Shinzō Abe (Japanese Prime Minister); Photo from G8 UK Presidency
Summary: Freedom of the press is under attack not just in the West but also in Japan, potentially affecting public scrutiny of corporations as well as governments
The ‘British Snowden’, an MI5 whistleblower who is not able to return to Britain safely (essentially a fugitive now), speaks about the new Snowden Web site . I had the pleasure of speaking with her and she is very widely quoted by the media right now (except in the British media). See, here in the UK there is a war on the media [1, 2, 3] amid an EU blunder which jeopardises Britain’s status in the European Union . It turns out that spying on your allies on behalf of some distant superpower (the United States) is not a good thing to do.
The Japanese Prime Minister and our own Prime Minister David Cameron have quite a lot in common now [3,4], having to deal with that ‘nuisance’ which is The Guardian  giving the population this thing called facts. There is a new bombshell about the extremely debt-saddled Japan and the NSA  (possibly spying on China and neighbours for distant world powers). In Japan, a former occupier and a vicious empire which slaughtered many people in neighbouring countries, the politicians are trying to gag the press using new laws .
“Standing up for Snowden is standing up for the rule of law, justice, and ethics.”Where do we go from here? Well, the Free Software Foundation takes action . We need to defend the disclosure of all this information. Snowden’s leaks revealed (back in August) where trillions of dollars of taxpayers’ money (or national debt to which they’re tied) are going  and these leaks also give a very strong challenge to US law, potentially banning some of the NSA’s current actions, which are already against the law anyway .
Standing up for Snowden is standing up for the rule of law, justice, and ethics. No more need people be barred from basic information about how public money is spent. Espionage is not “cool” and stabbing continental Europe in the back is not what British citizens would consider a policy that they can support. If the US uses Japan and other small countries (Korea for example) to weaken Indochina while also using the UK (and Sweden among others) to spy on Russia and the European Union, how does one justify unions? Unless we assume that all ethics and good values are derived from US culture we should rethink all these collusions among G8/NATO members.
If laws are being passed to ban freedom of the press (or seriously restrict it), then who is going to cover what Japanese companies and authorities hide from the public ahead of a cancer epidemic [11,12] or after BP barred the press from assessing the real impact of its long-lasting pollution ? It’s one thing to bar journalists from publishing what’s being labeled “state secrets”; using the same laws we may find people who publish corporate secrets (evidence of harm or misconduct) criminalised as well. Down the slippery slope we go. █
Related/contextual items from the news:
And here’s another aide memoire of the disclosures so far. The impact of these disclosures is global. Edward Snowden is simply the most significant whistleblower in modern history.
“While leading politicians of other European countries and officers of the EU itself were keen to express their concern over the latest revelations of US spying on its allies – the President of the European Parliament Martin Schulz said that US secret services were ‘out of control’ – British Prime Minister David Cameron has only said that he thought that the EU statement on the matter was ‘good and sensible’ and that he agreed with it. German Chancellor Angela Merkel said Cameron ‘silently acquiesced” to the statement. At a press conference, Cameron refused to comment about the recent NSA revelations.
“The muted British reaction to what is a truly outrageous scandal, is proof, if indeed any further proof were needed, of what Britain’s main role in the EU is: to act as a Trojan horse to defend and further the interests of the government of the United States of America.”
Prime minister alludes to courts and D notices and singles out the Guardian over coverage of Edward Snowden saga
You don’t need to be talking to a terror suspect to have your communications data analysed by the NSA. The agency is allowed to travel “three hops” from its targets – who could be people who talk to people who talk to people who talk to you. Facebook, where the typical user has 190 friends, shows how three degrees of separation gets you to a network bigger than the population of Colorado. How many people are three “hops” from you?
The U.S. National Security Agency sought the Japanese government’s cooperation in 2011 over wiretapping fiber-optic cables carrying phone and Internet data across the Asia-Pacific region, but the request was rejected, sources said Saturday.
Japanese Prime Minister Shinzo Abe’s government is planning a state secrets act that critics say could curtail public access to information on a wide range of issues, including tensions with China and the Fukushima nuclear crisis.
On Saturday, October 26, 2013, the FSF joined more than three thousand privacy advocates in Washington, DC to call for an end to mass surveillance conducted by the NSA.
The legislation has support from Republicans and Democrats in both the House and Senate, and from groups like the American Civil Liberties Union and National Rifle Association. But the USA FREEDOM Act’s passage into law remains uncertain.
Despite the departure of all his neighbours and the unexplained deaths of some of his stock, Tokue Hosokawa refuses to budge
Toxicologists ‘predicted with certainty’ that Gulf of Mexico residents and clean-up workers would become severely ill.
Send this to a friend
The current level of general surveillance in society is incompatible with human rights. To recover our freedom and restore democracy, we must reduce surveillance to the point where it is possible for whistleblowers of all kinds to talk with journalists without being spotted. To do this reliably, we must reduce the surveillance capacity of the systems we use.
Using free/libre software, as I’ve advocated for 30 years, is the first step in taking control of our digital lives. We can’t trust nonfree software; the NSA uses and even creates security weaknesses in nonfree software so as to invade our own computers and routers. Free software gives us control of our own computers, but that won’t protect our privacy once we set foot on the Internet.
“Thanks to Edward Snowden’s disclosures, we know that the current level of general surveillance in society is incompatible with human rights.”Bipartisan legislation to “curtail the domestic surveillance powers” in the U.S. is being drawn up, but it relies on limiting the government’s use of our virtual dossiers. That won’t suffice to protect whistleblowers if “catching the whistleblower” is grounds for access sufficient to identify him or her. We need to go further.
Thanks to Edward Snowden’s disclosures, we know that the current level of general surveillance in society is incompatible with human rights. The repeated harassment and prosecution of dissidents, sources, and journalists provides confirmation. We need to reduce the level of general surveillance, but how far? Where exactly is the maximum tolerable level of surveillance, beyond which it becomes oppressive? That happens when surveillance interferes with the functioning of democracy: when whistleblowers (such as Snowden) are likely to be caught.
Don’t Agree We Need to Reduce Surveillance? Then Read This Section First
If whistleblowers don’t dare reveal crimes and lies, we lose the last shred of effective control over our government and institutions. That’s why surveillance that enables the state to find out who has talked with a reporter is too much surveillance—too much for democracy to endure.
“Opposition and dissident activities need to keep secrets from states that are willing to play dirty tricks on them.”An unnamed U.S. government official ominously told journalists in 2011 that the U.S. would not subpoena reporters because “We know who you’re talking to.” Sometimes journalists’ phone call records are subpoenaed to find this out, but Snowden has shown us that in effect they subpoena all the phone call records of everyone in the U.S., all the time.
Opposition and dissident activities need to keep secrets from states that are willing to play dirty tricks on them. The ACLU has demonstrated the U.S. government’s systematic practice of infiltrating peaceful dissident groups on the pretext that there might be terrorists among them. The point at which surveillance is too much is the point at which the state can find who spoke to a known journalist or a known dissident.
Information, Once Collected, Will Be Misused
When people recognize that the level of general surveillance is too high, the first response is to propose limits on access to the accumulated data. That sounds nice, but it won’t fix the problem, not even slightly, even supposing that the government obeys the rules. (The NSA has misled the FISA court, which said it was unable to effectively hold the NSA accountable.) Suspicion of a crime will be grounds for access, so once a whistleblower is accused of “espionage,” finding the “spy” will provide an excuse to access the accumulated material.
“Surveillance data will always be used for other purposes, even if this is prohibited.”The state’s surveillance staff will misuse the data for personal reasons too. Some NSA agents used U.S. surveillance systems to track their lovers—past, present, or wished-for—in a practice called “LoveINT.” The NSA says it has caught and punished this a few times; we don’t know how many other times it wasn’t caught. But these events shouldn’t surprise us, because police have long used their access to driver’s license records to track down someone
attractive, a practice known as “running a plate for a date.”
Surveillance data will always be used for other purposes, even if this is prohibited. Once the data has been accumulated and the state has the possibility of access to it, it may misuse that data in dreadful ways.
Total surveillance plus vague law provides an opening for a massive fishing expedition against any desired target. To make journalism and democracy safe, we must limit the accumulation of data that is easily accessible to the state.
Robust Protection for Privacy Must Be Technical
The Electronic Frontier Foundation and other organizations propose a set of legal principles designed to prevent the abuses of massive surveillance. These principles include, crucially, explicit legal protection for whistleblowers; as a consequence, they would be adequate for protecting democratic freedoms—if adopted completely and enforced without exception forever.
However, such legal protections are precarious: as recent history shows, they can be repealed (as in the FISA Amendments Act), suspended, or ignored.
“If we don’t want a total surveillance society, we must consider surveillance a kind of social pollution, and limit the surveillance impact of each new digital system just as we limit the environmental impact of physical construction.”Meanwhile, demagogues will cite the usual excuses as grounds for total surveillance; any terrorist attack, even one that kills just a handful of people, will give them an opportunity.
If limits on access to the data are set aside, it will be as if they had never existed: years worth of dossiers would suddenly become available for misuse by the state and its agents and, if collected by companies, for their private misuse as well. If, however, we stop the collection of dossiers on everyone, those dossiers won’t exist, and there will be no way to compile them retroactively. A new illiberal regime would have to implement surveillance afresh, and it would only collect data starting at that date. As for suspending or momentarily ignoring this law, the idea would hardly make sense.
We Must Design Every System for Privacy
If we don’t want a total surveillance society, we must consider surveillance a kind of social pollution, and limit the surveillance impact of each new digital system just as we limit the environmental impact of physical construction.
For example: “Smart” meters for electricity are touted for sending the power company moment-by-moment data about each customer’s electric usage, including how usage compares with users in general. This is implemented based on general surveillance, but does not require any surveillance. It would be easy for the power company to calculate the average usage in a residential neighborhood by dividing the total usage by the number of subscribers, and send that to the meters. Each customer’s meter could compare her usage, over any desired period of time, with the average usage pattern for that period. The same benefit, with no surveillance!
We need to design such privacy into all our digital systems.
Remedy for Collecting Data: Leaving It Dispersed
One way to make monitoring safe for privacy is to keep the data dispersed and inconvenient to access. Old-fashioned security cameras were no threat to privacy. The recording was stored on the premises, and kept for a few weeks at most. Because of the inconvenience of accessing these recordings, it was never done massively; they were accessed only in the places where someone reported a crime. It would not be feasible to physically collect millions of tapes every day and watch them or copy them.
“To restore privacy, we should ban the use of Internet-connected cameras aimed where and when the public is admitted, except when carried by people.”Nowadays, security cameras have become surveillance cameras: they are connected to the Internet so recordings can be collected in a data center and saved forever. This is already dangerous, but it is going to get worse. Advances in face recognition may bring the day when suspected journalists can be tracked on the street all the time to see who they talk with.
Internet-connected cameras often have lousy digital security themselves, so anyone could watch what the camera sees. To restore privacy, we should ban the use of Internet-connected cameras aimed where and when the public is admitted, except when carried by people. Everyone must be free to post photos and video recordings occasionally, but the systematic accumulation of such data on the Internet must be limited.
Remedy for Internet Commerce Surveillance
Most data collection comes from people’s own digital activities. Usually the data is collected first by companies. But when it comes to the threat to privacy and democracy, it makes no difference whether surveillance is done directly by the state or farmed out to a business, because the data that the companies collect is systematically available to the state.
The NSA, through PRISM, has gotten into the databases of many large Internet corporations. AT&T has saved all its phone call records since 1987 and makes them available to the DEA to search on request. Strictly speaking, the U.S. government does not possess that data, but in practical terms it may as well possess it.
“Purchases over the Internet also track their users.”The goal of making journalism and democracy safe therefore requires that we reduce the data collected about people by any organization, not just by the state. We must redesign digital systems so that they do not accumulate data about their users. If they need digital data about our transactions, they should not be allowed to keep them more than a short time beyond what is inherently necessary for their dealings with us.
One of the motives for the current level of surveillance of the Internet is that sites are financed through advertising based on tracking users’ activities and propensities. This converts a mere annoyance—advertising that we can learn to ignore—into a surveillance system that harms us whether we know it or not. Purchases over the Internet also track their users. And we are all aware that “privacy policies” are more excuses to violate privacy than commitments to uphold it.
We could correct both problems by adopting a system of anonymous payments—anonymous for the payer, that is. (We don’t want the payee to dodge taxes.) Bitcoin is not anonymous, but technology for digital cash was first developed 25 years ago; we need only suitable business arrangements, and for the state not to obstruct them.
A further threat from sites’ collection of personal data is that security breakers might get in, take it, and misuse it. This includes customers’ credit card details. An anonymous payment system would end this danger: a security hole in the site can’t hurt you if the site knows nothing about you.
Remedy for Travel Surveillance
We must convert digital toll collection to anonymous payment (using digital cash, for instance). License-plate recognition systems recognize all license plates, and the data can be kept indefinitely; they should be required by law to notice and record only those license numbers that are on a list of cars sought by court orders. A less secure alternative would record all cars locally but only for a few days, and not make the full data available over the Internet; access to the data should be limited to searching for a list of court-ordered license-numbers.
The U.S. “no-fly” list must be abolished because it is punishment without trial.
“The U.S. “no-fly” list must be abolished because it is punishment without trial.”It is acceptable to have a list of people whose person and luggage will be searched with extra care, and anonymous passengers on domestic flights could be treated as if they were on this list. It is also acceptable to bar non-citizens, if they are not permitted to enter the country at all, from boarding flights to the country. This ought to be enough for all legitimate purposes.
Many mass transit systems use some kind of smart cards or RFIDs for payment. These systems accumulate personal data: if you once make the mistake of paying with anything but cash, they associate the card permanently with your name. Furthermore, they record all travel associated with each card. Together they amount to massive surveillance. This data collection must be reduced.
“Internet service providers and telephone companies keep extensive data on their users’ contacts (browsing, phone calls, etc).”Navigation services do surveillance: the user’s computer tells the map service the user’s location and where the user wants to go; then the server determines the route and sends it back to the user’s computer, which displays it. Nowadays, the server probably records the user’s locations, since there is nothing to prevent it. This surveillance is not inherently necessary, and redesign could avoid it: free/libre software in the user’s computer could download map data for the pertinent regions (if not downloaded previously), compute the route, and display it, without ever telling anyone where the user is or wants to go.
Systems for borrowing bicycles, etc., can be designed so that the borrower’s identity is known only inside the station where the item was borrowed. Borrowing would inform all stations that the item is “out,” so when the user returns it at any station (in general, a different one), that station will know where and when that item was borrowed. It will inform the other station that the item is no longer “out.” It will also calculate the user’s bill, and send it (after waiting some random number of minutes) to headquarters along a ring of stations, so that headquarters would not find out which station the bill came from. Once this is done, the return station would forget all about the transaction. If an item remains “out” for too long, the station where it was borrowed can inform headquarters; in that case, it could send the borrower’s identity immediately.
Remedy for Communications Dossiers
Internet service providers and telephone companies keep extensive data on their users’ contacts (browsing, phone calls, etc). With mobile phones, they also record the user’s physical location. They keep these dossiers for a long time: over 30 years, in the case of AT&T. Soon they will even record the user’s body activities. It appears that the NSA collects cell phone location data in bulk.
Unmonitored communication is impossible where systems create such dossiers. So it should be illegal to create or keep them. ISPs and phone companies must not be allowed to keep this information for very long, in the absence of a court order to surveil a certain party.
This solution is not entirely satisfactory, because it won’t physically stop the government from collecting all the information immediately as it is generated—which is what the U.S. does with some or all phone companies. We would have to rely on prohibiting that by law. However, that would be better than the current situation, where the relevant law (the PATRIOT Act) does not clearly prohibit the practice. In addition, if the government did resume this sort of surveillance, it would not get data about everyone’s phone calls made prior to that time.
But Some Surveillance Is Necessary
For the state to find criminals, it needs to be able to investigate specific crimes, or specific suspected planned crimes, under a court order. With the Internet, the power to tap phone conversations would naturally extend to the power to tap Internet connections. This power is easy to abuse for political reasons, but it is also necessary. Fortunately, this won’t make it possible to find whistleblowers after the fact.
Individuals with special state-granted power, such as police, forfeit their right to privacy and must be monitored. (In fact, police have their own jargon term for perjury, “testilying,” since they do it so frequently, particularly about protesters and photographers.) One city in California that required police to wear video cameras all the time found their use of force fell by 60%. The ACLU is in favor of this.
“…journalism must be protected from surveillance even when it is carried out as part of a business.”Corporations are not people, and not entitled to human rights. It is legitimate to require businesses to publish the details of processes that might cause chemical, biological, nuclear, fiscal, computational (e.g., DRM) or political (e.g., lobbying) hazards to society, to whatever level is needed for public well-being. The danger of these operations (consider the BP oil spill, the Fukushima meltdowns, and the 2008 fiscal crisis) dwarfs that of terrorism.
However, journalism must be protected from surveillance even when it is carried out as part of a business.
Digital technology has brought about a tremendous increase in the level of surveillance of our movements, actions, and communications. It is far more than we experienced in the 1990s, and far more than people behind the Iron Curtain experienced in the 1980s, and would still be far more even with additional legal limits on state use of the accumulated data.
Unless we believe that our free countries previously suffered from a grave surveillance deficit, and ought to be surveilled more than the Soviet Union and East Germany were, we must reverse this increase. That requires stopping the accumulation of big data about people.█
Licensed under a Creative Commons Attribution-NoDerivs 3.0 United States License.
Send this to a friend
“There’s free software and then there’s open source… there is this thing called the GPL, which we disagree with.”
–Bill Gates, April 2008
“They’ll get sort of addicted, and then we’ll somehow figure out how to collect sometime in the next decade.”
Summary: The ongoing war by Microsoft and its proxies against software freedom, which gives more value to the world’s industry than the FUD would have people believe
There is another reason to abandon the term “Open Source”, which left the term “Free software” more vulnerable to abuse by bad people, makers of proprietary software. Here is Bill Gates’ latest attempt to run over Free/libre software, characterising his trap as “free”. To quote a Romanian site:
Bill Gates had a very interesting opening keynote speech at the Microsoft Research Faculty Summit 2013, explaining that he was grateful for the existence of free software, when asked about patents and their influence on technology.
“Thank God for commercial software. It actually funds salaries, gives people jobs. And thank God for free software, it lets people get things out there, you can play around, build on. The two work very well in an ecosystem,” stated Bill Gates during the Q&A.
This is nonsense, as anybody with a clue knows that commercial means not proprietary and Free/libre can be used commercially, paying wages to users and developers.
A lot of this kind of attacks on Free software usually goes back to Microsoft and its proxies. Right now we have Black Duck, a company created by a marketing guy from Microsoft, throwing around some numbers, looking for sites that will print them. Here is one:
Open source consulting firm BlackDuck says up to $59 billion may be locked up in open source projects with no explicit license. Is that lost revenue for channel partners and software companies?
Here is the press release. What nonsense. Trying to quantify code in terms of revenue is not the only silliness; it is the idea that money is being lost as a result of having no licence. Similar propaganda was previously used to describe FOSS as a jobs destroyer, as if people are writing software with such aims. Some tried to portray FOSS as a cause for losses in the industry, not a saver of money and elevator of productivity (which in turn makes room for more hirings per given budget). This is the type of propaganda we are up against and we keep seeing it brought up also in public talks.
Here is another new example of Black Duck being used to reinforce FUD — namely the idea that Free software is about cost, not freedom, and that it is chosen for price, not other qualities. Watch how the Black Duck-run Future of Open Source survey [1, 2, 3, 4] is being used to spread misconceptions. This new FOSS-hostile article (“The Hidden Cost of Free”) says: “Bottom line, open source may be “eating the software world,” but not all of it. For ISVs and other software development professionals, open source is a no-brainer. We use it in development and in our commercial products wherever and whenever it makes sense. It is free, after all, and the quality is second to none, as this year’s Future of Open Source survey reinforces.”
Black Duck reinforces all sorts of proprietary software talking points. Black Duck is, after all, a proprietary software company.
“This is the type of propaganda we are up against and we keep seeing it brought up also in public talks.”Speaking of FUD against FOSS, the latest Android security fear-mongering comes from a Microsoft partner created and managed by a Microsoft guy (who hopes to turn Android perceptions into Windows perceptions when it comes to security). To quote the company’s description: “He is also a Microsoft Most Valuable Professional (MVP) in Visual Developer Security, a frequent speaker, press resource, and is featured regularly in the Associated Press and global security media.”
“Bluebox was founded in mid-2012,” it says, and it was groomed by the Gartner Group (currently fully dedicated to Android FUD and monetisation attempts, akin to Black Duck).
The war on FOSS is very real and Microsoft partners are trying to remove the F from FOSS or altogether make it proprietary. A few days ago we showed how three Micrososft-controlled entities threw around (or under the bus) and blurred out the FOSS identity of Zimbra (here is more on that); we should also pay attention to the hallmark of effective FOSS FUD because it’s quite consistent. As explained a week ago by Eben Moglen at the EU Parliament, the GPL brought enormous value to the industry, more so than Apple and Microsoft combined. Unfortunately the video is only on YouTube, hence embedded below.
Will politicians ‘get’ it? █
Send this to a friend
Summary: Harassment by proxy seems like a possibility now that funds to the FSF are being discouraged
Donations to the Free Software Foundation (FSF) are a dangerous or suspicious activity now (like post-Cablegate Wikileaks), at least based on this account from a reader/contributor of ours. Donations to the FSF are made more difficult now. Microsoft did this type of thing last year [1, 2]. Here is how the latest story goes:
Master Card called me about my FSF Subscription That’s very strange because I’ve been making monthly payments for about a decade. Someone is doing something nasty to the FSF.
At 8AM, I got a call from the fraud prevention department of my credit card asking me to “verify some recent activity”. I saw it in my email when I woke up about an hour after they called.
My Mastercard was robbed once before, so I checked online and called the customer service number printed on my bill. There was nothing suspicious in the online report or the last bill. I was not about to call the number left on my answering machine, which simply identified itself as “TOLL FREE CALL” It took some time to escape the menu, which was uninformative and dangerous because it wanted to change things. The key phrase “human being” did the trick and I was promptly routed to an operator at the fraud department.
The representative told me that my monthly FSF subscription charge had triggered the call and that means hundreds of false charges had been made in the FSF’s name. When she told me the FSF charge was responsible for the call, I said that was strange because I had been making regular automated payments since 2004. She told me that the trigger was probably false charges to other accounts. I asked her how many false charges it would take to make such a trigger. She said that it changes daily but that it would probably take hundreds.
I can think of four explanations for this:
1. The FSF made a mistake in billing. Unlikely.
2. Mastercard wanted to harass the FSF. Unlikely but they have a history of cutting off funds to Wikileaks and can not really be trusted.
3. Someone made fraudulent payments to Mastercard on many accounts. That could be done maliciously or as a misguided help, the result would be the same and no one should do that.
4. Someone wanted to harass the FSF by setting up fake accounts to play games.
Whatever the actual reason, damage is being done to the FSF’s reputation and it should never have happened to me. An algorithm that overlooks my long history of monthly payments is broken. Operators should be given the exact reason that a company has been labeled suspicious. The call was inconvenient and damaging. Further speculation added to that damage. Hopefully, Mastercard itself is not responsible for this and will get to the bottom of it.
I started a FSF Forum thread about this hoping to call the right kind of attention to the problem.
Discouragement through discomfort is an effective strategy. Proving this to be intentional is hard, almost impossible even.
Steven J. Vaughan-Nichols celebrates a decade of fighting back against SCO, whose funding from Microsoft is evident. Showing the intention or proving it is the hard part. With uncertainty or lack of concrete evidence, these attacks can carry on, little by little, proxy by proxy (one of the latest seems to be Nokia). Groklaw covers another curious attack, namely Oracle (a friend of a friend, Apple). The latest is this: “Google has now responded to Oracle’s appeal in the Oracle v. Google API copyright case. Plus it adds its own cross appeal.”
Copyrights were also used by SCO. In all cases, and wherever FOSS takes over, the intend is to tax GNU/Linux or impose a sort of blockade. █
Send this to a friend