Slashdot Mirror

← Back to Stories (view on slashdot.org)

Plans For Widespread Monitoring of Communication In Europe Revealed

Posted by ryuzaki0 on from the 1984-slowly-becoming-life-manual dept.

TrueSatan writes "A leak from the Clean IT project reveals how it has been subverted from its original, much more innocuous, goals into a surveillance horror story with democratic freedoms and personal rights being the victims." The leaked document in question. Gems include member states repealing anti-filtering laws and a mandate that ISPs be held liable for not reporting terrorist use of their networks. The Clean IT Project counters that there's nothing to see here (amazingly, through a series of tweets with a journalist).

23 of 166 comments (clear)

  1. The Only People Who Benefit From This by GeneralTurgidson · · Score: 4, Insightful

    Are consultants and hardware manufacturers. The government has no idea what to do with this information, and its going to spend an enormous amount of money for what will end up being a data vault that is locked away because its too big of a failure to admit they were wrong in the first place to attempt this.

    1. Re:The Only People Who Benefit From This by Charliemopps · · Score: 5, Insightful

      And then the wrong person gets elected to office and this vault becomes your living nightmare. The problem with this sort of data collection isn't the benevolent intent of the present, it's the malevolent intent of the future.

    2. Re:The Only People Who Benefit From This by girlintraining · · Score: 4, Insightful

      They could always use it to source new episodes of CSI. "Zoom in on that packet! Right there, between the 1 and the 0 -- enhance that. We found the killer's digital fingerprint inside this captured packet. Gear up, let's go get this dirtbag!" Kidding aside, you're right but only to a point. There are few people who would deny that the Allied power's interception and decryption of the Axis' communications during WWII was invaluable in helping win the war. What isn't known is that many of those communiques still haven't been read. Even back then, the amount of information intelligence services had to sort through was enormous.

      The problem in the intelligence community today is not finding new ways of getting the data -- in fact, the technology to do that has been installed in every telco switch and every internet access point since not long after AT&T started replacing phone operators with banks of programmable relays. The effort required to get the data is trivial. The amount of resources required to store the data is less trivial, but we already have massive data centers sitting in remote parts of the United States doing nothing but storing said information for various law enforcement agencies -- not that they're hard to find, just look for images that have been cut and pasted from other locations on satellite imagery, if they bother to hide them at all.

      However, making use of that information has always been problematic -- and most intelligence failures, including 9/11, Pearl Harbor, Oklahoma city, and a very long list of military intelligence SNAFUs in this country can trace their origins to the lack of analysis of the data. Converting raw digital data into actionable intelligence still requires a lot of man power. A substantial portion of the NSA, FBI, and CIA's budget is dedicated towards the very simple task of translating. As in, converting say, islamic into english. A more substantial portion is dedicated to people analyzing those translations, sorting through the massive amount of information, and compiling it into situation reports, which are then either posted internally to wiki-like data stores, or forwarded up the chain of command and assembled into briefings where management decides if its actionable. Only a small portion of their budget is dedicated to capturing and storing data -- and yes, that also includes all the birds they have orbiting.

      Analysis of available information has always been the achilles heel of intelligence services. I doubt even 0.1% of the information stored in all those data centers is ever used. The rest just sits there, gathering dust, on the off-chance that someday, an analyst will push a button labelled "Tell me everything about X", and the drive with that information on it will spin up and spit it out into a report.

      --
      #fuckbeta #iamslashdot #dicemustdie
    3. Re:The Only People Who Benefit From This by Anonymous Coward · · Score: 5, Insightful

      The government has no idea what to do with this information

      I keep on hearing this from posters here on Slashdot and elsewhere in the blogosphere or anywhere there is commentary on the subject.

      "the data is going to be too big, to do anything useful with it" is a very common meme.

      But this is so far from the truth. Just look at what Google has done with the disparate information on the net. In a sea of data it is very easy to find identifiable information of individuals from very little.

      I started playing the "who is this guy emailing me, really" game after dealing with a bunch of "Craigslist Flakes". As a simple example: Just looking at X-Originating-IP in an email combined with Google can reveal a great deal of personal information about the sender.

      The editors of Slashdot can even try to extrapolate data on me right now. Submissions I've posted, pages I've visited. They can look for my ip somewhere else on the net and try to associate it with a name. It's not an exact science since they are only going by my IP and it sometimes changes. But as with all things, that can be worked out. To Slashdot I am not really an Anonymous Coward.

      The data collected by the government will be easily searched/correlated/whatever when they need it to be. It's not going to be too big.

    4. Re:The Only People Who Benefit From This by Animats · · Score: 4, Informative

      The problem in the intelligence community today is not finding new ways of getting the data -- in fact, the technology to do that has been installed in every telco switch and every internet access point since not long after AT&T started replacing phone operators with banks of programmable relays. The effort required to get the data is trivial.

      Big-time wiretapping never went into US electromechanical phone switches. I had to look into this once. Until switches went digital, wiretapping was a huge pain for law enforcement. Court-ordered wiretaps required manual wiring at the distributing frame. New York Telephone billed law enforcement for wiretaps at leased line rates. When Guliani was a prosecutor going after the Mafia, they had serious budget problems paying for wiretaps. On one occasion, the FBI didn't pay their bill, and New York Telephone billed the party being wiretapped. That was one of the motivations for CALEA.

      There was a very limited capability to listen in remotely by using the Automatic Line Insulation Test equipment. That equipment normally cycled through lines in the pre-dawn hours, when cables are damp, applying test voltages across the line and between line and ground. (This is the cause of the early morning "bell tap" problem with some low-end phones.) ALIT could be used remotely to test or listen in on a line. But an ALIT unit in the crossbar era was three racks of test gear, and a crossbar central office would typically only have two of them for 50,000 lines. Sometimes telcos would let the FBI use one for a while, but tying it up for any length of time interfered with operations. So dial-up wiretapping was strictly for emergencies.

      Now we have wiretapping designed into everything.

  2. Re:Just use encryption. by Yvanhoe · · Score: 5, Insightful

    The next step is to ban it. Do not wait until it is too late to show your disagreement.

    --
    The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
  3. Re:Just use encryption. by FoolishOwl · · Score: 4, Informative

    Then they don't "meaningfully" ban encryption. They just use it as an excuse to harass, arrest, and interrogate people they don't like.

  4. yet another slippery slope by kermidge · · Score: 4, Insightful

    I made a real try at reading the doc in a dispassionate, scholarly fashion, but couldn't make it past page ten: I kept seeing in mind's eye the substitution of other words for "terrorist," leading to "anybody we don't like" and ending with "everyone except us." Knowing that this and the many similar plans would have been a Stasi wet-dream didn't help.

  5. Re:Just use encryption. by penix1 · · Score: 4, Insightful

    No, it would be more like you are guilty of whatever they are accusing you of BECAUSE you used encryption. Why would you encrypt it in the first place if you didn't have something to hide?

    --
    This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
  6. Re:Just use encryption. by ThatsMyNick · · Score: 4, Insightful

    They can still track who you talk to, who your friends are, what websites you visit, who you call (assuming your calls encrypted, if not what you talk).
     
    Encryption hardly solves the problem.

  7. Just Ban Encryption - Has Already Started by Crypto+Gnome · · Score: 5, Informative

    An article from March 19, 2012 shows that The Ban On Encryption is already a Work In Progress.

    --
    Visit CryptoGnome in his home.
    1. Re:Just Ban Encryption - Has Already Started by Impy+the+Impiuos+Imp · · Score: 4, Insightful

      Don't forget about pumping the omnipresent cameras into facial recognition software, and dumping it all into tracking databases. This on top of character recognition tracking license plates.

      Oh, you're gonna get Godwinned. Hitler, Napoleon, Genghis Khan, these all approve.

      --
      (-1: Post disagrees with my already-settled worldview) is not a valid mod option.
  8. Bill of rights constitudion or whatever by EmperorOfCanada · · Score: 4, Interesting

    The various groups such as the police, moral majorities, or whomever will keep badgering the politicians for these types of laws to "protect the children" or "protect our rights" but in reality these laws are all of the type: music leads to dancing which leads to the unspeakable. The only thing to finally put a stop to them is to enshrine privacy rights in whatever constitutions, bills of rights or whatever structure has the final common sense say in any modern legal system. A well written code should last for decades as it should not be technology specific just information specific. It should spell out what data the government can gather without a warrant. It should also spell out that corporations can only gather the information required for billing customers who have agreed to be billed. Any other information gathering should be a civil rights violation. So if the police record license plates as you drive by then boom they are busted. Or if we get some cool medical implants that record stuff and the hospital gathers it and passes it on to a drug company or insurance company then busted.

    Personally I would even like to see my grocery store stopped from gathering my shopping habits. Basically tally my total charge me and then forget that I was there. I want it so that the police aren't even allowed to ask for data from a company's computer unless they have a warrant. Not even a peek.

    If these things aren't stopped now then the new normal will be a government and corporations who will be able to know way too much about you. A grocery store that pulls up your phone IMEI and asks the phone company who you are. Then asks to see what sites you have been surfing to see what they can sell you. What is stopping the phone company and your ISP from selling this data?

    I can see a 13 year old boy called into the principal's office and expelled because of the "disgusting" sites they were surfing at home the night before. If the ISP were owned by some bible thumper what law is stopping them from handing this data to anyone? Right now as long as you put it into the terms of service where we all blindly click "I agree" the company should be pretty safe. Also those terms of service almost always blah blah about sharing with 3rd parties.

    My guess as to the main reason that this isn't done more is that most people don't have the skills to properly mix and match such different data sets. Plus some companies might be reluctant to really piss of their customers. But when any of these companies are on the ropes financially they will make any deal with any devil that comes along.

  9. freedom lost by reovirus1 · · Score: 5, Insightful

    If they hated us for our freedoms, we must be pretty well liked by now.

  10. Eu is appointed not elected by Anonymous Coward · · Score: 5, Interesting

    The wrong people are already in charge. EU Commission is appointed, not elected, They don't take their direction from EU voters, they take their direction, mostly it seems from non-EU governments and lobbyists. ACTA was the rule not the exception.

    I'm amazed they're using terrorism, the copyright lobbyists suggested CP as their primary weapon. Give us copyright filtering or you diddle kiddies:

    See this article:
    http://boingboing.net/2010/04/28/music-industry-spoke.html

    "Child pornography is great," the speaker at the podium declared enthusiastically. "It is great because politicians understand child pornography. By playing that card, we can get them to act, and start blocking sites. And once they have done that, we can get them to start blocking file sharing sites".

    The venue was a seminar organized by the American Chamber of Commerce in Stockholm on May 27, 2007, under the title "Sweden -- A Safe Haven for Pirates?". The speaker was Johan Schlüter from the Danish Anti-Piracy Group, a lobby organization for the music and film industry associations, like IFPI and others...

    "One day we will have a giant filter that we develop in close cooperation with IFPI and MPA. We continuously monitor the child porn on the net, to show the politicians that filtering works. Child porn is an issue they understand," Johan Schlüter said with a grin, his whole being radiating pride and enthusiasm from the podium.

    1. Re:Eu is appointed not elected by lordholm · · Score: 5, Informative

      The EU commission is not DIRECTLY elected, but neither is any other government in Europe. With the exceptions of a few presidents (most being powerless and appointed) no head of state/government is directly elected in Europe. De-facto, most governments are picked from parliament, though this is not a legal requirement in most states. The commission is in fact elected by parliament, although it is also at the same time appointed by the memberstates' governments. In most states in Europe, the prime minister is appointed (in some cases by the king/queen/president and in other cases by the speaker of parliament who is appointed in some other way), and then elected by parliament. This is actually not that much different. Although, it would clearly be better if the commission is taken from parliament from a democratic standpoint, some states does not seem to like the idea that much. But things are changing for the better.

      Following the Lisbon treaty, the Commission president will be selected from the candidates fielded by the European parties starting with the next EP-elections in 2014. In addition to this, the future group (consisting of some of the EU foreign ministers) have also fielded the idea that the commission should be selected by the commission president and subject to the normal parliamentary scrutiny of a memberstate government (and presumably with a requirement to have one commissioner from each memberstate).

      --
      "Civis Europaeus sum!"
  11. Re:All paid for by... by Z34107 · · Score: 5, Interesting

    I find it ironic that the states who want to fine Google for Street View and recording stray broadcasts are preparing to DPI the entire internet.

    Yes, I said "ironic." Come at me, pedants.

    --
    DATABASE WOW WOW
  12. Re:Just use encryption. by Anonymous Coward · · Score: 4, Interesting

    You should read about onion routing. Tor is one solution to this problem. It makes it impossible for outside parties to know with whom you communicated. The US Navy thought it would be a cool thing to aid dissenters in oppressive third world countries, not realizing it would also aid dissenters in oppressive first world countries.

    http://en.wikipedia.org/wiki/Tor_(anonymity_network)

  13. Re:Just use encryption. by Artifakt · · Score: 4, Interesting

    Onion routing and similar by the big dogs relies on there being lots of other users of such systems. If only a few Western government sponsored spies were using a Tor-like system in a place such as Iran, then the local authorities would be willing to devote a lot of their resources to trying to catch those few people. Devoting those same sort of resources to catching 10,000 people who turn out to be just trying to get locally illegal porn or pirate music to maybe get one spy OTOH is terribly wasteful. The Iranian government does not want to spend that many resources on prosecuting very minor crimes by the thousands or even millions just to get an occasional real spy, just like the United States would not want to conduct house to house searches of the entirity of New York City to catch one bank robber, or set up constantly relocating roadside stops every five miles all over every interstate highway and stop all commercial truck traffic, just to nab the occasional drunk.
          The problem here is, the Intelligence agencies that developed Onion routing knew there had to be a lot of trivially illegal, semi-legal and fully legal traffic to hide their uses, and in some cases, they actually spread information to aid that civilian development (as in your example of the US Navy). So, either laws against these systems will not pass because the government people proposing them will be called aside to explain why they shouldn't, or the laws will pass, but all the international Intelligence players will know those countries that passed them have switched to something else and hope to make it harder for the lagging countries to continue to use these methods by encouraging international adoption. Put more simply, if a law against onion routing software was actually passed in the US, it would prove the CIA, etc. were no longer relying on onion routing software, and everybody else's intelligence depts. would know this. But frequently proposing such laws only to have them come to nothing, leaves other people's agencies wondering just what the hell they are dealing with.

    --
    Who is John Cabal?
  14. Re:Just use encryption. by gizmonic · · Score: 4, Insightful

    The problem with that here in the USA is that people are completely clueless about their rights. The Fifth Amendment is there to protect the innocent from over zealous prosecution. The second someone on a jury buys the "why use it if you have nothing to hide" argument, they've essentially bought into the defendant being guilty and needing to prove innocence. Unfortunately, most of them can't think a thought deeper than the last 30 second commercial they saw, so good luck getting them to comprehend something with that level of importance.

    --
    WWJD?
    JWRTFM!
  15. Pirates and Terrorists by fearofcarpet · · Score: 5, Insightful

    Some day I am going to have to explain to my son how we managed to defeat a genocidal megalomaniac bend on world domination, narrowly avoid nuclear annihilation, and rebuild an entire continent in the 20th Century, but that in the 21st Century somehow pirates and terrorists are the biggest threat to Western Civilization. But my biggest fear is that he is growing up in a world where the bar for personal privacy, security, and liberty has been set alarmingly low.

    Those of us who experienced privacy in the pre-WWW, pre-datamining era--the before time, the long-long-ago--still have a viscerally negative reaction when we learn about how Company X is collecting information on us in some new-and-intrusive way. Even when it's to protect us from pirates and terrorists, we at least object to it even though we have, thus far, just rolled over, muttering under our breath as a glorified hall monitor looks at pictures of our naked bodies before we are allowed to board an airplane. And we still get angry when we find out that a government is spying on us and listening in to our conversations--digitally encoded or otherwise.

    People born after 2000 will have no memory of a smart-phone-free world by the time they are of voting age. They won't find it unsettling that you have to enter a credit card number before you can log into your iThing or that their toaster needs to know their birth date. Let's just hope that the elderly continue to have a disproportionate influence in electoral politics--at least until I die.

    --
    Actually, I wrote my thesis on life experience.
  16. Re:Just use encryption. by romiz · · Score: 4, Informative

    It is legal to encrypt anything in France since 1996 for 128-bit symmetrical keys, and for any key since 2004. While the law was valid for a long time, I do not have knowledge of any prosecution on that basis.

  17. Re:Just use encryption. by vincefn · · Score: 5, Informative

    You mean, just like it is in France? Where using encryption to encode your mail is considered criminal?????

    Nice trolling: encryption is perfectly legal in France. The French chapter of the Free Software Foundation even took care of getting an official approval for encryption tools like GnuPG and OpenSSL. See http://fsffrance.org/dcssi/dcssi.fr.html#dossiers (link in French)

    And for a governmental source, look at the ssi.gouv.fr website, specifically on:
    http://www.ssi.gouv.fr/fr/reglementation-ssi/cryptologie/index.html (link in French)
    first paragraph states:"Under article 30 of Law 2004-575 of June 21st, 2004 on confidence in the digital economy, the use of cryptology is free in France."