Privacy Roundup #0096 • July 2014
July 2014 deepened the post-Snowden reckoning, with fresh surveillance leaks, emergency British data laws, transatlantic spy expulsions and a wave of breaches and tracking exposes.
1. Oversight board releases its report on Section 702 surveillance
The Privacy and Civil Liberties Oversight Board published its review of the NSA's Section 702 programme, judging PRISM lawful while warning that incidental collection of Americans' communications pushed the scheme close to the limits of the Fourth Amendment. The board issued ten recommendations on targeting, queries and transparency.
2. XKeyscore source code reveals Tor and Tails users tagged as extremists
German broadcaster Das Erste published portions of NSA XKeyscore source code showing that anyone who visited the Tor website or searched for the Tails operating system was fingerprinted and flagged for surveillance. The rules described Tails as a tool advocated by extremists on extremist forums.
3. EPIC files a complaint over Facebook's emotional contagion experiment
The Electronic Privacy Information Center asked the Federal Trade Commission to investigate Facebook's secret study, which altered the news feeds of roughly 700,000 users to measure emotional responses. The complaint argued that the company manipulated people without meaningful consent.
→ epic.org
4. Google erases British news articles under the right to be forgotten
Google began removing links to articles by The Guardian and the BBC from European search results after receiving requests under the new European right to be forgotten. The deletion of a BBC blog post about a former Merrill Lynch chief drew sharp criticism over press freedom.
5. In NSA-intercepted data, ordinary users far outnumber the targets
The Washington Post reported, drawing on the Snowden files, that nine in ten account holders in a cache of intercepted conversations were not the people the agency had targeted. The trove of 160,000 messages laid bare the breadth of so-called targeted surveillance.
6. Muslim-American leaders revealed as targets of NSA and FBI monitoring
The Intercept reported that the NSA and FBI had covertly monitored the emails of prominent Muslim-American lawyers, academics and activists under procedures meant for terrorists and foreign spies. A leaked internal memo that used the placeholder name "Mohammed Raghead" prompted demands for an inquiry.
7. Germany expels the CIA station chief over spying allegations
Berlin ordered the senior CIA officer in Germany to leave the country after two Germans were accused of spying for the United States. The expulsion marked an extraordinary rupture between allies already strained by the surveillance of Chancellor Angela Merkel.
8. Snowden gives a seven-hour interview from Moscow
The Guardian published an extended interview with Edward Snowden, conducted over seven hours in a Moscow hotel and released as an edited transcript. He condemned Britain's fast-tracked emergency surveillance bill and defended his decision to leak.
9. GCHQ tools for hacking online polls and seeding the internet are exposed
The Intercept detailed a GCHQ unit called JTRIG, whose toolkit could rig online polls, inflate page views, amplify YouTube messages and plant false material to ruin reputations. The documents described most of the tools as fully operational and reliable.
10. Britain fast-tracks the DRIP emergency data retention law
Parliament rushed the Data Retention and Investigatory Powers Act through in days, restoring metadata retention duties after a European court struck down the previous regime. Critics warned that the speed prevented proper debate and that the law quietly expanded interception powers.
11. GCHQ mass surveillance goes on trial at the Investigatory Powers Tribunal
Privacy International, Amnesty International, Liberty and others put British intelligence agencies before the Investigatory Powers Tribunal in a week-long hearing. The case tested whether the Tempora bulk interception programme and access to American intercepts breached human rights law.
12. White House website found using a non-cookie tracker
The Electronic Frontier Foundation revealed that the White House site embedded AddThis code using canvas fingerprinting, a technique that ordinary cookie controls cannot block. The practice contradicted the site's own privacy policy promise that visitors could opt out of measurement technologies.
13. Banks trace a payment card breach to Goodwill Industries
Krebs on Security reported that financial institutions across the country were tracking fraud tied to Goodwill thrift stores. The breach, later blamed on a third-party processor, exposed hundreds of thousands of payment cards across more than twenty states.
14. Canvas fingerprinting found tracking visitors to thousands of sites
ProPublica reported that a tracking method called canvas fingerprinting, deployed by the firm AddThis, was shadowing visitors across thousands of popular websites. The technique drew a hidden image to identify each device and was unusually hard to block.
15. EFF releases Privacy Badger to fight covert tracking
The Electronic Frontier Foundation launched a beta of Privacy Badger, a browser add-on that detects and blocks trackers following users without consent. The tool aimed to stop creepy advertising surveillance regardless of whether it used cookies or stealthier fingerprints.
16. Russia signs a law forcing citizens' data onto local servers
President Putin signed legislation requiring operators to store the personal data of Russian citizens on servers inside Russia. The measure arrived alongside rules compelling popular bloggers to register with the state communications regulator.
17. European Central Bank discloses theft of contact details
The European Central Bank revealed that intruders had stolen email addresses and contact information from a database used for event registrations. The breach came to light when an attacker emailed the bank demanding payment for the stolen data.
18. CIA director apologises for searching Senate computers
John Brennan apologised to the Senate Intelligence Committee after an internal inquiry confirmed that agency staff had improperly searched computers used by investigators of the CIA torture programme. The admission reversed his earlier denial and raised questions about the separation of powers.
19. Court orders Microsoft to hand over email stored in Ireland
A federal judge in New York ruled that Microsoft must comply with a warrant for customer email held in its Dublin data centre. The decision set up a closely watched appeal over whether American warrants reach data stored abroad.
20. ACLU coalition demands answers on surveillance of Muslim leaders
Forty-four civil rights groups, organised by the American Civil Liberties Union, wrote to President Obama seeking a full public accounting of the monitoring of Muslim-American community leaders. The letter followed the disclosure of an internal memo with an offensive placeholder name.
Enjoyed this post?
Well, you could share the post with others, follow me with RSS Feeds and/or send me a comment via email.
Tags
Category:
Year: