Social Media Surveillance and Repression
Previously undisclosed government documents obtained by the Electronic Frontier Foundation through Freedom of Information Act (FIOA) lawsuits give hard evidence to previous reports that various spy agencies including the FBI, CIA, and others under the Department of Homeland Security (DHS) are using social media sites like facebook, myspace, twitter, youtube, etc. to gather “evidence” of criminality against suspects. One FIOA obtained internal document from the Justice Department trains FBI agents how to snoop for pictures, postings, videos, etc on social media sites. Investigators sometimes create false identity accounts on the social media sites in order to “friend” the suspect, or “friend” any number of individuals who the suspect is “friends” with in order to gain information that can be used for evidence and conviction. For example, Maxi Sopo, wanted by the feds for bank fraud, was discovered to be in Mexico and then later extradited to the US, after agents read such evidence on the public and private facebook pages of his friends. Information gathered from social media sites are shared with other law enforcement agencies in local, state or federal areas and databases.
Another FIOA obtained internal report from DHS’ Citizenship and Immigration Services (CIS) teaches similar instructions to its agents in order to uncover suspected immigration fraud. While not having been charged with any crime and without a warrant or court order, the personal lives of suspects and acquaintances are inspected by agents via social media with the intent, for example, to reveal fake marriages and/or financial fraud made in order to obtain legal immigration status.
With the majority of Americans struggling with large debt, the huge industry of debt collection has turned to social media to force payment. For example, Melanie Beacham defaulted on her car loans. The debt collector MarkOne Financial harassed her family and friends via phone and facebook to induce payment after obtaining the contact information on them from facebook. She is now suing the collection agency for surveillance and harassment via social media, with the intent to set a legal precedent to impede such actions in the future.
Former Animal Liberation Front (ALF) activist, present spokesperson for Earth Liberation Front (ELF), founder and writer of Earth First! zine, and member of the Sea Shepherd Conservation Society, Rod Coronado was in August 2010 sentenced to four months in Michigan federal prison for violating parole terms from his previous federal conviction in Arizona for trying to peacefully disrupt a mountain lion hunt. The first parole violation he is convicted of is the association term: Coronado “friended” Earth First! co-founder and former Greenpeace USA Director Mike Roselle on facebook. This electronic association was deemed criminal (despite or because of Coronado and Roselle having been real friends already for years), and the distinction between electronic and face-to-face association was deemed inapplicable. Coronado’s parole terms stated he could not associate with anyone (not limited to ALF, ELF, etc) who had a history of violence, or who advocated violence. The second parole violation conviction is unauthorized and unmonitored computer usage, as Coronado could not “personally, or through third parties, access, own, use or possess any type of computers, computer-related devices, or forms of wireless communication without advance written approval”. Evidence was easily obtained because his computer, all e-devices, and other communications were reviewed by the FBI. Based on the precedent of this conviction, any other parolee could be criminally sentenced for similar social media associations. This has wide implications for all activists in the US, especially those using direct action, and definitely points to a key strategy of the surveillance state to implicate suspects through guilt by association.
In another key case against ALF members, an FBI affidavit from October 2009 was released in April 2010 chronicling the FBI and the Joint Terrorism Task Force counterterrorism investigations into alleged participants in a 2004 ALF break-in at the Spence Laboratories at the University of Iowa (UoI). Scott DeMuth was charged under the Animal Enterprise Terrorism Act (AETA) and Carrie Feldman was subjected to extensive grand jury harassment and imprisonment (Read elsewhere for more details). The FBI gathered “evidence” against both suspects from social media sites: the FBI used DeMuth’s facebook, livejournal and myspace to identify him with his interests in animal rights, anarchy and ecological “extremist” groups; the FBI used a myspace photo of Feldman posing with a white rat on her shoulder as evidence of her participation in the UoI ALF break-in; the FBI used a confidential informant to identify in a youtube video both suspects as actors supposedly dressed as black block activists. The (spoof) video was made prior to the RNC protests in the Twin Cities, and was given as evidence of the suspects’ “anarchist” politics and “criminality”. Based upon this and other “evidence”, DeMuth has made a plea deal in September to avoid larger charges in the UoI case and was convicted of one count of misdemeanor conspiracy to commit animal enterprise terrorism under the AETA for his role in the April 2006 ALF raid on industrial ferret farm in Minnesota.
In September 2010, Pennsylvania’s office of Homeland Security (OHS) was exposed by the press as having spied, documented, and harassed numerous peaceful protest groups through social media sites, infiltrators, posers and other means. The OHS was gathering data without probable cause and without warrants, and shared it with local and state police forces as well as the database run by the for-profit Institute for Terrorism Research and Response (ITRR). This organization, as well as OHS, in turn supplied the ”intelligence” to more than 2000 contacts in private businesses like Hershey, Bayer, Tyco, etc. in order to help protect their profits and interests against the actions of protestors.
On December 14, 2010, the Department of Justice (DOJ) through the Virginia federal district court issued an order to Twitter for all requested information and records from the twitter accounts associated with wikileaks including wikileaks, ioerror (Jacob Appelbaum), rop_g (Rop Gongrijp), birgittaj (Birgitta Jonsdottir), (no twitter name given) Julian Assange, (no twitter name given) Bradley Manning from the period of Nov 2009 to the present. Requested info includes all user name identities, all addresses either residential or electronic, connections records of each twitter activity, all IP addresses, telephone or other connection info used in each activity, credit card and all banking details, any files or links sent or received. The order also forces Twitter to turn over all user activities that are made to or from each account – meaning all information of any user who sent a tweet or other twitter service to the suspect accounts, and all user accounts which the suspects communicated with. Requested information could even also include other individual’s activities (regardless of whether they logged-in to twitter) such as going to or clicking on anything on the suspects’ twitter pages, and being listed as a follower of the suspects’ twitter pages. These records and info are requested as being ‘relevant and material to an ongoing criminal investigation’. This order was originally made secret by the judge meaning that each individual named did not know their information was subpoenaed by the feds. On Jan. 5, the judge unsealed the order on the request of Twitter, thereby allowing the company to notify the targeted users. Twitter has a policy of notifying its users when their records are seized, if the company is not gagged by a secrecy order. Now these individuals have 10 days from the unsealing date to file legal objections. It is not clear whether Twitter has already handed over all the requested info, as they were originally given 3 days to respond from the Dec 14 order. Birgitta Jonsdottir is a MP in Iceland’s parliament, as well as in the NATO parliamentary assembly and has said she will fight with all legal means possible the DOJ order. ‘Rop Gongrijp’ actually spelled Rop Gonggri is a former wikileaks volunteer who, along with Assange and Jonsdottir, are credited for production of the infamous ‘collateral murder’ video. He, as well as Assange and wikileaks will also make legal challenges. It can be easy assumed that all the other social media sites these individuals use have also been served with DOJ subpoenas/orders, but at this point those other organizations have kept such info secret.
Surveillance and Control
All passengers, whether citizens or visitors, arriving into the US from international flights can be without a warrant and without just cause physically searched and any of their possessions confiscated by US Customs and Border Protection (CBP). Security researcher/programmer who works on the Tor privacy project, sometimes Wikileaks spokesperson, and US citizen Jacob Appelbaum was detained, questioned, and searched in July 2010 by ICE, FBI and Army officers at the Newark, New Jersey airport after flying in from Holland. His papers were copied, three mobile phones confiscated, and his laptop was initially confiscated but then returned later. During the three-hour interrogation, Appelbaum’s views on American wars as well as information on wikileaks were requested. On January 10, 2011 several days after it was reported in the media that information from wikileaks’ and volunteers’ twitter accounts have been requested by the DOJ, Appelbaum flew into Seattle Tacoma airport from Iceland. On Jan. 12 and 13, Appelbaum tweeted numerous messages relaying his experience of being searched and questioned by CBP. Appelbaum did not travel with any e-device or other paper documentation except a USB drive encoded with the American bill of rights, which the CBP forensic specialist could not access for lack of technical skills. Appelbaum’s checked baggage was also searched, and he was denied access to his ACLU lawyer. In a comparison of his experiences in questioning, Appelbaum reveals that the CBP actively uses intimidation and threats of bodily harm to elicit desired information: “The CBP agents in Seattle were nicer than ones in Newark. None of them implied I would be raped in prison for the rest of my life this time.” On January 16, Appelbaum flew to Toronto to attend a research ethics conference, and returned to Seattle on January 19. At Canadian departure, he was detained for 20 minutes by “pre-customs clearance CBP”, who read the bill of rights file on his USB stick, made phone calls, and searched on the internet about him (activities which he saw take place). Appelbaum has been told by CBP that he will be questioned and searched every time he enters the US from an international destination.
In early November 2010, US citizen David House, friend of suspected imprisoned wikileaks source Pfc. Bradley Manning and founder of the Manning Support Network, was detained at Chicago airport. FBI agents questioned him about wikileaks and confiscated his laptop, USB drive and digital camera. House refused to give up his encryption keys for these devices as was requested by the FBI. Through the ACLU, House filed a complaint against the government, thereby winning the return of his property after seven weeks.
In late November, hacker Moxie Marlinspike was detained by CBP at NY airport, questioned for 4.5 hours and had his laptop and two mobile phones seized, but he refused to give up the encryption keys. Marlinspike has previously had his paypal account frozen. He has been also been put on the “Secure Flight” watch list program of the DHS which severely impedes his right to freedom of movement. In another incident, Marlinspike was questioned by US Consulate agents at the Frankfurt airport. The Obama administration has aggressively used the CBP authority to search, copy and confiscate any electronic equipment, processes which cannot be stopped by the detained individual and only slightly ameliorated if the devices are encrypted and can withstand a serious decryption attack. Check the EFF’s useful guide to protecting your data and e-devices for travel in/out of the US: https://www.eff.org/deeplinks/2010/11/effs-guide-protecting-devices-data-border
Researcher blogger Christopher Soghoian received through a FOIA request an internal powerpoint presentation from the Justice Department concerning how law enforcement agencies track in real-time surveillance a given suspect’s credit card transactions, mobile phone records, calling cards, emails, gps locations, rental car and airline reservations as well as retail shopping accounts. The report shows that law enforcement routinely apply for and receive administrative subpoena “hotwatch” orders issued pursuant to the All Writs Act. There is no congressional or judicial oversight of such spying, and it is unknown how often these hotwatch surveillance orders are carried out. Furthermore, these agents often ask a judge to issue non-disclosure orders legally preventing companies from notifying their customers that the government has accessed their personal private records, transactions and data in surveillance operations.
DHS has instituted in December 2010 the nationwide surveillance campaign “If you see something, say something” that includes in full application 588 Walmart stores in 27 states, the Mall of America chain, American Hotel and Lodging Association, Amtrak, sporting arenas, and various city wide transit authorities. The program encourages everyday people to spy on each other by reporting “suspicious” activities and possible “terrorist” threats to local, state or national authorities. Homeland Security Secretary Janet Napolitano made a special short video explaining the program, which is shown on continuous loop at Walmart checkout lines equipped with video screens. Walmart has also issued adverts to shoppers about the surveillance program over its in-store intercom system during store hours.
The California Supreme Court has just ruled in January 2011 that police can without a warrant confiscate an arrested person’s mobile phone and search and obtain all information on the device. This ruling has broad implications for surveillance on smart phones, tablets and other hand-held devices as the extensive personal data contained can be used against the individual later in a criminal court case. This ruling is now presently valid in California, but apparently will be appealed by the lawyers of Gregory Diaz to the US Supreme Court on the grounds of violating his fourth amendment’s protection against unreasonable search and seizure.
Music Industry and Copyright
In 2007, EMI, one of the four largest music industry labels, sued the website MP3Tunes and its founder Michael Robertson for willful copyright infringement under regulations of the 1998 Digital Millennium Copyright Act (DCMA). Mp3tunes.com allows users to store their personal purchased music collections on the website “locker”/“cloud” service, and then stream those files from any computer or mobile device, thus providing a sync. The parent website sideload.com allows users to find music on other sites and put those files in their locker. EMI claims that both websites are criminally liable when users “illegally” store purchased music or videos that are copyrighted by the label. On the other hand, mp3tunes claims that the DMCA’s “safe harbor” provisions shield the provider from liability as long as they quickly remove infringing content upon notification. Previous court cases have ruled that it is left to the copyright holder to notify services harboring “illegally” copyrighted material to request its removal through a “takedown notice”. The “safe harbor” provision protecting companies like google, youtube, facebook etc from being shut down over copyright infringement instigated by user’s behaviors was reaffirmed in the federal court ruling in June striking down Viacom’s $1 billion suit against youtube/google. While EMI wants to make it illegal when you stream copyrighted music you purchased from a cloud server where there is also the possibility others can access the content, EMI in turn has partnered with companies like walmart, amazon, myspace, facebook, mtv, etc to make available for free their most popular songs in the hope that songs would go viral thereby increasing the fame of the artists and the profits of the labels. This court case has wide ranging consequences for other music sites like soundcloud concerning the safe harbor provision, and more generally for many types of cloud computing and data storage applications.
In 2007 multiple major record labels sued the defendant Jammie Thomas-Rasset for illegally downloading 24 music tracks and then sharing them through p2p networks in violation of the labels’ copyrights. After rejecting both threats and then a settlement offer from the Recording Industry Association of America (RIAA), she was subjected to three civil jury trials. The most recent November jury verdict found the defendant liable to the record labels for statutory damages of $1.5 million or $62,500 per track.
In another RIAA instigated witch hunt court case, the US Supreme Court rejected to hear an appeal from the defendant Whitney Harper, who was ordered by a Texas appeals court to pay $27,750 to the RIAA for illegal file sharing 37 tracks. The appeals court rejected the argument that Harper was an “innocent infringer” due to her age and statements that she did not know about the copyright because the files did not carry copyright notices. The RIAA has sued approximately 20,000 individuals for copyright infringement in which the Copyright Act recommends a minimum $750 fine per song violation.
In a completely pointless show of “force”, the DHS and Immigration and Customs Enforcement (ICE) launched in November “Operation in our sites v. 2.0” that shut down domain names of 82 websites selling counterfeit goods, or reproducing or distributing copyrighted material likes music, movies, etc without permission. Many of the closed sites were not given notice, nor given an opportunity to challenge the shutdowns by some legal means. Clearly, most of the sites are online again at different domain names.
Concurrently, the Senate Judiciary Committee has approved the “Combating Online Infringements and Counterfeits Act” (COICA), which would invest the US Attorney General with the power to shut down websites if copyright infringement is deemed to be central to the activity of the site. No crime needs to be proven to have been committed, nor do the sites need to be shown to host illegal content. Links to “illegal” content would be enough “infringement” to lead to the shut down of any peer-to-peer file sharing site or sites that explicitly reject copyright laws. Thus, the music industry is lobbying hard for the House and Senate to vote and pass the bill.
Ostensibly targeting the institution of the corporate mega-rave in California, Democratic Assemblywoman Fiona Ma has proposed the “Anti-Raves Act of 2011” (AB 74). If passed, the bill would make “any person who conducts a public event at night that includes prerecorded music and lasts more than 3.5 hours” a misdemeanor criminal punishable with at least a $10,000 fine. The term “public event” excludes organizers who have a business license to throw the event. What constitutes a “private event” is not defined. One interpretation of the term “private event” held on private property suggests that the individual(s) would still need a business license, while another interpretation states that “private events” are excluded from the law. To drum up support for the bill, Ma no doubt can reference any number of splashy, sensationalist media reports on LA mega-raves including last summer’s “electric daisy carnival” 160,000 person rave at which a 15-year-old died of an ecstasy overdose, and over 200 medical emergencies were reported. Rick Caruso, public commissioner who oversees the LA Coliseum and Sports Arena, instituted new rules that everyone must be 18 and have their IDs scanned, which obviously didn’t happen at the Jan. 2011 “Together as One” rave with 45,600 people at the venue. The anti-raves act is in the works with the sponsor seeking “input” from “stakeholders” (ie. ravers, venue owners, etc) to fix the language of the bill and pursue passage sometime this year. This proposed bill has wide implications for crews throwing underground parties, and if passed would be an easy way for the cops to bust soundsystems.
Compiled by Nemeton