Category Archives: Agencies

Agencies description goes here

Stop CISA to Stop Cyber Spying

Image By: lizzardo

CISA or the Cybersecurity Information Sharing Act of 2015 has not been passed yet. It could be up for a vote as early as next week but it appears that it might be delayed until fall.  President Obama has made no promises to veto this bill. The Electronic Frontier Foundation (EFF) believes that grassroots activism can kill this bill like it has other bad cybersecurity legislation in the past.

So, what is CISA? The Cybersecurity Information Sharing Act of 2015 was  intended to balance security and privacy. Senate Intelligence Committee Chairman Senator Richard Burr said that fifteen new amendments to the bill were designed to protect internet users’ personal information while enabling new ways for companies and federal agencies to coordinate responses to cyber attacks, according to a Wired article from January.

Critics of the bill argue that the bill does nothing to boost security and does nothing to prevent major cyber attacks that endanger the privacy of individuals. EFF argues that the bill encourages companies to share private information with the government and gives them sweeping liability protection when they do so.

“CISA is fundamentally flawed because of its broad immunity clauses for companies, vague definitions, and aggressive spying powers,” says the EFF Week of Action page, “Combined, they make the bill a surveillance bill in disguise. The bill may even make things worse for Internet users in several ways. That’s why we’re launching a week of action to make sure Congress is getting the message loud and clear:  CISA must not pass.”

Organizations that have joined with EFF for Week of Action include the American Civil Liberties Union, the American Library Association, The Constitution Project, and Freedom of the Press Foundation. EFF has a list of organizations that will be participating in the Week of Action and will update it as new organizations join the fight to #StopCISA.

Cyber breach of IRS records

Image By: Sean MacEntee

CNN has reported that the major cyber breach of IRS records that happened recently originated in Russia.  According to the CNN news report over 100,000 people had their tax returns stolen, but just how big of a breach actually occurred hasn’t been determined yet as the IRS’ Criminal Investigation Unit and the Treasury Inspector General for Tax Administration are still conducting their investigation.

On Thursday, May 28 the FBI also opened their own investigation, and the Homeland Security Department was alerted. None of these agencies are discussing their ongoing investigations with the publci. Essentially, what is known is that the Russians have infiltrated the computer systems in both the White House and the State Department. This isn’t the first time that taxpayer data has been released. Taxpayer’s data security has actually been a problem for many years now (since 1997 according to the testimony about IRS Systems Security given before the Committee on Governmental Affairs at the U.S. Senate on Thursday, April 10, 1997). In fact, the IRS even goes so far as to call this their “number one problem.” With this breach, lawmakers on Capitol Hill began demanding answers.

As Rep. Peter Roskam said, “It’s a problem, no matter where it’s coming from.” However, the IRS isn’t alone when it comes to security breaches. Recently, millions of customers at Target, as well as Anthem Blue Cross, Blue Shield have also had their data compromised. Even Turbo Tax temporarily halted their service because of fraud. So, in today’s day and age, it is more important than ever to keep an eye on our private information. There are even some people who claim that things will get worse before getting better.

Regardless of whether the IRS contacted you or not, it is a good idea to sign up for a credit monitoring service. If you are one of the more than 100,000 households that were affected, the IRS will offer you these services for free. This is a significant step to engage in because this stolen information is oftentimes used to open credit card accounts on which the criminals rack up a lot of fraudulent charges. It is important to understand that even this doesn’t give you a full protection but it does provide for some against criminals who are trying to open new lines of credit in your name.

Stand Against Spying- A Coalition Seeking to Stop Government Mass Spy Programs

By: Alan Cleaver

A coalition of organizations from across the political spectrum has joined forces to fight mass surveillance by the National Security Agency (NSA). The group has launched a website called “Stand Against Spying” and has become a watchdog of Congress. Although the organizations are vastly different in terms of missions, goals, and communities they all agree that mass surveillance is a violation of the United States Constitution. Electronic Frontier Foundation, Tenth Amendment Center, Greenpeace, Freedom of the Press Foundation, and UpWorthy are all part of the coalition fighting back against the government spy programs created by the NSA.

Stand Against Spying allows users to put in their address and zipcode to see how their representative is voting on issues regarding mass surveillance. Each member of Congress is rated on his or her actions to end or promote mass surveillance.

The method used to rate members of Congress was different for the House and for the Senate. For the House, votes for the two strongest bills against mass spying were considered; the Surveillance State Repeal Act and the original version of the USA FREEDOM Act. Senate members were rated on whether they co-sponsored the original USA FREEDOM Act and if they have come out publicly claiming a commitment to cosponsoring the Act when Congress is back in session (July 7).

The website requests that users sign an open letter to President Obama. The letter sets out the goals, beliefs and mission of Stand Against Spying.

It reads:

“Dear Mr. President,

As citizens of the Internet, we believe that mass surveillance by the NSA and its global partners infringes on our civil liberties, runs contrary to democratic principles, and chills free expression.

We’re calling on you to take immediate steps to end the mass spying. Specifically, we urge you to stop the mass collection and retention of telephone records and Internet communications of hundreds of millions of people who are not suspected of a crime.

In addition, we call on you to provide a full public accounting of the intelligence community’s mass surveillance practices.”

Read the full letter here. Internet citizens are encouraged to sign the open letter to take a stand against spying.

 

Personal Data: Who Has Your Back?

By: byron alcantara

The Electronic Frontier Foundation has published its fourth annual “Who Has Your Back?” report. You might be surprised about which companies have your back and which companies don’t. The report looks at the policies and practices of various technology companies and gives companies stars for certain items that address security concerns of consumers.  Stars are given out if companies “require a warrant for content,” “tell users about government data requests,” “fight for users’ privacy rights in courts,” etc. A maximum of six stars can be obtained by each company.

Some of the top technology companies received gold stars across the board for protecting your data. Google, Apple, and Twitter all have your back and will fight for your privacy rights both in the courts and in Congress.  EFF was pleased to find out that many companies, rocked by high-profile disclosures of the National Surveillance Agency (NSA) spying on online accounts, responded by increasing their commitment to transparency and pushed back against mass surveillance.

The companies with the lowest amount of stars included Snapchat, Amazon, and AT&T. Snapchat was ranked least likely to have your back protecting your personal data. It does not require a warrant for content, does not promise to tell users if their data is sought by the government, and does not publicly oppose mass surveillance.

Amazon.com received credit for requiring a warrant for content. According to the EFF report, Amazon receives credit because of testimony from its Vice President for Global Public Policy, Paul Misener, before the House Judiciary Committee in 2010: “With respect to the content of electronic communications, we believe that ECPA requires law enforcement authorities to obtain a search warrant to compel disclosure. We do not release information without valid process and have not disclosed content without a search warrant.”

Although, Amazon.com’s stance is to obtain a warrant it does not promise users that it will tell them if the government demands data. The company has also never published a transparency report showing government requests for data, does not publish its guidelines for law enforcement seeking access to data, and it has not publicly opposed mass surveillance through a written statement.

Some companies have shown improvement over the past four years including Verizon (earned 4 stars), Microsoft (earned 6 stars), and Tumblr (earned 5 stars). Protecting personal data is extremely important to consumers and it is apparent that it is increasingly important to companies.

Stolen Identity Refund Fraud: Who, What and Why

Stolen Identity Refund Fraud (SIRF) is a category that falls under identity theft. It involves the theft of the “tax” identity of the victim. As the tax filing season descends upon us we need to be aware of the very real threats of having an identity stolen.

Victims of stolen identity refund fraud have had their lives ruined. The criminal steals the “tax” identity of an individual for the purpose of filing a tax return. The criminal will obtain information about the victim and use it to obtain his or her social security number. The thief will then submit a false tax return in the name of the victim claiming a tax return. Forbes report claims that “unfortunately, in many instances the refunds are issued.”

The victims are left to discover the fraud when they go to file their tax returns. The IRS refuses to send out a refund because a return was already filed under the name of the individual.  The burden of proof rests on the individual to prove that their identity was actually stolen and that they did not file a return in the first place. It can be a very lengthy process for an individual to get straightened out with the IRS and it can be an even lengthier amount of time for any resolution to happen.

Sadly, stolen identity refund fraud victims are the elderly and individuals who are not required to file tax returns. Criminals who steal this information often get away with it for a long time before being caught. Often the victim finds out when they apply for state or federal benefits and cannot receive them due to information found on the fraudulent returns.

The IRS and the Justice Department have begun cracking down on identity theft and have been active in fighting identity fraud. The IRS makes it clear that the agency is devoted to preventing identity fraud. The website has information on how to report suspected identity theft and the precautionary measures that people can so they don’t become a victim.

Datapalooza , Tax Returns and Identity Theft

Protecting personal information is important. It is extremely important in the online world. Identity theft is a real problem. Thieves who steal information often gather it easily from unsuspecting victims who willingly give out personal information to the wrong person or those who give out the information unwillingly but didn’t have their information protected.

Identity theft might become an even bigger problem with the announcements that were made at the White House’s “Datapalooza” event. “Datapalooza” is an ambitious new agenda that has been outlined by President Obama to combat rising college costs and to make college more affordable for American families.  It was a meeting of policy leaders and innovators exploring how open government data could help the education system in the United States. Part of the plan includes using technology for tools, services, and apps to help students evaluate and select colleges.

Apps will be used to help students access information about colleges including statistical data, program data, and form data (i.e. FAFSA).  Third party apps are also being considered for integration into the U.S. Department of Education’s financial aid toolkits. These applications should be viewed skeptically by students.  If the apps do not have the proper protections and encryptions against hack attacks then hackers might have “datapalooza” with student’s personal information.  Identity theft is a real concern with the potential data that would need to be stored online to use the governments’ apps.

The White House announced at “Datapalooza” that Americans will now be able to download their tax returns directly from the IRS’ new service Get Transcript.  Tax information is not easily accessible and for good reason. Tax papers have very personal information on them including names, birthdates, social security numbers, and wage information.  To obtain tax information before one would have to fill out a questionnaire, send it back and wait 5-10 business days for physical forms to arrive. Get Transcript makes it much easier for people to download their tax information instead of waiting to get the physical forms. But it also means that much more personal information is at risk of being stolen.

White House Not Inclined to Place Restraints on NSA Activities

The National Security Agency isn’t going away any time soon and the White House isn’t planning on placing new restraints on the agency. According to the Washington Post, “the Obama administration has decided to preserve a controversial arrangement under which a single military official is permitted to direct both the National Security Agency and the military’s cyberwarfare command despite an external review panel’s recommendation against doing so.”

A group of top U.S. intelligence officials got together and decided that the two divisions (NSA and Cyber Command) should be placed under separate leadership. The argument for the division is that it would ensure greater accountability and prevent investing too much power in one individual.  The two divisions also have different missions. The NSA mission is spying and the Cyber Command’s mission is to conduct military attacks.  Both divisions work closely together since the Cyber Command depends on the NSA’s ability to hack into the computer systems of enemies for intelligence and to conduct potential operations.

According to the Washington Post, an email from Caitlin Hayden, White House spokeswoman, said, “Following a thorough interagency review, the administration has decided that keeping the positions of NSA Director and Cyber Command commander together as one, dual-hatted position is the most effective approach to accomplishing both agencies’ missions.”

There have been over 40 recommendations made by the intelligence panel. Currently, the White House appears not to want to add constraints onto the surveillance agency.  The NSA is working toward making changes within the organization to combat any leaks that could be comparable to the leak committed by Edward Snowden.

The leak committed by Snowden informed the public that the NSA was conducting surveillance and collecting virtually all phone calls of Americas through a metadata collection process. NSA still claims that their collection of billions of phone records was for counterterrorism purposes and that the content of the calls is unknown, the agency purportedly only collects where the calls were made and how long they lasted.

What do you think?  Is this collection of data necessary? Doesn’t it put us at an even greater risk?

U.S. Senate Launches Anti-Fraud Hotline

Victims of fraud are increasing on a daily basis. Everyone is a target, but some people are more at risk than others. Elderly people, lonely people, and immigrants are often targets of fraudulent activity. Scams to get credit card and other financial information include email scams for moving large amounts of money, phone calls asking for financial information because a loved one is in trouble, and online matchmaking gone horribly wrong.

People have lost their livelihoods by falling victim to these scams and schemes. The United States Senate wants to put a stop to them and wants to help victims of fraud, especially elderly victims.  A new anti-fraud hotline has been unveiled to make it easier for senior citizens to report suspected fraud and to receive assistance.

“If you Continue reading U.S. Senate Launches Anti-Fraud Hotline

American’s Under Surveillance: NSA admits tracking cell phone locations

The National Security Agency (N.S.A.) has started to come clean about tracking Americans cell phone data and what data was being collected. NSA admits to tracking the cell phone location of Americans in a test pilot project in 2010 and 2011.

According to the New York Times, “it was unclear how many Americans’ locational data was collected as part of the project, whether the agency has held on to that information or why the program did not go forward.”

NSA  claimed that they never moved forward with the program.  The “experiment” pilot project was to test how location information would move into the massive databases containing other information on Americans.  Cell phone location is considered to be one of the most sensitive data that a cell phone emits, according to the Electronic Frontier Foundation.  Since most people carry their cell phones everywhere they go it is possible that the location data tracking could lead to the government knowing most intimate daily habits and movements of not only the person whose phone is being tracked but friends and family members whom the person had come into contact with throughout the day.

The biggest problem with NSA’s admission of the test pilot program is that it admitted to doing an illegal activity.  NSA’s chief Keith Alexander said during a Senate hearing, “Under Section 215, NSA is not receiving cell site location data and has no current plans to do so.”  The recent admission of past collection clearly violated Section 215 of the Patriot Act.

In order to counter-act negative reaction to the admission, Director of National Intelligence (DNI) James Clapper told Congress that if they started their location recollection program they would inform the intelligence committee and FISA court. That means that Americans could still be kept in the dark if the program, a clear violation of the Patriot Act and one that brings up Fourth Amendment issues, were to become restarted.

I feel safer already, don’t you?

FISA Court Releases Opinion Upholding NSA Phone Program

The federal surveillance court has released a declassified opinion that upholds the National Security Agency’s (NSA) phone program. The FISA court decided that the gathering of billions of phone records for counterterrorism purposes was constitutional and justified.

Gathering of “all call detail records” of phone companies by NSA is justifiable as long as the gathering of the data is relevant to an authorized investigation. The most significant part of the ruling is that it mentions that the data is justifiable if the government can show that there is an authorized investigation into unknown terrorists who may be in the United States. This begs the question of how there could possibly be an authorized investigation into unknown terroristic persons on reasonable grounds without the collection of the phone data.

According to the opinion, the government only needs “reasonable grounds to believe” that the phone records will be relevant to the investigation in order to legally collect the phone records.  The burden of proof the government needs is much lower than that needed in a criminal investigation.  The court claims this is because the goal is not to solve a crime but to prevent a terrorist attack.

Critics claim that the opinion released by the court is not justifiable by the Foreign Intelligence Surveillance Act (FISA) or the Constitution.  Jameel Jaffer, American Civil Liberties Union deputy legal director, told the Washington Post, “This isn’t a judicial opinion in the conventional sense. It’s a document that appears to have been cobbled together over the last few weeks in an effort to justify a decision that was made seven years ago. I don’t know of any precedent for that, and it raises a lot of questions.”

Privacy issues have come into question when Edward Snowden leaked information about the NSA spy program. The government’s stance from the beginning has been that the broad collection of data is needed to find unknown terrorist operatives in the United States.  It is still unclear how much scope the NSA program actually has over the data it has collected from billions of homes across the nation.

And, now we also hear about  . . . N.S.A. Gathers Data on Social Connections of U.S. Citizens