In case you had any doubt that federal prosecutors favor corporations over individuals, check out Mythili Raman’s testimony before a House hearing this week.
Raman is the acting chief of the Criminal Division at the Department of Justice.
She appeared before the Oversight and Investigations Subcommittee of the House Financial Services Committee.
The title of the hearing — “Who Is Too Big to Fail: Are Large Financial Institutions Immune from Federal Prosecution?”
In a nutshell, the answer is — Yes they are immune from federal prosecution.
But it’s not just them.
It’s the vast majority of major corporate criminals, which now are granted deferred and non prosecution agreements when twenty years ago they were forced to plead guilty.
This sea change in corporate crime practice was ushered in by then Deputy Attorney General Holder in 1999 when he drafted the Principles of Federal Prosecution of Business Organizations. (Holder has been through the revolving door since — over to Covington & Burling to defend the corporations he’s now charged with prosecuting, then back to the Justice Department as Attorney General under President Obama. And no doubt, soon back to Covington.)
Under the subsequent rewrites of the Holder memo, federal prosecutors must now take into consideration the collateral consequences of a criminal prosecution on a major corporation including “whether there is disproportionate harm to shareholders, pension holders, employees, and others not proven personally culpable, as well as impact on the public arising from the prosecution.”
And this, along with the the eight other factors that prosecutors must take into account before prosecuting a corporation tilts the balance away from prosecution and toward deferred and non prosecution agreements.
Raman made it a point to emphasize twice during her testimony that individuals are not given the same consideration.
“For individuals, collateral consequences never enter into the equation,” Raman said.
After all, collateral consequences for individuals can be devastating.
According to the American Bar Association Task Force on Collateral Consequences, the individual convict “may be ineligible for many federally-funded health and welfare benefits, food stamps, public housing, and federal educational assistance.”
“His driver’s license may be automatically suspended, and he may no longer qualify for certain employment and professional licenses. If he is convicted of another crime he may be subject to imprisonment as a repeat offender. He will not be permitted to enlist in the military, or possess a firearm, or obtain a federal security clearance. If a citizen, he may lose the right to vote. If not, he becomes immediately deportable.”
And Raman says that federal prosecutors can’t take these into consideration.
But must take the collateral consequences of a corporate conviction into consideration.
Why the difference?
Because the corporate crime lobby has marinated the justice system.
And morphed our criminal justice system from one that was meant to deliver equal justice for all to one where corporate criminals reign supreme.
“You can imagine why, when I see some of the biggest banks in the world, who get a slap on the wrist, for laundering drug money from the drug cartels, and (their executives) are not going to jail” Congresswoman Maxine Waters (D-California) told Raman at the hearing. “And then we have all of these young people getting arrested, some of them not criminal, just stupid, getting involved with small amounts of cocaine. And yet we have some of the richest, most powerful banks in the world laundering drug money from the drug cartels. Why don’t they (the bank executives) go to jail?”
Raman started to answer and Waters cut her off.
“We know what you do,” Waters said. “It’s what you do that we don’t like. What you do is — they get fined. And it’s a cost of doing business.”
Russell Mokhiber edits the Corporate Crime Reporter.
The journalism world has been rightly outraged by the Justice Department dragging the Associated Press (and now a Fox News reporter) into one of its sprawling leak investigations. As we wrote last week, by obtaining the call records of twenty AP phone lines, “the Justice Department has struck a terrible blow against the freedom of the press and the ability of reporters to investigate and report the news.”
But there are several other important lessons that this scandal can teach us besides how important free and uninhibited news-gathering is to the public’s right to know.
1. Weak Privacy Laws That Doomed AP Affect Everyone
The AP detailed in its letter to the Justice Department how its privacy was grossly invaded even though the government accessed only the call records of its reporters and not the content of their conversations. We completely agree. Unfortunately, this isn’t just a problem in the AP investigation. Law enforcement agencies routinely demand and receive this information about ordinary Americans over long periods of time without any court involvement whatsoever, much less a full warrant.
For example, according to information released by the phone companies to Rep. Ed Markey, Sprint alone received a staggering 500,000 subpoenas for call records data last year.
The DOJ’s decision to dive into these call records shows the growing need to update our privacy laws to eliminate the outmoded Third Party Doctrine—which holds that anything you give to a service provider, or that a service provider collects as part of providing you a service—can retain no reasonable expectation of privacy. In an era where email is stored by our providers, cellphone companies keep records that track our location and cloud services hold our documents, it’s long past time to bring our interpretation of the Fourth Amendment and statutory electronic privacy laws in compliance with the 21st Century.
In response to the AP scandal, a bipartisan coalition in Congress just introduced a bill to partially fix this problem called The Telephone Records Protection Act. The bill would require the Justice Department to get a judge’s approval before seeking these records. At EFF, we think the government should have to go even further than a court order: a judicial warrant showing the kind of probable cause required by the Fourth Amendment should be the standard. But this bill is certainly an improvement over administrative subpoenas, which don’t need a sign-off from a judge at all and allow the Executive branch to seek information without any external check.
2. Phone Companies May Give Up Your Information Without Telling You
As the New York Times reported, the AP is still examining if and when any telephone companies tried to push back on the over-broad requests for its call records. “But at least two of the journalists’ personal cellphone records were provided to the government by Verizon Wireless without any attempt to obtain permission to tell them so the reporters could ask a court to quash the subpoena,” the Times said. And it also seems clear that the AP itself wasn’t given notice before their phone company turned over the records.
In EFF’s 2013 “Who Has Your Back” report, which tracks several ways in which communications companies can help protect user privacy, we give a star for promising to notify users about government demands for data whenever whenever the company is not legally prevented from doing so. Notably, Verizon does not have such a notification policy and did not receive a star. In fact, Verizon was the only company to receive zero stars.
This isn’t a small problem or just a problem for journalists. Verizon received 260,000 similar subpoenas for call records last year. The government requests this information with regularity, and given the phone companies control the data, communications company policies are all that stand between you and governmental overreach.
Users should demand that their communications companies notify them when the government comes seeking information, unless they are legally barred by a court order.
3. Government often Overstates National Security Claims, Over-classifies Information
We’ve written many times about the many ways “national security” has been invoked—and exaggerated—in order to cover up government embarrassment or wrongdoing, or to assert powers that would normally not be granted under the Constitution. The government routinely over-classifies information that should never be secret, according to reports commissioned by the White House itself.
The most glaring example for EFF is our lawsuit over the NSA warrantless wiretapping program, where the government won’t admit or deny that the program even exists, citing the danger to national security, despite thousands of pages of public evidence. The government has argued the same thing in cases about torture and the CIA drone program where, many times, the same information that they claim is secret is on the front pages of the nation’s newspapers.
In the AP’s case, while Attorney General Holder says this leak put “lives at risk,” John Brennan said the opposite around the time of the story (“Brennan said the plot was never a threat to the U.S. public or air safety,” reported Reuters). The AP also held its story for six days until the CIA told them it was safe to publish and the White House had a news conference planned the day after the story to announce the successful counterterrorism operation.
As the late Supreme Court Justice Huge Black once said, “The word ‘security’ is a broad, vague generality whose contours should not be invoked to abrogate the fundamental law embodied in the First Amendment.”
4. There’s Not Much Recourse For Prosecutorial Misconduct
In this case, just like the case of Aaron Swartz, there has been widespread criticism that the Justice Department has abused its authority and aggressively pursued parties in an unprofessional manner. As we detailed last week, it seems the Justice Department didn’t follow its own guidelines when issuing subpoenas about[?] the reporters, or at least went to the very edge of its own guidelines.
Just like in the Swartz case, the specific prosecutor has a history of over-aggressive prosecutions (even being accused of overzealous prosecution by Eric Holder himself when he was in private practice). Yet when Congress asked Holder at a hearing about the allegations, just like in the Swartz case, he did not admit to any wrongdoing, and was able to deflect questions about his department’s handling of the case. Unfortunately, there is not much recourse for meaningful remedy for the public in these situations, and this case is just the latest example.
5. Journalists Need to be Pro-Active in Protecting Their Digital Security
In an age where warrantless surveillance is skyrocketing and governments potentially have access to an astonishing amount of information, journalists must learn to proactively protect both themselves and their sources.
The Committee to Protect Journalists Journalist Security Guide is an excellent place to start. It addresses concerns faced by journalists working inside the United States and internationally.
Wired published an op-ed last week about the care one needs to take from the source’s end if one wishes to send information to the press undetected. Much of the advice is applicable to reporters talking to sources as well. Additionally, the New Yorker has just released a promising—but un-tested—anonymous leak submission system, coded by Aaron Swartz before he tragically died in January. In certain circumstances physical mail remains the safest option.
Overall, the final lesson is that journalists, and sources, need to take security seriously. Trusting that the government won’t come after you because you’re engaged in journalism, serving the public interest, or helping reveal wrongdoing is plainly not sufficient.
US Attorney General Eric Holder has claimed he was unaware of the subpoenas for AP’s phone records, but defended them as a necessary measure. Holder recused himself from the case that has been branded as an “unprecedented intrusion” into press freedom.
US lawmakers questioned the attorney general at a House Judiciary Committee about the two months of AP phone records obtained by the Justice Department without permission. In a session that saw the attorney on the back foot amid calls for his resign, he maintained his ignorance in the “ongoing matter.”
Flatly denying any prior knowledge to the subpoenas and who had issued them, he stated that he was 99 per cent sure that deputy attorney general James Cole had issued them.
“The matter is being supervised by the deputy attorney general. I am not familiar with the reasons why the subpoena was constructed in the way that it was because I’m simply not a part of the case,” Holder told the committee, adding he was confident that the people who are involved in the investigation adhered to Justice Department regulations.
Investigators wish to discern why it was necessary to gather so much information from AP phone records. The Justice Departments claims that the records were seized as part of an investigation into leaked data on a CIA operation in Yemen to stop an airliner bombing plot on the anniversary of the death of Osama Bin Laden.
Holder stressed that the leak was very serious and had put the safety of the American people at risk and as such the Justice Department’s action was justified.
Passing the buck
The Justice Department admitted its surveillance of AP’s phone lines in a letter to the organization’s heads last Friday. AP’s Chief Gary Pruitt reacted with ire, condemning the intrusion as a gross violation of press freedom that is inexcusable. AP estimates that over 100 of its journalists were affected by the phone surveillance and has implicated the involvement of the attorney general, alleging that subpoenas require his signature to be carried out.
There was a degree of frustration at Holder’s answers during the hearing due to his inability to answer questions on the subpoenas and why the Justice Department failed to negotiate with AP prior to the subpoenas, which is usually standard practice in such situations.
“There doesn’t appear to be any acceptance of responsibility for things that have gone wrong,” Rep. James Sensenbrenner, R-Wis., told Holder. He suggested that Justice Department office should stop by Harry S Truman Presidential Library and take a photo of the famous sign, “The buck stops here.”
The White House has also claimed ignorance, stating that it had no knowledge of “any attempt by the Justice Department to seek phone records of the AP.”
Federal prosecutors secretly obtained two months’ worth of telephone records of Associated Press journalists in what the news agency described Monday as a “massive and unprecedented intrusion.”
The Justice Department notified the AP on Friday that it had subpoenaed the records, which included more than 20 office, cellphone and home phone lines. The lines include the general AP office numbers in New York, Washington and Hartford, Conn., and the number for AP reporters in the House of Representatives press gallery.
The records included outgoing call numbers, the AP said, but it is unclear whether prosecutors also obtained incoming call numbers or the duration of calls. The news organization said it had no reason to think that the government listened in to the content of the calls. The government did not reveal why it seized the records, but the AP noted that federal officials have previously said they were investigating who had leaked information to the news service about a foiled terror plot in 2012. An AP story in May 2012 included details about a CIA operation in Yemen targeting al Qaeda operatives.
AP President and CEO Gary Pruitt called the action “a serious interference with AP’s constitutional rights to gather and report the news.”
Republicans were quick to criticize the Department of Justice (DOJ), saying that the invasion of privacy of a news outlet was just the latest example of an administration rife with problems. News of the AP probe broke as the White House is already fending off criticism of its handling of last year’s attacks on the embassy in Benghazi, Libya, and the revelation that the Internal Revenue Service had targeted conservative and Tea Party groups.
House Oversight and Government Reform Committee Chairman Darrell Issa (R-Calif.) called the DOJ subpoena “very disturbing” and said he expected to team up with House Judiciary Committee Chairman Bob Goodlatte (R-Va.) to probe the issue further.
“If this question went to the Attorney General then he’s responsible and he should be held accountable for what I think is wrong,” Issa said on CNN. “On the other hand, if it didn’t go to him, the question is: when is the Justice Department going to take responsibility for what it does?
“There are serious problems at DOJ, this is just the latest one.”
Department policy requires that the attorney general sign off on all requests for reporter phone records. It is unclear whether Attorney General Eric Holder signed off in this case.
Rep. Frank Wolf (R-Va.), the chairman of the Appropriations subcommittee that oversees the Justice budget, said the department’s move was reminiscent of the wiretapping authorized by former President Nixon’s administration.
“It’s unbelievable,” said Wolf in an interview with The Hill after news of the story broke. “It kind of reminds you of the mid-70s.”
“It is the arrogance of power and paranoia. I think it’s shocking. It reminds me of the Nixon days. If they can do it to the AP, they can do to any news service in the country.”
Criticism also came from the left.
“The media’s purpose is to keep the public informed and it should be free to do so without the threat of unwarranted surveillance,” Laura Murphy, director of the ACLU’s Washington Office, said in a statement. “The Attorney General must explain the Justice Department’s actions to the public so that we can make sure this kind of press intimidation does not happen again.”
The AP’s Pruitt sent a letter on Monday to Holder protesting the seizure of records, demanding that the government return the call records to the AP and destroy its copies.
“There can be no possible justification for such an overbroad collection of the telephone communications of The Associated Press and its reporters,” Pruitt said.
“These records potentially reveal communications with confidential sources across all of the newsgathering activities undertaken by the AP during a two-month period, provide a road map to AP’s newsgathering operations, and disclose information about AP’s activities and operations that the government has no conceivable right to know.”
Federal regulations require that subpoenas for a reporter’s phone records be as “narrowly drawn as possible.”
White House press secretary Jay Carney referred questions about the probe to the Justice Department.
In a statement, the U.S. Attorney’s Office for the District of Columbia said it takes its legal obligations and department policies seriously when subpoenaing media phone records.
“Those regulations require us to make every reasonable effort to obtain information through alternative means before even considering a subpoena for the phone records of a member of the media,” the office said. “We must notify the media organization in advance unless doing so would pose a substantial threat to the integrity of the investigation.
“Because we value the freedom of the press, we are always careful and deliberative in seeking to strike the right balance between the public interest in the free flow of information and the public interest in the fair and effective administration of our criminal laws,” it said.
The FBI revealed in 2008 that it had subpoenaed the phone records of New York Times and Washington Post reporters in Indonesia as part of a terrorism investigation. The agency apologized for the incident, saying it failed to follow department policies.
Goodlatte said he planned to ask Holder “pointed questions” about the AP records on Wednesday when the attorney general is slated to testify during a general Judiciary oversight hearing.
“Any abridgement of the First Amendment right to the freedom of the press is very concerning,” said Goodlatte in a statement.
“The House Judiciary Committee will thoroughly investigate this issue and will also ask Attorney General Eric Holder pointed questions about it at Wednesday’s oversight hearing,” he said.
Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) also said he would be probing the issue further and looking into whether the government may have overstepped its bounds.
“The burden is always on the government when they go after private information – especially information regarding the press or its confidential sources,” said Leahy in a statement. “I want to know more about this case, but on the face of it, I am concerned that the government may not have met that burden. I am very troubled by these allegations and want to hear the government’s explanation.”
United States President Barack Obama is likely to endorse a Federal Bureau of Investigation effort that would ensure all Internet companies in the US provide a way for the government to conduct undetected, backdoor surveillance.
The FBI has been considering solutions to their so-called “Going Dark” problem as intricate methods of encryption and advances in technology have made it increasingly difficult for the federal government and law enforcement to gain access to online communications conducted in the shadows of the Web. Should the latest efforts of the FBI move forward, though, Internet companies that act as any conduit for correspondence of any kind would be heavily fined if they don’t include in their infrastructure a way for the government to eavesdrop on that dialogue in real time.
At a press conference in Washington, DC in March, FBI general counsel Andrew Weissmann said the Department of Justice was determined to have the means to wiretap any online communication by 2014 and called it “a huge priority for the FBI.” Further developments last month revealed that the FBI was considering a fine-based model under which Internet companies would be forced to comply or risk being penalized beyond repair.
On Tuesday, New York Times reporter Charlie Savage cited Obama administration officials as saying the president “is on the verge of backing” that very plan.
Savage explained that while companies would be allowed to operate without giving the government backdoor access, the fees would likely limit the number of entities willing to challenge the order. As RT reported last month, a company that doesn’t comply with the FBI’s orders would be fined $25,000 after 90 days. Additional penalties would then be tacked on every day an Internet service provider, website or other company fails to comply — with the price of the penalty doubling each day they don’t assist investigators.
“While the FBI’s original proposal would have required Internet communications services to each build in a wiretapping capacity, the revised one, which must now be reviewed by the White House, focuses on fining companies that do not comply with wiretap orders,” wrote Savage. “The difference, officials say, means that start-ups with a small number of users would have fewer worries about wiretapping issues unless the companies became popular enough to come to the Justice Department’s attention.”
Savage quoted a statement in his article from Weissmann in which the FBI attorney said, “This doesn’t create any new legal surveillance authority.” Instead, said Weissman, “None of the ‘going dark’ solutions would do anything except update the law given means of modern communications.”
“This always requires a court order,” he said.
Coincidently, that same issue has had major developments in its own right this week. On Wednesday morning, CNET reporter Declan McCullagh wrote that the Justice Department circulated memos in which they insisted that obtaining a search warrant isn’t necessary to eavesdrop on Internet communication of any sort.
“The US Department of Justice and the FBI believe they don’t need a search warrant to review Americans’ e-mails, Facebook chats, Twitter direct messages and other private files, internal documents reveal,” wrote McCullagh, citing a government documents obtained by the American Civil Liberties Union and provided to CNET.
According to McCullagh, those documents include very specific instructions from high-importance officials that demonstrate the Justice Department’s disinterest in applying established law when it comes to eavesdropping on Americans. While Weissmann made the argument that the FBI plan reportedly backed by the president won’t change what rules the DoJ operates by, the memos obtained by McCullagh paints the Obama White House as an administration unwilling to work with the already broad surveillance powers provided to it.
In one memo unearthed by the ACLU, McCullagh said the US attorney for Manhattan instructed his office that an easy-to-obtain legal paper that requires no judicial oversight is all that’s needed to obtain personal correspondence.
“[A] subpoena — a piece of paper signed by a prosecutor, not a judge — is sufficient to obtain nearly ‘all records from an ISP,’” McCullagh wrote.
In another instance, McCullagh said the US attorney in Houston, Texas obtained the “contents of stored communications” from another ISP without getting a judge to sign a warrant.
One current law that limits how and when authorities can obtain a suspect’s email pursuant to a criminal investigation, the Electronic Communication Privacy Act, provides that while a warrant is needed for relatively recent correspondence, a comparably easier to get administrative subpoena is all that’s required to get communication older than 180 days. Provisions of the ECPA have been largely unchanged since it was passed in the mid-1980s, but last month a Senate Judiciary Committee approved an amendment that would require a warrant in all instances.
In advocating for fewer restrictions when obtaining store communication, the FBI’s Wessmann said in April that another law, 1994’s Communications Assistance for Law Enforcement Act, needs to be expanded so investigators can leap over current hurdles that keep them from conducting real time wiretaps of online discussions.
“You do have laws that say you need to keep things for a certain amount of time, but in the cyber realm you can have companies that keep things for five minutes,” he said. “You can imagine totally legitimate reasons for that, but you can also imagine how enticing that ability is for people who are up to no good because the evidence comes and it goes.”
In the wake of the Boston Marathon bombing on April 15, renewed calls across the country have been made to make it easier for investigators to quickly conduct surveillance — in and off the Web. A recent poll found that roughly two-thirds of Americans favored more surveillance cameras in public places, and now the nation’s top law officials are asking for increased spy power not just on the streets but on the Web.
Earlier this month, Google Chairman Eric Schmidt said at a discussion in Washington, “When you come across an advocate for one thing — an advocate for security, and advocate for privacy — they’re often arguing from a position without understanding that it’s a two-edged sword.”
“For example, very strong encryption would allow you and I to have a very, very secure communication: If we were criminals, if we were dissidents, if we were martyrs or if we were just doing a little business,” he said. “If you could figure out a way to ban very strong encryption from evil people and only allow good people…then this would be easy,” he said.
- Obama administration bypasses CISPA by secretly allowing Internet surveillance (alethonews.wordpress.com)
- Spy, or pay up: FBI-backed bill would fine US firms for refusing wiretaps (alethonews.wordpress.com)
- To Ease Internet Snooping, Feds Promise To Ignore Privacy Violations (reason.com)
When one conspires to violate federal law, it helps to have a government agency or two as one’s co-conspirators when law enforcement comes poking around, as telecom giant AT&T and others learned recently when the Defense Department (DOD) and the Department of Homeland Security (DHS) successfully pressured the Justice Department (DOJ) to agree secretly not to prosecute blatantly illegal wiretaps conducted by AT&T and other Internet service providers at the request of the agencies.
Although some press reports have termed this an authorization of activity that would otherwise be illegal, this is a misnomer. The executive branch lacks the power to retroactively declare criminal conduct to be lawful, but it can choose to ignore it by waiving prosecution pursuant to “prosecutorial discretion.”
Although the secret DOJ prosecution waiver initially applied to a cyber-security pilot project—the DIB Cyber Pilot—that allowed the military to monitor defense contractors’ Internet links, the program has since been renamed Enhanced Cybersecurity Services and is being expanded by President Obama to allow the government to snoop on the private networks of all companies operating in “critical infrastructure sectors,” including energy, healthcare, and finance starting June 12.
“The Justice Department is helping private companies evade federal wiretap laws,” warned Marc Rotenberg, executive director of the Electronic Privacy Information Center, which obtained more than 1,000 pages of government documents relating to the issue via a Freedom of Information Act request. “Alarm bells should be going off.”
The wiretap law referenced by Rotenberg is the Wiretap Act, codified at 18 USC 2511, which makes it a crime for a network operator to intercept communications carried on its networks unless the monitoring is a “necessary incident” to providing the service or it occurs with a user’s “lawful consent.” Since neither of those exceptions applied, DOD and DHS pressed DOJ attorneys to agree not to prosecute what were clearly prosecutable offenses by issuing an unknown number of “2511 letters,” which are normally used by DOJ to tell a company that its conduct fit within one of the lawful exceptions to the Act.
The purported “retroactive authorization” is similar to the “retroactive immunity” given the telecoms by Congress for their participation in illegal wiretapping and eavesdropping between 2001 and 2006. Likewise, former DHS official Paul Rosenzweig compared the case of the “2511 letters” to the CIA asking the Justice Department for legal memos justifying torture a decade ago. “If you think of it poorly, it’s a CYA [“cover your ass] function,” Rosenzweig says. “If you think well of it, it’s an effort to secure advance authorization for an action that may not be clearly legal.” Or may be clearly illegal.
In any event, Obama’s own expansion by mid-June of the snooping “to all critical infrastructure sectors,” defined as companies providing services whose disruption would harm national economic security or “national public health or safety” will proceed.
- Obama administration bypasses CISPA by secretly allowing Internet surveillance (alethonews.wordpress.com)
- To Ease Internet Snooping, Feds Promise To Ignore Privacy Violations (reason.com)
Scared that CISPA might pass? The federal government is already using a secretive cybersecurity program to monitor online traffic and enforce CISPA-like data sharing between Internet service providers and the Department of Defense.
The Electronic Privacy Information Center has obtained over 1,000 pages of documents pertaining to the United States government’s use of a cybersecurity program after filing a Freedom of Information Act request, and CNET reporter Declan McCullagh says those pages show how the Pentagon has secretly helped push for increased Internet surveillance.
“Senior Obama administration officials have secretly authorized the interception of communications carried on portions of networks operated by AT&T and other Internet service providers, a practice that might otherwise be illegal under federal wiretapping laws,” McCullagh writes.
That practice, McCullagh recalls, was first revealed when Deputy Secretary of Defense William Lynn disclosed the existence of the Defense Industrial Base (DIB) Cyber Pilot in June 2011. At the time, the Pentagon said the program would allow the government to help the defense industry safeguard the information on their computer systems by sharing classified threat information between the Department of Defense, the Department of Homeland Security and the Internet service providers (ISP) that keep government contractors online.
“Our defense industrial base is critical to our military effectiveness. Their networks hold valuable information about our weapons systems and their capabilities,” Lynn said. “The theft of design data and engineering information from within these networks greatly undermines the technological edge we hold over potential adversaries.”
Just last week the US House of Representatives voted in favor of the Cyber Intelligence Sharing and Protection Act, or CISPA — a legislation that would allow ISPs and private Internet companies across the country like Facebook and Google to share similar threat data with the federal government without being held liable for violating their customers’ privacy. As it turns out, however, the DIB Cyber Pilot has expanded exponentially in recent months, suggesting that a significant chunk of Internet traffic is already subjected to governmental monitoring.
In May 2012 less than a year after the pilot was first unveiled, the Defense Department announced the expansion of the DIB program. Then this past January, McCullagh says it was renamed the Enhanced Cybersecurity Services (ECS) and opened up to a larger number of companies — not just DoD contractors. An executive order signed by US President Barack Obama earlier this year will let all critical infrastructure companies to sign-on to ECS this June, likely in turn bringing on board entities in energy, healthcare, communication and finance.
Although the 1,000-plus pages obtained in the FOIA request haven’t been posted in full on the Web just yet, a sampling of that trove published by EPIC on Wednesday starts to show just exactly how severe the Pentagon’s efforts to eavesdrop on Web traffic has been.
In one document, a December 2011 slideshow on the legal policies and practices regarding the monitoring of Web traffic on DIB-linked systems, the Pentagon instructs the administrators of those third-party computer networks on how to implement the program and, as a result, erode their customers’ expectation of privacy.
In one slide, the Pentagon explains to ISPs and other system administrators how to be clear in letting their customers know that their traffic was being fed to the government. Key elements to keep in mind, wrote the Defense Department, was that DIB “expressly covers monitoring of data and communications in transit rather than just accessing data at rest.”
“[T]hat information transiting or stored on the system may be disclosed for any purpose, including to the government,” it continued. Companies participating in the pilot program were told to let users know that monitoring would exist “for any purpose,” and that users have no expectation of privacy regarding communications or data stored on the system.
According to the 2011 press released on the DIB Cyber Pilot, “the government will not monitor, intercept or store any private-sector communications through the program.” In a privacy impact assessment of the ECS program that was published in January by the DHS though, it’s revealed that not only is information monitored, but among the data collected by investigators could be personally identifiable information, including the header info from suspicious emails. That would mean the government sees and stores who you communicate with and what kind of subject lines are used during correspondence.
The DHS says that personally identifiable information could be retained if “analytically relevant to understanding the cyber threat” in question.
Meanwhile, the lawmakers in Congress that overwhelmingly approved CISPA just last week could arguably use a refresher in what constitutes a cyberthreat. Rep. Michael McCaul (R-Texas) told his colleagues on the Hill that “Recent events in Boston demonstrate that we have to come together as Republicans and Democrats to get this done,” and Rep. Dan Maffei (D-New York) made unfounded claims during Thursday’s debate that the whistleblowing website WikiLeaks is pursuing efforts to “hack into our nation’s power grid.”
Should CISPA be signed into law, telecommunication companies will be encouraged to share Internet data with the DHS and Department of Justice for so-called national security purposes. But even if the president pursues a veto as his advisers have suggested, McCullagh says few will be safe from this secretive cybersecurity operation already in place.
The tome of FOIA pages, McCullagh says, shows that the Justice Department has actively assisted telecoms as of late by letting them off the hook for Wiretap Act violations. Since the sharing of data between ISPs and the government under the DIB program and now ECS violates federal statute, the Justice Department has reportedly issued an undeterminable number of “2511 letters” to telecoms: essentially written approval to ignore provisions of the Wiretap Act in exchange for immunity.
“The Justice Department is helping private companies evade federal wiretap laws,” EPIC Executive Director Marc Rotenberg tells CNET. “Alarm bells should be going off.”
In an internal Justice Department email cited by McCullagh, Associate Deputy Attorney General James Baker is alleged to write that ISPs will likely request 2511 letters and the ECS-participating companies “would be required to change their banners to reference government monitoring.”
“These agencies are clearly seeking authority to receive a large amount of information, including personal information, from private Internet networks,” EPIC staff attorney Amie Stepanovich adds to CNET. “If this program was broadly deployed, it would raise serious questions about government cybersecurity practices.”
- To Ease Internet Snooping, Feds Promise To Ignore Privacy Violations (reason.com)
- Congressman evokes Boston bombings as reason to pass CISPA (rt.com)
- U.S. gives big, secret push to Internet surveillance (philosophers-stone.co.uk)
If you are 17 or under, a federal prosecutor could have charged you with computer hacking just for reading Seventeen magazine online—until today.
It’s not because the law got any better. Earlier today, we wrote about news sites that alarmingly prohibit their youth audiences from accessing the news and the potential criminal consequences under the Computer Fraud and Abuse Act. In response, the Hearst Corporation modified the terms of service across its family of publications, including the Hearst Teen Network, which notably includes titles like Seventeen, CosmoGirl, Teen and MisQuince.
Seventeen highlights the absurdity of giving terms of service the force of law under the CFAA. It boasts a readership of almost 4.5 million teen readers with an average age of 16 and a half, and yet, until today, the average reader was legally banned from visiting Seventeen.com. That’s right, for a magazine dedicated to teen fashion, the publisher’s terms explicitly restricted online access to readers 18 and older. What’s worse, the Justice Department could choose to bring the might of the government to enforce this contract against a Seventeen reader who may never have even seen the agreement.
Federal prosecutors have argued in court that accessing a website in violation of terms of service is a crime. If the website’s terms, like Seventeen magazine’s previous version, explicitly state that you must be an adult to visit their sites or participate in their interactive features, then teenagers accessing the site “without authorization” under the CFAA and could be doing jail time, according to the DOJ.
Hearst removed the following line from the terms for publications ranging from the Houston Chronicle to the San Francisco Chronicle, from Popular Mechanics to Seventeen:
YOU MAY NOT ACCESS OR USE THE COVERED SITES OR ACCEPT THE AGREEMENT IF YOU ARE NOT AT LEAST 18 YEARS OLD.
The revisions are dated “April 23, 2013,” but presumably they meant April 3. Thank you Hearst, we appreciate your prompt response. But the real problem is the CFAA, which allows prosecutors to use these silly terms to manufacture computer crimes. And prosecutors have plenty of opportunities, as ridiculous terms of service abuond throughout the Internet.
We also previously reported on a variety of other websites—including the New York Times, Boston Globe, and NPR—that have similar terms of service that restrict people 12-and-under from reading the news. Atlantic Wire expanded on our blog post by pointing to even more news sites that do the same thing. While these terms weren’t as absurd as Hearst’s, Atlantic Wire also highlighted the law’s farcical implications using photos showing which of Shaquille O’Neal’s children were allowed to visit a lengthy list of news sites.
Thankfully, the Ninth and Fourth Circuits have rejected the government’s aggressive interpretation of the CFAA (with amicus help from EFF), but the Justice Department has shown no signs that it has given up on aggressive interpretations. The vague language of the law could turn virtually every Internet user into a potential criminal, allowing the Justice Department to use their discretion to go after any citizen they don’t like, rather than only harmful criminals the bill was intended to stop.
The second in command at the U.S. Agency for International Development (USAID) has been accused of interfering with an inspector general’s probe into alleged contract rigging by the agency’s top lawyer.
The investigation was launched after the inspector general (IG) learned that former USAID general counsel Lisa Gomer had helped former chief financial officer David Ostermeyer develop a contract for a “senior government-to-government assistance adviser” that would go to Ostermeyer after he retired. The bidding was later cancelled.
While conducting the probe, the IG’s office was told by Deputy Administrator Donald Steinberg, USAID’s No. 2 official, that the investigation was “inappropriate” and that the U.S. Department of Justice should not have been told about the case.
“When people are slapping badges down, reading rights and monitoring who is calling who as it relates to career people, it is a mistake,” an IG memo quoted Steinberg as saying to investigators.
USAID spokesman Kamyl Bazbaz told The Washington Post that none of the agency’s top officials interfered with the inspector general’s probe.
Gomer’s attorney claimed the Justice Department has dropped its own investigation into the alleged contracting rigging. But a Justice spokeswoman declined to confirm this assertion when asked by the newspaper.
- Justice Department Investigating USAID for Allegedly Rigging Contracts (voicerussia.com)
Yesterday, a dark chapter in American history got that much more disgraceful. Attorney General Holder announced the closure of the last two open criminal inquiries into abusive interrogations by CIA officials. The pronouncement means that not a single CIA official will be prosecuted in federal courts for any of the abuse, torture or even death that took place at the hands of CIA officers and contractors.
Since 9/11, dozens of terrorism suspects have been held incommunicado by the CIA in secret prisons around the world and subjected to repeated brutality in the name of extracting information. The White House and its lead legal advice team, the Justice Department’s Office of Legal Counsel (OLC), approved the use of these previously illegal tactics based on profoundly flawed legal reasoning and a complete lack of interrogation or law enforcement experience.
CIA interrogators were told that they could waterboard suspects, even though the Reagan administration and its predecessors prosecuted Americans and others for using the tactic. Interrogators were told they could use, among other tactics, extended sleep deprivation; “stress positions” such as forced-standing, handcuffing in painful crouched positions and shackling people to the ceiling, usually for hours or even days; confining prisoners to small, coffin-like boxes with air and light cut off; extended forced nudity; sensory bombardment; extreme temperatures; hooding; and physical beatings, including slamming prisoners into walls. Each and every one of these techniques had been declared torture at some point by US courts, Israeli courts, European Courts, the UN Committee on Torture or other foreign courts. But the OLC’s approval of the techniques meant the Obama Justice Department refused to investigate their use. Instead, in 2009, Attorney General Holder ordered a preliminary review of 101 cases where the CIA allegedly went even beyond the approved torture techniques. In June 2011, the Justice Department closed 99 of those cases and opened full investigations into the remaining 2, both of which involved prisoners who died while in US custody. Now, those last two investigations have also ended.
It is simply unacceptable that torture can be treated with impunity, no matter the goal of the torturers. Doing so gravely undermines the prohibition against torture worldwide and sends the dangerous message to US and foreign officials that there will be no consequences for future abuses.
So, the ACLU is taking the long view of this struggle. Despite the Justice Department’s refusal to enforce the law, we will continue to press for true accountability – both in the United States and overseas – for the designers, facilitators, overseers and perpetrators of torture and abuse. We will continue to work for the day when officials hear a resoundingly different message than the one delivered by Attorney General Holder: torture and abuse are never legitimate, but if you do make the egregious error of crossing that line, fear the law, for you will be held be to account.
Eileen Foster and the Failure of Corporate Criminal Justice
Last month, Eileen Foster was at the National Press Club to receive the $10,000 Ron Ridenhour Prize for Truth-Telling. In 2007, Foster was a vice president in charge of investigating fraud at Countrywide Financial. A full time job, if you can keep it. Which she couldn’t.
Because she took her job seriously.
A Countrywide employee in Boston called Foster with evidence of widespread loan fraud in the Boston area.
Foster investigated and confirmed the employee’s report and eventually shut down six Countrywide offices in Massachusetts.
She started to pursue what appeared to be systemic fraud at the company when the executive suite got itchy.
On September 8, 2008, they came to Foster and put a 14-page document on her desk. Foster calls that a gag order. They also offered her $228,000. Foster calls that hush money. She was told if she accepted the money and signed the document, she could quit. If not, she would be fired.
She was fired.
Foster filed a complaint with the Department of Labor under the Sarbanes-Oxley whistleblower provisions.
Twenty-one out of 1,500 whistleblowers have gotten a favorable response from the Department of Labor.
So, Foster knew it was a bit like hitting the lottery.
But lo and behold, she hit it.
In October 2011, the Department of Labor ruled in her favor.
And in December 2011, the CBS News show 60 Minutes did a story titled Prosecuting Wall Street that featured Foster.
Now, Bank of America, which acquired Countrywide, is appealing the Department of Labor’s ruling.
A public hearing is scheduled for October 22.
On the 60 Minutes segment, Steve Kroft reported that “Eileen Foster has never been asked — and never spoken to the Justice Department – even though she was Countrywide’s executive vice president in charge of fraud investigations.”
We asked Foster – did the Justice Department ever contact you?
“Not before 60 Minutes,” Foster says. “After 60 Minutes, yes.”
“I’m not sure I can talk about that,” she says.
“I’m encouraged, but I’m not sure if the movement is in the right direction,” Foster said. “There had been things taking place prior to the 60 Minutes piece.”
It has been widely reported that the U.S. Attorney in Los Angeles opened and closed an investigation of Countrywide without bringing charges. Is that what Foster is talking about?
“I’m not talking about any specific effort.”
“If what took place in these organizations wasn’t illegal, there has been a lot of activity which has taken place since that seems to me is clearly illegal – perjury, obstruction of justice and witness tampering.”
Is it your sense that this is over and done with and that the Justice Department has moved on?
“I hope not,” Foster said. “I have a fear that it is probably over and done with.”
At the Press Club last month, Foster said that she doesn’t trust the corporate line on internal reporting of problems.
“Critics insist that a whistleblower be compelled to first report problems internally, supposedly to provide the corrupt company the chance to correct wrongdoing,” Foster said at the Press Club. “But when I followed protocol and reported internally, I was summarily eliminated. The wrongdoing was protected, not corrected.”
“We cannot allow corporate malfeasance to run rampant and become institutionalized. People need to know that many corporations use hotlines and reporting policies to silence whistleblowers and conceal fraud.”
“Corporations now screen applicants for whistleblowing tendencies and assign lawyers to participate in internal investigations so they can shield the wrongdoing under the cloak of ‘privilege,’” Foster said. “The Congress and State Legislatures should eliminate the corporate lawyer cover-up by eliminating the use of so-called privileges in these circumstances.”
“So here we are several years after the onset of the financial crisis, caused in large part by reckless lending and risk-taking in major financial institutions. And still, not one executive has been charged or imprisoned! This stands in stark contrast to the savings and loan debacle in the 1980’s, where prosecutors sent more than 800 bank officials to jail.”
“Our current administration has defended the lack of prosecutions by labeling the executives’ actions ‘bad behavior,’ but not illegal. Assistant Attorney General, Lanny Breuer, told Steve Kroft of 60 Minutes, that although the risk-taking was offensive, and the greed was upsetting, it didn’t mean the Department of Justice could bring a criminal case. Perhaps we simply need a different means to a justifiable end.”
“When prosecutors were unable to convict Al Capone of racketeering, they convicted him of tax evasion instead. If there is insufficient legal evidence to convict these executives of what we believe are obvious crimes, then the federal government should refocus. Overwhelming evidence of perjury, witness tampering and obstruction of justice exist in the numerous claims, court filings and trial and investigative transcripts. We must not let these deeds go wholly unpunished. Perhaps financial industry whistleblowers should be permitted to present their information to grand juries without the help of government prosecutors. Then the people can decide how best to address this outrageous wrongdoing.”
“We can and must uphold the law and prosecute those who break it, especially “white collar criminals”, no matter how highly placed or how cozy they are with government officials. We must insist on full and complete investigations with accountability and punishment for the guilty parties. We must ‘keep the heat on’ and see justice done.”
[For the complete transcript of the Interview with Eileen Foster, see 26 Corporate Crime Reporter 21(10), print edition only.]
Russell Mokhiber edits Corporate Crime Reporter.
Action on PREA Can End the Violence
Today the Department of Justice released the long-awaited Prison Rape Elimination Act (PREA) regulations, representing the first time that the federal government has issued national standards to help end sexual abuse in correctional facilities. The regulations are two years late and a lot of harm has been done in their absence, but now that they’ve finally been released they can help us protect important constitutional and human rights and ensure safe and fair correctional facilities that assist prisoners in rehabilitation rather than needlessly brutalizing them. The ACLU supports the Department’s efforts to protect and prevent sexual abuse in places of detention, although we regret that immigration facilities are not yet included in these standards.
Sadly, the problem of prison rape is just as pressing now as it was when Congress passed PREA in 2003. Below is the shameful index of prison rape in prisons, jails and youth detention centers across the country. These numbers reflect a national tragedy. But PREA gives us the critical tools to stop rape in our corrections facilities. Now, federal, state and local governments and the public must take strong and continued action to ensure that the promise of PREA becomes a safe and secure reality.
Number of people imprisoned in the United States: 2.3 million
Number of victims of rape or sexual abuse in U.S. prison, jails and juvenile detention facilities in the past year according to the Justice Department: 216,600 (the DOJ admitted it was likely “underestimating the extent of the problem”)
Number of victims of rape or sexual abuse in U.S. prison, jails and juvenile detention facilities since the initial PREA legislation as signed into law (Sept. 4, 2003): 1,884,909
Number of days past the Department of Justice’s deadline (June 23, 2010) for establishing the final standards: 717
Number of victims of rape or sexual abuse in U.S. prison, jails and juvenile detention facilities since the Department of Justice missed its deadline to establish regulations: 411,332
Percentage of youth in state juvenile facilities and large non-state facilities who experienced one or more incidents of sexual victimization in the past 12 months: 12%
Percentage of youth sexually victimized by a corrections staff member: 10.3%
Percentage of former state prisoners reporting one or more incidents of sexual victimization while in jail, prison or post-release community treatment facilities: 9.6%
Percentage of male former state prisoners who identified as homosexual or gay who reported being sexually victimized by another inmate: 39%
Percentage of male bisexual former state prisoners who reported being sexually victimized by another inmate: 34%
Percentage of transgender prisoners reporting being sexually assaulted in prison or jail according to a national survey: 15%
Percentage of black transgender prisoners reporting being sexually assaulted in prison or jail according to a national survey: 34%
Percentage of former state prisoners who experience retaliation in the form of disciplinary charges after reporting sexual victimization by a staff member: 46.3%
Percentage of former state prisoners who reported no facility response at all, after reporting sexual victimization by another prisoner: 37%
Number of states which allow cross-gender pat downs: 30
Number of reported incidents of sexual abuse in immigration detention facilities since 2007: 185
Number of organizations which urged President Obama to instruct the Department of Justice to extend PREA coverage to immigration detention facilities: 38
Number of members of the National Sheriff’s Association, which called on the Department of Justice to extend its PREA regulations to Department of Homeland Security detention centers: 18,000