PHPHOST BLOG

Web Hosting Related Articles You May Need

The Crazy Redactions Of The No Fly List Decision: The Kafkaesque ‘On-Off-On’ Redactions

So, we already highlighted the key information revealed and the newly unredacted version of the court’s ruling in the Rehinah Ibrahim “no fly list” case (namely: that the US has a “secret exception” by which it can put people into the terrorist screening database despite no “reasonable suspicion” that they’re a threat). However, seeing as we had noted some of the bizarre redactions in the original, and now that we have the unredacted version, I figured we could look at some of the more bizarre redactions now that they’ve been revealed. Let’s start with what might have been the most hilarious redaction from the original

If you can’t read it, it’s:
Given the Kafkaesque [REDACTED] treatment imposed on Dr. Ibrahim, the government is further ordered expressly to tell Dr. Ibrahim [REDACTED] (always subject, of course, to future developments and evidence that might [REDACTED]). This relief is appropriate and warranted because of the confusion generated by the government’s own mistake and the very real misapprehension on her part that the later visa denials are traceable to her erroneous 2004 placement on the no-fly list, suggesting (reasonably from her viewpoint) that she somehow remains on the no-fly list.

Now those redactions have been uncovered, and here’s what we see (with the redacted portions in yellow):

And the text version, with redacted portions underlined:
Given the Kafkaesque on-off-on-list treatment imposed on Dr. Ibrahim, the government is further ordered expressly to tell Dr. Ibrahim that she is no longer on the no-fly list and has not been on it since 2005 (always subject, of course, to future developments and evidence that might warrant reinstating her to the list). This relief is appropriate and warranted because of the confusion generated by the government’s own mistake and the very real misapprehension on her part that the later visa denials are traceable to her erroneous 2004 placement on the no-fly list, suggesting (reasonably from her viewpoint) that she somehow remains on the no-fly list.

Many people rightly mocked the original version as the Kafkaesque nature of the situation appeared to be increased by that particularly hilarious looking redaction. Of course, now having seen all the redactions, we can see the true reason behind it. It appears that, despite all of this, Ibrahim is still in the Terror Screening Database (TSDB), for some secret reason, even though everyone admits she’s no threat. And that secret reason is apparently unrelated to the original mistake.

In other words, the purpose of all those original redactions was to misleadingly suggest that Ibrahim had been cleared from all lists, but the “on-off-on-list” aspect was actually hidden in the redacted version. Now that it’s all been revealed, reading between the lines, we see that Ibrahim is only being cleared from some lists and databases, while remaining in others that likely prevent her from ever returning to the US. In other words, the redactions were created to mislead the public into believing that Ibrahim has been totally cleared, when the reality is she’s still in the same basic position — other than the fact that she now knows she’s in the TSDB rather than the no fly list, which she was removed from all the way back in 2005.

Still, other redactions seem equally bizarre. Take this one:

The unredacted version says:
Government counsel has conceded at trial that Dr. Ibrahim is not a threat to our national security. She does not pose (and has not posed) a threat of committing an act of international or domestic terrorism with respect to an aircraft, a threat to airline passenger or civil aviation security, or a threat of domestic terrorism. This the government admits and this order finds.

Why was that redacted? Perhaps the government thought the reasons someone might be put on the list needed to be secret? But, did anyone doubt that any of the things listed above were considered reasons why you might be put on the no fly list or the terrorist screening database? This identical redaction was done later in the ruling as well, again enforcing the idea that the government sought to hide the fact that you have to be a threat to one of those three things to be placed on the lists. But it also hid the fact that even if you were not one of those things, you can still be placed in the Terrorist Screening Database for a “secret exception” to the reasonable suspicion requirement.

Another bizarre one, concerning an attempt in 2006 to have her removed from all lists:

The unredacted version:
In a form dated February 10, 2006, an unidentified government agent requested that Dr. Ibrahim be “Remove[ d) From ALL Watchlisting Supported Systems (For terrorist subjects: due to closure of case AND no nexus to terrorism)” (TX 10). For the question “Is the individual qualified for placement on the no fly list,” the “No” box was checked. For the question, “If no, is the individual qualified for placement on the selectee list,” the “No” box was checked.

Can anyone explain why this was redacted? It makes no sense at all.

There is also a lengthy discussion of how the US blocked Ibrahim’s daughter, Raihan Binti Mustafa Kamal, from flying to the US for the trial and then lied about it. We noted how bizarre it was that Judge William Alsup’s entire discussion of what happened there was redacted. Now seeing the full version, it is, once again, entirely unclear why it was redacted in the first place. The unredacted parts do show more screwups by the US, in which Homeland Security falsely flagged Kamal based on rules that are not supposed to apply to US citizens, even though she is a US citizen. In fact, it notes that Customs and Border Patrol realized in six minutes that she was a US citizen, but then there was a series of other confusions that resulted in her not being allowed to board the flight.

Unfortunately, despite considerable anger on Judge Alsup’s part, when all of this came out, it appears that, in the end, he did nothing about this, other than make sure that Kamal’s own record in the TSDB was “updated… to reflect that she was a United States citizen.”

In the end, the revelation of these redactions do reveal that Ibrahim still appears to be unable to come to the US, and also suggests that the US government tried to use redactions to hide this fact — allowing the public to believe that Ibrahim had been entirely cleared, when she had not been. It also sought to hide, as mentioned in our earlier post, that the DOJ has some “secret exception” that allows them to basically destroy someone’s life, even if there’s no reasonable suspicion that they’re a terrorist threat of any kind.

Permalink | Comments | Email This Story







Posted in Syndicated | Leave a comment

Aretha Franklin Doesn’t Get Satire: Plans To Sue Satirical News Site Over Joke Story

You would think that, at some point, people are finally going to get that there are such things as satirical news organizations and that they’re not serious in what they write. Yet it seems not a week goes by in which someone isn’t either fooled by a parody story or railing against it as some kind of funny-demon that ought to be destroyed. The latest to be caught up in this web of barely-veiled humorous deception is the Queen of Soul, Aretha Franklin, who has threatened to sue satirical news site News Nerd over a fictional story about Patti LaBelle opening up a can of aged whoop-ass on her.

“The stories were not presented as satire or humor,” Franklin said through her publicist, Gwendolyn Quinn. “It was presented as a serious news story intended to depict me in a slanderous and derogatory way — defamation of character.”

And for that, she’s suggested she wants $10 million whole American dollars. The story that was not presented as satire or humor, according to Franklin, included such totally not funny or satirical lines as:

Onlookers say Labelle quickly removed her wig and earrings as she approached Franklin. Aretha, knowing that the removal of earrings is a tell-tale sign that a fight is about to ensue, attempted to prepare herself for the confrontation. Franklin was quickly struck with a Mayweather style right and left and stumbled backwards, landing awkwardly.

If you aren’t now laughing, check yourself into the nearest mental health center and ask them what happened to your sense of humor. If you don’t immediately realize that this is fictional, we, the people, politely request you promise us never to procreate and thereby poison the gene pool with your lack of basic comprehension and common sense. Or you could, you know, just check the bottom of any News Nerd page you might land upon, where it reads:

The stories posted on TheNewsNerd are for entertainment purposes only. The stories may mimic articles found in the headlines, but rest assured they are purely satirical.

And that should take care of that. It’s worth noting that no actual law suits yet appear to have been filed, so perhaps Franklin’s likely-frustrated lawyers have talked some sense into her. On the other hand, Franklin has been known in the past to demand respect, and that you think about what you’re trying to do to her. Meanwhile, the story has gone viral because of course it has, countermanding her wish entirely.

Permalink | Comments | Email This Story







Posted in Syndicated | Leave a comment

Why Didn’t The MPAA Weigh In On Garcia v. Google?

We already mentioned the amicus brief we submitted about the risks concerning intermediary liability (authored by lawyer Cathy Gellis) in the Garcia v. Google case. In it, we noted that the 9th Circuit had set up a page where all such filings are listed and that we planned to write about some of the other briefs. Of course Eric Goldman beat me to it, discussing all of the various amicus briefs and what they focus on. In short, though:

  • Public Citizen’s brief, submitted a while ago, focuses on whether or not an injunction against Google is appropriate, and explains why it is not.
  • An excellent brief from EFF, ACLU, Public Knowledge, CDT, New Media Rights, American Library Association and the Association of Research Libraries covers a lot of ground in under 2,500 words, highlighting the “novel” nature of the copyright claim and its “dangerous implications.” It also highlights how the focus on the potential harms to Garcia are not copyright-related harms. Finally, it notes that the gag order Kozinski ordered was unconstitutional.
  • A bunch of news organizations, including the LA Times, the Washington Post, NPR, Scripps, Advance Publications, the California Newspaper Association, RCFP, First Amendment Coalition and DMLP, submitted a brief on both the First Amendment issues raised by the ruling, and how it might lead to news organizations being blocked from publishing newsworthy content.
  • A separate brief from California broadcasters focused on the oddity of Kozinski’s interpretation of copyright law, and how that will “create confusion.”
  • Another fantastic brief comes from a variety of tech companies, including Twitter, Automattic, Kickstarter, Facebook, Yahoo, Tumblr, eBay, Adobe, IAC, Gawker and Pinterest. It highlights how the injunction goes way beyond what the law allows, placing (again, as we noted in our brief) tremendous liability on intermediaries, such as requiring them to block all future uploads. It also challenges the gag order that was originally placed on Google as setting a very dangerous precedent.
  • Then we have the academics. A brief from internet law professors (written by Eric Goldman and Venkat Balasubramani, but signed by many more) covers the intermediary liability issue (like ours did) and highlights how this appears to be Garcia trying to use copyright as an end-run around Section 230.
  • Then there’s a brief from IP law professors (written by Christopher Newman, Chris Sprigman and Julie Ahrens but signed by many more) focusing on the core ridiculousness of the claim that Garcia has a legitimate copyright interest in her performance. As they note: “the panel opinion in this case makes new law with corrosive implications for these foundational principles of copyright law.”
  • Netflix weighed in to point out that this creates a “new species of copyright” and would give “an effective veto right to any performer.”
  • Finally, a bunch of independent filmmakers, including the International Documentary Association, Film Independent, Morgan Spurlock and Fredrik Gertten, all submitted a brief about the “chaos” this will cause for filmmakers.

The last one is especially powerful and worth reading. But those final two — from Netflix and those indie filmmakers — actually highlight a glaring omission: Where is the MPAA? As we noted when the original ruling came out, it was so bad and so ridiculous that it ought to have actually united Google and the MPAA on a single copyright issue. Because if it stands, both will suffer greatly.

And yet, so far, the MPAA appears to be sitting this one out. Eric Goldman, in his post, speculated as to possible reasons, none of which look good for the MPAA:

Noticeably absent from the amicus brief roster are the big entertainment companies, such as the major movie studios and the record labels. Given that this case involves video production, something Google/YouTube don’t know much about, where are the real experts on this topic? One possibility is that they are hubristic enough to believe that they run such a tight legal ship that they will never run into problems with the court’s holding. Another possibility is that they are spiteful enough to delight in Google’s misery, even if the rule ultimately hurts them too (i.e., the enemy of my enemy is my friend). Yet another possibility is that they are happy to free-ride on Google’s efforts, getting all the benefit of Google fixing the law without any of the financial or reputational costs of siding against Garcia or supporting a deceitful rogue film producer. Whatever the reason, I can’t say that I favorably regard their decision to stand on the sidelines as the Ninth Circuit is trying to wreck their industry.

It is quite a glaring absence.

Permalink | Comments | Email This Story







Posted in Syndicated | Leave a comment

And, Of Course, Labels Sue Pandora Over Pre-1972 Recordings

Just a few days ago, we wrote about how the record labels were trying to have it both ways. That is, on the one hand, they are arguing in a variety of cases that the DMCA shouldn’t apply to pre-1972 sound recordings, while also arguing against any attempt to treat pre-1972 sound recordings the same as if they were under federal copyright law. At the same time, they are claiming that it’s somehow unfair that Sirius XM and Pandora aren’t paying statutory licensing fees on those very same pre-1972 recordings.

Having already sued Sirius XM over the issue last fall, the RIAA’s record labels have now targeted a similar lawsuit at Pandora. The lawsuit itself is highly misleading, taking statements from Pandora totally out of context (the labels have a habit of doing this). The most obnoxious of these misrepresentations is the RIAA’s claim that Pandora recently stated in SEC filings that there’s a risk factor if the company is “required to obtain licenses from individual sound recording copyright owners for the reproduction and public performance of pre-1972 sound recordings.”

The RIAA presents this as if it’s Pandora trying to get out of paying. But that’s not what Pandora is saying at all. It’s noting that because pre-1972 works are not covered by the various rates that it pays which are set by the Copyright Royalty Board, in order to secure the rates, it would need to negotiate individually with every copyright holder for the right to stream those works in every single state. But it’s noting that as a risk factor — because, as Sirius has pointed out in its own response to the similar lawsuit, decades have gone by and the labels have never been asking for licenses for performances of pre-1972 works. And those works have been used for years, license free, by TV and radio broadcasters, bars, restaurants and a variety of other places. The real risk is that Pandora, which has relied on the fact that it can take compulsory rates, would then suddenly have to negotiate with everyone, which would be a massive headache. And this is the mess caused by the weird way in which pre-1972 sound recordings are treated.

Again, those works are not covered by federal copyright laws, which include specific rights over performances of works, which was something of a new concept when it was added to federal copyright law. The various state laws that these works are covered by are generally common law concepts around misappropriation and unfair competition. So the big question is whether or not “performing” a work falls under such common law concepts. Historically, these claims were mostly focused on making unauthorized copies. Performing the work has generally been considered a separate issue. This makes it a bit questionable that the RIAA is now suddenly seeking to reinterpret a big swath of history around how those works were legally used — which also raises a concern about “laches” or how timely these lawsuits are. The RIAA has had decades to complain about these practices, and is just doing so now…

And, of course, remember that this is all happening just a month or so after the publishing arms of the very same labels were found to have been colluding unfairly to jack up Pandora’s rates. Basically, the legacy recording industry players are now looking for just about any way possible to make Pandora pay even more. This isn’t a surprise. It’s how the industry has always worked. When they’re struggling to figure out ways to make money, they look at anyone successful and assume it’s their fault that the legacy players are making less money. So, rather than innovating, they try to find legal ways to force more money out of the innovators and into their own hands. This is just the latest example in a very long line of such cases.

Permalink | Comments | Email This Story







Posted in Syndicated | Leave a comment

General Mills Says If You ‘Like’ Cheerios On Facebook, You Can No Longer Sue

Three years ago when the Supreme Court ruled in AT&T Mobility v. Concepcion, basically allowing binding arbitration clauses in contracts to exclude class action suits, we noted that it was an unfortunate pitting of a broken class action system against a broken arbitration system. Both arbitration and class action lawsuits may have some good features — and the concepts behind each sound good, but both have been abused to extreme levels. On the class action side, often these lawsuits have little to do with righting wrongs, and very much to do with big paydays for lawyers (and some companies even turn class action lawsuits into marketing opportunities).

On the arbitration side, while the theory of having a neutral third party settle the dispute without having to go through an expensive litigation process certainly sounds good, the reality is quite different. Since arbitrators are hired, and large companies are frequent employers, arbitrators have very strong incentives to side with those companies, in order to make sure they’ll be hired in the future. When you have one party who is likely to be a frequent employer, and another who will only engage in the transaction once, guess where the bias is going to fall. And, indeed, multiple studies have shown that’s exactly what happens. In one case 94% of rulings went against consumers. Another study showed that companies that regularly use arbitration get higher awards.

So neither side in that fight necessarily could be said to “represent the good guys.” However, as we noted when the Supreme Court ruling came out, it seemed likely that this would lead to companies putting arbitration clauses absolutely everywhere. At the time, we suggested a simple fix: have Congress make it clear that you can’t give up your right to go to court based on a non-negotiated contract. And that still seems to make sense, but of course, nothing has actually been done.

It should come as little surprise, then, that the prediction of seeing companies put arbitration clauses absolutely everywhere is happening — and to ridiculous levels. The NY Times has an article about how General Mills, makers of Cheerios, Chex and lots of other cereals, has updated some legalese on their own website to basically say if you do absolutely anything related to its cereals — including liking them on Facebook, or buying them — you give up your right to go to court and are agreeing to arbitration:

General Mills, the maker of cereals like Cheerios and Chex as well as brands like Bisquick and Betty Crocker, has quietly added language to its website to alert consumers that they give up their right to sue the company if they download coupons, “join” it in online communities like Facebook, enter a company-sponsored sweepstakes or contest or interact with it in a variety of other ways.

Instead, anyone who has received anything that could be construed as a benefit and who then has a dispute with the company over its products will have to use informal negotiation via email or go through arbitration to seek relief, according to the new terms posted on its site.

In language added on Tuesday after The New York Times contacted it about the changes, General Mills seemed to go even further, suggesting that buying its products would bind consumers to those terms.

While one might argue that you get what you deserve when you “like” a cereal on Facebook, this still seems ridiculous and excessive. I can almost see the sense of saying if it’s in a binding contract you sign as a subscriber (e.g., mobile phone service) such a clause can be considered legit, but something like this, which isn’t even “clickwrap” but more “likewrap” can’t possibly be legally binding. Not only has the person probably not read the details, from what’s being said, this “binding arbitration” clause may appear on a website they’ve never visited at all. I can’t see how that can or should be considered a true contract in any sense of the word.

Permalink | Comments | Email This Story







Posted in Syndicated | Leave a comment

US Government Is Paying To Undermine Internet Security, Not To Fix It

The Heartbleed computer security bug is many things: a catastrophic tech failure, an open invitation to criminal hackers and yet another reason to upgrade our passwords on dozens of websites. But more than anything else, Heartbleed reveals our neglect of Internet security.

The United States spends more than $50 billion a year on spying and intelligence, while the folks who build important defense software — in this case a program called OpenSSL that ensures that your connection to a website is encrypted — are four core programmers, only one of whom calls it a full-time job.

In a typical year, the foundation that supports OpenSSL receives just $2,000 in donations. The programmers have to rely on consulting gigs to pay for their work. “There should be at least a half dozen full time OpenSSL team members, not just one, able to concentrate on the care and feeding of OpenSSL without having to hustle commercial work,” says Steve Marquess, who raises money for the project.

Is it any wonder that this Heartbleed bug slipped through the cracks?

Dan Kaminsky, a security researcher who saved the Internet from a similarly fundamental flaw back in 2008, says that Heartbleed shows that it’s time to get “serious about figuring out what software has become Critical Infrastructure to the global economy, and dedicating genuine resources to supporting that code.”

The Obama Administration has said it is doing just that with its national cybersecurity initiative, which establishes guidelines for strengthening the defense of our technological infrastructure — but it does not provide funding for the implementation of those guidelines.

Instead, the National Security Agency, which has responsibility to protect U.S. infrastructure, has worked to weaken encryption standards. And so private websites — such as Facebook and Google, which were affected by Heartbleed — often use open-source tools such as OpenSSL, where the code is publicly available and can be verified to be free of NSA backdoors.

The federal government spent at least $65 billion between 2006 and 2012 to secure its own networks, according to a February report from the Senate Homeland Security and Government Affairs Committee. And many critical parts of the private sector — such as nuclear reactors and banking — follow sector-specific cybersecurity regulations.

But private industry has also failed to fund its critical tools. As cryptographer Matthew Green says, “Maybe in the midst of patching their servers, some of the big companies that use OpenSSL will think of tossing them some real no-strings-attached funding so they can keep doing their job.”

In the meantime, the rest of us are left with the unfortunate job of changing all our passwords, which may have been stolen from websites that were using the broken encryption standard. It’s unclear whether the bug was exploited by criminals or intelligence agencies. (The NSA says it didn’t know about it.)

It’s worth noting, however, that the risk of your passwords being stolen is still lower than the risk of your passwords being hacked from a website that failed to protect them properly. Criminals have so many ways to obtain your information these days — by sending you a fake email from your bank or hacking into a retailer’s unguarded database — that it’s unclear how many would have gone through the trouble of exploiting this encryption flaw.

The problem is that if your passwords were hacked by the Heartbleed bug, the hack would leave no trace. And so, unfortunately, it’s still a good idea to assume that your passwords might have been stolen.

So, you need to change them. If you’re like me, you have way too many passwords. So I suggest starting with the most important ones — your email passwords. Anyone who gains control of your email can click “forgot password” on your other accounts and get a new password emailed to them. As a result, email passwords are the key to the rest of your accounts. After email, I’d suggest changing banking and social media account passwords.

But before you change your passwords, you need to check if the website has patched their site. You can test whether a site has been patched by typing the URL here. (Look for the green highlighted ” Now Safe” result.)

If the site has been patched, then change your password. If the site has not been patched, wait until it has been patched before you change your password.

A reminder about how to make passwords: Forget all the password advice you’ve been given about using symbols and not writing down your passwords. There are only two things that matter: Don’t reuse passwords across websites and the longer the password, the better.

I suggest using password management software, such as 1Password or LastPass, to generate the vast majority of your passwords. And for email, banking and your password to your password manager, I suggest a method of picking random words from the Dictionary called Diceware. If that seems too hard, just make your password super long — at least 30 or 40 characters long, if possible.

Republished from ProPublica

Heartbleed Explanation

Permalink | Comments | Email This Story







Posted in Syndicated | Leave a comment

US Has A ‘Secret Exception’ To Reasonable Suspicion For Putting People On The No Fly List

Over the past few months, we covered the bizarre trial concerning Rahinah Ibrahim and her attempt to get off the no fly list. In January, there was an indication that the court had ordered her removed from the list, but without details. In February, a redacted version of the ruling revealed that the whole mess was because an FBI agent read the instructions wrong on a form and accidentally placed her on the no fly list, though we noted that some of the redactions were quite odd.

However, earlier this week, the court finally released the unredacted version, and we’ll have a few things to say about the choice of redactions in a later post. But first, there were three main “reveals” from the newly unredacted version. The first is that Ibrahim was actually put on multiple lists by mistake (and never for any clear reason) and was actually dropped from the no fly list years ago (though the other lists created the same effective problem in barring her from being allowed to travel to the US). The second is that the US government has a “secret exception” to the requirement that there be “reasonable suspicion” to put someone in various terrorist databases, and that secret exception was later used on Ibrahim. And third, that despite the implications from the redacted versions, the fully unredacted ruling shows that Ibrahim is still likely blocked from coming to the US for separate undisclosed reasons, even though the government fully admits that she is no threat. All of these things were hidden by the redacted version.

Let’s start with the first issue — that Ibrahim was not just on the no fly list, but multiple other lists and databases. This all stemmed (at first) from that initial mistake from FBI Agent Kevin Michael Kelley. The yellow highlighted portions on this form were redacted in the original version, but now they’re public:

As you can see, Agent Kelley was supposed to be checking which lists NOT to put Ibrahim on, and did the reverse of what he intended to do, meaning that she got placed on both the no fly list and the Interagency Border Information System (IBIS). In the redacted version, all mentions of IBIS were redacted. Note that, from this, Kelley did intend to put her on the Selectee list. Later, an unredacted portion reveals that at the time she was removed from that selectee list, she was added to the lists the US gives to Australia and Canada (TACTICS and TUSCAN — though no reason for that was ever provided). The court also notes that all the way back in 2006, a government agent requested that Ibrahim be removed from all lists, and she was removed from some, but not the others.

However — and here’s where it gets really sketchy — the government started putting her back into the terrorist screening database (TSDB). She was added back in 2007… and then removed three months later, for no clear reason. But then, in 2009 she was added back to the TSDB “pursuant to a secret exception to the reasonable suspicion standard.” Let’s repeat that. In order to be put into the TSDB, the government is required to show a “reasonable suspicion” that the person is a terrorist. However, what this court ruling has revealed is that there is an unexplained secret exception that allows people to be placed on the terrorist screening database even if there’s no reasonable suspicion, and the government used that secret exception to put Ibrahim back on the list.

Later in the ruling it notes that the terrorist screening center knows Ibrahim is not a terrorist threat. This line was revealed back in February:

The TSC has determined that Dr. Ibrahim does not currently meet the reasonable suspicion standard for inclusion in the TSDB.

However, the next two sentences were redacted until now:

She, however, remains in the TSDB pursuant to a classified and secret exception to the reasonable suspicion standard. Again, both the reasonable suspicion standard and the secret exception are self-imposed processes and procedures within the Executive Branch.

The ruling also makes it clear that Ibrahim has not been on the actual no fly list (even if she is on other lists) since 2005, and that she should be told this (and, indeed, to comply with the law, the government has now told her solely that she’s not on the “no fly” list and hasn’t been since 2005). It also tells the government to search for all traces of her being on all such lists and correct all of those that are connected to Agent Kelley’s initial mistake. However, it’s not at all clear if this applies to the later additions to the TSDB, which was done for this secret and undisclosed exception, and might not be directly because of Agent Kelley’s mistake (though, potentially is indirectly because of that). In fact, a different unredacted section now says that the reasons why Ibrahim was denied a visa (which were revealed to the court in a classified manner) were valid, and thus it appears that Ibrahim will still be denied visas in the future (unredacted portions underlined) — and, indeed, as we explain below that has already happened:

The Court has read the relevant classified information, under seal and ex parte, that led to the visa denials. That classified information, if accurate, warranted denial of the visa under Section 212(a)(3)(B) of the Immigration and Nationality Act, 8 U.S.C. 1182(a)(3)(B). (That information was different from the 2004 mistaken nomination by Agent Kelley.) Therefore, under the state secrets privilege, any challenge to the visa denials in 2009 and 2013 must be denied

Thus, it appears that while Ibrahim has been told she’s been taken off the no fly list (and has been for nearly ten years), she’s still not going to be able to travel to the US, because she’s still in the TSDB for an unrevealed secret reason — even though everyone admits she’s not a threat. And, indeed, Ibrahim tried to apply for a visa to the US on Monday and was denied (with the apparent reason — if you read between the lines — being that she is related to someone “engaged in a terrorist activity.”)

Either way, what sort of country is this where there’s a secret exception to “reasonable suspicion” that will put you on a set of secret lists that get you treated like a terrorist for wanting to travel?

Permalink | Comments | Email This Story







Posted in Syndicated | Leave a comment

Teen Arrested For Using Heartbleed To Get Canadian Taxpayer Info; Did Nothing To Hide Himself

One of the most high profile victims of the Heartbleed vulnerability was the Canadian tax service, Canada Revenue Agency, which shut down its online tax filing offering. A few days later, the agency admitted that about 900 Canadians had information copied from the site via someone exploiting the vulnerability, prior to the site being shut down. And, from there, it was just a day or so until it was reported that a teenager, Stephen Arthuro Solis-Reyes, had been arrested for the hack.

Given the speed of the arrest, it would not appear that Solis-Reyes did very much to cover his tracks. In fact, reports say he did nothing to hide his IP address. He’s a computer science student — and his father is a CS professor, with a specialty in data mining. It seems at least reasonably likely that the “hack” was more of a “test” to see what could be done with Heartbleed and (perhaps) an attempt to show off how risky the bug could be, rather than anything malicious. It will be interesting to see how he is treated by Canadian officials, compared to say, the arrests of Aaron Swartz and weev.

Permalink | Comments | Email This Story







Posted in Syndicated | Leave a comment

Snowden Calls BS On Putin’s Answer: Says He Was Playing The Role Of Ron Wyden

Yesterday we, like many, were perplexed by Ed Snowden’s decision to go on a Russian television program, and to ask Vladimir Putin a question about whether or not the Russians do mass surveillance like the NSA does (which was, of course, exposed by Ed Snowden). It was clearly playing into Putin’s propaganda efforts, because Putin immediately took the opportunity to insist that no, Russia does not do mass surveillance like that. Of course, Putin’s answer was not true. Many of Snowden’s detractors immediately jumped on this as an example of how he was working for the Putin propaganda machine — and many (including us), wondered if he was, at the very least, pressured to play a role in order to keep his temporary asylum. Others thought he was just being naive. Some Snowden supporters, however, insisted that we should hear him out, and see if there was some more specific motive behind his question.

Apparently, we didn’t have to wait long. Snowden himself has now directly called Putin out for lying about Russian surveillance, and said that his question was designed to act similar to Senator Ron Wyden’s now famous question to James Clapper, leading to Clapper’s lie, which (in part) sparked Snowden’s decision to finally release the files he’d been collecting. Snowden, writing in the Guardian, explained:

On Thursday, I questioned Russia’s involvement in mass surveillance on live television. I asked Russia’s president, Vladimir Putin, a question that cannot credibly be answered in the negative by any leader who runs a modern, intrusive surveillance program: “Does [your country] intercept, analyse or store millions of individuals’ communications?”

I went on to challenge whether, even if such a mass surveillance program were effective and technically legal, it could ever be morally justified.

The question was intended to mirror the now infamous exchange in US Senate intelligence committee hearings between senator Ron Wyden and the director of national intelligence, James Clapper, about whether the NSA collected records on millions of Americans, and to invite either an important concession or a clear evasion. (See a side-by-side comparison of Wyden’s question and mine here.)

Clapper’s lie – to the Senate and to the public – was a major motivating force behind my decision to go public, and a historic example of the importance of official accountability.

From there, he explains why he thinks Putin was lying, and how he expects this to now be exposed in Russia, as it was in the US:

In his response, Putin denied the first part of the question and dodged on the latter. There are serious inconsistencies in his denial – and we’ll get to them soon – but it was not the president’s suspiciously narrow answer that was criticised by many pundits. It was that I had chosen to ask a question at all.

I was surprised that people who witnessed me risk my life to expose the surveillance practices of my own country could not believe that I might also criticise the surveillance policies of Russia, a country to which I have sworn no allegiance, without ulterior motive. I regret that my question could be misinterpreted, and that it enabled many to ignore the substance of the question – and Putin’s evasive response – in order to speculate, wildly and incorrectly, about my motives for asking it.

The investigative journalist Andrei Soldatov, perhaps the single most prominent critic of Russia’s surveillance apparatus (and someone who has repeatedly criticised me in the past year), described my question as “extremely important for Russia”. It could, he said, “lift a de facto ban on public conversations about state eavesdropping.”

Snowden also pointed out the remarkably similar response from Putin and Obama when asked about their domestic surveillance programs, and noted that he expects the Russian press to finally start challenging Putin on this assertion.

When this event comes around next year, I hope we’ll see more questions on surveillance programs and other controversial policies. But we don’t have to wait until then. For example, journalists might ask for clarification as to how millions of individuals’ communications are not being intercepted, analysed or stored, when, at least on a technical level, the systems that are in place must do precisely that in order to function. They might ask whether the social media companies reporting that they have received bulk collection requests from the Russian government are telling the truth.

Finally, he notes that his position continues to remain entirely consistent:

I blew the whistle on the NSA’s surveillance practices not because I believed that the United States was uniquely at fault, but because I believe that mass surveillance of innocents – the construction of enormous, state-run surveillance time machines that can turn back the clock on the most intimate details of our lives – is a threat to all people, everywhere, no matter who runs them.

Last year, I risked family, life, and freedom to help initiate a global debate that even Obama himself conceded “will make our nation stronger”. I am no more willing to trade my principles for privilege today than I was then.

I understand the concerns of critics, but there is a more obvious explanation for my question than a secret desire to defend the kind of policies I sacrificed a comfortable life to challenge: if we are to test the truth of officials’ claims, we must first give them an opportunity to make those claims.

I don’t think many people — other than perhaps the most diehard Snowden supporters — expected something quite like this. For months, many Snowden detractors have repeatedly criticized Snowden for not speaking out against Russian authoritarianism and surveillance. Many of us have felt that those criticisms were significantly off-base, in part because that wasn’t Snowden’s particular fight (nor did he have any unique knowledge of Russian surveillance, as he did with the US). It seemed like a stupid false equivalency to try to make Snowden look bad. And when he asked his question to Putin, some people argued that this showed he was actually “questioning” Russian surveillance. Except that the TV question felt like such a softball, so designed to allow Putin to spin some propaganda that this didn’t really seem like Snowden challenging anything.

However, this latest response suggests that Snowden is (once again) playing a game where he’s several moves ahead of many folks. The question may have set up a propaganda answer, but it appears there was a bigger strategy behind it — and one that remains entirely consistent with what Snowden has claimed his position has been since the beginning. Frankly, while this possibility was raised about his original question to Putin, many people (myself included) thought it was unlikely that Snowden would so directly go after his current hosts (who only became his hosts thanks to the US pulling his passport). Putin is not known for gracefully handling those who directly challenge him, and I don’t think it would be surprise anyone if Snowden had continued to stay out of the question of Russian surveillance, simply out of basic necessity.

Snowden, however, has said from the beginning, that this story has never been about him, and he accepts that the end result of his starting the process may not be good for himself. He’s made it clear that he was willing to effectively sacrifice himself to get this debate going — and having done it once, he apparently has decided he can do it again in another context. While I was confused by this move 24 hours ago, I’ll admit it was because I never thought Snowden would go this far (and so quickly) to criticize Russia while he was there. Already, given what Snowden did in releasing the NSA documents, he’s shown that he’s much braver (and in many ways, patriotic to the public) than just about anyone. In now questioning — and then calling BS on Putin’s answer — he’s shown that bravery was not a one-time thing, but a position he intends to live by going forward.

Snowden likely made a lot more powerful enemies today — including more who could make life very uncomfortable for him very soon. But he also showed why the public, around the globe, owes him an incredibly large debt of gratitude, one which it’s unclear we’ll ever be able to pay off.

Permalink | Comments | Email This Story







Posted in Syndicated | Leave a comment

TAFTA/TTIP: What Are The Benefits? What Are The Costs?

As we draw near to the conclusion of TAFTA/TTIP’s first year of negotiations, the detailed differences are starting to emerge between the US and EU. But one thing they both take for granted is that it’s a good idea. “Good” in this context is essentially about money: the argument is that concluding a trade deal between the US and EU will boost both their economies, increase companies’ profits, create employment and generally make people better off. Of course, since all of those are in the future, the only way to justify those kind of claims is to model the likely effects of TTIP on the various economies — of the US, EU and rest of the world.

That’s precisely what a study entitled “Reducing Transatlantic Barriers to Trade and Investment; An Economic Assessment” aimed to do (pdf). Although it’s not the only study, it’s indubitably the most quoted — its figures crop up in most articles about the benefits of TAFTA/TTIP. That’s largely because it was paid for by the European Commission, and therefore forms the “official” predictions of the benefits that are likely to flow from the agreement:

An ambitious and comprehensive transatlantic trade and investment agreement could bring significant economic gains as a whole for the EU (€119/$165 billion a year) and US (€95/$131 billion a year). This translates to an extra €545/$750 in disposable income each year for a family of 4 in the EU, on average, and €655/$910.

Usually, those figures are repeated without further comment or analysis. That’s unfortunate, because there are a number of important assumptions behind them. For example, the use of the phrase “ambitious and comprehensive” is no mere rhetorical flourish: it refers to the most optimistic scenario considered in the study — in other words, the best-case outcome. Significantly, it not only assumes that all remaining tariffs will be removed — since these are already low (around 4%), the benefit from doing so is slight — but also many “non-tariff barriers”, economist-speak for regulations and standards. Of course, what industry regards as “barriers”, citizens may see more as protections.

The other fact that is almost never mentioned is that the Commission’s figures quoted above all refer to 2027, and are the predicted gains from TAFTA/TTIP after it has been in place for 10 years. Leaving aside the difficulty of predicting the US and EU economies in 2027, it also means that the claimed increases in GDP — 0.39% for the US, and 0.48% for the EU — are cumulative gains over ten years, and amount to less than 0.05% extra GDP added per year.

Those figures not only refer to the “ambitious and comprehensive” scenario — in other words, they are an upper bound on what is likely to be obtained — but also fail to take into account key costs associated with the changes that TAFTA/TTIP would bring about. It’s perhaps not surprising that the European Commission’s own analysis does not include these — after all, they reduce the already-small benefits yet further. But clearly, in considering whether to proceed with TTIP, politicians and the public need to have the full picture, and that includes the likely costs as well as the likely benefits.

Fortunately, estimates for those costs have now been produced in some new research. It has been commissioned by the Confederal Group of the European United Left/Nordic Green Left (GUE/NGL) political group in the European Parliament. That group has an obvious political agenda, but then so does the European Commission. What’s important is to have a range of analyses of the benefits and costs of TAFTA/TTIP so as to be able to form an overall, independent opinion drawing on them all.

The report “Assessing the Claimed Benefits of the Transatlantic Trade and Investment Partnership (pdf) offers a critical analysis not just of the European Commission’s study, but of three others too. It examines their underlying econometric models in great detail to expose the assumptions made and data used. Here’s its summary:

All of the four scrutinized studies report small, but positive effects on GDP, trade flows and real wages in the EU. GDP and real wage increases are however estimated by most studies to range from 0.3 to 1.3 %, even in the most optimistic liberalization scenarios. These changes refer to a level change within 10 to 20 years (!), annual GDP growth during this transition period would thus amount to 0.03 to 0.13 % at most.

That confirms that the very low GDP boost from TTIP, as predicted by the European Commission’s study, is also a feature of the others. That’s interesting for economists, but for non-specialists the new report’s chief virtue is that for the first time it estimates the likely costs of TTIP. It points out that there are several major classes of these, largely ignored in the four studies considered:

Adjustment costs are mostly neglected or downplayed in the TTIP studies. This refers in particular to macroeconomic adjustment costs, which can come in the form of (i) changes to the current account balance, (ii) losses to public revenues, and (iii) changes to the level of unemployment.

These are costs associated with the changes brought about by TAFTA/TTIP. For example, removing tariff barriers necessarily reduces the income received by governments; the GUE/NGL study considers this in various scenarios, and comes up with a cost over 10 years of around €30/$40 bn for the EU economy. Costs are not calculated for the US, unfortunately, but it is likely that a similar figure would apply there too.

There are also significant labor adjustment costs, as some industries take on new workers, while others make them redundant. The report estimates these at around €10/$14 bn over the first ten years of TTIP. There will also be concomitant losses as a result of lower income tax and social security contributions from those who lose their jobs — another €7/$10 bn.

That makes a total of €47/$64 bn. On top of that, there are two other important classes of costs. One is those arising out of corporate sovereignty payments. These can reach billions of euros/dollars per award, and are likely to become common given that there are 75,000 companies that could use an ISDS chapter in TTIP to sue the US or EU. The amount potentially involved is hard to quantify at this stage, as are the associated “social costs” of removing non-tariff barriers:

the elimination of [non-tariff barriers] will result in a potential welfare loss to society, in so far as this elimination threatens public policy goals (e.g. consumer safety, public health, environmental safety), which are not taken care of by some other measure or policy. Though subject to considerable insecurity, these types of adjustment costs might be substantial, and require careful case-by-case analysis. As we will see in the following, although the social costs of regulatory change are of particular relevance for the analysis of TTIP because of its emphasis of regulation issues, they have not been dealt with properly by the four scrutinized TTIP studies.

In other words, the cost of removing or harmonizing regulations and standards is not fully included in the calculation of whether TAFTA/TTIP is worth pursuing. Once again, that reveals that TTIP is currently seen purely through the optic of business — whether profits are increased, not whether society must pay a corresponding, or even higher, price to make that possible.

While some will doubtless argue about the details of the new GUE/NGL analysis, it has the valuable function of reminding us that TAFTA/TTIP is not just about corporate profits, but also concerns the 800 million people who make up the citizenry of the US and EU. Until they are included in the equation, and their potential losses and gains factored in, any claims about TTIP’s “benefits” — even the tiny ones that the European Commission’s analysis comes up with in its “ambitious and comprehensive” agreement — must be regarded as simplistic, one-sided and incomplete.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Permalink | Comments | Email This Story







Posted in Syndicated | Leave a comment