PRIVACY ORIENTED | From the age of BIG BROTHER – greetings!

June 17th, 2009  via Cryptogon

In the New York Times piece below, we learn that an email database used by the NSA is called PINWALE.

Back in 2006, William M Arkin, a Washington Post blogger, published a list of hundreds of terms that were allegedly associated with NSA projects. Along with the list, he wrote:

I could write volumes about the research efforts and the software programs and tools used to process the mountains of information the NSA and other agencies ingest. No doubt over the coming days and weeks, more will be written. For today though, I provide a pointer, based upon my research, of software, tools and intelligence databases that I have been able to identify in government documents relating to data mining, link analysis, and ingestion, digestion, and distribution of intelligence. My hope would be that other journalists and researchers will follow the leads.

PINWALE was one of the designators on that list. (Arkin’s original story, Telephone Records are just the Tip of NSA’s Iceberg, is no longer available on the Washington Post’s site. Copies exist here and here.)

Keep Arkin’s list in mind as we learn a little bit about PINWALE. It’s just a drop in a sea of black surveillance and data mining projects. Who knows how long the list actually is…

FYI: The following link will bring up much of what’s on Cryptogon that’s related to mass surveillance: NSA AND (ECHELON OR MAIN CORE OR Narus OR Klein OR Tice)

Via: New York Times:

The National Security Agency is facing renewed scrutiny over the extent of its domestic surveillance program, with critics in Congress saying its recent intercepts of the private telephone calls and e-mail messages of Americans are broader than previously acknowledged, current and former officials said.

The agency’s monitoring of domestic e-mail messages, in particular, has posed longstanding legal and logistical difficulties, the officials said.

Since April, when it was disclosed that the intercepts of some private communications of Americans went beyond legal limits in late 2008 and early 2009, several Congressional committees have been investigating. Those inquiries have led to concerns in Congress about the agency’s ability to collect and read domestic e-mail messages of Americans on a widespread basis, officials said. Supporting that conclusion is the account of a former N.S.A. analyst who, in a series of interviews, described being trained in 2005 for a program in which the agency routinely examined large volumes of Americans’ e-mail messages without court warrants. Two intelligence officials confirmed that the program was still in operation.

Both the former analyst’s account and the rising concern among some members of Congress about the N.S.A.’s recent operation are raising fresh questions about the spy agency.

Representative Rush Holt, Democrat of New Jersey and chairman of the House Select Intelligence Oversight Panel, has been investigating the incidents and said he had become increasingly troubled by the agency’s handling of domestic communications.

In an interview, Mr. Holt disputed assertions by Justice Department and national security officials that the overcollection was inadvertent.

“Some actions are so flagrant that they can’t be accidental,” Mr. Holt said.

Other Congressional officials raised similar concerns but would not agree to be quoted for the record.

Mr. Holt added that few lawmakers could challenge the agency’s statements because so few understood the technical complexities of its surveillance operations. “The people making the policy,” he said, “don’t understand the technicalities.”

The inquiries and analyst’s account underscore how e-mail messages, more so than telephone calls, have proved to be a particularly vexing problem for the agency because of technological difficulties in distinguishing between e-mail messages by foreigners and by Americans. A new law enacted by Congress last year gave the N.S.A. greater legal leeway to collect the private communications of Americans so long as it was done only as the incidental byproduct of investigating individuals “reasonably believed” to be overseas.

But after closed-door hearings by three Congressional panels, some lawmakers are asking what the tolerable limits are for such incidental collection and whether the privacy of Americans is being adequately protected.

“For the Hill, the issue is a sense of scale, about how much domestic e-mail collection is acceptable,” a former intelligence official said, speaking on condition of anonymity because N.S.A. operations are classified. “It’s a question of how many mistakes they can allow.”

While the extent of Congressional concerns about the N.S.A. has not been shared publicly, such concerns are among national security issues that the Obama administration has inherited from the Bush administration, including the use of brutal interrogation tactics, the fate of the prison at Guantánamo Bay, Cuba, and whether to block the release of photographs and documents that show abuse of detainees.

In each case, the administration has had to navigate the politics of continuing an aggressive intelligence operation while placating supporters who want an end to what they see as flagrant abuses of the Bush era.

The N.S.A. declined to comment for this article. Wendy Morigi, a spokeswoman for Dennis C. Blair, the national intelligence director, said that because of the complex nature of surveillance and the need to adhere to the rules of the Foreign Intelligence Surveillance Court, the secret panel that oversees surveillance operation, and “other relevant laws and procedures, technical or inadvertent errors can occur.”

“When such errors are identified,” Ms. Morigi said, “they are reported to the appropriate officials, and corrective measures are taken.”

In April, the Obama administration said it had taken comprehensive steps to bring the security agency into compliance with the law after a periodic review turned up problems with “overcollection” of domestic communications. The Justice Department also said it had installed new safeguards.

Under the surveillance program, before the N.S.A. can target and monitor the e-mail messages or telephone calls of Americans suspected of having links to international terrorism, it must get permission from the Foreign Intelligence Surveillance Court. Supporters of the agency say that in using computers to sweep up millions of electronic messages, it is unavoidable that some innocent discussions of Americans will be examined. Intelligence operators are supposed to filter those out, but critics say the agency is not rigorous enough in doing so.

The N.S.A. is believed to have gone beyond legal boundaries designed to protect Americans in about 8 to 10 separate court orders issued by the Foreign Intelligence Surveillance Court, according to three intelligence officials who spoke anonymously because disclosing such information is illegal. Because each court order could single out hundreds or even thousands of phone numbers or e-mail addresses, the number of individual communications that were improperly collected could number in the millions, officials said. (It is not clear what portion of total court orders or communications that would represent.)

“Say you get an order to monitor a block of 1,000 e-mail addresses at a big corporation, and instead of just monitoring those, the N.S.A. also monitors another block of 1,000 e-mail addresses at that corporation,” one senior intelligence official said. “That is the kind of problem they had.”

Overcollection on that scale could lead to a significant number of privacy invasions of American citizens, officials acknowledge, setting off the concerns among lawmakers and on the secret FISA court.

“The court was not happy” when it learned of the overcollection, said an administration official involved in the matter.

Defenders of the agency say it faces daunting obstacles in trying to avoid the improper gathering or reading of Americans’ e-mail as part of counterterrorism efforts aimed at foreigners.

Several former intelligence officials said that e-mail traffic from all over the world often flows through Internet service providers based in the United States. And when the N.S.A. monitors a foreign e-mail address, it has no idea when the person using that address will send messages to someone inside the United States, the officials said.

The difficulty of distinguishing between e-mail messages involving foreigners from those involving Americans was “one of the main things that drove” the Bush administration to push for a more flexible law in 2008, said Kenneth L. Wainstein, the homeland security adviser under President George W. Bush. That measure, which also resolved the long controversy over N.S.A.’s program of wiretapping without warrants by offering immunity to telecommunications companies, tacitly acknowledged that some amount of Americans’ e-mail would inevitably be captured by the N.S.A.

But even before that, the agency appears to have tolerated significant collection and examination of domestic e-mail messages without warrants, according to the former analyst, who spoke only on condition of anonymity.

He said he and other analysts were trained to use a secret database, code-named Pinwale, in 2005 that archived foreign and domestic e-mail messages. He said Pinwale allowed N.S.A. analysts to read large volumes of e-mail messages to and from Americans as long as they fell within certain limits — no more than 30 percent of any database search, he recalled being told — and Americans were not explicitly singled out in the searches.

The former analyst added that his instructors had warned against committing any abuses, telling his class that another analyst had been investigated because he had improperly accessed the personal e-mail of former President Bill Clinton.

Other intelligence officials confirmed the existence of the Pinwale e-mail database, but declined to provide further details.

The recent concerns about N.S.A.’s domestic e-mail collection follow years of unresolved legal and operational concerns within the government over the issue. Current and former officials now say that the tracing of vast amounts of American e-mail traffic was at the heart of a crisis in 2004 at the hospital bedside of John Ashcroft, then the attorney general, as top Justice Department aides staged a near revolt over what they viewed as possibly illegal aspects of the N.S.A.’s surveillance operations.

James Comey, then the deputy attorney general, and his aides were concerned about the collection of “meta-data” of American e-mail messages, which show broad patterns of e-mail traffic by identifying who is e-mailing whom, current and former officials say. Lawyers at the Justice Department believed that the tracing of e-mail messages appeared to violate federal law.

“The controversy was mostly about that issue,” said a former administration official involved in the dispute.

By Jim Bronskill – 1 day ago

OTTAWA — A House of Commons committee says the federal privacy law should be expanded to cover new technologies such as live surveillance-camera feeds and DNA swabs collected from suspects.

Currently the Privacy Act deals only with information collected by the government in recorded form, such as papers, tapes and computer files.

In a report tabled Friday, the MPs also advocate giving Privacy Commissioner Jennifer Stoddart a clear public-education mandate and making government departments tell Parliament more about their privacy-related activities.

In addition, they endorse the idea of a new provision requiring agencies to protect personal information with proper security safeguards.

The report zeroes in on a dozen quick fixes to the law proposed by Stoddart, the federal privacy ombudsman.

It says a complete overhaul of the privacy law is warranted, but the quick fixes are a step forward for now.

However, the committee either rejected or had no firm opinion on several of Stoddart’s proposals.

It said further study was needed on a proposal for a legislative “necessity test” that would require government agencies to demonstrate the need for the personal information they collect.

The Privacy Act gives people the right to see the information federal agencies have about them – from tax records to student loan applications – and dictates how the government collects, stores and uses that data.

But the law has not been substantially revised since taking effect 26 years ago.

The report says much has changed since, noting calls for reform date from 1987.

In testimony before the committee, the Canadian Bar Association said the law took effect before the dawn of technologies for electronic data matching, biometric identifiers such as fingerprints and iris scans, decoding of the human genome and geopositioning satellites.

In a supplementary report, the NDP says all 12 proposed quick fixes should be implemented immediately and urges the government to go further.

“At one time Canada was a leader in protecting the privacy of its citizens,” says the report by New Democrat MP Bill Siksay.

“However, the Privacy Act has not kept up with the times or with developments in privacy protection.”

MPs recommend the law be reviewed every five years.

Copyright © 2009 The Canadian Press. All rights reserved.

By RYAN J. FOLEY, Associated Press

Last update: May 25, 2009 – 2:26 AM

MADISON, Wis. – Investigators were tipped that habitual criminal Bernardo Garcia was back to making and dealing methamphetamine in 2005 but they needed more evidence to nail him.

So they secretly installed a GPS to his borrowed Ford Tempo. The technology showed Garcia often drove to land in northwestern Wisconsin, where investigators found a stash of meth-making equipment.

Garcia, who once bragged he could make meth across from a police station without getting caught, drove to the scene while investigators were there. He was arrested, convicted and sent to prison.

Across the nation, investigators are using GPS to catch drug dealers, burglars, stalkers and other criminals. Police say the devices, which rely on satellites to determine locations, are similar to trailing a suspect with officers but more effective.

“It’s been a very good investigative tool,” said Craig Klyve of the Wisconsin Division of Criminal Investigation, whose agents install GPS on cars up to 75 times a year. “The technology allows you to track and maintain a history of movements of a vehicle over a period of time in a way that your surveillance doesn’t get burned and is much less manpower-intensive. It’s a way to work smarter.”

Privacy advocates and criminal defense lawyers beg to differ. They say the technology goes beyond surveillance and could be used to create a detailed, around-the-clock profile of one’s movements. Because the trackers are so affordable, they view them as a privacy threat that could reveal one’s political, religious and personal associations to law enforcement.

Courts are now grappling with how to balance privacy rights against an investigative technique hailed by state and local police, the Drug Enforcement Administration and FBI.

“We’re seeing more and more cases,” said Jennifer Granick, civil liberties director at the San Francisco-based Electronic Frontier Foundation. “The law is struggling to understand the way in which these kinds of sophisticated tracking technologies change the calculus for what is private and what is an overly invasive technique.”

The U.S. Supreme Court ruled in 1983 that drivers on public streets do not have a reasonable expectation of privacy and police could place radio “beepers” in cars without warrants. Whether courts will treat GPS differently remains unclear.

Earlier this month, New York’s highest court ruled 4-3 that police must obtain search warrants before they can secretly attach devices to vehicles.

But the week before, a Wisconsin appeals court ruled GPS tracking did not involve a search or seizure under the Fourth Amendment so a warrant was unnecessary. The court warned “police are seemingly free to secretly track anyone’s public movements with a GPS device” and called for a state law to prevent abuse.

Some state lawmakers responded by drafting a bill that would require police to obtain warrants first.

“I don’t want the government to be able to track and monitor people wherever they go,” said Rep. Marlin Schneider, a Democrat. “One of our great freedoms in this country is our right to travel and that’s undermined if we’re under constant surveillance.”

The federal appeals court in Chicago in 2007 approved the warrantless GPS tracking of Garcia, now 35.

Judge Richard Posner wrote police had ample reason to suspect Garcia of crimes — but acknowledged the technology could one day be used for massive police surveillance. A federal appeals court in Washington, D.C., will rule in a similar case soon involving a drug dealer busted with the help of GPS.

Klyve said his agency does not get a warrant before installing the devices in most cases, when vehicles are parked in public places. He said agents will obtain warrants if installation is done on private property or requires opening a car hood or trunk.

Some devices, such as the one that helped nab Garcia, must be retrieved and have the tracking information downloaded to a computer.