Well quite a lot according to some sources. I found a Child Identity Theft Education Kit that you may find useful. I am looking around for more on this subject. I have not heard that there is so much of a problem here in the Nordics, but in the United States there seems to be quite significant, and is growing because a child’s identity is a ‘clean-slate’ and perfect target for identity fraud.
Category: U.S.
The latest on Snowden
Well whether you believe him to be a traitor or a whistleblower, seems that Snowden was granted asylum by Russia. He is traveling around the country, fascinated by the history, and is managing this without being recognized. He has received many job offers. So who knows what is in store for him. Read more at the Guardian.
This is an outrage !
Seems that the email service that Edward Snowden recommended as actually protecting your privacy in the US is being forced to share all data and subsequently shut down! The owner and operator of the service, Ladar Levison, has been gagged. Reading between the lines, it looks like he will move his services outside of the US.
His advice is don’t share any of your data on US servers! Read more in infosecurity.
TRUST is a currency
The PRISM exposure has presented non-US companies with a dilemma. The drive is into the cloud, but they don’t want their information outside of safe EU jurisdiction. According to Forbes it is estimated that the US will lose a lot of $USD as a result.
What needs to be clear here is that PRISM is about government nosing around in our social media activities without us being informed of this. Organizations could say that this is not a risk as they are not in the social media space (unless it is their core competence)… or is it?
What these undercover eavesdropping indicates is that the US government can’t be trusted. They have not been transparent in what they are doing. They are eavesdropping behind the backs of their own citizens. Even after Edward Snowden exposure they continued to deny. I see ‘trust’ as a world currency. Each one of us creates or destroys trust based on our personal/professional actions. This is especially pertinent now in this very connected world we live in today. Transparency is a foundation for trust, and governments that continue this facade of lying to its citizens, are at the cost of trust.. and eventually $USD will pay the price!
More on Snowden
There has been another Guardian exclusive – online access to Snowden Q&A that is worth a look if you’re just a little intrigued by all the excitement. Make yourself a cup of coffee first though đ
What seems to be clear is that when Snowden says NSA has direct access to the 9 main Internet services, he means direct access. When questioned about denials made by Google, Facebook, Apple, etc., his response was that they had no choice. It seems they have some sort of ‘gagging’ order and break the law by admitting to these top-secret operations.
MSIPR, SIPRM, PIRMS, IPMSR? No it’s PRISM!
Yes so in whatever form PRISM does exist. I talked about it… well more rolled over this in previous posts. Now everything that you may want to know about PRISM to date, that is by 12 June can be found here.
Now there are two parts here, or maybe three.
1) collection of communications that happens to be passing over the wires
2) collection of social, other online activities of US citizens
3) collection of a) communications, b) social, other online activities; of non-US citizens.
Now PRISM is about (2) and (3b). PRISM is a system the NSA uses to gain access to the private communications of users of nine popular Internet services including Google, Facebook and Apple. It seems to be that an official request for information of a particular individual can be made to any of these services, and they will comply if the request is legally valid. These Internet service deny strongly that NSA has direct access to their servers.
So apparently NSA does not have direct access to the 9 most popular Internet Services, but what is the breath of their power to collect data on US-citizens?
Well the FISA Amendments Act (Section 702) does not require the government to show probable cause to believe that the target of surveillance has committed a crime. This is only for non-US citizens. Instead of showing probable cause to a judge, Section 702 of FISA allows senior Obama administration officials to âauthorizeâ the âtargeting of persons reasonably believed to be located outside the United States.â The surveillance may not âintentionally targetâ an American, but the NSA can obtain the private communications of Americans as part of a request that officially âtargetsâ a foreigner. There is some use of the Patriots Act for this. I am not sure how the FISA Section 702 and the Patriots Act overlap though.
Ha! So if you as a US-citizen are communicating with an individual that is outside of the US and deemed as a threat to national security, your data is being collected. You could be a supporter of Greenpeace for example, they were targeted for surveillance in the past.
So what is my take on PRISM. It seems perfectly reasonable that in the name of national security requests for data on individuals can be collected by government intelligence. Same as officials upholding the law would request for a search warrant. However, PRISM should not be secret. That this is happening should be transparent to all US citizens and non-citizens. Why keep a secret? The supermarkets are pretty transparent about collecting our personal buying habits, maybe the package the justification in fancy packaging, but the reason is clear, to make money. So why does the government have to go around pretending still that it does not do these things? Has it not yet realized that the Cold War is over, and has been for quite some years now?
More on wire-tapping worldwide!
I thought given the wire-tapping excitement going on now, that I’d post some of the practices going on world-wide that maybe you are not aware of, all excepts from Virtual Shadows (2009), so there could be some updates since, I haven’t checked. If there are updates it will surely include social media as per USA with PRISM.
ILETS
Many of the international laws on wiretapping date back to a series of seminars hosted by the FBI in the United States in 1993 at its research facility in Quantico, Virginia, called the International Law Enforcement Telecommunications Seminar (ILETS) together with representatives from Canada, Hong Kong, Australia and the EU. The product of these meetings was the adoption of an international standard called the International Requirements for Interception that possessed similar characteristics to CALEA from the United States. In 1995 the Council of the European Union approved a secret resolution adopting the ILETS. Following its adoption and without revealing the role of the FBI in developing the standard, many countries have adopted laws to this effect. Following adoption of the standard the European Union and the United States offered a Memorandum of Understanding (MoU) for other countries to sign to commit to the standards. All participating countries were encouraged to adopt the standards so it was natural that international standards organisations, such as the International Telecommunications Union (ITU) and the European Telecommunication Standardization Institute (ETSI), would adopt the standards.
Adoption of wire-tapping laws
Australia was one of the first countries to sign the MoU along with Canada. In Australia the Telecommunications Act expects the telecommunications operators to proactively assist law enforcement by providing an interception capability.
In the UK RIPA requires that telecommunications operators maintain a âreasonable interception capabilityâ in their systems and be able to provide on notice certain âtraffic dataâ.
In the Netherlands all ISPs have to have the capability to intercept all traffic with a court order and maintain usersâ logs for three months.
In New Zealand the Telecommunications (Interception Capabilities) Act 2004 obliges telecommunications companies and ISPs to intercept phone calls and emails on the request of the police and security services.
In Switzerland ISPs are required to take all necessary measures to allow for the interception of mail and telecommunications.
In June 2008 Swedenâs parliament approved controversial new laws (FRA-lagen) allowing authorities to spy on cross-border email and telephone traffic. The Swedish press claim that this will make Sweden the most surveyed country in Europe. This wiretapping law enables the intelligence authorities to âlistenâ to all traffic, Hotmail, MSN, SMS etc., across Swedenâs borders. The law becomes effective at the end of 2009. Given Swedenâs stance on human rights the passing of this law is quite remarkable. It was following some pretty heated dis- cussions in parliament that the law was passed on a very fine majority (47 against and 52 for). The argument for tapping of international lines is âterrorismâ. Of course any âterroristsâ will encrypt their communications and there is nothing that the Swedish authorities can do about this. Of course one can always monitor âtraffic patternsâ on identified suspect com- munication which can be as revealing as the communicationsâ contents themselves in certain situations. However the use of the contents of such communications in a court of law will be impossible without the decryption key and they cannot obtain this unless there is a law enacted similar to the RIPA in the UK, which forces the key-holder to give the encryption or decryption key to the authorities on request and if they refuse they can be convicted for concealing evidence.
There was also a telecommunications driven incentive in 2008 called Phorm. I have not checked out the present status in 2013.
NSA leak scandal and Snowden
What a mess with all these emotions flying around on Ed Snowden and his actions. In the one camp are those proclaiming Snowden as a traitor, and in the other extreme camp, he is a hero, a whistleblower!
The fact that the US are wire-tapping has been known for years, it’s just that the fact has never been made official. In my book Virtual Shadows published quite some time ago in 2009, there is a section just on this
“US wiretapping practices
The US government has led a worldwide effort to limit individual privacy and enhance the capability of its police and intelligence services to eavesdrop on personal conversations. The Communications Assistance for Law Enforcement Act (CALEA) sets out legal requirements for telecommunications providers and equipment manufacturers on the surveillance capabilities that must be built into all telephone systems used in the United States.” (Virtual Shadows, 2009)
Then there is “another program, known as PRISM, has given the NSA access since at least 2007 to emails, video chats and other communications through U.S. Internet companies to spy on foreigners. American emails inevitably were swept up as well.”
There have been some embarrassing exposure before the Snowden escapade, for example “Mathematician William Binney worked for the National Security Agency for four decades, and in the late 1990s he helped design a system to sort through the digital data the agency was sucking up in the exploding universe of bits and bytes. When the agency picked a rival technology, he became disillusioned. He retired a month after the terrorist attacks of Sept 11, 2001, and later went public with his concerns.” As reported by the Los Angeles Times. Blinney called this a “digital dragnet”.
My opinion?
So what’s my take on all this. Well you should know me by now, I am a fervent believer in transparency. I believe that trust can only be built on a foundation of transparency. Clearly although the governments around the world need to ‘protect’ their citizens. But why can’t they just tell them what they are doing? “We are tracking your communications”. We are pulling information from your Facebook profile if a threat to national security is felt. Just as in the EU, data subjects should have a right to know when their personal information is being accessed. They should be informed… period.
This means they continue with their activities, but are transparent in their operations. The fact is most people don’t really seem to care. They most are selling their buying habits today for a free chicken in their shopping trolley đ
Am I a supporter of Snowden’s actions as whistle-blower. Yes I am!
Cyberattack $45 million stolen
How can this happen? I guess PCI DSS is not working, although it is the prepaid debit card companies themselves that have been exploited. Apparently they are less secure than other financial institutions? But are they not financial institutions per se themselves?
They are not naming the Visa and Mastercard prepaid card companies in the US that were compromised. I wonder why đ
I find it amazing that after the first attack in December, that there was an identical one in February. It seems to be that the ring leaders were caught, but what about all the hackers sitting behind this operation? I am sure they are still out there hacking away and getting away with it.
CISPA
Cyber Intelligence Sharing and Protection Act (CISA) is not aligned with civil and privacy rights of the individual according to privacy advocates such as Electronic Frontier Foundation and Avaaz.org.
Neither Microsoft or Facebook support this bill. Imagine that everything you post on FB to be available for government authorities? Fine if you trust them I suppose, but I don’t.
Why is not crowdsourcing used more in the fight against terrorism? Transparency and the power of the people, of whom most want a safe society could provide an all encompassing safetynet. Crowdsourcing for example is starting to be used to locate missing persons and children, it is very powerful. There are so many people out there that can make a positive difference to this broken world we live in.