Updates from May, 2014 Toggle Comment Threads | Keyboard Shortcuts

  • #AceNewsGroup 13:05 on May 21, 2014 Permalink
    Tags: , , , , , , , , ,   

    ` Anti-Secrecy Group WikiLeaks Plans to Publish Name of Country Targeted by NSA ‘ 

    #AceSecurityNews – UNITED STATES – May 21  – Despite warnings that doing so “could lead to increased violence” and potentially deaths, anti-secrecy group WikiLeaks says it plans to publish the name of a country targeted by a massive United States surveillance operation.

    Wikileaks and Intercept

    On Monday this week, journalists at The Intercept published a report based off of leaked US National Security Agency documents supplied by former contractor Edward Snowden which suggested that the NSA has collected in bulk the contents of all phone conversations made or received in two countries abroad. 

    Only one of those nations, however — the Bahamas — was named by The Intercept. The other, journalists Ryan Devereaux, Glenn Greenwald and Laura Poitras wrote this week, was withheld as a result of “credible concerns that doing so could lead to increased violence.”

    WikiLeaks has since accused The Intercept and its parent company First Look Media of censorship and says they will publish the identity of the country if the name remains redacted in the original article. The Intercept’s Greenwald fired back over Twitter, though, and said his outlet chose to publish more details than the Washington Post, where journalists previously reported on a related call collection program but chose to redact more thoroughly. 

    “We condemn Firstlook for following the Washington Post into censoring the mass interception of an entire nation,” WikiLeaks tweeted on Monday.

    “It is not the place of Firstlook or the Washington Post to deny the rights of an entire people to know they are being mass recorded,” WikiLeaks added. “It is not the place of Firstlook or WaPo to decide how people will [choose] to act against mass breaches of their rights by the United States.”

    When Greenwald defended his decision to publish the names of four countries where telephony metadata is collected by the NSA but withhold a fifth where content is recorded as well, WikiLeaks said it could be interpreted as meaning that the unknown country doesn’t deserve to know they’re being surveilled, but Greenwald said

    The Intercept was “very convinced” it could lead to deaths.

    Later, WikiLeaks equated this as an act of racism.

    But as the conversation escalated, the WikiLeaks Twitter announced it would disclose the nation’s identify if The Intercept did not, despite requests from the US government to leave that information redact over fears of what the response could be. 

    When has true published information harmed innocents?” WikiLeaks asked.“To repeat this false Pentagon talking point is to hurt all publishers.” 


    “We will reveal the name of the censored country whose population is being mass recorded in 72 hours,” WikiLeaks wrote at 6:35 p.m. EST Tuesday evening.

    If the organization intends to uphold that promise, that the identity of the country could be revealed before the weekend. 

    Read More at: RT


    Enhanced by Zemanta
  • #AceNewsGroup 19:48 on May 13, 2014 Permalink
    Tags: , , Do Not Track Policy, , European Union Court of Justice, , , , Spanish language, Web search engine   

    ` Google Must Comply with European Laws on Privacy by Amending Search Results ‘ 

    #AceSecurityNews – EU COURT Of JUSTICE – May 13 – Google must comply with the European laws on privacy and amend some search results, a top EU court ruled on Tuesday, May 13.

    English: Google Logo officially released on Ma...

    English: Google Logo officially released on May 2010 (Photo credit: Wikipedia)

    The European Union Court of Justice said that ordinary people can ask Google to remove some sensitive, irrelevant or outdated information from Internet search results.

    Earlier, the search engine stated that it does not control search results and bears no responsibility for personal data that is “in open access”. The responsibility lies with the owner of the website that provides the information, and Google merely presents the user with a link.

    The case was brought by a Spanish man who complained that an auction notice of his home that could be found on Google infringed upon his privacy.

    Around 180 similar complaints have been filed in Spain.


    Enhanced by Zemanta
  • #AceNewsGroup 11:55 on May 8, 2014 Permalink
    Tags: , , Bob Goodlatte, Foreign Intelligence Surveillance Act, House Judiciary Committee, Jim Sensenbrenner, judiciary committee, , , , United States House Committee on the Judiciary, , USA Freedom Act   

    ` US House of Representatives Approves Legislation to Prevent Bulk Collection of Data ‘ 

    #AceSecurityNews – UNITED STATES – WASHINGTON – NSA – May 08 –  A US House of Representatives committee approved legislation on Wednesday that would limit the National Security Agency’s bulk collection of domestic telephone metadata. By a vote of 32 to 0, the House Judiciary Committee advanced the USA Freedom Act, which would end the NSA’s wholesale gathering and storage of American phone data, leaving telecommunications companies responsible for retaining the records.

    The bill would still allow the NSA to collect a person’s phone records, and those of people two “hops” or contacts away, if a judge on the Foreign Intelligence Surveillance Act court, which has been very generous to NSA spying requests in recent years, signs off on the request based on reasonable suspicion of so-called terrorism involvement.

    A reform bill deemed as the toughest clampdown yet on the NSA’s collection of phone metadata is expected to move through a key US House committee this week, setting up a showdown between the bill and less stringent legislation supported by House leaders.

    House of Representatives Judiciary Committee Chairman Bob Goodlatte (R-VA) will reportedly act on the USA Freedom Act on Wednesday after the bill sat dormant since its introduction in October by former judiciary committee chair and US Patriot Act author Jim Sensenbrenner (R-OH).

    The bill is the favored legislative vehicle for privacy advocates that want to see reform of the NSA’s bulk collection of domestic phone call data. Congressional aides believe the bill will pass through the committee with bipartisan support, the Guardian reported. Privacy advocates believe the bill has real potential to pass in a general House vote should it get the chance.

    The House Judiciary Committee’s USA Freedom Act was left for dead by House Republican leadership after a competing NSA reform bill was offered in March by House Intelligence Committee Chairman Mike Rogers. The intel committee’s proposal would allow the NSA to continue gathering domestic call data without a prior judicial order.

    Hours after the Judiciary Committee announced it would markup its NSA bill on Wednesday, the Intelligence Committee said it would do the same with its own reform bill, the FISA Transparency and Modernization Act, on Thursday. FISA, or the Foreign Intelligence Surveillance Act, dictates US surveillance of “foreign intelligence information” that can include American citizens or permanent residents suspected of terrorism.

    Goodlatte’s support for the USA Freedom Act was reportedly in doubt before House Republican leaders decided to bypass his committee effort to reform the NSA in favor of the Intelligence Committee’s more lukewarm legislation.

    The Intelligence Committee’s Rogers has criticized the USA Freedom Act for going too far in curbing bulk collection capabilities that, he says, are vital for national security reasons.

    Sensenbrenner’s USA Freedom Act was initially more strict in limiting NSA collection abilities, positing that it would “end bulk collection under Section 215 of the Patriot Act, in light of the massive intrusion on Americans’ privacy and the lack of evidence of its effectiveness.”

    Ace Related News:

    1. FOIA – http://www.gpo.gov/fdsys/pkg/BILLS-113hr3361ih/pdf/BILLS-113hr3361ih.pdf

    2. FISA – http://judiciary.house.gov/_cache/files/d4c6f7fd-4768-4b30-813d-47109cac271a/fisa-anos-001-xml.pdf

    RT – March 27

    Tweet or Share adding @AceNewsServices or #ANS2014  


    Enhanced by Zemanta
    • Brittius 12:00 on May 8, 2014 Permalink | Reply

      My, my… When the House Judiciary Committee was urged to vote for prevention of NSA data collection against the citizenry, the members of the HJC gloated, all of them, and were supporting and furthering NSA activities. Then, quite suddenly, it was revealed that the members of the HJC were also primary targets of, the NSA. Elected officials believing they are some sort of monarchy.


      • #AceNewsGroup 12:15 on May 8, 2014 Permalink | Reply

        They wriggled and suddenly realised they were as you say in the firing line. little realising this could affect them more than the citizen’s.

        So the vote of 32 to 0 was not a surprise to me, as it seems it is better the devil you know than the devil you don’t.

        Next ………………………..


  • #AceNewsGroup 13:00 on May 7, 2014 Permalink
    Tags: , , , , , High Value Target, Jeremy Scahill, , , , Subscriber identity module   

    NSA: ` Complex Analysis of Electronic Surveillance used to Target Lethal Drone Attacks ‘ 

    #AceSecurityNews – Guest Post – May 06 – The National Security Agency is using complex analysis of electronic surveillance, rather than human intelligence, as the primary method to locate targets for lethal drone strikes – an unreliable tactic that results in the deaths of innocent or unidentified people.

    According to a former drone operator for the military’s Joint Special Operations Command (JSOC) who also worked with the NSA, the agency often identifies targets based on controversial metadata analysis and cell-phone tracking technologies. Rather than confirming a target’s identity with operatives or informants on the ground, the CIA or the U.S. military then orders a strike based on the activity and location of the mobile phone a person is believed to be using.

    The drone operator, who agreed to discuss the top-secret programs on the condition of anonymity, was a member of JSOC’s High Value Targeting task force, which is charged with identifying, capturing or killing terrorist suspects in Yemen, Somalia, Afghanistan and elsewhere.

    His account is bolstered by top-secret NSA documents previously provided by whistleblower Edward Snowden. It is also supported by a former drone sensor operator with the U.S. Air Force, Brandon Bryant, who has become an outspoken critic of the lethal operations in which he was directly involved in Iraq, Afghanistan and Yemen.

    In one tactic, the NSA “geolocates” the SIM card or handset of a suspected terrorist’s mobile phone, enabling the CIA and U.S. military to conduct night raids and drone strikes to kill or capture the individual in possession of the device.

    The former JSOC drone operator is adamant that the technology has been responsible for taking out terrorists and networks of people facilitating improvised explosive device attacks against U.S. forces in Afghanistan. But he also states that innocent people have “absolutely” been killed as a result of the NSA’s increasing reliance on the surveillance tactic.

    One problem, he explains, is that targets are increasingly aware of the NSA’s reliance on geolocating, and have moved to thwart the tactic. Some have as many as 16 different SIM cards associated with their identity within the High Value Target system. Others, unaware that their mobile phone is being targeted, lend their phone, with the SIM card in it, to friends, children, spouses and family members.

    Some top Taliban leaders, knowing of the NSA’s targeting method, have purposely and randomly distributed SIM cards among their units in order to elude their trackers. “They would do things like go to meetings, take all their SIM cards out, put them in a bag, mix them up, and everybody gets a different SIM card when they leave,” the former drone operator says. “That’s how they confuse us.”

    Courtesy of By  and  10 Feb 2014, 12:03 AM EDT

    Ace Related News:

    1. First Look

    Share or Tweet with #ANS2014 





    Enhanced by Zemanta
  • #AceNewsGroup 19:55 on March 21, 2014 Permalink
    Tags: , , Eugene R. Fidell, Law enforcement agency, , Naval Criminal Investigative Service, NCIS, , , , Washington Examiner   

    ` Pentagon Law Enforcement Agency amasses ` Millions of Criminal Records ‘Called into Question’ 

    #AceSecurityNews – A rarely reported but highly extensive database managed by a Pentagon law enforcement agency that contains millions of details including criminal records and minor infractions alike is being called into question.

    PentagonAlthough the Law Enforcement Information Exchange, or LInX, contains police records pertaining to run-of-the-mill 911 calls and even mere traffic citations, millions of these records concerning harmless civilian activity are stored in a system run by the United States Naval Criminal Investigative Service, the primary law enforcement agency of the US Navy that’s head-quartered at the Quantico, Virginia military base.

    On Friday this week, an article published in the Washington Examiner by senior watchdog reporter Mark Flatten offered a detailed look at the database, and dared to ask questions about the sparsely discussed system amid growing concerns about government-sanctioned surveillance.

    “Those fears are heightened by recent disclosures of the National Security Agency spying on Americans, and the CIA allegedly spying on Congress,”Flatten wrote.

    Unlike the NSA’s conduct or the Central Intelligence Agency’s activities, though, the LInX System is a US military operation. The NCIS got the initiative off the ground in 2003, and says on their website that it is “designed to enhance information sharing between local, state, and federal law enforcement in areas of strategic importance to the Department of the Navy.”

    “LInX provides participating law enforcement partner agencies with secure access to regional crime and incident data and the tools needed to process it, enabling investigators to search across jurisdictional boundaries to help solve crimes and resolve suspicious events,” the website reads.

    Enhanced by Zemanta
    • double agent 17:52 on April 24, 2014 Permalink | Reply

      Remarkable things here. I’m very satisfied to look
      your post. Thank you so much and I am having a look ahead to contact you.

      Will you please drop me a e-mail?


      • #AceNewsGroup 20:07 on April 24, 2014 Permalink | Reply

        Thanks for your comment and visited your site excellent, bookmarked and will add to RSS Feeds. Please reply to this with your comment with any details you require. Thank you Editor.


  • #AceNewsGroup 19:32 on March 21, 2014 Permalink
    Tags: , , Booz Allen Hamilton, , Intercept, , , , System administrator   

    NSA take down of Terrorists and Criminals Adopts `Hacking System Administrators ‘ Private Network’s ‘ 

    #AceSecurityNews – In its quest to take down suspected terrorists and criminals abroad, the United States National Security Agency has adopted the practice of hacking the system administrators that oversee private computer networks, new documents reveal.

    InterceptThe Intercept has published a handful of leaked screenshots taken from an internal NSA message board where one spy agency specialist spoke extensively about compromising not the computers of specific targets, but rather the machines of the system administrators who control entire networks.

    Journalist Ryan Gallagher reported that Edward Snowden, a former sys admin for NSA contractor Booz Allen Hamilton, provided The Intercept with the internal documents, including one from 2012 that’s bluntly titled “I hunt sys admins.”

    According to the posts — some labeled “top secret” — NSA staffers should not shy away from hacking sys admins: a successful offensive mission waged against an IT professional with extensive access to a privileged network could provide the NSA with unfettered capabilities, the analyst acknowledged.

    “Who better to target than the person that already has the ‘keys to the kingdom’?” one of the posts reads.




    Enhanced by Zemanta
  • #AceNewsGroup 12:19 on March 21, 2014 Permalink
    Tags: , , , , , , , Municipal wireless network, , ,   

    `Google Encrypts Gmail in Effort to Stop the Prying Eyes of the NSA – Maybe a Little To Late? ‘ 

    #AceSecurityNews – Google is doing its best to put a lid on the NSA’s prying eyes by using enhanced encryption technology to make its flagship email service airtight.

    Google Encypts Gmail“Your email is important to you, and making sure it stays safe and always available is important to us,” Gmail engineering security chief, Nicolas Lidzborski, said in a blog post.

    “Starting today, Gmail will always use an encrypted HTTPS connection when you check or send email.

    “Today’s change means that no one can listen in on your messages as they go back and forth between you and Gmail’s servers — no matter if you’re using public WiFi or logging in from your computer, phone or tablet.”

    The internet giant’s announcement is the latest attempt to bolster the company’s widely used email service and follows a similar step in 2010, when the company made HTTPS the default connection option.

    At the time, however, users had the option to turn this protection feature off.

    Starting from Friday, Gmail is HTTPS-only.

    The move is a response to a disclosure made by National Security Agency (NSA) whistleblower, Edward Snowden, that the agency had been secretly tapping into the main communications links that connect Yahoo and Google data centres around the world.


    Enhanced by Zemanta
  • #AceNewsGroup 10:45 on March 21, 2014 Permalink
    Tags: , , , , DITU, , , , Invoice, , , ,   

    SEA: ` Reportedly obtained Documents that reveal how much Money the `FBI ‘ pay `Microsoft ‘ to view client’s Data ‘ 

    #AceSecurityNews – Syrian Electronic Army (SEA) hackers have reportedly obtained documents that reveal how much money the FBI pays Microsoft each time agents try to obtain or view an individual customer’s communication information.

    syrian-hackers-reveal-fbi-microsoft.siThe SEA, a group that has made headlines in the past for infiltrating Western media outlets that it perceives to be against Syrian President Bashar Assad, provided a trove of emails and invoices to the Daily Dot http://www.dailydot.com/news/microsoft-compliance-emails-fbi-ditu/, which analyzed the documents before publishing them.

    “The documents consist of what appear to be invoices and emails between Microsoft’s Global Criminal compliance team and the FBI’s Digital Intercept Technology Unit (DITU), and purport to show exactly how much money Microsoft charges DITU, in terms of compliance costs, when DITU provides warrants and court orders for customers’ data,” wrote the Daily Dot’s Kevin Collier and Fran Berman.

    “In December 2012, for instance, Microsoft emailed DITU a PDF invoice for $145,100, broken down to $100 per request for information, the documents appear to show,” they went on. “In August 2013, Microsoft allegedly emailed a similar invoice, this time for $352, 200 at a rate of $200 per request.

    The latest invoice provided, from November 2013, is for $281,000.”

    Daily Dot – RT News – News Sources

    Related News – Verge – http://www.theverge.com/2014/3/20/5530630/hacked-invoices-show-how-much-microsoft-charges-the-fbi-for-customer-information


    Enhanced by Zemanta
  • #AceNewsGroup 15:30 on March 20, 2014 Permalink
    Tags: , Charity (virtue), CrunchBase, Davydov, Denis Davydov, , , , , Safe Internet League,   

    Safe Internet for Children called into Arena by Psychologists and Psychiatrists as Google Develops own Kids Version ‘ 

    #AceSecurityNews - The Safe Internet League, Russia’s largest and most reputable organization fighting dangerous web content, considers it necessary to attract highly skilled psychologists and psychiatrists as the popular Google-owned video hosting and sharing service YouTube is developing a special version for kids, Safe Internet League CEO Denis Davydov was quoted as saying by the organization’s press service on Thursday.

    Image representing YouTube as depicted in Crun...

    Image via CrunchBase

    “Leading psychologists and psychiatrists should participate in developing requirements for video content hosted on the so-called child-friendly version of YouTube in order to eliminate the risk of ‘a wolf in sheep’s clothing’,” Davydov said. “Far from all videos that may seem harmless to us are necessarily suitable for children. And specialists’ opinion is essential in this regard.”

    Davydov said the Safe Internet League hailed Google’s decision to create a version of its video site aimed specifically at children aged ten and under.

    As envisioned by project developers, the site would only show videos deemed safe for this age group, and parents will control access to it. The site would also filter out comments that contain explicit language, or other references to adult content.

    “It is very laudable that Google has started demonstrating its willingness to work in Russia, showing respect for the rights of our citizens and taking care of the younger generation of Russians,” Davydov said.

    Last September, the Safe Internet League published the results of a full-scale investigation by the League into Google’s activities in Russia. The organization accused Google of “ignoring Russian legal requirements” and “deliberately trying to influence Russian domestic policy in order to promote its services among Russian citizens and officials, in order to undermine digital sovereignty”.

    According to reports, YouTube has already approached video producers asking to create suitable content and videos, and it is thought this content would be available exclusively on the site.

    The Safe Internet League is a non-commercial organization launched by several major internet providers and a Christian charity.

    The declared aim of the group is ridding the Internet of dangerous content through self-regulation in order to prevent government censorship.

    Russian Media Sources



    Enhanced by Zemanta
  • #AceNewsGroup 13:47 on March 19, 2014 Permalink
    Tags: , , Conference on Computer Vision and Pattern Recognition, , Facial recognition system, , Neural network, Tel Aviv University, Yaniv Taigman   

    ` Photographs of your Friends and Neighbours on `Facebook ‘ could now be Instantly Recognisable ‘ 

    #AceSecurity News – ‘DeepFace’ could provide instantaneous facial recognition via Facebook.

    Deep FaceDeepFace: Closing the Gap to Human-Level Performance in Face Verification


    In modern face recognition, the conventional pipeline consists of four stages: detect => align => represent => classify. We revisit both the alignment step and the representation step by employing explicit 3D face modeling in order to apply a piecewise affine transformation, and derive a face representation from a nine-layer deep neural network. This deep network involves more than 120 million parameters using several locally connected layers without weight sharing, rather than the standard convolutional layers. Thus we trained it on the largest facial dataset to-date, an identity labeled dataset of four million facial images belonging to more than 4,000 identities, where each identity has an average of over a thousand samples. The learned representations coupling the accurate model-based alignment with the large facial database generalize remarkably well to faces in unconstrained environments, even with a simple classifier. Our method reaches an accuracy of 97.25% on the Labeled Faces in the Wild (LFW) dataset, reducing the error of the current state of the art by more than 25%, closely approaching human-level performance.

    Along with owning the largest stockpile of photos in the world, Facebook has announced it now plans to unleash facial recognition technology with a new program that promises to identify the subject of an untagged image with nearly unparalleled accuracy.

    Researchers at the social media giant claim that humans who look at two faces can identify if they are the same person with a 97.53 percent accuracy.

    They promise that the company’s new “DeepFace” program will be able to do the same with 97.25 percent accuracy.

    Facebook users may have already noticed that the site is able to suggest friends to tag when a new picture is uploaded.

    It does so by analyzing the distance between an individual’s eyes and nose in both profile pictures and already tagged images.

    The new DeepFace program will be much more intensive, using software to correct the angle of a face in an image, then comparing that to a 3D model of an average face. It then simulates what has been called a neural network to find a numerical description of the face. If there are enough similarities, Facebook will know if the faces are in fact the same.

    DeepFace was developed by Facebook artificial intelligence (AI) analysts Yaniv Taigman, Ming Yang, and Marc’ Aurelioa Ranzato, along with Lior Wolf, a faculty member at Tel Aviv University in Israel. Their research paper was first published last week in the Massachusetts Institute of Technology‘s Technology Review.


    Enhanced by Zemanta
    • Brittius 13:48 on March 19, 2014 Permalink | Reply

      Reblogged this on Brittius.com.


      • #AceNewsGroup 13:54 on March 19, 2014 Permalink | Reply

        Good day and l saw this coming the weasel Zuckerberg wants to be king of his Billionaire Castle by stealing other people’ lives and taking their data.


        • #AceNewsGroup 14:41 on March 19, 2014 Permalink | Reply

          Thanks that was very informative and revealing – question do you want it approved as it contains certain information that maybe useful to anyone that reads it?


  • #AceNewsGroup 20:42 on March 18, 2014 Permalink
    Tags: , , Abita Springs Louisiana, , ICE's Homeland Security, Jonathan Johnson, Onion routing, , , , United States Postal Inspection Service   

    ` Fourteen Men Operating a ` Child Pornography ‘ website `Darknet’s Onion Router ‘ have been arrested and charged as part of a Conspiracy’ 

    #AceSecurityNews – WASHINGTON – Fourteen men operating a child pornography website on the Darknet’s Onion Router, also known as Tor, have been arrested and charged as part of a conspiracy to operate a child exploitation enterprise, following an extensive international investigation by ICE’s Homeland Security Investigations (HSI) and USPIS.

    Eleven have been federally charged in the Eastern District of Louisiana and three in other districts. All are in federal custody.

    The website’s primary administrator, Jonathan Johnson, 27, of Abita Springs, La., has been charged with operating a child exploitation enterprise. He admitted to creating multiple fake female personas on popular social networks to target and sexually exploit children and to coaching other child predators in his inner circle to do the same. Jonathan Johnson has been in federal custody since his arrest June 13, 2013, and faces 20 years to life in prison.

    “Never before in the history of this agency have we identified and located this many minor victims in the course of a single child exploitation investigation,” said ICE Deputy Director Daniel Ragsdale.

    “Our agency is seeing a growing trend where children are being enticed, tricked and coerced on-line by adults to produce sexually explicit material of themselves. While we will continue to prioritize the arrest of child predators, we cannot arrest our way out of this problem: education is the key to prevention.”

    Read More: http://www.ice.gov/news/releases/1403/140318washingtondc.htm


    Enhanced by Zemanta
  • #AceNewsGroup 18:58 on March 18, 2014 Permalink
    Tags: , , , Ashkan Soltani, Barton Gellman, MYSTIC, , , Retro, , Telephone call, The Washington Post, ,   

    NSA : ` Program ` Mystic ‘ is Capable of Recording ` 100 ‘ Percent of every Phone Call across entire Nation’s’ 

    #AceSecurityNews A secret spy program developed by the National Security Agency and reported publicly for the first time on Tuesday has given the United States the ability to digitally record the contents of each and every phone call occurring across entire nations.

    MysticCiting previously unpublished documents provided by former NSA contractor Edward Snowden and statements from individuals with direct knowledge of the effort, the Washington Post’s Barton Gellman and Ashkan Soltani wrote that the US-administered surveillance system is capable of recording “100 percent” of a foreign country’s telephone calls.

    The program, “MYSTIC,” was launched back in 2009, according to the Post, but by 2011 it was ready to be rolled-out at full capacity and was subsequently deployed against at least one target nation.

    The Post says they are withholding details “that could be used to identify the country where the system is being employed or other countries where its use was envisioned” upon the request of US officials.

    Once it was ready to put to the test in 2011, MYSTIC and its “retrospective retrieval” tool known as RETRO were being used to indiscriminately record “every single” conversation occurring across the entire target country, the Post reported.

    Those calls — “billions,” according to the Post — are stored for 30 days, and the oldest conversations are purged as new ones are logged. Once the content entered the NSA’s system, however, analysts are able to go back and listen in as much as a month later to find information on a person who might never have been suspected of a crime at the time that their initial conversation was collected unbeknownst to them by the US government.

    Read More: WP – http://www.washingtonpost.com/world/national-security/nsa-surveillance-program-reaches-into-the-past-to-retrieve-replay-phone-calls/2014/03/18/226d2646-ade9-11e3-a49e-76adc9210f19_story.html


    Enhanced by Zemanta
  • #AceNewsGroup 21:33 on March 14, 2014 Permalink
    Tags: , , , , , , , , , Wired   

    ` Syrian Hackers say they have Compromised US Central Command ' 

    #AceSecurityNews – Syrian hackers say they’ve compromised US Central Command

    Published time: March 14, 2014 18:40

    A group of computer hackers who are loyal to Syrian President Bashar Al-Assad say they’ve accessed hundreds of documents after allegedly penetrating the network of the United States Central Command and other systems.

    The Syrian Electronic Army hacktivist group said from their Twitter account on Friday that they were engaged in an operation targeting CENTCOM due to US President Barack Obama’sdecision to attack Syria with electronic warfare.”

    Soon after the group claimed to have “already successfully penetrated many central repositories,” and tweeted a screenshot of what is purported to show that hackers have indeed somehow wound up inside of a military computer system of some sorts.

    The image suggests that someone from the SEA may have in fact gained access to a military directory called “AKO Home” that contains a number of folders with names relating to the US Air Force specifics command units under that branch.

    This is part of an ongoing operation and we have already successfully penetrated many central repositories.#SEApic.twitter.com/DSUzuFHmkN

    — SyrianElectronicArmy (@Official_SEA16) March 14, 2014

    In the coming days we will update you with specific details and hundreds of documents that the #SEA has obtained,” the group tweeted.

    “AKO,” or “Army Knowledge Online,” is the name of a web-based enterprise information system used by the Pentagon to let military personnel access files from any internet-connected computer, and was called “the world’s largest intranet” in a 2001 Wired article.

    “It’s a total aggregation of all the information the Army has, all the documents, manuals and files,” Ryan Samuel, the director of public relations at a company that helped develop the AKO, told Wired’s Louise Knapp for that article.

    At the time, Louise said the AKO had room for around 70 terabytes of storage for those files, though that number has almost certainly grown exponentially over the last 13 years.

    The AKO website was slow to respond following the hackers’ claim, which could be the result of a surge in visitors prompted by the SEA’s tweets, an attempted denial-of-service attack to momentarily cripple the military’s servers or, also likely, a total coincidence.

    Requests for comment made by RT to the Army’s press office were not immediately returned Friday afternoon.

    The SEA has engaged in a number of operations in recent months against the websites of western media outlets, and is perhaps best known for claiming to have compromised the Twitter account of the Associated Press last year. Once that account was commandeered, the SEA erroneously reported that an explosion had occurred at the White House.

    In January, the SEA gained unauthorized access to the social media accounts affiliated with Skype and posted messages critical of the Microsoft-owned product and the US government’s relationship with Silicon Valley. Last month, the group reportedly accessed the email accounts of Forbes employees and then took control of associated blogs.

    The US has not publically admitted to waging any cyberattacks against the Syrian government, although the White House has been linked to waging a digital attack on Iran’s nuclear enrichment program, and leaked National Security Agency documents have shown that the US intelligence community has an arsenal of offensive cyberweapons at its disposal.



    Enhanced by Zemanta
  • #AceNewsGroup 21:00 on March 8, 2014 Permalink
    Tags: , , , Cut copy and paste, , , , , Share - Tweet - Comment - News and Views @AceNewsServices with #ANS2014, URL shortening,   

    Welcome Everyone to `Ace News Services ‘ Please Comment or Post to be Approved ‘ 

    #AceNewsServices says good evening from my UK home and to all my friends and readers of my news articles and posts, well just so you can write your news as it happens, and chat on the go.

    Ace Friends News

    ` Follow my news and views and post in the box’

    It is not just 140 characters and you can post a link to a video or promote your group, charity, idea or really anything.

    Anyone wanting to post a video best way is copy and paste the short URL from the YouTube site and post.

    Add your own tags and links and enjoy chatting to fellow bloggers.

    I ask for you to observe that we do not use it as a spam area, should this happen it will be closed to everyone and l will email those people ,to be the only users.

    Thank you Editor (Ace News Group) 

    Share – Tweet – Comment – News and Views @AceNewsServices with #ANS2014   

    Ace News Services 2014 – http://wp.me/165ui
    Ace History2Research News 2014 – http://wp.me/48Dp0
    Ace British History News 2014 – http://wp.me/3QKto
    Ace Sales & Services News 2014 – http://wp.me/2y0H0


    Ace Friends Share:


    Enhanced by Zemanta
  • #AceNewsGroup 17:44 on March 7, 2014 Permalink
    Tags: , , , , , , , , ,   

    ` Snowden says in an interview with European Parliament ‘ US spy agency pressures allies to Spy ‘ 

    #AceSecurityNews says that in an interview National Security Agency leaker Edward Snowden answered questions before the European Parliament on Friday, and said that the United States spy agency pressures its allies to take steps further enabling widespread and indiscriminate surveillance.

    “One of the foremost activities of the NSA’s FAD, or Foreign Affairs Division, is to pressure or incentivize EU member states to change their laws to enable mass surveillance,” Snowden said in a testimony delivered remotely from Russia. “Lawyers from the NSA, as well as the UK’s GCHQ, work very hard to search for loopholes in laws and constitutional protections that they can use to justify indiscriminate, dragnet surveillance operations that were at best unwittingly authorized by lawmakers.”

    “These efforts to interpret new powers out of vague laws is an intentional strategy to avoid public opposition and lawmakers’ insistence that legal limits be respected,” Snowden insisted.


  • #AceNewsGroup 09:51 on March 5, 2014 Permalink
    Tags: , , , , , ,   

    ` Edward Snowden will speak out in a `Video Conference’ about `Government Intrusion into Privacy ‘ in a panel discussion being held in Texas ‘ 

    #AceSecurityNews says that the former US security contractor Edward Snowden will participate remotely in a panel discussion next week in Texas about governmental intrusion into privacy, Reuters reported.

    Snowden is in Russia and faces arrest if he sets foot on US soil.

    He is expected to answer questions via video conference at the South by Southwest Interactive Festival in Austin on Monday, according to conference organizers. Snowden is to speak on how the US National Security Agency uses technology to keep tabs on people.


  • #AceNewsGroup 12:08 on March 1, 2014 Permalink
    Tags: , , , , , , , , , , , , , WSJ   

    `Classified Documents leaked last summer by #NSA whistle-blower #Edward-Snowden reveal information about `Call Information' 

    AceSecurityNews says that classified documents leaked last summer by NSA whistleblower Edward Snowden revealed that the intelligence agency currently compels at least three major telephone providers – Verizon, Sprint, and AT&T – to turn over call information on millions of Americans.

    Among that information, known as metadata, is the duration of the call, the time the call was made, who the phone call was to, and where it originated.

    Snowden disclosed a trove of secret information about US intelligence activity to the press, but the collection of phone metadata has been perhaps the most controversial, in part because of its sheer breadth.

    Senator Carl Levin (D-MI) was among those hoping to find more when, at a Senate Armed Services Committee hearing, he asked Alexander how the metadata is collected and stored.

    “Chairman, I think there are three options that you put on the table,” Alexander replied.

    “You mentioned the government holding it, the ISPs holding it. I think there is yet another option where we look at what data you actually need and only get that data.

    “Can we come up with a capability that just gets those that are predicated on a terrorist communication? I think you have those three options that I have put on the table,” he continued. “Those are three of the ones that I think need to be clearly discussed and the merits from both sides, they have pros and cons on the agility that you would have with the program.”

    Alexander was referring to possible reforms to the NSA set forth by US intelligence and law enforcement leaders earlier this week.

    US President Obama, who has said he is open to reforming the surveillance programs after public scrutiny, tasked the attorney general and other administration officials to propose theories on how the phone metadata collection program could remain in use.

    The most radical proposal, according to anonymous sources who spoke to the Wall Street Journal, would be to entirely abandon the collection of telephony metadata.

    Officials are also considering turning that vast datalogue over to a government agency other than the NSA – either the FBI or Foreign Intelligence Surveillance Court, perhaps.

    Alexander’s testimony seemed to indicate that the scenario the administration is taking most seriously is leaving the trove metadata with the phone company, with the NSA only forcing the company to handover information about numbers thought to be involved in a web of terrorism.

    #ANS2014 – RT – Reuters – Guardian – AP – AFP – WSJ

  • #AceNewsGroup 10:33 on March 1, 2014 Permalink
    Tags: , Adobe Systems, , Cupid Media, Fortune 500, , Information Technology, , ,   

    `Data Hacker’s steal `Three Hundred and Sixty Million Account Credentials’ now on `Black Market’ 

    #AceSecurityNews says one of the largest single personal data hack’s ever? 360 million stolen account credentials found on-line.

    Published time: March 01, 2014 01:31

    Reuters / Kacper PempelReuters / Kacper Pempel
    A cyber security firm has reported a “mind boggling” cache of stolen credentials which has been put up for sale on online black markets.
    A total of 360 million accounts were affected in a series of hacks, one of which seems to be the biggest in history.

    Alex Holden, chief information security officer of Hold Security LLC, said that the firm had uncovered the data over the past three weeks.

    He said that 360 million personal account records were obtained in separate attacks, but one single attack seems to have obtained some 105 million records which could make it the biggest single data breach to date, Reuters reports. “The sheer volume is overwhelming,” said Holden in a statement on Tuesday. 

    “These mind boggling figures are not meant to scare you and they are a product of multiple breaches which we are independently investigating. This is a call to action,” he added. 

    Hold Security said that as well as 360 million credentials, hackers were also selling 1.25 billion email addresses, which may be of interest to spammers. 

    The huge treasure trove of personal details includes user names, which are most often email addresses, and passwords, which in most cases are unencrypted. 

    Hold Security uncovered a similar breach in October last year, but the tens of millions of records had encrypted passwords, which made them much more difficult for hackers to use. 

    “In October 2013, Hold Security identified the biggest ever public disclosure of 153 million stolen credentials from Adobe Systems Inc. One month later we identified another large breach of 42 million credentials from Cupid Media,”
     Hold Security said in statement.

    AFP Photo / Justin SullivanAFP Photo / Justin Sullivan

    Holden said he believes that in many cases the latest theft has yet to be publically reported and that the companies that have been attacked are unaware of it. He added that he will notify the companies concerned as soon as his staff has identified them. 

    “We have staff working around the clock to identify the victims,”
     he said. 

    However, he did say that the email addresses in question are from major providers such as AOL Inc, Google Inc, Yahoo Inc, and Microsoft Corp, as well as “almost all” Fortune 500 companies and nonprofit organizations.

    Heather Bearfield, who runs cybersecurity for an accounting firm Marcum LLP, told Reuters that while she had no information about Hold Security’s findings, she believed that it was quite plausible as hackers can do more with stolen credentials than they can with stolen credit cards, as people often use the same login and password for many different accounts. 

    “They can get access to your actual bank account. That is huge. That is not necessarily recoverable funds,” she said. 

    The latest revelation by Hold Security comes just months after the US retailer Target announced that 110 million of their customers had their data stolen by hackers. Target and the credit and debit card companies concerned said that consumers do not bear much risk as funds are rapidly refunded in fraud losses.



    Enhanced by Zemanta
  • #AceNewsGroup 18:28 on February 27, 2014 Permalink
    Tags: , , , , , , , Optic Nerve,   

    #GCHQ & #NSA : `Intercepted Yahoo users’ Private Photographs’ and `Webcam Chat’ feature 2008 -2012′ 

    #AceSecurityNews says that British and American surveillance agencies teamed up to develop a system that collected millions of images from the webcams of unsuspecting and innocent internet users, new leaked documents reveal.

    This “Optic Nerve” program — administered by the UK’s GCHQ with the assistance of the National Security Agency — routinely intercepted and stored those webcam images in secret starting in 2008, according to documents disclosed by former intelligence contractor Edward Snowden and published by The Guardian on Thursday.

    The program indiscriminately collected millions of images from people who used Yahoo’s webcam chat function, the Guardian’s Spencer Ackerman and James Ball reported, “including substantial quantities of sexually explicit communications.”

    According to the journalists, the GCHQ relied on Optic Nerve to experiment with facial recognition programming to monitor existing targets and search for new persons of interest.

    But the GCHQ didn’t stop at targeting solely suspected terrorists, the report continues, and instead collected intelligence by seemingly anyone unfortunate enough to log-in to Yahoo’s webcam chat feature, at least between 2008 and 2012.

    #ANS2014 #Edward-Snowden #GCHQ #NSA

  • #AceNewsGroup 21:19 on February 26, 2014 Permalink
    Tags: , Art of Deception, Bude, Discrediting tactic, , , , , Intelligence and Security Committee, JTRIG, , UKUSA Agreement   

    #GCHQ : `Don’t just need `Spies’ but Magicians’ that can make things `Appear like Magic’ as they `Disappear’ 

    #AceSecurityNews says `Western Spy Agencies’ build ‘cyber magicians’ to manipulate on-line discourse! 

    Published time: February 25, 2014 03:40
    Edited time: February 26, 2014 16:35

    Satellite dishes are seen at GCHQ's outpost at Bude, close to where trans-Atlantic fibre-optic cables come ashore in Cornwall, southwest England (Reuters/Kieran Doherty)Satellite dishes are seen at GCHQ’s outpost at Bude, close to where trans-Atlantic fibre-optic cables come ashore in Cornwall, southwest England (Reuters/Kieran Doherty)
    Secret units within the ‘Five Eyes” global spying network engage in covert on-line operations that aim to invade, deceive, and control on-line communities and individuals through the spread of false information and use of ingenious social-science tactics.

    Such teams of highly trained professionals have several main objectives, such as “to inject all sorts of false material onto the internet” and “to use social sciences and other techniques to manipulate on-line discourse and activism to generate outcomes it considers desirable,” The Intercept’s Glenn Greenwaldreported based on intelligence documents leaked by former NSA contractor Edward Snowden.

    The new information comes via a document from the Joint Threat Research Intelligence Group (JTRIG) of Britain’s Government Communications Headquarters (GCHQ), entitled The Art of Deception: Training for Online Covert Operations,’ which is top-secret and only for dissemination within the Five Eyes intelligence partnership that includes Britain, the US, Australia, Canada, and New Zealand.

    Image from firstlook.orgImage from firstlook.org

    The document outlines what tactics are used to achieve JTRIG’s main objectives. Among those tactics that seek to “discredit a target” include “false flag operations” (posting material online that is falsely attributed to a target), fake victim blog posts (writing as a victim of a target to disseminate false information), and posting “negative information” wherever pertinent online.

    Other discrediting tactics used against individuals include setting a honey-trap(using sex to lure targets into compromising situations), changing a target’s photo on a social media site, and emailing or texting “colleagues, neighbours, friends etc.”

    To “discredit a company,” GCHQ may “leak confidential information to companies/the press via blog…post negative information on appropriate forums [or] stop deals/ruin business relationships.”

    JTRIG’s ultimate purpose, as defined by GCHQ in the document, is to use“online techniques to make something happen in the real world or cyber world.”These online covert actions follow the “4 D’s:” deny, disrupt, degrade, deceive.

    Image from firstlook.orgImage from firstlook.org

    As Greenwald pointed out, the tactics employed by JTRIG are not used for spying on other nations, militaries, or intelligence services, but for “traditional law enforcement” against those merely suspected of crimes. These targets can include members of Anonymous, “hacktivists,” or really any person or entity GCHQ deems worthy of antagonizing.

    “[I]t is not difficult to see how dangerous it is to have secret government agencies being able to target any individuals they want – who have never been charged with, let alone convicted of, any crimes – with these sorts of online, deception-based tactics of reputation destruction and disruption,” Greenwald wrote.

    In addition, the targets do not need to have ties to terror activity or pose any national security threat. More likely, targets seem to fall closer to political activists that may have, for instance, used denial of service tactics, popular with Anonymous and hacktivists, which usually do only a limited amount of damage to a target.

    Image from firstlook.orgImage from firstlook.org

    “These surveillance agencies have vested themselves with the power to deliberately ruin people’s reputations and disrupt their online political activity even though they have been charged with no crimes, and even though their actions have no conceivable connection to terrorism or even national security threats,” Greenwald wrote.

    In addition to the personal attacks on targets, JTRIG also involves the use of psychological and social-science tactics to steer on-line activism and discourse. The document details GCHQ’s “Human Science Operations Cell,” which focuses on “online human intelligence” and “strategic influence and disruption”that are used to dissect how targets can be manipulated using “leaders,” “trust,” “obedience,” and “compliance.”

    Using tested manipulation tactics, JTRIG attempts to influence discourse and ultimately sow discord through deception.

    When reached for comment by The Intercept, GCHQ avoided answering pointed questions on JTRIG while insisting its methods were legal.

    “It is a longstanding policy that we do not comment on intelligence matters. Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All our operational processes rigorously support this position,” GCHQ stated.

    Image from firstlook.orgImage from firstlook.orgRT 


    Enhanced by Zemanta
  • #AceNewsGroup 20:12 on February 25, 2014 Permalink
    Tags: , , , , , , IOS 6, , John Gruber, , ,   

    #NSA ” Too Close to Home – Please Update Your iPhone’s, iPad’s and Apple Computers’ NOW! 

    #AceSecurityNews says `Apple Security flaw could be a back-door for the #NSA

    "How We track Your Every Move"

    “How We track Your Every Move”

    Was the National Security Agency exploiting two just-discovered security flaws to hack into the iPhones and Apple computers of certain targets? Some skeptic’s are saying there is cause to be concerned about recent coincidences regarding the #NSA and Apple.

    Within hours of one another over the weekend, Apple acknowledged that it had discovered critical vulnerabilities in both its iOS and OSX operating systems that, if exploited correctly, would put thought-to-be-secure communications into the hands of skilled hackers.

    An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS, the company announced.

    Apple has since taken steps to supposedly patch up the flaw that affected mobile devices running its iOS operating system, such as iPhones, but has yet to unveil any fix for the OSX used by desktop and laptop computers.

    As experts investigated the issue through the weekend, though, many couldn’t help but consider the likelihood — no matter how modicum — that the United States’ secretive spy agency exploited those security flaws to conduct surveillance on targets.

    On Saturday, Apple enthusiast and blogger John Gruber noted on his personal website that information contained within internal NSA documents leaked by former intelligence contractor Edward Snowden last year coincide closely with the release of the affected mobile operating system, iOS 6.

    According to a NSA slideshow leaked by Mr. Snowden last June, the US government has since 2007 relied on a program named PRISM that enables the agency to collect data “directly from the servers” of Microsoft, Yahoo, Google, Facebook and others. The most recent addition to that list, however, was Apple, which the NSA said it was only able to exploit using PRISM since October 2012.

    "Tracking Your Every Move"

    “Tracking Your Every Move”

    The affected operating system — iOS 6.0 — was released days earlier on September 24, 2012.

    These facts, Gruber blogged, “prove nothing” and are “purely circumstantial.” Nevertheless, he wrote, “the shoe fits.”

    With the iOS vulnerability being blamed on a single line of erroneous code, Gruber considered a number of possibilities to explain how that happened.

    Conspiratorially, one could suppose the #NSA planted the bug, through an employee mole, perhaps. Innocuously, the Occam’s Razor explanation would be that this was an inadvertent error on the part of an Apple engineer,” he wrote.

    Once the bug was in place, the #NSA wouldn’t even have needed to find it by manually reading the source code. All they would need are automated tests using spoofed certificates that they run against each new release of every OS. Apple releases iOS, the #NSA’s automated spoofed certificate testing finds the vulnerability, and boom, Apple gets ‘added’ to PRISM.



    Enhanced by Zemanta
  • #AceNewsGroup 12:27 on February 16, 2014 Permalink
    Tags: , , , , , , Indonesian Government, Mayer Brown, ,   

    #NSA ” Secret Document reveals `Gathering of Information of Private Communications of US Lawyers’ and their Clients” 

    #AceSecurityNews says that a `Secret Document’ obtained by `NYT‘ reveals that the #NSA has gathered private communications of `US‘ lawyers with their clients in the `Indonesian Government‘ involved in a `Trade Dispute with Washington”

    With help from the Australians, the NSA has gathered private communications of US lawyers with their clients in the Indonesian government involved in a trade dispute with Washington, a secret document obtained by the New York Times reveals.

    #NSA Indonesia ClientsThe document provided by the former NSA contractor Edward Snowden exposes NSA activity in monitoring an American law firm at a time when it was representing the Indonesian government during its trade talks with counterparts from the US.

    Titled “SUSLOC (Special US Liaison Office Canberra) Facilitates Sensitive DSD Reporting on Trade Talks” the document did not specify which trade case was being monitored by Australian intelligence through the so-called Five Eyes network that includes, Australia, Britain, Canada and New Zealand.

    The Australian Signals Directorate (ASD) offered to share with the NSA the information about monitored communications between Indonesian government officials and the unnamed US law firm, according to the February 2013 document.

    At that time the Indonesian government was involved in a number of trade disputes with Washington and the New York times reports that the only US law firm involved was Chicago-based Mayer Brown

    “I always wonder if someone is listening, because you would have to be an idiot not to wonder in this day and age,” Duane Layton, a Mayer Brown lawyer involved in the trade talks told NYT “But I’ve never really thought I was being spied on.” 

    US intelligence officials have repeatedly claimed the NSA is not targeting American citizens and businesses without a warrant and not using its Five Eyes international network as a loophole. 

    But the new leak confirms that US firms providing services to foreign clients can never be sure they aren’t being spied on. Last year, the US States Supreme court dismissed such fears as “speculative theory” of “hypothetical future harm,” refusing to let Americans challenge a provision in a foreign intelligence law that lets the NSA conduct secret warrantless surveillance on any US citizen as long as they are suspected of conversing with any foreigner.


    NSA BaseAccording to 2009 procedural guidelines for the NSA, when a US citizen becomes an intelligence target, the agency is required to adhere to rules to protect the target’s privacy, for instance removing the identity of the American or data that does not add to the intelligence probe before sharing it with other agencies. 

    Australians have been long cooperating with the NSA, focusing on the Asia region, mainly China and Indonesia. Last November is was revealed that they worked side by side on a large-scale joint surveillance operation on Indonesia during the 2007 UN climate change conference in Bali.

    The intelligence report Australia offered to share could contain “information covered by attorney-client privilege,the spying agency warned the NSA liaison office in Canberra. Upon receiving guidance from NSA general counsel’s office, the Australian agency has been encouraged to continue their surveillance of the talks “providing highly useful intelligence for interested US customers.”

    It remains unclear who those “interested customers” might be.

    The new documents reveal that Australia obtained almost 2 million encrypted master keys from the Indinesian Telkomsel mobile network, and colleagues from NSA have helped ASD decrypt them. 

    The Australian Defense Force public affairs office maintains that all intelligence is collected under strict legal guidance and is vital for supporting national interests, echoing the US officials’ narrative.


    p style=”text-align:center;”>Meanwhile, the NSA when reached by the New York times about the new leaks “declined to answer questions.”

    NYT, RT,  


    Enhanced by Zemanta
  • #AceNewsGroup 19:11 on February 15, 2014 Permalink
    Tags: ,   

    ” Tor V HTTPS for Security of Your Data” 

    English: Tor Logo

    English: Tor Logo (Photo credit: Wikipedia)

    #AceSecurityNews says Tor and HTTPS see which is more Secure?

    • Click the “Tor” button to see what data is visible to eavesdroppers when you’re using Tor. The button will turn green to indicate that Tor is on.
    • Click the “HTTPS” button to see what data is visible to eavesdroppers when you’re using HTTPS. The button will turn green to indicate that HTTPS is on.
    • When both buttons are green, you see the data that is visible to eavesdroppers when you are using both tools.
    • When both buttons are grey, you see the data that is visible to eavesdroppers when you don’t use either tool.
    • Potentially visible data includes: the site you are visiting (SITE.COM), your username and password (USER/PW), the data you are transmitting (DATA), your IP address (LOCATION), and whether or not you are using Tor (TOR).

    NSA Spying

    EFF is leading the fight against the NSA’s illegal mass surveillance program.Learn more about what the program is, how it works, and what you can do.


    Enhanced by Zemanta
  • #AceNewsGroup 11:58 on February 9, 2014 Permalink
    Tags: , , Googlebot, Hawaii, , , , , , Web crawler   

    #Snowden : “Web-Crawler was Used to Collect #NSA Files” 

    #AceSecurityNews `Reports #Snowden used common Web Crawler Tool to collect #NSA files’ 

    #Snowden Web-Crwler Tool

    AFP Photo / Paul J. Richards

    Whistle-blower Edward Snowden used “inexpensive” and “widely available” software to gain access to at least 1.7 million secret files, The New York Times reported, quoting senior intelligence officials investigating the breach.

    The collection process was “quite automated,” a senior intelligence official revealed. Snowden usedweb crawler” software to “search, index and back up” files. The program just kept running, as Snowden went about his daily routine.

    “We do not believe this was an individual sitting at a machine and downloading this much material in sequence,” the official said.

    Investigators concluded that Snowden’s attack was not highly sophisticated and should have been easily detected by special monitors. The web crawler can be programmed to go from website to website, via embedded links in each document, copying everything it comes across.

    The whistle-blower managed to set the right algorithm for the web crawler, indicating subjects and how far to follow the links, according to the report. At the end of the day, Snowden was able to access 1.7 million files including documents on internal NSA networks and internal “wiki” materials, used by analysts to share information across the world.

    Reportedly, Snowden had full access to the NSA’s files, as part of his job as the technology contractor in Hawaii, managing computer systems in a faraway outpost that focused on China and North Korea.

    Officials added that the files were accessible because the Hawaii outpost was not upgraded with the latest security measures.

    The web crawler used by Snowden was similar to, but not as advanced as the Googlebot crawler, used by Google and its search engine to access billions of websites and download their contents for fast search results.

    The whistle-blower did raise some flags while working in Hawaii, prompting questions about his work, but he was able to ward off criticism successfully.

    “In at least one instance when he was questioned, Mr. Snowden provided what were later described to investigators as legitimate-sounding explanations for his activities: As a systems administrator he was responsible for conducting routine network maintenance. That could include backing up the computer systems and moving information to local servers, investigators were told,” according to the report.

    Snowden admitted in June to taking an undisclosed number of documents, which in the last half-year have been regularly relied on by the international media for a number of high-profile reports about the US National Security Agency and its British counterpart, GCHQ. He was then granted political asylum by Russia and now resides in Moscow.

    The leaks have unveiled a number of previously unreported NSA operations, including those involving dragnet surveillance programs that put the digital lives of millions, if not billions, of individuals across the world into the possession of the US government.

    Enhanced by Zemanta
  • #AceNewsGroup 20:15 on February 6, 2014 Permalink
    Tags: , , , , Homeland Security, Janet Napolitano, , , ,   

    “Homeland Security says `Flying Spy Drones’ inside the `US’ could be next step to Public Safety” 

    #AceSecurityNews says `DHS Wants to use Spy Drones Domestically for ‘Public Safety

    Spy DroneThe United States already uses surveillance drones on its borders, but Homeland Security Secretary Janet Napolitano said during a hearing on Wednesday that flying unmanned aircraft inside the US could be the next step to ensuring “public safety.”

    Sec. Napolitano weighed in on the topic of unmanned aerial vehicles during this week’s Committee on Homeland Security and suggested that implementing UAVs for domestic surveillance could the next step in the United States’ amazingly accelerating drone program.

    The Federal Aviation Administration is currently considering ground rules that will outline how the FAA can govern domestic drone use, and by 2020 they expect to see 30,000 UAVs soaring through US airspace. Speaking before a House panel on Wednesday, though, Sec. Napolitano suggested that deploying UAVs proactively to put an extra set over locales nowhere near America’s border may in fact be the next move.

    “With respect to Science and Technology, that directorate, we do have a funded project,” she said. “I think it’s in California, looking at drones that could be utilized to give us situational awareness in a large public safety [matter] or disaster, such as a forest fire, and how they could give us better information.”

    In a transcript of the secretary’s testimony made available after her address, Napolitano admits that the US has expanded their use or surveillance drones on America’s border with Canada in recent years, now letting UAVs monitor 950 miles of Washington State’s boundary line.

    Despite growing opposition from the American public of drones largely centred over privacy objections, the United States has continuously ramped up its drone program in recent years, both domestically and abroad. During the Hackers on Planet Earth conference in New York City earlier this month, activists with the Electronic Frontier Foundation said that US military now owns around 7,500 drones, which makes up around one-third of the Air Force’s entire arsenal.

    “The FAA can give drone licenses to any agency that can prove that they can use them safely,” the EFF’s Trevor Timm told the crowd. Despite dozens of permits being handed out to law enforcement agencies and educational institutions in recent years, though, neither the security nor safety of these aircraft are believed to have been fully examined. In just the last few weeks, a Texas professor hacked a UAV in front of representatives from the DHS and, separately, a military drone crash-landed just outside of Washington, D.C.

    Despite these incidents, the FAA and DHS are still spearheading an accelerated drone program.

    Given Sec. Napolitano’s latest statements, though, the domestic use of drones for proactive surveillance could be coming sooner than previously though.


    Enhanced by Zemanta
  • #AceNewsGroup 17:55 on February 5, 2014 Permalink
    Tags: , , Denial-of-service attack, , , , , , Topiary   

    #GCHQ : “Denies `Launch of Denial-of-Service {DOS} Attack’ Against Hacktivist’s” 

    #AceSecurityNews says `British Spy Unit Launches DOS Cyber-Attack on Anonymous‘    

    ddos-attack-concept-pd-4832425--700x525Edward Snowden‘s latest leak reveals that a division of Britain’s Government Communications Headquarters (GCHQ) launched a denial-of-service (DOS) attack against chat servers used by hacktivists, particularly Anonymous and LulzSec.

    classified document obtained by NBC News reveals that the British secret service is brandishing a cyber-sword in the guise of the Joint Threat Research Intelligence Group (JTRIG), an intelligence unit not constrained by domestic or international laws.

    A PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, obviously from the collection of documents obtained by former NSA contractor, Edward Snowden, contains information about operation ‘Rolling Thunder’ targetting Anonymous hacktivists. JTRIG organized a DDOS (distributed denial of service) attack on the internet relay chat (IRC) server used by Anonymous, which reportedly resulted in 80 percent of users quitting internet chat rooms.

    In June 2012, administrators of the VoxAnon IRC Network informed their users that a “heavy DOS attack” disrupted their operations.

    “#VoxAnon is down due to DDOS. Haters will hate. We won’t stop doing what we do best,” they said at the time. It’s possible that the “haters” were agents of the British spy agency.

    The GCHQ division is also responsible for identifying hacktivists who attacked PayPal and government websites, the documents show. Many Anonymous and LulzSec hackers had no idea that the people they were talking to were actually undercover agents.

    For instance, Edward Pearson, known online as GZero, was sentenced to 2.5 years in prison in 2012. GCHQ agents had been provided by Pearson with malicious code designed to infect the devices of a certain website’s visitors and turn them into botnet zombies that could be used for DDOS attacks.

    The same spy unit is also said to have contributed to the arrest and conviction of Jake Davis, aka Topiary, and Mustafa al-Bassam, known as Tflow. Authorities targeted another hacktivists known as p0ke, but did not apparently indict him.

    A DDoS attack is a criminal offence in most countries, the US and UK included.

    For example, in the UK a person found guilty of a cyber attack would be charged in accordance with the Computer Misuse Act, while in the US such illegal activities are prosecuted under the Computer Fraud and Abuse Act (CFAA).

    Courtesy of NBC News, Voice of Russia and RT for their Contributions:    


    Enhanced by Zemanta
  • #AceNewsGroup 10:03 on February 4, 2014 Permalink
    Tags: , , , , , , , ,   

    #NSA: ” Obama Administration Announces Agreement with Facebook, LinkedIn, Yahoo, Google and Microsoft but Civil Rights Still Want More” 

    #AceSecurityNews says Facebook, Google, and others can unveil national security request details, but not until product is two years old. Thus urging `Civil Rights Groups’ to want more!

    Published time: February 03, 2014 23:02

    Reuters / Pawel KopczynskiReuters / Pawel Kopczynski
    Some of the most influential companies in Silicon Valley have unveiled data regarding the national security requests they have received from the US government, detailing how many requests they receive, how many the company responds to, and other details.

    The Obama administration announced Monday it had come to an agreement with Facebook, LinkedIn, Yahoo, Google, and Microsoft to allow the companies to disclose some details about the surveillance requests targeting their customers.

    Apple released its own transparency report last week.

    US Attorney General Eric Holder and Director of National Intelligence James Clapper said in a joint statement that the tech companies are now authorized to disclose the “number of national security orders and requests issued to communication providers, the number of customer accounts targeted under those orders and requests and the underlying legal authorities.”

    The companies have spent months fighting for such a deal after complaining that the National Security Agency dragnet exposed last year had hurt business.

    We filed our lawsuits because we believe that the public has a right to know about the volume and types of national security requests we receive,” the five companies said in a joint statement Monday. “We’re pleased the Department of Justice has agreed that we and other providers can disclose this information. While this is a very positive step we’ll continue to encourage Congress to take additional steps to address all of the reforms we believe are needed.”

    Civil liberties activists hold a rally against surveillance of US citizens on January 17, 2014. (AFP Photo / Nicholas Kamm)Civil liberties activists hold a rally against surveillance of US citizens on January 17, 2014. (AFP Photo / Nicholas Kamm)

    Reports indicate that, when the first of the Edward Snowden leaks were publicized in June, the White House was reluctant to make any deals with Silicon Valley. But with media pressure mounting and shifting polls proving that a sizable number of Americans are skeptical about the NSA surveillance, administration officials told Politico the time to negotiate had come.

    While this aggregate data was properly classified until today, the office of the Director of National Intelligence, in consultation with other departments and agencies, has determined that the public interest in disclosing this information now outweighs the national security concerns that require its classification,” stated Holder and Clapper.

    Facebook’s transparency report for the latter half of 2012 and the first six months of 2013 noted that only a “small fraction” of one percent of its users were the target of any surveillance requests.

    LinkedIn received “between 0 and 249” national security-related requests in the first six months of 2013. Over the same time period, Microsoft said it was sent under 1,000 national security letters pertaining to fewer than 1,000 accounts.

    However, the government still prohibits companies from disclosing surveillance details about a new product until two years after it was launched, a condition that has irked civil liberties advocates calling for wider change.

    Brad Smith, Microsoft’s general counsel and the company’s executive vice president for legal and corporate affairs, has said the government agreed to let the companies disclose requests “in bands of a thousand” and only six months after a request was made.

    Asking the public and policymakers to try to judge the appropriateness of the government’s surveillance practices based on a single, combined, rounded number is like asking a doctor to diagnose a patient’s shadow: only the grossest and most obvious problem, if even that, will be ever evident,” Kevin Bankston, policy director at the New America Foundation’s Open Technology Institute, told Politico.

    Enhanced by Zemanta
  • #AceNewsGroup 16:14 on January 29, 2014 Permalink
    Tags: , , , , , , , ,   

    #UN Security Council : ” Trans-Atlantic Relations’ a `Rift Could Emerge’ without `Involvement of Germany” 

    #AceSecurityNews says `NSA Scandal’ Germans hold out for ‘change they can believe in.

    Courtesy: Roslyn Fuller, for RT

    nsa-germany-against-spying-tradition.siIt is difficult to imagine how a significant rift in trans-Atlantic relations could emerge without the involvement of Germany, the European Union’s most populous, financially solvent and politically powerful member.

    It continues to host tens of thousands of American troops on its soil, and with its impeccable capitalist credentials, track-record of dutiful political decision-making, enviable manufacturing base and ability to criticize English-speaking nations in their own language, Germany is always able to make a good case for its views on the international stage.

    Since Germany is not a permanent member of the United Nations Security Council nor closely bound to significant former overseas possessions, it is more likely to disagree with American expansionist policies than Britain or France. Permanently half a step out of sync with the P-3 (the USA, UK and France) in this regard, Germany – a loyal NATO-member during the Cold War – has become the ultimate swing state of international relations over the past decade.

    With fears of Soviet invasion and fond memories of Allied troops handing out candy in the aftermath of WWII fading rapidly into the past, the Second Iraq War presented a major turning point in US-German relations and a sharp disillusionment of many Germans with American foreign policy.

    Eventually proven right in its skepticism of Anglo-American claims that Iraq was stockpiling weapons of mass destruction, Germany has remained decidedly unenthusiastic about Western-led interventions ever since. Most notably, in 2011 Germany – along with China and Russia – refused to endorse UN Security Council Resolution 1973 which enabled limited military engagement during the civil war in Libya.

    Several US officials, including former US Ambassador to NATO Nicholas Burns, publicly criticized Germany’s decision to abstain from voting on the Resolution. This criticism provoked an intense debate within Germany and soured relations just a little bit more. The NSA mass surveillance programs revealed by Edward Snowden last year put another nail in the coffin of the once so-rosy US-German relationship.

    Reuters/Tobias Schwarz

    Reuters/Tobias Schwarz

    Voices against NSA spying

    While it seemed at first that NSA surveillance in Germany might be dealt with in a purely diplomatic context with all parties agreeing to make a few cosmetic changes before sweeping the issue under the rug, German politicians have become increasingly vocal about just what the American administration will need to do to mend fences with them.

    This stance – which has been taken up by members of both parties in Germany’s governing ‘grand coalition’ (the center-left SPD and Chancellor Merkel’s center-right CDU/CSU) – has proven far more popular than Merkel’s original mild reaction on learning that the NSA had hacked her private cell phone. World leaders may be inclined to take some measure of spying on themselves with a grain of salt, but German voters were inflamed, particularly because President Obama had previously denied that the NSA was conducting operations against German targets. With an electorate feeling shocked, angered and betrayed, politicians across the political spectrum soon realized that this was not an issue to be ignored.

    The SPD’s leader in parliament, Thomas Oppermann, has taken a strong stance against the NSA programs, contemplating asylum for Edward Snowden, demanding a No-Spy-Agreement between Germany and United States and threatening legal action. The SPD currently holds the Ministry for Justice and has, according to a DPA report, stated that it will not exercise its ability to prevent criminal prosecutions related to NSA spying on government figures. In particular, German politicians have been less than receptive to the olive branch extended to them (and the rest of the world) via Obama’s reform plans for the NSA.

    Justice Minister Heiko Maas has characterized the proposed NSA reforms as merely a “first step,” stating that only a No-Spy Agreement would suffice to allay his concerns. Elmar Brok, a CDU Member of the European Parliament and Chairperson for the Committee on Foreign Affairs, harshly criticized Obama’s speech on NSA reform as window-dressing, lending his views weight by explicitly stating that the pending Transatlantic Trade and Investment Partnership between the European Union and the US should not be signed before the issue of data protection was completely resolved.

    He was echoed in this sentiment by fellow CDU/CSU politician Stephan Mayer who demanded “concrete action,” while government spokesperson Steffan Seibert, while delivering the government reaction to Obama’s speech, reminded his audience that the government expected its allies to respect German law on German territory. Most strongly of all, Merkel herself is alleged to have compared NSA surveillance activities to the actions of the East German Stasi in a recent confrontation with Obama.

    Reuters/Kai Pfaffenbach

    Reuters/Kai Pfaffenbach

    No to shooting the plane down

    While this strong stance on the issue of mass surveillance may cause their Anglo-Saxon counterparts some anxiety, Germany’s ire shouldn’t surprise them. While Western values of individual freedom and democracy were imposed on Germany more or less by fiat following the Second World War, in the intervening years these values have deeply penetrated the German legal system and public opinion. Both the German constitution, with its robust protections of individual rights (including privacy), and the principles of international law (especially the prohibition on the use of force) are revered points of cultural reference and perceived as non-negotiable. In other words, Germans took all of the human rights talk seriously, apparently not having received the memo on how to use it merely for political spin.

    To give an example: while British and American politicians have repeatedly vowed to shoot down any hijacked passenger plane which might be used in a 9/11-style attack, such a situation proved a legal and moral conundrum in Germany. With a 70-year legal tradition that enshrines deep respect for the sanctity of life and human dignity, the topic provoked months of heated debate. This debate culminated in the Bundestag passing a law that permitted authorities to shoot down a hijacked passenger plane in certain circumstances, a law that was quashed by the Federal Constitutional Court on the grounds that it contravened citizens’ basic rights.

    Similarly, Germans feel deeply about the issue of surveillance, as for many of them the experience and consequences of repressive state surveillance are well within living memory and deeply unacceptable on a cultural level. Many Germans are thus willing to lend a helping hand to anyone who opposes such practices. Thus, just as Germany became a focal point for resistance to the Second Iraq War, it is beginning to become something of a magnet for transparency activists, with Jacob Appelbaum and Sarah Harrison currently residing in Berlin where they face fewer obstacles in conducting their work.

    An American citizen, Appelbaum – an early WikiLeaks volunteer and TOR project member – has relocated to Germany to avoid harassment from US authorities, while Harrison – the WikiLeaks worker who escorted Edward Snowden to Moscow – has cited fears of legal prosecution in her native Britain as the reason for her choice to remain in Berlin.

    While Germany and the rest of what Donald Rumsfeld once referred to as “Old Europe” are still firmly rooted in the Western-centrist tradition and do not espouse any particularly radical policies, they would like to move from head cheerleader to equal partner within the Western bloc of developed nations and have their core values respected.

    Individual privacy is, for good reason, one of their core values and with the support of their electorate, German politicians are willing to hold out for change their constituents will believe in.

    Having lost a great deal of international credibility over the past decade, the US now finds itself in a delicate position. While the American administration would obviously like to get its surveillance programs off the international agenda as quickly and as quietly as possible, the Germans have made clear that it will stay on their agenda, and that they will use their clout to keep it on the European agenda, until they receive a concession that makes it worthwhile for them to change their minds.

    If the US wants to fully repair its relationship with Germany it will have to take some meaningful action on this point or risk further alienating a nation that has previously proven to be one of its most loyal allies.

    Roslyn Fuller, for RT

    Dr. Roslyn Fuller is the author of Ireland’s leading textbook on international law. She was educated at the University of Goettingen in Germany.



    Enhanced by Zemanta
  • #AceNewsGroup 15:48 on January 29, 2014 Permalink
    Tags: , , , Christopher Soghoian, , , , , ,   

    #GCHQ `Taught’ #NSA : How to `Monitor’ our `Social Media Sites’ in Real-Time” 

    #AceSecurityNews says `GCHQ‘ taught `NSA’how to monitor Facebook, Twitter in real-time #Snowden leak

    British intelligence officials can infiltrate the very cables that transfer information across the internet,British intelligence officials can infiltrate the very cables that transfer information across the internet, as well as monitor users in real-time on sites like Facebook without the company’s consent, according to documents leaked by Edward Snowden.

    The internal documents reveal that British analysts gave instruction to members of the National Security Agency in 2012, showing them how to spy on Facebook, Twitter, and YouTube in real-time and collect the computer addresses of billions of the sites’ up-loaders.

    The leaked documents are from a #GCHQ publication titled ‘Psychology: A New Kind of SIGDEV’ (Signals Development). Published by NBC News on Monday, the papers detail a program dubbed ‘Squeaky Dolphin,’ which was developed for analysts working in “broad real-time monitoring of online activity.”

    Sources told NBC that the British have proven their ability to both directly monitor the world’s web traffic cable and use a third-party to view the data stream and extract information from it.

    Representatives from the companies in question said they have not provided any data to the government of the United Kingdom under this program, either voluntarily or involuntarily. One person who wished to remain anonymous said that Google, the company that owns YouTube, was “shocked” to discover the UK may have been “grabbing” data for years.

    Previously published disclosures have made it clear that the US and UK are sharing intelligence tactics. The Washington Post reported in October 2013 that the #NSA and #GCHQ collaborated on a program known as MUSCULAR, which the agencies used to record “entire data flows” from Yahoo and Google.

    Security officials have consistently maintained that the programs are authorized under the laws of their respective nation and that the surveillance is designed only as a tool for preventing terrorism. Still, the lack of transparency has left civil liberties advocates searching for more answers.

    Governments have no business knowing which YouTube videos everyone in the world is watching,Chris Soghoian, chief technologist for the American Civil Liberties Union, told NBC. “It’s one thing to spy on a particular person who has done something to warrant a government investigation but governments have no business monitoring the Facebook likes or YouTube views of hundreds of millions of people.”

    When members of GCHQ delivered the presentation to NSA officials, they showed the Americans how to carry out the surveillance by extracting information from YouTube, Facebook, and Google’s Blogger service on February 13, 2012 – one day before anti-government protests were to begin in Bahrain.

    According to the documents leaked by whistleblower Edward Snowden, the presenters were careful to mention that the intelligence gathering was not designed to monitor specific targets. “Not interested in individuals just broad trends!” one note reads.

    Jason Healey, a former White House official under President George W. Bush, told NBC such activity not only sends a shiver through the public but has also become an impediment for Silicon Valley executives and the thriving social media industry.

    We want our security services to be out there and keeping us safe,” he said, “but we can also look for balance, we can look for limits, especially if we’re putting at risk this most transformative technology since Gutenberg.”


    Enhanced by Zemanta
  • #AceNewsGroup 16:58 on January 26, 2014 Permalink
    Tags: , , , , , , , , ,   

    #Edward-Snowden : ” Russia Has Said he Can Extend his `Asylum’ and even `Apply’ for Citizenship” 

    #AceSecurityNews says `Snowden’ can extend his asylum every year – lawyer or even apply for `Citizenship’his choice.

    Published time: January 26, 2014  11:58

    AFP Photo / Mandel NganAFP Photo / Mandel Ngan
    Though Edward Snowden’s temporary political asylum in Russia is set to expire in August, his lawyer says the NSA whistleblower has the right to extend his status every year until he is eligible for citizenship.

    Snowden will make up his mind very soon, his legal representative in Russia, Anatoly Kucherena, told Kommersant newspaper.

    Meanwhile, a top Russian lawmaker has indicated that Russia will most likely extend Snowden’s asylum.He will not be sent out of Russia,” Aleksey Pushkov, chairman of the foreign affairs committee of Russia’s lower house of Parliament, said Friday at the World Economic Forum in Davos. “It will be up to Snowden, The New York Times quoted him as saying.

    Kucherena did not rule out that Snowden will apply for an extension of his asylum and maybe even seek Russian citizenship in the future.

    In an article published by The New Yorker earlier this week, Snowden dismissed as “absurd”accusations from US lawmakers that he might have spied on behalf of Russia when taking troves of classified US government documents. Snowden insisted that he “clearly and unambiguously acted alone, with no assistance from anyone, much less a government.”

    Snowden asked why he would have initially fled to Hong Kong and why was he “stuck in the airport forever” - in reference to the forty days he spent stranded in the transit zone of Moscow’s Sheremetyevo International Airport – if he was a spy. “Spies get treated better than that,” he said.

    Snowden’s statement follows accusations made by the chairs of both the House and Senate intelligence committees last Sunday, which insinuated that he might have collaborated with Russia’s special services.

    Speaking to RT earlier this week, Kucherena dismissed any accusations against his client, stressing that he has spent a lot of time with Snowden since June of last year and would have been aware if he had cooperated with the Russian government.

    But I assure everyone that all day-to-day issues, housing rental etc. – all these questions he resolves himself or with my help.”

    The lawyer reminded that Snowden recently obtained a job after spending nearly all of his savings.

    “So in this case I cannot say that there is any government involvement, because there is none. His life is modest.”


    Enhanced by Zemanta
  • #AceNewsGroup 16:27 on January 26, 2014 Permalink
    Tags: , , , , , , , ,   

    #NSA : “Edward Snowden says `There is No Question US Are Engaged’ in `Economic’ Spying” 

    #AceSecurityNews says #Edward-Snowden says the `NSA’ are involved in `Industrial Spying ‘ in his `Interview’ with German TV on Saturday.

    Published time: January 26, 2014 09:44
    Edited time: January 26, 2014 16:05

    AFP Photo / Jim WatsonAFP Photo / Jim Watson
    The NSA agency is not preoccupied solely with national security, but also spies on foreign industrial entities in US business interests, former American intelligence contractor, Edward Snowden, has revealed in an interview to German TV.

    Edward Snowden chose the German ARD broadcaster to make his first TV interview ever since he became a whistleblower. The interview was made in strict secrecy in an unspecified location in Russia, where Snowden is currently living under temporary asylum.

    “There is no question that the US is engaged in economic spying,” said Snowden, from a teaser aired late on Saturday. 
    If an industrial giant like Siemens has something that the NSA believes “would be beneficial to the national interests, not the national security, of the United States, they will go after that information and they’ll take it,” the whistleblower said, giving an example.

    Reuters / Tobias SchwarzReuters / Tobias Schwarz

    Edward Snowden disavowed participation in any future publications of the documents he withdrew from the NSA data banks, saying in the same interview that he no longer possesses any NSA data. The information has been distributed among a number of trustworthy journalists, who are going to decide for themselves what to make public and in what sequence.

    The full 30-minute version will be aired at 11pm local time (22:00 UTC) on Sunday right after prime-time talk show, ‘Günther Jauch’.

    The former NSA contractor’s revelations about US global spying activities, including snooping on its closest allies, put transatlantic ties “to the test,” said German Chancellor Angela Merkel last November and demanded that Washington give Germany clarity over the future of the NSA in the country.

    Snowden’s revelation hit Berlin particularly hard because Germany is a non-Anglophone country, and therefore is not a member of the ‘Five eyes’ intelligence alliance that incorporates NSA-equivalent agencies in Britain, Canada, Australia and New Zealand, Deutsche Welle points out. While members of the ‘Five eyes’ were exchanging intelligence on a regular basis, Berlin had to consider itself satisfied with less data, while both Washington and London, for example, were blatantly listening to German Chancellor Angela Merkel’s cell phone right in the middle of Germany’s capital.

    The Germans – according to polls – have lost confidence in the US as a trustworthy partner, and the majority of them consider NSA whistle-blower Edward Snowden a hero.

    In order to mend fences, US President Barack Obama made a rare appearance on German TV. On January 18 President Obama told the ZDF TV channel that “As long as I’m president of the United States, the chancellor of Germany will not have to worry about this.”

    Yet Germany remains skeptical about US promises of discontinuing spying on foreign leaders, and is in the vanguard of a number of European countries aiming to change data privacy rules in the EU.

    Former NSA contractor, Edward Snowden, remains in Russia, where his temporary political asylum status could be extended every year. He has no plans for returning to the US where he would face trial for alleged treason.

    “Returning to the US, I think, is the best resolution for the government, the public, and myself, but it’s unfortunately not possible in the face of current whistleblower protection laws, which through a failure in law did not cover national security contractors like myself,” said Snowden during his public Q&A session last Thursday.

    Enhanced by Zemanta
  • #AceNewsGroup 17:40 on January 23, 2014 Permalink
    Tags: , , , , EFF, , , , Privacy and Civil Liberties Oversight Board, , Risk management, , , ,   

    SSD Project EFF: “Surveillance `Self-Defence Guide’ to `Survive and Defend’ your `Civil Liberties’ On-line” 

    #AceSecurityNews says `The SSD Project’ and `How’ to `Survive’ and `Defend’ your `Civil Liberties‘ On-line!

    Hugh D'Andrade's design to commemorate Electro...

    Hugh D’Andrade’s design to commemorate Electronic Frontier Foundation’s 20th Birthday. (Photo credit: Wikipedia)

    The Electronic Frontier Foundation (EFF) has created this Surveillance Self-Defense site to educate the American public about the law and technology of government surveillance in the United States, providing the information and tools necessary to evaluate the threat of surveillance and take appropriate steps to defend against it.

    Surveillance Self-Defense (SSD) exists to answer two main questions: What can the government legally do to spy on your computer data and communications? And what can you legally do to protect yourself against such spying?

    After an introductory discussion of how you should think about making security decisions — it’s all about Risk Management — we’ll be answering those two questions for three types of data:

    First, we’re going to talk about the threat to the Data Stored on Your Computer posed by searches and seizures by law enforcement, as well as subpoenas demanding your records.

    Second, we’re going to talk about the threat to your Data on the Wire — that is, your data as it’s being transmitted — posed by wire-tapping and other real-time surveillance of your telephone and Internet communications by law enforcement.

    Third, we’re going to describe the information about you that is stored by third parties like your phone company and your Internet service provider, and how law enforcement officials can get it.

    In each of these three sections, we’re going to give you practical advice about how to protect your private data against law enforcement agents.

    In a fourth section, we’ll also provide some basic information about the U.S. government’s expanded legal authority when it comes to Foreign Intelligence and Terrorism Investigations .

    Finally, we’ve collected several articles about specific defensive technologies that you can use to protect your privacy, which are linked to from the other sections or can be accessed individually. So, for example, if you’re only looking for information about how to securely delete your files, or how to use encryption to protect the privacy of your emails or instant messages, you can just directly visit that article.

    Legal disclaimer: This guide is for informational purposes only and does not constitute legal advice. EFF’s aim is to provide a general description of the legal and technical issues surrounding you or your organization’s computer and communications security, and different factual situations and different legal jurisdictions will result in different answers to a number of questions. Therefore, please do not act on this legal information alone; if you have any specific legal problems, issues, or questions, seek a complete review of your situation with a lawyer licensed to practice in your jurisdiction.

    Risk Management

    Security Means Making Trade-Offs to Manage Risks

    Security isn’t having the strongest lock or the best anti-virus software — security is about making trade-offs to manage risk, something we do in many contexts throughout the day. When you consider crossing the street in the middle of the block rather than at a cross-walk, you are making a security trade-off: you consider the threat of getting run over versus the trouble of walking to the corner, and assess the risk of that threat happening by looking for oncoming cars. Your bodily safety is the asset you’re trying to protect. How high is the risk of getting run over and are you in such a rush that you’re willing to tolerate it, even though the threat is to your most valuable asset?

    That’s a security decision. Not so hard, is it? It’s just the language that takes getting used to. Security professionals use four distinct but interrelated concepts when considering security decisions: assetsthreatsrisks andadversaries.


    What You Are Protecting

    An asset is something you value and want to protect. Anything of value can be an asset, but in the context of this discussion most of the assets in question are information. Examples are you or your organization’s emails, instant messages, data files and web site, as well as the computers holding all of that information.


    What You Are Protecting Against

    threat is something bad that can happen to an asset. Security professionals divide the various ways threats can hurt your data assets into six sub-areas that must be balanced against each other:

    • Confidentiality is keeping assets or knowledge about assets away from unauthorized parties.
    • Integrity is keeping assets undamaged and unaltered.
    • Availability is the assurance that assets are available to parties authorized to use them.
    • Consistency is when assets behave and work as expected, all the time.
    • Control is the regulation of access to assets.
    • Audit is the ability to verify that assets are secure.

    Threats can be classified based on which types of security they threaten. For example, someone trying to read your email (the asset) without permission threatens its confidentiality and your control over it. If, on the other hand, an adversary wants to destroy your email or prevent you from getting it, the adversary is threatening the email’s integrity and availability. Using encryption, as described later in this guide, you can protect against several of these threats. Encryption not only protects the confidentiality of your email by scrambling it into a form that only you or your intended recipient can descramble, but also allows you to audit the emails — that is, check and see that the person claiming to be the sender is actually that person, or confirm that the email wasn’t changed between the sender and you to ensure that you’ve maintained the email’s integrity and your control over it.


    The Likelihood of a Threat Actually Occuring

    Risk is the likelihood that a particular threat against a particular asset will actually come to pass, and how damaged the asset would be. There is a crucial distinction between threats and risks: threats are the bad things that can happen to assets, but risk is the likelihood that specific threats will occur. For instance, there is a threat that your building will collapse, but the risk that it will really happen is far greater in San Francisco (where earthquakes are common) than in Minneapolis (where they are not).

    People often over-estimate and thus over-react to the risk of unlikely threats because they are rare enough that the worst incidents are well publicized or interesting in their unusualness. Similarly, they under-estimate and under-react to more common risks. The most clichéd example is driving versus flying. Another example: when we talk to individuals about government privacy intrusions, they are often concerned about wiretapping or searches, but most people are much more at risk from less dramatic measures, like subpoenas demanding records from you or your email provider. That is why we so strongly recommend good data practices — if it’s private, don’t give it to others to hold and don’t store it, but if you do store it, protect it — while also covering more unusual circumstances, like what to do when the police show up at your door or seize your laptop.

    Evaluating risk is necessarily a subjective process; not everyone has the same priorities or views threats in the same way. Many people find certain threats unacceptable no matter what the risk, because the mere presence of the threat at any likelihood is not worth the cost. In other cases, people disregard high risks because they don’t view the threat as a problem. In a military context, for example, it might be preferable for an asset to be destroyed than for it to fall into enemy hands. Conversely, in many civilian contexts, it’s more important for an asset such as email service to be available than confidential.

    In his book Beyond Fear, security expert Bruce Schneier identifies five critical questions about risk that you should ask when assessing proposed security solutions:

    • What assets are you trying to protect?
    • What are the risks to those assets?
    • How well does the security solution mitigate those risks?
    • What other risks does the security solution cause?
    • What costs and trade-offs does the security solution impose?

    Security is the art of balancing the value of the asset you are trying to protect against the costs of providing protection against particular risks. Practical security requires you to realistically judge the actual risk of a threat in order to decide which security precautions may be worth using to protect an asset, and which precautions are absolutely necessary.

    In this sense, protecting your security is a game of tradeoffs. Consider the lock on your front door. What kind of lock — or locks — should you invest in, or should you lock the door at all? The assets are invaluable — the privacy of your home and control over the things inside. The threat level is very high — you could be financially wiped out, and all of your most valuable and private information exposed, if someone broke in. The critical question then becomes: how serious is the risk of someone breaking in? If the risk is low, you probably won’t want to invest much money in a lock; if the risk is high, you’ll want to get the best locks that you can.


    Who Poses a Threat?

    A critical part of assessing risk and deciding on security solutions is knowing who or what your adversary is. An adversary, in security-speak, is any person or entity that poses a threat against an asset. Different adversaries pose different threats to different assets with different risks; different adversaries will demand different solutions.

    For example, if you want to protect your house from a random burglar, your lock just needs to be better than your neighbors’, or your porch better lit, so that the burglar will choose the other house. If your adversary is the government, though, money spent on a better lock than your neighbors’ would be wasted — if the government is investigating you and wants to search your house, it won’t matter how well your security compares to your neighbors. You would instead be better off spending your time and money on other security measures, like encrypting your valuable information so that if it’s seized, the government can’t read it.

    Here are some examples of the kinds of adversaries that may pose a threat to your digital privacy and security:

    • U.S. government agents that follow laws which limit their activities
    • U.S. government agents that are willing and able to operate without legal restrictions
    • Foreign governments
    • Civil litigants who have filed or intend to file a lawsuit against you
    • Companies that store or otherwise have access to your data
    • Individual employees who work for those companies
    • Hackers or organized criminals who randomly break into your computer, or the computers of companies that store your data
    • Hackers or organized criminals that specifically target your computer or the computers of the companies that store your data
    • Stalkers, private investigators or other private parties who want to eavesdrop on your communications or obtain access to your machines

    This guide focuses on defending against threats from the first adversary — government agents that follow the law — but the information herein should also provide some help in defending against the others.

    Putting it All Together

    Which Threats from Which Adversaries Pose the Highest Risk to Your Assets?

    Putting these concepts together, you need to evaluate which threats to your assets from which adversaries pose the most risk, and then decide how to manage the risk. Intelligently trading off risks and costs is the essence of security. How much is it worth to you to manage the risk? For example, you may recognize that government adversaries pose a threat to your webmail account, because of their ability to secretly subpoena its contents. If you consider that threat from that adversary to be a high risk, you may choose not to store your email messages with the webmail company, and instead store it on your own computer. If you consider it a low risk, you may decide to leave your email with the webmail company — trading security for the convenience of being able to access your email from any internet-connected computer. Or, if you think it’s an intermediate risk, you may leave your email with the webmail company but tolerate the inconvenience of using encryption to protect the confidentiality of your most sensitive emails. In the end, it’s up to you to decide which trade-offs you are willing to make to help secure your assets.

    A Few Parting Lessons

    Now that we’ve covered the critical concepts, here are a few more basic lessons in security-think that you should consider before reading the rest of this guide:

    Knowledge is Power. Good security decisions can’t be made without good information. Your security tradeoffs are only as good as the information you have about the value of your assets, the severity of the threats from different adversaries to those assets, and the risk of those attacks actually happening. We’re going to try to give you the knowledge you need to identify the threats to your computer and communications security that are posed by the government, and judge the risk against possible security measures.

    The Weakest Link. Think about assets as components of the system in which they are used. The security of the asset depends on the strength of all the components in the system. The old adage that “a chain is only as strong as its weakest link” applies to security, too: The system as a whole is only as strong as the weakest component. For example, the best door lock is of no use if you have cheap window latches. Encrypting your email so it won’t get intercepted in transit won’t protect the confidentiality of that email if you store an unencrypted copy on your laptop and your laptop is stolen.

    Simpler is Safer and Easier. It is generally most cost-effective and most important to protect the weakest component of the system in which an asset is used. Since the weak components are much easier to identify and understand in simple systems, you should strive to reduce the number and complexity of components in your information systems. A small number of components will also serve to reduce the number of interactions between components, which is another source of complexity, cost, and risk.

    More Expensive Doesn’t Mean More Secure. Don’t assume that the most expensive security solution is the best, especially if it takes away resources needed elsewhere. Low-cost measures like shredding trash before leaving it on the curb can give you lots of bang for your security buck.

    There is No Perfect Security — It’s Always a Trade-Off. Set security policies that are reasonable for your organization, for the risks you face, and for the implementation steps your group can and will take. A perfect security policy on paper won’t work if it’s too difficult to follow day-to-day.

    What’s Secure Today May Not Be Secure Tomorrow. It is also crucially important to continually re-evaluate the security of your assets. Just because they were secure last year or last week doesn’t mean they’re still secure!

    Data Stored on Your Computer

    Search, Seizure and Subpoenas

    In this section, you’ll learn about how the law protects — or doesn’t protect — the data that you store on your own computer, and under what circumstances law enforcement agents can search or seize your computer or use a subpoena to demand that you turn over your data. You’ll also learn how to protect yourself in case the government does attempt to search, seize, or subpoena your data, with a focus on learning how to minimize the data that you store and use encryption to protect what you do store.

    What Can the Government Do?

    Before you can think about security against the government, you need to know law enforcment’s capabilities and limitations. The government has extraordinary abilities — it’s the best-funded adversary you’ll ever face. But the government does have limits. It must decide whether it is cost-effective to deploy its resources against you. Further, law enforcement officers have to follow the law, and most often will try to do so, even if only because there are penalties associated with violating it. The first and most important law for our purposes is the Fourth Amendment to the United States Constitution.

    The Fourth Amendment

    Protecting People From Unreasonable Government Searches and Seizures

    The Fourth Amendment says, ” the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

    seizure occurs when the government takes possession of items or detains people.

    search is any intrusion by the government into something in which one has a reasonable expectation of privacy.

    Some examples of searches include: reaching into your pockets or searching through your purse; entering into your house, apartment, office, hotel room, or mobile home; and examining the contents of your backpack or luggage. Depending on the facts, eavesdropping on your conversations or wiretapping of your communications can also constitute a search and seizure under the Fourth Amendment.

    The Fourth Amendment requires searches and seizures to be “reasonable”, which generally means that police must get a search warrant if they want to conduct a legal search or seizure, although there are exceptions to this general rule. If a search or seizure is “unreasonable” and thus illegal, then police cannot use the evidence obtained through that search or seizure in a criminal trial. This is called the exclusionary rule and it is the primary incentive against government agents violating your Fourth Amendment rights.

    A few important things to remember:

    • The Fourth Amendment protects you from unreasonable searches whether or not you are a citizen. In particular, the exclusionary rule applies to all criminal defendants, including non-citizens. However, the exclusionary rule does not apply in immigration hearings, meaning that the government may introduce evidence from an illegal search or seizure in those proceedings.
    • The Fourth Amendment applies whenever the government — whether local, state or federal — conducts a search or seizure. It protects you from an unreasonable search or seizure by any government official or agent, not just the police.
    • The Fourth Amendment does not protect you from privacy invasions by people other than the government, even if they later hand over what they found to the government — unless the government directed them to search your things in the first place.
    • Your Fourth Amendment rights against unreasonable searches and seizures cannot be suspended — even during a state of emergency or wartime — and they have not been suspended by the USA PATRIOT Act or any other post-9/11 legislation.
    • If you are ever searched or served with any kind of government order, contact a lawyer immediately to discuss your rights. Contact a lawyer any time you are searched, threatened with a search, or served with any kind of legal papers from the government or anyone else. If you do not have a lawyer, pro bono legal organizations such as EFF are available to help you or assist in finding other lawyers who will.

    Reasonable Expectation of Privacy

    The Fourth Amendment only protects you against searches that violate your reasonable expectation of privacy. A reasonable expectation of privacy exists if 1) you actually expect privacy, and 2) your expectation is one that society as a whole would think is legitimate.

    This rule comes from a decision by the United States Supreme Court in 1967, Katz v. United States, holding that when a person enters a telephone booth, shuts the door, and makes a call, the government can not record what that person says on the phone without a warrant. Even though the recording device was stuck to the outside of the phone booth glass and did not physically invade Katz’s private space, the Supreme Court decided that when Katz shut the phone booth’s door, he justifiably expected that no one would hear his conversation, and that it was this expectation — rather than the inside of the phone booth itself — that was protected from government intrusion by the Fourth Amendment. This idea is generally phrased as “the Fourth Amendment protects people, not places.”

    A big question in determining whether your expectation of privacy is “reasonable” and protected by the Fourth Amendment arises when you have “knowingly exposed” something to another person or to the public at large. Although Katz did have a reasonable expectation of privacy in the sound of his conversation, would he have had a reasonable expectation of privacy in his appearance or actions while inside the glass phone booth? Probably not.

    Thus, some Supreme Court cases have held that you have no reasonable expectation of privacy in information you have “knowingly exposed” to a third party — for example, bank records or records of telephone numbersyou have dialed — even if you intended for that third party to keep the information secret. In other words, by engaging in transactions with your bank or communicating phone numbers to your phone company for the purpose of connecting a call, you’ve “assumed the risk” that they will share that information with the government.

    You may “knowingly expose” a lot more than you really know or intend. Most information a third party collects — such as your insurance records, credit records, bank records, travel records, library records, phone records and even the records your grocery store keeps when you use your “loyalty” card to get discounts — was given freely to them by you, and is probably not protected by the Fourth Amendment under current law. There may be privacy statutes that protect against the sharing of information about you — some communications records receive special legal protection, for example — but there is likely no constitutional protection, and it is often very easy for the government to get a hold of these third party records without your ever being notified.

    Here are some more details on how the Fourth Amendment will — or won’t — protect you in certain circumstances:

    Residences. Everyone has a reasonable expectation of privacy in their home. This is not just a house as it says in the Fourth Amendment, but anywhere you live, be it an apartment, a hotel or motel room, or a mobile home.

    However, even things in your home might be knowingly exposed to the public and lose their Fourth Amendment protection. For example, you have no reasonable expectation of privacy in conversations or other sounds inside your home that a person outside could hear, or odors that a passerby could smell (although the Supreme Court has held that more invasive technological means of obtaining information about the inside of your home, like thermal imaging technology to detect heat sources, is a Fourth Amendment search requiring a warrant). Similarly, if you open your house to the public for a party, a political meeting, or some other public event, police officers could walk in posing as guests and look at or listen to whatever any of the other guests could, without having to get a warrant.

    Business premises. You have a reasonable expectation of privacy in your office, so long as it’s not open to the public. But if there is a part of your office where the public is allowed, like a reception area in the front, and if a police officer enters that part of the office as any other member of the public is allowed to, it is not a search for the officer to look at objects in plain view or listen to conversations there. That’s because you’ve knowingly exposed that part of your office to the public. However, if the officer does not stay in that portion of the premises that is open to the public — if he starts opening file cabinets or tries to go to private offices in the back without an invitation — then his conduct becomes a search requiring a search warrant.

    Trash. The things you leave outside your home at the edge of your property are unprotected by the Fourth Amendment. For example, once you carry your trash out of your house or office and put it on the curb or in the dumpster for collection, you have given up any expectation of privacy in the contents of that trash. You should always keep this in mind when you are disposing of sensitive documents or anything else that you want to keep private. You may want to shred all paper documents and destroy all electronic media. You could also try to put the trash out (or unlock your trashcan) right before it’s picked up, rather than leaving it out overnight without a lock.

    Public places. It may sound obvious, but you have little to no privacy when you are in public. When you are in a public place — whether walking down the sidewalk, shopping in a store, sitting in a restaurant or in the park — your actions, movements, and conversations are knowingly exposed to the public. That means the police can follow you around in public and observe your activities, see what you are carrying or to whom you are talking, sit next to you or behind you and listen to your conversations — all without a warrant. You cannot necessarily expect Fourth Amendment protection when you’re in a public place, even if you think you are alone. Fourth Amendment challenges have been unsuccessfully brought against police officers using monitoring beepers to track a suspect’s location in a public place, but it is unclear how those cases might apply to more pervasive remote monitoring, like using GPS or other cell phone location information to track a suspect’s physical location.

    Infiltrators and undercover agents. Public meetings of community and political organizations, just like any other public places, are not private. If the government considers you a potential criminal or terrorist threat, or even if they just have an unfounded suspicion that your organization might be up to something, undercover police or police informants could come to your public meetings and attempt to infiltrate your organization. They may even wear hidden microphones and record every word that’s said. Investigators can lie about their identities and never admit that they’re cops — even if asked directly. By infiltrating your organization, the police can identify any of your supporters, learn about your plans and tactics, and could even get involved in the politics of the group and influence organizational decisions. You may want to save the open-to-the-public meetings for public education and other non-sensitive matters and only discuss sensitive matters in meetings limited to the most trusted, long-time staff and constituents.

    Importantly, the threat of infiltrators exists in the virtual world as well as the physical world: for example, a police officer may pose as a online “friend” in order to access your private social network profile.

    Records stored by others. As the Supreme Court has stated, “The Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to Government authorities, even if the information is revealed on the assumption that it will be used only for a limited purpose and the confidence placed in the third party will not be betrayed.” This means that you will often have no Fourth Amendment protection in the records that others keep about you, because most information that a third party will have about you was either given freely to them by you, thus knowingly exposed, or was collected from other, public sources. It doesn’t necessarily matter if you thought you were handing over the information in confidence, or if you thought the information was only going to be used for a particular purpose.

    Therefore it is important to pay close attention to the kinds of information about you and your organization’s activities that you reveal to third parties, and work to reduce the amount of private information you leave behind when you go about your daily business.

    Opaque containers and packages. Even when you are in public, you have a reasonable expectation of privacy in the contents of any opaque (not see-through) clothes or containers. So, unless the police have a warrant or qualify for one of the warrantless search exceptions discussed below, they can’t go digging in your pockets or rummaging through your bags.

    Laptops, pagers, cell phones and other electronic devices are also protected. Courts have generally treated electronic devices that hold data as if they were opaque containers.

    However, always keep in mind that whatever you expose to the public isn’t protected. So, if you’re in a coffee shop using your laptop and an FBI agent sitting at the next table sees what you are writing in an email, or if you open your backpack and the FBI agent can see what’s inside, the Fourth Amendment won’t protect you.

    Postal mail. The mail that you send through the U.S. Postal Service is protected by the Fourth Amendment, and police have to get a warrant to open it in most cases.

    If you’re using the U.S. Postal Service, send your package using First Class mail or above. Postal inspectors don’t need a search warrant to open discount (media) rate mail because it isn’t supposed to be used for personal correspondence.

    Keep in mind that although you have privacy in the contents of your mail and packages, you don’t have any privacy in the “to” and “from” addresses printed on them. That means the police can ask the post office to report the name and address of every person you send mail to or receive mail from — this is called a “mail cover” — without getting a warrant. Mail covers are a low-tech form of “traffic analysis,” which we’ll discuss in the section dealing with electronic surveillance.

    You don’t have any privacy in what you write on a postcard, either. By not putting your correspondence in an envelope, you’ve knowingly exposed it, and the government can read it without a warrant.

    Police at the door: Police in your home or office when it’s open to the public?The police may be able to come into your home or office if you have opened those places to the public — but you can also ask them to leave, just as if they were any other members of the public. If they don’t have a warrant, or don’t qualify for any of the warrant exceptions, they have no more right to stay once you’ve asked them to leave than any other trespasser. However, undercover agents or officers need not announce their true identities, so asking all cops to leave the room before a meeting is not going to provide any protection.

    Search Warrants

    Search Warrants Are Generally Required For Most Searches and Seizures

    The Fourth Amendment requires that any search or seizure be reasonable. The general rule is that warrantless searches or seizures are automatically unreasonable, though there are many exceptions.

    To get a warrant, investigators must go to a neutral and detached magistrate and swear to facts demonstrating that they have probable cause to conduct the search or seizure. There is probable cause to search when a truthful affidavit establishes that evidence of a crime will be probably be found in the particular place to be searched. Police suspicions or hunches aren’t enough — probable cause must be based on actual facts that would lead a reasonable person to believe that the police will find evidence of a crime.

    In addition to satisfying the Fourth Amendment’s probable cause requirement, search warrants must satisfy the particularity requirement. This means that in order to get a search warrant, the police have to give the judge details about where they are going to search and what kind of evidence they are searching for. If the judge issues the search warrant, it will only authorize the police to search those particular places for those particular things.

    Police at the door: Search warrants what should you do if a police officer comes to your home or office with a search warrant?

    Be polite. Do not get in the officers’ way, do not get into an argument with them or complain, even if you think your rights are being violated. Never insult a police officer. But you should say “I do not consent to this search.” If they are properly authorized, they will search anyway. But if they are not, then you have reserved your right to challenge the search later.

    Ask to see the warrant. You have a right to examine the warrant. The warrant must tell in detail the places to be searched and the people or things to be seized, and may limit what time of day the police can search. A valid warrant must have a recent date (usually not more than a couple of weeks), the correct address, and a judge’s or magistrate’s signature. If the warrant appears incomplete, indicates a different address, or otherwise seems mistaken, politely point this out to the police.

    Clearly state that you do not consent to the search. The police don’t need your consent if they have a warrant, but clearly saying “I do not consent to this search” will limit them to search only where the warrant authorizes. If possible, have witnesses around when you say it.

    Do not resist, even if you think the search is illegal, or else you may be arrested. Keep your hands where the police can see them, and never touch a police officer. Do not try to leave if the police tell you to stay — a valid warrant gives them the right to detain any people that are on the premises while the search is conducted. You are allowed to observe and take notes of what the officers do, though they may tell you to sit in one place while they are conducting the search.

    Don’t answer any questions. The Fifth Amendment guarantees your right not to answer questions from the police, even if they have a warrant. Remember that anything you say might be used against you later. If they ask you anything other than your name and address, you should tell them “I choose to remain silent, and will not answer any questions without a lawyer.” If you say this, they are legally required to stop asking you questions until you have a lawyer with you.

    Take notes. Write down the police officers’ names and badge numbers, as well as the names and contact information of any witnesses. Write down, as best you can remember, everything that the police say and everything you say to them. Ask if you can watch the search, and if they say yes, write down everything that you see them search and/or seize (you may also try to tape or take pictures, but realize that this may escalate the situation). If it appears they are going beyond what is authorized by the warrant, politely point this out.

    Ask for an inventory. At the conclusion of the search, the police should typically provide an inventory of what has been seized; if not, request a copy but do not sign any statement that the inventory is accurate or complete.

    Call a lawyer as soon as possible. If you don’t have a lawyer, you can call EFF and we’ll try to find you one.

    Police at the door: Computer searches and seizuresIf the police believe a computer is itself evidence of a crime — for example, if it is stolen or was used to commit a crime — they will usually seize it and then search its contents later. However, if the evidence is just stored on the computer — for example, you have computer records that contain information about the person they are investigating — instead of seizing the whole machine, the police may choose to:

    • Search the computer and print out a hard copy of the particular files they are looking for (this is rarely done)
    • Search the computer and make an electronic copy of the particular files
    • Create a duplicate electronic copy of all of the computer’s contents (this is called “imaging” or creating a “bitstream copy” of the computer hard drive) and then search for the particular files later

    “Sneak and Peek” Search Warrants

    “Sneak and Peek” Search Warrants Are Easier to Obtain Than They Used to Be

    Generally, police officers serving a warrant must “knock and announce” — that is, give you notice that they are the police and are serving a warrant (although they might not do this if they reasonably suspect that they will be put in danger, or that evidence will be destroyed, if they give such notice). If they have a warrant, they can enter and search even if you aren’t home — but they still have to leave a copy of the warrant and an inventory of what they seized, so you’ll know that your place was searched.

    However, thanks to the USA PATRIOT Act, it is much easier for law enforcement to get permission from the court to delay notice rather than immediately inform the person whose premises are searched, if agents claim that giving notice would disrupt the investigation. Since the goal is not to tip the suspect off, these orders usually don’t authorize the government to actually seize any property — but that won’t stop them from poking around your computers.

    The delay of notice in criminal cases can last months. The average delay is 30 to 90 days. In the case of super-secret foreign intelligence surveillance to be discussed later, the delay lasts forever — no one is ever notified, unless and until evidence from the search is introduced in open court.

    The risk of being targeted with such a “sneak-and-peek” warrant is very low, although rising quickly. Law enforcement made 47 sneak-and-peek searches nationwide from September 2001 to April 2003 and an additional 108 through January 2005, averaging about fifty per year, mostly in drug cases. We don’t know how many foreign intelligence searches there are per year — it’s secret, of course — but we’d guess that it’s much more common than secret searches by regular law enforcement.

    Privacy tip: Sneak and peek searches, key-loggers and government spywareSecret searches can be used to install eavesdropping and wiretapping devices. Secret searches may also be used to install a key-logging device on your computer. A key-logger records all of the keystrokes that you make on the computer’s keyboard, for later retrieval by the police who installed it. So if you are concerned about government surveillance, you should check your office computers for new added hardware that you don’t recognize — especially anything installed between the keyboard and the computer — and remove it. A hardware key-logger often looks like a little dongle in between the keyboard plug and computer itself. Keyghost is an example of a hardware key-logger.

    However, the government also has the capability to remotely install software key-loggers on your computer — or search the contents of your hard drive, or install surveillance capability on your computer — using its own spyware. There were rumors of such capability a few years ago in news reports about a government software program code-named “Magic Lantern” that could be secretly installed and monitored over the Internet, without the police ever having to enter your house or office. More recently, news reports revealed that the government had in one case been able to hack into a computer remotely and install software code-named “CIPAV” (the “Computer and Internet Protocol Address Verifier”), which gave the government the IP addresses with which the infected computer communicated.

    In response to a survey, all of the major anti-spyware companies claimed that their products would treat government spyware like any other spyware programs, so you should definitely use some anti-spyware product to monitor your computer for such programs. It’s possible that a spyware company may receive a court order requiring it not to alert you to the presence of government spyware (several of the companies that were surveyed declined to say whether they had received such orders), but you should still use anti-spyware software if only to protect yourself against garden-variety spyware deployed by identity thieves and commercial data harvesters.

    Warrantless Searches

    There Are Many Fourth Amendment Exceptions to the General Rule of Warrants

    In some cases, a search can be reasonable — and thus allowed under the Fourth Amendment — even if the police don’t have a warrant. There are several key exceptions to the warrant requirement that you should be aware of.

    Consent. The police can conduct a warrantless search if you voluntarily consent to the search — that is, if you say it’s OK. In fact, any person who the police reasonably think has a right to use or occupy the property, like a roommate or guest in your home, or a coworker at your office, can consent to the search. You can make clear to the people you share a home or office with that they do not have your permission to consent to a search and that if police ask, they should say no.

    Privacy tip: Don’t accidentally consent!If the police show up at your door without a warrant, step outside then close and lock the door behind you — if you don’t, they might just walk in, and later argue that you implied an invitation by leaving the door open. If they ask to come in, tell them “I do not consent to a search.” Tell roommates, guests, coworkers and renters that they cannot consent on your behalf.

    Administrative searches. In some cases, the government can conduct administrative searches. These are searches done for purposes other than law enforcement; for example, for a fire inspection. Court authorization is required for involuntary administrative searches, although the standards are lower. The only time the government doesn’t need a warrant for an administrative search is when they are searching businesses in highly regulated industries such as liquor, guns, strip mining, waste management, nuclear power, etc. This exception to the warrant requirement clearly does not apply to the average home-owner, activist organization or community group.

    Privacy tip: Just because they’re “inspectors” doesn’t mean you have to let them in!If someone shows up at your home or office claiming to be a fire inspector, building code inspector, or some other non-law enforcement government employee who wants to inspect the premises, you can tell them to come back with a warrant. You don’t have to let them in without a warrant!

    Exigent circumstances. Exigent circumstances are emergency situations where it would be unreasonable for the police to wait to get a warrant, like if a person is calling for help from inside your house, if the police are chasing a criminal suspect who runs into an office or home, or if evidence will be destroyed if the police do not act immediately.

    Privacy tip: Don’t get tricked into consenting!Police could try to get your consent by pressuring you, or making you think that you have to let them in. For example, they may show up at your door claiming that your neighbor saw someone breaking into your home or office, saw a criminal suspect entering the premises, or heard calls for help, and that they need to take a look around. You should never physically interfere if they demand to come in (which they will do if there are indeed exigent circumstances), but no matter what they say or do, keep saying the magic words: “I do not consent to a search.”

    Plain view. The police can make a warrant-less search or seizure if they are lawfully in a position to see and access the evidence, so long as that evidence is obviously incriminating. For example, if the police enter a house with a valid search warrant to search for and seize some stolen electronics and then see a bag of drugs in plain view on the coffee table, they can seize the drugs too, even though the warrant didn’t specifically authorize that seizure. Similarly, the police could seize the drugs without a warrant, or look at any other documents or things left in plain view in the house, if there were exigent circumstances that led the police into the house — for example, if a suspect they were chasing ran into the house, or if they heard gunshots from inside. Even a law-abiding citizen who does not have any contraband or evidence that the police would want to seize may still have sensitive documents in plain view that one would not want the authorities to see.

    The plain view exception alone does not allow the police to enter your home or office without a warrant. So, for example, even if the police see evidence through your window, they cannot enter and seize it. However, plain view can combine with other exceptions to allow searches that might otherwise require a warrant. For example, if the person with the bag of drugs in the previous example saw the police looking through his window, then grabbed the bag and ran towards the bathroom as if he was about to flush the evidence down the toilet, that would be an exigent circumstance and the police could enter without a warrant to stop him.

    Automobiles’. Since cars and other vehicles are mobile, and therefore might not be around later if the police need to go get a warrant, the police can search them without one. They still need probable cause, though, because you do have a privacy interest in your vehicle.

    If the police have probable cause, they can search the entire vehicle (including the trunk) and all containers in the vehicle that might contain the object for which they are searching. For example, if the police have probable cause to believe that drugs are in the vehicle, they can search almost any container, but if they have probable cause to believe that a murder suspect is hiding inside the vehicle, they must limit their search to areas where a person can hide.

    Also, it’s important to know that the “plain view” exception is often applied to cars. That means that the police aren’t conducting a search just by looking through your car windows, or even by shining a flash-light in your car. And if they see evidence inside your car, that can then give them probable cause to search the rest of the vehicle under the automobile exception.

    Police at the (car) door: What if I get pulled over?If you are pulled over by a police officer, you may choose to stop somewhere you feel safe, both from traffic and from the officer herself. In other words, you can pull into a lighted gas station, or in front of someone’s home or somewhere there are other people present, rather than stopping on a dark road, so long as you indicate to the officer by your driving that you are in fact stopping. You are required to show the officer your license, insurance and registration. Keep your hands where the officer can see them at all times. For example, you can wait to get your documentation out when the officer is standing near your car so that she can watch what you are doing and have no cause to fear that you are going into the glove box for a weapon. Be polite and courteous.

    Airport searches. As you certainly know if you’ve flown recently, the government is allowed to search you and all your luggage for bombs and weapons before you are allowed to board a plane, without a warrant. Always assume that the government will look in your bags when you fly, and pack accordingly.

    Border searches. The government has the right to warrantlessly search travelers at the border, including international airports, as part of its traditional power to control the flow of items into and out of the country. The case law distinguishes between “routine” searches, which require no cause, and “non-routine” searches, which require reasonable suspicion, but no warrant. “Non-routine” searches include strip searches, cavity searches, involuntary X-rays and other particularly invasive investigative techniques. Several courts have found that searching the contents of your laptop or other electronic devices is “routine” and doesn’t require a warrant or even reasonable suspicion.

    One solution to this problem is to bring a blank “travelling” laptop and leave your personal information at home. You could then access the information that you left at home over the internet by using a VPN or other secure method to connect to a server where you’ve stored the information.

    However, bringing a clean laptop means more than simply dragging files into the trash. Deleting files will not remove them from your hard drive. See our software and technology article on secure deletion for details.

    Another solution is to use password-based disk encryption to prevent border agents from being able to read your files. The consequences of refusing to disclose a password under those circumstances are difficult to predict with certainty, but non-citizens would face a significant risk of being refused entry to the country. Citizens cannot be refused entry, but could be detained until the border agents decide what to do, which may include seizing your computer.

    Stop and frisk searches. The police can stop you on the street and perform a limited “pat-down” search or “frisk” — this means they can feel around your outer clothing for concealed weapons.

    The police don’t need probable cause to stop and frisk you, but they do at least need to have a reasonable suspicion of criminal activity based on specific facts. This is a very low standard, though, and the courts usually give the police a lot of leeway. For example, if a police officer is suspicious that you’re carrying a concealed weapon based on the shape of a lump under your jacket or the funny way that you’re walking, that’s usually enough.

    If, while patting you down, a police officer feels something that he reasonably believes is a weapon or an illegal item, the officer can reach into your clothes and seize that item.

    Search Incident to Lawful Arrest

    Search Incident to Arrest (SITA) doctrine is an exception to the general requirement that police obtain a warrant before conducting a search. The purpose of this exception is to protect the officer by locating and seizing any weapons the person has and to prevent the destruction of any evidence on the person. According to the SITA doctrine, if an arrest is valid, officers may conduct a warrantless search of the arrestee and the area and objects in close proximity — i.e. the “grab area” — at about the same time as the arrest.

    Officers may also perform inventory searches of the arrested person at the time of the arrest or upon arrival at the jail or other place of detention.

    So, the police are allowed to search your clothing and your personal belongings after they’ve arrested you. They can also search any area nearby where you might conceal a weapon or hide evidence. If you are arrested inside a building, this usually means they can search the room they found you in but not the entire building. If you are arrested while driving, this means they can search inside the car, but not the trunk. But if they impound the car, then they can search the trunk as part of an inventory search. This is another example of the way that multiple exceptions to the warrant requirement can combine to allow the police a lot of leeway to search without going to a judge first.

    When searches are delayed until some time after the arrest, courts generally have allowed warrantless searches of the person, including containers the arrestee carries, while rejecting searches of possessions that were within an arrestee’s control. These no longer present any danger to the officer or risk of destruction because the arrestee is now in custody.

    The question remains whether the SITA doctrine authorizes warrantless searches of the data on cell phones and computers carried by or located near the arrestee. There are very few cases addressing this question. In one case in Kansas, for example, the arresting officer downloaded the memory from the arrestee’s cellphone for subsequent search. The court found that this seizure did not violate the Fourth Amendment because the officer only downloaded the dialed and incoming numbers, and because it was imperative to preserve the evidence given the volatile, easily destroyed, nature of cell phone memory.

    In contrast, in another case in California, the court held that a cellphone search was not justified by the SITA doctrine because it was conducted for investigatory reasons rather than out of a concern for officer safety, or to prevent the concealment or destruction of evidence. The officers could seize the phone, and then go obtain a warrant to do any searching of it. The decision rejected the idea that the data searched was not private, in light of the nature and amount of information usually stored on cell phones and laptops.

    Police at the door: Arrest warrants if the police arrive at your home or office with an arrest warrant, go outside, lock the door, and give yourself up. Otherwise, they’ll just force their way in and arrest you anyway, and then be able to search nearby. It is better to just go peacefully without giving them an excuse to search inside.

    Police at the door: Searches of electronic devices incident to arrest if you are arrested, the officers are going to seize all the property on your person before you are taken to jail. If you have a cell phone or a laptop, they will take that too. If you are sitting near a cell phone or laptop, they may take those as well. The SITA doctrine may allow police to search the data. It may also allow copying for later search, though this is well beyond what the SITA doctrine’s original justification would allow.

    You can and should password protect your devices to prevent this potentially unconstitutional privacy invasion. But for much stronger protection, consider protecting your data with file and disk encryption.

    Prudent arresting officers will simply secure the devices while they get a warrant. There’s nothing you can do to prevent that. Do not try to convince the officers to leave your phone or laptop behind by disavowing ownership. Lying to a police officer can be a crime. Also, prosecutors may use your statements against you later to argue that you do not have the right to challenge even an illegal search or seizure of the device, while still being able to introduce information stored on the device against you.


    Another Powerful Investigative Tool

    In addition to search warrants, the government has another very powerful legal tool for getting evidence — the subpoena. Subpoenas are legal documents that demand that someone produce specific documents or appear in court to testify. The subpoena can be directed at you to produce evidence you have about yourself or someone else, or at a third party to produce evidence they have collected about you.

    • Subpoenas demand that you produce the requested evidence, or appear in court to testify, at some future time. Search warrants, on the other hand, are served and executed immediately by law enforcement with or without your cooperation.
    • Subpoenas, unlike search warrants, can be challenged in court before compliance. If you are the recipient of the subpoena, you can challenge it on the grounds that it is too broad or that it would be unduly burdensome to comply with it. If a judge agrees, then the court may quash the subpoena so you don’t have to produce the requested evidence. You may also be able to quash the subpoena if it is seeking legally privileged material, or information that is protected by the First Amendment, such as a political organization’s membership list or information to identify an anonymous speaker. If the subpoena is directed to a third party that holds information about you, and you find out about it before compliance, then you can make a motion to quash the subpoena on the grounds of privilege or constitutional rights regardless of whether the third party decides it would otherwise comply. However, you have to do so before the compliance date. Subpoenas that are used to get records about you from third parties sometimes require that you be notified, but usually do not.
    • Subpoenas are issued under a much lower standard than the probable cause standard used for search warrants. A subpoena can be used so long as there is any reasonable possibility that the materials or testimony sought will produce information relevant to the general subject of the investigation.
    • Subpoenas can be issued in civil or criminal cases and on behalf of government prosecutors or private litigants; often, subpoenas are merely signed by a government employee, a court clerk, or even a private attorney. In contrast, only the government can get a search warrant.

    Police at the door: Subpoenas – What should you do if a government agent (or anyone else) shows up with a subpoena?


    Subpoenas are demands that you produce evidence at some time in the future. A subpoena does not give anyone the right to enter or search your home or office, nor does it require you to hand over anything immediately. Even a “subpoena forthwith”, which asks for immediate compliance, can not be enforced without first going to a judge.

    So, if someone shows up with a subpoena, don’t answer any questions, don’t invite them in, and don’t consent to a search — just take the subpoena, say thank you, close the door and call a lawyer as soon as possible!

    What Can I Do To Protect Myself?

    You can’t stop or prevent a seizure of your computers, and your best defense against a subpoena is a lawyer, but there are still steps you can take to prevent a search of your computers without your cooperation, and minimize what information the government can get its hands on.

    Develop a Data Retention and Destruction Policy

    If You Don’t Have It, They Can’t Get It

    The best defense against a search or a subpoena is to minimize the amount of information that it can reach. Every organization should have a clear policy on how long to keep particular types of information, for three key reasons:

    • It’s a pain and an expense to keep everything.
    • It’s a pain and an expense to have to produce everything in response to subpoenas.
    • It’s a real pain if any of it is used against you in court — just ask Bill Gates. His internal emails about crushing Netscape were not very helpful at Microsoft’s antitrust trial.

    Think about it — how far back does your email archive go? Do you really need to keep every email? Imagine you got a subpoena tomorrow — what will you wish you’d destroyed?

    Establish a retention policy. Your organization should review all of the types of documents, computer files, communications records, and other information that it collects and then develop a policy defining whether and when different types of data should be destroyed. For example, you may choose to destroy case files six months after cases are closed, or destroy Internet logs showing who visited your website immediately, or delete emails after one week. This is called a “document retention policy,” and it’s your best defense against a subpoena — they can’t get it if you don’t have it. And the only way to make sure you don’t have it is to establish a policy that everyone follows. Set a clear written policy for the length of time documents are kept (both electronic and paper documents). Having a written policy and following it will help you if you are accused of destroying documents to hide evidence.

    Do not destroy evidence. You should never destroy anything after it has been subpoenaed or if you have reason to believe you are under investigation and it is about to be subpoenaed — destruction of evidence and obstruction of justice are serious crimes that carry steep fines and possible jail time, even if you did not do the original crime. Nor should you selectively destroy documents — for example, destroying some intake files or emails but not others — unless it’s part of your policy. Otherwise, it may look like you were trying to hide evidence, and again might make you vulnerable to criminal charges. Just stick to your policy.

    Destroying paper documents. Remember, your trash is fair game under the Fourth Amendment, so just tossing your old membership rolls in the garbage is not the way to go.

    If you are concerned about the privacy of the documents that you throw away (and you should be!), you should destroy them before they go in the trash. At the very least you should run documents through a “cross-cut” paper shredder that will cut them in two directions and turn them into confetti, and then mix up the shreds from different documents to make them harder to put back together (documents cut in one direction by “strip-cut” shredders are very easy to put back together). If you have evidence giving you reason to believe that your trash is being or is about to be searched, you should also completely burn all of the shreds. Even if you’re not particularly worried about someone searching your trash, you should still destroy or thoroughly erase any computer equipment or media that you throw out.

    If you destroy any of your papers and disks before throwing them out, you should try to destroy all of them, even the ones you don’t need to keep private. If you don’t destroy everything, anyone with access to your trash can will be able to quickly isolate the shreds of your private documents and focus on reconstructing them. Both government investigators and identity thieves often have the manpower and time necessary to reconstruct your shredded documents — even the burned ones, in some crime labs.

    Your web browser’s watching you, so you have to watch your browser. In a recent trial, government forensics experts were able to retrieve web pages of Google search results that the suspect downloaded years ago — his web browser had “cached” copies of the pages. It was a murder trial, and the suspect had Googled for information about breaking necks and the depth of the local lake, where he ended up dumping the body. The suspect was convicted.

    Hopefully, you have much more innocent things you’d like to keep private, but the point is that your browser is a security hole that needs to be plugged. You need to take regular steps to clear out all the stuff it’s been storing, such as a history of the web sites you’ve visited and the files you have downloaded, cached copies of web pages, and cookies from the web sites you visit (which we will talk more about later). In particular, it’s a bad idea to have the browser save your passwords for web sites, and it’s a bad idea to have it save the data you’ve entered into web forms. If your computer is seized or stolen, that information will be compromised. So consider turning these features off completely. Not having these features is less convenient — but that’s the security trade-off. Are you worried enough about your computer’s security that you’re willing to type a few extra times each day to enter a password or a web address?

    Visit our Defensive Technology article on web browsers for help with browser hygiene and other recommendations to improve security.

    Your instant messenger software is probably watching you too. Many instant messaging (IM) clients are set by default to log all of you IM conversations. You should check the software’s preferences so you know what it’s doing, and figure out how these logs fit into your retention policy. Will you clean them out every month? Every week? Or will you take the simple route and just set the preferences so that your IM client doesn’t log any messages at all? The choice is up to you, but because people often treat IM like an in-person conversation and often say things they normally wouldn’t in an email, you should consider such logs very sensitive. If you do insist on logging your IMs, all the more reason to make sure they are protected by encryption. For more information, check out our Defensive Technology article about instant messaging.

    Minimize computer logging. If you run a network, an email server or a web server, you should consider reducing or eliminating logging for those computer and network services, to protect the privacy of your colleagues and your clients. For more information, refer to EFF’s “Best Data Practices for Online Service Providers.

    When you delete computer files, really delete them. When you put a file in your computer’s trash folder and empty the trash, you may think you have deleted that file — but you really haven’t. Instead, the computer has just made the file invisible to the user, and marked the part of the disk drive that it is stored on as “empty” — meaning, it can be overwritten with new data. But it may be weeks, months, or even years before that data is overwritten, and the government’s computer technicians can often retrieve data that has been overwritten by newer files. Indeed, no data is ever really deleted, just overwritten over time, and overwritten again.

    The best way to keep those “deleted” files hidden, then, is to make sure they get overwritten immediately, and many times. Your operating system probably already includes software that will do this, and overwrite all of the “empty” space on your disk with gibberish, dozens or hundreds of times, and thereby protect the confidentiality of deleted data. Visit the secure deletion article to learn more about how to do this in various operating systems.

    In addition to using a secure deletion tool, you should consider using encrypted storage. Visit the disk encryption article for more information.

    Destroying hardware and electronic media. When it comes to CD-ROMs, you should do the same thing you do with paper — shred ‘em. There are inexpensive shredders that will chew up CD-ROMs. Never just toss a CD-ROM out in the garbage unless you’re absolutely sure there’s nothing sensitive on it.

    If you want to throw a piece of hardware away or sell it on EBay, you’ll want to make sure no one can retrieve your data from it. So, before selling or recycling a computer, be sure to overwrite its storage media with gibberish first. Darik’s Boot and Nuke is an excellent free tool for this purpose.

    Make data hygiene a regular habit, like flossing. The easiest way to keep this all straight is to do it regularly. If you think you face a high risk of government seizure, or carry a laptop around with you and therefore face a high risk of theft or loss, perhaps you should do it at the end of each day. If not, you might want to do it once a week.

    For example, at the end of each week you could:

    • Shred any paper documents or electronic media that are scheduled for destruction under your policy.
    • Delete any emails or other documents that are scheduled for deletion under your policy.
    • Clear your browser of all logs.
    • Run your secure-deletion software to overwrite all of the newly deleted stuff.

    Have your organization put this weekly ritual or something like it in its written policy. You’ll be glad you did.

    Master the Basics of Data Protection

    We’re not going to lecture you on how to physically secure your office, because as we’ve said before, if the government has permission from a court to bust in, they are going to bust in regardless of what you do. We’re more concerned here about what they can do to your computers once they are inside. Here are some steps to ensure that just because someone has physical access to your machine it doesn’t mean they’ll be able to get at all the data inside of it:

    Require logins! Operating systems can be set to automatically log into a user account when the machine boots. Disable this feature! Require that the user provide a username and password before the machine will allow access to a user account.

    Require screensaver logins too! Set the screensaver on your system to start automatically after a short time (such as 2 or 5 minutes) and to require that the user supply their password again before the screensaver will unlock. All operating systems support a feature like this, and it makes no sense not to use it.

    Access controls are only as strong as your authentication mechanism. In other words, if your password is “12345” or your dog’s name, or if you keep your password in a drawer next to your computer, your files may be accessible to anyone who has access to your computer and has a couple minutes to guess some passwords or look through your desk. Follow the next section‘s advice to generate and manage strong passwords effectively.

    Choose your system-admin wisely. In mainstream operating systems, the systems administrator must be “trusted” – that is, he or she is always able to circumvent access controls. Therefore, your organization’s management must take care when selecting and training systems administrators, to ensure that he or she is worthy of trust. Trustworthy administrators will adhere to a code of professional ethics such as that published by the Systems Administrators Guild.

    Guest accounts. To provide availability for unauthorized users, if that is desired, create a guest account for general use, and make sure that it cannot modify the operating system or cause other damage to the system. Ensure that the guest account does not have the privilege to read or modify sensitive files.

    Learn How to Use Passwords Properly

    Choosing a Password

    Longer and more complex passwords are more secure. If the government seizes your computer it can quickly guess simple passwords by automatically trying large lists of words from a dictionary. Automated dictionary attacks use lists of regular words as well as proper names and common variations of these (e.g. adding a number to a dictionary word or replacing letters with similar numbers, e.g. replacing o with 0).

    So, if it’s human-readable, it’s computer-breakable. Don’t use names, song titles, random words or any dictionary words at all, whether alone, in combination with numbers, or with letters replaced by numbers – the government can and will break it. For stronger password security, use a lengthy passphrase that includes upper- and lower-case letters, one or more numerical digits and special characters (e.g. #,$ or &), and change it frequently.

    New computer hardware usually comes with default passwords, such as “password” or “default” or the name of the technology vendor. Always change the default passwords immediately!

    Password Management

    When it comes to passwords, the only truly secure password is the one that’s only in your head. Written-down passwords can be seized or subpoenaed. But there’s a tough trade-off — the better your password, the harder it’ll be to remember. And if you forget the password and don’t have it recorded somewhere, you could lose access to a critical asset at just the wrong time — perhaps even forever.

    Although we recommend memorizing your passwords, we recognize you probably won’t. So, here are a few other options to consider:

    Use a password safe. There are a number of software tools available that will keep all of your passwords for you on your computer, in an encrypted virtual safe, which you access with one master password. Just remember to never write down the password to your password safe — that piece of paper can become a single point of failure for all of your password-secured assets. This brings another drawback, of course — if you forget that master password, you’ve lost all of your other passwords forever.

    Carry your passwords on paper, in your pocket. This is a somewhat controversial solution promoted by security expert Bruce Schneier — even though he wrote the digital password management program Password Safe. Schneier advocates that people keep their passwords in their wallets. What you sacrifice in security, the argument goes, is made up for by the convenience — with easy access to your passwords, you’re more likely to use very strong ones that you couldn’t remember otherwise, plus you can access your passwords even when you’re away from your computer. An added benefit is that when your passwords are in your wallet, you’ll find out very quickly if they’ve been lost or stolen.

    However, to mitigate the risk of a loss, add a certain number of dummy characters before and after the real passwords to make it harder to identify them, and use simple code-words to indicate what asset they protect, rather than saying “Chase Manhattan Bank” or “Work Computer.”

    Don’t use the same password to protect multiple assets. Sure, it’s OK to use the same password to log into the New York Times web site that you use for the Washington Post, because those aren’t valuable assets. But when it comes to the important stuff, use unique passwords. That way, even if one asset is compromised, the others are still safe.

    Never keep a password in the same physical location as the asset it protects, unless it’s encrypted. This is the biggest password boo-boo, and it’s an object lesson in security planning: if a security measure is too inconvenient for day-to-day use, people won’t use it correctly. Your password is worse than useless if it’s on a sticky note next to your computer, and probably useless against secret searches if it is anywhere in the same office. Again, this is why Bruce Schneier recommends keeping your passwords in your pocket — you’ll have stronger passwords, and you won’t leave them lying around.

    Change passwords regularly. A password may have already been compromised and you just don’t know it. You should change passwords every week, every month, or every year — it all depends on the threat, the risk, and the value of the asset, traded against usability and convenience.

    Encrypt Your Data

    Requiring a strong password to log onto accounts on your computer is a good security step. But when the government is your attacker, it’s not nearly enough. If the government seizes your computer, all it has to do to get around your account protection is to take the hard drive out and stick it into another computer to get around your password protection. Similarly, if you were subject to a sneak-and-peek search, the government could sneak in with their own hardware, take your hard drive out and copy it, and then replace it without you ever knowing. Your best and only protection against this is to encrypt the data that’s on your computer so the government can’t read it. If you’re not familiar with encryption, how it works, and what it does, check out our technology article about encryption basics.

    You should also find out more about how to choose and use file and disk encryption software.

    So I used file encryption and the government seized my computer — now what? Well, first off, don’t give them your password during the search — you have the right to remain silent, so use it. Since they can’t search your encrypted files without your help, you’ve got leverage that most search targets never have. But now you’ve done all you can — now it’s time to call a lawyer. (Anyway, you should have called as soon as the computer was seized, right?)

    A lawyer may be able to get your property back if the warrant was improper, negotiate a deal with the government’s attorneys to limit the search or get important files back, or convince the court to strictly limit the search so that they won’t search files that are legally privileged (like confidential legal or medical records), protected by the First Amendment (like private membership lists), or irrelevant to the case.

    Alternatively, a prosecutor may ask a judge to order you to turn over your password. The law is unclear on whether such an order would be valid, but that is a matter to face with the assistance of counsel. No one other than a judge can force you to reveal your password.

    Protect Yourself Against Malware

    Although it’s been confirmed that the government has used remotely-installed spyware in at least one criminal investigation, and probably many more, the risk of Internet-based attack from the government is still hard to judge. However, there is definitely a high risk from just about every other bad guy on the net. Network-based threats to computers include denial of service (e.g., flooding the network or causing the computers to crash) and software and/or data theft or destruction (“hacking”). In addition, malicious users could hijack your computers so they can be used to attack other computers and networks. The risk that this threat will materialize for any computer connected to the Internet is a near-certainty. For example, a recent report concludes that 80 percent of Windows computers in homes has been compromised by one or more viruses, worms, or other malicious software.

    Since this guide is about the government and not hackers, and since there are plenty of other resources about fighting viruses and the like, we’ll only share some basic thoughts on how to secure yourself against Internet-based attacks. Several of these steps will help protect you from any hacker, be it a government agent or an identity thief:

    For maximum security, create an “air gap” between sensitive data and the Internet. To protect confidentiality and integrity, do not connect computers that store sensitive information to the Internet or other public networks. Any computer connected to the Internet is exposed and possibly vulnerable to a huge number of attacks.

    Avoid Microsoft products where possible. Computers using the Microsoft Windows platform are especially vulnerable as of this writing (although no operating system is immune to all potential attacks). Consider using a non-Microsoft operating system if possible. However, if you have to use Microsoft Windows and you are connecting to the Internet, your best bet is to minimize the number of Microsoft Internet applications you use – for example, use Firefox as a browser or Thunderbird as a mail client. Microsoft’s Internet Explorer and its email programs Outlook and Outlook Express are very difficult for even professionals to secure. Furthermore, adversaries tend to attack more popular platforms and applications.

    Keep your software updated. Use the latest stable version of your operating system. As of this writing, Windows 95, 98, and ME are utterly obsolete. You should be using at least Windows Server 2003 for servers and Windows XP for clients, with all patches and service packs applied. For Macintosh computers, use OS X 10.4 or greater, with all patches applied. For Linux and Unix, get whatever version is the most recent stable release, and follow all updates. It is especially important not to let server software versions lag behind, since servers are always on and always connected.

    Maintain your firewalls. Firewalls are software or hardware components that protect your computer or network from the Internet, blocking traffic based on network-related parameters like IP addresses and port numbers. Firewalls can protect against those who want to access your computer without permission. Configuring network firewalls is pretty tough for the layperson and beyond the scope of this guide, but you should learn how to use the personal firewall software that’s included in most recent operating systems.

    For more detailed information about malware, check out the Malware article in the Defensive Technology section.

    Summing Up

    If You Don’t Keep It, They Can’t Get It; If You Do Keep It, Encrypt It!

    In a nutshell: if you don’t want the government to see itencrypt it or don’t keep it.

    Subpoenas are less threatening than search warrants, but pose a much greater risk. Only a good lawyer can help you avoid having to respond to a subpoena, and often times even a good lawyer will fail, and you’ll have to turn the information over or face contempt charges. The best defense against a subpoena is to not have what they are looking for.

    Not having what they’re looking for is also your best defence against a search warrant, which is a much higher threat but lower risk. After that your best bet is encryption. You may not be able to stop the government from seizing your computers, but by using encryption you might be able to stop them from searching the data on those computers.

    Data on the Wire

    Electronic Surveillance and Communications Privacy

    In this section, you’ll learn about what the government can do — technically and legally — when it wants to conduct real-time surveillance of your communications, whether by planting a “bug” to eavesdrop on your face-to-face conversations, “wire-tapping” the content of your phone calls and Internet communications, or using “pen registers” and “trap and trace devices” to track who you communicate with and when. We’ll also discuss what steps you can take to defend against this kind of surveillance, with a focus on how to use encryption to protect the privacy of your communications.

    What Can the Government Do?

    When the government wants to record or monitor your private communications as they happen, it has three basic options, all of which we’ll cover in-depth: it can install a hidden microphone or “bug” to eavesdrop on your conversation; it can install a “wire-tap” to capture the content of your phone or Internet communications as they happen; or it can install a “pen register” and a “trap and trace device” to capture dialling and routing information indicating who you communicate with and when. In this section, we’ll lay out the legal rules for when the government can conduct these types of surveillance, and look at some statistics to help you gauge the risk of having your communications targeted.


    Wire-tapping By The Government is Strictly Regulated

    When it comes to secretly eavesdropping on your conversations — whether you’re talking in private or public, on the phone or face to face, by email or by instant messenger — no one’s got better funding, equipment or experience than the government. They are capable of “bugging” you by using tiny hidden microphones that they’ve installed in your home, office, or anywhere else that you have private conversations. They can also bug you from long distances or through windows using high-powered microphones, or even laser microphones that can hear what you say by sensing the vibrations of your voice on the window’s glass. They can put a “wire” or a small hidden microphone on an informant or undercover police officer to record their conversations with other people. Or they can conduct a “wiretap,” where they tap into your phone or computer communications.

    Use of these investigative techniques is regulated by very strong laws that protect the privacy of your communications against any eavesdropper, including law enforcement, and we’ll describe those below. (Another set of laws regulating surveillance for foreign intelligence and national security purposes will be discussed later.)

    However, it’s important to note at the outset that the government has been known to break these laws and spy on communications without going to a judge first, usually in the name of national security. Indeed, as was first revealed in December 2005, since 9/11 the National Security Agency (NSA) has been conducting a massive and illegal program to wire-tap the phone calls and emails of millions of ordinary Americans without warrants, hoping to discover terrorists by sifting through the mounds of data using computers (for more details, see EFF’s NSA Spying page and the Beyond FISA section of this guide).

    One might hope that the information collected as part of the NSA’s dragnet surveillance will only be used against real terrorists, but there’s no guarantee, particularly when there’s no court oversight. And we don’t have any hard data about how the NSA actually uses that information, with whom it is shared, or how long it is stored. So, although communications that have been illegally wiretapped by the NSA are unlikely to be used against you in a criminal trial — the Fourth Amendment’s exclusionary rule would likely disallow it — there’s no knowing whether it might be used against you in the future in some other way.

    Therefore, regardless of the strengths of the laws described below, you should consider wiretapping to be a high risk, unless and until the NSA program is stopped by Congressional action or a successful lawsuit. EFF is currently suing the government and the individual officials responsible for the NSA program (see http://www.eff.org/cases/jewel), as well as AT&T, one of the companies assisting in the illegal surveillance (seehttp://www.eff.org/nsa/hepting), to try and stop the surveillance.

    Wire-tapping Law Protections

    Wire-tapping Law Protects “Oral,” “Wire,” and “Electronic” Communications Against “Interception”

    Before 1967, the Fourth Amendment didn’t require police to get a warrant to tap conversations occurring over phone company lines. But that year, in two key decisions (including the Katz case), the Supreme Court made clear that eavesdropping — bugging private conversations or wire-tapping phone lines — counted as a search that required a warrant. Congress and the states took the hint and passed updated laws reflecting the court’s decision and providing procedures for getting a warrant for eavesdropping.

    The federal wire-tap statute, originally passed in 1968 and sometimes called “Title III” or the Wire-tap Act, requires the police to get a wire-tap order — often called a “super-warrant” because it is even harder to get than a regular search warrant — before they monitor or record your communications. One reason the Fourth Amendment and the statute give us more protection against government eavesdropping than against physical searches is because eavesdropping violates not only the targets’ privacy, but the privacy of every other person that they communicate with.

    The Supreme Court has also said that since eavesdropping violates so many individuals’ privacy, the police should only be allowed to bug or wire-tap when investigating very serious crimes. So, the Wire-tap Act contains enumerated offences — that is, a list of crimes — that are the only ones that can be investigated with a wire-tap order. Unfortunately, Congress has added so many crimes to that list in the past 30 years that now practically any federal felony can justify a wire-tap order.

    The Wiretap Act requires the police to get a wiretap order whenever they want to “intercept” an “oral communication,” an “electronic communication,” or a “wire communication.” Interception of those communications is commonly called electronic surveillance.

    An oral communication is your typical face-to-face, in-person talking. A communication qualifies as an oral communication that is protected by the statute (and the Fourth Amendment) if it is uttered when you have a reasonable expectation that your conversation won’t be recorded. So, if the police want to install a microphone or a “bug” in your house or office (or stick one outside of a closed phone booth, like in the Katz case), they have to get a wiretap order. The government may also attempt to use your own microphones against you — for example, by obtaining your phone company’s cooperation to turn on your cell phone’s microphone and eavesdrop on nearby conversations.

    wire communication is any voice communication that is transmitted, whether over the phone company’s wires, a cellular network, or the Internet. You don’t need to have a reasonable expectation of privacy for the statute to protect you, although radio broadcasts and other communications that can be received by the public are not protected. If the government wants to tap any of your phone calls — landline, cellphone, or Internet-based — it has to get a wiretap order.

    An electronic communication is any transmitted communication that isn’t a voice communication. So, that includes all of your non-voice Internet and cellular phone activities like email, instant messaging, texting and websurfing. It also covers faxes and messages sent with digital pagers. Like with wire communications, you don’t need to have a reasonable expectation of privacy in your electronic communications for them to be protected by the statute.

    Privacy tip: Voice communications have more legal protection.Under the Wiretap Act, although a wiretap order is needed to intercept your email and other electronic communications, only your oral and wire communications — that is, voice communications — are covered by the statute’s exclusionary rule. So, for example, if your phone calls are illegally intercepted, that evidence can’t be introduced against you in a criminal trial, but the statute won’t prevent the introduction of illegally intercepted emails and text messages.

    An interception is any acquisition of the contents of any oral, wire, or electronic communication using any mechanical or electronic device — for example, using a microphone or a tape recorder to intercept your oral communications, or using computer software or hardware to monitor your Internet and phone communications. Wiretap law does not protect you from government eavesdroppers that are just using their ears.

    Although the government may get a super-warrant to “intercept” your communications, it is not allowed to prevent your communications from occurring. For example, the government can’t prevent your calls from being connected, block your emails and their attachments, or otherwise interfere with your communications based on an intercept order. In fact, if their goal is to gather intelligence on you by tapping your communications, it will not be in their best interest to interfere in your communications and possibly tip you off to their surveillance, which might prompt you to use another communications method that may be more difficult to tap.

    According to the Wiretap Act, it’s a crime for anyone that is not a party to a communication — anyone that isn’t one of the people talking, listening, writing, reading, or otherwise participating in the communication — to intercept the communication, unless at least one of the parties to the communication has previously consented to (agreed to) the interception. Many state wiretap laws require all parties to consent, but those laws control state and local police, not the feds. If the police want to intercept an oral, wire, or electronic communication to which they are not a party and for which they have no consent, they have to get a wiretap order. Of course, an undercover police officer or informant that is talking to you while wearing a wire is a party to the conversation and has consented to the interception.

    Privacy tip: Wiretapping and public websites, newsletters, and message boardsThe police do not need to get a wiretap order to read your organization’s website, sign up for your email newsletter, visit your public MySpace or Facebook profile or pose as a member in an Internet chat room. Since those are all open to the public, you’re allowing the police to become a party to those communications.

    Getting a Court Order Authorizing a Wire-tap

    It Isn’t Easy

    The requirements for getting a wiretap order from a judge are very strict. The Wiretap Act (and similar state statutes) requires law enforcement to submit a lengthy application that contains a full and complete statement of facts about (1) the crime that has been, is being, or is about to be committed and (2) the place, like your house or office, and/or the communications facilities, like those of your phone company or ISP, from which the communications are to be intercepted. The government must also submit a particular description of (3) the communications sought to be intercepted and (4) the identity of the persons committing the crime (if known) and of the persons whose communications are to be intercepted. Finally, the government must offer 5) a full and complete statement of whether other investigative procedures have been tried and have failed or why they appear unlikely to succeed or are too dangerous, (6) a full and complete statement of the period of time for which the interception is to be maintained, and (7) a full and complete statement about all previous wiretap applications concerning any of the same persons, facilities, or places.

    The court can then issue the wiretap order only if it finds probable cause to believe that (1) a person is committing an enumerated offense (one of the crimes listed in the Wiretap Act); (2) communications concerning that crime will be obtained through the interception; and (3) the facilities from which the communications are to be intercepted are being used in connection with the commission of the offense. The court must also find that normal investigative techniques have failed, appear unlikely to succeed, or would be too dangerous.

    The wiretap order, if issued, will almost always require the cooperation of some other person for it to be carried out. For example, the police can make your landlord let them into your apartment to install a bug, or, more often, force your ISP or phone company to help them intercept your phone or Internet communications. The wiretap order will include a “gag order” prohibiting anyone who cooperated with the police from telling you — or anyone else — about the wiretap.

    It’s important to note that when it comes to tapping your Internet or phone communications, third parties like your ISP or your phone company can act as an important check on police abuse. In general, the police need their cooperation, and most will not cooperate unless there is a valid wiretap order requiring them to (otherwise, they could be violating the law themselves). However, as AT&T and other companies’ cooperation in the NSA’s illegal wiretapping shows, these companies can never be a perfect check against government abuse, particularly when the government cites national security as its goal.

    Although law enforcement can intercept your communications without your knowledge, they generally have to tell you about it when they are done. A wiretap order initially lasts for 30 days, and investigators can obtain additional 30-day renewals from the court if they need more time. But after the interception is completed and the wiretap order expires, an inventory must be issued to the person(s) named in the wiretap order and, as the judge may require, to other persons whose communications were intercepted.

    Wiretap Statistics

    How Big is The Risk?

    A wiretap is an incredibly powerful surveillance tool. A single wiretap can invade the privacy of dozens or even hundreds of people. Fortunately, wiretaps in criminal investigations are pretty rare. Here are some numbers to keep in mind when calculating the risk of government wiretaps to you or your organization, according to the 2007 Wiretap Report to Congress from the Administrative Office of U.S. Courts:

    • In 2007, according to the report, 2,208 applications for wire-tap orders were submitted to state and federal courts. 457 were in federal cases, the rest state. The courts granted every application, and of the 2,208 authorized wiretaps, 2,119 of them were installed.
    • Although it may appear that the number of federal wiretaps has been steadily dropping since 2004, in contrast to the sharp rise in state wiretaps, the truth is much more troubling. According to the latest report, the U.S. Department of Justice has in recent years declined to provide information about all of its wiretap activity for the report, in order to protect “sensitive and/or sealed” information. The Department of Justice admits that if it did provide all of that information, however, the 2007 report “would not reflect any decrease in the use of court-approved electronic surveillance” by U.S. agencies. So, the feds aren’t wiretapping any less — they’re just being even more secretive about it — and presumably the number of federal wiretaps is growing at the same rate as the state number.
    • On average, according to the report, each installed wiretap intercepted over 3,000 separate communications.
    • On average, according to the report, each installed wiretap intercepted the communications of 94 different people. In other words, the 2,119 installed wiretaps reported in 2007 intercepted the communications of nearly two hundred thousand people!
    • “Roving” wiretap orders are especially powerful. Instead of being limited to particular phone lines or Internet accounts, these orders allow the police to tap any phone or computer that the suspect uses, even if it isn’t specified in the order itself. In 2007, 21 roving wiretap orders were reported by state authorities, mostly in narcotics cases. The federal authorities didn’t report any roving wiretaps, but that doesn’t mean they didn’t use them; the Department of Justice likely thinks all of its roving wiretaps were in cases too “sensitive” to warrant reporting.
    • Over 80% of all reported wiretap orders in 2007 were issued in drug investigations.Wiretap orders by crime:
    • Nearly 95% of the 2,119 wiretap installations reported in 2007 were for the interception of wire communications — that is, taps on phones — rather than for interception of electronic communications. It’s doubtful that the federal authorities have been fully forthcoming on this point — they reported only one (!) wiretap of electronic communications and only three wiretaps that collected a combination of wire and electronic communications — but it’s clear that telephone wiretaps are still much more prevalent than Internet wiretaps. One major reason for this is that the government has another way of getting at your Internet communications, under less strict legal requirements: by obtaining stored copies of your communications from your ISP or your email provider, as described in the next section, Information Stored By Third Parties. Oral intercepts — through the bugging of your home or car or office, for example — are also quite rare. You’re more likely to have your oral conversations intercepted by an undercover agent or informant wearing a hidden microphone, since such conduct does not require a wiretap order.Wiretaps by type of communication intercepted:

    In conclusion, although the annual Wiretap Report is no longer as useful a gauge as it once was due to the Department of Justice’s recent withholding of information, it’s still clear that unless you’re suspected of dealing drugs (or targeted for foreign intelligence surveillance), the chances of you or your organization’s phone lines being tapped are fairly low, and the chances of your Internet communications being tapped are even lower. But remember, you don’t have to be a suspect to end up having your communications intercepted. So, for example, if your organization serves a client population arguably connected to criminal activity, or if you personally associate with “shady characters,” your risk goes up.

    “Pen Registers” and “Trap and Trace Devices”

    Less Powerful Than a Wiretap But With Much Weaker Privacy Safeguards

    There’s a particular type of communications surveillance that we haven’t discussed yet and that’s not included in the above numbers: surveillance using pen registers and/or trap & trace devices (“pen/trap taps”). Pen registers record the phone numbers that you call, while trap & trace devices record the numbers that call you. The Supreme Court decided in 1979, in the case of Smith v. Maryland, that because you knowingly expose phone numbers to the phone company when you dial them (you are voluntarily handing over the number so the phone company will connect you, and you know that the numbers you call may be monitored for billing purposes), the Fourth Amendment doesn’t protect the privacy of those numbers against pen/trap surveillance by the government. The contents of your telephone conversation are protected, but not the dialing information.

    Luckily, Congress decided to give us a little more privacy than the Supreme Court did — but not much more — by passing the Pen Register Statute to regulate the use of “pen/trap” devices. Under that statute, the police do have to go to court for permission to conduct a pen/trap tap and get your dialing information, but the standard for getting a pen/trap order is much lower than the probable cause standard used for normal wiretaps. The police don’t even have to state any facts as part of the Electronic Communications Privacy Act of 1986 — they just need to certify to the court that they think the dialing information would be relevant to their investigation. If they do so, the judge must issue the pen/trap order (which lasts for sixty days rather than a wiretap order’s thirty days). Also, unlike normal wiretaps, the police aren’t required to report back to the court about what they intercepted, and aren’t required to notify the targets of the surveillance when it has ended.

    With a pen/trap tap on your phone, the police can intercept:

    • The phone numbers you call
    • The phone numbers that call you
    • The time each call is made
    • Whether the call was connected, or went to voicemail
    • The length of each call
    • Most worrisome, we’ve heard some reports of the government using pen/trap taps to intercept content that should require a wiretap order: specifically, the content of SMS text messages, as well as “post-cut-through dialed digits” (digits you dial after your call is connected, like your banking PIN number, your prescription refill numbers, or your vote for American Idol).

    That information is revealing enough on its own. But pen/traps aren’t just for phones anymore — thanks the USA PATRIOT Act, the government can now use pen/trap orders to intercept information about your Internet communications as well. By serving a pen/trap order on your ISP or email provider, the police can get:

    • All email header information other than the subject line, including the email addresses of the people to whom you send email, the email addresses of people that send to you, the time each email is sent or received, and the size of each email that is sent or received.
    • Your IP (Internet Protocol) address and the IP address of other computers on the Internet that you exchange information with, with timestamp and size information.
    • The communications ports and protocols used, which can be used to determine what types of communications you are sending using what types of applications.
    • Although we don’t think the statute allows it, the police might also use pen/trap taps to get the URLs (web addresses) of every website you visit, allowing them to track what you are reading when you surf the web. The Department of Justice’s apparent policy on this score is to collect information about what site you are visiting — e.g., “www.eff.org” — using pen/trap taps, but to obtain a wiretap order before collecting information about what particular page or file you are visiting — e.g., “www.eff.org/nsa”. However, there’s no way to confirm that federal authorities actually follow this policy in all cases, and serious doubt as to whether state authorities do.

    (If you are confused by terms like “IP addresses” and “communications ports and protocols”, you may want to take a quick look at ouvery basic explanation of how the Internet works.)

    Pen/trap taps enable what the security experts call traffic analysis. That’s when an attacker tries to discover information about an asset by analysing how it moves. For example, if your organization is working with another organization and you need to keep the relationship confidential, traffic analysis of your Internet communications could reveal the connection and show who you emailed, who you instant messaged with, what web sites you visited, and what online forums you posted to. It could also show when those communications occurred and how big they were.

    For the government, the usual goal of a pen/trap tap is to identify who you are communicating with and when. In particular, individuals can often be identified based on the IP address assigned to their computer. IP addresses are generally allotted in batches, semi-permanently, to institutions such as universities, Internet service providers (ISPs), and businesses. Depending how the institution distributes its IP address allotment, it may be more or less difficult to link specific computers, and users, to certain IP addresses. It is often surprisingly easy. ISPs often keep detailed logs about IP address allotment, and as we’ll discuss later, those logs are easy for the government to get using a subpoena. Similarly, if the government is collecting email addresses with a pen/trap, it’s easy for them to go to the email provider and subpoena the identity of the person who registered that address.

    Another purpose of pen/trap taps is to access information about your cell phone’s location in real-time. When your handset is powered on, it connects to nearby cell towers to signal its proximity, so that the towers can rapidly route a call when it comes through. Law enforcement can use pen/trap devices to monitor these connections, or “pings”, to pinpoint the physical location of the handset, sometimes within a few meters. And although Congress has made clear that pen/trap orders alone cannot be used to authorize this sort of location surveillance, it hasn’t yet clarified what type of court order would suffice. So, although many courts have chosen to require warrants for location tracking, others have not, and the government has routinely been able to get court authorization for such tracking without probable cause.

    As already noted, court authorization for a pen/trap tap is much easier to get than a wiretap order. We don’t know how many pen/trap orders get issued every year — unfortunately, there is no annual report on pen/trap surveillance like there is for wiretapping — but we have heard unofficial numbers that reach into the many tens of thousands. Therefore, the risk of being subjected to pen/trap surveillance is higher than the risk of being wiretapped.

    What Can I Do To Protect Myself?

    In the last section, you learned that wiretapping and pen-trap tapping are powerful and routine government surveillance techniques, and got an idea of how often those techniques are legally used. In this section, you’ll learn how to defend yourself against such real-time communications surveillance. As we’ll describe in detail below, unless you take specific technical measures to protect your communications against wiretapping or traffic analysis — such as using encryption to scramble your messages — your best defense is to use the communications methods that possess the strongest and clearest legal protections: postal mail and landline telephones.

    Electronic Eavesdropping is Legally Hard for the Government, But Technically Easy

    As you learned in the last section, wiretapping is legally difficult for the government: it must obtain a hard-to-get intercept order or “super-warrant” from a court, subject to strict oversight and variety of strong privacy protections. However, wiretapping is typically very technically easy for the government. For example, practically anyone within range of your laptop’s wireless signal, including the government, can intercept your wireless Internet communications. Similarly, practically anyone within range of your cell phone’s radio signal, including the government, can — with a few hundred bucks to buy the right equipment — eavesdrop on your cell phone conversations.

    As far as communications that travel over telecommunications’ companies cables and wires rather than (or in addition to) traveling over the air, the government has very sophisticated wiretapping capabilities. For example, using a nationwide surveillance system called “DCSNet” (“DCS” stands for “Digital Collection System”) that is tied into key telecommunications switches across the country, FBI agents can from the comfort of their field offices “go up” on a particular phone line and start intercepting or pen-trap tapping wireline phone calls, cellular phone calls, SMS text messages and push-to-talk communications, or start tracking a cell phone’s location, at a moment’s notice. The government is believed to have similar capabilities when it comes to Internet communications. The extensive and powerful capabilities of the DCSNet, first uncovered in government documents that EFF obtained in a Freedom of Information Act lawsuit (details at http://www.eff.org/issues/foia/061708CKK), are well-summarized in the Wired.com article “Point, Click…Eavesdrop: How the FBI Wiretap Net Operates”.

    Using “bugs” to eavesdrop on your oral conversations has also gotten much easier for the government with changes in technology. Most notably, the government now has the technical capability, with the cooperation of your cell phone provider, to convert the microphone on some cell phones or the cell phone in your car’s emergency services system into a bug. The government likely also has the ability, with your phone company’s help, to open the line on your landline phone and use its microphone as a bug, although we’ve yet to see any specific cases where such landline phone-based bugging has been used. Finally, the government may even have the capability, using remotely-installed government malware, to turn on the microphone or camera on your computer.

    Choosing a Communication Method

    Old Ways are Often the Best Ways

    Considering the government’s broad capability to wiretap communications, there isn’t much difference in the technical risk that wiretapping poses to your phone calls versus your emails versus your SMS text messages. However, as described in the last section, there are differences in the legal protections for these modes of communication, and as will be described later in this section, there may be technical steps that you can take — such as encrypting your communications — that may be easier or harder depending on which communications method you choose.

    So, when thinking about securing your communications against eavesdropping and wiretapping, your first choice — whether to meet in person, call on the telephone, write an email, or tap out an SMS text or IM message — is also your most important choice. As you’ll see below, the least technically sophisticated modes of communication like face-to-face conversations and landline telephone conversations are often the most secure against unwanted eavesdropping, unless you and those you communicate with have mastered how to encrypt your Internet communications.

    Face-to-Face Conversations Are the Safest Bet

    As shown in the last section, government eavesdropping of your “oral communications” or face-to-face conversations using “bugs” or hidden microphones is very rare: only 20 court orders authorizing oral intercepts were reported in the 2007 wiretap report, compared to 1,998 orders authorizing wiretapping of “wire communications” or voice communications. In other words, you are 100 times more likely to have your phone conversations tapped than to have your face-to-face conversations “bugged”.

    Not only are your oral conversations at less risk than your phone conversations, but they also receive the same strong legal protections as your phone conversations. Like your phone calls and unlike your non-voice Internet communications, oral communications that are intercepted in violation of the Wiretap Act are subject to that statute’s exclusionary rule, and cannot be used against you as evidence in a criminal trial.

    Therefore, face-to-face conversations in private are the most secure method of communicating. Deciding whether to talk face-to-face rather than send an email or make a telephone call becomes a traditional security trade-off: is the inconvenience of having to meet face-to-face worth the security gain? Depending on whom you want to talk to and where they are, that inconvenience could be trivial or it could mean a cross-country trip. If the person you want to communicate with is in the same office or just next door, you may want to choose a private conversation even for communications that aren’t particularly sensitive. When it comes to your very most sensitive data, though, that cross-country flight might be worth the trade-off.

    Just because the risk of oral interception is very low doesn’t mean you shouldn’t take technical precautions to reduce that risk, particularly when it comes to very sensitive conversations. Therefore, depending on how convenient it is and how sensitive the conversation is — again, it’s a trade-off — you may want to have your conversation in a room that does not contain a landline telephone or a computer with a built-in or attached microphone or camera, and either not carry your cell phone or remove its battery (the microphone on some phones can be activated even when the phone is powered down, unless you remove the battery). Even if your conversation isn’t especially sensitive, it doesn’t hurt to detach external microphones and cameras from your laptop or cover the lens of attached cameras with a small piece of tape when they aren’t in use. It’s easy to do, and ensures that remote activation of those mics and cameras is one less thing to worry about.

    Using the Telephone is Still the Second Safest Bet

    If having an oral conversation is simply too great an inconvenience, the second most secure option — unless you’ve mastered how to encrypt your internet communications — is to use the phone. Even though your phone is statistically more likely to be wire-tapped than your Internet communications, the phone is still less risky than unencrypted Internet communications.

    This is true for several reasons. First and most important, your phone calls don’t generate copies of your communications — once your call is over, the communication disappears forever. Internet communications, on the other hand and as discussed more below, generate copies that make it easier and more likely that someone can find out what you said. The risk of subpoenas to get these copies is much higher than the risk of a phone wiretap. Also, many more potential adversaries have or can gain access to your Internet traffic than to your phone lines.

    Also, remember that “wire communications” — that is, voice communications — get more legal protection. If your voice communications are wiretapped in violation of the Wiretap Act, they won’t be allowed as evidence; illegally wiretapped Internet communications may still end up in court. That means that investigators have less reason to avoid stretching the law when it comes to your electronic communications.

    Speaking generally, just as phone conversations are a safer bet than unencrypted Internet communications, telephone conversations between landline telephones are a safer bet than telephone conversations that involve a cellular telephone.

    Most obviously, conversations that involve cellular telephones are technically much easier to tap than your landline phone conversations — anyone who is in range of a cell phone’s radio signal can listen in using a few hundred dollars worth of specialized cell phone interception equipment (for more discussion of the security threats posed to mobile devices like cell phones, see the article on mobile devices). If you are concerned that government agents may ignore the law and choose to intercept your phone conversations without a wiretap order, intercepting your cell phone’s radio signals would be an effective way for them to secretly do so, particularly considering that they do not need to get the assistance of the cell phone provider and that their radio-based interception wouldn’t leave any physical trace.

    Cell phone conversations may also be more vulnerable legally some courts have held that communications using cordless telephones are not protected by the Fourth Amendment, finding that there is no reasonable expectation of privacy in the radio signal sent between the cordless handset and the base station. The government may similarly consider the radio signal sent between your cell phone and the cell phone company’s cell tower to be unprotected by the Fourth Amendment.

    Privacy tip: Avoiding phone tap paranoiaContrary to popular belief, modern phone wiretaps used by the government don’t make any noise — no clicks, no hisses, no static, nothing. Don’t worry that the government is monitoring you if you happen to hear some unexplained noise on the phone line. You wouldn’t believe how often we’re told, “I think I’m being wiretapped — I keep hearing clicks!”

    What About Phone Calls Using the Internet?

    Your “wire communications” or voice communications are subject to stronger legal protections than your other communications, regardless of what communications medium you use. So, for example, whether government agents intercept your landline telephone call, your cellular telephone call, or a telephone call made over the Internet, the Wiretap Act’s exclusionary rule will prevent them from using that information as evidence against you in a criminal trial if they didn’t get a wiretap order first. In contrast, the statute wouldn’t prevent the government from using illegally intercepted “electronic communications” like text messages or emails as evidence.

    Therefore, you may want to consider using Voice-over-IP (VoIP) services, which allow you to send live voice communications — basically, phone calls — over the Internet. VoIP may be more private than regular calls for one big reason: it’s easier to encrypt your conversation, as encrypting regular phone calls is very difficult and expensive. Unfortunately, there isn’t any obviously effective and trustworthy option for encrypted VoIP that we can recommend at the moment. See our article on VoIP for futher details.

    Avoid SMS Text Messages If You Can

    Text messaging over your cell phone using SMS can be an incredibly quick and convenient way of communicating short messages, but from a privacy perspective, it poses some serious problems.

    First, just like your cell phone conversations, SMS text messages sent to and from your cell phone can easily be intercepted over radio with minimal equipment and without any cooperation from the cell phone provider.

    Second, just like with your cell phone conversations, it’s unclear whether the Fourth Amendment protects the radio signals that carry your SMS messages against interception. This uncertainty increases the possibility that the government may intercept such communications without a probable cause warrant.

    Third, and unlike your cell phone calls, SMS messages are “electronic communications” rather than “wire communications,” and therefore aren’t protected by the Wiretap Act’s exclusionary rule. That means the statute would allow the government to use your messages against you in a criminal case, even if they were intercepted without a wiretap order in violation of the statute.

    Finally, although the Wiretap Act clearly does require the government to obtain a wiretap order before intercepting SMS messages, just as with any other “electronic communication,” we have heard anecdotal reports of the government intercepting SMS messages without wiretap orders, instead using the much-easier-to-obtain pen/trap orders. These reports are bolstered by known cases where the government has obtained the content of stored SMS messages under the lesser standards reserved for non-content communications records.

    Putting all these factors together, we currently consider SMS messages to be highly vulnerable to government wiretapping, and recommend reserving that mode of communication for only the most trivial of communications, if you use it at all. The only exception is if you use encryption to protect your SMS messages. For now, SMS encryption software for cell phones is still quite rare, though you can find information about such software for Java-enabled phones here.

    Learn to Encrypt Your Internet Communications

    Always remember that anyone with access to a wire or a computer carrying your communications, or within range of your wireless signal, can intercept your Internet communications with cheap and readily available equipment and software. Lawyers call this wiretapping, while Internet techies call it “packet sniffing” or “traffic sniffing”. The only way to protect your Internet communications against wiretapping by the government or anyone else is by using encryption. Of course, it is true that most encryption systems can be broken with enough effort. However, breaking modern encryption systems usually requires that an adversary find a mistake in the way that the encryption was engineered or used. This often requires large amounts of effort and expense, and means that encryption is usually a critically significant defensive measure even when it isn’t totally impregnable.

    Encryption, unfortunately, isn’t always easy to use, so as in other cases, your decision of whether to use it will pose a trade-off: is the inconvenience of using the encryption worth the security benefit?

    The occasional inconvenience posed by some encryption systems is counter-balanced by the fact that encryption will protect you against much more than overzealous law enforcement agents. Your Internet communications are vulnerable to a wide range of governmental and private adversaries in addition to law enforcement, whether it’s the National Security Agency or a hacker trying to intercept your credit card number, and encryption will help you defend against those adversaries as well.

    Also, as described in later sections, encrypting your communications not only protects against wiretapping but can also protect your communications while they are stored with your communications provider. So, for example, even if the government is able to seize your emails from your provider, it won’t be able to read them.

    Considering all the benefits of encryption, we think that it’s usually worth the trade-off, although as always, your mileage may vary depending on your tolerance for inconvience and on how serious you judge the threat of wiretapping to be. In some cases, using encryption may not be inconvenient at all. For example, the OTR encryption system for IM is extremely easy to set up and use; there’s little reason not to give it a try. Check out the following articles to learn more about how you can use encryption to protect your internet communications against wiretapping, as well as against traffic analysis using pen-trap taps.

    Wi-Fi. Using encryption is especially critical when transmitting your Internet communications over the air using Wi-Fi, since pretty much anyone else in the area that has a wireless-enabled laptop can easily intercept your radio signals. This article will explain how to encrypt the radio signals sent between your laptop and a wireless access point.

    Virtual Private Networks (VPNs). Virtual Private Networks or “VPNs” are a potent encryption tool allowing you to “tunnel” communications securely over the Internet.

    Web browsers. Some of your web communications can be encrypted to protect against traffic sniffing. Take a look at this article to learn more about HTTPS, the most common web encryption standard, as well as other browser security and privacy tips.

    Email and IM. There are a number of powerful tools available for encrypting your emails and your IM messages; take a look at these articles to learn more.

    Tor. Tor is free, powerful, encryption-based anonymising software that offers one of the few methods of defending yourself against traffic analysis using pen-trap taps, and also provides some protection against wire-tapping. Visit this article for all the details.

    Defend Yourself Against Cell Phone Tracking

    As described earlier, the government can use information transmitted by your cellular telephone to track its location in real-time, whether based on what cell phone towers your cell phone is communicating with, or by using the GPS chip included in most cell phones.

    Many courts have required the government to obtain a warrant before conducting this type of surveillance, often thanks to briefing by EFF. (For more information on our work in this area, visit EFF’s cell tracking page.) However, many other courts have been happy to routinely authorize cell phone tracking without probable cause.

    Even more worrisome, the government has the capability to track cell phones without the cell phone provider’s assistance using a mobile tracking technology code-named “triggerfish”. This technology raises the possibility that the government might bypass the courts altogether. Even if the government does seek a court order before using “triggerfish,” though, it will only need to get an easy-to-get pen-trap order rather than a wiretap order based on probable cause.

    Put simply, cell phone location tracking is an incredibly powerful surveillance technology that is currently subject to weak technical and legal protections.

    Unfortunately, if you want to use your cell phone at all, avoiding the threat of this kind of real-time tracking is nearly impossible. That’s because the government can track your cell phone whenever it’s on, even if you aren’t making a call. The government can even track some cell phones when they are powered down, unless you have also removed the battery. So, once again, there is a security trade-off: the only way to eliminate the risk of location tracking is to leave the cell phone at home, or remove the battery.

    For more information about the privacy risks posed by cell phones, take a look at our article on mobile devices. You may also want to take a look at the advice offered by MobileActive.org in its Primer on Mobile Surveillance.

    Summing Up

    What You Need to Know

    Due to a combination of legal and technical factors, face-to-face conversations and conversations using landline telephones are more secure against government wiretapping than cell phone or Internet communications. Cell phone conversations are more vulnerable both technically and legally, while SMS text messaging appears for now to be very insecure both technically and legally. Cell phones also create the risk of location tracking, and the only way to eliminate that risk entirely is to not carry a cell phone or to remove the battery.

    When it comes to Internet communications, using encryption is the only way to defend against wiretapping, whether by the government or anyone else.

    When it comes to pen/trap taps, on the other hand, most encryption products won’t protect the types of information that the government can get. That information needs to be transmitted in the clear so computers can direct it to the proper recipient. Only anonymizing tools like Tor will protect you from traffic analysis via pen/trap tap.

    Information Stored By Third Parties

    Third parties — like your phone company, your Internet service provider, the web sites you visit and interact with or the search engine that you use — regularly collect a great deal of sensitive information about how you use the phone system and the Internet, such as information about who you’re calling, who’s emailing or IMing you, what web pages you’re reading, what you’re searching for online, and more. In addition to those records being compiled about you, there’s also data that you choose to store with third parties, like the voicemails you store with you cell phone company or the emails you store with your email provider. In this section, we’ll talk about the legal rules that govern when and how law enforcement agents can obtain this kind of information stored by and with third parties. We’ll then outline steps that you can take to reduce that risk, by learning how to reduce the amount of information collected about you by third parties, minimize the amount of data you choose to store with third parties, or replace plainly readable data with encrypted versions for storage with third parties.

    What Can the Government Do?

    In addition to being able to use wiretaps to intercept your communications while they are being transmitted, the government has a variety of ways of getting (1) records about your communications and (2) the content of communications that you have stored with a third party. In particular, the government can get all of the records that your ISP, phone company, or other communications service providers have on you, and the SMS messages, instant messages, emails or voice-mails you’ve stored with them. However, unlike regular third-party records discussed above, which can be subpoenaed without any notice to you, the records of your communications providers are given some extra protection by the “Stored Communications Act” portion of the “Electronic Communications Privacy Act”, or ECPA.

    So what can the government get?

    Some Records Only Require a Subpoena

    Basic Subscriber Information Held by Your Communications Providers Is Available With Just a Subpoena

    With a subpoena, the government can obtain from your communications providers what is often called “basic subscriber information.” Sometimes, the subpoena will specifically name a person whose information is being sought; other times the government will ask for information regarding a particular phone number, Internet username, email address, or IP address. With such a subpoena, the government can (only) get your:

    • Name.
    • Address.
    • The length of time you’ve used that phone or Internet company, along with service start date and the types of services you use.
    • Phone records. They can get your telephone number, as well as local and long distance telephone connection records — those are records identifying all the phone numbers you’ve called or have called you, and the time and length of each call.
    • Internet records. They can get the times you signed on and off of the service, the length of each session, and the IP address that the ISP assigned to you for each session.
    • Information on how you pay your bill, including any credit card or bank account number the ISP or phone company has on file.

    The government can get this information with no notice to you at all, and can also get a court order forcing your service provider not to tell you or anyone else.

    Other Records Require a Court Order

    Other Communications Records Held by Your Communications Providers Require a Court Order

    In order to get a communications provider to turn over other records beyond basic subscriber information, the government either has to get a search warrant or a special court order. Sometimes called “D” orders, since they are authorized in subsection (d) of section 2703 of the Stored Communications Act, these court orders are much easier to get than search warrants but harder to get than subpoenas. The government can get this information with no notice to you at all, and can also get a court order forcing your service provider not to tell you or anyone else.

    In addition to basic subscriber information, your ISP or email provider may maintain records or “logs” of:

    • The email addresses of people you send emails to and receive emails from, the time each email is sent and received, and the size of each email
    • The IP addresses of other computers on the Internet that you communicate with, when you communicated with them, and how much data was exchanged
    • The web addresses of the web pages that you visit

    Which, if any, of the above are logged varies, depending on your particular ISP or email provider’s privacy policies and resources. However, just about every ISP will log IP addresses and log-on/off times, and keep those logs for at least a few months.

    Cellular phone companies may also keep records of which cell tower your phone communicated with when you were making calls. These cell site tower records can help pinpoint your physical location at points in the past, and are increasingly the target of law enforcement investigations. And although some courts have required the government to obtain a warrant based on probable cause before obtaining these records, the government’s usual practice is to get such records based on the much lower “D” Order standard.

    Not All Records are Protected

    Records Collected by Search Engines and Other Web Sites May Not Be Protected

    In addition to the logs kept by your communications providers, there are also logs kept by the Web sites that you visit. For example, the Apache web server is currently the most widely used web server on the Internet. In its default configuration, it logs the following information about each request it receives from a web browser:

    • requesting host name/IP address
    • username of requester (rarely present)
    • time of request
    • first line of request (indicating requested page, plus some parameters)
    • success or failure of request
    • size of response in bytes
    • the previous page viewed by requester (if any)
    • the name and version of the web browser used

    However, the server could potentially be configured to log anything you or your browser tells it, in addition to the above.

    The Stored Communications Act clearly protects records held by companies that offer the public the ability to send and receive communications — phone companies, ISPs, webmail providers, IM providers, bulletin board sites, etc. However, it does not necessarily protect logs held by web sites that don’t offer communications service, which is most of them.

    This is particularly worrisome when it comes to search engines. The government’s position is that logs kept by search engines are not protected by the Stored Communications Act at all. Considering that these logs can often be linked back to you — either by your IP address or “cookies,” or, if you’ve registered with other services offered by the search engine, by the information you entered when registering — this potential gap in legal protection represents a serious privacy threat.

    Some Content Receives Stronger Protection

    Emails, Voicemails, and Other Communications Content Stored by Your Communications Providers Receive Stronger Protection

    Compared to the relatively weak protection for non-content records, the law gives some extra protection to communications content that you have stored with (or that is otherwise stored by) communications service providers like your phone company, your ISP, or an email provider like Gmail or Hotmail. Your communications providers cannot disclose your stored communications to the government unless the government satisfies the requirements described below; nor can they disclose your stored communications to anyone other than the government without your permission. There is one notable exception, though, for serious emergencies: if the provider believes in good faith that not immediately disclosing the communications could lead to someone’s death or serious injury, they can give them to the government.

    Note, however, that these restrictions on the disclosure of your communications only apply to communications providers that offer their services to the public. Even more worrisome, the government doesn’t consider businesses or schools and universities that offer their employees and students service to be offering services to the public, and therefore considers them unprotected by the Stored Communications Act. That means they could get communications from those entities with only a subpoena, and maybe even just a polite request if your employee agreement or your school’s privacy policy allows it.

    Privacy tip: Use communications providers that serve the public!Don’t let some friend with a mail server in his basement handle your email service unless he is very trustworthy — unlike a regular ISP or public web-mail service, there are no legal restrictions on who your friend shares your emails with.

    The Stored Communications Act strongly protects communications that have been in ‘electronic storage’ for 180 days or less, but the government has a very narrow reading of what ‘electronic storage’ means in the statute. The government doesn’t consider already-read or opened incoming communications to be in electronic storage (for example, emails in your inbox that you’ve already looked at, or voicemails in your voicemail account that you’ve saved after listening). Nor does the government consider messages in your sent box or messages in your drafts box to be in ‘electronic storage.’ Under the government’s view, here’s how your communications are treated under the law:

    New unopened communications: If the email or voice-mail messages are unopened or unlistened to, and have been in storage for 180 days or less, the police must get a search warrant. However, you are not notified of the search.

    Opened or old communications: If you have opened the stored email or voice-mail messages, or they are unopened and have been stored for more than 180 days, the government can use a special court order — the same “D” orders discussed — or a subpoena to demand your communications. Either way, the government has to give you notice (although, like with sneak & peek search warrants, that notice can sometimes be delayed for a substantial time, and as far as we can tell almost always is delayed). However, the police may still choose to use a search warrant instead of a D order or subpoena, so they don’t have to give you notice at all.

    Notably, the Ninth Circuit Court of Appeals has disagreed with the government’s reading of the law, finding that communications are in electronic storage even after they are opened — meaning that the government needs a warrant to obtain opened messages in storage for 180 days or less.

    Privacy tip: Use communications providers based in California Communications providers in states that are in the Ninth Circuit, such as California, are bound by Ninth Circuit law and therefore are very resistant to providing the government with opened emails that are 180 days old or less without a warrant.

    In sum, although the law sometimes requires the government to get a warrant before accessing communications you’ve stored with your communication provider, it doesn’t always. For this reason, storing your communications on your own computer is preferable — the government will almost always need a warrant if it wants to seize and search the files on your computer.

    What Can I Do To Protect Myself?

    When we were talking about how to defend yourself against subpoenas and search warrants, we said, “If you don’t have it, they can’t get it.”

    Of course, that’s only partially true: if you don’t have it, they can’t get it from you. But that doesn’t mean they might not be able to get copies of your communications or detailed records about them from someone else, such as your communications service providers or the people and services that you communicate with. Indeed, as we outlined in the last section, it’s much easier as a legal matter for the government to obtain information from these third parties — often without probable cause or any notice to you.

    So, you also need to remember this lesson: “If someone else has stored it, they can get it.” If you let a third party store your voicemail or email, store your calendar and contacts, back up your computer, or log your communications traffic, that information will be relatively easy for the government to secretly obtain, especially compared to trying it to get it from you directly. So, we’ll discuss in this section how to minimize the content that you store with third parties.

    We’ve also asked you to “encrypt, encrypt, encrypt!” in the previous sections about protecting data on your computer and while you are communicating. The same holds true when protecting against the government getting your information from other people. Although ideally you will avoid storing sensitive information with third parties, using encryption to protect the data that you do store — such as the emails you store with your provider, or the files you back up online — can provide a strong line of defense. We’ll talk in this section about how to do that.

    Communications content that you’ve chosen to store with a service provider isn’t the only issue, though. There are also the records that those third parties are creating about your interactions with their services. Practically everything you do online will create records, as will your phone calls. So your best defense is to think before you communicate:

    • Do you really want the phone company to have a record of this call — who you called, when, and how long you talked?
    • Do you really want a copy of this email floating around in the recipient’s inbox, or on your or his email provider’s system?
    • Do you really want your cell phone provider to have a copy of that embarrassing SMS text message?
    • Do you really want Google to know that you’re searching for that?

    It may be that the communication is so trivial or the convenience so great that you decide that the risk is worth it. But think about it — seriously consider the security trade-offs and make a decision — before you press “send”. We’ll give you information in this section that should help you make those decisions.

    Another option for minimizing the information that’s recorded about you — short of avoiding using a service altogether — is to protect your anonymity using encryption and anonymous communication tools. If you want to search Google or browse Amazon without them being able to log information that the government could use to identify you, you’ll need to use software such as Tor to hide your IP address, as well as carefully manage your browser’s privacy settings. This section will give you the information you need to do that.

    Getting Started

    Learn What Your Service Providers Store

    Most communications service providers and commercial web sites have privacy policies. Read them to find out:

    • What information do they collect? It may be more than you think. If anyone you do business with doesn’t have a privacy policy (or their policy is unclear), you should contact them and ask about what they collect.
    • With whom do they share it? Most companies will share your information with other companies in their corporate family and with marketers; many companies will sell your data to anyone who wants it. Check to see if they’ll let you “opt-out” of sharing your information with other companies.
    • What about the government? Look in the privacy policy to see under what circumstances they’ll hand your information over to the government. Try to do business with companies that will not give your information to the government unless required by law to do so. Also find out whether they will notify you if the government asks for your files, and do business with companies who will always notify you unless prohibited by law from doing so. That way, you can call a lawyer and try to stop the disclosure before it happens.

    Consider using activist-friendly, privacy-respecting communications providers that offer free services. The Online Policy Group, for example, offers free web hosting and email list hosting, while Rise Up offers free email (including web-mail), web hosting, and email list hosting. These services have strong privacy policies and will notify you of any governmental or other attempt to seek customer information unless prevented by law. Cable companies that offer Internet access usually also have a policy of notifying you unless they’ve been gagged — in fact, because of a quirky imbalance in the law, they actually have to notify you if they can, unlike non-cable providers. So, if you’re especially worried about the communications records held by your ISP, consider using a cable broadband provider.

    Choosing a Communications Method

    Again, Telephone Calls are Your Safest Bet

    When it comes to protecting the privacy of communications content stored by your provider, the safest choice is to avoid storing any content with the provider at all. Therefore, just as when we were discussing wiretapping, regular old telephone calls have a distinct advantage over other communications methods: putting aside voicemail, which we’ll discuss on the next page, telephone calls don’t create copies. That means, unless the government goes to the technical and legal trouble of directly wiretapping you (a very low risk, compared to the government trying to obtain stored copies of your communications), or the person you are talking to is so untrustworthy that they would record your conversation without telling you (a rarity, but it does sometimes occur), your telephone call will be safe from prying ears.

    As you’ll see on the following pages, telephone calls are far preferable to SMS text messages, which providers apparently store for long periods of time, and which are very difficult to encrypt. IM and VOIP are better alternatives, as we’ll also discuss, since they can be more easily encrypted, and since instant messages and VOIP call contents are typically not logged by providers. Email is a harder case, since it necessarily creates a range of copies — with providers and with recipients — but as you’ll see later, there are a number of steps you can take to make that mode of communication safer, too.

    Protecting Your Voicemail

    As we explained previously, copies of your communications stored by your phone company such as your voicemail receive very weak legal protection compared to copies of your communications stored in your own home. In particular, after a communication has been stored more than 180 days — or, according to the government’s reading of the law, after you’ve first accessed that stored communication — the government no longer needs to get a warrant before obtaining that communication, and can instead use only a subpoena to the company (usually with no notice to you).

    When it comes to your voicemail, this means two things:

    • Where possible, use your own answering machine or voicemail system, not the phone company’s.
    • Where it’s not possible to use your own answering machine or voicemail system, such as with your cell phone, you should always delete your voicemails as soon as you listen to them!

    Protecting Your Voice Over IP Communications

    As best we can tell, providers of Voice Over IP telephone service such as Skype do not record your calls as a matter of routine. So, short of using encryption to protect the confidentiality of your calls there are no special steps that you need to take to ensure that the government can’t obtain stored copies of your conversations. Notably, Skype uses encryption by default. However, as discussed in our VoIP article, the security of Skype’s encryption system is still in question. And, as with your regular phone calls, there is always going to be some risk that the person at the end of the line is recording the conversation.

    Protecting Your Email Inbox

    (and Sent folder, and Drafts folder, and…)

    The Stored Communications Act requires the government to obtain a warrant before seizing emails that are in “electronic storage” with your communications provider and are less than 181 days old. However, under the government’s interpretation of the term “electronic storage”, the emails that arrive in your inbox lose warrant protection under the Stored Communications Act, and are obtainable with nothing more than a subpoena (often with no notice to you) as soon as you’ve downloaded, opened, or otherwise viewed them. Similarly, the government believes that it can obtain the sent emails and draft emails that you store with your provider with only a subpoena, again often without notice to you; the government doesn’t think those sent or draft emails are in “electronic storage” as defined by the statute, either.

    EFF is doing it’s best to prove the government’s interpretation wrong in court, and some courts have already disagreed with the government. Yet as far as we can tell, those court decisions haven’t significantly changed the government’s behavior and it still routinely obtains opened emails (and sent emails and draft emails) without warrants, regardless of how old they are.

    Because of the government’s aggressive position, you need to be just as aggressive when it comes to defending your email privacy. As described on the next few pages, the most critical things you can do are:

    • Delete emails from your provider’s server as soon as you first access the messages, and store your sent and draft emails locally in your email client software, rather than with your provider.
    • In order to minimize the number of emails stored with your provider — be they received, sent, or draft — avoid using webmail if at all possible, or, if you do use a webmail account, avoid the web interface and instead configure your email client software to send and receive emails directly via POP.
    • Encrypt your emails whenever possible.

    Protecting Email: Download and Delete!

    The single most powerful step you can take to protect the privacy of your email is to not store it with your email provider. Rather than leave email on your provider’s server, you should configure your email software to immediately delete incoming emails from your provider’s server as you download those messages to your computer — and also make sure that your email software is configured to store your draft and sent email on your computer rather than with the provider.

    Of course, this is a serious security/convenience trade-off — by fetching your email using the “POP” email protocol and storing all your mail locally, you won’t have access to your email from multiple devices like you would if you were using the IMAP protocol or a webmail interface, both of which store all of your mail with the provider. We realize that for some people, particularly those without their own computer, using POP and storing everything locally may not be an option. But if it is an option, and you can effectively function without storing your emails with your provider, we highly recommend doing so. For more, check out our email article.

    Don’t Use Webmail if You Don’t Need It – or POP It.

    Webmail poses a serious security trade-off for those concerned about a government adversary.

    Webmail is usually free, very easy to use, and super-convenient, especially if you want the ability to access your email from several different computers or mobile devices. However, deleting your email from your provider’s servers as soon as you’ve downloaded — a critical step to protecting your email’s privacy against the government — is hard if not impossible to do when you use a webmail service like Gmail or Yahoo! Mail, especially if you want to maintain access to a copy of that email. Since you view your email in your browser rather than downloading it to email client software, the only conveniently accessible copy of your email is going to be the one you store with your provider.

    If you take the idea of a government adversary seriously, webmail is a very bad risk. The government is hundreds if not thousands of times more likely to try and obtain your stored email rather than wiretap it. Indeed, the reason that the number of wiretaps on electronic communications is so low is because it’s so easy to obtain the same information from the provider’s storage.

    So, if you think that government adversaries may pose a threat to your privacy, we strongly recommend that you not use webmail for any unencrypted sensitive communications, unless you simply can’t live your life or do your job without an easy-to-access-anywhere inbox. If you really don’t need that kind of access and usually access your mail from the same computer, the convenience of webmail probably isn’t worth the risk.

    If you do use a webmail account, though, one way of mitigating the risk is to avoid using the web interface and instead download your emails directly to your email client software using POP and immediately delete them from the provider’s server. This option may not be available from all webmail providers, but it is offered by major providers such as Gmail, Microsoft and Yahoo!. You’ll lose the convenient access to past messages via the web, and it might not be free, but you’ll still have cheap and reliable email service.

    Protecting Email: Use Email Encryption When You Can

    Using email encryption is a good idea even if you are storing all your email locally, if only to counter the wiretapping threat. But using encryption becomes all the more important if you are storing your email content with your email provider. If the government comes calling on your provider with a subpoena for your stored emails, you’ll wish you had learned how to protect those messages with encryption, so visit our email article and learn now!

    Protecting Instant Messaging

    Major IM service providers like AOL, Yahoo! And Microsoft say that they don’t store your IM messages after they are transmitted. We think they are telling the truth, but even so, you should use encryption when IMing, if only because it is so easy to do (see our IM article to find out how).

    Gmail’s chat, on the other hand, logs all of your IMs by default as a feature and stores them online in your Google account for you to access later. If you use Google Talk or Gmail’s chat service, we strongly recommend turning off this feature by going “Off the Record” or “OTR”, as Google calls it — so that you aren’t storing those transcripts with Google.

    If you really need access to past transcripts, log them on your own computer using your IM software’s settings (subject, of course, to the data retention policy you established after reading our section on protecting data stored on your computer). However, also keep in mind that many if not most of the people you chat with will be keeping their own logs on their own computer (or in their Google account if using Gchat, unless you’ve gone “Off the Record”).

    Protecting SMS

    Avoid Texting Sensitive Communications

    Major cell phone providers claim that they don’t log your SMS text messages except for a very short period of time to ensure delivery (see, e.g., statements from providers in this news story entitled “Most Text Messages Are Saved Only Briefly“, or another article containing similar claims). However, there is reason to doubt these claims: we’ve seen several cases where SMS messages were disclosed by a provider months or even years after they were originally sent. For example, as USA Today recounts, text messages were subpoenaed in the Kobe Bryant rape case four months after they were sent, despite A&T Wireless’ claims that customers’ text messages are deleted within 72 hours. According to that story, “How messages in the Bryant case would be available four months later isn’t known; most likely they were retrieved from an archival storage system.” Considering such incidents, provider-side logging of your SMS text messages must be considered a high risk.

    Furthermore, although we think that the Stored Communications Act and the Fourth Amendment require the government in most cases to get a warrant before obtaining your pager or SMS messages from your provider, there are several known cases where it has obtained such messages without warrants under the lower legal standards reserved for non-content records, using only subpoenas.

    Not only is there the threat of your provider logging your messages and the government subpoenaing them, but also the near certainty that the phones of the people you are communicating with are logging those messages, adding yet another point of vulnerability. That’s in addition to the logs on your own phone, which you should delete regularly based on the data retention policy you developed after reading about “Data Stored on Your Computer.” However, keep in mind that with the right forensic tools, investigators will likely be able to recover even those deleted messages if they ever get a hold of your phone, and the Secure Deletion options forMobile Devices are still quite limited.

    Finally, although there have been some efforts at coming up with encryption solutions that work for SMS (as described in our Mobile Devices article), none of those techniques are easily or widely used.

    Therefore, given the possibility that your SMS texts are logged by your provider, that the government may be able to obtain those messages from your provider without warrants and without notice to you, and that such messages are hard if not impossible to encrypt, along with the certainty that they will be logged on your phone and the phones of the people you communicate with, we strongly recommend against using SMS for any sensitive communications.

    Online Storage of Your Private Data

    Online Storage of Your Private Data

    There’s a lot of talk these days about how convenient it is to store your data in the internet “cloud.” Why store your calendar or contacts list or critical documents on one computer, or buy a hard drive to back up your files at home, when you can store them “in the cloud” and access them from anywhere using services like Google Calendar, or Google Docs, or remote backup services that will store copies of all your files for you? Well, here’s a reason: the government can easily subpoena that data from those providers, with no notice to you.

    As we already described in the “What Can The Government Do?” section, the communications stored by your communications service providers are very weakly protected compared to those you store yourself: after 180 days (or after you’ve downloaded a copy, according to the DOJ), the government can get those communications with only a subpoena and usually with no notice to you. But the situation is even worse when it comes to data that you store with someone other than your communications provider — so called “remote computing services” (RCSs). Under the Stored Communications Act, the government can obtain data that you send to an RCS for storage or processing with only a subpoena regardless of how old it is, and although the government is supposed to notify you before they do, the law makes it very easy for investigators to delay that notice until after they’ve gotten your data.

    Therefore, storing all that data yourself, on your own computers — without relying on RCSs — is the most legally secure way to handle your private information. If you do choose to store copies of your files online, though, we strongly recommend encrypting those files yourself before you do (visit our article on disk and file encryption to learn how), or using services like IDrive or MozyPro that give you the option of encrypting your files using your own private encryption key.

    Protecting Your Search Privacy and Your Web Browsing Activity

    The search history you generate when using search engines like Google or Yahoo! reveals incredibly sensitive data about what you look at — or even think of looking at — on the web. These logs may be tied to your identity based on your IP address, the cookie files that the search engine places on your computer, or your account information if you’ve registered to use the search engine or other services offered by the provider. And as discussed earlier in the “What Can the Government Do?” section, these logs are subject to uncertain legal protections.

    Considering the sensitivity of search logs and the questions surrounding their legal status, we highly recommend that you exercise great care to ensure that your identity cannot be linked to your search queries. For an in-depth discussion of how to do that, read EFF’s “Six Tips to Protect Your Search Privacy“. You should also take a look at our article on browsers to learn more about cookie management and on the anonymizing softwareTor to learn more about how to mask your IP address. These same techniques can be used to protect you against logging by any web site you visit, not just search engines, and we recommend that you do use them whenever you visit a web site and don’t want that site to log personally-identifying information about you and the pages that you read.

    Finally, we recommend avoiding using one online portal for multiple services — e.g., try to avoid using Yahoo! Search and Yahoo! Mail, or Google Search and Google Reader. Not only are you making it easier for the search provider to identify you by virtue of linking all of your activity to your personalized account, but you are also offering the government a convenient “one-stop shop” opportunity to access a wide range of your personal information at once. Using these “mega-portals” to manage all aspects of your online life might be convenient, but it also creates a single point of failure that raises a serious security risk.

    TMI on the Web

    Do You Really Want to Publish that Blog Post, Flickr that Picture, or Broadcast that Facebook Status?

    The web is a powerful engine of personal expression, giving you a wide variety of online venues to speak your mind and communicate with friends or the public. But before you publish that blog post on MySpace or Blogger, post a picture to a picture-sharing sites like Flickr or Picasa, or broadcast your status on Facebook or using Twitter, think, “Is this really information that you want to expose on the web?” Even if you do now, think about years from now: will you want evidence of this youthful indiscretion or that personal opinion floating around on the web in the future? Remember, you don’t have any expectation of privacy in information that you post to the public web, and information that you post now but delete later may still persist, whether on the pages of the friends you communicated with (like your Wall Posts to a friend on Facebook), or in Google’s cache of old web pages, or the Internet Archive‘s library of public web pages.

    One way of limiting the risks of posting information about yourself on the web is to use the privacy settings offered by social sharing sites like Flickr or Facebook, with which you can avoid publishing your information to the public web and can define which of your “friends” on the same service are allowed access to your information. However, these settings can sometimes be confusing and difficult to configure correctly, and it’s unclear how robust such privacy protections would be against the attacks of a dedicated hacker. There’s also the possibility that an adversary may try to “friend” you using fake information to pose as someone you know or would want to know. (A good rule of thumb is to only become “friends” with people that you know personally, after verifying with them via another means of communication — for example, by emailing them or calling them — to ensure that they are the ones that actually made the request.). Then there’s the additional threat of adversaries gaining access to your account information by convincing you to use their “app.” Finally, of course, there’s always the risk that one of your “friends” will republish to others the information that you thought you had posted privately. So, even if you think you’ve strictly controlled access to your Facebook profile or Flickr page, you should recognize the significant risk that what you post there might leak out, and act accordingly.

    Another option, if you’re more interested in sharing information and opinion than in socializing, is to communicate anonymously, without tying your posts to your real identity. For an extended discussion of how to do that safely and effectively, take a look at our guide on “How to Blog Safely (About Work or Anything Else).”

    Protecting Your Location Information

    More on Cell Phone Tracking

    We described earlier how the government can enlist your phone company’s help in tracking the location of your phone in real time. However, that’s not the only location privacy threat posed by your cell phone: your provider also keeps records of where your cell phone was each time you made or received a phone call.

    In particular, phone companies typically log the cell phone tower you were closest to when you called someone or someone called you, as well as which “sector” of the tower’s coverage area your phone was in. Particularly in urban environments where there are lots of cell towers, such records can locate you with a fairly high degree of precision, sometimes to within a city block or even within a particular building. The government routinely obtains these kinds of location records with only subpoenas and with no notice to the target, although EFF is working hard to ensure that such data can only be obtained with a search warrant.

    Unfortunately, there’s nothing you can do to prevent these records from being created short of not making phone calls, and turning your phone off to ensure that no one calls you. Indeed, turning your phone off might be your only recourse — particularly since some experts have advised us that the phone companies not only log the location of your phone when a call is made but also log the closest cell tower whenever your phone is turned on, as your phone continuously registers itself with the cell network.

    Therefore, as is true with every communications device that you use, your best defense is to think before you use your cell phone. Do you really want your phone company to have a log reflecting that you were in that part of town at that time? If not, then you should turn the cell phone off.

    Another potential solution is to anonymously purchase a prepaid cell phone using cash. The phone company will still have the same location data, but it won’t be as easily linked to your identity. Keep in mind, however, that even if the phone company doesn’t have subscriber information like your name and address, investigators might be able to quickly associate you with the phone based on the people you communicate with, or based on security camera footage from the store where you bought the phone.

    For more information about the privacy risks posed by cell phones, take a look at our article on mobile devices. You may also want to take a look at the advice offered by MobileActive.org in its Primer on Mobile Surveillance.

    Summing Up

    Whenever you use technology to communicate, you will necessarily leave traces of your activity with third parties like your phone company, your ISP, or your search engine provider. If a third party has it, the government can get it, often under weak legal standards and without any notice to you. So remember:

    • Think before you communicate. Do you really want there to be a record of this?
    • Choose to make a telephone call when you can, rather than using SMS or the Internet, unless your communications are encrypted. Otherwise, there may be a record of the content of your communication on some third party’s server or in an archival database.
    • Avoid storing your data with third parties when you can. The records you store with others receive much less legal protection than those you store yourself.
    • Use file encryption where possible if you do choose to store data with an online service.
    • If you are using email or voicemail, delete the copies stored by your communications provider as soon as you download or listen to them.
    • Learn how to hide your identity online and minimize the information that online services log about you by learning how to configure your browser and use anonymizing technologies like Tor.

    Powerful new communications technologies carry with them powerful risks to the privacy and security of your communications. Learn to defend yourself!

    Foreign Intelligence and Terrorism Investigations

    All of the government surveillance tactics and standards discussed in previous sections relate to law enforcement investigations — that is, investigations for the purpose of gathering evidence for criminal prosecution. However, the government also engages in surveillance in order to combat foreign threats to national security. When it comes to foreign spies and terrorists, the government uses essentially the same tools — searches,wiretapspen/trapssubpoenas — but operates under much lower legal standards and in much greater secrecy. It’s important that you understand these foreign intelligence surveillance authorities such as the government’s access to records using National Security Letters and its wiretapping powers under the Foreign Intelligence Surveillance Act (FISA) so that you can evaluate the risk of such surveillance to you or your organization and defend against it.

    National Security Letters

    Imagine if the FBI could, with only a piece of paper signed by the special agent in charge of your local FBI office, demand detailed information about your private Internet communications directly from your ISP, webmail service, or other communications provider. Imagine that it could do this:

    • without court review or approval
    • without you being suspected of a crime
    • without ever having to tell you that it happened

    Further imagine that with this piece of paper, the FBI could see a wide range of private details, including:

    • your basic subscriber records, including your true identity and payment information
    • your Internet Protocol address and the IP address of every Web server you communicate with
    • the identity of anyone using a particular IP address, username, or email address
    • the email address or username of everyone you email or IM, or who emails or IMs you
    • the time, size in bytes, and duration of each of your communications, and possibly even the web address of every website you visit

    Finally, imagine that the FBI could use the same piece of paper to gain access your private credit and financial information — and that your ISP, bank, and any other business from which the FBI gathers your private records is barred by law from notifying you.

    Now, stop imagining: the FBI already has this authority, in the form of National Security Letters. These are essentially secret subpoenas that are issued directly by the FBI without any court involvement. Thanks to the USA PATRIOT Act, the only requirement the government must meet to issue an NSL is that the FBI must certify in the letter that the information it is seeking is relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities.

    The number of National Security Letters used each year is classified, but the Washington Post has reported that by late 2005, the government had on average issued 30,000 National Security Letters each year since the PATRIOT Act passed in 2001. That’s a hundredfold increase over the pre-PATRIOT numbers.

    Further revelations by the FBI’s Inspector General in 2007 showed that in many cases, the FBI had failed even to meet the weak post-PATRIOT National Security Letter standards, illegally issuing so-called “exigent letters” to communications providers asking for the same information National Security Letters are used to obtain, but without meeting the minimal requirement that the requested information be relevant to an authorized terrorism or espionage investigation. EFF has since sued the Department of Justice to learn more about how the government has been abusing its National Security Letter authority.

    Surveillance Under the Foreign Intelligence Surveillance Act (FISA)

    The History of FISA

    As stated above, the government was free to wiretap whenever it wanted to in law enforcement investigations until the Supreme Court addressed the issue in 1967, and Congress passed the Wiretap Act in 1968. Similarly, the legality of warrantless searches and wiretaps in national security investigations, as opposed to law enforcement investigations, wasn’t settled until the seventies.

    In 1972, the Supreme Court ruled on the use of wiretaps in national security cases. In that case, a group of Americans protesting the Vietnam War tried to blow up their local CIA recruiting office. Investigators collected evidence against them with a wiretap but without getting a wiretap order, and argued in court that since the investigation was for national security, the president had the authority to authorize surveillance without having to go through the courts.

    The Supreme Court held that the government didn’t have unlimited power to conduct surveillance without the approval of a judge just by claiming the investigation was for national security, at least when investigating domestic threats to national security (that is, threats from U.S. citizens and legal residents). It left open whether or not such warrantless surveillance was allowed when investigating foreign threats.

    After this decision, and after revelations throughout the seventies that the government had been engaging in an enormous amount of unauthorized spying during the 1960s and early 1970s, Congress decided to provide a legal framework to rein in foreign intelligence investigations. The Foreign Intelligence Surveillance Act of 1978 (or “FISA”), along with later amendments to that act, created a warrant procedure for foreign intelligence investigations so that there would no longer be any foreign intelligence surveillance without court oversight.

    FISA in Action

    FISA requires the government to get search warrants and wiretap orders from a court even when it is investigating foreign threats to national security. However, the FISA process is different from the law enforcement processes described in earlier sections.

    First, all government requests for foreign intelligence surveillance authorization are made to a secret court: the FISA court. In order to get authorization, a significant purpose of the surveillance must be to gather foreign intelligence information — information about foreign spies, foreign terrorists, and other foreign threats — instead of evidence of a crime.

    Most importantly, the probable cause standard is very different. Instead of having to show probable cause that a crime is being, has been, or will be committed, the government must show that the target of the surveillance is a foreign power or an agent of a foreign power.

    Also unlike law enforcement surveillance, the target is never told by the government that he/she was spied on, and every person that is served with a FISA search warrant, wiretap or pen/trap order, or subpoena is also served with a gag order forbidding them from every telling anyone about it except their lawyer.

    Foreign Powers and Their Agents. So, what exactly qualifies as a foreign power or agent of a foreign power when it comes to FISA surveillance? It’s a bit unclear. The FISA law defines those terms only vaguely, and without any access to the decisions of the secret FISA court, there’s no way of telling how broadly or narrowly the definitions are being interpreted.

    According to FISA, a Foreign Power is defined to include:

    • Any foreign government or component of a foreign government, whether or not officially recognized by the United States
    • Any “faction” of a foreign nation or nations, or any foreign-based political organization, that isn’t “substantially” composed of United States persons (“faction” and “substantially” aren’t defined; a U.S. person is a citizen or a legal resident of the U.S.)
    • Any entity, like a political organization or a business, that is directed or controlled by a foreign government
    • Any group engaged in, or preparing to engage in, “international terrorism.” (“International terrorism” is broadly defined as activities that (1) involve violent acts or acts dangerous to human life that are a violation of U.S. criminal laws or would be a violation if committed in the U.S., (2) appear to be intended to intimidate or coerce a civilian population, to influence the policy of a government by intimidation or coercion, or to affect the conduct of a government by assassination or kidnapping, and (3) occur totally outside the U.S., or transcend national boundaries in terms of how they are accomplished, the people they are intended to coerce or intimidate, or the place where the terrorists operate)

    According to FISA, an Agent of a Foreign Power is defined to include:

    • Anyone that is not a U.S. person who is an officer or employee of a foreign power
    • Anyone that is not a U.S. person who engages in “clandestine intelligence activities” (spying) in the U.S. on behalf of a foreign power or any U.S. person that does the same and may be violating the law. So, if you’re not a U.S. person, you don’t have to be suspected of a crime; but even if you are a U.S. person, that suspicion doesn’t have to meet traditional probable cause standards
    • Anyone, whether a U.S. person or not, who engages in or prepares for acts of international terrorism or sabotage

    If you think that all sounds like very vague gobbledy-gook, you’re right. No one really knows what these terms mean other than the FISA court, which won’t release its decisions.

    And it’s even worse for FISA subpoenas, which can be used to force anyone to hand over anything in complete secrecy, and which were greatly strengthened by Section 215 of the USA PATRIOT Act. The government doesn’t have to show probable cause that the target is a foreign power or agent — only that they are seeking the requested records “for” an intelligence or terrorism investigation. Once the government makes this assertion, the court must issue the subpoena.

    Police at the door: FISA Orders and National Security LettersIf federal agents serve you with a FISA warrant or subpoena, or a National Security Letter, the advice given for regular warrants and subpoenas applies. However, FISA orders and National Security Letters will also come with a gag order that forbids you from discussing them. Do NOT violate the gag order. Only speak to members of your organization whose participation is necessary to comply with the order, and your lawyer. The constitutionality of FISA orders and especially National Security Letters is a matter of great dispute — in particular, several courts have found that the gag order that comes with a National Security Letter violates the First Amendment — and you may be able to successfully challenge the government’s demand in court. If you do decide to seek counsel and do not have an a lawyer of your own, you can call the lawyers at EFF.

    FISA Wiretap Statistics

    Like law enforcement wiretaps, FISA surveillance is relatively rare. Also like law enforcement wiretaps, however, FISA surveillance probably sweeps in the communications of a great many people. Because the information released about FISA surveillance is so limited, though, it’s impossible to gauge just how many people are affected and how many communications are intercepted. The only public data available on FISA are the numbers of applications made to, and approved by, the FISA court. And those numbers have steadily increased through the years, to the point where FISA orders now outnumber all federal and state wiretap orders combined! For example, in 2007, 2,370 applications for FISA wiretaps were granted by the FISA court, compared to 2,208 state and federal wiretaps reported in the same year. And each application can contain a request for more than one type of surveillance — for example, a wiretap, a secret search, and secret subpoenas.

    Like with law enforcement wiretaps, your FISA wiretap risk is very low, as is the risk of being subjected to a secret physical search under FISA. The risk of having records about you secretly subpoenaed under FISA is much higher, but if it’s your communications records the government is after, they’re more likely to use a National Security Letter.

    Privacy tip: Foreign Intelligence SurveillanceIf your organization deals with lots of non-U.S. persons or any foreign governments or foreign-based organizations, you will likely face a higher risk of foreign intelligence surveillance, and should factor that risk into your security decision-making.

    Beyond FISA

    The NSA Surveillance Program, the Protect America Act and the FISA Amendments Act

    FISA is a dangerously weak restraint on the government’s power to secretly spy on Americans without probable cause of a crime, particularly since passage of the USA PATRIOT Act in 2001. Yet just as the Bush Administration was successfully lobbying Congress to expand its FISA surveillance authority through the USA PATRIOT Act, it was already building a new surveillance program at the National Security Agency (NSA) that would secretly ignore FISA’s limitations and spy on Americans without first going to the FISA court.

    The NSA’s Surveillance Program Revealed

    In a story published on December 16, 2005, the New York Times first revealed to the country that since 9/11, the NSA had regularly targeted Americans in the U.S. for electronic surveillance without first obtaining the required court orders from the FISA court. The president and his representatives quickly admitted that the Bush administration had chosen to bypass FISA as part of its “Terrorist Surveillance Program” or “TSP.” The administration claimed that the TSP was narrowly targeted at international communications — i.e., communications into and out of the country — where at least one of the parties had known links to terrorist organizations. The president made the frighteningly broad claim that because of his inherent power under the Constitution to combat foreign threats as Commander-in-Chief, he had the authority to order such warrantless surveillance regardless of FISA’s dictates or the Fourth Amendment.

    However, the warrantless surveillance proved to be much broader than the “narrow and targeted” program that the president describedFurther reporting by the Times and other papers made clear that the NSA’s surveillance program went far beyond the admitted “TSP.” Those news stories, along with whistleblower evidence [PDF], demonstrated that the NSA program amounted to an untargeted dragnet of millions of ordinary Americans’ domestic communications and communications records. With the cooperation of the country’s major telecommunications companies such as AT&T, the NSA had illegally gained backdoor access to critical telecommunications switching facilities and communications records databases around the nation. With that illegal access, the government was vacuuming up all of the data passing through those facilities — not only records of who communicated with whom and when but also the content of nearly every American’s private communications — as part of a vast data-mining program. In response to the mounting evidence of a dragnet surveillance program (view a summary of all of that evidence [PDF]), EFF brought suit against AT&T in 2006 — and later, in 2008, against the government itself — on behalf of ordinary AT&T customers seeking to stop the warrantless surveillance of their telephone and Internet communications. You can find out more about the progress of those lawsuits, Hepting v. AT&T and Jewel v. NSA, at our NSA Multi-District Litigation page.

    The Protect America Act of 2007, the FISA Amendments Act of 2008, and the Future of the NSA’s Surveillance Program

    One might expect that the revelation of a massive and illegal spying program would lead to broad bipartisan condemnation from Congress and an effort to pass legislation to provide additional protections against unbridled Executive spying. Unfortunately, that’s not what happened. Instead, the Bush administration was able to use fear of terrorism to convince Congress to pass bills authorizing surveillance programs even broader than the admitted “TSP.”

    Claiming that critical intelligence about potential terrorist attacks would be lost unless FISA was immediately “modernized,” the White House succeeded in convincing Congress to pass two laws. First was the temporary Protect America Act (“PAA”) of 2007, which expired after one year. Next was the second and more-permanent FISA Amendments Act (“FAA”) of 2008. Both allowed the Executive Branch to target the communications of people outside of the U.S. for surveillance without prior FISA court approval and without demonstrating any link to terrorism. Interpreted aggressively, these statutes arguably authorized the programmatic, non-particularized dragnet surveillance of any American’s international communications, opening the door to virtually unchecked executive power to intercept your international emails and telephone calls.

    In the meantime, although we don’t think that the PAA or the FAA authorizes it, there’s been no indication that the domestic dragnet, revealed by news reports and whistleblower evidence and alleged in EFF’s lawsuits, has ended. As far as we know, the NSA is still plugged into key telecommunications facilities across the country and acquiring copies of all of the communications content that flows through them, while also obtaining records detailing the communications activity of millions of ordinary Americans, in violation of FISA and the Fourth Amendment.

    Considering the latest changes to the law, we strongly recommend encrypting all of your international communications traffic. As for protecting the privacy of your domestic communications, the best way to combat the NSA’s unchecked access to the nation’s communications infrastructure — short of encrypting every single communication or avoiding using telecommunications at all — is to support EFF in its litigation and lobbying efforts to stop the spying for good.

    Summing Up

    What You Need to Know

    To sum up, the steps you’d take to combat FISA surveillance or national security letters are the same ones you’d take in the law enforcement context:

    Defensive Technology

    If you are looking for basic technical information on how to protect the privacy of your data — whether it’s on your own computer, on the wire, or in the hands of a third party — you’ve come to the right place. Although we hope you’ll have the time to review all of the information in the SSD guide, if you’re in a hurry to get to the technical details, this is where you can read articles that will explain:

    Just remember: technology changes quickly. We’ll be doing our best to keep these articles updated to reflect current developments, but in the meantime, you should take the time to review information from multiple sources before making any serious security decisions.

    Internet Basics

    The Internet is a global network of many individual computer networks, all speaking the same computer language, the Internet Protocol (IP). Every computer connected to the Internet has an IP address, a unique numeric identifier that can be “static”, i.e. unchanging, or may be “dynamically” assigned by your ISP, such that your computer’s address changes with each new Internet session.

    More sophisticated networking protocols may be “layered” on top of the IP protocol, enabling different types of Internet communications. For instance, World Wide Web (Web) communications are transmitted via the HyperText Transfer Protocol (HTTP) and e-mails via the Simple Mail Transport Protocol (SMTP).

    These additional protocols use their own types of addresses, apart from IP addresses. For example, to download a Web page, you need its Web address, known as a Uniform Resource Locator (URL) (e.g.,http://www.eff.org). To exchange e-mails, both the sender and recipient need e-mail addresses (e.g., user@emailprovider.com).

    Computers that offer files for download over the Internet are called servers or hosts. For example, a computer that offers Web pages for download is called an HTTP server or Web host. Any computer may be server, client, or both, depending on the communication. The amount of data in an Internet communication is measured in bytes.

    Communications to and from an Internet-connected computer occur through 65,536 different computer software “ports.” Many networking protocols have been assigned to particular port numbers by the Internet Engineering Task Force. For example, HTTP (Web) is assigned to port 80 and SMTP (e-mail) is assigned to port 25. However, any port can be used for any application, and these are only conventions.

    If you want to learn more, the website How Stuff Works publishes a popular series of “Internet Basics” articles that answer questions about the nuts and bolts of the Internet.

    Encryption Basics

    Encryption is a technique that uses math to transform information in a way that makes it unreadable to anyone except those with special knowledge, usually referred to as a “key.” There are many applications of encryption, but some of the most important uses help protect the security and privacy of files on your computer, information passing over the Internet, or left sitting in a file on someone else’s computer. If encryption is used properly, the information should only be readable by you and people that receive the key from you. Encryption provides a very strong technical protection against many kinds of threats — and this protection is often easy to obtain.

    How Does Encryption Work?

    What do you need to know about how encryption works? Surprisingly little. Encryption is conceptually similar to the “secret codes” that children learn about and use to communicate. If you’ve ever spoken in pig Latin or used a decoder ring, you’ve used very simple encryption techniques on a message. Again, the idea is to take a normal human-readable message (often called the plaintext message) and transform it into an incomprehensible format that can only become comprehensible again to someone with secret knowledge:

    Plaintext message + Encryption algorithm + Key = Scrambled message

    Decryption algorithm + Key + Scrambled message = Plaintext Message

    Your Little Brother’s Cryptography. A simple encryption system would be to change each letter in your message to a set number of letters later in the alphabet. The specific number of spaces you move down the alphabet for each letter is the secret key. If the key is two, A becomes C, B becomes D, C becomes E, etc. Using that encryption system, the plaintext message “INSECURE” would become “KPUGEWTG.”

    How is Encryption Applied?

    Although the mechanics of encryption can be explained by the “decoder ring” analogy, the modern practice of using encryption has been accurately described as using a very resilient envelope for your messages. Most unencrypted data transmitted online is accessible to the servers passing off the information. Conversely, using encryption puts your online communications in a “steel envelope” — they can’t be read in the course of delivering the message to the recipient and are extremely resistant to tampering.

    Modern encryption is very difficult to break, using very complex mathematics to scramble information and ensure that only people possessing the right key can unscramble it. In many cases you can get major security benefits from encryption without a detailed understanding of how it works. Some software implements very convenient, fully automated encryption features which may simply require that you turn them on.

    For instance, when a website is configured properly, web browsers can use SSL encryption to protect the privacy of information you send to or receive from a web server. This is most often used to protect log-in passwords and financial data. Using a browser’s SSL encryption can be as simple as accessing a site with the https scheme instead of the http scheme (for instance, https://www.eff.org/ instead of http://www.eff.org/); the browser typically takes care of all the details behind the scenes.

    Why Is Encryption Important?

    Encryption plays an important role in mitigating risk related to the many threats listed in this guide. If sensitive information stored on your computer is encrypted, it will take a secret key to decode it. If sensitive information en route to others is encrypted, only someone that knows the secret key can read what it says. When you encrypt sensitive information and it ends up logged by others in the course of communicating online, encryption keeps those without the secret key from knowing the contents of the message.

    Most of the Defensive Technology articles in this guide will cover practical ways to apply encryption to particular communications (like email) or particular applications (like web browsers).

    Encryption is absolutely essential to maintaining information security. Moreover, modern computers are powerful enough that we can aim to make encryption of our communications and data routine, not just reserving encryption for special occasions or particularly sensitive information.

    For More About Encryption

    Many encryption tools can be used successfully without much beyond a conceptual understanding. We explain how to use many of these well-developed tools in other parts of this guide.

    However, be aware that while encryption is a powerful tool and is critical to information security, it has limitations — particularly if it is not being used correctly. Learning more about encryption and its limitations can help ensure that you’re using it properly and getting protection against as many kinds of attacks as possible.

    Web Browsers

    Web browsers are software on your machine that communicate with servers or hosts on the Internet. Using a web browser causes data to be stored on your computer and logs to be stored on the web servers you visit, and frequently transmits unencrypted information.

    Until you have understood the mechanisms by which this occurs — and taken steps to prevent them — it is best to assume that anything you do with a web browser could be recorded by your own machine, by the web servers you’re communicating with, or by any adversary that is able to monitor your network connection.

    Controlling and Limiting the Logs Kept by Your Browser

    Web browsers often retain a large amount of information about the way they are used. A browser typically keeps a history of the web pages it visits. Browsers also often retain cached copies of the pages you’ve visited, information about which accounts you log into on web servers, names and other data you enter into web forms, and cookies that record preferences and link your browser to records on third party web servers. Fortunately, browsers also include features for managing these records. In general, the features are getting better, so it’s getting easier to control browser records.

    For example, here are the stored data privacy settings pages for Firefox, the free web browser:

    For each type of information your browser stores, you can either set it to not collect it at all, set it to delete within a certain span of days, set it to delete when you quit the browser, or press “clear” to manually erase the data. Or you can “clear all” of the info — all the data your browser’s been keeping on you.

    Apple’s Safari browser also has an easy one-click option to clear everything. Just select “Reset Safari” from the “Safari” pull-down menu and you’ll get this option:

    Controlling and Limiting the Logs Kept By Web Servers

    Web servers usually see and retain a large amount of information about what you do when you surf to them. For instance, if you type any information into a form on a web page (such as a search engine), the server will record not only what you sent it, but also information that might identify you: your IP address, the browser and operating system you are using, whether you followed a link from another web page to get to the page, what that previous site/page was, your account if you are logged in to the site, and cookies that were created when you previously looked at pages on the site.

    Web Privacy is Hard

    If you use a particular website a lot, the chances are that it is going to end up retaining a huge amount of information about you. To get a sense of the kinds of information, and what needs to be done to prevent them from being aggregated, read our white paper on search privacy. Although that document primarily discusses search engines, the issues to consider for other kinds of sites are similar.


    Cookies are pieces of information that a web site can send to your browser. If your browser “accepts” them, they will be sent back to the site every time the browser accepts a page, image or script from the site. A cookie set by the page/site you’re visiting is a “second party” cookie. A cookie set by another site that’s just providing an image or script (an advertiser, for instance), is called a “third party” cookie.

    Cookies are the most common mechanisms used to record the fact that a particular visitor has logged in to an account on a site, and to track the state of a multi-step transaction such as a reservation or shopping cart purchase. As a result, it is not possible to block all cookies without losing the ability to log into many sites and perform transactions with others.

    Unfortunately, cookies are also used for other purposes that are less clearly in users’ interests, such as recording their usage of a site over a long period of time, or even tracking and correlating their visits to many separate sites (via cookies associated with advertisements, for instance).

    With recent browsers, the cookie setting that offers users the most pragmatic trade-off between cookie-dependent functionality and privacy is to only allow cookies to persist until the user quits the browser (also known as only allowing “session cookies”).

    You can enable this in the “Privacy” tab of Firefox 3’s “Preferences” pane:

    Unfortunately, if you only quit your browser entirely once every week or two, web sites will still collect a huge amount of information about your habits, such as the IP addresses you use at home, at work, at friends’ houses and at Internet cafes. However, the “Incognito” mode offered by Google’s Chrome browser and the “InPrivate” mode offered by Internet Explorer 8 are signs that in future browsers may offer more convenient ways to limit cookie tracking.

    Sophisticated users can configure their browser to manually decide whether each site they visit is allowed to set cookies. This may have good privacy outcomes, such as allowing session cookies for sites the user logs in to or purchases things from, but not any other sites. But it requires a lot of work. A certain amount of debugging may also be required for situations where sites are poorly designed and fail to function without certain third-party cookies.

    Recent Cookie-Like “Features” in Web Browsers

    In addition to the regular cookies that web browsers send and receive, and which users have begun to be aware of and manage for privacy, companies have continued to implement new “features” which behave like cookies but which aren’t managed in the same way. Adobe has created “Local Stored Objects” (also known as “Flash Cookies”) as a part of its Flash plug-ins; Mozilla has incorporated a feature called “DOM storage” in recent versions of Firefox. Web sites could use either or both of these in addition to cookies to track visitors. We recommend that users take steps to prevent this.

    Managing Mozilla/Firefox DOM Storage Privacy. If you use a Mozilla browser, you can disable DOM Storage pseudo-cookies by typing about:config into the URL bar. That will bring up an extensive list of internal browser configuration options. Type “storage” into the filter box, and press return. You should see an option called dom.storage.enabled. Change it to “false”.

    Managing Adobe Flash Privacy. Adobe lists advice on how to disable Flash cookies here. There are some problems with the options Adobe offers (for instance, there is no “session only” option), so it’s probably best to globally set Local Stored Object space to 0 and only change that for sites which you’re willing to have tracking you. On the Linux version of Adobe’s Flash plugin there doesn’t seem to be a way set the limit to 0 for all sites — consider donating or contributing to the Gnash project to give users an alternative to Adobe’s privacy-unfriendly design decisions.

    Aside from being an annoying medium for advertising, Flash poses other kinds of privacy and security risks. Some people choose not to use Flash at all (using other tools like youtube-dl for watching Youtube videos). Others install a Flash management browser plugin like FlashBlocker. Unfortunately, while FlashBlocker makes surfing the web a more peaceful experience, it does not protect you from being tracked by Flash cookies or from exposure to other flash-based security risks.

    IP Addresses

    Whenever your browser fetches a page, image or script from a website, you should expect the website to record the IP address of the computer you’re using. Your ISP, or anybody with the power to subpoena your ISP, could tie those records to the Internet account subscription you are connected through. Use Tor (or a proxy server, which is faster but less secure) if you wish to prevent these records from being created.

    Privacy on the wire


    Most sites on the web are accessed using the unencrypted HTTP protocol. HTTP is susceptible to eavesdropping, and even to intermediaries that might set out to modify the pages a browser is fetching.

    HTTPS is a more secure alternative to HTTP. HTTPS encrypts pages, and attempts to ensure three things: (1) that third parties cannot see the contents of the page; (2) that the page cannot be modified by third parties; (3) that the page was really sent by the web server listed in the URL bar.

    Unfortunately, a web server must be configured to support HTTPS properly before you can use it. If there is a site you were planning to send sensitive information to, ensure that you are using HTTPS. If a site doesn’t support HTTPS, don’t send sensitive information to it.

    Some Notes on Using HTTPS

    Check three indicators to ensure that you’re at an HTTPS page: (1) the URL begins with https://; (2) there is a lock icon in the corner of the browser; and (3) the URL/location bar is colored.

    If you receive a warning about certificates, or a see broken lock icon, you should assume that any of the security properties of the page could be broken. Contact the site’s webmaster and have them fix the problem before sending any sensitive information to the site.

    Blocking Javascript for Browser Security and Privacy?

    Javascript is a simple programming language which is part of modern web browsers. Unlike HTML, javascript allows a page to make the browser perform complicated and conditional calculations in determining what a page will look like and how it will function.

    Javascript has many uses. Sometimes it is simply used to make webpages look flashier by having them respond as the mouse moves around or change themselves continually. In other cases, javascript adds significantly to a page’s functionality, allowing it to respond to user interactions without the need to click on a “submit” button and wait for the web server to send back a new page in response.

    Unfortunately, javascript also contributes to many security and privacy problems with the web. If a malicious party can find a way to have their javascript included in a page, they can use it for all kinds of evil: making links change as the user clicks them; sending usernames and passwords to the wrong places; reporting lots of information about the users browser back to a site. Javascript is frequently a part of schemes to track people across the web, or worse, to install malware on people’s computers.

    For this reason, sophisticated users with strict security and privacy requirements may wish to consider selectively blocking javascript in their browser. There is a Mozilla/Firefox plugin called NoScript which is very useful for this purpose. Noscript (1) allows you to see the sources of any javascript in a page (many pages include javascript from third parties); (2) blocks javascript by default and (3) allows javascript from particular sources to be temporarily or permanently reenabled. Surfing the web with NoScript is more work (because when you visit new sites, you may have to enable some javascript sources to make them work properly), but surfing the web with NoScript is also much more secure.


    The act of using email stores data on your machines, transmits data over the network, and stores data on third party machines.

    Locally Stored Data

    The usual measures apply to managing the copies of emails (both sent and received) that are kept on your own machines. Encrypt your drives and decide upon and follow an appropriate data deletion policy.

    Data on the Wire

    Email usually travels through a number of separate hops between the sender and receiver. This diagram illustrates the typical steps messages might travel through, the transmission protocols used for those steps, and the available types of encryption for those steps.

    End-to-End Encryption of Specific Emails

    Encrypting emails all the way from the sender to the receiver has historically been difficult, although the tools for achieving this kind of end-to-end encryption are getting better and easier to use. Pretty Good Privacy (PGP) and its free cousin GNU Privacy Guard (GnuPG) are the standard tools for doing this. Both of these programs can provide protection for your email in transit and also protect your stored data. Major email clients such as Microsoft Outlook and Mozilla Thunderbird can be configured to work smoothly with encryption software, making it a simple matter of clicking a button to sign, verify, encrypt and decrypt email messages.

    The great thing about end-to-end encryption is that it ensures that the contents of your emails will be protected not only against interception on the wire, but also against some of the threats to the contents of copies of your emails stored on your machine or third party machines.

    There are two catches with GnuPG/PGP. The first is that they only work if the other parties you are corresponding with also use them. Inevitably, many of the people you exchange email with will not use GPG/PGP, though it can be deployed amongst your friends or within an organization.

    The second catch is that you need to find and verify public keys for the people you are sending email to, to ensure that eavesdroppers cannot trick you into using the wrong key. This trickery is known as a “man in the middle” attack.

    Probably the easiest way to start using GnuPG is to use Mozilla Thunderbird with the Enigmail plugin. You can find the quick start guide for installing and configuring Enigmail here.

    Server-to-Server Encrypted Transit

    After you press “send”, emails are typically relayed along a chain of SMTP mail servers before reaching their destination. You can use your mail client to look at the headers of any email you’ve received to see the chain of servers the message traveled along. In most cases, messages are passed between mail servers without encryption. But there is a standard called SMTP over TLS which allows encryption when the sending and receiving servers for a given hop of the chain support it.

    If you or your organization operates a mail server, you should ensure that it supports TLS encryption when talking to other mail servers. Consult the documentation for your SMTP server software to find out how to enable TLS.

    Client-to-Mail Server Encryption

    If you use POP or IMAP to fetch your email, make sure it is encrypted POP or IMAP. If your mail server doesn’t support the encrypted version of that protocol, get your service provider or systems administrator to fix that.

    If you use a webmail service, ensure that you only access it using HTTPS rather than HTTP. Hushmail.com is a webmail service provider that always uses HTTPS, and also offers some end-to-end encryption facilities (though they are not immune to warrants).

    Many webmail service providers only use HTTPS for the login page, and then revert to HTTP. This isn’t secure. Look for an account configuration option (or a browser plugin) to ensure that your webmail account always uses HTTPS. In Gmail, for instance, you can find this option in the “general” tab of the settings page:

    If you can’t find a way to ensure that you only see your webmail through https, switch to a different web mail provider.

    Data Stored on Second- and Third-Party Machines

    There are two main reasons why your emails will be stored on computers controlled by third parties.

    Storage by your Service Provider

    If you don’t run your own mail server, then there is a third party who obtains (and may store) copies of all of your emails. This would commonly be an ISP, an employer, or a webmail provider. Copies of messages will also be scattered across computers controlled by the ISPs, employers and webmail hosts of those you correspond with.

    Make sure your email software is configured so that it deletes messages off of your ISP’s mail server after it downloads them. This is the most common arrangement if you’re using POP to fetch your email, but it is common for people to use IMAP or webmail to leave copies of messages on the server.

    If you use webmail or IMAP, make sure you delete messages immediately after you read them. Keep in mind that with major webmail services, it may be a long time – maybe a matter of months – before the message is really deleted, regardless of whether you still have access to it or not. With smaller IMAP or webmail servers, it is possible that forensically accessible copies of messages could be subpoenaed years after the user deleted them.

    The content of PGP/GnuPG encrypted emails will not be accessible through these third parties, although the email headers (such as the To: and Subject: lines) will be.

    Running your own mail server with an encrypted drive, or using end-to-end encryption for sensitive communications, are the best ways of mitigating these risks.

    Storage by Those You Correspond With

    Most people and organizations save all of the email they send and receive. Therefore, almost every email you send and receive will be stored in at least one other place, regardless of the practices and procedures you follow. In addition to the personal machine of the person you sent/received the message to/from, copies might be made on their ISP or firm’s mail or backup servers. You should take these copies into consideration, and if the threat model you have for sensitive communications includes an adversary that might gain access to those copies, then you should either use PGP to encrypt those messages, or send them by some means other than email. Be aware that even if you use PGP, those you communicate with could be subject to subpoenas or requests from law enforcement to decrypt your correspondence.

    End-to-End Email Encryption

    Email encryption is a topic that could fill a book, and has: see Bruce Schneier’s book Email Security: How to Keep Your Electronic Messages Private. While this book is somewhat out of date (it refers to old versions of software), the concepts it introduces are essential.

    Instant Messaging (IM)

    Instant messaging is a convenient way to communicate with people online. In privacy terms, it’s a bit better and easier to secure than email but in some situations a telephone call will offer you better privacy.

    Instant messaging software creates data stored on your computer (logs of your communications), transmits communications over the network (the messages traveling back and forth), and leaves communications stored on other computers (logs kept by the people you talk to, and sometimes logs kept by the IM provider).

    If you use IM without taking special precautions, you can assume that all of these records will be available to adversaries. The easiest way for an adversary to obtain the contents of your communications is from you, your correspondent, or your service provider, if any of those parties logs (stores) the messages. The more difficult way is to intercept the messages as they travel over the network.

    Encrypt Your Instant Messaging Conversations as They Travel

    To protect messages from interception as they travel over the network, you need to use encryption. Fortunately, there is an excellent instant messaging encryption system called OTR (Off The Record). Confusingly, Google has a different instant messaging privacy feature which is also called “Off The Record”. To disambiguate them, this page will talk bout “OTR encryption” and “Google OTR”. It’s actually possible to be using them both at the same time.

    If you and the person you are talking to both use OTR encryption, you have excellent protection for communications on the network, and you will prevent your IM provider from storing the content of your communications (though they may still keep records of who you talk to).

    The easiest way to use OTR encryption is to use Pidgin or Adium for your IMs (Pidgin is a program that will talk to your friends over the MSN, Yahoo!, Google, Jabber, and AIM networks; Adium is a similar program specifically for Mac OS X). If you’re using Pidgin, install the the OTR encryption plugin for that client. Adium comes with OTR built in.

    With OTR encryption installed, you still need to do a few things for network privacy:

    1. Read and understand OTR encryptions’s information.
    2. Make sure the people you are talking to also use OTR encryption, and make sure it’s active. (In Pidgin, check for OTR:private or OTR:unverfied in the bottom right corner.)
    3. Follow OTR encryption’s instructions to “Confirm” any person you need to have sensitive conversations with. This reduces the risk of an interloper (including the government with a warrant) being able to trick you into talking to them instead of the person you meant to talk to. Recent versions of OTR encryption allow you to do this just by agreeing on a shared secret word that you both have to type (“what was the name of the friend who introduced us?”). Older versions required that both users check that their client reported the right fingerprint for the other client.

    Configure Your IM Client to use SSL/TLS

    This step is complementary to using OTR encryption. It will prevent someone watching the network from seeing who you are chatting to, and will offer partial protection of your chats even if the other party isn’t using OTR.

    If you are using Pidgin, you can ensure SSL is enabled by going to Manage Accounts, selecting Modify for an account, selecting the Advanced tab, and ticking Require SSL/TLS.

    Understand and Control IM Logging on Your Machine

    To protect the privacy of your IM conversations, you will need to decide what to do about logs kept on your computer. You have three choices:

    • Configure your IM client to not keep logs
    • Encrypt your hard disk
    • Accept the risk that anyone who has access to your computer can read your old messages

    If at some point you decide to configure your IM client not to keep logs, you may want to go back and delete previous logs using Secure Deletion software.

    Be Aware of Logging on Others’ Machines

    As noted above, using OTR encryption will ensure that your IM service provider should be unable to log the contents of your communications. They will, however, be in a position to record who you talk to, and possibly record the timing and length of the messages you exchange.

    OTR encryption does not stop the people you are talking to from logging your conversations. Unless you trust that they have disabled logging in their client or that they encrypt their hard disk and will not turn over its contents, you should assume that an adversary could obtain records of your conversations from the other party, either voluntarily or through subpoena or search.

    Google OTR

    Google OTR is a feature of the Google instant messaging service that allows you to request that neither Google nor the people your talk to should be able to log your conversations. Unfortunately, there is no plausible enforcement mechanism for this feature. The people you talk to could be using a different IM client (like Pidgin or Adium) that can log regardless of whether Google OTR is enabled — or they could take screenshots of your conversations. Your client might be able to tell you whether they are using a client that follows the OTR rules (such as Gmail or Gchat), but that won’t tell you whether they are taking screenshots. The bottom line is that Google OTR is nice in theory but insecure in practice. Turn it on, but don’t expect it to work if the other party uses a non-Google client or actively wants to record the converstion.


    Wireless networking is now a ubiquitous means of connecting computers to each other and to the Internet. The primary privacy concern with Wi-Fi is the interception of the communications you send over the air. In some cases, wireless routers might also store a small amount of information about your computer, such as its name and the unique number assigned to its networking card (MAC address).

    Wireless networks are particularly vulnerable to eavesdropping — in the end, “wireless” just means “broadcasting your messages over the radio,” and anyone can intercept your wireless signal unless you use encryption. Listening in on unencrypted Wi-Fi communications is easy: almost any computer can do it with simple packet-sniffing software. Special expertise or equipment isn’t necessary.

    Even worse, the legal protections for unencrypted wireless communications are unclear. Law enforcement may be able to argue that it does not need a wiretap order to intercept unencrypted wi-fi communications because there is an exception to the rules requiring such orders when the messages that are being intercepted are “readily accessible to the public.” Basically, any communication over the radio spectrum that isn’t transmitted by your phone company and isn’t scrambled or encrypted poses a privacy risk.

    Encrypting a Wireless Network

    If you want to protect your wireless communications from the government or anyone else, you must use encryption! Almost all wireless Internet access points come with WEP (Wired Equivalent Privacy) or WPA (Wi-Fi Protected Access) encryption software installed to encrypt the messages between your computer and the access point, but you have to read the manual and figure out how to use it. WEP is not great encryption (and we recommend strong, end-to-end encryption for sensitive communications regardless of the transmission medium), and practiced hackers can defeat it very quickly, but it’s worth the trouble to ensure that your communications will be entitled to the legal protections of the Wiretap Act. WPA is much stronger than WEP, but it still only covers the first step your packets will take across the Internet.

    When Using Open Wi-Fi

    If you’re using someone else’s “open” — unencrypted — wireless access point, like the one at the coffee shop, you will have to take care of your own encryption using the tools and methods described in other sections. Toris especially useful for protecting your wireless transmissions. If you don’t use Tor, and even if you do, you should also always use application-level encryption over open wireless, so no one can sniff your passwords.

    Because of the threat of password sniffing, it is crucially important that you do not use the same password for all your accounts! For example, http://www.nytimes.com/ requires a username and password to log in, but the site does not use encryption. However, web sites for banks, like https://www.wellsfargo.com/, always use encryption due to the sensitive nature of the transactions people make with banks. If you use the same passwords for the two sites, an eavesdropper could see your unencrypted password traveling to the newspaper site, and guess that you were using the same password for your bank account.


    Tor is another encryption tool that can help you protect the confidentiality of your communications. Tor is a free, relatively easy to use tool primarily designed to protect your anonymity on-line. But it also has the side benefit of encrypting your communications for some of their journey across the Internet.

    How Tor Works

    Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and many other applications. The information you transmit is safer when you use Tor, because communications are bounced around a distributed network of servers, called onion routers. This provides anonymity, since the computer you’re communicating with will never see your IP address — only the IP address of the last Tor router that your communications travelled through.

    Tor helps to defend against traffic analysis by encrypting your communications multiple times and then routing them through a randomly selected set of intermediaries. Thus, unless an eavesdropper can observe all traffic to and from both parties, it will be very hard to determine your IP address. The idea is similar to using a twisty, hard-to-follow route in order to throw off somebody who is tailing you, and then periodically erasing your footprints.

    To create a private network pathway with Tor, Alice’s Tor client first queries a global directory to discover where on the Internet all the Tor servers are. Then it incrementally builds a circuit of encrypted connections through servers on the network. The circuit is extended one hop at a time, and each server along the way knows only which server gave it data and which server it is giving data to. No individual server ever knows the complete path that a data packet has taken. The Tor software on your machine negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can’t trace these connections as they pass through.

    Due to the way Alice’s Tor client encrypted her data, each node in the circuit can only know the IP addresses of the nodes immediately adjacent to it. For example, the first Tor server in the circuit knows that Alice’s Tor client sent it some data, and that it should pass that data on to the second Tor server. Similarly, Bob knows only that it received data from the last Tor server in the circuit — Bob has no knowledge of the true Alice.

    For efficiency, the Tor software uses the same circuit for connections that happen within the same ten-minute period. Later requests are given a new circuit, to keep people from linking your earlier actions to the new ones.

    Tor’s primary purpose is to frustrate traffic analysis, but as a by-product of how it works, Tor’s encryption provides strong protection for the confidentiality of the content of messages as well. If an eavesdropper wiretaps Alice’s network link, all she’ll see is encrypted traffic between Alice and her first Tor server — a great feature. If the eavesdropper wiretaps Bob’s network link, she can see the unencrypted content Alice sent to Bob — but it may be very hard indeed for her to link the content to Alice!

    You can learn about Tor, find easy installation instructions, and download the software at http://www.torproject.org. There you will also find instructions on how to easily “Torify” all kinds of different applications, including web browsers and instant messaging clients.

    What Tor Won’t Defend You Against

    Tor won’t defend you against Malware. If your adversary can run programs on your computer, it’s likely that they can see where you are and what you’re doing with Tor.

    If you’ve installed Tor on your computer but are using applications that don’t understand how to use it, or aren’t set up to use it, you won’t receive protection while using those applications.

    Tor may not defend you against extremely resourceful and determined opponents. Tor is believed to work quite well at defeating surveillance from one or a handful of locations, such as surveillance by someone on your wireless network or surveillance by your ISP. But it may not work if someone can surveil a great many places around the Internet and look for patterns across them.

    If you aren’t using encryption with the actual servers you’re communicating with (for instance, if you’re using HTTP rather than HTTPS), the operator of an “exit node” (the last Tor node in your path) could read all your communications, just the way your own ISP can if you don’t use Tor. Since Tor chooses your path through the Tor network randomly, targeted attacks may still be difficult, but researchers have demonstrated that a malicious Tor exit node operator can capture a large amount of sensitive unencrypted traffic. Tor node operators are volunteers and there is no technical guarantee that individual exit node operators won’t spy on users; anyone can set up a Tor exit node.

    These and related issues are discussed in more detail at here.


    Malware is a catch-all term referring to software that runs on a computer and operates against the interests of the computer’s owner. Computer viruseswormstrojan horses“spyware”rootkits and key loggers are often cited as subcategories of malware. Note that some programs may belong to more than one of those categories.

    How Does Malware Get Onto a Computer?

    Some malware is spread by exploiting vulnerabilities in operating systems or application software. These vulnerabilities are design or programming errors in software that can allow a clever programmer to trick the defective software into giving someone else control. Unfortunately, such vulnerabilities have been found in a wide variety of mainstream software, and more are detected all the time — both by those trying to fix the vulnerabilities and by those trying to exploit them.

    Another common vector by which malware spreads is to trick the computer user into running a software program that does something the user wouldn’t have wanted. Tricking the user is a pretty powerful way to take over a computer, because the attacker doesn’t have to depend on finding a serious weakness in mainstream software. It is especially difficult to be sure that computers shared by several users, or a computer in a public place such as a library or Internet café, are not compromised. If a single user is tricked into running a malware installer, every subsequent user, no matter how cautious, could be at risk. Malware written by sophisticated programmers generally leaves no immediately visible signs of its presence.

    What is Malware Capable of?

    Malware is extremely bad news from a security and privacy perspective. Malware may be capable of stealing account details and passwords, reading the documents on a computer (including encrypted documents, if the user has typed in the password), defeating attempts to access the Internet anonymously, taking screenshots of your desktop, and hiding itself from other programs. Malware is even capable of using your computer’s microphone, webcam, or other peripherals against you.

    The chief limitation in malware’s capability is that the author needs to (1) have anticipated the need for the malware to do something, (2) spent a substantial amount of effort programming the malicious feature, testing that it works and is robust on numerous different versions of an operating system, and (3) be free of legal or other restrictions preventing the implementation of the feature.

    Unfortunately, a black market has appeared in recent years that sells malware customized for various purposes. This has reduced the obstacles listed in category (2) above.

    The most alarming feature of malware is that, once installed, it can potentially nullify the benefits of other security precautions. For example, malware can be used to bypass the protections of encryption software even if this software is otherwise used properly. On the other hand, the majority of malware is mainly designed to do other things, like popping up advertisements or hijacking a computer to send spam.

    Is Malware Infection Likely?

    Nobody knows how many computers are infected with malware, but informed estimates range from 40% to almost 90% of computers running Windows operating systems. Infection rates are lower for MacOS and Linux systems, but this is not necessarily because Windows is an easier target. Indeed, recent versions of Windows are much improved in security. Rather, more malware authors target Windows machines because an effective attack will give them control of more computers.

    The risk that any given computer is infected with malware is therefore quite high unless skilled computer security specialists are putting a substantial amount of effort into securing the system. With time, any machine on which security updates are not installed promptly is virtually guaranteed to become infected. It is however overwhelmingly likely that the malware in question will be working on obtaining credit card numbers, obtaining eBay account passwords, obtaining online banking passwords, sending spam, or launching denial of service attacks, rather than spying on specific individuals or organizations.

    Infection by malware run by U.S. law enforcement or other governmental agencies is also possible, though vastly less likely. There have been a handful of cases in which it is known that warrants were obtained to install malware to identify a suspect or record their communications (see the section on CIPAV below). It is unlikely that U.S. government agencies would use malware except as part of significant and expensive investigations.

    How Can You Reduce the Risk of Malware Infection?

    Currently, running a minority operating system significantly diminishes the risk of infection because fewer malware applications have been targeted at these platforms. (The overwhelming majority of existing malware targets only a single particular operating system.)

    Vulnerabilities due to software defects are difficult to mitigate. Installing software updates promptly and regularly can ensure that at least known defects are repaired.

    Not installing (or running) any software of unknown provenance is an important precaution to avoid being tricked into installing malware. This includes, for example, software applications advertised by banner ads or pop-ups, or distributed by e-mail (even if disguised as something other than a computer program). Recent operating systems attempt to warn users about running software from an unknown source; these security warnings serve an important purpose and should not be casually ignored. Strictly limiting the number of users of a computer containing sensitive information can also be helpful. Notably, some malware targets children, including malicious code along with downloadable video games. (Of course, computer users of any age can be tricked into installing malware!)

    On Windows, regularly running antivirus and antispyware software can remove a large proportion of common malware. However, this software is not effective against all malware, and must be regularly updated. Since anti-malware software is created by researching malware discovered “in the wild,” it’s also probably ineffective against uncommon, specially-targeted malware applications that aim to infect only a few specific computers rather than a large population on the Internet.

    CIPAV: An Example of Malware Use for Law Enforcement

    CIPAV is an FBI acronym which stands for Computer and Internet Protocol Address Verifier. CIPAVs are a type of malware intended to identify people who are hiding their identity using proxy servers, bot nets, compromised computers or anonymity networks like Tor. A small amount is known about them as a result of published documents from cases in which they were used. CIPAVs may include use of browser exploits to run software on a computer regardless of how many steps of indirection are present between the attacking server and the user.

    Malware Risk Assessment

    Ubiquitous malware poses a threat to all computer users. The seriousness of the threat varies greatly. For some users, it is sufficient to install operating system updates regularly and utilize caution in running software found on the web. For organizations that face a high risk of being specifically targetted by a malware author, it is advisable to find computer security experts to defend their computers — or better yet, to simply avoid using networked computers for their most sensitive activities.

    Mobile Devices

    This article discusses privacy implications of cell phones and other devices that communicate with large scale wireless voice and data networks.

    This page doesn’t discuss Wi-Fi. If you have a mobile device that uses Wi-Fi but not GSM, CDMA 2000, or any of the other cellular networks, you should follow the same steps that you would for a laptop with Wi-Fi. If you have a cell phone that also connects to Wi-Fi networks, you should read the Wi-Fi article as well as the material below.

    Problems with Cellular Device Privacy

    Cell phones pose several privacy problems.

    No Anonymity. Every cell phone has several unique identifying numbers. For a GSM phone these include the IMEI number for the handset itself and the IMSI in the SIM card. Unless you have purchased your handset and account anonymously, these will be linked to your real identity. Even if you have an anonymous handset and account, the typical use pattern of a phone is almost always enough to link it to your identity.

    Location tracking. Cell phones communicate with transmission towers. The strength of the signal received by these towers from a phone is a measure of distance, and this allows the phone network to know where its users are. Many if not all networks log approximate location on a regular basis. These records may be subject to subpoena. If your adversary is law enforcement and has probable cause for a warrant, they could receive continuous triangulation location surveillance data from the network.

    Easy interception. Cell phone communications are sent through the air like communications from a walkie-talkie, and encryption is usually inadequate or absent. Although there are substantial legal protections for the privacy of cell phone calls, it’s technologically straightforward to intercept cell phone calls on many cell networks without the cooperation of the carrier, and the technology to do this is only getting cheaper. Such interception without legal process could be a serious violation of privacy laws, but would be immensely difficult to detect. U.S. and foreign intelligence agencies have the technical capacity to intercept unencrypted and weakly encrypted cell phone calls on a routine basis.

    Lack of user control. Cell phones tend to run proprietary operating systems, and the operating systems on different devices tend to be different from each other. This means for instance that on most cell phones:

    • it’s impossible to guarantee that the phone is using secure encryption for its transmissions, or determine whether it’s using encryption at all
    • it’s very difficult for the user to gain access to and control over the data recorded by the phone’s operating system

    However, because cell phones do not create stored records of the contents of your communications, telephonic communication has certain privacy advantages over other modes of communication, like Emailinstant messaging or text messaging which do create such records.

    Data Stored by Your Phone

    Your phone will store the contents of the text messages you send and receive, the times and numbers of the calls you make and receive, and possibly other information such as location-related data. Secure Deletion of this data poses a challenge. On most mobile devices your best strategy is to manually delete these records using the phone’s user interface, and then hope that new records will overwrite them. If you have deleted all your text messages and calls, and waited long enough for the phone’s memory to fill, there is a chance that later forensic investigation would not find the original data.

    There are a couple of drive encryption programs available for devices that run the Windows Mobile operating system. Proprietary drive encryption that has not been audited by the computer security community should always be treated with caution; it is probably better than no protection at all, although even that is not guaranteed.

    We are hopeful that the arrival of open Linux-based phones (notably OpenMoko and those using the Google Android code) will offer users better control over stored data in the future.

    The undeleted data could be accessible to anyone who takes physical possession of the phone, including thieves or an arresting officer.

    Transmitted Data

    The control data and actual voice conversations sent by cellular devices may be encrypted using various standard encryption protocols. There is no guarantee that this will occur — phones do not usually offer users a way to refuse to operate in unencrypted mode, and many don’t indicate whether they are using encryption. As a result, it is largely up to the network operator to decide if its users will receive any cryptographic defence against eavesdropping.

    Carrier-provided encryption can be good protection against eavesdropping by third parties. However, if it is the carrier that wants to listen in, or the government with a warrant ordering the carrier to allow wiretapping access to your calls, then that encryption will not protect you because the carrier has the means to decrypt.

    Even if your cell phone is communicating in an encrypted fashion, it turns out that most of the standard cryptography used in cell networks has been broken. This means that an adversary that is motivated and able to intercept radio communications and crypt analyse them will be able to listen to your phone calls.

    It would be technologically possible to use strong end-to-end encryption with voice calls, but this technology is not yet widely available. The German company GMSK has begun selling a GSM-based “Cryptophone”; as with computer encryption, both users would need to be using the technology in order to make it work. Some third parties have produced software to encrypt SMS text messages; here, again, both the sender and recipient of a message would need to use compatible software.

    Data Stored by Other Parties

    A great deal of data pertaining to your use of your phone will be stored by the telephone company or companies that are providing you with service. A more diffuse set of records will also be stored by the phones of the people you communicate with.

    Expect your telephone company to keep a record of: who you talk to and when; who you exchange messages with and when; what data you send and receive using wireless data services; information revealing your physical location at any time when your phone is on; and whether your phone is on or off.

    The text messages exchanged by your phone — as well as summary information for the calls you sent and receive from other cell phones — are likely to be stored by those other cell phones. As anyone who follows celebrity gossip should know, the people you are communicating with can disclose the contents of your communications. Other adversaries may use subpoenas or other legal process to obtain text messages or call information.

    Malware for Phones

    If you face a determined adversary such as federal law enforcement with a warrant, assume that your phone could be reprogrammed with malware to assist in their investigations; there are reports of the FBI doing this.

    Under these extreme circumstances, it is possible for your phone to be turned into a remote bugging device. It is possible for a phone to remain on even when you press the “off” button, but not if you remove the battery.

    If you have a pair of speakers that crackle when your phone is nearby, you can check that the phone is actually off / not transmitting continuously by placing it near those speakers.

    Secure Deletion

    Secure deletion involves the use of special software to ensure that when you delete a file, there really is no way to get it back again.

    When you “delete” a file — for instance, by putting the file in your computer’s trash folder and emptying the trash — you may think you’ve deleted that file. But you really haven’t. Instead, the computer has just made the file invisible to the user, and marked the part of the disk drive that it is stored on as “empty,” meaning that it can be overwritten with new data. But it may be weeks, months, or even years before that data is overwritten, and the computer forensics experts can often even retrieve data that has been overwritten by newer files. Indeed, computers normally don’t “delete” data; they just allow it to be overwritten over time, and overwritten again.

    The best way to keep those “deleted” files hidden, then, is to make sure they get overwritten immediately. Your operating system probably already includes software that can do this for you, and overwrite all of the “empty” space on your disk with gibberish (optionally multiple times), and thereby protect the confidentiality of deleted data. Examples include GNU Shred (Linux), Secure Delete (Mac OS X), and cipher.exe (Windows XP Pro and later).

    Windows Secure Deletion

    Without Installing New Software: Use Cipher.exe

    Update: Cipher.exe is no longer recommendedWe previously discussed using a program called Cipher.exe to clear free space on Windows systems, without having to install any new software on the machine. However, people have written in to inform us about a grievous design flaw in Cipher.exe that could cause unintended deletion of entire drives of data.

    We recommend using Eraser instead.

    A Better Option: Install Eraser

    Eraser is a free/open source secure deletion tool for Windows, and is much more sophisticated than the built in cipher.exe. It can be used to quickly and easily target individual files for secure deletion, or to implement periodic secure deletion policies. You can get a copy of Eraser here and some tips on how to use it here.

    Secure Deletion on Mac OS X

    Secure Deletion of Individual Files

    On OS X 10.4 an above, you can securely delete files by moving them to the Trash, and then selecting Finder > Secure Empty Trash.

    Ensuring Previously Deleted Data Cannot be Recovered

    Apple’s advice on preventing forensic undeletion on Mac OS X is as follows:

    To prevent the recovery of files you deleted previously, open Disk Utility (in Applications/Utilities), choose Help > Disk Utility Help, and search for help on erasing free disk space.

    Secure Deletion on *nix Operating Systems

    Secure Deletion of Individual Files

    Linux, FreeBSD and many other UNIX systems have a command line tool called shred installed on them. Shred works quite differently to the Windows cipher.exe program; rather than trying to prevent previously deleted files from being recoverable, it singles out specified files and repeatedly overwrites them and their names with random data.

    If you are comfortable using a terminal or command line, secure deletion of files with shred is simple. Just run the following command:

    shred -u

    Ensuring Previously Deleted Data Cannot be Recovered

    Unfortunately we are not aware of any standard Linux/UNIX tools for overwriting previously deleted files to prevent undeletion.

    A hack solution that may work is to write zeroes or random data to a file on the drive until it fills up all of the available space, then delete it. Unfortunately, this will fill up the filesystem and may therefore make the system unstable while it is in progress. Caveat emptor.

    On Linux systems, you could try to achieve this by running the following command as root:

    dd if=/dev/zero of=/directory/junkfile ; rm /directory/junkfile

    Replace /directory/ with a directory that is within the mounted partition within which you wish to ensure that forensic undeletion is impossible. The dd command will take a long time to run and will finish with an error saying the disk is full; the rm will then delete the huge file full of random junk.

    Replacing /dev/zero with /dev/urandom uses random data instead of zeroes; that will result in slightly more secure erasure, but can take much longer.

    A Warning About the Limitations of Secure Deletion Tools

    Even if you follow the advice above, there is a chance that certain traces of deleted files may persist on your computer, not because the files themselves haven’t been properly deleted, but because some part of the operating system or some other program keeps a deliberate record of them.

    There are many ways in which this could occur, but two examples should suffice to convey the possibility. On Windows, a copy of Microsoft Office may retain a reference to the name of a file in the “Recent Documents” menu, even if the file has been deleted (office might sometimes even keep temporary files containing the contents of the file). On a Linux or other *nix system, a user’s shell history file may contain commands that include the file’s name, even though the file has been securely deleted. And OpenOffice may keep as many records as Microsoft Office. In practice, there may be dozens of programs that behave like this.

    It’s hard to know how to respond to this problem. It is safe to assume that even if a file has been securely deleted, its name will probably continue to exist for some time on your computer. Overwriting the entire disk is the only way to be 100% sure the name is gone. Some of you may be wondering, “Could I search the raw data on the disk to see if there are any copies of the data anywhere?” The answer is yes and no. Searching the disk (eg by using a command like grep -ab /dev/ on Linux) will tell you if the data is present in plain text, but it won’t tell you if some program has compressed or otherwise coded references to it. Also be careful that the search itself does not leave a record! The probability that the file’s contents may persist is lower, but not impossible. Overwriting the entire disk and installing fresh operating system is the only way to be 100% certain that