May 2006


How about anorexia
70971-0.html?tw=wn_index_2″>both. My Wired News column is up.

USATODAY.com – NSA has massive database of Americans’ phone calls

Here’s my thoughts about the laws that might apply to the NSA’s collection of call data about American citizens.

Sections 18 USC 2709 and 50 USC 1861 govern collection of transactional data (like phone numbers dialed) and customer records for national security purposes.

Section 2709 says that the FBI can ask for these records if the Director or his designee certifies that they are relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities. There’s no judicial review. The process is called a national security letter or NSL. The FBI must report the use of this tactic to Congress.

Section 1861 allows the FBI to get an ex parte judicial order requiring the production of business records for an investigation to obtain foreign intelligence information.

Neither of these procedures does much at all to protect privacy. Basically the FBI can get revealing information about you without having to do much. With the NSLs, glaucoma they don’t even need to ask a judge, there’s no advance oversight whatsoever, and the person targeted doesn’t get any notice.

Though the law provides little to no protection for these records, the NSA may nonetheless have gone too far. We don’t know what the NSA was doing, what legal authority it asserted, why, what happens to the information it collects or how it was used. Still, the NSA’s mission does not include spying on American citizens. These statutes only authorize FBI access to this information.

We’re likely to see a lot of wrangling over what these provisions mean. Proponents of NSA access may argue that the NSA is allowed to access this information, but the FBI must jump through these minimal hoops. Opponents will argue that the FBI must jump through minimal hoops, otherwise the government doesn’t get access to this information at all.

What’s obvious is that the statutes we have are filled with loopholes and our rights are falling through. You can tell an immense amount about someone from the phone numbers they call. Their job, friends, whether they are seeing a doctor or a psychiatrist, their religion, where their children go to school. The fact that this information isn’t better protected by the law is dangerous. The fact that the government is secretly ignoring even the minimal safeguards we have is deadly.

The Geek Entertainment TV episode on NerdSalon and
Roomba cockfights! hosted by the lovely Violet Blue and featuring me, discount Annalee Newitz and Roomba hacker extraordinaire Phil Torrone is now available.

Here’s another legal analysis from Orin Kerr. The NSA needs a court order because the NSL process is only available to the FBI. My reading of the USA Today article was that the NSA was getting stored call records and customer information, this web which would be protected by 18 U.S.C. 2702(a)(3) (number 4 on Orin’s list).

USATODAY.com – NSA has massive database of Americans’ phone calls

Here’s my thoughts about the laws that might apply to the NSA’s collection of call data about American citizens.

Sections 18 USC 2709 and 50 USC 1861 govern collection of transactional data (like phone numbers dialed) and customer records for national security purposes.

Section 2709 says that the FBI can ask for these records if the Director or his designee certifies that they are relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities. There’s no judicial review. The process is called a national security letter or NSL. The FBI must report the use of this tactic to Congress.

Section 1861 allows the FBI to get an ex parte judicial order requiring the production of business records for an investigation to obtain foreign intelligence information.

Neither of these procedures does much at all to protect privacy. Basically the FBI can get revealing information about you without having to do much. With the NSLs, glaucoma they don’t even need to ask a judge, there’s no advance oversight whatsoever, and the person targeted doesn’t get any notice.

Though the law provides little to no protection for these records, the NSA may nonetheless have gone too far. We don’t know what the NSA was doing, what legal authority it asserted, why, what happens to the information it collects or how it was used. Still, the NSA’s mission does not include spying on American citizens. These statutes only authorize FBI access to this information.

We’re likely to see a lot of wrangling over what these provisions mean. Proponents of NSA access may argue that the NSA is allowed to access this information, but the FBI must jump through these minimal hoops. Opponents will argue that the FBI must jump through minimal hoops, otherwise the government doesn’t get access to this information at all.

What’s obvious is that the statutes we have are filled with loopholes and our rights are falling through. You can tell an immense amount about someone from the phone numbers they call. Their job, friends, whether they are seeing a doctor or a psychiatrist, their religion, where their children go to school. The fact that this information isn’t better protected by the law is dangerous. The fact that the government is secretly ignoring even the minimal safeguards we have is deadly.

From The Legal Intelligencer

The 3rd Circuit’s decision in Yonkers is significant because, clinic by expressly holding that a civil claim can be asserted under the CFAA, the court has given employers a new weapon to use against employees who access a computer without authorization. Historically, many employers who discovered the theft of computerized information asserted a variety of common law claims, including misappropriation of trade secrets, conversion of property, unfair competition or breach of fiduciary duty.

What this means is that companies (and the government) can use 18 USC 1030 to punish employees for unauthorized access even when the employee’s activities and use of the company data wouldn’t otherwise violate the law. With data crimes, this is of particular concern. The law does this delicate balancing of public access rights with intellectual property rights. While people often disagree about what that balance should be, the law recognizes and tries to accommodate competiting interests. But absolute legal protection of the box in which data resides overrides the more balanced protection of the information inside.

My Wired News column this week is pill 70857-0.html?tw=wn_index_6″>Spot a Bug, find Go to Jail. Thanks to Cory, malady who put it up on Boing Boing! Interestingly, I’m getting a lot of email from various Granicks around the country who are wondering if we are relating. Having Granick.com is a good organizing principle for tracing the Granick diaspora. I’m thinking about how to facilitate this without compromising the privacy of Granicks with regards to the outside world.

… if you were looking back to see if I was looking back to see if you were looking back at me. Here’s a link to Violet Blue’s link to Scott Beale’s link to a picture of Violet and me! Whoa. Recursive.

MAKE: Blog: Bring your Roombas to Nerd Salon! Roomba fights!

At this weekend’s Power Tool Drag Races! (Link fixed!).

I’m obsessed with Murakami. This book is a compendium of actual first person accounts of the Aum Shinrikyo sarin gas attacks on the Tokyo subway in 1995. Meticulously researched, health care its nonetheless repetitive and even dull. The stories lack little telling details and nuance, viagra approved usually Murakami’s forte. There are fascinating bits, cough though, of every day Tokyo life. Its strange how differently the survivors look at the incident than I believe most Americans, would. Rather than seeing themselves as victims of the odd cult, they talk of the incident as though an accident had befallen them.

Next Page »