Twitter has released its second transparency report, which demonstrated a frightening increase in requests for user data by the US government and ignited serious concerns over privacy and free expression.
The list disclosed data requests from over 30 nations, and revealed that the US government was responsible for 815 of the 1,009 information requests in the second half of 2012 – just over 80 percent of all inquiries.
Twenty percent of all US requests were ‘under seal,’ meaning that users were not notified that their information was accessed.
The overall number of requests worldwide also steadily increased last year, rising from 849 in the January to June 2012 period to 1009 in the July to December 2012 period.
Twitter’s legal policy manager Jeremy Kessel blogged that, “it is vital for us (and other Internet services) to be transparent about government requests for user information.”
“These growing inquiries can have a serious chilling effect on free expression – and real privacy implications,” he wrote.
He went on to express hopes that the publication of the transparency data would be helpful in two ways – “to raise public awareness about these invasive requests,” and “to enable policy makers to make more informed decisions.”
The majority of US requests were subpoenas, which comprised 60 percent of government demands for information. Subpoenas usually seek user information such as email addresses affiliated with accounts and IP logs. A user’s whereabouts can generally be located by the IP address they are using.
Twitter complied with US government requests 69 percent of the time, according to the report.
Twitter released its transparency report on January 28, dubbed ‘Data Privacy Day.’ The US National Cyber Security alliance said it founded the day to “empower people to protect their privacy.”
According to Twitter’s report, several other governments made over 10 requests each for personal information, including Brazil, Canada, France, Japan and the UK. Japan ranked the second-highest on the list after the US; however, the US made 753 more demands for information than Japan.
Google released a statement marking the occasion, saying that the company “[doesn’t] want our services to be used in harmful ways,” and that it is “important that laws protect you against overly broad requests for your personal information.”
Earlier this month, France ruled that Twitter must disclose to authorities the identities of people writing anti-Semitic tweets using the hashtags #UnBonJuif [A Good Jew] and #UnJuifMort [A Dead Jew]. The social networking platform will be fined 1,000 euros a day until it complies.
The publication of the survey came shortly after Google published its own transparency report, which showed a similarly disturbing 25 percent rise in data requests from government authorities. The report also revealed that the US had made the most requests for private information to Google of any government: Over 8,438 in the second half of 2012.
UK-based rights group Privacy International later commented that “Google, Facebook and Twitter are highly vulnerable to government intrusion.”
“I am alarmed by the number of government requests and concerned that so many are done with merely a subpoena,” said John Simpson, a consumer advocate with the California-based group Consumer Watchdog. “A warrant should be required.”
- Twitter Transparency Report v2 (twitter.com)
- Twitter: Government user data requests have risen 20 percent (sott.net)
Speak2Tweet: Google & Twitter Partner Up with US State Dept. to Monopolise Information Flow Out of Syria
Amid Internet and telephone network outages in Syria, US-trained opposition activists are using US-supplied satellite phones to contact Google & Twitter’s ‘Speak2Tweet‘ service. Despite these efforts, the service seems so far to be a resounding failure.
Internet and telecommunications networks have been failing across Syria, leading some including Tony Cartalucci to speculate that NATO may be preparing a psychological warfare operation(1) to bolster the flagging unconventional war against Syria.
Recent developments add weight to this theory. There are now reports(2) that Google and Twitter have re-launched their ‘Speak2Tweet’(3) service to ostensibly aid isolated Syrians affected by the communication network outages.
This is reminiscent of Iran’s CIA-sponsored(4) ‘Green Revolution‘ in 2009 wherein Twitter followed White House instructions(5) to delay its scheduled maintenance, in order to provide continued service to Iran’s Green opposition. If this event hinted at Twitter’s possible status as being a CIA tool in this respect, today’s events should leave little doubt.
‘Speak2Tweet‘ is a communication service which allows the user to dial a conventional telephone number and leave a voice message which is then posted to https://twitter.com/speak2tweet where web users can listen. Speak2Tweet was first launched during Egypt’s January 25th ‘revolution’ back in 2011.
At this important time for Google, Hillary Clinton offered an interesting tidbit yesterday. While giving an especially servile, fawning speech at the Saban Center for Middle East Policy’s Opening Gala Dinner in Washington D.C, she quoted Google’s Executive Chairman Eric Schmidt(6) who recently called Israel, “the most important high tech center in the world, after the United States.” I will leave it to the reader to decide whether this suggests a central Israeli role in Google’s recent ventures.
After interviewing Google’s Christine Chen, Al Arabiya tellingly reported:(3) “Although phone connections are also are suspended, some Syrians were able to call and get through.”
This begs the question: if Internet and telecommunications networks have been failing across Syria, how does the opposition manage to communicate using Speak2Tweet, which requires the user to call an international telephone number (using either a mobile telephone or landline)?
US State Department provided Syrian opposition activists with satellite communications equipment and training
Ever since August 2012 Syrian opposition activists have been travelling to Istanbul, Turkey, to receive satellite communications equipment and training from the U.S. State Department.(7) The UK Telegraph reported in August 2012 that the US State Department’s Office of Syrian Opposition Support (OSOS) was overseeing this scheme, with $25 million reportedly being set aside for the project, and a further $5 million coming from Britain.
According to ForeignPolicy.com(8) the activists are all ‘given a satellite phone and computer‘ at the end of their training, and they are expected to return to Syria.
It is important to note at this point that satellite telephony is not affected by Internet and telecommunications network outages, and indeed satellite telephones allow users to call any conventional telephone number. In fact satellite phones are often used in warzones and in areas affected by natural disasters, as terrestrial cell antennas and networks are often damaged and non-operational in such cases.
In view of this it is highly likely as many have posited, that the country-wide communications outages were engineered by the NATO-GCC axis, with a view to allowing the opposition activists to monopolise the information flow using the satellite equipment and training given to them by the U.S. State Department. It should be noted that Google has been involved in training ‘Arab Spring’ opposition activists(9) through its partnership with the US State Department’s Movement.org.
The voice messages that are posted to the service can be listened to online at: https://twitter.com/speak2tweet. After listening to a sample of the messages, at this point in time the service seems to be a resounding failure insofar as the NATO-GCC axis is concerned. Messages range from merely “Allahu Akbar“, to garbled nonsense, and they do nothing to bolster the ongoing propaganda campaign against the Syrian regime. Furthermore, the Speak2Tweet service has most definitely not ‘made waves’ online, with many web users not even being aware of its existence.
Though many of the Speak2Tweet audio messages seem to be coming from people outside Syria, it is eminently clear that the US State Department intended their activist-proxies whom they had trained and supplied with satellite telephones in Istanbul, to be the only people within Syria able to use the service.
As with all aspects of the now struggling NATO-GCC unconventional war against sovereign Syria, this too seems to have been an embarrassing failure and a waste of time and money.
(1) ‘URGENT: NATO Preparing Psy-Op in Syria’ by Tony Cartalucci.
(2) ‘Google reactivates Speak2Tweet for Syrian Internet cutoff’ – CNET.com, November 30, 2012.
(3) ‘Google and Twitter re-launch ‘Speak2Tweet’ to aid isolated Syrians’ – Al Arabiya, Saturday, 01 December 2012.
(4) ‘Color revolution fails in Iran’ by Thierry Meyssan
(5) ‘US confirms it asked Twitter to stay open to help Iran protesters’ – The Guardian, Wednesday 17 June 2009.
(6) ‘Remarks at the Saban Center for Middle East Policy 2012 Saban Forum Opening Gala Dinner’ – U.S. State Department
(7) ‘Britain and US plan a Syrian revolution from an innocuous office block in Istanbul’ – The Telegraph, 26 Aug 2012.
(8) ‘Holding Civil Society Workshops While Syria Burns’ – ForeignPolicy.com, OCTOBER 10, 2012.
(9) ‘Google’s Revolution Factory’ by Tony Cartalucci.
At first blush, it seems obvious that a picture could reveal your location. A picture of you standing in front of the Golden Gate Bridge sensibly leads to the conclusion you’re in the San Francisco Bay Area when the photo was taken. But now that smartphones are quickly supplanting traditional digital cameras, and even traditional cameras now have wifi built in, many more pictures are finding their way onto the web, in places like Twitter, Flickr, Google+ and Tumblr. In a span of 10 days, popular photo social network Instagram added 10 million new users as a result of the release of its Android app and its acquisition by Facebook. And the location data hidden in these quick and candid pictures — even when your location isn’t as obvious as “standing in front of the Golden Gate Bridge” — is becoming another easy way for anyone, including law enforcement, to figure out where you are.
Take the case of “w0rmer,” a member of an Anonymous offshoot called “CabinCr3w,” for example. According to the federal government (PDF), “w0rmer” broke into a number of different law enforcement databases and obtained a wealth of sensitive information. In a Twitter post, “w0rmer” provided a link to a website that contained the sensitive information as well as a picture of a woman (NSFW) posing with a sign taunting the authorities. Because the picture was taken with an iPhone 4, which contains a GPS device built in, the GPS coordinates of where the picture was taken was embedded into the picture’s EXIF metadata. The FBI was able to use the EXIF data to determine that the picture was taken at a house in Wantirna South, Australia.
The FBI tracked down other online references to “w0rmer,” with one website containing the name Higinio Ochoa. The feds took a look at Ochoa’s Facebook account, which detailed that his girlfriend was Australian. Combined with the EXIF metadata, the government believed they had corroborated the identity of “w0rmer” as Ochoa, and in turn arrested him.
Even for photos not taken with a smartphone and not embedded with GPS coordinates (for example, point and shoot or SLR cameras that do not geotag), it’s still possible for the police to get location information through EXIF metadata. You can upload a picture here and see the metadata stored in a picture for yourself. Contained within that metadata is the camera’s serial number. Armed with that information, the police can easily scour the internet for other pictures tagged with the same serial number. In Australia, a man whose camera was stolen was able to track it down using stolencamerafinder.com because the thief had taken a picture with the camera and uploaded it to Flickr, where had had listed his address. But even if the thief’s Flickr site didn’t contain his address, police could have subpoenaed Flickr – like law enforcement have attempted to do with Twitter – for information concerning a user’s temporarily assigned IP address, as well as session times and logs, to eventually determine where a person uploaded a picture from. All of which can be used to piece together a snapshot of not only your movements, but as in the case of “w0rmer,” potentially your identity. In the United States, police are being trained about the broader investigative (PDF) potential of this information.
It might be tempting to say the problem is overblown, because some social media sites, including Facebook and Twitter, strip the metadata out of photos uploaded by their members. But not all do. Twitpic‘s default is to use a picture’s location tag unless you opt out. Flickr gives you the option to hide a photo’s EXIF data, but many casual photographers tempted by the rapid growth of photo sharing may not understand what EXIF data is, and the implication of making it publicly available.
The bigger problem is that courts have been expanding the police’s right to search digital devices without a warrant under the “search incident to arrest” exception of the Fourth Amendment. While many of the cases involve warrantless searches of cell phones, there has been at least one case in California (PDF) where the police used the “search incident to arrest” exception to search a juvenile’s digital camera. And there are other reported incidents of photojournalists having their cameras confiscated and searched when covering political protests and rallies. If the cops have the physical camera (and thus the memory cards that store the photos), whatever scrubbing that happens when a photo is uploaded to the web is no obstacle.
So if you value your privacy, you should take steps to ensure the EXIF metadata in your pictures isn’t an easy way for anyone on the Internet to figure out your location. If you’re using a smartphone to take pictures, disable geotagging from your pictures. If you’re uploading your pictures to a website like Flickr or Twitpic that defaults to automatically include EXIF data and location information, take the steps to turn it off. And if you’re using a traditional SLR or point and shoot camera that doesn’t geotag, but does contain a breadth of EXIF data, the make sure you scrub its metadata before you upload it on the Internet. There are free online tools that will help you do precisely that. These simple steps will help ensure that the thousand words a picture describes doesn’t include your location.
- Anonymous Hackers Not Smart On Anonymity, Feds Say (promoteliberty.wordpress.com)
- Anonymous Hackers Not Smart On Anonymity, Feds Say (informationweek.com)