in the authorities in any previous incarnation of
snooping laws. Ministers are also planning to introduce a new offence to deter the abuse of powers which will result in significant fines. Councils will also be required to get requests signed off by a magistrate before they are authorised, but it
seems unlikely that a magistrate would ever side with anyone accused of a crime. The authorities will be able to see which websites were visited, but not the exact page that they viewed. The intelligence agencies, police and the National
Crime Agency will be the obvious users of the capability but other bodies including the Financial Conduct Authority, HMRC, councils, the Health and Safety Executive and the Department for Work and Pensions will be able to access the information.
|
|
|
|
|
| 2nd November 2015
|
|
|
The Investigatory Powers Bill is our chance to publicly set the rules around surveillance. By Julian Huppert See
article from opendemocracy.net |
|
|
|
|
| 2nd November 2015
|
|
|
Volkswagen's lesson on encryption software. By Nadim Kobeissi See article from opendemocracy.net
|
|
|
|
|
| 1st
November 2015
|
|
|
The state still wants licence to pry. By Henry Porter See article from theguardian.com |
|
Beta release of messaging app that will later provide secure comms
|
|
|
| 31st October 2015
|
|
| See article from bbc.co.uk See also
article from blog.torproject.org |
A new chat tool has been launched in an effort to improve the security of online messaging. Tor Messenger allows users to chat over the Tor (The Onion Router) network in a way which hides the location of participants. It means that the contents of
messages will only be visible to the participants. The service will also work with platforms like Facebook even in countries where they are banned. The tool is currently in beta and will undergo security tests. It is not yet recommended for
users with current security requirements. Users wishing to remain anonymous or access chat clients blocked in their own country could use Tor Messenger to chat via services like Facebook Chat, Google Talk, Twitter, Yahoo and Internet Relay Chat.
|
|
European Parliament passes resolution to support Edward Snowden
|
|
|
| 30th October 2015
|
|
| See article from edition.cnn.com |
The European Parliament voted Thursday in support of a resolution that calls on member states to protect Edward Snowden from extradition. The vote, which has no legal force, was 285-281. The resolution urges nations to drop criminal charges and consequently prevent extradition or rendition by third parties, in recognition of his status as whistle-blower and international human rights defender.
On Twitter, Snowden repsonded This is not a blow against the US Government, but an open hand extended by friends. It is a chance to move forward.
In response to Thursday's vote, U.S.
State Department spokesman John Kirby said the U.S. policy on Snowden has not changed: He needs to come back to the United States and face the due process and the judicial process here in the United States. That's been
our position from the beginning. It's our belief that the man put U.S. national security in great danger and he needs to be held account to that.
|
|
|
|
|
| 29th October 2015
|
|
|
Explaining the latest CISA bill facilitating US mass snooping See article from techtimes.com
|
|
|
|
|
| 27th
October 2015
|
|
|
In the surveillance versus privacy debate that followed Snowden's revelations, the UK government and the British press have been rather strange bedfellows. By Jonathan Heawood See
article from opendemocracy.net |
|
Facebook will notify users when they are targeted by nation-states
|
|
|
|
19th October 2015
|
|
| See Facebook Page |
Alex Stamos, Chief Security Officer at Facebook, explains its new Notification for targeted attacks: The security of people's accounts is paramount at Facebook, which is why we constantly monitor for potentially malicious
activity and offer many options to proactively secure your account. Starting today, we will notify you if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state. While we have always taken steps to secure accounts that we believe to have been compromised, we decided to show this additional warning if we have a strong suspicion that an attack could be government-sponsored. We do this because these types of attacks tend to be more advanced and dangerous than others, and we strongly encourage affected people to take the actions necessary to secure all of their online accounts.
It's important to understand that this warning is not related to any compromise of Facebook's platform or systems, and that having an account compromised in this manner may indicate that your computer or mobile device has been
infected with malware. Ideally, people who see this message should take care to rebuild or replace these systems if possible. To protect the integrity of our methods and processes, we often won't be able to explain how we
attribute certain attacks to suspected attackers. That said, we plan to use this warning only in situations where the evidence strongly supports our conclusion. We hope that these warnings will assist those people in need of protection, and we will
continue to improve our ability to prevent and detect attacks of all kinds against people on Facebook.
|
|
Germany passes new internet mass snooping law, after all they now have an awful lot of Syrians to keep an eye on
|
|
|
| 17th October 2015
|
|
| See article from
theregister.co.uk |
Germany's Bundestag has voted for a new version of the data retention law that caused so much controversy in the past. The new law will force telcos to store call and email records for 10 weeks, as well as metadata including information about who
called or emailed whom and when, and call duration. IP addresses will also be logged. Mobile phone location data will only be stored for four weeks. The data is only to be used in the investigation of terrorism and other serious crimes (but all
crimes are defined as 'serious' crimes these days) and police must get a judge's consent before rifling through personal metadata, and the individual in question must be notified. Justice Minister Heiko Maas defended the new law, saying that it
was proportionate, in contrast to earlier legislation, as less data would be stored and retained for a shorter time. |
|
|
|
|
| 17th October 2015
|
|
|
The BBC Panorama interview with Edward Snowden See article from
opendemocracy.net |
|
The Obama administration will not pursue requirements for government backdoor into encrypted communications
|
|
|
| 16th October 2015
|
|
| See
article from publicaffairs.linx.net |
The Obama administration has announced that it will not be pursuing legislation to force tech companies to introduce encryption backdoors. National Security Council spokesman Mark Stroh said: As the president has said,
the United States will work to ensure that malicious actors can be held to account -- without weakening our commitment to strong encryption. As part of those efforts, we are actively engaged with private companies to ensure they understand the public
safety and national security risks that result from malicious actors' use of their encrypted products and services.
The announcement came in the same week that Wikipedia founder Jimmy Wales called the British Prime Minister's
anti-encryption rhetoric moronic . He said: It's too late, David. ...The genie is out of the bottle. ...It is not feasible in any sense of the word for the UK to ban end-to-end encryption. It's a completely
moronic and stupid thing to do. We all have a very strong interest in a safe and secure internet.
|
|
|