Ars Technica

David Medine had not been on the job for a week as chairman of the Privacy and Civil Liberties Oversight Board when The Guardian dropped its first of many bombs supplied by National Security Agency leaker Edward Snowden.

As Medine described it, the revelation that the NSA was bulk-collecting the metadata from every phone call made to and from the United States "was sort of a fast-moving train that we decided to jump on."

"My first week we requested a briefing from the Justice Department. The third week we met in the Situation Room with the president," Medine said. Six months later, the five-member executive branch board released a scathing report, arguing in January that the NSA must cease the bulk collection of the phone numbers of all calls, the international mobile subscriber identity number of mobile callers, the calling card numbers used in calls, and the time and duration of those calls to and from the United States.

By a 3-2 vote, the presidential panel concluded that, among other things, the program "implicates constitutional concerns.”

Comcast has edged out controversial agribusiness giant Monsanto in Consumerist's March Madness-style "Worst Company in America" poll.

"In one of the narrowest Final Death Matches in the centuries’ long history of WCIA battle, Comcast managed to hold the genetically modified body blows of Monsanto," Consumerist wrote.

To outlast 31 other competitors, Comcast had to win five rounds, defeating Yahoo, Facebook, Verizon, and SeaWorld before taking on Monsanto. The final poll was close, with 51.5 percent of voters selecting Comcast. Consumerist is owned by Consumer Reports, which is arguing against Comcast's proposed merger with Time Warner Cable, so it's perhaps no surprise that Comcast fared poorly.

Consumerist told Ars that while the poll wasn't scientific, it included many thousands of people, and the site blocked repeat voters. A Consumer Reports survey that was more thorough than the Consumerist poll rated Comcast 15th out of 17th in customer satisfaction for telecommunications providers.

Federal agents have been known to use “remote access searches” against a target computer whose location is unknown or outside of a given judicial district in past and ongoing cases: a Colorado federal magistrate judge approved sending malware to a suspect’s known e-mail address in 2012.

But similar techniques have been rejected by other judges on Fourth Amendment grounds. If this rule revision were to be approved, it would standardize and expand federal agents’ ability to survey a suspect and to exfiltrate data from a target computer regardless of where it is.

The American Civil Liberties Union (ACLU) published a 21-page memorandum with comments and recommendation to the DOJ. Specifically, the ACLU fears “jurisdictional overreach,” which under the new rules would allow a magistrate judge in any district to impose a “remote access search warrant” in any other district. The memo is authored by Nathan Freed Wessler, Chris Soghoian, Alex Abdo, and Rita Cant, who are attorneys and fellows at the ACLU.

“Unlike terrorism investigations [...], remote searches of electronic storage media are likely to occur with great frequency. The proposed rule is not a minor procedural update; it is a major reorganization of judicial power.” The ACLU also raised the troubling implications of granting the power of a single warrant to conduct vast digital searches.

[Commentary] President Barack Obama says he wants Congress to adopt legislation that would end the National Security Agency's bulk collection of telephone metadata, a surveillance initiative exposed by whistleblower Edward Snowden.

As it currently operates, the NSA's collection program gathers and stores the metadata of every call made to and from the United States. "I have decided that the best path forward is that the government should not collect or hold this data in bulk," President Obama said. "Instead, the data should remain at the telephone companies for the length of time it currently does today." Rights groups are applauding the move. But they say it’s virtually a meaningless gesture in its current form.

As chief executive, President Obama has the power to reform the NSA on his own with the stroke of a pen. By not putting this initiative into an executive order, he punted to Congress on an issue that affects the civil liberties of most anybody who picks up a phone. Every day Congress waits on the issue is another day Americans' calling records are being collected by the government without suspicion that any crime was committed.

“He does not need congressional approval for this,” said Mark Jaycoxx, an Electronic Frontier Foundation staff attorney. Ultimately, congressional action will be necessary even if the President signs an executive order on the issue. Future Presidents are not bound by former presidential decrees, which means the 44th president does not have to adhere to any President Obama promises of ethical and limited metadata use.

The Supreme Court declined to resolve the constitutionality of the National Security Agency's bulk telephone metadata surveillance program, leaving intact what a lower-court judge described as an "almost-Orwellian" surveillance effort in which the metadata from every phone call to and from the United States is catalogued by US spies.

The move by the justices comes as the Obama administration and Congress consider dramatically revamping the spy program disclosed in June by NSA whistleblower Edward Snowden.

The petition before the justices, brought by political activist Larry Klayman, concerned a December decision by US District Judge Richard Leon, who wrote in an opinion that America's founders would be "aghast" at the spying. The President George W. Bush appointee stayed his decision, which concluded that the program infringes the Fourth Amendment, pending appeal because of the case's national security implications. Klayman bypassed a federal appeals court and went directly to the high court, which rarely plucks cases from district courts before they're heard at the federal appellate level.

Google’s plan to deliver Internet service from balloons seems to be flying along nicely, as the company says one of its balloons just completed “a lap around the world in 22 days and has just clocked the project’s 500,000th kilometer as it begins its second lap.”

Project Loon, unveiled in 2013, is an attempt to use solar-powered balloons to create networks that can send wireless Internet signals to areas that would be hard to reach with wired Internet. The balloons are supposed to form a mesh network 20 kilometers above the ground, with each balloon communicating with its neighbors and ultimately to ground stations connected to Internet providers. Internet signals would be sent to antennas installed on buildings.

It’s just in the prototype phases, but Google’s testers have been busy. The balloon that circled the world “enjoyed a few loop-de-loops over the Pacific Ocean before heading east on the winds toward Chile and Argentina, and then made its way back around near Australia and New Zealand,” Google’s Project Loon team said. “Along the way, it caught a ride on the Roaring Forties -- strong west-to-east winds in the southern hemisphere that act like an autobahn in the sky, where our balloons can quickly zoom over oceans to get to where people actually need them.”

Are you an AT&T home Internet customer? If so, AT&T has just made a promise you'll want to take note of. If the Federal Communications Commission lets Internet service providers charge Web companies like Netflix for faster delivery of content to consumers, AT&T will lower its customers' Internet bills.

That's what AT&T said in a filing in the FCC's "Protecting and Promoting the Open Internet" proceeding. Payments from so-called "edge providers" -- companies that deliver video and other services over the Internet -- will help startups compete against more established players and lower the price of consumer Internet service. Instead of making payments from edge providers to ISPs the exception, the FCC should "adopt a safe harbor" for such transactions.

Any nondiscrimination rule "should target only 'commercially unreasonable' actions that threaten Internet openness and the virtuous cycle of innovation and investment," AT&T said. “Allowing individualized dealings between ISPs and edge providers is sound policy for a number of reasons.

By enabling smaller edge providers to negotiate special arrangements for the handling of their traffic, flexible net neutrality rules will empower start-ups to compete more effectively against more entrenched and well-heeled rivals. And by enabling ISPs to recover the costs of network upgrades not just from consumers but also from the edge providers whose applications benefit from such upgrades, flexible rules also will promote deployment of additional broadband infrastructure and improved features. They also will reduce the cost of broadband service for consumers, facilitating greater adoption.”

Three researchers from IBM have developed an algorithm that can predict a Twitter user's location without needing so much as a single geotag from them.

According to the Arxiv paper on the subject, the location prediction comes largely from assessing the similarity of the content of a user's tweets to other users' tweets who do use geotags, which turns out to be a decent predictor.

The authors of the paper created their algorithm by analyzing the content of tweets that did have geotags and then searching for similarities in content in tweets without geotags to assess where they might have originated from. Of a body of 1.5 million tweets, 90 percent were used to train the algorithm, and 10 percent were used to test it. Using this system, the researchers could predict a user's city with 58 percent accuracy -- far from deadly aim, but statistically significant nonetheless. Larger regions could be predicted with increasing levels of accuracy, with 66 percent on a state level and 73 percent on a time zone level.

National Security Agency documents released by The Washington Post gave a glimpse of an NSA program that allows the agency to capture the voice content of virtually every phone call in an unnamed country and perform searches against the stored calls’ metadata to find and listen to conversations for up to a month after they happened.

Just as the NSA and GCHQ have used Xkeyscore to make it possible to search through torrents of Internet traffic captured by its Turmoil monitoring systems scattered around the world, a system called Retrospective (or Retro) allows analysts to search through phone calls that are up to 30 days old based on call metadata.

Originally developed for the NSA’s Mystic international telephone monitoring effort as a “one-off” capability, Retro may now be used in a number of other countries, scooping up calls that undoubtedly include ones that have nothing to do with the NSA’s foreign intelligence goals.

Of course, whether that capture can be considered monitoring comes down to semantics. In the NSA’s reasoning, it’s not “surveillance” until a human listens in. And since most of the calls accessible by Retrospective are flushed from its “cache” after a month without being queried, the NSA could argue that the calls have never been surveilled.

Edward Snowden made a surprise appearance on the TED stage in Vancouver -- and urged online businesses to encrypt their websites immediately.

"The biggest thing that an Internet company in America can do today, right now, without consulting lawyers, to protect users of the Internet around the world, is to enable Web encryption on every page you visit," he said. "If you look at a copy of 1984 on Amazon, the NSA can see a record of that, the Russians, the French can -- the world's library is unencrypted. This is something we need to change, not just for Amazon -- all companies need to move to an encrypted browsing habit by default."

Snowden said the leaks from his document cache would continue. "There are absolutely more revelations to come," he said. "Some of the most important [publishing] to be done is yet to come." He said he struggled to find a way to leak the intelligence documents in as responsible a way as he could.

He said the NSA's PRISM program allowed the US government to "deputize corporate America to do its dirty work for the National Security Agency. Another NSA program, Boundless Informant, was hidden from Congress, he said. "What Boundless Informant tells us is more communications are being intercepted in America by Americans than in Russia by Russians." "The NSA has violated their own rules thousands of times in a single year -- in one event they intercepted all the calls in Washington DC by accident." Not only were there 2,776 abuses in 2011-12, he said, but the chairman of the US Senate Intelligence Committee had no idea that the rules were being broken thousands of times every year.