0 00:00:00,000 --> 00:00:30,000 Dear viewer, these subtitles were generated by a machine via the service Trint and therefore are (very) buggy. If you are capable, please help us to create good quality subtitles: https://c3subtitles.de/talk/207 Thanks! 1 00:00:09,550 --> 00:00:11,679 So this is going to be a talk by Kurt 2 00:00:11,680 --> 00:00:13,659 Dobson, who's an attorney with the 3 00:00:13,660 --> 00:00:16,089 Electronic Frontier Foundation, 4 00:00:16,090 --> 00:00:18,249 and yeah, that 5 00:00:18,250 --> 00:00:20,979 talk is called through a prism darkly. 6 00:00:20,980 --> 00:00:22,239 Give him a warm round of applause, 7 00:00:22,240 --> 00:00:23,240 please. 8 00:00:26,590 --> 00:00:27,909 Thank you. 9 00:00:27,910 --> 00:00:29,139 Thank you very much, and thank you for 10 00:00:29,140 --> 00:00:30,459 coming out here, it's great to see so 11 00:00:30,460 --> 00:00:31,460 many people. 12 00:00:32,680 --> 00:00:34,749 I am CropScience attorney with the 13 00:00:34,750 --> 00:00:36,279 Electronic Frontier Foundation. 14 00:00:36,280 --> 00:00:38,529 We are a nonprofit civil liberties 15 00:00:38,530 --> 00:00:40,659 organization dedicated to defending 16 00:00:40,660 --> 00:00:42,519 your rights online. 17 00:00:42,520 --> 00:00:44,619 And I have been involved in litigation 18 00:00:44,620 --> 00:00:47,709 against the NSA spying program 19 00:00:47,710 --> 00:00:49,149 since 2006. 20 00:00:50,980 --> 00:00:53,170 And yeah, we've had that. 21 00:00:55,210 --> 00:00:57,159 And we've learned a lot over that time. 22 00:00:57,160 --> 00:00:58,989 Some of it actually first coming out in 23 00:00:58,990 --> 00:01:02,199 2005, a lot of it coming out this summer. 24 00:01:02,200 --> 00:01:04,268 And so we talk a little bit about what 25 00:01:04,269 --> 00:01:07,539 we know started out with the background 26 00:01:07,540 --> 00:01:09,999 where that where the program originated. 27 00:01:10,000 --> 00:01:12,189 Some of the code names 28 00:01:12,190 --> 00:01:14,709 some of the spying laws that purported 29 00:01:14,710 --> 00:01:17,469 to enable the programs. 30 00:01:17,470 --> 00:01:19,839 We can talk about basically two types 31 00:01:19,840 --> 00:01:20,889 of programs. 32 00:01:20,890 --> 00:01:23,079 Some which are purportedly authorized 33 00:01:23,080 --> 00:01:25,269 by law from the Foreign Intelligence 34 00:01:25,270 --> 00:01:27,399 Surveillance Act, Amendment Act 35 00:01:27,400 --> 00:01:29,469 or Pfizer 36 00:01:29,470 --> 00:01:31,599 and the Patriot Act, 37 00:01:31,600 --> 00:01:33,969 and then some which are not authorized 38 00:01:33,970 --> 00:01:36,159 by law but are done by executive order, 39 00:01:36,160 --> 00:01:38,229 which is just an order from the president 40 00:01:38,230 --> 00:01:39,369 to go do it. 41 00:01:39,370 --> 00:01:41,349 And there's a particular executive order 42 00:01:41,350 --> 00:01:42,849 which is dealing with collecting 43 00:01:42,850 --> 00:01:44,979 intelligence around the world 44 00:01:44,980 --> 00:01:46,959 on people like you. 45 00:01:46,960 --> 00:01:48,039 And then finally, we'll talk about 46 00:01:48,040 --> 00:01:50,349 fighting back what we can do to stop 47 00:01:50,350 --> 00:01:51,350 the spying. 48 00:01:52,510 --> 00:01:54,939 So the background after 9-11, 49 00:01:54,940 --> 00:01:57,609 President Bush unleashed the full power 50 00:01:57,610 --> 00:02:00,129 of the NSA, unleashed the eye of Sauron 51 00:02:00,130 --> 00:02:02,709 to look around the world and try and find 52 00:02:02,710 --> 00:02:04,810 everybody all the time. 53 00:02:05,890 --> 00:02:08,049 The NSA had been operating 54 00:02:08,050 --> 00:02:10,989 under some constraints at that point. 55 00:02:10,990 --> 00:02:12,369 Some of those constraints actually were 56 00:02:12,370 --> 00:02:14,019 from the original Foreign Intelligence 57 00:02:14,020 --> 00:02:16,419 Surveillance Act of 1978, 58 00:02:16,420 --> 00:02:18,339 which came about after a number of 59 00:02:18,340 --> 00:02:20,469 scandals encourage 60 00:02:20,470 --> 00:02:22,929 Congress to rein in the NSA. 61 00:02:22,930 --> 00:02:25,479 And they went ahead beyond Pfizer, 62 00:02:25,480 --> 00:02:27,699 ignoring Pfizer with what was called 63 00:02:27,700 --> 00:02:29,770 the president's surveillance program. 64 00:02:30,790 --> 00:02:32,919 A subset of that program was later 65 00:02:32,920 --> 00:02:34,689 called the terrorist surveillance 66 00:02:34,690 --> 00:02:37,239 program. And that first was admitted 67 00:02:37,240 --> 00:02:41,019 by the president in 2005. 68 00:02:41,020 --> 00:02:43,269 The TSP was actually a tautology. 69 00:02:43,270 --> 00:02:45,399 It was that portion of the larger program 70 00:02:45,400 --> 00:02:47,379 that surveil terrorists. 71 00:02:47,380 --> 00:02:49,719 And so it enabled them to say things 72 00:02:49,720 --> 00:02:52,239 like the TSP only surveil terrorists 73 00:02:52,240 --> 00:02:53,889 because by definition, any part of it 74 00:02:53,890 --> 00:02:55,749 that didn't surveil a terrorist wasn't 75 00:02:55,750 --> 00:02:56,750 part of the TSP. 76 00:02:57,910 --> 00:03:00,009 The PSP 77 00:03:00,010 --> 00:03:02,529 was done without any court warrants, 78 00:03:02,530 --> 00:03:04,449 without any of the legal authorities and 79 00:03:04,450 --> 00:03:06,579 niceties that generally are happening 80 00:03:06,580 --> 00:03:08,649 a, you know, rule of law 81 00:03:08,650 --> 00:03:09,650 type of government. 82 00:03:10,900 --> 00:03:13,019 So why did they do it or how did they do 83 00:03:13,020 --> 00:03:15,429 it? Well, the main inspiration came 84 00:03:15,430 --> 00:03:17,859 from the fortuitous 85 00:03:17,860 --> 00:03:19,329 ness of having U.S. 86 00:03:19,330 --> 00:03:21,969 companies sitting on top of the wire. 87 00:03:21,970 --> 00:03:24,339 This comes from one of the original PRISM 88 00:03:24,340 --> 00:03:26,829 slides that came out back in June, 89 00:03:26,830 --> 00:03:29,229 and it shows the paths of 90 00:03:29,230 --> 00:03:31,359 communications between various regions 91 00:03:31,360 --> 00:03:33,639 in the world and the amount of bandwidth. 92 00:03:33,640 --> 00:03:35,559 And as you can see, the very large wide 93 00:03:35,560 --> 00:03:37,929 orange lines are focused 94 00:03:37,930 --> 00:03:39,729 on U.S. and Canada. 95 00:03:39,730 --> 00:03:41,259 And what this means is that a lot of 96 00:03:41,260 --> 00:03:43,059 communications around the world, even if 97 00:03:43,060 --> 00:03:44,619 they're not going to and from the United 98 00:03:44,620 --> 00:03:46,869 States, even if they are going between 99 00:03:46,870 --> 00:03:49,359 two other regions, will likely pass 100 00:03:49,360 --> 00:03:51,459 through the United States because that is 101 00:03:51,460 --> 00:03:52,449 the cheapest path. 102 00:03:52,450 --> 00:03:54,309 That is the one that is going to be the 103 00:03:54,310 --> 00:03:55,629 more efficient path. 104 00:03:56,710 --> 00:03:58,779 And that allows the company 105 00:03:58,780 --> 00:04:00,879 who are sitting on the wire to look at 106 00:04:00,880 --> 00:04:02,080 what's going past. 107 00:04:03,490 --> 00:04:05,559 So they started doing this program and 108 00:04:05,560 --> 00:04:07,749 they were doing it for a number of years 109 00:04:07,750 --> 00:04:09,249 in super secrecy. 110 00:04:09,250 --> 00:04:11,499 So secret, in fact, that the 111 00:04:11,500 --> 00:04:13,659 legal department, the general counsel of 112 00:04:13,660 --> 00:04:16,028 the NSA, was not allowed to see the legal 113 00:04:16,029 --> 00:04:17,859 reasoning behind it. 114 00:04:17,860 --> 00:04:19,509 Very few people within the U.S. 115 00:04:19,510 --> 00:04:21,189 Department of Justice were allowed to see 116 00:04:21,190 --> 00:04:22,959 the legal reasoning behind it. 117 00:04:22,960 --> 00:04:25,839 But eventually, that broke down, and 118 00:04:25,840 --> 00:04:27,999 some of the people in the DOJ started 119 00:04:28,000 --> 00:04:30,489 to see the memos that 120 00:04:30,490 --> 00:04:32,499 explain why they thought this was legal. 121 00:04:32,500 --> 00:04:33,849 And there was actually a very interesting 122 00:04:33,850 --> 00:04:36,489 incident in 2004 123 00:04:36,490 --> 00:04:39,249 where the acting attorney general 124 00:04:39,250 --> 00:04:40,539 got a hold of the reasoning, and there 125 00:04:40,540 --> 00:04:42,729 was one aspect of it that he just 126 00:04:42,730 --> 00:04:44,259 couldn't buy. 127 00:04:44,260 --> 00:04:46,269 And that was. 128 00:04:46,270 --> 00:04:48,039 And, you know, just this is not a, you 129 00:04:48,040 --> 00:04:49,179 know, civil libertarian. 130 00:04:49,180 --> 00:04:51,549 This is a law and order or, you know, 131 00:04:51,550 --> 00:04:53,979 a conservative really ready to surveil 132 00:04:53,980 --> 00:04:55,899 kind of guy. But it was still too much, 133 00:04:55,900 --> 00:04:57,699 and it was that they had come up with a 134 00:04:57,700 --> 00:05:00,339 definition of acquire 135 00:05:00,340 --> 00:05:02,979 such that the process by which 136 00:05:02,980 --> 00:05:04,509 previously they didn't have it and then 137 00:05:04,510 --> 00:05:06,399 later they did have it was not an 138 00:05:06,400 --> 00:05:07,899 acquisition. 139 00:05:07,900 --> 00:05:09,999 And this allowed them to get the stuff 140 00:05:10,000 --> 00:05:12,159 without acquiring it and thus not have 141 00:05:12,160 --> 00:05:13,749 to worry about those laws that talked 142 00:05:13,750 --> 00:05:15,219 about what you had to do to acquire 143 00:05:15,220 --> 00:05:16,479 things. 144 00:05:16,480 --> 00:05:18,129 So he didn't buy it, and he refused to 145 00:05:18,130 --> 00:05:19,599 sign off on the president's surveillance 146 00:05:19,600 --> 00:05:21,099 program. 147 00:05:21,100 --> 00:05:23,289 So at that time, the White 148 00:05:23,290 --> 00:05:26,329 House counsel, Alberto Gonzalez. 149 00:05:26,330 --> 00:05:27,319 Want side? 150 00:05:27,320 --> 00:05:28,639 Well, I'll go over his head. 151 00:05:28,640 --> 00:05:30,079 He was the acting attorney general 152 00:05:30,080 --> 00:05:32,119 because the actual attorney general was 153 00:05:32,120 --> 00:05:34,699 in a hospital with pancreatic cancer 154 00:05:34,700 --> 00:05:37,549 and pancreatitis. 155 00:05:37,550 --> 00:05:39,649 And so they raced to the hospital and 156 00:05:39,650 --> 00:05:41,569 this was actually done with, you know, 157 00:05:41,570 --> 00:05:43,279 sirens and lights blowing through red 158 00:05:43,280 --> 00:05:45,169 lights to get there first. 159 00:05:45,170 --> 00:05:47,539 So what? Gonzales was trying to get the 160 00:05:47,540 --> 00:05:49,159 sick attorney general to sign off at, and 161 00:05:49,160 --> 00:05:51,049 Comey was trying to get there to prevent 162 00:05:51,050 --> 00:05:52,099 that from happening. 163 00:05:52,100 --> 00:05:53,509 Comey did get there first. 164 00:05:54,860 --> 00:05:56,959 The attorney general did not sign off on 165 00:05:56,960 --> 00:05:59,179 it, and they threatened to 166 00:05:59,180 --> 00:06:01,309 resign if the program continued 167 00:06:01,310 --> 00:06:03,979 with this particular aspect. 168 00:06:03,980 --> 00:06:06,139 Eventually, the program actually stopped 169 00:06:07,430 --> 00:06:08,929 going under that theory, and there was a 170 00:06:08,930 --> 00:06:10,759 gap for a couple of months until they 171 00:06:10,760 --> 00:06:13,009 developed a new theory 172 00:06:13,010 --> 00:06:14,869 of being able to obtain the same 173 00:06:14,870 --> 00:06:17,149 information, and we never found 174 00:06:17,150 --> 00:06:18,409 out about it because people did not 175 00:06:18,410 --> 00:06:19,849 resign. 176 00:06:19,850 --> 00:06:22,699 However, about a year later, 177 00:06:22,700 --> 00:06:24,589 the New York Times first revealed the 178 00:06:24,590 --> 00:06:26,689 existence of the PSP, 179 00:06:26,690 --> 00:06:28,519 and they focused on content collection, 180 00:06:28,520 --> 00:06:30,619 collection of content of 181 00:06:30,620 --> 00:06:32,659 internet, communications and telephone 182 00:06:32,660 --> 00:06:33,660 calls. 183 00:06:34,490 --> 00:06:36,499 And this caused a lot of fuss at the 184 00:06:36,500 --> 00:06:38,419 time. This is when the president came out 185 00:06:38,420 --> 00:06:40,159 and said, Well, there is a terrorist 186 00:06:40,160 --> 00:06:41,599 surveillance program, but don't worry, it 187 00:06:41,600 --> 00:06:43,609 only surveilled terrorism. 188 00:06:43,610 --> 00:06:44,899 We're already discussing what that really 189 00:06:44,900 --> 00:06:45,979 meant. 190 00:06:45,980 --> 00:06:48,139 And then in 2006, 191 00:06:48,140 --> 00:06:50,299 USA Today revealed the 192 00:06:50,300 --> 00:06:52,189 call detail records program. 193 00:06:52,190 --> 00:06:54,319 That's the records of who you call, 194 00:06:54,320 --> 00:06:57,169 how long you spoke when the call was. 195 00:06:57,170 --> 00:06:58,759 And they named several companies that 196 00:06:58,760 --> 00:07:01,039 were participating in it, AT&T and 197 00:07:01,040 --> 00:07:02,040 Verizon. 198 00:07:03,050 --> 00:07:05,119 This is when actually in 199 00:07:05,120 --> 00:07:07,009 that time period before the USA Today 200 00:07:07,010 --> 00:07:08,689 article, but after the New York Times is 201 00:07:08,690 --> 00:07:11,359 when it first filed suit 202 00:07:11,360 --> 00:07:13,459 against the program in 203 00:07:13,460 --> 00:07:15,829 2007, 204 00:07:15,830 --> 00:07:17,329 they decided that they were going to say, 205 00:07:17,330 --> 00:07:19,489 OK, we'll put it under the FISA 206 00:07:19,490 --> 00:07:20,899 court. That's the Foreign Intelligence 207 00:07:20,900 --> 00:07:22,849 Surveillance Court. It is a secret court. 208 00:07:22,850 --> 00:07:25,159 We'll talk about that more in a moment 209 00:07:25,160 --> 00:07:27,379 and then to try to bulk up some 210 00:07:27,380 --> 00:07:29,659 of the legal problems they passed the 211 00:07:29,660 --> 00:07:31,699 Protect America Act. 212 00:07:31,700 --> 00:07:33,019 This is part of sort of the American 213 00:07:33,020 --> 00:07:34,759 tradition of having these sort of vaguely 214 00:07:34,760 --> 00:07:35,760 Orwellian names. 215 00:07:36,830 --> 00:07:39,109 And that was a one year 216 00:07:39,110 --> 00:07:40,429 extension. 217 00:07:40,430 --> 00:07:42,859 And then finally, in 2008, 218 00:07:42,860 --> 00:07:45,109 they passed FISA and 219 00:07:45,110 --> 00:07:46,969 that added some additional authority, 220 00:07:46,970 --> 00:07:49,189 most prominently Section 702, which will 221 00:07:49,190 --> 00:07:50,269 which we'll talk about. 222 00:07:51,830 --> 00:07:54,259 So as you go on a couple of code names 223 00:07:54,260 --> 00:07:56,059 to sort of keep in mind the original 224 00:07:56,060 --> 00:07:57,589 program, the president's surveillance 225 00:07:57,590 --> 00:08:00,259 program was known as stellar wind, 226 00:08:00,260 --> 00:08:02,299 and you can think of it as having four 227 00:08:02,300 --> 00:08:04,449 parts and a metal grid here. 228 00:08:04,450 --> 00:08:06,289 So like on one hand, you have either 229 00:08:06,290 --> 00:08:08,449 telephony or internet, and 230 00:08:08,450 --> 00:08:10,219 then they divide it into content and 231 00:08:10,220 --> 00:08:11,419 metadata. 232 00:08:11,420 --> 00:08:13,279 And then within the grid could see some 233 00:08:13,280 --> 00:08:15,829 of the databases and applications 234 00:08:15,830 --> 00:08:18,379 that that information goes into. 235 00:08:18,380 --> 00:08:19,669 Now, this does not mean that that's the 236 00:08:19,670 --> 00:08:21,589 only thing inside these databases. 237 00:08:21,590 --> 00:08:23,659 So Marina, you know, takes in information 238 00:08:23,660 --> 00:08:25,249 from other sources as well. 239 00:08:25,250 --> 00:08:28,639 But this is where those things go into 240 00:08:28,640 --> 00:08:30,199 a couple of other code names to point out 241 00:08:30,200 --> 00:08:31,339 there's one which is evil. 242 00:08:31,340 --> 00:08:33,469 All of this is for 243 00:08:33,470 --> 00:08:34,399 geolocation. 244 00:08:34,400 --> 00:08:36,558 One ETF is one and 245 00:08:36,559 --> 00:08:37,999 foreign. 246 00:08:38,000 --> 00:08:40,699 So in order to help 247 00:08:40,700 --> 00:08:42,558 justify their program, they try and focus 248 00:08:42,559 --> 00:08:44,719 on one and foreign or at least 249 00:08:44,720 --> 00:08:46,549 one and foreign, they use evil all up to 250 00:08:46,550 --> 00:08:49,009 do that. I like evil all because 251 00:08:49,010 --> 00:08:50,749 it has some neat characteristics. 252 00:08:50,750 --> 00:08:51,770 It's a palindrome. 253 00:08:52,850 --> 00:08:55,159 It is also an anagram for I love 254 00:08:55,160 --> 00:08:56,569 evil. 255 00:08:56,570 --> 00:08:58,219 So I think there are some people there, 256 00:08:58,220 --> 00:08:59,989 but I have a 257 00:09:01,340 --> 00:09:03,409 sense of humor and then 258 00:09:03,410 --> 00:09:05,569 fuzzier. This is the location database 259 00:09:05,570 --> 00:09:07,729 of where you are, and 260 00:09:07,730 --> 00:09:10,639 the Fasher seems to be a reference to. 261 00:09:10,640 --> 00:09:12,859 Well, it seems to many words 262 00:09:12,860 --> 00:09:15,379 of fascism think to be really fair, 263 00:09:15,380 --> 00:09:16,729 so boundless. 264 00:09:16,730 --> 00:09:18,829 Indeed, Boundless Informant was one 265 00:09:18,830 --> 00:09:21,049 of the programs or one of the databases 266 00:09:21,050 --> 00:09:22,189 that was revealed. 267 00:09:22,190 --> 00:09:24,949 This is a color map showing 268 00:09:24,950 --> 00:09:27,049 a heat map showing where the SIG 269 00:09:27,050 --> 00:09:28,609 addresses are. 270 00:09:28,610 --> 00:09:30,559 Getting information for Segui addresses 271 00:09:30,560 --> 00:09:32,629 is a collection point. 272 00:09:32,630 --> 00:09:34,729 There are 504 273 00:09:34,730 --> 00:09:37,159 SIG addresses which are 274 00:09:37,160 --> 00:09:38,479 being reflected here. 275 00:09:38,480 --> 00:09:40,789 And this adds up to 276 00:09:40,790 --> 00:09:43,459 billions of pieces of information, 277 00:09:43,460 --> 00:09:45,019 and this is actually only showing it for 278 00:09:45,020 --> 00:09:46,849 a very short period of time. 279 00:09:46,850 --> 00:09:48,319 Now you might, you know, as you might 280 00:09:48,320 --> 00:09:51,049 imagine, some places like Iran 281 00:09:51,050 --> 00:09:53,779 is is in red, Pakistan in red. 282 00:09:53,780 --> 00:09:55,999 But as you can see, there is a 283 00:09:56,000 --> 00:09:58,759 lot of countries which are 284 00:09:58,760 --> 00:10:00,469 considered to be U.S. 285 00:10:00,470 --> 00:10:02,569 allies that are 286 00:10:02,570 --> 00:10:04,519 getting more than just a little bit. 287 00:10:04,520 --> 00:10:06,859 You can see Germany there in Orange, so. 288 00:10:06,860 --> 00:10:08,869 So too, with the United States the same 289 00:10:08,870 --> 00:10:10,309 color as China. 290 00:10:13,050 --> 00:10:15,719 So here are some spying laws. 291 00:10:15,720 --> 00:10:17,849 There's the Wiretap Act that 292 00:10:17,850 --> 00:10:19,919 was one of the first laws 293 00:10:19,920 --> 00:10:22,049 that we have in the United States 294 00:10:22,050 --> 00:10:24,149 to regulate when the government can 295 00:10:24,150 --> 00:10:26,399 listen in on your phone calls that passed 296 00:10:26,400 --> 00:10:29,129 in the 60s and 297 00:10:29,130 --> 00:10:32,009 it was largely for law enforcement 298 00:10:32,010 --> 00:10:33,719 in the 70s, there was the Foreign 299 00:10:33,720 --> 00:10:35,939 Intelligence Surveillance Act that was 300 00:10:35,940 --> 00:10:38,219 born from some of the scandals that were 301 00:10:38,220 --> 00:10:40,559 discovered in the early 70s. 302 00:10:40,560 --> 00:10:42,389 In the 80s came the Electronic 303 00:10:42,390 --> 00:10:44,669 Communications Privacy Act that was 304 00:10:44,670 --> 00:10:46,919 trying to modernize communication 305 00:10:46,920 --> 00:10:49,440 law to deal with email communications. 306 00:10:50,460 --> 00:10:52,799 The USA Patriot Act passed 307 00:10:52,800 --> 00:10:55,499 in the wake of 9-11 in particular 308 00:10:55,500 --> 00:10:57,839 that had a Section 215, 309 00:10:57,840 --> 00:10:59,639 which turned out to be very important to 310 00:10:59,640 --> 00:11:01,019 their spying program. 311 00:11:01,020 --> 00:11:03,089 When that was passing, 312 00:11:03,090 --> 00:11:05,279 that was referred to as 313 00:11:05,280 --> 00:11:07,049 the library records provision, people 314 00:11:07,050 --> 00:11:08,849 were thinking that this was a provision 315 00:11:08,850 --> 00:11:10,949 that might allow them to get records of 316 00:11:10,950 --> 00:11:13,529 what you checked out of libraries. 317 00:11:13,530 --> 00:11:15,329 Little did we know that it actually was 318 00:11:15,330 --> 00:11:17,699 far, far worse. 319 00:11:17,700 --> 00:11:19,619 The Protect America Act This was a 320 00:11:19,620 --> 00:11:20,759 temporary measure. 321 00:11:20,760 --> 00:11:22,939 The final FISA Amendment Act brought 322 00:11:22,940 --> 00:11:24,959 another section, Section 702, which we'll 323 00:11:24,960 --> 00:11:27,239 talk about, which is the rules 324 00:11:27,240 --> 00:11:30,479 about spying on non-Americans 325 00:11:30,480 --> 00:11:32,579 and then also executive order 326 00:11:32,580 --> 00:11:34,349 twelve triple three. 327 00:11:34,350 --> 00:11:35,789 That was an executive order actually 328 00:11:35,790 --> 00:11:37,649 signed a long time ago by President 329 00:11:37,650 --> 00:11:39,629 Reagan. It's been updated a few times 330 00:11:39,630 --> 00:11:41,969 since, but it provides the framework 331 00:11:41,970 --> 00:11:44,639 for spying outside 332 00:11:44,640 --> 00:11:46,709 of the legal frameworks passed 333 00:11:46,710 --> 00:11:47,710 by Congress. 334 00:11:48,930 --> 00:11:51,389 So where we first found out about this 335 00:11:51,390 --> 00:11:53,579 came from finding out 336 00:11:53,580 --> 00:11:55,859 about a splitter that was 337 00:11:55,860 --> 00:11:58,079 in room 641 eh 338 00:11:58,080 --> 00:12:01,319 of AT&T San Francisco facility 339 00:12:01,320 --> 00:12:03,479 whistleblower Mark Klein came 340 00:12:03,480 --> 00:12:05,999 to EFF with some documents showing 341 00:12:06,000 --> 00:12:08,339 how the splitter was hooked 342 00:12:08,340 --> 00:12:10,529 up, where one 343 00:12:10,530 --> 00:12:12,689 copy of the LightStream would 344 00:12:12,690 --> 00:12:14,969 go to the NSA and the other copy would go 345 00:12:14,970 --> 00:12:17,339 to its destination and even provided 346 00:12:17,340 --> 00:12:19,079 a photo of the room. 347 00:12:19,080 --> 00:12:21,209 You can see the room is the door 348 00:12:21,210 --> 00:12:22,169 has no handles. 349 00:12:22,170 --> 00:12:23,759 It was controlled access. 350 00:12:23,760 --> 00:12:25,589 You had to be approved by the NSA to get 351 00:12:25,590 --> 00:12:27,719 access to the room, even to 352 00:12:27,720 --> 00:12:30,479 the point when there was a leak 353 00:12:30,480 --> 00:12:32,849 and it was actually causing some damage 354 00:12:32,850 --> 00:12:34,289 to the rest of the facility. 355 00:12:34,290 --> 00:12:35,819 They couldn't get someone to go in there 356 00:12:35,820 --> 00:12:37,859 and fix the leak until they had gotten 357 00:12:37,860 --> 00:12:39,989 clearance, and it took several, several 358 00:12:39,990 --> 00:12:40,990 days to do so. 359 00:12:42,300 --> 00:12:44,519 This graphic explains 360 00:12:44,520 --> 00:12:46,799 how it works and sort of simple 361 00:12:46,800 --> 00:12:48,809 form. You have all the nice people at the 362 00:12:48,810 --> 00:12:51,359 top of their communications 363 00:12:51,360 --> 00:12:53,249 go to the AT&T facilities. 364 00:12:53,250 --> 00:12:55,499 The splitter takes, the light beam makes 365 00:12:55,500 --> 00:12:57,659 two equal copies, one of which 366 00:12:57,660 --> 00:12:59,009 goes to 641, eh? 367 00:12:59,010 --> 00:13:00,450 And the rest goes on. 368 00:13:03,150 --> 00:13:05,009 So how much are they able to get by 369 00:13:05,010 --> 00:13:06,629 sitting on the wires and putting in the 370 00:13:06,630 --> 00:13:08,699 splitters? Well, the NSA says, you 371 00:13:08,700 --> 00:13:10,139 know, it's not that much. 372 00:13:10,140 --> 00:13:12,359 It's only about 1.6 percent of 373 00:13:12,360 --> 00:13:13,860 the world's internet traffic. 374 00:13:14,910 --> 00:13:17,309 But it's worth pointing out that that 375 00:13:17,310 --> 00:13:18,959 that actually turns out to be a lot of 376 00:13:18,960 --> 00:13:19,879 information. 377 00:13:19,880 --> 00:13:21,959 Well, first of all, only about 12 percent 378 00:13:21,960 --> 00:13:23,909 of the traffic is web. 379 00:13:23,910 --> 00:13:25,979 Another three percent communications. 380 00:13:25,980 --> 00:13:28,079 Almost everything is video 381 00:13:28,080 --> 00:13:30,149 streaming, and about 382 00:13:30,150 --> 00:13:32,459 two thirds of those communications 383 00:13:32,460 --> 00:13:34,169 is spam. So you can sort of bet that the 384 00:13:34,170 --> 00:13:36,539 NSA actually has some of the best spam 385 00:13:36,540 --> 00:13:38,100 filter technology in the world. 386 00:13:39,330 --> 00:13:41,429 And even if we take them at 387 00:13:41,430 --> 00:13:43,829 their word and say it's only 1.6 percent, 388 00:13:43,830 --> 00:13:45,959 that's still 30 petabytes 389 00:13:45,960 --> 00:13:47,579 a day that they're ingesting. 390 00:13:47,580 --> 00:13:49,919 And that is just of the internet traffic 391 00:13:49,920 --> 00:13:51,659 flow. And as we know, they're also 392 00:13:51,660 --> 00:13:53,879 getting phone calls, call 393 00:13:53,880 --> 00:13:55,739 records and location. 394 00:13:56,880 --> 00:13:58,739 So where do you put all of that data? 395 00:13:58,740 --> 00:14:01,259 Well, that turned out to be a problem. 396 00:14:01,260 --> 00:14:03,329 And so they built this new facility out 397 00:14:03,330 --> 00:14:05,399 in Utah. This is just 398 00:14:05,400 --> 00:14:06,629 broke ground. 399 00:14:06,630 --> 00:14:09,059 The summer they finished up in September. 400 00:14:10,200 --> 00:14:12,449 It is a about a 10000 401 00:14:12,450 --> 00:14:14,339 square meter server space. 402 00:14:14,340 --> 00:14:15,959 Various estimates have been given about 403 00:14:15,960 --> 00:14:18,029 the size of it could be up to 12 404 00:14:18,030 --> 00:14:19,139 exabytes. 405 00:14:19,140 --> 00:14:20,940 Uses a lot of power. 406 00:14:22,200 --> 00:14:23,909 And so Brewster Kale, you guys familiar 407 00:14:23,910 --> 00:14:26,129 with the Internet Archive, 408 00:14:26,130 --> 00:14:27,749 the wayback machine. 409 00:14:27,750 --> 00:14:28,649 Anyone? 410 00:14:28,650 --> 00:14:30,059 All right. It's good service. 411 00:14:30,060 --> 00:14:32,669 They store a lot of data. 412 00:14:32,670 --> 00:14:34,859 And Brewster knows a lot about storing 413 00:14:34,860 --> 00:14:36,629 massive amounts of data. 414 00:14:36,630 --> 00:14:39,029 And he estimated just for the U.S. 415 00:14:39,030 --> 00:14:41,179 phone calls, it would take 416 00:14:41,180 --> 00:14:44,009 a four hour, 464 square meters 417 00:14:44,010 --> 00:14:45,899 to store and process that. 418 00:14:45,900 --> 00:14:47,219 That's a lot less than the total 419 00:14:47,220 --> 00:14:49,049 facility. So what is the rest of it? 420 00:14:49,050 --> 00:14:51,239 Well, it's all of your calls. 421 00:14:51,240 --> 00:14:52,559 It's all of the internet data. 422 00:14:53,820 --> 00:14:55,709 And what do you do with all that data? 423 00:14:55,710 --> 00:14:57,629 Well, so Ryzen and licked by our two New 424 00:14:57,630 --> 00:14:59,849 York Times reporters explained. 425 00:14:59,850 --> 00:15:02,069 What they do is comb through it in 426 00:15:02,070 --> 00:15:04,979 a large data mining operation. 427 00:15:04,980 --> 00:15:07,409 John Yoo, who is one of the legal 428 00:15:07,410 --> 00:15:08,789 architects working for the Bush 429 00:15:08,790 --> 00:15:10,979 administration, described it, plucking 430 00:15:10,980 --> 00:15:12,719 out the emails and phone calls that have 431 00:15:12,720 --> 00:15:15,359 a high likelihood of being terrorist 432 00:15:15,360 --> 00:15:17,219 communications. 433 00:15:17,220 --> 00:15:19,859 So this is what they're trying to do. 434 00:15:19,860 --> 00:15:20,969 And how do they do it? 435 00:15:20,970 --> 00:15:23,189 Well, one of the ways they 436 00:15:23,190 --> 00:15:25,589 they they do it is 437 00:15:25,590 --> 00:15:27,509 by playing a little bit of a word game on 438 00:15:27,510 --> 00:15:28,510 what they're doing 439 00:15:29,880 --> 00:15:32,249 holding without collecting. 440 00:15:32,250 --> 00:15:33,779 That is to say, they were able to say to 441 00:15:33,780 --> 00:15:35,339 a number of congressional committees and 442 00:15:35,340 --> 00:15:36,479 other statements that they weren't 443 00:15:36,480 --> 00:15:38,520 collecting all of this information, 444 00:15:40,320 --> 00:15:41,789 and then they later had to sort of 445 00:15:41,790 --> 00:15:43,200 explain what that meant, 446 00:15:44,310 --> 00:15:45,839 said the director of national 447 00:15:45,840 --> 00:15:47,219 intelligence. 448 00:15:47,220 --> 00:15:50,699 He said, think of it like a huge library. 449 00:15:50,700 --> 00:15:52,829 To me, collection would mean taking 450 00:15:52,830 --> 00:15:54,329 the books off the shelf. 451 00:15:54,330 --> 00:15:56,009 Now, I don't think that's how most people 452 00:15:56,010 --> 00:15:58,079 would think of a collection, like if you 453 00:15:58,080 --> 00:16:00,509 went into a library and said, 454 00:16:00,510 --> 00:16:01,649 You know, Well, what? I want a nice 455 00:16:01,650 --> 00:16:02,819 collection. It is. 456 00:16:02,820 --> 00:16:03,989 You can sort of imagine that Clapper 457 00:16:03,990 --> 00:16:06,509 would have to say, No, it's not. 458 00:16:06,510 --> 00:16:07,830 I haven't read all these books yet. 459 00:16:10,570 --> 00:16:12,789 When asked about how 460 00:16:12,790 --> 00:16:14,889 many Americans data were in 461 00:16:14,890 --> 00:16:16,179 there, the director of national 462 00:16:16,180 --> 00:16:18,279 intelligence, McConnell said, We 463 00:16:18,280 --> 00:16:20,409 can't know, we can't know 464 00:16:20,410 --> 00:16:22,689 until we look at what's in there. 465 00:16:22,690 --> 00:16:24,759 And so sort of if we don't look at 466 00:16:24,760 --> 00:16:26,320 it, it doesn't matter. 467 00:16:29,920 --> 00:16:32,109 Instead, they are sort of focus on 468 00:16:32,110 --> 00:16:33,879 what they are targeting. 469 00:16:33,880 --> 00:16:35,619 And so these are so this is a slide that 470 00:16:35,620 --> 00:16:37,839 is giving some of the numbers about 471 00:16:37,840 --> 00:16:40,239 the selectors for targeting. 472 00:16:40,240 --> 00:16:41,139 And you look at these numbers in the, you 473 00:16:41,140 --> 00:16:42,849 know, they're fairly substantial numbers 474 00:16:42,850 --> 00:16:45,099 15000, 19000, 475 00:16:45,100 --> 00:16:47,469 but not supremely huge numbers. 476 00:16:47,470 --> 00:16:49,059 And that is because what they're talking 477 00:16:49,060 --> 00:16:51,249 about is targeting, but 478 00:16:51,250 --> 00:16:52,839 when they are targeting something, 479 00:16:52,840 --> 00:16:54,339 they're hitting a lot more than their 480 00:16:54,340 --> 00:16:55,340 target. 481 00:16:55,990 --> 00:16:58,299 And so they try to minimize the amount 482 00:16:58,300 --> 00:17:00,789 of the scariness 483 00:17:00,790 --> 00:17:03,009 of it by talking about the selectors. 484 00:17:03,010 --> 00:17:05,348 But when one selector can mean 485 00:17:05,349 --> 00:17:06,609 a lot of information. 486 00:17:08,990 --> 00:17:11,299 So let's talk about 487 00:17:11,300 --> 00:17:14,179 Pfizer seven oh, two, Pfizer. 488 00:17:14,180 --> 00:17:16,039 This is the section of the law that 489 00:17:16,040 --> 00:17:18,259 passed in 2008 that 490 00:17:20,420 --> 00:17:23,118 is set up to design, designed for 491 00:17:23,119 --> 00:17:25,579 getting the content of communications 492 00:17:26,750 --> 00:17:29,029 outside of the U.S. 493 00:17:29,030 --> 00:17:30,649 and they have two sources you should use 494 00:17:30,650 --> 00:17:33,349 both upstream 495 00:17:33,350 --> 00:17:35,569 and that's sitting on the wire, the fiber 496 00:17:35,570 --> 00:17:38,119 optic splitters we talked about earlier 497 00:17:38,120 --> 00:17:40,519 and then PRISM, which was revealed 498 00:17:40,520 --> 00:17:42,979 this summer. And that is collection from 499 00:17:42,980 --> 00:17:44,390 the service providers 500 00:17:45,440 --> 00:17:47,689 and PRISM involve collection 501 00:17:47,690 --> 00:17:49,849 both through 702 orders 502 00:17:52,160 --> 00:17:54,289 and also through through other means 503 00:17:54,290 --> 00:17:55,519 that were gathered in there. 504 00:17:55,520 --> 00:17:58,159 We will talk about those in a bit. 505 00:17:58,160 --> 00:18:00,739 And it had some targeting 506 00:18:00,740 --> 00:18:03,319 and minimization rules. 507 00:18:03,320 --> 00:18:05,779 So one is that the statute 508 00:18:05,780 --> 00:18:08,239 said, you know, you have to be targeting 509 00:18:08,240 --> 00:18:09,240 foreigners. 510 00:18:10,250 --> 00:18:12,319 And so they interpret this to mean as 511 00:18:12,320 --> 00:18:15,259 a 51 percent chance or more 512 00:18:15,260 --> 00:18:17,389 that something is foreign. 513 00:18:17,390 --> 00:18:19,579 And so if it's slightly 514 00:18:19,580 --> 00:18:20,749 better than a coin flip, 515 00:18:22,970 --> 00:18:25,069 then you assume it's for him and 516 00:18:25,070 --> 00:18:26,299 unless it's proven otherwise. 517 00:18:26,300 --> 00:18:27,889 So if it's unknown, if they can't figure 518 00:18:27,890 --> 00:18:29,719 it out one way or the other, then it's 519 00:18:29,720 --> 00:18:30,859 foreign. 520 00:18:30,860 --> 00:18:32,929 And then if if they can't 521 00:18:32,930 --> 00:18:34,729 tell exactly what it is because it's 522 00:18:34,730 --> 00:18:36,259 encrypted, well, they'll just keep it 523 00:18:36,260 --> 00:18:38,750 around forever until they do. 524 00:18:41,580 --> 00:18:44,009 And to get these orders, they go to 525 00:18:44,010 --> 00:18:45,509 the FISA court. 526 00:18:45,510 --> 00:18:47,639 Now the FISA court, I 527 00:18:47,640 --> 00:18:49,859 have not seen it, but someone who 528 00:18:49,860 --> 00:18:52,079 has was helpful enough to make this 529 00:18:52,080 --> 00:18:53,339 drawing of its entrance. 530 00:18:54,510 --> 00:18:55,799 This is the secure door. 531 00:18:55,800 --> 00:18:57,729 You can see the hand reader there. 532 00:18:57,730 --> 00:18:58,979 He passed the code. 533 00:18:58,980 --> 00:19:01,889 The court meets inside a Faraday cage. 534 00:19:01,890 --> 00:19:04,799 It is a highly protected 535 00:19:04,800 --> 00:19:05,699 it right now. 536 00:19:05,700 --> 00:19:07,799 It is in the the court 537 00:19:07,800 --> 00:19:09,959 in Washington, D.C., for 538 00:19:09,960 --> 00:19:11,669 a long time, actually for the first, like 539 00:19:11,670 --> 00:19:13,109 20 years or so. 540 00:19:13,110 --> 00:19:15,529 It was inside the Department of Justice, 541 00:19:15,530 --> 00:19:18,029 so in the same building as 542 00:19:18,030 --> 00:19:20,099 the attorneys who are going to 543 00:19:20,100 --> 00:19:21,150 get orders from it. 544 00:19:22,170 --> 00:19:23,499 Then they finally sort of saw it. 545 00:19:23,500 --> 00:19:25,589 Well, that seems to be maybe 546 00:19:25,590 --> 00:19:27,779 a little bit too much to see, like we're 547 00:19:27,780 --> 00:19:29,519 working too closely together. 548 00:19:29,520 --> 00:19:31,920 So we'll move it to to a new building. 549 00:19:33,480 --> 00:19:36,269 He was established under the FISA Act 550 00:19:36,270 --> 00:19:38,579 and in its original idea, 551 00:19:38,580 --> 00:19:41,399 it was about spying on spies. 552 00:19:41,400 --> 00:19:43,409 So, you know, other foreign intelligence 553 00:19:43,410 --> 00:19:45,929 agents may be diplomats, 554 00:19:45,930 --> 00:19:49,379 sort of the traditional notions of 555 00:19:49,380 --> 00:19:51,809 foreign intelligence, but its 556 00:19:51,810 --> 00:19:54,419 role was massively expanded, 557 00:19:54,420 --> 00:19:56,010 especially after nine eleven, 558 00:19:57,090 --> 00:19:59,609 and it is now being used 559 00:19:59,610 --> 00:20:01,410 to far more. 560 00:20:03,150 --> 00:20:05,219 And it goes in there and is basically a 561 00:20:05,220 --> 00:20:06,929 rubber stamp court. 562 00:20:06,930 --> 00:20:08,219 They go in there, they provide the 563 00:20:08,220 --> 00:20:09,220 application. 564 00:20:10,350 --> 00:20:12,809 They have a phenomenal approval 565 00:20:12,810 --> 00:20:13,889 rate. 566 00:20:13,890 --> 00:20:15,419 It is an ex parte court. 567 00:20:15,420 --> 00:20:17,639 What that means is only one side gets 568 00:20:17,640 --> 00:20:20,009 to argue. They only get to see 569 00:20:20,010 --> 00:20:21,479 what the government has to say without 570 00:20:21,480 --> 00:20:23,609 any counter argument, and they tend 571 00:20:23,610 --> 00:20:25,679 to just believe what it says. 572 00:20:25,680 --> 00:20:27,929 Now, after some of the revelations 573 00:20:27,930 --> 00:20:29,939 this summer, the FISA court felt that it 574 00:20:29,940 --> 00:20:32,909 was necessary to sort of explain itself. 575 00:20:32,910 --> 00:20:34,499 And in doing so, they said, basically, 576 00:20:34,500 --> 00:20:36,359 the court does not have the capacity to 577 00:20:36,360 --> 00:20:38,849 investigate issues of noncompliance. 578 00:20:38,850 --> 00:20:40,410 They don't know what it's doing. 579 00:20:41,520 --> 00:20:43,289 They're basically unable to provide 580 00:20:43,290 --> 00:20:45,419 oversight. Nevertheless, the government 581 00:20:45,420 --> 00:20:47,039 often points to this court as saying, 582 00:20:47,040 --> 00:20:49,349 This is where we get the oversight. 583 00:20:49,350 --> 00:20:50,909 Now there's a couple of definitions 584 00:20:50,910 --> 00:20:52,709 within the Foreign Intelligence 585 00:20:52,710 --> 00:20:55,799 Surveillance Act that that are important. 586 00:20:55,800 --> 00:20:58,799 One is the United States person. 587 00:20:58,800 --> 00:21:00,689 So this is what it is interested in 588 00:21:00,690 --> 00:21:02,159 protecting. It's not that interested in 589 00:21:02,160 --> 00:21:03,389 protecting you. It's interested in 590 00:21:03,390 --> 00:21:04,739 protecting U.S. 591 00:21:04,740 --> 00:21:06,989 citizens or permanent residents 592 00:21:06,990 --> 00:21:08,879 groups with substantial numbers of U.S. 593 00:21:08,880 --> 00:21:10,289 persons or U.S. 594 00:21:10,290 --> 00:21:11,669 corporations. 595 00:21:11,670 --> 00:21:13,829 And then what is trying to get at is 596 00:21:13,830 --> 00:21:15,749 foreign intelligence information. 597 00:21:15,750 --> 00:21:17,129 Now that includes the things that you 598 00:21:17,130 --> 00:21:19,409 would sort of expect it to include, 599 00:21:19,410 --> 00:21:22,109 you know, national security terrorists. 600 00:21:22,110 --> 00:21:24,539 But it has another provision here things 601 00:21:24,540 --> 00:21:26,939 that relate to the conduct of the foreign 602 00:21:26,940 --> 00:21:29,129 affairs of the United States. 603 00:21:29,130 --> 00:21:30,329 Now, as you might imagine, that is an 604 00:21:30,330 --> 00:21:31,890 extraordinarily broad 605 00:21:33,690 --> 00:21:34,769 definition. 606 00:21:34,770 --> 00:21:36,989 Almost anything could relate 607 00:21:36,990 --> 00:21:38,579 to the conduct of the foreign affairs of 608 00:21:38,580 --> 00:21:40,079 the United States. 609 00:21:40,080 --> 00:21:42,209 And if you ever if you listen closely to 610 00:21:42,210 --> 00:21:44,399 when the government is trying 611 00:21:44,400 --> 00:21:46,469 to explain what they're looking 612 00:21:46,470 --> 00:21:48,359 for and what they're doing, they will be 613 00:21:48,360 --> 00:21:50,939 using examples such as 614 00:21:50,940 --> 00:21:53,579 going after terrorists, 615 00:21:53,580 --> 00:21:56,220 including national security. 616 00:21:57,300 --> 00:21:59,130 But of course, also including 617 00:22:00,390 --> 00:22:01,769 the foreign affairs, the United States. 618 00:22:03,600 --> 00:22:05,609 So we talked before about how had to be 619 00:22:05,610 --> 00:22:07,769 51 percent or more for it. 620 00:22:07,770 --> 00:22:09,659 So how do they figure that out? 621 00:22:09,660 --> 00:22:11,939 Well, the hair we saw the XKeyscore 622 00:22:11,940 --> 00:22:14,009 dashboard and it has a 623 00:22:14,010 --> 00:22:16,469 handy pull down menu 624 00:22:16,470 --> 00:22:18,899 where it has a pre-selected reasons 625 00:22:18,900 --> 00:22:20,879 why someone might be 51 percent or more 626 00:22:20,880 --> 00:22:23,309 foreign. And all they have to do 627 00:22:23,310 --> 00:22:24,899 is select one of these. 628 00:22:24,900 --> 00:22:26,759 And then that is a pre-approved good 629 00:22:26,760 --> 00:22:28,209 reason. And then they move on. 630 00:22:28,210 --> 00:22:29,549 So you just go there, select the one you 631 00:22:29,550 --> 00:22:30,479 want. Move on. 632 00:22:30,480 --> 00:22:32,369 It's very hard to make a mistake because 633 00:22:32,370 --> 00:22:33,809 all of the answers are correct. 634 00:22:37,320 --> 00:22:38,320 And I'm. 635 00:22:41,370 --> 00:22:43,889 There is the targeting procedures. 636 00:22:43,890 --> 00:22:45,989 So here's an example of what 637 00:22:45,990 --> 00:22:48,279 they mean sort of by targeting something, 638 00:22:48,280 --> 00:22:51,509 this is an example about Sweden, 639 00:22:51,510 --> 00:22:53,849 and what they targeted was 640 00:22:53,850 --> 00:22:56,129 everybody in Sweden 641 00:22:56,130 --> 00:22:58,259 who went to this particular 642 00:22:58,260 --> 00:23:00,479 URL. So you put in the URL 643 00:23:00,480 --> 00:23:02,459 and one field, you put in the country 644 00:23:02,460 --> 00:23:04,709 code and the other push the go button 645 00:23:04,710 --> 00:23:06,480 and now you have a targeted 646 00:23:07,560 --> 00:23:08,560 collection. 647 00:23:09,690 --> 00:23:12,119 One of the searches that was revealed 648 00:23:12,120 --> 00:23:14,519 in that document sort of shows how 649 00:23:14,520 --> 00:23:16,109 broadly this can be. 650 00:23:16,110 --> 00:23:18,239 It was looking for communications that 651 00:23:18,240 --> 00:23:20,429 had the word Ericsson, which 652 00:23:20,430 --> 00:23:21,749 I believe they were referring to the 653 00:23:21,750 --> 00:23:23,309 Swedish manufacturer and not just the 654 00:23:23,310 --> 00:23:25,559 last name and the word 655 00:23:25,560 --> 00:23:27,719 radio or radar. 656 00:23:27,720 --> 00:23:29,339 And you can sort of imagine how many 657 00:23:29,340 --> 00:23:31,499 communications say to 658 00:23:31,500 --> 00:23:32,489 or from somebody named. 659 00:23:32,490 --> 00:23:34,739 Ericsson might have the word radio 660 00:23:34,740 --> 00:23:36,839 in them, but rather than 661 00:23:36,840 --> 00:23:38,759 miss any, they're getting all of them. 662 00:23:38,760 --> 00:23:40,619 And this is what they mean by targeting 663 00:23:40,620 --> 00:23:41,620 things. 664 00:23:42,150 --> 00:23:44,309 Once they obtain the information, they 665 00:23:44,310 --> 00:23:45,479 process it. 666 00:23:45,480 --> 00:23:47,399 The slide is showing sort of how it goes. 667 00:23:47,400 --> 00:23:49,319 You can see some of the databases we 668 00:23:49,320 --> 00:23:51,929 mentioned earlier Marina Main Way 669 00:23:51,930 --> 00:23:53,099 Nucleon. 670 00:23:53,100 --> 00:23:54,809 So it goes through these various 671 00:23:54,810 --> 00:23:56,729 processes and then ends up in the 672 00:23:56,730 --> 00:23:58,859 database where it can be retrieved later. 673 00:24:00,540 --> 00:24:02,669 Now our turn to Section 215 674 00:24:02,670 --> 00:24:03,929 of the Patriot Act. 675 00:24:03,930 --> 00:24:06,059 They said this was originally thought of 676 00:24:06,060 --> 00:24:07,319 as a library provision. 677 00:24:07,320 --> 00:24:10,109 It was to allow them to produce tangible 678 00:24:10,110 --> 00:24:11,110 things, 679 00:24:12,330 --> 00:24:14,489 and it had what was thought to 680 00:24:14,490 --> 00:24:16,769 be a restriction on how broadly 681 00:24:16,770 --> 00:24:18,689 could be used. These things had to be 682 00:24:18,690 --> 00:24:20,759 relevant to an authorized 683 00:24:20,760 --> 00:24:22,529 investigation. 684 00:24:22,530 --> 00:24:24,659 It was imagined to be similar to a 685 00:24:24,660 --> 00:24:26,819 grand jury subpoena, which is sort of 686 00:24:26,820 --> 00:24:29,039 the typical process by which 687 00:24:29,040 --> 00:24:32,399 a prosecutor could get records from, 688 00:24:32,400 --> 00:24:33,749 you know, from the phone company. 689 00:24:33,750 --> 00:24:35,699 You know, they get one record about one 690 00:24:35,700 --> 00:24:36,780 person at a time. 691 00:24:38,700 --> 00:24:41,459 Then we saw the Verizon order 692 00:24:41,460 --> 00:24:43,349 and the Verizon order show what they 693 00:24:43,350 --> 00:24:45,719 meant by relevant was 694 00:24:45,720 --> 00:24:48,119 everything, all the calls 695 00:24:48,120 --> 00:24:50,279 of all the people, all 696 00:24:50,280 --> 00:24:51,280 of the time, 697 00:24:52,590 --> 00:24:54,899 all the information about them 698 00:24:54,900 --> 00:24:56,999 dumped on a daily basis, with the order 699 00:24:57,000 --> 00:24:59,369 being constantly reviewed, 700 00:24:59,370 --> 00:25:01,559 renewed every 90 days. 701 00:25:03,120 --> 00:25:04,889 So that sounds like a lot of information, 702 00:25:04,890 --> 00:25:07,559 but a it's just metadata. 703 00:25:08,580 --> 00:25:10,859 So in the defense of the program, 704 00:25:10,860 --> 00:25:12,719 President Obama said, Well, we're not 705 00:25:12,720 --> 00:25:14,129 listening to your calls. 706 00:25:14,130 --> 00:25:16,889 We're just sifting through so-called 707 00:25:16,890 --> 00:25:18,629 metadata like how he adds sort of the so 708 00:25:18,630 --> 00:25:20,429 called in there to sort of make it 709 00:25:20,430 --> 00:25:22,709 somewhat dismissive in it. 710 00:25:22,710 --> 00:25:24,839 They keep on saying we don't listen 711 00:25:24,840 --> 00:25:26,849 in to the calls did not include the 712 00:25:26,850 --> 00:25:27,850 content. 713 00:25:29,190 --> 00:25:31,529 But let's let's examine some of these 714 00:25:31,530 --> 00:25:33,089 explanations. 715 00:25:33,090 --> 00:25:34,170 Let's say one of them was 716 00:25:35,250 --> 00:25:37,019 we're not getting the identity of the 717 00:25:37,020 --> 00:25:38,459 people involved. 718 00:25:38,460 --> 00:25:39,959 Well, that that's nice. 719 00:25:39,960 --> 00:25:42,179 But it's possible that the NSA has access 720 00:25:42,180 --> 00:25:44,369 to phonebook technology and 721 00:25:44,370 --> 00:25:46,050 they can cross-reference things. 722 00:25:49,980 --> 00:25:52,409 They also said no location 723 00:25:52,410 --> 00:25:55,709 information under this program. 724 00:25:55,710 --> 00:25:57,629 More recently, it was revealed then that 725 00:25:57,630 --> 00:25:59,909 well under a different program. 726 00:25:59,910 --> 00:26:01,380 Well, that's a that's another story 727 00:26:02,460 --> 00:26:04,259 they said, well, it's only a few hundred 728 00:26:04,260 --> 00:26:05,260 selectors. 729 00:26:06,330 --> 00:26:08,669 But then once they have each selector, 730 00:26:08,670 --> 00:26:10,469 they take it three hops. 731 00:26:10,470 --> 00:26:11,459 And so that's everybody. 732 00:26:11,460 --> 00:26:12,779 You call everybody. 733 00:26:12,780 --> 00:26:13,979 They call everybody. 734 00:26:13,980 --> 00:26:15,029 They call. 735 00:26:15,030 --> 00:26:17,489 And so on until one 736 00:26:17,490 --> 00:26:19,829 one selector can be 737 00:26:19,830 --> 00:26:21,629 hundreds of thousands, if not millions of 738 00:26:21,630 --> 00:26:23,729 people, depending on how frequently they 739 00:26:23,730 --> 00:26:24,899 call people, how many different people 740 00:26:24,900 --> 00:26:27,089 they call over the years and years 741 00:26:27,090 --> 00:26:28,439 of data that they are collecting. 742 00:26:31,140 --> 00:26:32,969 So they had some legal basis for this, 743 00:26:32,970 --> 00:26:33,970 the FISA court. 744 00:26:34,920 --> 00:26:36,899 Originally, they approved it by basically 745 00:26:36,900 --> 00:26:39,149 saying, Yep, looks like it meets 746 00:26:39,150 --> 00:26:40,259 the statute. Go ahead. 747 00:26:41,310 --> 00:26:43,289 And then, you know, the program got 748 00:26:43,290 --> 00:26:44,609 revealed. There's a lot of public 749 00:26:44,610 --> 00:26:46,679 controversy, and only then 750 00:26:46,680 --> 00:26:48,419 did they issue an opinion that that 751 00:26:48,420 --> 00:26:50,309 purported to have some, some legal 752 00:26:50,310 --> 00:26:51,310 analysis. 753 00:26:52,170 --> 00:26:54,119 The the first opinion came out sort of 754 00:26:54,120 --> 00:26:56,099 discussing some of the legal issues. 755 00:26:56,100 --> 00:26:57,509 They said, Yeah, you know, relevance 756 00:26:57,510 --> 00:26:59,789 doesn't actually mean anything. 757 00:26:59,790 --> 00:27:01,019 So it was OK. 758 00:27:01,020 --> 00:27:02,249 And then some people pointed out, Well, 759 00:27:02,250 --> 00:27:03,779 gee, you know, you didn't look at 760 00:27:04,800 --> 00:27:06,960 Supreme Court case that had talked about 761 00:27:08,940 --> 00:27:10,739 us V. Jones, which is Supreme Court case 762 00:27:10,740 --> 00:27:13,409 that talked about how you couldn't 763 00:27:13,410 --> 00:27:15,509 you needed a warrant to go after people 764 00:27:15,510 --> 00:27:17,729 and surveil them with GPS. 765 00:27:17,730 --> 00:27:19,229 So then they issued another opinion and 766 00:27:19,230 --> 00:27:20,999 trying to deal with that. 767 00:27:21,000 --> 00:27:23,939 This is after the fact justifications 768 00:27:23,940 --> 00:27:25,949 which they felt were necessary because of 769 00:27:25,950 --> 00:27:27,959 the public controversy, not a true 770 00:27:27,960 --> 00:27:30,009 analysis that began looking at it 771 00:27:30,010 --> 00:27:32,909 skeptically from the beginning 772 00:27:32,910 --> 00:27:35,399 when it came to an open court. 773 00:27:35,400 --> 00:27:36,989 Things were a little bit different. 774 00:27:36,990 --> 00:27:39,299 We've now had two court rulings 775 00:27:39,300 --> 00:27:41,579 that have looked at it in open court. 776 00:27:41,580 --> 00:27:43,409 One good, one bad. 777 00:27:43,410 --> 00:27:45,869 So the first opinion found that it was 778 00:27:45,870 --> 00:27:47,339 likely unconstitutional. 779 00:27:48,720 --> 00:27:50,639 And then earlier this week, there was 780 00:27:50,640 --> 00:27:52,379 another opinion that unfortunately went 781 00:27:52,380 --> 00:27:53,369 the other way. 782 00:27:53,370 --> 00:27:55,709 These are going to go up on appeal, 783 00:27:55,710 --> 00:27:58,109 and we hope that the right decision 784 00:27:58,110 --> 00:27:59,369 will eventually be reached. 785 00:28:01,010 --> 00:28:03,379 So let's take a moment to talk about why 786 00:28:03,380 --> 00:28:04,459 it matters, so they're saying like it 787 00:28:04,460 --> 00:28:05,779 doesn't really matter, it's just 788 00:28:05,780 --> 00:28:07,909 metadata. It's information about 789 00:28:07,910 --> 00:28:10,099 your calls, not the content itself, 790 00:28:10,100 --> 00:28:13,189 but actually metadata matters a lot. 791 00:28:13,190 --> 00:28:15,439 And so we have some examples here of 792 00:28:15,440 --> 00:28:17,719 how well, if you just 793 00:28:17,720 --> 00:28:19,939 know when the call is 794 00:28:19,940 --> 00:28:22,459 who you're talking to, what time, 795 00:28:22,460 --> 00:28:23,719 how long you spoke. 796 00:28:23,720 --> 00:28:25,969 You can get a great deal of information 797 00:28:25,970 --> 00:28:27,409 about the meaning of the communication. 798 00:28:27,410 --> 00:28:29,719 In fact, it may be easier to figure 799 00:28:29,720 --> 00:28:31,759 out what you're talking about than 800 00:28:31,760 --> 00:28:32,749 listening to the content. 801 00:28:32,750 --> 00:28:34,849 If you listen to the actual words 802 00:28:34,850 --> 00:28:37,129 people are speaking, they may 803 00:28:37,130 --> 00:28:38,779 be, you know, mumbling there might be 804 00:28:38,780 --> 00:28:40,009 some static on the line. 805 00:28:40,010 --> 00:28:41,900 You have to sort of parse it. 806 00:28:43,280 --> 00:28:44,959 It's kind of a pain. 807 00:28:44,960 --> 00:28:46,370 But with metadata. 808 00:28:47,480 --> 00:28:49,579 You have some hard facts, and 809 00:28:49,580 --> 00:28:51,379 you can make inferences that can often 810 00:28:51,380 --> 00:28:53,539 tell you a lot more about the 811 00:28:53,540 --> 00:28:55,399 meaning of the communication than 812 00:28:55,400 --> 00:28:57,559 actually parsing the communications 813 00:28:57,560 --> 00:28:58,560 themselves. 814 00:29:00,070 --> 00:29:02,259 So the final authority 815 00:29:02,260 --> 00:29:04,419 under this three part system is executive 816 00:29:04,420 --> 00:29:06,609 order twelve triple three. 817 00:29:06,610 --> 00:29:08,739 So this is it's 818 00:29:08,740 --> 00:29:11,469 an authority in some sense, but 819 00:29:11,470 --> 00:29:13,689 it is not a limit 820 00:29:13,690 --> 00:29:15,429 on spying. And unlike the Foreign 821 00:29:15,430 --> 00:29:17,529 Intelligence Surveillance Act, 822 00:29:17,530 --> 00:29:18,699 where it is trying to put some 823 00:29:18,700 --> 00:29:20,139 limitations and say there has to be the 824 00:29:20,140 --> 00:29:22,779 limitation and targeting so on. 825 00:29:22,780 --> 00:29:24,909 It is not a substantive limit. 826 00:29:24,910 --> 00:29:27,519 It suggests you use the least intrusive 827 00:29:27,520 --> 00:29:29,769 collection techniques feasible. 828 00:29:29,770 --> 00:29:32,139 If you know something extremely 829 00:29:32,140 --> 00:29:33,879 intrusive is the least intrusive, well, 830 00:29:33,880 --> 00:29:34,880 then so be it. 831 00:29:36,340 --> 00:29:38,409 And it's OK, so long as 832 00:29:38,410 --> 00:29:40,929 it's in accordance with procedures 833 00:29:40,930 --> 00:29:42,789 so they can come up with procedures. 834 00:29:42,790 --> 00:29:43,989 And once those procedures that are in 835 00:29:43,990 --> 00:29:45,849 place, then they have satisfied the 836 00:29:45,850 --> 00:29:48,129 requirements of twelve triple three. 837 00:29:48,130 --> 00:29:49,689 And then also helpfully, at the end of 838 00:29:49,690 --> 00:29:51,519 twelve triple three, they mentioned that 839 00:29:51,520 --> 00:29:54,069 if they if there's any violation of it, 840 00:29:54,070 --> 00:29:55,359 there's no substantive right. 841 00:29:55,360 --> 00:29:57,579 You can't sue to say that 842 00:29:57,580 --> 00:29:59,949 this was unlawful because they violated 843 00:29:59,950 --> 00:30:01,569 executive order twelve triple three. 844 00:30:02,860 --> 00:30:04,929 So under that authority, they do a couple 845 00:30:04,930 --> 00:30:06,939 of things. There's some bulk operations. 846 00:30:06,940 --> 00:30:08,589 So we found out about some of the phone 847 00:30:08,590 --> 00:30:11,169 call operation, 70 million calls 848 00:30:11,170 --> 00:30:14,109 and France 60 million in Spain, 849 00:30:14,110 --> 00:30:16,239 apparently with the assistance 850 00:30:16,240 --> 00:30:17,979 of the French and Spanish intelligence 851 00:30:17,980 --> 00:30:19,749 service. They're using this to get 852 00:30:19,750 --> 00:30:22,599 financial records through Swift. 853 00:30:22,600 --> 00:30:24,669 Swift is the cooperative owned 854 00:30:24,670 --> 00:30:27,129 by several several thousand financial 855 00:30:27,130 --> 00:30:29,109 institutions, so this is getting 856 00:30:29,110 --> 00:30:30,519 information about your credit card 857 00:30:30,520 --> 00:30:32,679 transactions and what you're spending and 858 00:30:32,680 --> 00:30:33,680 where. 859 00:30:34,750 --> 00:30:36,459 But that wasn't enough, so they also 860 00:30:36,460 --> 00:30:38,769 needed to get some of the information 861 00:30:38,770 --> 00:30:40,659 from the internet providers. 862 00:30:40,660 --> 00:30:42,519 So we recently learned about the muscular 863 00:30:42,520 --> 00:30:43,959 program. 864 00:30:43,960 --> 00:30:46,059 And this was going into the data 865 00:30:46,060 --> 00:30:48,219 links between tech company data 866 00:30:48,220 --> 00:30:49,209 centers. 867 00:30:49,210 --> 00:30:51,309 If you guys have been to several of the 868 00:30:51,310 --> 00:30:53,589 talks here, you've probably seen this 869 00:30:53,590 --> 00:30:54,669 graphic quite a bit. 870 00:30:54,670 --> 00:30:56,019 It's a pretty good one. 871 00:30:56,020 --> 00:30:58,179 They point out where the SSL 872 00:30:58,180 --> 00:31:00,429 is added. Remove, add the little taunting 873 00:31:00,430 --> 00:31:01,430 smiley face. 874 00:31:03,340 --> 00:31:05,439 This smiley face, I think, has come 875 00:31:05,440 --> 00:31:06,440 back to bite them. 876 00:31:07,720 --> 00:31:09,819 It has been interpreted as a bit of a 877 00:31:09,820 --> 00:31:11,889 taunt by the companies, and 878 00:31:11,890 --> 00:31:13,959 the companies have responded 879 00:31:13,960 --> 00:31:15,849 by encrypting the links between their 880 00:31:15,850 --> 00:31:18,759 data center, increasing the adoption 881 00:31:18,760 --> 00:31:20,859 of HTTPS by default 882 00:31:22,000 --> 00:31:24,339 by using strict transport security, 883 00:31:24,340 --> 00:31:26,469 adding forward secrecy. 884 00:31:26,470 --> 00:31:28,629 We recently did a survey, our crypto 885 00:31:28,630 --> 00:31:30,909 web report, that shown there 886 00:31:30,910 --> 00:31:32,109 on the slide. 887 00:31:32,110 --> 00:31:34,239 You can. The green checkmarks are for the 888 00:31:34,240 --> 00:31:36,369 companies who are doing 889 00:31:36,370 --> 00:31:37,899 some of these things. 890 00:31:37,900 --> 00:31:40,179 Have the column on the 891 00:31:40,180 --> 00:31:42,369 on the left is for encrypting 892 00:31:42,370 --> 00:31:43,959 data center links. There's a lot more 893 00:31:43,960 --> 00:31:45,519 check marks there than even when we 894 00:31:45,520 --> 00:31:47,619 started the survey, though there are 895 00:31:47,620 --> 00:31:49,689 some notable exceptions on 896 00:31:49,690 --> 00:31:50,799 there. 897 00:31:50,800 --> 00:31:52,359 You'll notice that all of the 898 00:31:53,560 --> 00:31:55,659 telecom providers, well, 899 00:31:55,660 --> 00:31:56,740 they have a lot of 900 00:31:58,570 --> 00:32:00,789 red marks and unknowns. 901 00:32:00,790 --> 00:32:02,529 I don't think that they're going to be 902 00:32:02,530 --> 00:32:03,999 pushing too hard for additional 903 00:32:04,000 --> 00:32:05,000 encryption. 904 00:32:06,310 --> 00:32:08,169 We learned about the Co-travellers 905 00:32:08,170 --> 00:32:09,189 Traveler program. 906 00:32:09,190 --> 00:32:11,709 This is the program by which they 907 00:32:11,710 --> 00:32:13,869 obtain a location information from a wide 908 00:32:13,870 --> 00:32:15,790 variety of sources 909 00:32:17,050 --> 00:32:19,359 and they automate guilt 910 00:32:19,360 --> 00:32:20,889 by association. 911 00:32:20,890 --> 00:32:23,169 So if people are traveling together, 912 00:32:23,170 --> 00:32:25,299 hanging out together and they don't 913 00:32:25,300 --> 00:32:27,249 like one of them, then they now don't 914 00:32:27,250 --> 00:32:29,019 like the other one. 915 00:32:29,020 --> 00:32:30,969 And they look at the speed and trajectory 916 00:32:30,970 --> 00:32:33,490 of two people's cell phone patterns 917 00:32:34,540 --> 00:32:36,309 and then say, Oh, they're traveling 918 00:32:36,310 --> 00:32:38,739 together. So given 919 00:32:38,740 --> 00:32:41,049 where we all are, the cell towers around 920 00:32:41,050 --> 00:32:44,079 here is now that a lot of new travelers 921 00:32:44,080 --> 00:32:46,339 to their database. So sorry about that. 922 00:32:46,340 --> 00:32:47,920 You're you're now part of this program. 923 00:32:48,940 --> 00:32:51,219 They also are looking for disposable cell 924 00:32:51,220 --> 00:32:53,289 phones, which is for one of the things 925 00:32:53,290 --> 00:32:55,059 that many people are trying to do in 926 00:32:55,060 --> 00:32:56,529 order to protect themselves from 927 00:32:56,530 --> 00:32:57,699 surveillance. Maybe if they're a 928 00:32:57,700 --> 00:32:59,739 journalist, they want to talk to a source 929 00:32:59,740 --> 00:33:01,749 starting using disposable cell phones. 930 00:33:01,750 --> 00:33:03,939 Well, they're trying to make that more 931 00:33:03,940 --> 00:33:05,529 difficult. They're looking for phones 932 00:33:05,530 --> 00:33:07,239 which are being switched on. 933 00:33:07,240 --> 00:33:09,249 You make a call, you switch it off, and 934 00:33:09,250 --> 00:33:10,869 they're looking for situations in which 935 00:33:10,870 --> 00:33:13,149 you've been using a phone for a while and 936 00:33:13,150 --> 00:33:14,559 then you stop using it. 937 00:33:14,560 --> 00:33:16,409 And then a new phone connect. 938 00:33:16,410 --> 00:33:18,369 So if you are going to be switching to a 939 00:33:18,370 --> 00:33:20,499 new cell phone, 940 00:33:20,500 --> 00:33:22,149 don't do it at the same time. 941 00:33:22,150 --> 00:33:25,029 Leave the old one on for a while. 942 00:33:25,030 --> 00:33:27,369 If you're trying to avoid being tracked 943 00:33:27,370 --> 00:33:29,829 on a phone, leave the phone somewhere 944 00:33:29,830 --> 00:33:31,809 instead of turning it off and on again. 945 00:33:34,480 --> 00:33:36,429 And then they have the targeted 946 00:33:36,430 --> 00:33:37,430 operations. 947 00:33:38,620 --> 00:33:41,379 So in addition to the bulk collection, 948 00:33:41,380 --> 00:33:42,879 they use some of the information obtained 949 00:33:42,880 --> 00:33:44,709 in the bulk collection to go after 950 00:33:44,710 --> 00:33:46,809 specific people. 951 00:33:46,810 --> 00:33:48,880 We know about going after 952 00:33:49,940 --> 00:33:52,359 the Chancellor Merkel's cell phone. 953 00:33:52,360 --> 00:33:54,489 Since before she was the chancellor 954 00:33:54,490 --> 00:33:56,679 using American diplomatic buildings, 955 00:33:56,680 --> 00:33:58,899 they have spied on at least 35 world 956 00:33:58,900 --> 00:33:59,900 leaders. 957 00:34:00,670 --> 00:34:02,229 And they've also has been revealed that 958 00:34:02,230 --> 00:34:04,719 this is not just for 959 00:34:04,720 --> 00:34:07,419 counterterrorism, not just for 960 00:34:07,420 --> 00:34:10,149 international espionage against 961 00:34:10,150 --> 00:34:12,519 adversary states, but 962 00:34:12,520 --> 00:34:14,769 economic spying on allies. 963 00:34:16,389 --> 00:34:18,279 And this comes back to the definition of 964 00:34:18,280 --> 00:34:20,259 foreign intelligence information, which 965 00:34:20,260 --> 00:34:22,178 includes anything having to do with 966 00:34:22,179 --> 00:34:24,069 foreign affairs, the United States. 967 00:34:24,070 --> 00:34:26,319 So economic spying falls 968 00:34:26,320 --> 00:34:27,320 within that system. 969 00:34:29,969 --> 00:34:31,738 They're doing man in the middle there, 970 00:34:31,739 --> 00:34:33,599 the great slide that came out from 971 00:34:33,600 --> 00:34:36,149 Brazilian TV Flying Pig, 972 00:34:37,199 --> 00:34:39,269 which was a program that was organizing 973 00:34:39,270 --> 00:34:41,488 some SSL certificates in order 974 00:34:41,489 --> 00:34:44,099 to basically get around SSL. 975 00:34:44,100 --> 00:34:46,439 They own the router, then 976 00:34:46,440 --> 00:34:48,329 do the attack. 977 00:34:48,330 --> 00:34:50,339 One thing that came out from the flying 978 00:34:50,340 --> 00:34:52,769 pig I, they compare that with PRISM. 979 00:34:52,770 --> 00:34:54,539 It suggests someone in the code named 980 00:34:54,540 --> 00:34:56,939 apartment is a fan of Pink Floyd 981 00:34:56,940 --> 00:34:57,940 album covers. 982 00:35:00,510 --> 00:35:02,519 We've also learned a bit more in the last 983 00:35:02,520 --> 00:35:04,709 couple of days about the 984 00:35:04,710 --> 00:35:07,379 tailored access operations. 985 00:35:07,380 --> 00:35:09,659 The Dow of NSA. 986 00:35:09,660 --> 00:35:11,849 This is where they are doing particular 987 00:35:11,850 --> 00:35:13,739 targeted operations. 988 00:35:13,740 --> 00:35:15,179 We've known about some of them against 989 00:35:15,180 --> 00:35:17,189 the Mexican president's email OPEC. 990 00:35:17,190 --> 00:35:18,299 Others. 991 00:35:18,300 --> 00:35:19,829 One of the ways in which they're 992 00:35:19,830 --> 00:35:22,079 targeting is using the Google pref 993 00:35:22,080 --> 00:35:24,929 cookie. The advantage being that almost 994 00:35:24,930 --> 00:35:27,239 everybody who uses a browser 995 00:35:27,240 --> 00:35:28,769 at some point in time is going to 996 00:35:28,770 --> 00:35:31,049 encounter some Google ads 997 00:35:31,050 --> 00:35:32,669 get a Google pref cookie. 998 00:35:32,670 --> 00:35:34,829 It is theoretically anonymized, but 999 00:35:34,830 --> 00:35:37,229 it is unique enough to have it become 1000 00:35:37,230 --> 00:35:38,610 a point of target. 1001 00:35:40,850 --> 00:35:43,129 And then once they have a target, they 1002 00:35:43,130 --> 00:35:46,279 use the quantum insert, 1003 00:35:46,280 --> 00:35:48,169 this is a diagram actually this this is 1004 00:35:48,170 --> 00:35:49,459 one of the ones that just came out 1005 00:35:49,460 --> 00:35:51,559 yesterday showing how the quantum 1006 00:35:51,560 --> 00:35:53,839 insert method works 1007 00:35:53,840 --> 00:35:55,939 when your communication is going to 1008 00:35:55,940 --> 00:35:57,529 a website. 1009 00:35:57,530 --> 00:35:59,779 They get in the middle, they are 1010 00:35:59,780 --> 00:36:01,639 sitting on the wire, so they're able to 1011 00:36:01,640 --> 00:36:03,829 operate faster than 1012 00:36:03,830 --> 00:36:05,929 the, in this case, Yahoo server. 1013 00:36:05,930 --> 00:36:08,299 Get the tainted communication 1014 00:36:08,300 --> 00:36:10,459 back to you and direct you to 1015 00:36:10,460 --> 00:36:12,829 the Fox acid server. 1016 00:36:12,830 --> 00:36:15,919 The Fox acid server is then 1017 00:36:15,920 --> 00:36:18,619 programed to serve up the appropriate 1018 00:36:18,620 --> 00:36:20,289 malware. 1019 00:36:20,290 --> 00:36:22,729 The actually the codename for the program 1020 00:36:22,730 --> 00:36:24,109 that serves the malware is called the 1021 00:36:24,110 --> 00:36:26,059 ferret cannon. 1022 00:36:26,060 --> 00:36:28,159 So the Ferron Can shoots the malware, 1023 00:36:28,160 --> 00:36:29,389 which which is appropriate for the 1024 00:36:29,390 --> 00:36:30,390 circumstances. 1025 00:36:31,700 --> 00:36:33,829 What they are trying to do is make sure 1026 00:36:33,830 --> 00:36:35,329 that they don't burn too many things. 1027 00:36:35,330 --> 00:36:36,259 So if they think that you're a 1028 00:36:36,260 --> 00:36:37,939 sophisticated user, which they may think 1029 00:36:37,940 --> 00:36:40,069 for many of the people in this audience, 1030 00:36:40,070 --> 00:36:41,779 they're not going to put a sophisticated 1031 00:36:41,780 --> 00:36:42,799 attack on there. 1032 00:36:42,800 --> 00:36:45,469 In case you find it, and then it becomes 1033 00:36:45,470 --> 00:36:47,539 known to the world, depending on 1034 00:36:47,540 --> 00:36:49,009 the value of the target, they may use 1035 00:36:49,010 --> 00:36:50,509 something which is a zero day, or they 1036 00:36:50,510 --> 00:36:52,429 may use something which is not that 1037 00:36:52,430 --> 00:36:53,430 important. 1038 00:36:54,800 --> 00:36:56,510 And then bull run. 1039 00:36:57,590 --> 00:37:00,049 This is sabotage inserting 1040 00:37:00,050 --> 00:37:02,779 vulnerabilities, trying to make 1041 00:37:02,780 --> 00:37:04,939 the crypto systems upon which we all 1042 00:37:04,940 --> 00:37:05,940 rely 1043 00:37:07,010 --> 00:37:09,649 become, well, worthless, 1044 00:37:09,650 --> 00:37:12,709 putting the pseudo and pseudo random. 1045 00:37:12,710 --> 00:37:14,929 So we have learned some pretty 1046 00:37:16,430 --> 00:37:19,099 compelling evidence that 1047 00:37:19,100 --> 00:37:20,149 dual E.C. 1048 00:37:20,150 --> 00:37:22,059 has been horribly compromised. 1049 00:37:22,060 --> 00:37:24,229 Not only that that RSA was 1050 00:37:24,230 --> 00:37:26,569 paid $10 million to 1051 00:37:26,570 --> 00:37:28,129 continue to have it be part of the 1052 00:37:28,130 --> 00:37:29,130 standard. 1053 00:37:29,960 --> 00:37:32,419 And then apparently in 2010, 1054 00:37:32,420 --> 00:37:34,759 using the sabotage program, 1055 00:37:34,760 --> 00:37:36,469 they were able to break through vast 1056 00:37:36,470 --> 00:37:38,419 amounts of data. 1057 00:37:38,420 --> 00:37:40,789 We still don't know exactly what that is, 1058 00:37:42,140 --> 00:37:43,760 but it is 1059 00:37:45,800 --> 00:37:47,149 well, it's allowing them to look at 1060 00:37:47,150 --> 00:37:49,249 things which seem to be encrypted 1061 00:37:49,250 --> 00:37:51,829 on on the wires. 1062 00:37:51,830 --> 00:37:53,899 They've also been very interested in 1063 00:37:53,900 --> 00:37:55,099 going after tours. 1064 00:37:56,660 --> 00:37:58,729 The good news here is that 1065 00:37:58,730 --> 00:38:01,099 Tor, the fundamental security 1066 00:38:01,100 --> 00:38:02,689 appears to be intact. 1067 00:38:02,690 --> 00:38:05,449 They are going after the Firefox bugs 1068 00:38:05,450 --> 00:38:07,549 that are with the Tor browser 1069 00:38:07,550 --> 00:38:09,409 bundle using Firefox. 1070 00:38:10,520 --> 00:38:12,619 We actually have an example of 1071 00:38:12,620 --> 00:38:15,079 this technique that was was revealed 1072 00:38:15,080 --> 00:38:17,479 in the NSA slides being used 1073 00:38:17,480 --> 00:38:19,669 on Freedom Post, which was using 1074 00:38:19,670 --> 00:38:22,099 a JavaScript bug to 1075 00:38:22,100 --> 00:38:24,169 identify people who went to dot 1076 00:38:24,170 --> 00:38:25,849 onion routers that were being hosted on 1077 00:38:25,850 --> 00:38:27,559 Freedom Host. 1078 00:38:27,560 --> 00:38:29,149 When they were doing this, it was rather 1079 00:38:29,150 --> 00:38:30,259 not discriminatory. 1080 00:38:30,260 --> 00:38:32,779 Any buddy who went to freedom host, 1081 00:38:32,780 --> 00:38:34,489 whether as one of the targeted sites 1082 00:38:34,490 --> 00:38:36,559 which were serving child 1083 00:38:36,560 --> 00:38:38,659 porn, or if it was somebody who was 1084 00:38:38,660 --> 00:38:40,939 using it for an opposition site 1085 00:38:40,940 --> 00:38:42,229 and activism site. 1086 00:38:42,230 --> 00:38:44,509 All of them got this bug and 1087 00:38:44,510 --> 00:38:46,879 they were used to track them back. 1088 00:38:46,880 --> 00:38:48,109 And I think this this is a little bit 1089 00:38:48,110 --> 00:38:50,269 dangerous. We we made actually, this was 1090 00:38:50,270 --> 00:38:52,339 the graphic at the bottom is a 1091 00:38:52,340 --> 00:38:54,769 modification that we made of. 1092 00:38:54,770 --> 00:38:56,839 The NSA graphic to show why 1093 00:38:56,840 --> 00:38:59,089 this matters is that it's very hard 1094 00:38:59,090 --> 00:39:00,229 to tell the difference between a 1095 00:39:00,230 --> 00:39:02,239 terrorist with the Tor client installed 1096 00:39:02,240 --> 00:39:04,309 and an activist with the Tor class. 1097 00:39:04,310 --> 00:39:06,379 But it's important not to treat them the 1098 00:39:06,380 --> 00:39:08,449 same and to realize that 1099 00:39:08,450 --> 00:39:10,670 activists used and depend on Tor. 1100 00:39:12,940 --> 00:39:14,469 We've also heard from the government that 1101 00:39:14,470 --> 00:39:16,209 there hasn't been any views. 1102 00:39:16,210 --> 00:39:17,619 We heard that for a while and then an 1103 00:39:17,620 --> 00:39:19,749 audit came out finding that 1104 00:39:19,750 --> 00:39:21,969 there were two thousand seven hundred 1105 00:39:21,970 --> 00:39:24,189 seventy six incidences in 1106 00:39:24,190 --> 00:39:26,589 one year of unauthorized collection, 1107 00:39:26,590 --> 00:39:28,479 and this was just in the D.C. 1108 00:39:28,480 --> 00:39:30,909 and Fort Meade area, which was 1109 00:39:30,910 --> 00:39:33,309 one of or two of several 1110 00:39:33,310 --> 00:39:35,379 NSA areas. 1111 00:39:35,380 --> 00:39:37,599 Things. There's only one thing this 1112 00:39:37,600 --> 00:39:39,309 was not abuse. 1113 00:39:39,310 --> 00:39:41,859 So somebody mistyped 1114 00:39:41,860 --> 00:39:42,939 a country code. 1115 00:39:42,940 --> 00:39:45,159 Instead of putting in to indicate Egypt, 1116 00:39:45,160 --> 00:39:47,229 they put in 202, which is the area 1117 00:39:47,230 --> 00:39:49,599 code for Washington, D.C. 1118 00:39:49,600 --> 00:39:51,879 And they got all of the communications 1119 00:39:51,880 --> 00:39:53,379 in Washington. 1120 00:39:53,380 --> 00:39:55,509 And this was deemed to be no big 1121 00:39:55,510 --> 00:39:57,759 deal because it pertained to metadata. 1122 00:39:57,760 --> 00:40:00,549 So there were no defects to report. 1123 00:40:00,550 --> 00:40:02,229 So when you hear the government say 1124 00:40:02,230 --> 00:40:03,699 things about, there isn't that much 1125 00:40:03,700 --> 00:40:04,599 abuse. 1126 00:40:04,600 --> 00:40:06,279 Remember that they might be doing things. 1127 00:40:06,280 --> 00:40:08,169 We're saying, Well, this wasn't the 1128 00:40:08,170 --> 00:40:10,089 category of things that rise in the level 1129 00:40:10,090 --> 00:40:12,279 of abuse, but you might not agree with 1130 00:40:12,280 --> 00:40:13,779 what their standards are. 1131 00:40:13,780 --> 00:40:15,909 It also reveals something rather amazing 1132 00:40:15,910 --> 00:40:18,159 about the program that you could actually 1133 00:40:18,160 --> 00:40:20,499 have something by making a typo 1134 00:40:20,500 --> 00:40:22,420 between 20 and 202. 1135 00:40:24,430 --> 00:40:26,589 There's no further check you put into 1136 00:40:26,590 --> 00:40:28,989 or to hit the return key 1137 00:40:28,990 --> 00:40:30,879 and off you go without it saying, you 1138 00:40:30,880 --> 00:40:32,379 know, are you really sure that you want 1139 00:40:32,380 --> 00:40:33,380 to do this? 1140 00:40:34,510 --> 00:40:37,149 This is putting tremendous power 1141 00:40:37,150 --> 00:40:40,239 in the hands of analysts 1142 00:40:40,240 --> 00:40:43,059 without much oversight. 1143 00:40:43,060 --> 00:40:44,669 And then another form of abuse that came 1144 00:40:44,670 --> 00:40:46,779 about they it was cute because they had 1145 00:40:46,780 --> 00:40:47,799 even a name for it. 1146 00:40:47,800 --> 00:40:49,059 Love it. 1147 00:40:49,060 --> 00:40:51,399 Where there were at least 10 incidents 1148 00:40:51,400 --> 00:40:53,469 where people were using their NSA super 1149 00:40:53,470 --> 00:40:55,809 powers to look after their ex-lovers 1150 00:40:55,810 --> 00:40:58,149 and spouses and see what they were up to. 1151 00:40:58,150 --> 00:40:59,469 And you might say, well, you know, 10 1152 00:40:59,470 --> 00:41:01,689 incidents, it's offensive, 1153 00:41:01,690 --> 00:41:03,489 but not not that many. 1154 00:41:03,490 --> 00:41:04,779 But keep in mind that these are 1155 00:41:04,780 --> 00:41:07,119 tendencies of self-reported ten 1156 00:41:07,120 --> 00:41:09,219 times people came and told 1157 00:41:09,220 --> 00:41:11,319 them that they had misused their 1158 00:41:11,320 --> 00:41:12,320 powers. 1159 00:41:13,690 --> 00:41:15,339 This is not 10 incidents that they have 1160 00:41:15,340 --> 00:41:17,529 found. After thoroughly scoring what 1161 00:41:17,530 --> 00:41:19,659 everybody was doing and then finding what 1162 00:41:19,660 --> 00:41:20,660 was being done. 1163 00:41:22,610 --> 00:41:24,499 One of the things they're also using for 1164 00:41:24,500 --> 00:41:27,529 is discrediting radicalizes, 1165 00:41:27,530 --> 00:41:28,819 so they look at what they call 1166 00:41:28,820 --> 00:41:30,649 radicalizes and then look at things like 1167 00:41:30,650 --> 00:41:32,869 their visits to porn sites, look at their 1168 00:41:32,870 --> 00:41:35,089 online promiscuity, try 1169 00:41:35,090 --> 00:41:37,339 and find things that will make their 1170 00:41:37,340 --> 00:41:38,419 voice less 1171 00:41:39,470 --> 00:41:40,429 valuable. 1172 00:41:40,430 --> 00:41:42,349 And what they deem are radicalizes are 1173 00:41:42,350 --> 00:41:44,059 people who speak to extremist 1174 00:41:44,060 --> 00:41:45,060 communities. 1175 00:41:46,250 --> 00:41:48,409 And so it's not so much that they are 1176 00:41:48,410 --> 00:41:50,899 doing anything illegal themselves. 1177 00:41:50,900 --> 00:41:52,999 But there might be inspire somebody 1178 00:41:53,000 --> 00:41:55,339 else to take some views that the NSA 1179 00:41:55,340 --> 00:41:57,679 doesn't like and using 1180 00:41:57,680 --> 00:41:59,479 this to undercut their message. 1181 00:41:59,480 --> 00:42:02,299 So what are we doing about it? 1182 00:42:02,300 --> 00:42:04,609 Well, one thing that we're doing is 1183 00:42:04,610 --> 00:42:07,939 working on legislation and activism. 1184 00:42:07,940 --> 00:42:09,769 If worked with the Stop Watching US 1185 00:42:09,770 --> 00:42:11,899 coalition and we got over half 1186 00:42:11,900 --> 00:42:14,269 a million petition signatures delivered 1187 00:42:14,270 --> 00:42:16,549 to the US Congress, it's myself 1188 00:42:16,550 --> 00:42:19,039 and our activism director Rainey Reitman 1189 00:42:19,040 --> 00:42:21,019 delivering those signatures in the US 1190 00:42:21,020 --> 00:42:22,519 Capitol. 1191 00:42:22,520 --> 00:42:24,589 We have been interpreting what 1192 00:42:24,590 --> 00:42:26,389 the meaning of both, what the programs 1193 00:42:26,390 --> 00:42:28,879 are and what the laws are 1194 00:42:28,880 --> 00:42:31,879 for the public so they can understand 1195 00:42:31,880 --> 00:42:32,779 the bills. 1196 00:42:32,780 --> 00:42:34,849 We've been looking at US law, so 1197 00:42:34,850 --> 00:42:36,620 there are two bills currently 1198 00:42:37,880 --> 00:42:40,459 that have prominence in the US Congress 1199 00:42:40,460 --> 00:42:42,649 trying to address it. 1200 00:42:42,650 --> 00:42:45,049 One is a fake fix from 1201 00:42:45,050 --> 00:42:46,909 Senator Feinstein and Representative 1202 00:42:46,910 --> 00:42:49,609 Rogers. It is designed to actually 1203 00:42:49,610 --> 00:42:52,069 do nothing about the surveillance. 1204 00:42:52,070 --> 00:42:54,379 Sort of the answer to it being illegal 1205 00:42:54,380 --> 00:42:56,639 is to pass laws to make it more 1206 00:42:56,640 --> 00:42:57,640 illegal. 1207 00:42:58,430 --> 00:43:00,589 And the other from Senator Leahy and 1208 00:43:00,590 --> 00:43:03,049 Sensenbrenner, which is actually trying 1209 00:43:03,050 --> 00:43:05,359 to rein in the NSA. 1210 00:43:05,360 --> 00:43:07,189 Those bills are going forward, so watch 1211 00:43:07,190 --> 00:43:09,379 watch for them and hopefully through 1212 00:43:09,380 --> 00:43:11,029 the Leahy and Sensenbrenner bill, we can 1213 00:43:11,030 --> 00:43:13,159 get some improvements and get some 1214 00:43:13,160 --> 00:43:16,279 U.S. laws that will rein in the NSA. 1215 00:43:16,280 --> 00:43:17,659 But there's more than just the U.S. 1216 00:43:17,660 --> 00:43:20,119 laws. We're also pushing forward a 13 1217 00:43:20,120 --> 00:43:22,549 principles for 1218 00:43:22,550 --> 00:43:24,469 international spying. 1219 00:43:24,470 --> 00:43:26,299 This is basically principles to be 1220 00:43:26,300 --> 00:43:28,400 adopted by various countries 1221 00:43:29,900 --> 00:43:32,119 legal systems on when 1222 00:43:32,120 --> 00:43:34,459 it is appropriate to 1223 00:43:34,460 --> 00:43:36,679 conduct surveillance, making sure that 1224 00:43:36,680 --> 00:43:38,899 it is only when it is necessary 1225 00:43:38,900 --> 00:43:40,489 and only used in a manner that is 1226 00:43:40,490 --> 00:43:41,539 proportionate. 1227 00:43:41,540 --> 00:43:43,489 So please go check out necessary and 1228 00:43:43,490 --> 00:43:45,109 proportionate dot net to read the 1229 00:43:45,110 --> 00:43:46,399 principles. 1230 00:43:46,400 --> 00:43:48,799 If you agree with them, you can sign 1231 00:43:48,800 --> 00:43:50,869 over 300 organizations have signed on 1232 00:43:50,870 --> 00:43:53,029 to it. And these principles have 1233 00:43:53,030 --> 00:43:54,499 become the basis for a U.N. 1234 00:43:54,500 --> 00:43:55,500 resolution. 1235 00:43:56,330 --> 00:43:58,429 There are also some legal processes that 1236 00:43:58,430 --> 00:44:00,409 have been going forward. 1237 00:44:00,410 --> 00:44:02,719 The Privacy International has submitted 1238 00:44:02,720 --> 00:44:04,819 a claim to the European 1239 00:44:04,820 --> 00:44:07,039 Convention on Human Rights 1240 00:44:07,040 --> 00:44:09,409 and the Organization of American States 1241 00:44:09,410 --> 00:44:10,610 has been holding hearing. 1242 00:44:12,410 --> 00:44:14,629 But in addition to 1243 00:44:14,630 --> 00:44:16,190 legal wolf. 1244 00:44:18,710 --> 00:44:19,710 Sorry about that. 1245 00:44:22,360 --> 00:44:24,549 There will, in addition 1246 00:44:24,550 --> 00:44:26,799 to the legal and policy 1247 00:44:26,800 --> 00:44:28,479 efforts, there are things that we can do 1248 00:44:28,480 --> 00:44:30,609 with technology fighting their their 1249 00:44:30,610 --> 00:44:33,009 technology with better technology. 1250 00:44:33,010 --> 00:44:35,589 Now one of them here is https everywhere. 1251 00:44:35,590 --> 00:44:37,689 This is an EFT project 1252 00:44:37,690 --> 00:44:39,999 as a browser add on that you can use 1253 00:44:40,000 --> 00:44:42,549 to make sure that any site that can be 1254 00:44:42,550 --> 00:44:44,619 HBC is a tbese. 1255 00:44:46,300 --> 00:44:48,429 But there's a lot of work that still 1256 00:44:48,430 --> 00:44:50,319 needs to be done, and hopefully some of 1257 00:44:50,320 --> 00:44:51,879 the people in this room can work on these 1258 00:44:51,880 --> 00:44:54,189 projects. I think, most importantly, 1259 00:44:54,190 --> 00:44:56,709 is to make these technologies easy 1260 00:44:56,710 --> 00:44:57,849 to use. 1261 00:44:57,850 --> 00:44:59,919 So there are technologies that provide 1262 00:44:59,920 --> 00:45:01,599 and end encryption for phones, for 1263 00:45:01,600 --> 00:45:03,669 instant messaging and text, 1264 00:45:03,670 --> 00:45:05,979 but they're not very easy to use 1265 00:45:05,980 --> 00:45:07,629 and to make them so basically that 1266 00:45:07,630 --> 00:45:10,269 anybody can use these technologies. 1267 00:45:10,270 --> 00:45:12,369 In fact, that everybody is using 1268 00:45:12,370 --> 00:45:14,469 these technologies and then try and make 1269 00:45:14,470 --> 00:45:16,359 sure that we're adding additional 1270 00:45:16,360 --> 00:45:18,999 encryption to data, rest 1271 00:45:19,000 --> 00:45:20,290 to data in transit 1272 00:45:21,370 --> 00:45:23,319 looking well. And we found actually, if 1273 00:45:23,320 --> 00:45:25,619 you went to Jake's talk this morning, 1274 00:45:25,620 --> 00:45:27,879 we did a lot of work to secure 1275 00:45:27,880 --> 00:45:30,339 things like our disk drives, 1276 00:45:30,340 --> 00:45:32,949 our flash memory, our hardware. 1277 00:45:32,950 --> 00:45:35,049 We need to shore up our crypto 1278 00:45:35,050 --> 00:45:36,999 tools against sabotage. 1279 00:45:37,000 --> 00:45:39,219 Take a close look at all of the standards 1280 00:45:39,220 --> 00:45:41,229 that have been promulgated by NEST.. 1281 00:45:41,230 --> 00:45:43,299 It looks like that process has been 1282 00:45:43,300 --> 00:45:45,819 compromised and we need independent 1283 00:45:45,820 --> 00:45:47,889 Open-Source tools that people can 1284 00:45:47,890 --> 00:45:48,890 trust. 1285 00:45:57,670 --> 00:46:00,099 So and there is a lot that you can do. 1286 00:46:00,100 --> 00:46:01,449 You can start and I think a lot of you 1287 00:46:01,450 --> 00:46:02,949 are already doing this by paying 1288 00:46:02,950 --> 00:46:04,769 attention. There's a lot going on in a 1289 00:46:04,770 --> 00:46:06,759 lot of information, but absorb that 1290 00:46:06,760 --> 00:46:08,349 information. Look at it. 1291 00:46:08,350 --> 00:46:10,059 Share that information. 1292 00:46:10,060 --> 00:46:11,649 You all probably know somebody who knows 1293 00:46:11,650 --> 00:46:12,939 a little bit about this and should 1294 00:46:12,940 --> 00:46:14,619 probably know more. 1295 00:46:14,620 --> 00:46:16,689 Also vote. 1296 00:46:16,690 --> 00:46:19,059 Make sure that your representatives know 1297 00:46:19,060 --> 00:46:20,980 that this is very important to you, 1298 00:46:22,000 --> 00:46:24,069 and they can put pressure on 1299 00:46:24,070 --> 00:46:26,259 the US government to try and rein 1300 00:46:26,260 --> 00:46:27,429 in the spying. 1301 00:46:27,430 --> 00:46:28,929 And this is actually we've already seen 1302 00:46:28,930 --> 00:46:30,519 some of this. Some of the governments, 1303 00:46:30,520 --> 00:46:32,589 including Germany, have been putting 1304 00:46:32,590 --> 00:46:34,809 pressure on the U.S. 1305 00:46:34,810 --> 00:46:36,760 to stop spying as much 1306 00:46:38,440 --> 00:46:39,440 and 1307 00:46:40,870 --> 00:46:43,359 well, hopefully that 1308 00:46:43,360 --> 00:46:45,189 the economic pressure is really what's 1309 00:46:45,190 --> 00:46:46,569 going to do it. 1310 00:46:46,570 --> 00:46:49,009 Diplomatic pressure is nice and I think 1311 00:46:49,010 --> 00:46:50,049 needs to be done. 1312 00:46:50,050 --> 00:46:52,239 But also what we're seeing is a lot 1313 00:46:52,240 --> 00:46:54,009 of economic pressure coming from other 1314 00:46:54,010 --> 00:46:56,259 countries where it's affecting U.S. 1315 00:46:56,260 --> 00:46:57,939 businesses. And that's something that 1316 00:46:57,940 --> 00:47:00,669 Congress does listen to. 1317 00:47:00,670 --> 00:47:01,929 Another thing that's very important to 1318 00:47:01,930 --> 00:47:04,510 you is use all of these tools. 1319 00:47:05,560 --> 00:47:08,079 We want it so that these encryption 1320 00:47:08,080 --> 00:47:10,629 tools, safety tools and itemization tools 1321 00:47:10,630 --> 00:47:12,849 are used by everybody, 1322 00:47:12,850 --> 00:47:14,919 not just by people 1323 00:47:14,920 --> 00:47:18,009 who the NSA is trying to target, 1324 00:47:18,010 --> 00:47:20,379 but that we are all using encryption 1325 00:47:20,380 --> 00:47:22,389 all of the time. Now, some forms of 1326 00:47:22,390 --> 00:47:23,679 encryption are becoming quite 1327 00:47:23,680 --> 00:47:25,899 commonplace, like transport 1328 00:47:25,900 --> 00:47:28,149 layer security, but end to end encryption 1329 00:47:28,150 --> 00:47:30,129 is rare. So start using it, start using 1330 00:47:30,130 --> 00:47:32,049 it more frequently and get your friends 1331 00:47:32,050 --> 00:47:32,979 to use it. 1332 00:47:32,980 --> 00:47:36,279 And then finally build the tools, 1333 00:47:36,280 --> 00:47:38,439 build the tools that are going to make a 1334 00:47:38,440 --> 00:47:40,659 future that you would want to live in. 1335 00:47:40,660 --> 00:47:42,849 We have a choice now of moving forward 1336 00:47:42,850 --> 00:47:44,619 to a future which is going to be like a 1337 00:47:44,620 --> 00:47:45,819 dystopian Philip K. 1338 00:47:45,820 --> 00:47:47,019 Dick novel. 1339 00:47:47,020 --> 00:47:49,089 Or we can have a bright future, a 1340 00:47:49,090 --> 00:47:51,399 future that has privacy for future, 1341 00:47:51,400 --> 00:47:53,409 that has security, and you can build the 1342 00:47:53,410 --> 00:47:55,479 tools to get to the future that 1343 00:47:55,480 --> 00:47:56,859 you want. 1344 00:47:56,860 --> 00:47:57,940 So thank you. 1345 00:48:03,830 --> 00:48:06,079 OK, thank you very much 1346 00:48:06,080 --> 00:48:06,259 for 1347 00:48:06,260 --> 00:48:07,880 this very interesting talk. 1348 00:48:09,200 --> 00:48:11,329 So we have still a lot of time for 1349 00:48:11,330 --> 00:48:12,799 questions. We're going to start with the 1350 00:48:12,800 --> 00:48:15,109 internet. People in the room can line 1351 00:48:15,110 --> 00:48:17,059 up behind one of the microphones and ask 1352 00:48:17,060 --> 00:48:18,019 your question. 1353 00:48:18,020 --> 00:48:19,699 Do we have a question from the I.R.S. 1354 00:48:19,700 --> 00:48:20,700 or Twitter? 1355 00:48:21,470 --> 00:48:23,539 Speaking at auction in 1356 00:48:23,540 --> 00:48:26,329 June, John Parabola pledged that the ESF 1357 00:48:26,330 --> 00:48:28,399 would do more to fight for the 1358 00:48:28,400 --> 00:48:29,689 rights of more Americans. 1359 00:48:29,690 --> 00:48:31,879 The question coming from the IOC 1360 00:48:31,880 --> 00:48:34,129 now is what, if anything, 1361 00:48:34,130 --> 00:48:36,259 that he is following through on 1362 00:48:36,260 --> 00:48:37,260 this promise. 1363 00:48:38,060 --> 00:48:40,039 So I'm sorry the question was fighting 1364 00:48:40,040 --> 00:48:42,949 for the rights of non-Americans. 1365 00:48:42,950 --> 00:48:44,119 Yes. 1366 00:48:44,120 --> 00:48:45,979 Yes, indeed, so we have been working on 1367 00:48:45,980 --> 00:48:48,559 it, and I think probably most prominently 1368 00:48:48,560 --> 00:48:51,739 is the necessary and proportionate 1369 00:48:51,740 --> 00:48:54,229 project, putting forth the 1370 00:48:54,230 --> 00:48:56,809 13 principles and 1371 00:48:56,810 --> 00:49:00,589 organizing the three organizations 1372 00:49:00,590 --> 00:49:02,359 to sign on to the principles, 1373 00:49:02,360 --> 00:49:04,759 promulgating them to various 1374 00:49:04,760 --> 00:49:06,829 countries around the world 1375 00:49:06,830 --> 00:49:09,679 and now also to the United Nations 1376 00:49:09,680 --> 00:49:11,659 to get countries to adopt these 1377 00:49:11,660 --> 00:49:12,660 principles. 1378 00:49:13,850 --> 00:49:16,129 Also, we are trying to 1379 00:49:16,130 --> 00:49:17,779 stop the programs through the court 1380 00:49:17,780 --> 00:49:19,879 system and if 1381 00:49:19,880 --> 00:49:22,489 the if the programs stop, 1382 00:49:22,490 --> 00:49:24,319 then this will affect both ends of the 1383 00:49:24,320 --> 00:49:25,320 calls. 1384 00:49:26,030 --> 00:49:28,549 And so we're hopeful that 1385 00:49:28,550 --> 00:49:29,989 by finding that these things are 1386 00:49:29,990 --> 00:49:32,149 unconstitutional, that this can put 1387 00:49:32,150 --> 00:49:34,040 a significant reign on the program. 1388 00:49:36,090 --> 00:49:38,039 OK. Microphone three, please. 1389 00:49:38,040 --> 00:49:40,319 Yes. Hello, thanks for the great 1390 00:49:40,320 --> 00:49:42,089 lecture. I loved it. 1391 00:49:42,090 --> 00:49:44,399 One comment when I read to the name 1392 00:49:44,400 --> 00:49:46,199 of the cell phone tracking program 1393 00:49:46,200 --> 00:49:48,299 Fuschia some 1394 00:49:48,300 --> 00:49:50,249 little history. When Benito Mussolini 1395 00:49:50,250 --> 00:49:52,389 started his fascist 1396 00:49:52,390 --> 00:49:54,659 work in Italy in the 1920s 1397 00:49:54,660 --> 00:49:56,759 and 1930s, the name of their groups 1398 00:49:56,760 --> 00:49:58,679 was fuschia dipartimento. 1399 00:49:58,680 --> 00:50:00,299 You can read it in Wikipedia. 1400 00:50:00,300 --> 00:50:02,399 So perhaps they've chosen this name 1401 00:50:02,400 --> 00:50:03,839 by accident? Perhaps not. 1402 00:50:03,840 --> 00:50:04,799 I don't know. 1403 00:50:04,800 --> 00:50:06,089 But OK. 1404 00:50:06,090 --> 00:50:07,229 Two short questions. 1405 00:50:07,230 --> 00:50:09,389 Is there any evidence that 1406 00:50:09,390 --> 00:50:11,639 they used their knowledge 1407 00:50:11,640 --> 00:50:13,739 of every body of everything 1408 00:50:13,740 --> 00:50:15,839 to to choose the 1409 00:50:15,840 --> 00:50:17,879 politicians or managers they would like 1410 00:50:17,880 --> 00:50:19,739 to have? Because when there is an 1411 00:50:19,740 --> 00:50:21,809 upcoming politician who is perhaps 1412 00:50:21,810 --> 00:50:23,969 against surveillance or against America, 1413 00:50:23,970 --> 00:50:26,429 against anything, they could just link 1414 00:50:27,510 --> 00:50:29,819 bat news to the media, for example, which 1415 00:50:29,820 --> 00:50:31,919 party watches in the night in his room? 1416 00:50:31,920 --> 00:50:33,809 First question, second question. 1417 00:50:33,810 --> 00:50:35,549 The Genie program. 1418 00:50:35,550 --> 00:50:37,679 They spend six hundred million dollars in 1419 00:50:37,680 --> 00:50:39,749 2012 to insert the backdoors in 1420 00:50:39,750 --> 00:50:40,649 hardware. 1421 00:50:40,650 --> 00:50:42,779 Is there any evidence that they backdoor 1422 00:50:42,780 --> 00:50:45,749 the bios of the firmware default? 1423 00:50:45,750 --> 00:50:47,519 In this case, you don't need to care 1424 00:50:47,520 --> 00:50:49,799 about any encryption because you get all 1425 00:50:49,800 --> 00:50:52,109 the key 1426 00:50:52,110 --> 00:50:53,940 keystrokes from the bios. 1427 00:50:55,320 --> 00:50:57,269 OK, very good questions on the first 1428 00:50:57,270 --> 00:50:59,399 question. I have not seen evidence 1429 00:50:59,400 --> 00:51:01,469 that the current program 1430 00:51:01,470 --> 00:51:03,629 has been used to undermine 1431 00:51:03,630 --> 00:51:06,209 people, except for the six people 1432 00:51:06,210 --> 00:51:08,579 who were not identified 1433 00:51:08,580 --> 00:51:10,020 but mentioned in a 1434 00:51:11,480 --> 00:51:13,539 basic of the radicalism that 1435 00:51:13,540 --> 00:51:14,969 we were talking before. 1436 00:51:14,970 --> 00:51:17,099 But the slides did not identify who those 1437 00:51:17,100 --> 00:51:18,270 radicalized heroes were. 1438 00:51:19,740 --> 00:51:21,359 On the question of have they undermined 1439 00:51:21,360 --> 00:51:23,999 it? There is an unfortunate history. 1440 00:51:24,000 --> 00:51:26,159 If we look back at 1441 00:51:26,160 --> 00:51:28,379 J. Edgar Hoover, who is the director of 1442 00:51:28,380 --> 00:51:29,789 the American Federal Bureau of 1443 00:51:29,790 --> 00:51:33,029 Investigation for decades, 1444 00:51:33,030 --> 00:51:34,030 he actually did 1445 00:51:35,130 --> 00:51:38,309 get information about some of the 1446 00:51:38,310 --> 00:51:40,589 more embarrassing materials about 1447 00:51:40,590 --> 00:51:42,779 people he needed to work with 1448 00:51:42,780 --> 00:51:44,729 and is alleged to have used that 1449 00:51:44,730 --> 00:51:46,929 information to obtain, 1450 00:51:46,930 --> 00:51:48,809 you know, favorable budgets for the FBI 1451 00:51:48,810 --> 00:51:50,549 and things that he was won. 1452 00:51:50,550 --> 00:51:52,799 So there is a unfortunate 1453 00:51:52,800 --> 00:51:55,199 and dangerous history of that happening, 1454 00:51:55,200 --> 00:51:57,299 but we haven't seen direct evidence 1455 00:51:57,300 --> 00:51:59,639 that it has happened right now. 1456 00:51:59,640 --> 00:52:02,009 And on your second question about 1457 00:52:02,010 --> 00:52:03,010 worrying about 1458 00:52:04,680 --> 00:52:07,709 going on attacks on bias, 1459 00:52:07,710 --> 00:52:09,869 I don't know if you saw Jake talk from 1460 00:52:09,870 --> 00:52:12,029 earlier today, but it was revealing 1461 00:52:12,030 --> 00:52:14,459 a lot of stuff about their 1462 00:52:14,460 --> 00:52:16,739 misuse of bias and attacks 1463 00:52:16,740 --> 00:52:18,029 on hardware. 1464 00:52:18,030 --> 00:52:20,309 So I would suggest you take a look at 1465 00:52:20,310 --> 00:52:22,379 that talk and the slides that 1466 00:52:22,380 --> 00:52:25,049 were revealed in today's Der Spiegel. 1467 00:52:25,050 --> 00:52:26,219 Thank you. 1468 00:52:26,220 --> 00:52:27,119 Thank you. 1469 00:52:27,120 --> 00:52:29,549 So, Kristen, from the internet again, 1470 00:52:29,550 --> 00:52:31,889 one question coming from AOC 1471 00:52:31,890 --> 00:52:34,199 wasn't how could an individual 1472 00:52:34,200 --> 00:52:34,859 detect or 1473 00:52:34,860 --> 00:52:37,109 help to detect censorship if and if, 1474 00:52:37,110 --> 00:52:39,179 if of any form, for instance, 1475 00:52:39,180 --> 00:52:40,320 on broadband connection? 1476 00:52:42,080 --> 00:52:44,420 So how can you detect censorship? 1477 00:52:47,060 --> 00:52:49,429 Well, it's an interesting question, so 1478 00:52:49,430 --> 00:52:51,109 I guess if I'm interpreting this question 1479 00:52:51,110 --> 00:52:53,569 correctly, it's how would you know 1480 00:52:53,570 --> 00:52:55,759 if you are going across 1481 00:52:55,760 --> 00:52:58,099 a broadband that what you are 1482 00:52:58,100 --> 00:53:00,349 obtaining is what you 1483 00:53:00,350 --> 00:53:01,339 expected to obtain? 1484 00:53:01,340 --> 00:53:04,189 And we can see from the quantum insert 1485 00:53:04,190 --> 00:53:06,289 that they can modify what you are 1486 00:53:06,290 --> 00:53:08,510 receiving when you go out into 1487 00:53:09,560 --> 00:53:11,869 the web and give you back 1488 00:53:11,870 --> 00:53:14,359 something which is different from what 1489 00:53:14,360 --> 00:53:16,489 was originally planned to be given to 1490 00:53:16,490 --> 00:53:18,619 you. And I guess the way to do that 1491 00:53:18,620 --> 00:53:20,119 is from checking things through 1492 00:53:20,120 --> 00:53:22,049 alternative channels. 1493 00:53:22,050 --> 00:53:23,989 If what you're receiving is something 1494 00:53:23,990 --> 00:53:25,849 different from what somebody else is 1495 00:53:25,850 --> 00:53:27,949 receiving, then that may suggest that 1496 00:53:27,950 --> 00:53:30,709 one of these things has been modified. 1497 00:53:30,710 --> 00:53:32,839 So it's 1498 00:53:32,840 --> 00:53:34,279 a way of detecting it. 1499 00:53:34,280 --> 00:53:36,439 It's my understanding that for 1500 00:53:36,440 --> 00:53:38,359 most of this one, they are injecting 1501 00:53:38,360 --> 00:53:39,919 packets and giving things which are 1502 00:53:39,920 --> 00:53:41,899 different from what you're intending. 1503 00:53:41,900 --> 00:53:43,699 It's designed to be sneaky. 1504 00:53:43,700 --> 00:53:45,589 It's designed to not be detectable. 1505 00:53:45,590 --> 00:53:46,639 And if you're changing 1506 00:53:47,810 --> 00:53:49,939 what is being transmitted, then that is 1507 00:53:49,940 --> 00:53:51,259 somewhat detectable. 1508 00:53:51,260 --> 00:53:53,419 Though there's another form of censorship 1509 00:53:53,420 --> 00:53:55,879 that is going on, it is very unfortunate, 1510 00:53:55,880 --> 00:53:57,829 which is the self-censorship of 1511 00:53:57,830 --> 00:54:00,199 intimidation that happens when you know 1512 00:54:00,200 --> 00:54:02,449 that your communications may be monitored 1513 00:54:02,450 --> 00:54:04,039 and then you may not go and get the 1514 00:54:04,040 --> 00:54:05,599 information that you need. 1515 00:54:05,600 --> 00:54:07,099 And this is why it's very important to 1516 00:54:07,100 --> 00:54:10,129 use tools. Tools like the Tor browser 1517 00:54:10,130 --> 00:54:12,409 use encryption technologies so 1518 00:54:12,410 --> 00:54:14,689 that you can go and get the information 1519 00:54:14,690 --> 00:54:16,669 you need with more confidence. 1520 00:54:18,730 --> 00:54:19,730 OK. 1521 00:54:23,730 --> 00:54:25,379 Number four, please. 1522 00:54:25,380 --> 00:54:27,599 Yes, I was interested 1523 00:54:27,600 --> 00:54:29,399 about the programs that you have like, it 1524 00:54:29,400 --> 00:54:31,649 just gives everywhere and stuff so 1525 00:54:31,650 --> 00:54:33,779 that maybe one day we'll have 1526 00:54:33,780 --> 00:54:35,099 encryption by default. 1527 00:54:35,100 --> 00:54:36,629 But I was also thinking maybe, maybe one 1528 00:54:36,630 --> 00:54:38,789 day, wouldn't it be possible to 1529 00:54:38,790 --> 00:54:41,279 just spam the NSA by by having 1530 00:54:41,280 --> 00:54:43,559 daemon servers running on my computer? 1531 00:54:43,560 --> 00:54:45,359 That's sending hours, emails with the 1532 00:54:45,360 --> 00:54:47,339 buzzwords in there and encrypting 1533 00:54:47,340 --> 00:54:49,439 nonsense and sending you oversaw the NSA 1534 00:54:49,440 --> 00:54:51,119 will save it because it's encrypted. 1535 00:54:51,120 --> 00:54:52,409 Are you working on such a program? 1536 00:54:52,410 --> 00:54:53,879 Because I think in the beginning, the 1537 00:54:53,880 --> 00:54:55,829 people who are using it will be exposed. 1538 00:54:55,830 --> 00:54:57,239 And so it would be good to have an 1539 00:54:57,240 --> 00:54:59,639 organization who was running this 1540 00:54:59,640 --> 00:55:01,379 at one point of a time so that many users 1541 00:55:01,380 --> 00:55:02,609 join at the same time. 1542 00:55:02,610 --> 00:55:04,739 But not no one is really exposed to 1543 00:55:04,740 --> 00:55:06,809 the NSA as an individual. 1544 00:55:06,810 --> 00:55:08,939 So I've seen a number of proposals along 1545 00:55:08,940 --> 00:55:11,099 these lines trying to basically 1546 00:55:11,100 --> 00:55:13,949 overload the the channels with 1547 00:55:13,950 --> 00:55:15,839 the type of information you might expect 1548 00:55:15,840 --> 00:55:17,979 that they are looking for. 1549 00:55:17,980 --> 00:55:19,469 And one thing I know if you saw the size 1550 00:55:19,470 --> 00:55:21,029 of the Utah facility, they have a 1551 00:55:21,030 --> 00:55:23,159 tremendous capability 1552 00:55:23,160 --> 00:55:24,209 of storing data. 1553 00:55:24,210 --> 00:55:26,009 They have a tremendous capability of 1554 00:55:26,010 --> 00:55:27,269 processing data. 1555 00:55:27,270 --> 00:55:29,609 So take an incredible 1556 00:55:29,610 --> 00:55:31,709 attack to have any sort of meaningful 1557 00:55:31,710 --> 00:55:33,149 denial of service. 1558 00:55:33,150 --> 00:55:35,249 So what we've really been focusing on is 1559 00:55:35,250 --> 00:55:36,629 trying to do the first thing we're 1560 00:55:36,630 --> 00:55:38,789 talking about is get https by 1561 00:55:38,790 --> 00:55:40,919 default all over the place all of the 1562 00:55:40,920 --> 00:55:43,079 time. One thing is the project like 1563 00:55:43,080 --> 00:55:44,849 https everywhere, turning something which 1564 00:55:44,850 --> 00:55:47,039 is optional itbs 1565 00:55:47,040 --> 00:55:48,719 and making it by default through the add 1566 00:55:48,720 --> 00:55:50,759 on. And the other is putting the pressure 1567 00:55:50,760 --> 00:55:52,949 on companies to make it 1568 00:55:52,950 --> 00:55:54,449 the default. 1569 00:55:54,450 --> 00:55:56,789 And as you go, check out the Encrypt 1570 00:55:56,790 --> 00:55:58,859 the web report that I mentioned earlier, 1571 00:55:58,860 --> 00:56:00,689 and you can see a lot of check marks in 1572 00:56:00,690 --> 00:56:01,949 there by default. 1573 00:56:01,950 --> 00:56:04,019 And actually a number of those were 1574 00:56:04,020 --> 00:56:06,149 changed within the last couple of 1575 00:56:06,150 --> 00:56:08,339 months where change in reaction to 1576 00:56:08,340 --> 00:56:10,049 what's going on. So I think sort of the 1577 00:56:10,050 --> 00:56:12,479 better use of resources is try and get 1578 00:56:12,480 --> 00:56:14,819 as much encryption all the time, all 1579 00:56:14,820 --> 00:56:15,820 over the place. 1580 00:56:17,490 --> 00:56:19,529 Microphone two, OK. 1581 00:56:19,530 --> 00:56:20,939 Yeah, I got two questions. 1582 00:56:20,940 --> 00:56:23,069 The one thing is about economic 1583 00:56:23,070 --> 00:56:24,070 pressure. 1584 00:56:24,510 --> 00:56:27,419 So just to clarify 1585 00:56:27,420 --> 00:56:30,239 what you're saying is that 1586 00:56:30,240 --> 00:56:32,459 in reality, one should, for example, 1587 00:56:32,460 --> 00:56:34,649 exclude Windows products from 1588 00:56:34,650 --> 00:56:35,669 all international 1589 00:56:37,560 --> 00:56:40,019 acquisitions and with an information 1590 00:56:40,020 --> 00:56:41,519 critical system, as it should do anyway, 1591 00:56:41,520 --> 00:56:43,709 but so 1592 00:56:43,710 --> 00:56:46,169 that they will not be able to sell it 1593 00:56:46,170 --> 00:56:48,809 as an example for economic pressure. 1594 00:56:48,810 --> 00:56:51,359 And the second one, how about 1595 00:56:51,360 --> 00:56:52,360 legal pressure, 1596 00:56:53,880 --> 00:56:56,399 criminal legal pressure for individuals 1597 00:56:56,400 --> 00:56:58,979 to clearly work outside 1598 00:56:58,980 --> 00:57:01,469 the scope of the law, 1599 00:57:01,470 --> 00:57:03,659 for example? And what it should we? 1600 00:57:03,660 --> 00:57:06,000 Shouldn't we all perhaps file criminal 1601 00:57:07,530 --> 00:57:09,749 a criminal accusations in our 1602 00:57:09,750 --> 00:57:11,909 national legislations and see if those 1603 00:57:11,910 --> 00:57:14,039 anti-terror laws work in our favor 1604 00:57:14,040 --> 00:57:15,040 for once 1605 00:57:16,860 --> 00:57:19,290 and as an activists proposal? 1606 00:57:20,460 --> 00:57:22,229 So let me let me address these. 1607 00:57:22,230 --> 00:57:24,479 Yeah, absolutely. So the first 1608 00:57:24,480 --> 00:57:25,889 one economic pressure and I think 1609 00:57:25,890 --> 00:57:27,449 actually this is this is the most 1610 00:57:27,450 --> 00:57:28,450 effective. 1611 00:57:29,260 --> 00:57:31,469 It's something that we know that 1612 00:57:31,470 --> 00:57:33,359 the U.S. government does listen to. 1613 00:57:33,360 --> 00:57:36,209 It is concerned about the economics of 1614 00:57:36,210 --> 00:57:37,979 the U.S. companies. 1615 00:57:37,980 --> 00:57:40,799 And one of the things that actually was 1616 00:57:40,800 --> 00:57:43,019 extraordinary is we 1617 00:57:43,020 --> 00:57:44,159 had a number of U.S. 1618 00:57:44,160 --> 00:57:46,439 companies, eight internet companies. 1619 00:57:46,440 --> 00:57:48,659 They they signed a 1620 00:57:48,660 --> 00:57:50,699 statement asking the government to stop 1621 00:57:50,700 --> 00:57:52,709 the spying. And I think in part because 1622 00:57:52,710 --> 00:57:54,659 it was affecting their interests. 1623 00:57:54,660 --> 00:57:57,059 And the sabotage program that the NSA 1624 00:57:57,060 --> 00:57:59,309 has been doing is sabotaging 1625 00:57:59,310 --> 00:58:01,529 these companies ability to sell things 1626 00:58:01,530 --> 00:58:03,419 around the world because they trade. 1627 00:58:03,420 --> 00:58:05,459 We have these products, they are secure. 1628 00:58:05,460 --> 00:58:06,869 And then it turns out, in fact, they're 1629 00:58:06,870 --> 00:58:08,219 not secure their backdoor. 1630 00:58:08,220 --> 00:58:09,899 They have these problems. 1631 00:58:09,900 --> 00:58:12,089 And that would be a reason why someone 1632 00:58:12,090 --> 00:58:13,770 might not want to use these things. 1633 00:58:15,480 --> 00:58:17,820 That will have, I think, a potent effect 1634 00:58:19,200 --> 00:58:21,179 going after people criminally. 1635 00:58:21,180 --> 00:58:23,549 I mean, this is this has been tried. 1636 00:58:23,550 --> 00:58:25,379 There have been complaints that have been 1637 00:58:25,380 --> 00:58:27,629 raised against members of 1638 00:58:27,630 --> 00:58:29,399 the Bush administration, stemming from 1639 00:58:29,400 --> 00:58:32,159 both some of the earlier allegations 1640 00:58:32,160 --> 00:58:34,229 or earlier revelations about 1641 00:58:34,230 --> 00:58:36,449 spying and also about some things having 1642 00:58:36,450 --> 00:58:39,089 to do with like the Iraq War and so on. 1643 00:58:39,090 --> 00:58:41,339 This hasn't had a substantial effect 1644 00:58:41,340 --> 00:58:43,649 on on policy so far. 1645 00:58:43,650 --> 00:58:45,599 Thank you. OK, thank you. 1646 00:58:45,600 --> 00:58:47,279 One more question from the internet, 1647 00:58:47,280 --> 00:58:48,299 please. 1648 00:58:48,300 --> 00:58:50,459 What do you actually think about think 1649 00:58:50,460 --> 00:58:52,529 of efforts like canoe net to solve 1650 00:58:52,530 --> 00:58:54,449 the fundamental problem of unencrypted by 1651 00:58:54,450 --> 00:58:55,770 default internet traffic. 1652 00:58:57,280 --> 00:58:59,379 So the question is, what do I think 1653 00:58:59,380 --> 00:59:00,439 about? 1654 00:59:00,440 --> 00:59:01,440 Sorry, say that again. 1655 00:59:03,080 --> 00:59:05,599 What do you think about efforts 1656 00:59:05,600 --> 00:59:07,759 like new to solve the fundamental 1657 00:59:07,760 --> 00:59:09,949 problem of an unencrypted by 1658 00:59:09,950 --> 00:59:12,049 default internet traffic? 1659 00:59:12,050 --> 00:59:14,239 So I'm not familiar with gang unit. 1660 00:59:15,710 --> 00:59:17,839 I do think that on the whole, we 1661 00:59:17,840 --> 00:59:19,999 want to have it be the 1662 00:59:20,000 --> 00:59:22,279 standard that all internet traffic should 1663 00:59:22,280 --> 00:59:24,109 be encrypted, right? 1664 00:59:24,110 --> 00:59:26,359 The internet was built in a time 1665 00:59:26,360 --> 00:59:28,489 when it didn't seem that encryption was 1666 00:59:28,490 --> 00:59:30,439 a, you know, necessary feature. 1667 00:59:30,440 --> 00:59:32,329 It was an additional feature, but it 1668 00:59:32,330 --> 00:59:34,699 should become a default feature and 1669 00:59:34,700 --> 00:59:36,919 we should try to change the standards 1670 00:59:36,920 --> 00:59:39,379 to include encryption as a basic 1671 00:59:39,380 --> 00:59:41,179 feature of communications. 1672 00:59:43,060 --> 00:59:45,159 OK, then one last question from 1673 00:59:45,160 --> 00:59:46,899 microphone three, please. 1674 00:59:46,900 --> 00:59:47,829 All right. 1675 00:59:47,830 --> 00:59:49,869 So you mentioned a bunch of very nice 1676 00:59:49,870 --> 00:59:51,969 examples where legal terms are 1677 00:59:51,970 --> 00:59:54,159 reinterpreted in ways that 1678 00:59:54,160 --> 00:59:55,599 don't make very much sense. 1679 00:59:55,600 --> 00:59:57,849 Like, for example, you said they acquire 1680 00:59:57,850 --> 01:00:00,009 data without using the word of 1681 01:00:00,010 --> 01:00:01,059 acquisition and stuff. 1682 01:00:01,060 --> 01:00:01,959 Yes. 1683 01:00:01,960 --> 01:00:04,149 So my question is why do 1684 01:00:04,150 --> 01:00:06,399 they even come up with these pseudo legal 1685 01:00:06,400 --> 01:00:08,679 escapes that every reasonable person 1686 01:00:08,680 --> 01:00:09,909 would think are illegal? 1687 01:00:09,910 --> 01:00:11,589 Is it just that they have an excuse once 1688 01:00:11,590 --> 01:00:13,119 things become public, which they weren't 1689 01:00:13,120 --> 01:00:14,499 supposed to anyway? So why did they 1690 01:00:14,500 --> 01:00:16,029 prepare for the excuse? 1691 01:00:16,030 --> 01:00:17,529 So so what does all of this legal 1692 01:00:17,530 --> 01:00:18,530 framework for? 1693 01:00:19,770 --> 01:00:22,389 So, for example, my expectation would 1694 01:00:22,390 --> 01:00:24,549 be that the NSA or 1695 01:00:24,550 --> 01:00:26,529 the agencies in general just do the stuff 1696 01:00:26,530 --> 01:00:27,609 they want to do. 1697 01:00:27,610 --> 01:00:29,919 And of course, then the next question is 1698 01:00:29,920 --> 01:00:31,719 if there is more stuff outside that 1699 01:00:31,720 --> 01:00:34,269 framework that's not pseudo legally 1700 01:00:34,270 --> 01:00:36,549 allowed and still done well. 1701 01:00:36,550 --> 01:00:37,479 So it's a good question. 1702 01:00:37,480 --> 01:00:39,939 And so why play 1703 01:00:39,940 --> 01:00:41,259 the word games? 1704 01:00:41,260 --> 01:00:43,239 There's a couple of reasons to play play 1705 01:00:43,240 --> 01:00:45,219 the word games. One is internal and the 1706 01:00:45,220 --> 01:00:46,199 other is external. 1707 01:00:46,200 --> 01:00:48,169 I'll look at two of them that we talked 1708 01:00:48,170 --> 01:00:50,829 about. One was acquisition 1709 01:00:50,830 --> 01:00:52,899 without acquiring and the other 1710 01:00:52,900 --> 01:00:54,249 was sort of collection without 1711 01:00:54,250 --> 01:00:55,250 collecting. 1712 01:00:56,420 --> 01:00:57,879 I'll start with the collection without 1713 01:00:57,880 --> 01:01:00,429 collecting. This was used externally 1714 01:01:00,430 --> 01:01:01,989 so that when they testified before 1715 01:01:01,990 --> 01:01:03,729 Congress, they could say things like, 1716 01:01:03,730 --> 01:01:05,109 We're not collecting this, we're not 1717 01:01:05,110 --> 01:01:06,909 collecting that went in their heads. 1718 01:01:06,910 --> 01:01:09,219 They were secretly meaning by collecting, 1719 01:01:09,220 --> 01:01:11,079 you know, this crazy definition. 1720 01:01:11,080 --> 01:01:13,809 And then the senator or representative 1721 01:01:13,810 --> 01:01:16,119 who was asking the question was thinking 1722 01:01:16,120 --> 01:01:17,349 that they were meaning collection in the 1723 01:01:17,350 --> 01:01:18,609 ordinary sense. 1724 01:01:18,610 --> 01:01:20,499 And so really, they weren't doing this, 1725 01:01:20,500 --> 01:01:22,479 this thing that they were in fact doing. 1726 01:01:22,480 --> 01:01:25,029 And so that later when it came about, 1727 01:01:25,030 --> 01:01:27,159 they could not be brought up, you know, 1728 01:01:27,160 --> 01:01:29,349 saying they lied to Congress. 1729 01:01:29,350 --> 01:01:30,459 And so they were, you know, there was one 1730 01:01:30,460 --> 01:01:32,259 incident with the director of National 1731 01:01:32,260 --> 01:01:34,419 Intelligence Clapper, where he kind 1732 01:01:34,420 --> 01:01:36,729 of got into a bad way where 1733 01:01:36,730 --> 01:01:38,919 one of the senators asked him a very 1734 01:01:38,920 --> 01:01:41,079 direct question 1735 01:01:41,080 --> 01:01:43,239 about getting the information 1736 01:01:43,240 --> 01:01:44,289 on phone calls. 1737 01:01:44,290 --> 01:01:46,059 And he said he denied it. 1738 01:01:46,060 --> 01:01:47,289 And then it turned out that that was 1739 01:01:47,290 --> 01:01:49,149 happening. But by and large, they using 1740 01:01:49,150 --> 01:01:51,219 these word games in order to 1741 01:01:51,220 --> 01:01:53,319 be responsive, but without giving 1742 01:01:53,320 --> 01:01:54,669 the information that is really being 1743 01:01:54,670 --> 01:01:55,779 sought. 1744 01:01:55,780 --> 01:01:57,729 But then you have the acquisition without 1745 01:01:57,730 --> 01:01:59,439 acquiring how this was done in secret. 1746 01:01:59,440 --> 01:02:01,659 This was part of a secret memo that 1747 01:02:01,660 --> 01:02:03,879 was only reviewed by a very small 1748 01:02:03,880 --> 01:02:05,499 group of people. 1749 01:02:05,500 --> 01:02:07,869 And the reason I think for for that 1750 01:02:07,870 --> 01:02:10,119 is because, believe it or not, there 1751 01:02:10,120 --> 01:02:11,949 are still some good people out there, 1752 01:02:11,950 --> 01:02:14,469 even within the government, people who 1753 01:02:14,470 --> 01:02:16,899 need to see an explanation 1754 01:02:16,900 --> 01:02:19,419 as to why this is legal, 1755 01:02:19,420 --> 01:02:22,029 even if they are not morally opposed 1756 01:02:22,030 --> 01:02:23,529 to to the surveillance. 1757 01:02:23,530 --> 01:02:25,479 They do believe in the rule of law, and 1758 01:02:25,480 --> 01:02:27,399 those people need to have this sort of 1759 01:02:27,400 --> 01:02:28,400 explanation. 1760 01:02:29,260 --> 01:02:31,449 And they tried to do this in two ways 1761 01:02:31,450 --> 01:02:33,729 by coming up with the well, 1762 01:02:33,730 --> 01:02:35,859 B.S. explanation and then keeping it 1763 01:02:35,860 --> 01:02:37,299 secret. Well, don't worry your pretty 1764 01:02:37,300 --> 01:02:38,889 little head about it. We have this secret 1765 01:02:38,890 --> 01:02:41,199 explanation. That's all good. 1766 01:02:41,200 --> 01:02:43,509 And then one thing that that is useful 1767 01:02:43,510 --> 01:02:45,789 about that is that 1768 01:02:45,790 --> 01:02:48,339 hopefully some of these people, 1769 01:02:48,340 --> 01:02:50,139 the ones that are good who do care about 1770 01:02:50,140 --> 01:02:52,539 the rule of law, are now starting to see 1771 01:02:52,540 --> 01:02:54,629 alternate views about what these 1772 01:02:54,630 --> 01:02:56,739 these are alternate views about 1773 01:02:56,740 --> 01:02:57,909 the legal analysis. 1774 01:02:57,910 --> 01:03:00,069 They might be saying that, hey, what 1775 01:03:00,070 --> 01:03:01,449 we were doing was wrong. 1776 01:03:01,450 --> 01:03:04,299 What we were doing was beyond the law. 1777 01:03:04,300 --> 01:03:06,459 And then remember that the oath that 1778 01:03:06,460 --> 01:03:09,579 they took was an oath to the Constitution 1779 01:03:09,580 --> 01:03:11,440 was an oath that respects. 1780 01:03:12,750 --> 01:03:14,700 Free expression and respect privacy. 1781 01:03:16,620 --> 01:03:19,049 OK, thank you very much for your talk. 1782 01:03:19,050 --> 01:03:20,050 Thank you, everybody.