Wrong Direction on Privacy - using NSLs to obtain communication transactional information

=JeffH Jeff.Hodges at KingsMountain.com
Thu Sep 30 15:30:11 PDT 2010 

another facet of The Administration's "We Hear You" efforts..


Wrong Direction on Privacy
Susan Landau
2-Aug-2010

http://www.huffingtonpost.com/susan-landau/wrong-direction-on-privac_b_666915.html

The White House wants to make it easier for the FBI to get at your email 
and web browsing records; the plan is to make transactional information 
surrounding your Internet communications --- the to/from information and 
the times and dates of those communications --- subject to National 
Security Letters (NSLs), meaning the FBI could get these records without 
going through a judge.

NSLs were created in 1978 to give FBI investigators an easy way to obtain  
various business records, including the transactional information of phone  
records (not the content, which is subject to more stringent protections). 
The "easy" part of NSLs is that no courts are involved in issuing an NSL; 
the bureau does so itself. FBI guidelines require NSLs to be issued only on 
a written request of an FBI Special Agent in Charge (or other specially 
delegated senior FBI official), and there are four approval steps in the 
process.

Originally NSLs were to be used against foreign powers and people believed 
to be their agents. But proving someone was an agent of a foreign power was 
not all that easy, and NSLs were rarely used. That situation changed with 
the PATRIOT Act, which allowed NSLs to be used to gather information 
relevant to international terrorism cases. In an Orwellian touch, under the 
PATRIOT Act the bureau could require that the recipient of an NSL keep the 
order secret. NSL numbers shot up; between 2003-2006, the FBI issued 
192,000 NSLs. Many were to phone companies. Why is clear; knowing who the 
bad guys are communicating with leads to untangling plots, often before law 
enforcement understands exactly what the plot might be. Such appears to be 
what happened, for example, in the case of Najibullah Zazi, who recently 
pled guilty to a plot to bomb the New York City subways.

At first in the initial aftermath of September 11th, telephone company 
workers were sharing offices with the FBI Communications Assistance Unit, 
and many times the required procedures went by the wayside. And instead of 
NSLs, the FBI begun using "exigent letters'' requesting immediate access to 
telephone records with claims to the phone companies that the appropriate 
subpoenas were in process. Many times that wasn't true. Sometimes there 
wasn't even a paper trail for the requests; they were just issued verbally. 
Dates and other specifics were often missing from the requests, which meant 
law enforcement got many more months of data than there was need for.

Why does this matter? It turns out that communications transactional  
information is remarkably revelatory. When NSLs were created in 1978, 
phones were fixed devices, and the information of who was calling whom 
provided a useful past history of behavior. The information is much richer 
with mobile devices; knowing who is calling whom, or whose cellphone is 
repeatedly located in the same cellphone sector as whose, provides 
invaluable information --- information that is simultaneously remarkably 
invasive. Transactional data reveals who spends time together, what an 
organization's structure is, what business or political deals might be 
occurring. ... <snip/>


---
end

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list