Kanzleramtschef, ChefBK, Kanzleramtsminister

“Chief of the chancellory,” Angela Merkel’s chief of staff, whose duties include coordinating and controlling/monitoring Germany’s secret services as the boss of the federal government’s intelligence agencies officer [of the person with the job title Beauftragter der Bundesregierung für die Nachrichtendienste].

Update on 25 Jul 2013: After Bundeskanzleramtschef Ronald Pofalla testified secretly before the Parlamentarisches Kontrollgremium, the parliamentary committee that is pro forma in charge of Germany’s intelligence services, he made a statement to the press saying absolutely everything done so far by Germany’s spy agencies had been legit and in compliance with German law. Also that German data protection law had not been reinterpreted. Supervisory committee members from opposition parties (parties that were in the ruling coalition when the information exchange began between German and U.S. intelligence agencies, as far as we know so far) gave counterstatements to the press indicating they were not satisfied with Mr. Pofalla’s responses to their catalog of questions about the U.S.A.’s Prism program.

Amusingly, artists at one news show edited Mr. Pofalla’s sound bite into their report to begin just he was saying “This statement is clearly false…”

(KANT’s lah omts chef,   CHEF bay kah,   KANT’s lah omts minn iss tah.)

Schwachstellen in Sicherheitsprodukte einbauen

“Building in vulnerabilities in security products,” one of several methods the N.S.A. and G.C.H.Q. used to unlock encryption methods previously thought secure, according to the Guardian.co.uk, NYTimes.com and ProPublica.org. When the Canadian company BlackBerry updated its encryption in 2009, for example, the N.S.A. cracked it in mere months, according to a Spiegel.de article headlined “Champagne!

These two large agencies and their partners in e.g. the Five Eyes alliance have also been benefiting from encryption cracking via supercomputers, targeted hacking committees, strange U.S. letters and court orders that forbid the ordered from ever mentioning the order, an N.S.A. Computer Solutions Center that “provided security testing” for tech products, subversion of international security standards used by developers but especially persuasion of tech companies, whose names remain most secret.

Tagesschau.de reported on 06 Sep 2013 that the “Bankenverband“—the name indicates an association of banks but the reporter did not define it more specifically—announced that N.S.A. employees and contractors can only view Germans’ online banking but cannot transfer money out of (“plunder”) their accounts. German consumers will not be reassured by this.

Brazil’s TV Globo on 08 Sep 2013 added to the list of snooped targets the international S.W.I.F.T. bank transfer network, the closed computer networks of “airlines, foreign governments, power companies and financial institutions” and the state-owned Brazilian oil company Petrobras, increasing fears of industrial espionage by the U.S.A. and its allies.

The Guardian.co.uk article on the targeted placement of back doors into encryption software was very angry about how vulnerable to criminals this makes everyone (called “the consumer and other adversaries” in one Snowden trove document). Weakening software causes people to commit crimes who wouldn’t normally have done so.

(Sh VOCHH shtell en   in   ZICHH ah heights prod OOK teh   EYE n bough en.)

Die Verharmloser

“The harmlessers.” Pejorative hurled in June 2013 at ruling-coalition German politicians who said the U.S.A.’s spying on domestic and international emails, phone calls, video chats, text chats and search histories, in addition to snail mail, in-house company computer networks, the ubiquitous traffic and security cameras in public spaces, and even medical, financial and toll records, is okay with them. Even if this data was used to track and kill people via extralegal drone assassination.

German media have also said the ruling coalition is “talking the N.S.A. problem small,” “veiling” and “down-moderating” it, using “placating” and “appeasing” language to angry voters, especially but not exclusively before the Bundestag election on 22 Sep 2013. Data protection officers remain unappeased, vociferously warning about these issues at their national meetings. Bundespräsident Joachim Gauck invited federal data protection officer Peter Schaar to discuss the problem and its implications at the presidential palace of Bellevue on 06 Sep 2013.

Spiegel.de reminds us the imbroglio includes tapping international fiber optic cables, forcing companies to give up their customers’ data, commissioning back doors in software and hardware advertised as secure and the N.S.A. and G.C.H.Q.’s ability to use brute computing force to break encryption. Presumably satellite communications aren’t immune either.

U.S. government intelligence agencies are also spreading this behavior around the world like an antidemocratic virus to friends, neutrals and foes alike as they share technology and illicitly-gathered information with allied intelligence agencies, pay telecoms and cable companies to codevelop snoop technology and render services and outsource much of their own sensitive work to private-sector companies. Non-allied countries will feel forced to invest in similar strategies as well. Companies are being perfectly reasonable if they decide to sell to everybody. Ignoring even light regulation sets a poor example and paves the way for disaster under bad leadership, anywhere in the world.

(Dee   feh HOM loze ah.)

Mehrnamenspolitik

“Multiple names policy.” Stealthing potentially wildly unpopular secret programs in one country’s government intelligence agencies by using e.g. multiple different program names over time for the same program or multiple different names for similar programs in different intelligence agencies. Multiply this by the number of countries indulging in warrantless wiretapping and suspicionless surveillance. The lack of a single -gate umbrella term might deflect target acquisition by the public’s ire.

Germans were confused by a 17 Jul 2013 Bild.de article followed by a government press conference confirming the German government had averred that the U.S.A. had two Prism programs, this time with the same name, but though they accomplished similar goals they were not the same program. Supposedly the German military and Bundesnachrichtendienst learned about Prism, but not the other Prism, via N.A.T.O. in 2011.

(Mare NAW men z poll ee TEAK.)

DGSE; DCRI, DNRED, DPSD, DRM, Tracfin, Service du renseignement de la Préfecture de police de Paris

The French foreign intelligence service and the six agencies with which it shares phone and computer data it bulk-collects inside and outside France. Le Monde reported on 04 Jul 2013 that there is a French equivalent to the NSA’s “Prism” program. The DGSE appears to have a huge budget: 640 million euros? in one year?

DGSE: Direction générale de la sécurité extérieure. French foreign intelligence.

DCRI: Direction centrale du renseignement intérieure. French domestic intelligence.

DNRED: Direction nationale du renseignement et des enquêtes douanières. French customs.

DPSD: Direction de la protection et de la sécurité de la défense. French military intelligence.

Tracfin: Traitement du renseignement et action contre les circuits financiers clandestins. ??? An intelligence agency that fights money laundering?

Service du reinseignement de la Préfecture de police de Paris: Paris police intelligence.

Anzeige gegen unbekannt

Criminal complaint filed against unknown persons, charge filed against “X.” The first hoovered-data German citizen complaint against persons unknown has been filed in the town of Gießen. Meanwhile, the federal prosecutors’ offices in Karlsruhe [Bundesanwaltschaft] are investigating US and UK surveillance of German data. A federal prosecutor spokeswoman confirmed they’re looking into the programs Prism, Tempora and Boundless Informant, inter alia.

(ON ts eye geh   gay gen   OON beh con t.)

EU-Datenschutzreform

“EU data protection reform” of the EU’s current data protection rules which were passed in 1995.

EU commissioner for justice, fundamental rights and citizenship Viviane Reding said she’s been fighting for this reform for several years now. A proposal she submitted 18 months ago has been languishing, even though the EU’s highly controversial “Vorratsdatenspeicherung-Richtlinie” [data retention directive] was negotiated in under six months, she said according to an 11 Jun 2013 Spiegel article. Laws restricting consumer rights are thus apparently passed much faster than laws guaranteeing consumer rights, in the USA and in the EU.

Reding’s EU data protection reform proposal would allow EU residents’ data to be shared outside the EU if there were appropriate legal protections in place in the recipient countries or organizations. Apparently EU citizens (and US citizens?) cannot sue in US courts in response to inappropriate sharing of their data, for example, so until that changes EU citizens’ sensitive data could not be shared with US groups. On the other hand, as Reding said in a speech at the Dublin summit on 14 Jun 2013, “In Europe, also in cases involving national security, every individual—irrespective of their nationality—can go to a Court, national or European, if they believe that their right to data protection has been infringed. Effective judicial redress is available for Europeans and non-Europeans alike. This is a basic principle of European law.”

Reding’s original proposal said there had to be a Rechtshilfeabkommen, bilateral legal assistance agreement, between the EU and the recipient country, but that bit was deleted before the Prism scandal broke in response to pressure from Washington DC. A group of European parliament members including Jan Philipp Albrecht (Green Party, Germany) and Josef Weidenholzer (Social Democrat, Austria) are now pushing to have the provision put back into the proposal. There is no mutual legal assistance agreement between the USA and the EU.

While some actors in the USA’s recently public “lawless space of the secret services Moloch around the NSA and FBI with its opaque/unmanageable network of private mercenary companies” [“rechtsfreie{r} Raum des Geheimdienstmolochs um NSA und FBI mit ihrem unüberschaubaren Netz an privaten Söldnerfirmen” (F.A.Z., 14 Jun 2013)] might consider themselves not constrained by updated EU data protection rules, Reding’s proposed economic penalties of up to 2% of their international annual gross on companies that incorrectly share EU residents’ sensitive data might have a better deterrent effect on nonshadowlands companies.

(Eh Oo   DOT en shoots ray form.)

Blog at WordPress.com.