Monthly Archives: June 2015


5
Julian De Vries reports on The Nation website that in the US it is possible for someone to be prosecuted for deleting their browser history or other electronic records, even though the individual has no idea they are under any sort of investigation. The problem lies with the Sarbanes-Oxley Act, which was originally enacted in the wake of the Enron scandal to stop corporations under investigation from shredding or destroying incriminating documents.  However, its application has been broadened out by prosecutors to cover situations way beyond its original aims. One reason why it has been possible to expand its use is that prosecutors do not have to show that an individual deleting material is aware an investigation is underway.  As a result anybody even innocently deleting electronic records such as browser history or text messages, could years later be prosecuted for doing so.  The scenario is not a hypothetical one […]

In the US You Can Be Prosecuted for Clearing Your ...


Ryan Whitwam reports on the ExtremeTech website that researchers have found a way to track android phones by studying their power use over time. The technique works on the principle that the further away a phone is from a base station, the more power the phone uses to maintain a connection.  Researchers called their proof of concept application PowerSpy.  Before it can be used a power map of an area has to be established so that PowerSpy knows what performance to expect in a particular location. Although making a call or using apps will also drain power, the algorithm used in PowerSpy is designed to monitor power use over several minutes, so that battery usage not associated with location can be filtered out.

Battery Power Alone Can be Used to Track Android Phones


2
Ellen Nakashima reports in the Washington Post that the recently discovered hack (see previous post here) by the Chinese of the US Office of Personnel Management, has included a database holding sensitive security clearance information on US Government workers and contractors. Joel Brenner, a former US counter­ intelligence official said about the news, “This is potentially devastating from a counter­ intelligence point of view,”  “These forums contain decades of personal information about people with clearances . . . which makes them easier to recruit for foreign espionage on behalf of a foreign country.” Sir Tim Berners-Lee has previously highlighted the dangers of blackmail if foreign spy agencies get hold of data on persons with access to national security information, although in the context of the retention of web surfing and phone records – see here.

Chinese Hack has Compromised US Security Clearance Database



4
Alexander J. Martin reports on the Register website that people attending the Download Festival had their faces scanned by a Police facial recognition system, and there was surveillance of their on-site location and expenditure via RFID wristbands. Attendees faces were scanned using a system called NeoFace and then compared with a database of “lawfully held European custody photographs”.  The original plan was for attendees not to have been told about the surveillance until after the event; however, publication of an article in the Police Oracle revealed the surveillance plan in advance. In addition RFID wristbands had to be used to make purchases and move about the festival with no opt-out possible.  A significant concern with the use of these RFID wristbands, is that Download’s privacy policy stated that information collected via the RFID cashless payment wristbands, would typically be shared with third-party companies to establish the users interests, purchases and […]

Police Scanned Faces of Everyone at Download Festival


4
Today is the 800th anniversary of the signing of the Magna Carta, a document which has very much changed the world, being the first document of its kind to protect the rights and freedoms of society and establish that the king was subject to the law.  Of course there is an argument that at the time of its signing, the Magna Carta was not as significant as it has become, but that really isn’t the point, it is what it now stands for that matters. Amongst the many events that have been held to celebrate the anniversary the British Library has revealed the current top 10 clauses people would like to see in a “Magna Carta for the digital age”.  This was the result of a British Library’s project conceived to encourage particularly young people to think about privacy, internet access and freedom in the digital age. See the British […]

Digital Magna Carta ‘Top 10’ Clauses Revealed


1
David Barrett reports in the Daily Telegraph that telephone masts which can listen to mobile phone conversations without the owner’s permission are being operated in Britain. The devices, technically known as IMSI catchers, but also referred to stingrays, trick handsets into thinking they are genuine mobile phone towers in order to monitor calls and other data including texts and emails.  They have been used in a number of foreign countries to target the communications of criminals, but are difficult to use in a targeted manner and will also hoover up data from innocent people’s mobile phones. Police have refused to discuss whether they are behind the installation of the masts, at least 20 of which were uncovered in London in an investigation by the Sky News television channel.

Fake Mobile Phone Masts Spy on your Calls



1
Ellen Nakashima reports in the Washington Post that Hackers working for the Chinese state breached the computer system of the US Office of Personnel Management in December 2014. The Office of Personnel Management is essentially the Human Resources function of the US Government.  The breach is believed to have resulted in the loss of the personal details of up to four million current and former US Government employees. The breach is the second major breach of US Government networks by China in the past year.  Austin Berglas, a former cyber official at the FBI’s New York field office said in response to the news: “China is everywhere. They’re looking to gain social and economic and political advantage over the United States in any way they can. The easiest way to do that is through theft of intellectual property and theft of sensitive information.”

Chinese Breach Data of Four Million Federal Workers


Maggie Ybarra reports in the Washington Times that FBI agents cannot identify any major terrorism cases they have cracked using the snooping powers in the US Patriot Act. The revelation is interesting given the claims of its supporters that powers provided by the act such a bulk phone data collection, were critical to national security and had to be retained. The Patriot Act expired on Monday (1st June) and some (see here) of its surveillance powers were incorporated into the USA Freedom Act which was approved by Congress on Tuesday (2nd June).  Amongst the powers transferred was the power to enable bulk phone data collection; however, on a positive note this data can now only be accessed with court permission.

FBI Admits That No Major Cases Cracked by Patriot Act ...


2
The BBC News website reports that UK Police made 733,237 requests to view communications data over a three-year period according to a report by Big Brother Watch, equivalent to an access request every two minutes. Police Officers wanting to gain access to communications data have to be internally approved by a senior member of the relevant force and on average 96% of such requests are approved. Big Brother Watch wants more transparency about how such requests are authorised and the crimes the data is used to fight.  The group also wants judicial involvement as a final step in the approval process. The actual Big Brother Watch Report can be found here.

UK Police Seek Data Access ‘every two minutes’