Left to chance

The ACLU has tested President Obama early, requesting dozens of secret documents covering the Bush administrations’ justification for its spying and interrogation programs. If we could gleam even a bit of insight into the real excuses for the warrantless wiretapping and NSA eavesdropping, it could set a precedent for future government transparency.

For years, the Bush administration refused to release them, citing national security, attorney-client privilege and the need to protect the government’s deliberative process. The ACLU’s request, however, comes after President Barack Obama last week rescinded a 2001 Justice Department memo that gave agencies broad legal cover to reject public disclosure requests.

Obama also urged agencies to be more transparent when deciding what documents to release under the Freedom of Information Act. … “The president has made a very visible and clear commitment to transparency,” said Jameel Jaffer, the director of the ACLU’s National Security Project. “We’re eager to see that put into practice.” The collection of memos, written by the Justice Department’s Office of Legal Counsel, are viewed as the missing puzzle pieces that could help explain the Bush administration’s antiterrorism policies. Critics of the prior administration also see the release of the documents as necessary to determine whether former administration officials should be held accountable for legal opinions that justified various antiterrorism measures, including the use of waterboarding, an interrogation technique that simulates drowning.

This is crazy, with all we know about network security and how important it is to safeguard our data, companies are still not getting the messages, so data breaches continue to increase.  With all of the information people give up online ever increasing, this has the makings of a privacy disaster.

Given an IT security landscape highlighted by regulatory compliance,
publicly-disclosed data breaches, and increasingly sophisticated
threats, we often ask survey respondents whether their organization
suffered a data breach in the last 12 months. ESG has probably asked
this very question in several research projects over the past few
years. In the past, about 30 percent of large organizations (i.e. 1,000
employees or more) claimed that their organization had suffered a data
breach within the last year.

This pattern was fairly consistent from 2005 through 2007, so I
expected to see similar results when we conducted another research
survey focused on application and database security at the end of 2008.
I was shocked to see that things have actually grown much worse. In a
November 2008 survey of 179 North American-based security
professionals, 56 percent claimed that their organization had suffered
a data breach within the past 12 months. In further analysis, 61
percent of organizations with 1,000 to 5,000 employees suffered a data
breach in that time frame. It’s easy to assume that these smaller firms
are more at risk since they are likely to have fewer security
technologies in place and smaller security staffs. Perhaps this is true, but even bigger companies are suffering data breaches - 49 percent of organizations with 5,000 employees or more endured at least one data breach of their own.

So what good is it if I rotate my passwords constantly, encrypt my personal data, and am careful not to send 500$ to someone in Nigeria so that they can send me millions? Once your data is out of your hands you have some company with a bottom line to protect that fails to include funds to hire competent IT staff to secure data and systems. Perhaps this bodes well for the idea of companies offloading their systems’ data to the cloud, that way a company that *only* holds data might be better able to secure access to it. (maybe)

Yesterday the Department of Homeland Security disclosed that traveler’s laptop computers “or other electronic devices” can be confiscated, without any suspicion of a crime! Better yet, they can make and share copies of your data, have the data translated, unencrypted, etc. This is especially topical for me since I’ll be leaving the country on Sunday with the laptop that I’m typing this on. “Federal agents may take a traveler’s laptop computer or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. Also, officials may share copies of the laptop’s contents with other agencies and private entities for language translation, data decryption or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement. “The policies . . . are truly alarming,” said Sen. Russell Feingold (D-Wis.), who is probing the government’s border search practices. He said he intends to introduce legislation soon that would require reasonable suspicion for border searches, as well as prohibit profiling on race, religion or national origin.” So while congress is now looking at it, the article points out that these procedures have been in place for a long time, but only revealed last month, “…because of public interest in this matter.” So this makes me ask, what else should we be interested in that our government is doing so we can discover other ways our rights are being shoved aside? These tactics are excessive and a violation of individual rights, could at least can cause an interruption of business, but at most are a direct invastion of privacy and a violation of civil rights.

I found this pretty interesting, to find out names of sources that a journalist talked to about the government’s secret wiretapping of Americans without court orders, federal investigators are using phone records. So they look to the phone companies for names to find out who talked to the Times about the investigation into how the Feds used the phone companies to spy on its citizens.

In the leak investigation, Justice Department officials are using phone records in an Arlington, Va. federal grand jury proceeding to ferret out James Risen’s sources, according to the New York Times. One presumes the government is using subpoenas or National Security Letters to get Risen or his suspected sources’ phone records, then hauling former government officials in front of the grand jury. But given that this Administration operates on the belief that the Fourth Amendment does not apply during wartime, that the Justice Department is not pursuing criminal charges against officials involved in wiretapping Americans without court approval and that the Administration claims to have King-like powers in the Time of Terror, the presumption that legal process was involved might be quaint.

And so explains my reluctance to even look at an iPhone, considering buying one could lock you in a contract with AT&T until 2010! To learn what that gets you, check the ongoing AT&T coverage at eff.org.

Today we hear that the Justice Department wants to make it easier for the FBI to investigate U.S. citizens and legal residents by not requiring little things like evidence, or even allegations that a law probably has been broken!

The Justice Department is considering letting the FBI investigate Americans without any evidence of wrongdoing, relying instead on a terrorist profile that could single out Muslims, Arabs or other racial and ethnic groups.

Law enforcement officials say the proposed policy would help them do exactly what Congress demanded after the Sept. 11, 2001, attacks: root out terrorists before they strike.

Although President Bush has disavowed targeting suspects based on their race or ethnicity, the new rules would allow the FBI to consider those factors among a number of traits that could trigger a national security investigation.

Now come on, if even Bush is against something like this, it has to be an obvious violation of civil rights to everyone.  The plan is to get this change put in place before the new administration takes over in January, so this requires the canidates to stand up against this now.  I want to see what position each takes, and I want them to discuss it in an open debate, so American’s can better understand how their rights are at stake.

While John McCain is still hawking that ‘maverick’ tag, don’t believe the hype, instead, let’s look at some recent statements he made that perked my interest, coming out in favor of the Bush administrations’ stance on FISA, warrantless wiretapping/eavesdropping and executive power. Funny thing is, he had the exact opposite opinion on these topics when he was asked in December 2007!

On Wednesday, I documented John McCain’s complete reversal of views — in the last six months alone — on FISA, warrantless eavesdropping and executive power. McCain’s diametrically opposite views were contained in a questionnaire McCain completed for The Boston Globe last December (wherein he rejected many of the Bush/Cheney theories of presidential omnipotence and warrantless eavesdropping) and then a statement McCain issued this week to National Review (wherein he embraced those same theories in order to persuade the Right that he approves of and would continue Bush’s lawless surveillance policies).

Another source states more of what transcribed at the National Review:

A top adviser to Senator John McCain says Mr. McCain believes that President Bush’s program of wiretapping without warrants was lawful, a position that appears to bring him into closer alignment with the sweeping theories of executive authority pushed by the Bush administration legal team.

In a letter posted online by National Review this week, the adviser, Douglas Holtz-Eakin, said Mr. McCain believed that the Constitution gave Mr. Bush the power to authorize the National Security Agency to monitor Americans’ international phone calls and e-mail without warrants, despite a 1978 federal statute that required court oversight of surveillance…