Category Archives: Privacy

Wrong Way to Punish the FBI?

Posted on by
Reply

The Wall Street Journal‘s editors are concerned that doing away with FISA’s Section 702 would be the wrong way to punish the FBI.

I agree. But the editors are missing the point. They too narrowly justify 702 with this:

Congress created Section 702 after 9/11 to address intelligence-gathering gaps. It lets the government collect information without a warrant on non-US citizens living abroad.

That’s a worthy purpose; although the realization has demonstrated the difficulty of using the capability to good effect, and without abusing it. Or the impossibility of that with the current regime. The FBI has demonstrated that, as an institution, it cannot be trusted with 702 output, and the FISA Court has empirically demonstrated that cannot be trusted, either—not after squawking about FBI lies in the latter’s filings and then proceeding to accept unquestioningly further FBI blandishments and warrant applications.

Answering those deficiencies, though, is a separate matter from applying the appropriate responses to the FBI’s misbehaviors and the FISA Court’s yapping about those misbehaviors.

The FBI is irretrievably broken—its lies to a court are only part of the institution’s failures; its stonewalling of Congress under the risible rationalization that its internal procedure policies are superior to Congress’ constitutionally mandated oversight obligations are another—and it needs to be erased from our government altogether. That, not dealing with 702, is the correct response to the FBI’s institutional dishonesty.

The correct FISA-related action is to make the FISA Court a public proceeding court or itself eliminated as well. That’s not punishing anybody; that’s simply getting rid of the stain of a secretive Star Chamber and forcing “court” activities out into the sunlight, or bringing the warrant application/granting process back into a proper Article III court. Those courts, after all, are fully checked out on the process of keeping warrants sealed until execution.

A Valid Beef, But….

Posted on by
Reply

It seems the FBI—in its ongoing rogue-ness as a Federal government institution—obtained individual bank records of individuals about whom they had some curiosity without the nicety of the legally required court orders.

Legal experts are criticizing the FBI for allegedly obtaining the financial records of US customers with Bank of America “without any legal process” following the January 6, 2021, Capitol riot.

And

The allegations about subpoena-less bank-records gathering were included in a staff report from the full, GOP-led House Judiciary Committee that was released about an hour ahead of Thursday’s hearing.

From that report:

Just like FBI whistleblowers…retired FBI Supervisory Intelligence Analyst George Hill provided the Committee with detailed allegations of FBI civil liberties abuses. Specifically, he testified that following the events at the Capitol on January 6, 2021, Bank of America (BoA) gave the FBI’s Washington Field Office a list of individuals who had made transactions in the DC, Maryland, Virginia area with a BoA credit or debit card between January 5 and January 7, 2021.
He also testified that individuals who had previously purchased a firearm with a BoA product were elevated to the top of the list provided by BoA.

All of that is entirely valid, but beyond that is Bank of America’s behavior. Where’s the hue and cry over that bank so willingly giving up its customers’ personal records? Why did that bank’s managers choose to not demand the subpoena that is so clearly required before any bank gives to Government—or to anyone or anything—those personal data?

Alan Dershowitz, Harvard University Professor Emeritus in law:

Banks should not be turning records, private records over, the next thing doctors will be turning over private records and priests and rabbis. You just can’t start violating people’s privacy without a court order.

You bet. And Bank of America needs to be held to account, suitably sanctioned, and required to make serious financial restitution to those of its customers its managers chose to victimize. And those managers should be fired for cause and required to misbehave on some other company’s payroll.

Lose Your iPhone…

Posted on by
Reply

…and lose your data, along with access to your financials. For instance,

thieves who stole [one man’s] iPhone 14 Pro at a bar in Chicago wanted to drain cash from his bank account and prevent him from remotely tracking down the stolen phone. They used his passcode to change [his] Apple ID password. They also enabled a hard-to-find Apple security setting known as the “recovery key.” In doing so, they placed an impenetrable lock on his account.

The thieves got his passcode by shoulder-surfing and watching him tap in his passcode before they stole his phone. And Apple can’t help him: without the recovery key, there’s nothing they can do. In addition to the money stolen, the man has lost the only copies of eight years of photos of his young daughters, which he was storing exclusively on his cell phone.

And this example:

After [a man’s] iPhone 13 Pro was stolen from a Boston bar in August, [he] said he spent hours on the phone with Apple customer support trying to regain access to over a decade of data.

Again, Apple was helpless to help without that now thief-altered recovery key.

The recovery key business is specific to Apple’s iPhones, and it’s irrelevant to my questions here. My questions apply to Android phones and other kinds of cell phones just as much.

My first question is this: when the cell phone owner was in any sort of public place—bar, office, park, etc, what was that cell phone doing anywhere but in the owner’s hot little hand or in an interior pocket? Leaving the cell phone out on a counter or a bar or a park bench, even if the owner is right there, is the same as taping a “Free for the Taking” sign on the phone.

My second question is this: convenience comes with a price, and these theft victims provide examples of the price to be paid for that convenience: the loss of those precious personal items, the loss of years of personally important data, or the loss of company or other business data and correspondence (whether text or email), the loss of the moneys in the various financial accounts to which the owner has given cell phone access, and on and on. Why are these data kept on cell phones at all? Why are they not, at the least, backed up on a separate device—a laptop, for instance, or the company’s desktop back at the office or in the home office?

There’s no excuse for the theft, but there’s no excuse, either, for the personal laziness that magnifies the outcome of the theft.

Data Protections

Posted on by
Reply

A couple of Letter writers in The Wall Street Journal‘s Letters section had concerns about a potential ban of People’s Republic of China-domiciled ByteDance’s TikTok.

I disagree with their concerns.

A TikTok ban isn’t the solution. It won’t protect our data privacy, it won’t protect children from the dangers of the internet, and it is a blatant violation of First Amendment rights.

No one is masquerading banning TikTok as the solution; that’s a strawman argument. Much more needs to be done to protect our data privacy and our children—and our intellectual and technology property—but banning TikTok is a useful step. Nor is banning it a violation of anyone’s 1st Amendment rights. No one’s speech would be barred, only a tool of the PRC would be barred.

TikTok can be an effective tool for fighting corruption within the government itself.

Not when it’s controlled by the PRC government.

…a communication tool that millions of Americans use….

Congratulations to this writer: he has successfully identified the breadth of the threat, just as TikTok’s CEO, Shou Zi Chew, (accidentally) did when he pointed out the 150 million American users of TikTok.

FISA Revamp

Posted on by
Reply

Congress may be moving to revamp the Foreign Intelligence Surveillance Act, which among other things, creates a secret Federal court that empirically allows the Federal government to spy on American citizens in the United States—one of whom was a representative of citizens of Illinois whom they had elected to Congress—without a warrant.

[Congressman Austin, R-GA] Scott said lawmakers on the committee want to address who in government can query the database, who can be targeted and who must sign off on such warrantless surveillance. He also suggested there is some support for adding lawyers to the secretive process to help defend the rights of Americans who are being surveilled without their knowledge.

The problem with those first three…suggestions…is that there already are limits on who can query, who can be targeted, and who must sign off, and each of those limits have been routinely violated by FBI and intelligence personnel. There’s no reason to believe that new limits won’t similarly be blithely ignored.

The problem with that last is even larger: the secret process still would be secret, the lawyers supposedly defending the targeted Americans’ rights would be secret, they would be appointed by the same government that has been abusing FISA surveillance powers right along, and there would be no way for us American citizens to assess the skill with which those “defense” lawyers defend, or even their level of zeal.

It’s promising that there is finally a recognition that the FISA process is flawed in some way.

However, what’s truly required is to abolish altogether the Star Chamber that is the secret FISA Court. Scott made the case for abolishment—although he didn’t intend that—when he told JtN that there was clear evidence that the law’s past safeguards have been breached by the FBI and intel agencies. Given that, there’s no reason to believe those FBI and intel agency personnel won’t “breach” any new safeguards, also.