Are you already on a watchlist? A checklist.

A couple of weeks ago, I wrote about watchlists and how easy it is to end up on one. It is then very difficult, perhaps nigh impossible, to get off again. That isn’t helped by the fact that “the watchlist designation process is secret” so you cannot know if you’re on one until, perhaps, you find yourself detained at an airport for being a terrorist suspect.

This week, Arjun Sethi argues in the Guardian that “we cannot let the [US government] make up the rules” of watchlisting based on what can easily be called its personal whims. That’s not only because its “web of surveillance is…opaque, inefficient and discriminatory” but also because the standards it is based on are

so low that the US government’s guidelines specifically allow for a single, uncorroborated source of information – including a Facebook or Twitter post – to serve as the basis for placing you on its master watchlist.

 

IC(OVER)REACH: The NSA’s Google

It doesn’t stop there of course. As we have found out this week, the NSA (after building Skynet) has also built “Its Own Secret Google” – essentially a “search engine built to share more than 850 billion records about phone calls, emails, cellphone locations, and internet chats” that makes “massive amounts of surveillance data directly accessible to domestic law enforcement agencies.”

Let that last sentence sink in properly, especially the words “share”, “make accessible” and “to domestic law enforcement agencies.” It’s basically Google not just for Spyland but for people in domestic law enforcement as well. Which is a problem.

The thing is aptly named ICREACH (although I would suggest that it be re-branded ICOVERREACH) and the information

shared through [it] can be used to track people’s movements, map out their networks of associates, help predict future actions, and potentially reveal religious affiliations or political beliefs.

It seems that ICREACH

provide[s] analysts with the ability to perform a one-stop search of information from a wide variety of separate databases” amongst them data “that is swept up by programs authorized under Executive Order 12333” which “takes place with no court oversight and has received minimal Congressional scrutiny because it is targeted at foreign, not domestic, communication networks.

Great, so you’ve got a search engine that is easily usable by many a Tom and Dick and allows for the search of – amongst others – information collected without oversight or other scrutiny because it is supposed to target foreigners. One word: bullshit.

If you are not an American, the nonsense of this should not only be apparent, it should also worry you immensely, because “foreign communication networks” in this context mean the ones you’re using every day. As an American, the bullshit may be less apparent initially but you should still be worried because it is not at all unlikely that some of your communication gets caught up in some sort of dragnet, simply because the other end of it (i.e. the person you are communicating with) is abroad and therefore a “foreign communications” intelligence target.

You should also be worried by the fact that

Legal experts told The Intercept they were shocked to learn about the scale of the ICREACH system and are concerned that law enforcement authorities might use it for domestic investigations that are not related to terrorism.

Just to recap: mass surveillance is meant to catch terrorists (or so the NSA et al keep saying). It is also meant to target foreign communications. Obviously, the intelligence gathered by the NSA (reminder: this is a foreign intelligence agency) should not be used in domestic investigations that have nothing to do with terrorism. ICREACH seems to allow the data gathered by the NSA – which very much includes domestic communication, naughty, naughty – to be used in domestic investigations.

 

Parallel construction

However, one of the most interesting aspect of the Intercept article mentions something called “parallel construction” which

could mean that a DEA agent identifies an individual he believes is involved in drug trafficking in the United States on the basis of information stored on ICREACH. The agent begins an investigation but pretends, in his records of the investigation, that the original tip did not come from the secret trove.

Now, if using this data in a domestic context was perfectly legal, why would the agent hide his steps? Just asking.

Also, given the ease with which anyone could potentially end up on some sort of watchlist, the idea that ICREACH “results can be used reveal the “social network” of the person of interest—in other words, those that they communicate with, such as friends, family, and other associates” is extremely troubling.

 

Watchlist – checklist

Here is a little checklist of perfectly innocent things that I would guess apply to myself and many people I know which could mean that we have, if not been placed on a watchlist, at least been caught up in the surveillance dragnet at some point or other:

  • Being of a certain descent or faith that not only the US considers suspicious these days: Sethi mentions Arab or Muslim Americans but feel free to drop the “Americans” – being an Arab or Muslim non-American probably makes you even more suspicious.
  • Being friends with – or otherwise loosely connected to – a person of the above faith or descent: “non-citizens can be watchlisted for being associated with a watchlisted person – even if their relationship with that person is entirely innocuous”.
  • Being described as “as an “extremist” [or] a “militant”” – before you discount this, consider that political dissent is often enough construed as “extremist” that “[e]ven visiting the website of the Tor project gets you on the bad side” and that recently journalists have been accused of “aiding and abetting” terrorism simply for doing their jobs.
  • Inadvertently posting something on Facebook or other social media that could be understood to hint at any of the above. Consider a group of Germans who planned a (perfectly innocent) walk to the NSA bunker in their hometown only to find law enforcement knocking on their door the morning after they had posted their plan on Facebook.
  • Using TOR or googling it.
  • Using encryption.

The loose standards that are at the basis of watchlisting – “reasonable suspicion”, which seems to mean nothing much at all, rather than “credible and genuine” evidence, secrecy rather than “fairness and due process” – are in no way proportionate to the impact that being placed on such a watchlist can have on people’s lives:

government officials routinely collect the biometric data of watchlisted individuals, including their fingerprints and DNA strands. Law enforcement has likewise been directed to gather any and all available evidence when encountering watchlisted individuals, including receipts, business cards, health information and bank statements.

Yet considering how easily and willingly data is collected and shared on a massive scale, how that data reveals connections between people and other information about people that could lead to being watchlisted at per the above checklist, you can’t indeed “help but wonder: are you already on the watchlist?” and if yes, when will you find out and what will it mean for your life? Is your phone already bugged? Are your communications being monitored? Will you be detained at the airport the next time you try to fly into the US?

If I didn’t think it would be overestimating my own importance in the grander scheme of things, I would indeed be wondering that.

What about you?

Advertisements

Need another reason to encrypt your email? Read this.

Remember when I wrote about the dangers of unencrypted email? Unencrypted email can be read by anyone, I said. Don’t compose your email in a browser window, I said, because unencrypted will be created and retained automatically. They can also be read by anyone. Compose your email offline, I said, always encrypt, I said, because even if email isn’t intercepted in transit, it can always be obtained under a warrant. Unencrypted email is a like a postcard, I said. Webmail isn’t your friend, I said.

So did Edward Snowden. Of course he was right as a ruling made this week by a US judge that compels Microsoft to hand over email stored abroad reminds us yet again.

I’ll say it again: learning about encryption is important – for everyone, but particularly for people in professions in which the privacy of communications is important – journalists, lawyers, doctors being among them. So I refer you once again to this excellent tutorial on how to set up email encryption. It works and it’s fun! Try it now!

 

 

In case you missed it: NSA et.al. are building Skynet

A while ago, I wrote a post about the US government’s watchlisting system and how it prompted Hina Shamsi, director of the American Civil Liberties Union’s National Security Project to conclude that “we’re getting into Minority Report territory”.

This week, I have an even more frightening proposition. Remember Skynet, the “fictional, self-aware artificial intelligence system” from Terminator that “serves as the franchise’s main antagonist”? That’s the territory we may be getting into.

No, I’m not joking. Edward Snowden in his latest interview with James Bamford for Wired spoke about a previously unreported programme called MonsterMind which Snowden says he “discovered while getting up to speed on the capabilities of the NSA’s enormous and highly secret data storage facility in Bluffdale, Utah.”

MonsterMind, according to Wired was “the last straw for Snowden” and, its frightening potential aside, it paints a telling picture regarding the US’ ambition of dominating the internet.

 

No humans involved: Inside the Monster’s Mind

So first of all, what is MonsterMind and what can it do?

Described as “the NSA bot that could wage Cyberwar autonomously,” Monstermind

would automate the process of hunting for the beginnings of a foreign cyberattack. Software would constantly be on the lookout for traffic patterns indicating known or suspected attacks. When it detected an attack, MonsterMind would automatically block it from entering the country—a “kill” in cyber terminology.

Kim Zetter suggests that we

Think of it as a digital version of the Star Wars initiative President Reagan proposed in the 1980s.

Similar to Star Wars shooting down incoming nuclear missiles, Monstermind would “shoot down” an incoming cyber-attack before it entered the country (the country being the US of course).

Fair enough, you might think. Surely, there is nothing wrong with trying to protect your country against Darth Vader attacking you on the virtual plane and besides, “[p]rograms like this ha[ve] existed for decades.”

That may be so. However, MonsterMind wouldn’t be just another programme. Rather, its software

would add a unique new capability: Instead of simply detecting and killing the malware at the point of entry, MonsterMind would automatically fire back, with no human involvement.

So, if this was Reagan’s Star Wars, after shooting down the incoming missile, the programme would then shoot back at the missile’s point of origin automatically – with no human middle-man to double check that shooting back is the wisest idea. You might have guessed what the problem is here but let’s spell it out just the same:

The initial attacks are often routed through computers in innocent third countries.

So, if this was the Star Wars initiative, the scenario would play out somewhat like this: A computer detects an incoming missile. The computer automatically shoots the missile down. It then launches its own missile without anyone double checking where exactly the first missile originated from. Problem: the incoming missile was not fired from any facility directly connected to whoever was behind the attack but from a place that the attacker had temporarily highjacked to stop themselves being detected. So any automatic retaliation by your friendly programme wouldn’t actually target the attacker but the proxy behind which they were hiding. That proxy could, for example, be a critical civilian structure, like a hospital. Or in fact a heavily armed military facility of a hitherto non-hostile party.

For the virtual world, this is how Kim Zetter describes it:

An attack from a foreign adversary – (i.e. the equivalent of the initial missile strike) – likely would be routed through proxies belonging to innocent parties—a botnet of randomly hacked machines, for example, or machines owned by another government.

Or, as Edward Snowden told James Bamford:

You could have someone sitting in China, for example, making it appear that one of these attacks is originating in Russia. And then we end up shooting back at a Russian hospital. What happens next?

Let’s imagine it: “unanticipated collateral damage” or retaliation from a previously non-hostile third party. Boom, nuclear war, everyone dies. If you are noticing certain parallels to aforementioned works of fiction, feel free to indulge them.

Granted, as far as MonsterMind is concerned the complete annihilation of humanity is not the default consequence. As Kim Zetter points out,

Snowden doesn’t specify the nature of the counterstrike to say whether it might involve launching malicious code to disable the attacking system, or simply disable any malicious tools on the system to render them useless.

Even so,

depending on how its [sic] deployed, such a program presents several concerns, two of which Snowden specifically addresses in the WIRED story.

 

Privacy under attack – again

For one thing, “The program… raises fresh concerns about privacy and the government’s policies around offensive digital attacks.

Bamford describes it thus:

…in order for the system to work, the NSA first would have to secretly get access to virtually all private communications coming in from overseas to people in the US.

All private communications. That is everything, from everyone, everywhere, all the time. Not just suspects.

Why is that? Well. “The argument,” Snowden tells Bamford, “is that the only way we can identify…malicious traffic flows and respond to them is if we’re analyzing all traffic flows.”

So, in order to respond to an attack, the system first needs to identify the attack. To be able to do that, so the argument goes, the system needs to be able sift out a potential attack from everything else that is going on. For this is has to “seiz[e] private communications without a warrant, without probable cause or even a suspicion of wrongdoing.” And back we are in violating-the-fourth-amendment-territory again.

So, here is a programme that not only, allegedly, needs to monitor everybody’s communications all the time to be able to work but which also, potentially, could fire back on its own, thus damaging critical (civilian) infrastructure or starting an outright war. Ain’t it shiny?

 

Mapping Cyberspace: Plan X and Bonesaw

It gets scarier.

Kim Zetter notes the resemblance between MonsterMind and effort called Plan X, reported by the Washington Post in 2012:

Plan X is a project of the Defense Advanced Research Projects Agency, a Pentagon division that focuses on experimental efforts.” As one of these efforts, the goal with plan Plan X was to “dominate the digital battlefield just like…the traditional battlefield.” As part of this, the US sought (or is seeking) to create “an advanced map that details the entirety of cyberspace — a global domain that includes tens of billions of computers and other devices — and updates itself continuously.

Let that sink in for a moment: a map of all of cyberspace. That’s pretty ambitious and more than a little colonialist.

One such map already seems to exist. James Bamford in a 2013 article for Wired mentions

Bonesaw, [a] map [that] displays the geolocation and digital address of basically every device connected to the Internet around the world, providing what’s called network situational awareness.

Among other things it displays

what software is running on the computers inside [a given target facility], what types of malware some may contain, and a menu of custom-designed exploits that can be used to secretly gain entry. It can also pinpoint those devices infected with malware… as well as networks turned into botnets and zombies— the equivalent of a back door left open.

Basically, imagine a map that shows a burglar your neighbourhood while at the same telling the burglar that you’ve left the backdoor unlocked.

There’s more to mapping than just efficient burgling though. In post-colonial studies, “mapping” is seen as “an act of mastery and control” that contributes to the “establishment and re-establishment” of a certain world orders. Maps were not only “used to assist in the process of aggression,” but also to claim ownership over certain territories and establish a set of dominant rules, ultimately allowing the establishment of a norm, deviance from which was constructed as threatening and other. And we all know what happens to what is perceived as the threatening Other: it must be contained, by force if need be.

The parallels between colonial mapping and the effort of mapping – and thus dominating – the internet as a potentially democratic space, even a ‘diasporic utopia’ of innovation, dissent, resistance and anarchy, in which the status quo may be challenged and subverted, are immediately obvious. Governments the world over are constantly striving to dominate at least their corners of the internet and to curb its potential for free speech and political dissent. A similar desire for control is evident in proposals to give “the United Nations the power to organise and supervise the internet or to grant such authority to the International Telecommunications Union.

Mapping cyberspace, it appears, would go a lot further in enforcing the hegemony of the mapper than mapping physical space would: it would allow those in possession of the map to identify malicious entities, locate them and act against them (surveillance delivers the knowledge at the basis of physical acts of warfare). The problem with that of course is that those in possession of map and control might have a different view from anyone else about what is considered malicious. Far from limited to the much-evoked terrorism, this could simply be peaceful disagreement with the dominant ideology.

Currently, “the California-based Internet Corporation for Assigned Names and Numbers (Icann)…is subject to US law, is contracted by the US administration and is empowered to supervise how digital traffic operates.” The US-centric nature of current internet governance has been criticised repeatedly in the wake of the Snowden revelations.

It is little surprising that the US is unwilling to give up what dominance it has over the internet, or that it attempts to increase or secure that dominance in secret.

 

Science without the Fiction: Plan X, MonsterMind, Skynet

For governments or their institutions – most notably the intelligence agencies and militaries – the internet is both threat and opportunity and efforts like MonsterMind and Plan X aren’t just about defence or even dominance, but about attack: Plan X architects

hope[d] to develop systems that could give commanders the ability to carry out speed-of-light attacks and counterattacks using preplanned scenarios that [did] not involve human operators manually typing in code — a process considered much too slow…Officials compare this to flying an airplane on autopilot along predetermined routes.

I cannot be the only one to whom this sounds like the virtual equivalent of a drone. Tellingly, Plan X is a project of the Defense Advanced Research Projects Agency, whose works also “gave rise to stealth jet technology and portable global-positioning devices.”

Also, get this:

Skynet was a computer system developed for the U.S. military…as a “Global Digital Defense Network” and given command over all computerized military hardware and systems, including the B-2 stealth bomber fleet and America’s entire nuclear weapons arsenal. The strategy behind Skynet’s creation was to remove the possibility of human error and slow reaction time to guarantee a fast, efficient response to enemy attack.

My emphasis – compare the “no more human operators manually typing in code” under Plan X, and MonsterMind as a programme that might automatically launch counter attacks.

Well, we all know what happened with Skynet, don’t we? It started operating on its own, came to the conclusion that not only did it not need humanity but that humanity was actually a threat to it and launched – wait for it – “nuclear missiles under its command at Russia, which responded with a nuclear counter-attack.”

Great. Yes, Terminator is fictional. But once we switch the DVD off, we return to a real word in which “the spy agencies are helping drive a lucrative, dangerous, and unregulated cyber arms race, one that has developed its own gray and black markets”, a world in which the dystopian of Orwell and Kafka don’t seem so far away anymore.

So much for the “fiction” side of science fiction.

 

BND lauscht auf Clinton und Kerry – wieder mal viel Lärm um Nichts

Ach nee. Wer hätte das gedacht? Der BND hat, wie der Volksmund sagt, Dreck am Stecken. Hat Hillary Clinton und John Kerry abgehört. Alles ganz ausversehen natürlich. Ist halt „in mindestens einem Fall“ mal ein Telefonat als „Beifang“ in den Datentreibnetzen des Geheimdienstes gelandet und wurde aus reiner „Idiotie“ heraus nicht sofort gelöscht. Passiert jedem mal. Aber „äußerst diskret behandelt“ habe man die Sache damals (also 2012) schon. Leider war nur zufällig ausgerechnet der kürzlich aufgeflogene mutmaßliche BND-Spion mit der Vernichtung des sensiblen Beifangs beauftragt worden. Wenn das nicht ironisch ist.

Die ewigen Fischfang- und Unterwasserbegrifflichkeiten sind übrigens treffend: Massenfischfang gilt schließlich als ökologisch und moralisch ebenso wenig vertretbar wie Massenüberwachung moralisch und rechtlich fragwürdig ist. Problem: die kleinen Fische interessieren keinen. Dafür verzichtet jetzt kein Mensch auf seinen Teller Sushi oder die Spaghetti Frutti di Mare. Oder eben auf den Datenfundus, der sich da per Treibnetz oder was auch immer abschnorcheln lässt und mit dem man dann „die Terroristen“ fangen kann. Abschnorcheln. Das ist noch so ein Begriff. Unter der Wasseroberfläche verbirgt sich ja offenbar so einiges. Stille Wasser sind halt tief. Und schmutzig. Mit Sicherheit ist Enthüllung des „zufälligen“ Fangs der Telefonate von Clinton und Kerry auch nur die Spitze des sprichwörtlichen Eisbergs.

Ja, ist gut. Genug mit den Metaphern. Aber es ist doch so: wir wissen jetzt seit 14 Monaten, dass massenhaft deutsche Bürger ausgespäht werden. Interessiert in der BuReg leider kaum ein Schwein. Aber Clinton und Kerry, au Backe! „Spionage unter Freunden“, sagte Merkel, als herauskam, dass die NSA ihr Handy abhörten. „Geht gar nicht.“ Merkel soll sich jetzt „erklären“. Fordern zumindest die Grünen und Linken. Na klar. Mega-L.O.L. Die USA lachen sich gerade kaputt und ins Fäustchen, heißt es in der SZ:

Das abgehörte Telefonat von Clinton nehmen sie als Beleg dafür, dass auch die Deutschen die USA ausspionierten.

Ja, ach! Überraschung! Ich mutmaße mal, was sicher viele andere auch denken: die Information haben die USA nicht erst seit gerade. Der Mangel an Enthusiasmus, mit dem die BuReg die Spionageaffäre nicht aufklärt, wundert in Anbetracht der Situation ja nun wirklich überhaupt nicht mehr: man kann sich nicht aufs moralisch hohe Ross schwingen, wenn man selbst unlautere Dinge tut.

Ich stelle mir das etwas so vor: Merkelchen findet heraus, dass ihr Telefon abgehört wird. Steht bei Obama auf der Matte und fordert Aufklärung. Darauf Obama (in an American accent):

Uhm, sorry, Angie darlin’ but we have sensitive information on your BND. It’s all classified, of course, but let me just say: Stones and Glasshouses. Get what I mean?

Also: Wer im Glashaus sitzt und so… da is‘ natürlich nix mit Steine werfen. Dumm gelaufen, BuReg. Einen systematischen Lauschangriff habe es aber nicht gegeben, rechtfertigt sich die BuReg. War alles ein Versehen. Ein „Versehen“, dass jetzt ebenso aufgeklärt werden muss, wie der Rest der NSA-Spionagesuppe. Fordert zumindest die Opposition. Der BND sei „zu einem Staat im Staate geworden“, sagen die Linken. Da müsse man dringend etwas machen. Auch da darf man sich mal herzlich kaputtlachen. Eingedenk dessen, was man über die NSA durch Snowden weiß, überrascht wohl niemanden, dass der BND vermutlich ebenso wenig wirksam kontrolliert werden kann, wie sein amerikanisches Äquivalent. Schön, die Vorfälle mit Clinton und Kerry wurden angeblich gemeldet und die Daten entsorgt. Aber leider konnte ja offenbar dennoch ein Spion die Information über die Abhörung von Frau Clintons Telefon an die USA weitergeben. Und da der Führungsebene des BND nun unabsichtlich abgefangene Informationen nicht mehr vorgelegt werden sollen, stellt sich auch die Frage, wer eigentlich kontrolliert, dass diese wirklich gelöscht werden. Kontrolleure, die von nix wissen: funktioniert in den USA ja bekanntlich prima. Wer wird sich denn da streiten?

Die Parallelen mit der NSA (lange vermutet, nun auf dem Tisch) werfen für Deutschland dringende Fragen darüber auf, inwiefern der BND – wie die NSA in den USA – verfassungswidrig handelt. Auch diese Fragen stellt man sich sicher nicht erst seit jetzt. Da die Bundesregierung, wie in der aktuellen Printausgabe des Spiegel erneut berichtet wird, die Arbeit des NSA-Untersuchungsausschusses massiv behindert, muss man sich außerdem fragen, was genau der Grund für das Versagen sein kann, die Arbeit des NSA-Untersuchungsausschusses nach allen Kräften zu unterstützen. Ist der BND am Ende nicht etwa Staat im Staate, der im Geheimen gegen Geheiß der deutschen Regierung agiert, sondern vielmehr das Instrument eines Staates, der womöglich Bürger- und Grundrechte, sowie auch Verträge mit Verbündeten verletzt und seit nunmehr einem Jahr alles daran setzt zu verhindern, dass die Welt, ganz zu schweigen die Wähler, die Opposition oder parlamentarische Kontrollgremien davon Wind bekommen?

Was die neuen Veröffentlichungen für die Ausspähung deutscher Bürger durch den BND bedeuten könnten, ist doch die eigentliche, ungestellte Frage. Der Elefant im Raum sozusagen. Statt nach den Bürgern fragt man aber lieber weiter nach den „Freunden“, deren Ausspähung „gar nicht geht“. Den großen Fischen, statt dem eigentlichen Beifang.

Bei der Aufklärung des aktuellen Sachverhaltes wäre es jedenfalls total lustig, wenn sich die USA jetzt den Herrn R. als Zeugen vor einen nagelneuen BND-Untersuchungsausschuss im amerikanischen Senat holen würden. Vor allem, weil Deutschland den Herrn Snowden jetzt erstmal gar nicht mehr holen und aussagen lassen kann. Ein Glück, dass der noch drei Jahre in Russland bleiben darf und auf uns Loser nicht mehr hoffen muss. Denn man ist ja jetzt wieder im Entschuldigungs-Modus. Man kann die USA nicht noch weiter ärgern. Die ohnehin völlig aberwitzige und mega-peinliche Forderung nach der Aufdeckung aller Agenten sollte sich damit auch erledigt haben. Wobei, vielleicht kann man da auch so einen ich-zeig-dir-meine-wenn-du-mir-deine-zeigst-Deal abschließen.

Aber jetzt mal ganz im Ernst: wenigstens das künstliche Aufregen könnte man sich sparen und endlich mal das eigentliche Problem angehen: Massenüberwachung kann augenscheinlich jeden treffen. Sogar die Frau Clinton und den Herrn Kerry. Die Datentreibnetze bringen offensichtlich mehr ärgerlichen Beifang als Nutzen. Vielleicht ist es also langsam mal Zeit, die Sache zu überdenken. Dann braucht man auch nicht mit Steinen nach Leuten zu schmeißen. Man könnte ja einfach mal Vernunft walten lassen.

Vermutung: nö. Dann müsste man ja zugeben, dass Herr Snowden und alle, die seit über einem Jahr Aufklärung und wirksame Reform fordern, Recht haben.

Geht ja gar nicht.

“We’re getting into Minority Report territory” – recent goings-on in spyland

Edward Snowden: three more years in Russia

So, let’s start with the good news, shall we? Edward Snowden has received a three-year residential permit in Russia. Guess who’s probably rubbing their hands with glee? No, not “the terrorists”. The German government. They can now reconsider inviting Snowden as a witness before their NSA-appreciative-investigative committee (Snowden is allowed to travel) and they no longer need to overexert themselves to do it. Not that they ever did. I know I am putting myself in danger of being burnt at the stake here but perhaps Merkel and her minions should write a thank you note to Vladimir Putin. The German government can carry on pretending to be interested in a genuine investigation into mass surveillance at no great cost to itself. After all, with Snowden now snug in Russia for at least three more years, the annoying asylum question can neatly be swept under the rug. Hurrah, all rejoice!

Of course, there is no reason to feel cheerful about this or to stop demanding that Snowden be granted asylum elsewhere. Although more or less safe, he does remain in a country whose democracy and human rights record is, nicely put, pretty bad. Helping him get out would be the decent thing to do. Also, he should have been showered with offers of help, safe passage, and asylum from the start of course. I stand by my criticism and frustration that – more than a year on – none of that has happened.

I still think our governments are making it too easy for themselves. So sue me. And give me the information I need to truly understand that I am wrong, i.e. that granting Snowden asylum and keeping him safe is an impossibility. I understand that governments would rather avoid the cost (diplomatic and economic) of doing that but what I want to know: can they really not do it? If granting Snowden asylum is impossible, then we need to worry about sovereignty and the balance of power in the world (which, given recent events, we should be doing anyway). If it is possible but governments are taking the easy way out, if they base their decisions on avoiding the uncomfortable, then how far are they prepared to compromise the rights and liberties others have fought for in the past?

Let there be Snowdens

But okay, fair enough. I wasn’t going to launch into another tirade on asylum and the lacklustre approach of our governments to their NSA-investigations.

Instead, let’s have some more good news: we may have another Snowden. It seems that the Intercept’s recent article on “Barack Obama’s Secret Terrorist-Tracking System” is based on information not provided by Edward Snowden. So far, we do not know who the new leak is and perhaps we will never find out. We should not speculate. As Matthew Phelan points out and Edward Snowden has insisted countless times, the leaker shouldn’t be the story. Now, as far as Snowden is concerned, I have never quite agreed. His treatment by the powers that be is very much a story – and a very sad one at that.

However, in the case of this new leaker, people who demand that rather than to speculate on their identity we take a close look at what they have revealed are right.

A database of terrorist suspects – with no link to terrorism

Which is where the bad news starts. Because the Intercept’s article based on the documents provided by the new leak are quite outrageous:

Nearly half of the people on the U.S. government’s widely shared database of terrorist suspects, write Jeremy Scahill and Ryan Devereaux, are not connected to any known terrorist group.

So, who are these people then, if not terrorists? Seeing as all this mass surveillance is allegedly necessary to fight some all-encompassing war on terror? Well, the short answer is: they simply aren’t terrorists. In fact, it’s pretty easy to end up on such a list, as the Intercept reported previously, and pretty difficult to get off again:

Because the government tracks “suspected terrorists” as well as “known terrorists,” individuals can be watchlisted if they are suspected of being a suspected terrorist, or if they are suspected of associating with people who are suspected of terrorism activity.

Eh? Yes, I am confused too. Basically, you can end up on a list if someone suspects you of being a suspect – i.e. someone thinks (but doesn’t know) that you may perhaps be a terrorist, or if someone things that you know a terrorist or are related to one, or simply if an official with the unilateral power (i.e. that power is vested in one person only rather than a couple – consider what that means for oversight) to place you on such a list thinks you may be a suspect. Sound a bit arbitrary? That’s because it is.

My favourite fact: dead people can end up on watchlists too – one of the reasons why it’s so difficult to get off the lists again: death – let alone a jury – can’t erase reasonable suspicion:

conviction in U.S. courts requires evidence beyond a reasonable doubt, whereas watchlisting requires only a reasonable suspicion. Once suspicion is raised, even a jury’s verdict cannot erase it.

So you get on the list by suspicion but then need to prove that suspicion wrong beyond a reasonable doubt. Which gets more difficult if the government can refuse to tell you that – or why – you are on a list.

Perhaps it’s this apparent absurdity that has prompted

the Obama and Bush Administrations [to] fiercely resist[…] disclosing the criteria for placing names on the databases—though the guidelines are officially labeled as unclassified. In May, Attorney General Eric Holder even invoked the state secrets privilege to prevent watchlisting guidelines from being disclosed in litigation launched by an American who was on the no fly list.

Minority Report

Here’s another favourite fact of mine:

Instead of a watchlist limited to actual, known terrorists, the government has built a vast system based on the unproven and flawed premise that it can predict if a person will commit a terrorist act in the future,

says Hina Shamsi, director of the American Civil Liberties Union’s National Security Project. Let’s pause for a moment: the US government thinks “it can predict of someone will commit a terrorist act in the future.” Now, what does that remind me of? Oh yes, that’s right: “We’re getting into Minority Report territory.”

More so

when being friends with the wrong person can mean the government puts you in a database and adds DMV photos, iris scans, and face recognition technology to track you secretly and without your knowledge.

Now, I suppose you could argue that you might want to choose your friends better. Weed out all the terrorists in your inner circle. But then, apparently it’s enough to appear in their address book – or perhaps be connected to them on Facebook? Now, honestly, how many of us know what our Facebook friends get up to in their spare time?

Here is what else: not only is the definition of what constitutes terrorism pretty broad, the information stored in that database is also widely shared “with local law enforcement agencies, private contractors, and foreign governments” – like the Israeli government for example, as a different article also published by the Intercept, aka more bad news, specifies.

The fact that this information can be shared with agencies from the CIA to the NYPD, which are not known for protecting civil liberties, brings us closer to an invasive and rights-violating government surveillance society at home and abroad, says Hina Shamsi.

And another of my favourite quotes (this is former FBI agent Michael German):

You might as well have a blue wand and just pretend there’s magic in it, because that’s what we’re doing with this—pretending that it works.

Now, I am as fond of magic as the next person but if this is magic, it is dark. Then again, it really isn’t because – mind the second part of that sentence – it doesn’t actually work. Mass surveillance in ineffective. Edward Snowden has said the same.

Some examples:

Sen. Ted Kennedy…was barred from boarding flights on five separate occasions because his name resembled the alias of a suspected terrorist….Mikey Hicks, a Cub Scout…got his first of many airport pat-downs at age two.

Now that last one in particular just raises absurdity to a whole new level, doesn’t it?

Here is what else – and this is the decidedly un-funny side of ineffectiveness:

in 2009…a Nigerian terrorist was able to board a passenger flight to Detroit and nearly detonated a bomb sewn into his underwear despite his name having been placed on [one of the] list[s].

Or consider this: out of the following five cities which one would you say is the odd one out: New York; Dearborn, Mich.; Houston; San Diego; and Chicago. Dearborn you think? You would be right. It is by far the smallest and, let’s be honest, least well known out of the five. Still, it is one of the “top five U.S. cities represented on the main watchlist for “known or suspected terrorists””. Why? Well, what if I were to tell you that 40 per cent of Dearborn’s population “is of Arab descent, according to the U.S. Census Bureau”? Smell the racism rat?

The perks of being on a list. Not.

So, what happens then, when you end up on such a list? For one thing, air travel becomes interesting. As such, people on watchlists are often subject to enhanced screening at airports. For example Laura Poitras, one of the journalists who first met Snowden in Hong Kong, has been subject to such scrutiny – for no other crime than filming documentaries (this was pre-Snowden). However,

the government does much more than simply stop watchlisted people at airports. It also covertly collects and analyzes a wide range of personal information about those individuals –including facial images, fingerprints, and iris scans.

Why is this outrageous? Well, for one thing,

Once the U.S. government secretly labels you a terrorist or terrorist suspect, other institutions tend to treat you as one. It can become difficult to get a job (or simply to stay out of jail). It can become burdensome—or impossible—to travel. And routine encounters with law enforcement can turn into ordeals.

More than that,

virtually inescapable government surveillance…has impaired if not eliminated the ability of news-gatherers and attorneys to communicate confidentially with their sources and their clients, according to a new report by two rights advocacy groups.

That’s a pretty big deal. If lawyers can’t communicate with their clients anymore without being snooped on, there goes the ability to build a proper defence. Similarly, if journalists cannot communicate with their source anymore without being overheard, say bye-bye to a free press.

Insufficiently informed journalism can “undermine effective democratic participation and governance,” the report states.

That’s just a couple of examples of what our governments do (to us and others) if we let them.

Should we be worried? Yes, of course we should be. Because, sadly, we have let it get to a point where the surveillance apparatuses built by agencies like the NSA and the GCHQ has have gotten so out of hand that only someone on the inside, someone like Edward Snowden, could save us.

Which is what he has done – at least to the extent that he has given us the information we need to try and save ourselves.

As of recently, it seems that he may not be the only one. Let us hope that he isn’t and that more whistleblowers will follow their example. Because without them we may soon find ourselves well and truly in Minority Report theory and we may not even notice until it’s too late.

So let there be whistleblowers!

No surprises, just Aufregers: Greenwald mag nicht, Oppermann – peinlich

Nach Edward Snowden hat nun mit Glenn Greenwald ein weiterer wichtiger Zeuge einer Aussage vor dem NSA-Ausschuss eine Absage erteilt.

Er wolle sich nicht beteiligen “an einem Ritual…, das den Anschein einer Untersuchung erwecken soll“, hieß es in einem Statement, das Greenwald dem Ausschuss in der Nacht zu Freitag per Email zukommen ließ.

Verwundern tut das sicher nicht. Eben so wenig wundert der Zuspruch, den Greenwald für seine Entscheidung erhält, zum Beispiel von Grünen-Obmann Konstantin von Notz.

Man kann Greenwald nur zustimmen, wenn er schreibt:

Unfortunately, German politicians have demonstrated, with their refusal to interview the key witness in person – Edward Snowden – that they care far more about not upsetting the U.S. than they do about conducting a serious investigation. As a result, I am not willing to participate in a ritual that is intended to cast the illusion of an investigation, but which is actually designed to avoid any real investigation

Also:

Leider haben deutsche Politiker, durch ihre Weigerung den Schlüsselzeugen Edward Snowden persönlich [in Deutschland] zu befragen, demonstriert, dass es für sie wesentlich wichtiger ist, die Beziehungen zu den USA nicht zu belasten, als eine umfassende Untersuchung durchzuführen. Daher bin ich nicht bereit, an einem Ritual mitzuwirken, dass den Anschein einer Untersuchung erwecken soll, aber eigentlich dazu gedacht ist, jeder wirklichen Untersuchung aus dem Weg zu gehen.

Wo er Recht hat. SPD-Fraktionschef Opperman sagt schließlich selbst, Snowden dürfe das Verhältnis Deutschlands zu den USA nicht belasten. „Verlorenes Vertrauen“ zwischen Deutschland und den USA wiederherzustellen hat Priorität vor Aufklärung – was ja an sich schon der Gipfel der Lächerlichkeit ist: ohne Aufklärung kein Vertrauen. Hat die BuReg augenscheinlich immer noch nicht kapiert.

Jochen Zierhut nennt diesen Unsinn auf Tagesschau.de „Heuchelei“ und „Zynismus“ und die Bundesregierung „eine Truppe politischer Feiglinge“. Stimmt. Die Bundesregierung ist an Greenwalds Absage und Snowdens Bredouille (vergangenen Freitag endete sein Asyl Russland und bisher gibt es keine weiteren Angebote) ebenso Schuld, wie an Snowdens Absage im Juni. Greenwalds Absage ist ebenso berechtigt, wie die von Snowden – und zwar aus denselben Gründen. Schlicht ein weiterer in einer langen Reihe epischer Fehlschläge der BuReg.

Übrigens: ein weiterer solcher Fehlschlag sind die Äußerungen eines Patrick Sensburg, der „Mitleid“ für Snowden äußert oder gar eines Thomas Oppermann, der fordert, dass Snowden sich doch bitte der Gerichtsbarkeit der USA stellen solle, damit er nicht „Zeit seines Lebens verfolgt bliebe“. Dazu wäre allerdings eine humanitäre Lösung nötig, so Oppermann, die dann auch gleich “bestehende Belastungen im deutsch-amerikanischen Verhältnis… entschärfen” würde. Weil Snowden das eben nicht dauerhaft tun könne (also das Verhältnis belasten).

Wohlwollend könnte man behaupten, Herr Oppermann missverstünde hier einiges. Weniger wohlwollend könnte man sich fragen, ob er entweder ignorant oder unehrlich ist – „disingenuous“ nennt der Engländer das, look it up.

Genauso unehrlich nämlich wie eine Hillary Clinton oder ein John Kerry, wenn sie ins gleiche Horn tuten und behaupten, Snowden würde, wenn er denn aufrichtig wäre, „nach Hause“ kommen und sich vor Gericht stellen lassen. Das obwohl Frau Clinton, Herr Kerry und man darf annehmen auch Herr Oppermann (sofern er nicht völlig der Realität entrückt ist) mit größter Wahrscheinlichkeit ganz genau wissen, dass es für Edward Snowden in den USA keine faire Verhandlung geben wird.

Mit Verlaub: zu behaupten, Edward Snowden würde die deutsch-amerikanischen Beziehungen belasten ist so ziemlich das Dümmste, das ein Politiker von sich geben kann. Ein paar Stichworte: Spion im NSA-Ausschuss, Merkelphone, Massenausspähung von Millionen Deutschen! Zur Belastung der deutsch-amerikanischen Beziehungen braucht kein Mensch Edward Snowden. Zur Aufklärung der wirklich belastenden Sachverhalte aber schon.

Und von humanitären Lösungen zu sprechen, ist mit Blick auf US-Präsident Obamas Bekenntnis, dass die USA einige Leute („some folks“) gefoltert haben, schlicht aberwitzig. Man solle nicht „„zu frömmlerisch“ über die Verfehlungen… urteilen“, sagt Obama auch noch. Äh, was? Fehlen irgendwem nicht die Worte? Sowohl wegen Oppermanns ausgemachtem Unsinn, als auch Obamas ausgesprochen fragwürdiger Rhetorik? „Some folks“, Mr President? Ernsthaft? Meinten Sie vielleicht „some people“? „Some human beings“? Oder hören Verdächtige auf, Menschen mit Menschenrechten zu sein? Achso Moment, ja klar tun sie das. Um weitere Terroranschläge zu verhindern ist ja jedes Mittel Recht. Daher haben wir alle in den Augen von NSA, BND, der US-Regierung und auch der deutschen Regierung den Status von Verdächtigen. So kann man auf unsere Bürgerrechte pfeifen, uns massenhaft ausspähen und sich dann weigern, die Verletzung unserer Rechte aufzuklären. Man darf das mit der NSA, genau wie mit der Folter, einfach nicht so eng sehen. Das wäre ja total frömmlerisch.

Und Edward Snowden ist ohnenhin ein Straftäter. Asyl? Quatsch! Gerichtstermin!

Naja, zumindest was den drohenden Gerichtstermin angeht, ist Herr Snowden nicht allein. Die Opposition droht der BuReg und deren Duckmäusertum weiterhin mit dem Bundesverfassungsgericht. Wenn Merkels Regierung sich dann einer Klage gegenüber sieht, seien die Damen und Herren daran erinnert, dass sie wesentlich mehr Chancen auf eine faire Verhandlung haben, als Edward Snowden vor einem amerikanischen Gericht hätte.

Herr Oppermann und seine Kollegen in den Feiglingstruppen genannt Bundesregierung und NSA-Ausschuss mögen sich das bitte vor Augen führen und sich mit Äußerungen zurückhalten, die gegenüber Edward Snowden – der ja „aus der Sicht Deutschlands durchaus seine Verdienste habe“ – und den Bürgern Deutschlands herablassend und schlicht beleidigend sind.

Davon, dass Merkel und Kohorten irgendwann ein bisschen Mut auf der Straße herumliegen sehen und diesen dann auch aufheben, ist angesichts des bisherigen Spektakels nicht mehr auszugehen.

Armes Deutschland!

#AsylfürSnowden