At Senate Hearing, Comey Hints At Expanded NSL Powers And Encryption Backdoors

Furnished content.


James Comey testified in front of the Senate Judiciary Committee today where he faced an oddly-unified bipartisan group of senators irritated with the FBI (but for different reasons). Most senators took a large amount of the their time during the first round of questions to not actually ask questions, but to express their displeasure with the Clinton email investigation and the ongoing Trump-Russia investigation.The opening statements varied depending on the party of the senator addressing James Comey. Comey had very few answers about various Trump-related investigations (which are still ongoing), but made the most of his opening statement by dodging the questions and making a sales pitch for the renewal of Section 702 -- the statute permitting the NSA's internet data/communications collection the FBI makes frequent use of.According to Comey, the 702 collection is essential to national security. Possibly true. But not so essential that concerns about Fourth Amendment violations should be swept aside. This was only one of the sales pitches Comey managed to squeeze in during questioning.He also touched on a couple of other issues worth noting. Both involve legislation. After pitching a clean Section 702 renewal, Comey spent some time talking around the subject of backdoor 702 searches, noting that "all courts" have found the FBI's secondhand domestic surveillance lawful… without specifying the only court to really reach this conclusion is the FISA Court. And this court also found the NSA had abused its collection repeatedly. This court also approved zero 702 applications in 2016 and the NSA itself has shut down part of its upstream collection because it kept grabbing too many communications from US persons.This shutdown will affect the FBI's backdoor searches. Comey, of course, didn't refer to them as backdoor searches, but did make it clear the FBI would be ever so pleased if Section 702 was renewed with a minimum of legislator interference.The FBI's own collection efforts were a concern to Comey as well. Comey continued his misrepresentation of the statutes governing what the FBI can collect with National Security Letters. According to the FBI director, the only thing standing between what the FBI can legally get with NSLs (subscriber info and billing records) and what it wants (a very long list of things, including web history and geolocation data) is a "typo." Not sure which part of the statute contains the typo, but Comey claimed to be able to channel the intent of legislators who passed it back in 1986.Not that the lack of statutory authority has prevented the FBI from demanding more than it's supposed to get. An NSL published by Yahoo contained a much longer list of requested data than is permissible under the law. Comey expressed his desire to have Congress take another look at the statute and see if it doesn't agree with Comey's assessment.The other legislative issue near and dear to Comey's heart was addressed a bit more obliquely, but managed to make it clear the current administration would be far more sympathetic to Comey's other backdoor plan. Both Sen. Orin Hatch and Sen. Dianne Feinstein spoke favorably about encryption backdoors. Comey noted the Obama Administration wasn't interested in passing bills containing encryption bans or backdoors, but the new team in the White House has possibly expressed an interest in doing just that.

The Obama administration was not in a position where they were seeking legislation. I don't know yet how President Trump intends to approach this. I know he spoke about it during the campaign, I know he cares about it, but it's premature for me to say.

0 comments, click here to add the first

Mounting Privacy Problems In Europe For Facebook's Acquisition Of WhatsApp

Furnished content.


When it comes to online privacy, the European data protection authorities tend to be quite interventionist as they try to police the movement of personal data within and out of the EU. The concerns over the Safe Harbor and Privacy Shield frameworks are one manifestation of this. Another is the increasing EU scrutiny of Facebook's purchase of WhatsApp.A couple of years after Facebook acquired WhatsApp, the latter announced that it was updating its terms and privacy policy so as to allow user data to be transferred to its parent company. Johannes Caspar, the Commissioner for Data Protection and Freedom of Information in Hamburg, where Facebook has its German headquarters, was unhappy with that move. He saw it as harmful to users' privacy, not least because there was no way to opt out of the data sharing. In September last year, he ordered Facebook to stop collecting data from WhatsApp, and to delete anything it had already brought across. Facebook appealed against the decision, and the Administrative Court of Hamburg has now handed down its ruling, which is to deny the US giant's request for Caspar's order to be revoked (pdf):

Facebook has appealed to the administrative court against the order in the preliminary proceedings. The goal was to repeal the immediate enforcement. The court rejected this request today and clarified the fact that it does not see any legal basis for the planned data exchange. Facebook can not invoke interests of its own business because the complete data exchange is neither necessary for the purpose of network security or business analysis nor for advertising optimization. Furthermore, the court clarifies that there is no effective consent from WhatsApp users for a data exchange with Facebook. As a result, the administrative court is making a clear consideration in the context of the preliminary legal proceedings: the interests of the approximately 35 million German WhatsApp users predominates the economic interest of Facebook in a suspension of immediate enforceability.

the company provided incorrect or misleading information during the Commission's 2014 investigation under the EU Merger Regulation of Facebook's planned acquisition of WhatsApp.

When reviewing Facebook's planned acquisition of WhatsApp, the Commission looked, among other elements, at the possibility of Facebook matching its users' accounts with WhatsApp users' accounts. In its notification of the transaction in August 2014 and in a reply to a request of information, Facebook indicated to the Commission that it would be unable to establish reliable automated matching between the two companies' user accounts.

0 comments, click here to add the first