Presentation is loading. Please wait.

Presentation is loading. Please wait.

PRISM & The Dark Side of the Net

Published byFranklin Short Modified over 6 years ago

Similar presentations

Presentation on theme: "PRISM & The Dark Side of the Net"— Presentation transcript:

1 PRISM & The Dark Side of the Net
Bristol Anarchist Bookfair 2014

2 The Plan Talk about Edward Snowden and PRISM, Tempora, Data Retention, RIPA.... Briefly look at the current legal challenge to RIPA in the UK.... Discuss what we understand by privacy, what our concerns are and what tools are available. Demonstrate the latest version of a great tool for the job, called TAILS.

3 Edward Snowden & Snowden was an NSA (National Security Agency) contractor Documents were leaked on 6th June 2013 in The Guardian and The Washington Post. Explicitly named a number of technology companies in having cooperated with the programme, including: Microsoft, Yahoo!, Google, Facebook, Paltalk, YouTube, AOL, Skype and Apple. As a large quantity of Internet traffic is routed via the US, this means that a lot of data is being monitored. One claim is that 98% of the production of PRISM data is collected from Yahoo, Microsoft and Google. Protect America Act of removed the warrant requirement for government surveillance of foreign intelligence targets "reasonably believed" to be outside of the United States. PRISM was "the number one source of raw intelligence used for NSA analytic reports. The disclosures were published by The Guardian and The Washington Post on June 6, 2013 The program is operated under the supervision of the U.S. Foreign Intelligence Surveillance Court (FISA Court, or FISC) pursuant to the Foreign Intelligence Surveillance Act (FISA).[

4 What happened next Snowden was holed up in Hong Kong then fled to Moscow. He spent weeks at the airport before getting a visa to remain for up to a year. Praise be to Putin the defender of free speech! Guardian reporter Alan Rusbridger was contacted by a “very senior UK government official” who demanded the return and destruction of all material that was being worked on at The Guardian threatening legal intervention to shut the newspaper down. GCHQ “security experts” oversaw destruction of hard drives on the premises of The Guardian. David Miranda, the journalist that broke most of the Snowden stories and Brazilian national, was detained on 19th Aug at Heathrow by UK authorities under section 7 of the Terrorism Act Under the Act he was not permitted a lawyer. They retained his laptop, phone and various other belongings. (The Guardian) Finally, a possibly randomly Anonymous hacked into Mole Valley Council's web site to protest about the detention of Miranda. The detention power, claims the UK government, is used "to determine whether that person is or has been involved in the commission, preparation or instigation of acts of terrorism." Miranda was detained under the pretext that terrorism includes “intention to influence a government for political reasons” they spent their time interrogating him about the NSA reporting which Laura Poitras, the Guardian and his partner Glenn Greenwald are doing, as well the content of the electronic products he was carrying

5 US-984XN

6 PRISM: The ramifications?
Although this is US legislation, PRISM actually has most effect on the privacy of non-US nationals; in fact it explicitly excludes US nationals. We always knew that Big Brother was watching, what we didn't know was the perfidiousness of the cooperation of commercial companies that hold our data and that they are protected under the law. We know that the government IS interested in and WILL go to these lengths to MONITOR what we are doing. We know that, whether under pressure or not, companies WILL collude with this as they are legally protected. We know that foreign governments will break their own constitutional privacy laws and also those laws of other countries. We know that other governments have similar programmes, and that programmes can exchange information … for example: As PRISM is run under the auspices of the Foreign Intelligence Surveillance Court and under the provisions of the Foreign Intelligence Surveillance Act of 1978 Amendments Act of 2008, which states that they may not intentionally monitor a US national inside or outside the US, this legislation actually has the most effect on non-US nationals. PRISM was enabled under President Bush by the Protect America Act of 2007 and by the FISA Amendments Act of 2008, which immunizes private companies from legal action when they cooperate with U.S. government agencies in intelligence collection. In 2012 the act was renewed by Congress under President Obama for an additional five years Tempora is said to include recordings of telephone calls, the content of messages, Facebook entries and the personal internet history of users Lawyers for GCHQ said it would be impossible to list the total number of people targeted by Tempora because "this would be an infinite list which we couldn't manage".

7 What else is going on? PRISM isn't the only such system: Tempora is run by GCHQ who, according to Snowden, share data that they collect with the NSA GCHQ and 250 NSA staff are employed to process the data and some 850,000 people have access to it. Data carriers are compelled by law to comply with a request for data to be fed in to and processed by Tempora. We also have ECHELON (Five Eyes), Schengen Information System, INDECT, Data Retention Directive in the EU, Golden Shield Project (aka Great Firewall of China), Frenchelon in France, NATGRID, Centralised Monitoring System and DRDO NETRA in India, SORM in Russia, RICA in SA, Titan in Sweden, Onyx in Switzerland, National DNA Database in the UK; Fairview, DCSNet, Main Core, and many others in the US. And all the time new legislation, such as the Telecommunications (Interception Capability and Security) Bill in New Zealand are threatening our freedom and privacy further. Tempora point here is that with PRISM US aren't allowed to spy on it's own citizens, but then the UK can, and the information can be shared; so in a global world powers can get around local constitutional and privacy laws. ECHELON – Five Eyes a Signals Intelligence collection and analysis run by Aus, NZ, Canada, UK and US.

8 Data Retention (DR) EU Data Retention Directive* adopted in – legal requirement for member governments to ensure communications providers retain data for 6 – 24 months. Data is required to be available to competent national authorities in specific cases for the purpose of the investigation, detection and prosecution of serious crime, as defined by each Member State in its national law. This is poorly regulated in the UK under RIPA – the Regulation of Investigatory Powers Act 2000 – let's have more of a look at that. Data to be held includes: source, destination, date, time and duration, type, device used, location of mobile equipment. Bodies are Police, National Crime Intelligence Service, National Crime Squad, HMRC, Security Service, Secret Intelligence Service, Government Communications Headquarters, Food Standards Agency, Local Authorities, NHS. Reasons cited include: national security, detecting crime, preventing disorder, public safety, economic well-being of the UK, for any other purpose under order of the Secretary of State * "Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC"

9 Data Retention in the UK
The 2006 EUDRD was declared invalid on 8th April this year by the European Court of Justice for violating two basic rights: respect for private life and the protection of personal data. However in the UK RIPA is not well defined and is apparently vague in its protections. Certain bodies have access to retained data and the Home Office has the power to change this list at any time. GCHQ has apparently been retaining the data just in case it's needed. Section 65 means it cannot be challenged in a UK civil court. Open Rights Group is campaigning about this and have taken their case to Strasbourg along with others; it is progressing well, but will still take some 6-12 months to progress.

10 Privacy, a right? We believe that we have a right to privacy.
We believe that it is imperative that we are able to keep our affairs private from the State. We believe that the State has no right to our data. We believe that Governments should be afraid of their people, not the other way around. We believe that privacy is an essential requirement for democracy.

11 Discussion: some pointers
Do we think that sorting this out legally is going to be enough? The ORG campaign requests “no surveillance without suspicion”; but what does this mean and is it “dangerous”? (National) Security or Privacy? ... in other words Are we safer off unplugged? Do we feel we need to use privacy tools? Why do we not use privacy tools?

12 HTTPS (= encrypted web browsing)
There are suspicious that the NSA has access to the root SSL certificates and are thus able to decrypt connexions. There would therefore be a good reason not to use third-party provided certificates. Demonstrate – fire up Chrome and visit Whereas uses a “valid” certificate. But is it really safe??

13 GNU Privacy Guard (GPG) (= encrypted email messages + sender verification)
Phil Zimmermann created the first version of PGP encryption in The name, "Pretty Good Privacy"

14 TOR The Onion Router project.
Tor is a “network of virtual tunnel that allows people to improve their privacy and security on the Internet”. TOR Browser (Win/Mac/Linux) Orbot (Android) Recent issue: Demo at Run 'tortest' from command line on Mac. Attackers wield Firefox exploit to uncloak anonymous Tor users – Originally sponsored by the U.S. Naval Research Laboratory[9] (which had been instrumental in the early development of onion routing under the aegis of DARPA), Tor was financially supported by the Electronic Frontier Foundation from 2004 to 2005. Financial support from US State Dept, Broadcasting Board of Governers, National Science Foundation. 80% of $2M funding comes from US Government!

15 Heartbleed HEART BLEED http://ttfa.net/bleedlist http://xkcd.com/1354/
Yahoo! Aktivix Network23 Pinterest Reddit Wikipedia Mumsnet DuckDuckGo Riseup EventBrite

16 TAILS = The Amnesic Incognito Live System

17 STRINT W3C – WWW Consortium – Founded and Led by Sir Tim Berners-Lee
Strengthening the Internet Against Pervasive Montioring

18 https://www.openrightsgroup.org https://www.dontspyonus.org.uk/org
Thank you

Download ppt "PRISM & The Dark Side of the Net"

Similar presentations

TECHNO-TONOMY Privacy & Autonomy in a Networked World Learning Module 2: Legislating Privacy: Your Rights.

TECHNO-TONOMY Privacy & Autonomy in a Networked World Learning Module 2: Legislating Privacy: Your Rights.
Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002.

Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002.
Freedom of Speech (Part 3)

Freedom of Speech (Part 3)
Internet surveillance in the UK Ian Brown. Signals intelligence Everybody’s at it: Echelon Frenchelon Multinationals “We steal secrets with espionage,

Internet surveillance in the UK Ian Brown. Signals intelligence Everybody’s at it: Echelon Frenchelon Multinationals “We steal secrets with espionage,
The PATRIOT Act and Libraries Abby A. Goodrum April 15th, 2005.

The PATRIOT Act and Libraries Abby A. Goodrum April 15th, 2005.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
Effects of Counterterrorism Legislation post 09/11 James J. Clements Honors Colloquium May 3 rd, 2007.

Effects of Counterterrorism Legislation post 09/11 James J. Clements Honors Colloquium May 3 rd, 2007.
Chapter 15 Counter-terrorism. Introduction  United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism.

Chapter 15 Counter-terrorism. Introduction  United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism.
Data Retention LIS 550 Winter 2010 Unsworth Tuesday, March 02, 2010.

Data Retention LIS 550 Winter 2010 Unsworth Tuesday, March 02, 2010.
Europol’s tailor-made data protection framework

Europol’s tailor-made data protection framework
Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.

Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.
Anonymous Speech & Reading

Anonymous Speech & Reading
Www.sti-innsbruck.at © Copyright 2012 STI INNSBRUCK www.sti-innsbruck.at Tor project: Anonymity online.

© Copyright 2012 STI INNSBRUCK Tor project: Anonymity online.
Use of telecommunications data in fighting crime legally and effectively.

Use of telecommunications data in fighting crime legally and effectively.
10 March 2015 Barbora Bukovska, ARTICLE 19 Freedom of Expression: Jurisprudential trends Focus on surveillance.

10 March 2015 Barbora Bukovska, ARTICLE 19 Freedom of Expression: Jurisprudential trends Focus on surveillance.
 Board Policy GBEAA (The Internet Acceptable Use Policy): › “Employees will have access to the Internet for the purpose of instruction, resources and.

 Board Policy GBEAA (The Internet Acceptable Use Policy): › “Employees will have access to the Internet for the purpose of instruction, resources and.
CLOUD AND SECURITY: A LEGISLATOR'S PERSPECTIVE 6/7/2013.

CLOUD AND SECURITY: A LEGISLATOR'S PERSPECTIVE 6/7/2013.
The Patriot Act Protecting the US or Violating People’s Freedoms.

The Patriot Act Protecting the US or Violating People’s Freedoms.
I am Very Most Definitely Blacklisted Due to this Project Anyway......

I am Very Most Definitely Blacklisted Due to this Project Anyway......
Judgment of the Court of the European Union (Grand chamber) Retention of Telecommunications Data Holly Raiche Director, Internet Society of Australia.

Judgment of the Court of the European Union (Grand chamber) Retention of Telecommunications Data Holly Raiche Director, Internet Society of Australia.

Similar presentations

Ads by Google