The ISP/ECTR Workaround: The New Broadband Rules May Be Not So Much What They’ll Sell, But What They Give Away

/3 Comments/in , /by

Senator Ed Markey and seven of his colleagues (Franken, Blumenthal, Warren, Sanders, Wyden, Leahy, and Van Hollen) just sent letters to major ISP providers (AT&T, Comcast, Charter, Verizon, Sprint, T-Mobile, and CenturyLink, the latter of which I find most interesting for the purposes of this post) regarding what practices they’ll follow in the wake of Congressional Review Act overturning President Obama’s broadband privacy rules.

The letters focus on a lot of consumer right issues — such as whether customers will learn of any changes in a provider’s privacy policy, the ability to opt in or out, forced arbitration, data breach provisions, and de-identification. That’s all great stuff and I look forward to the answers Markey gets; the information will be as useful as the information he has obtained from wireless providers about information they keep.

But towards the end, the letters include what I’ll call “Wyden questions,” not because I know they came from him, but because they address issues about which he has long been obsessed. There’s one on location, reflecting a concern that providers might presume consent from customers, resulting in the sharing of their location data with third parties.

Under Section 222 of the Communications Act, carriers may not disclose subscriber location information without the “express prior authorization of the customer”.  Over each of the last three years, how many times did your company disclose to third parties individually identifiable customer location data or other Customer Proprietary Network Information with a customer’s express prior authorization?  Does your company obtain the consent from the subscriber directly?  If not, and the third party obtains the consent (or claims they do), do you request or retain a copy of documentation showing that the customer provided such consent?

More interesting still is the question asking whether providers would retain and provide — in response to a National Security Letter — “netflow” records.

Many ISPs retain so called “netflow” records, related to their customers’ internet usage. Do you retain netflow records for your customers’ web browsing activity? If so, for how long do you retain them? Will you disclose netflow records pursuant to a National Security Letter, or only court orders?

Remember, on several occasions last year, Republicans tried to change the rules of National Security Letters so as to permit the FBI to demand providers to turn over “electronic communications transactional records” (ECTRs) with just a National Security Letter. The FBI always asks for ECTRs on NSLs, but a number of providers started refusing to turn them over in the wake of a 2008 OLC decision stating they weren’t included under the law. And Republicans have been trying to force through language that would permit FBI to always obtain such things.

While the discussion about ECTRs started by focusing on email and then moved to URLs, the possibility that FBI had been and wanted to obtain netflow data had been made apparent by — among other things — Nick Merrill’s efforts to declassify the NSL he received in 2004. As he described in a 2015 declaration,

Electronic communication service providers can also record internet “NetFlow” data. This data consists of a set of packets that travel between two points. Routers can be set to automatically record a list of all the NetFlows that they see, or all the NetFlows to or from a specific IP ,address. This NetFlow data can essentially provide a complete history of each electronic communications service used by a particular Internet user.

So in effect, this question (whether or not it comes from Wyden) would reflect a concern that that would become available if these providers were willing to respond to FBI’s requests for ECTRs, and may remain widely available because of the change in the broadband rules. It also reminds me of Wyden’s neverending quest to liberate an OLC memo John Yoo wrote as part of Stellar Wind, but which purportedly pertains to cybersecurity.

In wake of the broadband rule change, AT&T, Verizon, and Comcast (but not, for example, CenturyLink) have assured customers they won’t change their practices and won’t be selling individual customers’ data.

But I’m not seeing any of the providers making assurances about what they’ll be giving away to the government.

Charles Cooper, Who Sanctioned Delayed Notification of Covert Ops to Congress, Reportedly to Be Solicitor General

/6 Comments/in , /by

Update: According to the Hill, Cooper has withdrawn from consideration.

Yesterday, SCOTUSblog reported that Charles Cooper is likely to be named Trump’s Solicitor General.

Cooper is a close friend of Sen. Jeff Sessions, the Alabama lawmaker whom Trump has nominated to serve as attorney general, and helped to prepare Sessions for his confirmation hearings. Like Sessions, Cooper could prove to be a controversial pick. In addition to his role defending California’s ban on same-sex marriage, Cooper also signed a brief on behalf of the federal government supporting Bob Jones University in its challenge to the constitutionality of an Internal Revenue Service policy denying tax exemptions to religious institutions that discriminate based on race. The university had argued that its ban on interracial dating was based on its sincere religious beliefs, but the Supreme Court upheld the IRS policy, by a vote of 8-1. And in 1986, as the head of the Office of Legal Counsel, Cooper signed an OLC opinion that argued that employers could reject job applicants with AIDS if they were concerned about contracting the disease.

I take this solace out of the fact that a soul mate to Jeff Sessions will be appointed to Solicitor General. In Cooper’s most public recent work, the Prop 8 case, Cooper got his ass handed to him by facts and law. If he were to argue as poorly for Trump’s policies, it might help the courts keep the President’s excesses under check.

That said, there are things I’m gravely concerned about, with regards to the Cooper pick. I’m trying to figure out whether he is the author of the OLC memo stating that a President can ignore his own Executive Orders, the original pixie dust opinion.

But he is definitely the author of this Iran-Contra related opinion, stating that the President can delay notification on covert ops to Congress.

Section 501(b) of the National Security Act of 1947 must be interpreted in the light of § 501 as a whole and in light of the President’s broad and independent constitutional authority to conduct foreign policy. The requirement that the President inform certain congressional committees “in a timely fashion” of a foreign intelligence operation as to which those committees were not given prior notice should be read to leave the President with discretion to postpone informing the committees until he determines that the success of the operation will not be jeopardized thereby. Because the recent contacts with elements of the Iranian government could reasonably have been thought to require the utmost secrecy, the President was justified in withholding § 501(b) notification during the ongoing effort to cultivate those individuals and seek their aid in promoting the interests of the United States.

Effectively, Cooper came in, after the fact, and said it was no big deal that Ronald Reagan didn’t tell Congress he was negotiating with a sworn enemy of the United States to get around funding restrictions they had put into place. The opinion has been used since to keep Congress in the dark about things it should know — including, ironically, some of Obama’s negotiations with Iran.

Hawks should be most concerned, however, that Trump would use this to free Mike Flynn to negotiate with Russia and Syria without notice to Congress. Me, I’d be more worried that it would be used (again) to hide a torture program from Congress.

In His Last Words Before Senate Armed Services, Clapper Warns against Congressional “Micromanagement”

/1 Comment/in /by

This morning, the Senate Armed Services Committee held a hearing today on foreign cyberthreats, which mostly (though not entirely) focused on the Russian hack of the DNC.

At the very end of the hearing, John McCain decided to let James Clapper — who will retire in 15 days (as he reminded several times during the hearing) — offer a few reflections on his service.

In response, Clapper acknowledged the important role Congress plays in overseeing the secret activities of the intelligence community. But he ended the statement by warning of the difference between “oversight” and “micromanagement.”

I was around in the intelligence community were first established and have watched them and experienced them ever since. Congress does have, clearly, a extremely important role to play when it comes to oversight of intelligence activities and unlike many other endeavors of the government, much of what we do — virtually all of what we do — is done in secrecy. So the Congress has a very important — a crucial responsibility — on behalf of the American people for overseeing what we do particularly in terms of legality and protection of civil liberties and privacy.

At risk of delving into a sensitive area though, I do think there is a difference between oversight and micromanagement.

This may well reflect his views. But at a time when Trump is threatening to rearrange the IC to retaliate against its reporting on the Russian DNC hack (not to mention for Clapper’s own firing of Trump National Security Advisor Michael Flynn), Clapper might have have been well-advised to avoid suggestion that Congress should not exercise its oversight role over Congress very vigorously.

Trump Raises the Axe over the Intelligence Community, Again

/7 Comments/in /by

The Intelligence Community is finishing its report on the intelligence regarding Russia’s influence in our elections. The report is expected to be delivered to President Obama tomorrow and briefed to President Elect Trump on Friday.

That’s the context for — and surely at least part of the explanation for — this WSJ story reporting that Trump plans to reorganize the intelligence community.

[A]dvisers also are working on a plan to restructure the Central Intelligence Agency, cutting back on staffing at its Virginia headquarters and pushing more people out into field posts around the world. The CIA declined to comment on the plan.

“The view from the Trump team is the intelligence world [is] becoming completely politicized,” said the individual, who is close to the Trump transition operation. “They all need to be slimmed down. The focus will be on restructuring the agencies and how they interact.”

[snip]

The Office of the Director of National Intelligence was established in 2004 in large part to boost coordination between intelligence agencies following the Sept. 11, 2001 terror attacks.

Many Republicans have proposed cutting the ODNI before, but this has proven hard to do in part because its mission centers are focused on core national security issues, such as counterterrorism, nuclear proliferation, and counterintelligence.

“The management and integration that DNI focuses on allows agencies like the CIA to better hone in on its own important work,” said Rep. Adam Schiff (D., Calif.), the ranking Democrat on the House Intelligence Committee, who believes dismantling the ODNI could lead to national security problems.

Mr. Trump’s advisers say he has long been skeptical of the CIA’s accuracy, and the president-elect often mentions faulty intelligence in 2002 and 2003 concerning Iraq’s weapons programs. But he has focused his skepticism of the agencies squarely on their Russia assessments, which has jarred analysts who are accustomed to more cohesion with the White House.

The report repeats earlier reporting — in part from some of the same WSJ reporters — that Trump planned this briefing. Back then, in mid-November, Trump was merely disdainful of the IC and much of the reorganization appeared to be a mix of vengeance on the part of Mike Flynn and, frankly, some reasonable ideas (things like splitting NSA and reversing some of the questionable changes John Brennan made). At the center of it all was a plan to make Admiral Mike Rogers Director of National Intelligence.

The day after that reporting, however, outlets reported that Ash Carter and James Clapper had been planning to fire Rogers, partly because the NSA had remained a leaky sieve under his tenure and partly because he had delayed cyber-bombing ISIS (perhaps to preserve intelligence collection). And that’s before it became public that the NSA hadn’t adopted four security measures recommended after the Snowden leaks.

After that, of course, Democrats and the CIA started leaking that Russia hacked the DNC with the purpose of electing Trump, which gave Trump the entrée to suggest this discussion is all politicized, which has escalated to this week. Trump seems to have orchestrated the Sean Hannity interview at which Julian Assange said what he has long said — that he didn’t get the DNC files from Russia.

Reuters is now reporting that after the election the IC determined that third parties had gotten the files from Russian entities to Wikileaks, which means Assange likely has no idea where the files came from.

But the timing of this story, sourced significantly to the Trump camp, seems to be a warning to those who will brief Trump on Friday. While Clapper and Brennan are on their way out (the fate of Comey and Rogers is still undecided), they certainly will want to protect their agencies.

Which should make for an interesting briefing Friday.

Donald Trump’s Intelligence Briefings and Ellsberg’s Limits of Knowledge

/23 Comments/in , /by

The spooks and their congressional mouthpieces have again leaked details about Donald Trump not accepting their briefings often enough.

 

President-elect Donald Trump is receiving an average of one presidential intelligence briefing a week, according to U.S. officials familiar with the matter, far fewer than most of his recent predecessors.

Although they are not required to, presidents-elect have in the past generally welcomed the opportunity to receive the President’s Daily Brief (PDB), the most highly classified and closely held document in the government, on a regular basis.

It was not immediately clear why Trump has decided not to receive the intelligence briefings available to President Barack Obama more frequently, or whether that has made any difference in his presidential preparations.

An official on the transition team said on Thursday that Trump has been receiving national security briefings, including “routine” PDBs and other special briefings, but declined to specify their content or frequency, saying these matters were classified.

Trump has asked for at least one briefing, and possibly more, from intelligence agencies on specific subjects, one of the officials said. The source declined to identify what subjects interested the president-elect, but said that so far they have not included Russia or Iran.

[snip]

(Corrects to say Iran, not France, in fifth paragraph)

Of course, all this is supposed to generate pressure on Trump to do more briefings. Which would have the effect of briefers getting their face time with Trump instead of the people that Trump is presumably learning about these topics from — Mike Flynn, as well as lobbyists like Bob Dole, who set up Trump’s call with Taiwan president Tsai Ing-wen.

The repeated effort to pressure Trump into accepting briefings from the spooks reminded me of an anecdote Dan Ellsberg has told about what he briefed Henry Kissinger when he first entered government. Ellsberg told Kissinger that being briefed into compartments would, at first, be intoxicating. It would later lead him to disdain anyone not privy to the most secret information. But ultimately, Ellsberg warned Kissinger, “You’ll become incapable of learning from most people in the world.”

“Henry, there’s something I would like to tell you, for what it’s worth, something I wish I had been told years ago. You’ve been a consultant for a long time, and you’ve dealt a great deal with top secret information. But you’re about to receive a whole slew of special clearances, maybe fifteen or twenty of them, that are higher than top secret.

“I’ve had a number of these myself, and I’ve known other people who have just acquired them, and I have a pretty good sense of what the effects of receiving these clearances are on a person who didn’t previously know they even existed. And the effects of reading the information that they will make available to you.

“First, you’ll be exhilarated by some of this new information, and by having it all — so much! incredible! — suddenly available to you. But second, almost as fast, you will feel like a fool for having studied, written, talked about these subjects, criticized and analyzed decisions made by presidents for years without having known of the existence of all this information, which presidents and others had and you didn’t, and which must have influenced their decisions in ways you couldn’t even guess. In particular, you’ll feel foolish for having literally rubbed shoulders for over a decade with some officials and consultants who did have access to all this information you didn’t know about and didn’t know they had, and you’ll be stunned that they kept that secret from you so well.

“You will feel like a fool, and that will last for about two weeks. Then, after you’ve started reading all this daily intelligence input and become used to using what amounts to whole libraries of hidden information, which is much more closely held than mere top secret data, you will forget there ever was a time when you didn’t have it, and you’ll be aware only of the fact that you have it now and most others don’t….and that all those other people are fools.

“Over a longer period of time — not too long, but a matter of two or three years — you’ll eventually become aware of the limitations of this information. There is a great deal that it doesn’t tell you, it’s often inaccurate, and it can lead you astray just as much as the New York Times can. But that takes a while to learn.

“In the meantime it will have become very hard for you to learn from anybody who doesn’t have these clearances. Because you’ll be thinking as you listen to them: ‘What would this man be telling me if he knew what I know? Would he be giving me the same advice, or would it totally change his predictions and recommendations?’ And that mental exercise is so torturous that after a while you give it up and just stop listening. I’ve seen this with my superiors, my colleagues….and with myself.

“You will deal with a person who doesn’t have those clearances only from the point of view of what you want him to believe and what impression you want him to go away with, since you’ll have to lie carefully to him about what you know. In effect, you will have to manipulate him. You’ll give up trying to assess what he has to say. The danger is, you’ll become something like a moron. You’ll become incapable of learning from most people in the world, no matter how much experience they may have in their particular areas that may be much greater than yours.”

I’m not actually saying that it’s a good thing that Trump is resisting the spooks, though I do think they use classification to set up precisely this kind of seeming monopoly on information. I do, however, wonder whether Trump has driven this choice, or whether his advisors have.

It seems there’s a fight for the brain of Trump, even while he seems to be preparing to delegate all this stuff to his advisors.

On Solidarity in the Face of Muslim Registry Plans

/4 Comments/in , /by

In this post, I suggest you might donate to CAIR. Please consider a donation for this work, as well

Yesterday, Carl Higbie pointed to the Supreme Court decision in Korematsu in claiming that President Trump could legally establish a registry of Muslims.

A spokesman for a major super PAC backing Donald Trump said Wednesday that the mass internment of Japanese Americans during World War II was a “precedent” for the president-elect’s plans to create a registry for immigrants from Muslim countries.

During an appearance on Megyn Kelly’s Fox News show, Carl Higbie said a registry proposal being discussed by Trump’s immigration advisers would be legal and would “hold constitutional muster.”

This came after Kris Kobach said Trump were considering a formal proposal for such a registry.

Higbie’s remarks came a day after a key member of Trump’s transition team, Kansas Secretary of State Kris Kobach, said Trump’s policy advisers were weighing whether to send him a formal proposal for a national registry of immigrants and visitors from Muslim countries.

Kobach, a possible candidate for attorney general, told Reuters that the team was considering a reinstatement of a similar program he helped design after the Sept. 11, 2001, terrorist attacks while serving in the Justice Department under President George W. Bush.

Kobach was talking about a rule actually imposed during the Bush administration requiring — among other things — that men from Muslim countries (and North Korea) register, practice that led to huge lines outside of immigration facilities during freezing cold weather to dutifully sign up.

Today, a lot of really well-meaning people have promised to also register on any such registry, which would have the intended effect of creating a group far too large to marginalize.

The underlying intent of those promising to sign up is great. But there are a couple of problems in theory.

First, note what the Reuters report cited above says about the registry.

Under NSEERS, people from countries deemed “higher risk” were required to undergo interrogations and fingerprinting on entering the United States. Some non-citizen male U.S. residents over the age of 16 from countries with active militant threats were required to register in person at government offices and periodically check in.

NSEERS was abandoned in 2011 after it was deemed redundant by the Department of Homeland Security and criticized by civil rights groups for unfairly targeting immigrants from Muslim- majority nations.

NSEERS was shut down in 2011 because DHS was already creating the list via other means. That is, the list tracking Muslim already exists. In notable form, it exists in the form of the No Fly and Terrorist Watch Lists. In addition, DHS tracks the movement of international travelers closer than ever. Customs and Border Protection currently collects more metadata from incoming non-citizens — including permanent residents — than INS did of registered men at its inception, and automated CBP kiosks collect some of what they used to collect for people on the registry from everyone, including US citizens.

While in its heyday, NSEERS served to provide suspicion free excuses to stop Muslim-appearing men, it’s not like authorities currently lack that (and I’d say that for Muslims, African Americans, or Latinos). And the rush to include social media registration at immigration will provide another way to prosecute people who inadvertently provide incomplete information at the border to be deported.

But there’s a far bigger hurdle to getting a large group of people to register in solidarity with any Muslim registry. Unless Trump and Kobach dramatically reverse from the perverse logic established under Bush and continued under Obama, these lists are designed to be arbitrary and secret. The current No Fly list includes children. At one point it included Ted Kennedy. Because they are secret, these lists been difficult to challenge them — and before the work of lawyers at ACLU and Center for Constitutional Rights and a few lonely others — impossible.

So long as DHS retains the ability to create such registries in secret, no one will have the affirmative ability to just volunteer to sign up. Maybe Kobach will change that — and undermine the bureaucratic efficacy of the current list. But I’m not yet convinced.

If you want to get yourself on a list of for expressing solidarity with Muslims, a good way to do that may be to donate to the Council on American-Islamic Relations. CAIR is like the ACLU of the Muslim world, one of they key defenders of Muslim civil rights. For that (and discredited allegations of ties to Hezbollah and Hamas) it has been targeted for both surveillance and denormalization (FBI issued guidance prohibiting outreach cooperation with it, for example). But they do absolutely critical work helping Muslims assert their civil rights. And a number of their state offices have already been targeted with hate speech or crimes since the election.

One final point: Just months ago, many Democrats were applauding banning people on the No Fly List from owning guns. I’d like to make gun ownership in this country safer, but using this arbitrary list to do so only encourages the expansion of such lists in the future.

If Richard Burr Jokes about Assassination in Secret, What Else Does He Joke about in Secret?

/7 Comments/in /by

A tracker caught Senate Intelligence Chair responding to a request for a picture with a guy with an NRA hat on by joking about “putting a bullseye” on Hillary Clinton at an event for volunteers this weekend (the quip is after 34:30).

Nothing made me feel any better than, uh, I walked into a gun shop I think yesterday in Oxford. And there was a copy of Rifleman on the, on the counter. It’s got a picture of Hillary Clinton on the front of it. I was a little bit shocked at that — it didn’t have a bullseye on it.

After the comments became public, Burr apologized for them.

Mind you, Burr has a history of making inappropriate jokes about violence, even about assassination, even in public. In 2013, Burr joked with Treasury Secretary Jack Lew that his relative Aaron Burr assassinated Treasury Secretaries. And in the same year, Burr joked with John Brennan that drinking four glasses of water

“I’ll be brief,” Burr told the nominee to lead the Central Intelligence Agency. “I see you’re on your fourth glass of water and I don’t want to be accused of waterboarding you.”

But this is different, because he laughed about violence from others against a public figure, rather than joking about his own hypothetical violence. And it did so in a fairly closed event.

Given that as SSCI Chair Burr spends so much time huddling in secret with the intelligence community, Burr’s persistent joking about assassination and related issues does raise questions about what else he jokes in his private sessions with spooks. That’s especially true given how far out of his way he has gone to protect CIA from any accountability for torture.

Burr is, to his credit, virtually alone among an recent Gang of Four members for actually keeping what he learns from briefings secret. That means that, unlike this meeting (hilariously, after 13:00 in the recording, Burr kicks out someone he believes to be a tracker, but the person recording the meeting remained inside recording), we would never learn about how funny Burr thinks assassination is when meeting with those who actually carry them out.

That sure makes him an inappropriate person to head oversight of the intelligence community.

Why Is DOD Paying Dataminr $13M for Data It Claims to Believe Twitter Won’t Deliver?

/4 Comments/in /by

Last week I did a post on John McCain’s promise, given in a Senate Armed Services Committee hearing, to “expose” Twitter for refusing to share you Tweets in bulk with intelligence agencies. Later in the hearing, Jeanne Shaheen returned to the issue of Twitter’s refusal to let Dataminr share data in bulk with the Intelligence Community. She asked Under Secretary for Intelligence Marcell Lettre what the committee needs to get more cooperation. Lettre responded by suggesting one-on-one conversations between Executive Branch officials and the private sector tends to work. Shaheen interrupted to ask whether such an approach had worked with Twitter. Lettre responded by stating, “the the best of my knowledge, Twitter’s position hasn’t changed on its level of cooperation with the US intelligence community.”

That’s interesting, because on August 26, 2016, DOD announced its intent to sole-source a $13.1 million one-year contract with Dataminr to provide alerting capability based off Twitter’s Firehose.

The Department of Defense (DoD), Washington Headquarters Services, Acquisition Directorate (WHS/AD), on behalf of the Office of the Under Secretary of Defense for Intelligence (OUSDI) intends to award a sole source contract pursuant to the requirements of 41 U.S.C. 3304(a)(1) Competition in Contracting Act of 1984 (CICA) as implemented by FAR Subpart 6.3, and IAW the requirements of FAR Subpart 6.303-1, Only One Responsible Source and No Other Supplies or Services will Satisfy Agency Requirements.

WHS/AD intends to issue this sole source contract to Dataminr, Inc located at 99 Madison Ave Floor 3, New York, NY 10016 (CAGE 6Q6Z6). The anticipated Period of Performance for 1500 license subscriptions are 12 months from the date of contract award. The estimated value of this procurement is approximately $13.1M.

This contract will address the requirements of OUSDI Technical Collection and Special Programs division. The award will be made for licenses, support, and maintenance which allows DoD to receive indication and warnings, situational awareness, and contextual analysis of social media data in order to provide actionable decision support in response to real-time information.

Salient Characteristics of the Data Analytics Software: The contractor shall deliver an alerting capability that, at a minimum, includes:

  • Alerting: Based on the algorithmic analysis of the complete Twitter Firehose, the Contractor shall deliver near-real time alerts on breaking developments relevant to military security.
  • Content: The Contractor’s platform shall generate data from the Twitter firehose. Alerts shall include from the original data source at least the text, embedded links, and associated metadata, to include the Tweet ID.

Perhaps the Under Secretary of Defense for Intelligence’s Technical Collection and Special Programs division doesn’t count as “intelligence community,” but it sure seems to qualify.

Or perhaps there are a number of loopholes in the policy that purports to keep Twitter customers’ data out of the hands of intelligence agencies.

What Happens When Visa Applicants Forget Their Old Social Media IDs?

/5 Comments/in /by

After being pushed into it by Congress, Customs and Border Protection has been going through the rule-making process on asking visa applicants for their social media IDs. The idea is root out people like Tashfeen Malik, the wife in the San Bernardino attack couple, who spoke in radicalized terms on private messaging areas of Facebook before she came to the country.

At first, the idea was just to ask for applicants to turn over social media sites voluntarily. But given the pressure CBP already uses, even with US citizens, it’s easy to see how that “voluntary” request can be made to seem obligatory in the pressure of a border encounter.

But as Access Now points out, at the same time as extending the comment period (presumably hoping to get enough scared people commenting to balance out those who find this problematic), CBP also altered the proposed form to make it obligatory. There’s one other problem with the form:

screen-shot-2016-09-21-at-8-34-42-am

The form requests “social media identifier,” not “identifiers.”

Now, I’ve long thought that the whole point of this wasn’t so much to find people engaged in radicalized discussions before the fact. Instead, it was about providing an excuse to deport people after they’ve been discovered, based off a claim they “lied” to CBP and thereby engaged in immigration fraud. Worse, they’ll probably dig up some social media account that someone made years earlier and forgot about it — could you remember every social media account you’ve ever set up?

Here, they’ve literally asked for one, singular, ID. Meaning someone could rightly put just their Facebook ID but then get deported for having not offered up their Twitter one.

Like I said: this is designed to be nothing more than a trap to provide an excuse for deporting someone based off something more fleeting than the old “Have you ever been a member of the Communist Party” question.

One final point: CBP also expanded how broadly they can share all this information. As I’ll write in a follow-up, I suspect it’s part of a larger, unannounced effort.

John McCain Wants to “Expose” Twitter for Refusing to Sell Your Twitter Data in Bulk to CIA

/5 Comments/in /by

John McCain just had a hearing on cybersecurity. The primary point of the hearing seems to have been to get Admiral Mike Rogers to say the nation would be less safe if we split CYBERCOM Commander from Director of NSA (that is, if we split his job into two). That’s in apparent contradiction to what Rogers said at an industry conference last week.

McCain’s secondary point seems to have been to raise concerns that an unsuccessful attempt by hackers to access Arizona voting data might affect his re-election effort.

His tertiary point seems to have been to attack Apple and Twitter for making efforts to protect their customers. After getting a witness to comment about Twitter’s long-term refusal to let Dataminr to sell Twitter data to the CIA, he suggested perhaps the response should be to “expose” the company.

So let me help Senator McCain in his efforts.

Breaking: Twitter Refuses to Sell Your Data in Bulk to the CIA

That is simply scandalous!

Of course, as I’ve reported in the past and a spox from Twitter reiterated again today, this is actually a (claimed) long-standing policy at Twitter. They will not let Dataminr or anyone else sell your data to any government agency for surveillance purposes.

Dataminr uses public Tweets to sell breaking news alerts to media organizations and government agencies, for non-surveillance purposes. Due to privacy concerns, we have not authorized Dataminr or any third party to sell data to a government or intelligence agency for surveillance purposes. This is a longstanding Twitter policy, not a new development. Twitter responds to valid legal process issued in compliance with applicable law, and our most recent transparency report shows over 5,000 U.S. government information requests in 2015 alone.

Breaking: Twitter Refuses to Sell Your Data to Government for Surveillance Purposes

Wow, this Expose Twitter campaign is getting exciting.

Of course, you might ask why McCain is demanding that our tech companies to make money off of surveillance of you. And why he considers Twitter such an exception.