Mass surveillance fears as India readies facial recognition system

Mass surveillance fears as India readies facial recognition system
By Rina Chandran

NEW DELHI (Thomson Reuters Foundation) – As India prepares to install a nationwide facial recognition system in an effort to catch criminals and find missing children, human rights and technology experts on Thursday warned of the risks to privacy and from increased surveillance.

Use of the camera technology is an effort in “modernising the police force, information gathering, criminal identification, verification”, according to India’s national crime bureau.

Likely to be among the world’s biggest facial recognition systems, the government contract is due to be awarded on Friday.

But there is little information on where it will be deployed, what the data will be used for and how data storage will be regulated, said Apar Gupta, executive director of non-profit Internet Freedom Foundation.

“It is a mass surveillance system that gathers data in public places without there being an underlying cause to do so,” he told the Thomson Reuters Foundation.

“Without a data protection law and an electronic surveillance framework, it can lead to social policing and control,” he said.

A spokesman for India’s Home Ministry did not return calls seeking comment.

Worldwide, the rise of cloud computing and artificial intelligence technologies have popularised the use of facial recognition for a range of applications from tracking criminals to catching truant students.

There is a growing backlash however, and in San Francisco authorities banned the use of facial recognition technology by city personnel, and “anti-surveillance fashion” is becoming popular.

Facial recognition technology was launched in a few Indian airports in July, and Delhi police last year said they had identified nearly 3,000 missing children in just days during a trial.

But technology site Comparitech, which ranked the Indian cities of Delhi and Chennai among the world’s most surveilled cities in a recent report https://www.comparitech.com/vpn-privacy/the-worlds-most-surveilled-cities, said it had found “little correlation between the number of public CCTV cameras and crime or safety”.

Indian authorities have said facial recognition technology is needed to bolster a severely under-policed country.

There are 144 police officers for every 100,000 citizens, among the lowest ratios in the world, according to the United Nations.

The technology has been shown to be inaccurate in identifying darker-skinned women, those from ethnic minorities, and transgender people.

So its use in a criminal justice system where vulnerable groups such as indigenous people and minorities are over-represented risks greater abuse, said Vidushi Marda, a lawyer and artificial intelligence researcher at Article 19, a Britain-based human rights organisation.

“The use of facial recognition provides a veneer of technological objectivity without delivering on its promise, and institutionalises systemic discrimination,” she said.

“Being watched will become synonymous with being safe, only because of a constant, perpetual curfew on individual autonomy. This risks further entrenching marginalisation and discrimination of vulnerable sections.”

India’s Supreme Court, in a landmark ruling in 2017 on the national biometric identity card programme Aadhaar, said individual privacy is a fundamental right, amid concerns over data breaches and the card’s mandated use for services.

Yet the ruling has not checked the rollout of facial recognition technology, or a proposal to link Aadhaar with social media accounts, said Gupta.

“There is a perceptible rise in national security being a central premise for policy design. But national security cannot be the reason to restrict rights,” he said.

“It is very worrying that technology is being used as an instrument of power by the state rather than as an instrument to empower citizens.”

(Reporting by Rina Chandran @rinachandran; Editing by Michael Taylor. Please credit the Thomson Reuters Foundation, the charitable arm of Thomson Reuters, that covers humanitarian news, women’s and LGBT+ rights, human trafficking, property rights, and climate change. Visit http://news.trust.org)

From Iraq to Yemen, drones raise U.S. alarm over Iranian plans

FILE PHOTO: A projectile and a drone launched at Saudi Arabia by Yemen'S Houthis are displayed at a Saudi military base, Al-Kharj, Saudi Arabia June 21, 2019. REUTERS/Stephen Kalin

By Babak Dehghanpisheh and Phil Stewart

GENEVA/WASHINGTON (Reuters) – The increased use of drones by Iran and its allies for surveillance and attacks across the Middle East is raising alarms in Washington.

The United States believes that Iran-linked militia in Iraq have recently increased their surveillance of American troops and bases in the country by using off-the-shelf, commercially available drones, U.S. officials say.

The disclosure comes at a time of heightened tensions with Iran and underscores the many ways in which Tehran and the forces it backs are increasingly relying on unmanned aerial vehicles (UAVs) in places like Yemen, Syria, the Strait of Hormuz and Iraq.

Beyond surveillance, Iranian drones can drop munitions and even carry out “a kamikaze flight where they load it up with explosives and fly it into something”, according to a U.S. official who spoke on condition of anonymity.

Yemen’s Iranian-backed Houthis have significantly increased their UAV attacks in recent months, bombing airports and oil facilities in Saudi Arabia, a main rival of Iran.

Last month, Iran came close to war with the United States after the Islamic Republic’s unprecedented shoot-down of a U.S. drone with a surface-to-air missile, a move that nearly triggered retaliatory strikes by U.S. President Donald Trump.

Trump withdrew from a major 2015 nuclear deal last year and reimposed sanctions to cut off Iran’s oil exports and pressure the Islamic Republic to negotiate over its ballistic missile program and regional policy.

The increased use of drones by Iran or its regional allies is a strategy aimed at pushing back and defending against pressure from the United States and foes like Saudi Arabia and Israel, current and former security officials and analysts say.

Iran now flies two or three drones over Gulf waters every day, the first U.S. official estimated, making it a core part of Tehran’s effort to monitor the Strait of Hormuz, through which one-fifth of the world’s oil consumption flow.

The United States and Saudi Arabia have accused Iran of carrying out attacks against six oil tankers near the Strait in the past two months, a claim Tehran has denied.

The U.S. officials, who spoke on condition of anonymity, declined to quantify the extent to which surveillance near U.S. forces has increased in Iraq or to specify which militia were carrying it out.

“We have seen an uptick in drone activity in Iraq near our bases and facilities,” the first official said. “Certainly the drones that we have seen are more of the commercial off-the-shelf variant. So they’re obviously a deniable type UAV-activity in Iraq.”

A second official said the recent increase in surveillance was worrying but acknowledged Iran-linked militia in Iraq had a history of keeping tabs on Americans.

Reuters has previously reported that the United States has indirectly sent warnings to Iran, saying any attack against U.S. forces by proxy organizations in Iraq will be viewed by Washington as an attack by Iran itself.

In recent weeks, mortars and rockets have been fired at bases in Iraq where U.S. forces are located but no American troops have been injured. U.S. officials did not link those attacks to the increased surveillance.

Attempts to reach the Iranian ministry of foreign affairs and the Revolutionary Guards, who are most closely linked to militant groups in Iraq, for comment were unsuccessful.

Iraqi militia groups linked to Iran began using drones in 2014 and 2015 in battles to retake territory from Islamic State, according to militia members and Iraqi security officials.

These groups received training on the use of drones from members of Iran’s Revolutionary Guards and Lebanon’s Iranian-backed Hezbollah, two Iraqi security officials with knowledge of militia activities said.

“Key militia groups have the ability to launch aerial attacks using drones. Will they target American interests? That hasn’t happened yet,” said one Iraqi security official. “They used Katyusha [rockets] and mortars in very restricted attacks against American interests in Iraq to send a message rather than trying to inflict damage. Using explosive-laden drones is very possible once we have a worsening situation between Tehran and Washington.”

HOW SOPHISTICATED ARE IRAN’S DRONES?

In March, Iran boasted about a complex military exercise involving 50 drones. In a slickly edited video aired on state TV, waves of drones streak across a clear blue sky, bombing buildings on an island in the Gulf.

The show of force was intended to highlight Iran’s locally developed UAV program, which it has been building up for several years.

Douglas Barrie, a senior fellow at the London-based International Institute for Strategic Studies, however, cautioned that some of Iran’s claims were “best viewed through the prism of domestic messaging”. “That Iran has a growing capability in UAVs isn’t debatable. What is an open question is the actual levels of technology it often employs,” Barrie said, adding that Israel had the most advanced program in the region.

American technology may have been used to enhance the Iranian drone program: an advanced U.S. RQ-170 Sentinel reconnaissance drone went down in eastern Iran in 2011, and Revolutionary Guards commanders say they were able to reverse engineer it, a claim which some security officials and analysts dispute.

“They’ve really come up with some aircraft which are looking increasingly sophisticated in terms of their ability to carry guided weapons and carry out long-range surveillance missions,” said Jeremy Binnie, Middle East and Africa editor for Jane’s Defense Weekly.

U.S. forces have shot down Iranian-made drones in 2017 in Syria, after deeming them a threat to both U.S.-backed forces and their advisers.

EXPORTING DRONE TECHNOLOGY

Iran has passed on its drones and technical expertise to regional allies, current and former security officials and analysts say.

The Revolutionary Guards and Hezbollah advise the Houthis on the use of drones and operate video uplinks from Tehran and Beirut to beam in technical expertise when needed, an official from the Saudi-led coalition fighting in Yemen said.

Iran has denied any role in the conflict in Yemen.

U.N. experts say the Houthis now have drones that can drop bigger bombs further away and more accurately than before. In May, drones hit two oil pumping stations hundreds of kilometers inside Saudi territory.

“Either the drones that attacked the pipelines were launched from inside Saudi territory or the Houthis just significantly upped their capability with satellite technology and were provided with the capability to extend the distance,” said Brett Velicovich, a drone expert and U.S. Army veteran, about the May attack.

A commander of Kataib Hezbollah, an Iraqi militia closely linked to Iran, using the nickname Abu Abdullah, told Reuters in 2014 that Iran had provided training for operating drones, which were mostly used to target Islamic State positions.

He said at the time that they had also used the drones to carry out surveillance on American military positions in Iraq and in the conflict in Syria, where Kataib Hezbollah fought in support of President Bashar al-Assad. 

Iraqi militia groups have now acquired enough expertise to modify drones for attacks, two Iraqi security officials with knowledge of the militia activities said.

(Reporting by Babak Dehghanpisheh and Phil Stewart; Additional reporting by Ahmed Rasheed in Baghdad, Tuqa Khalid in Dubai, Stephen Kalin in Riyadh and Dan Williams in Jerusalem; editing by Giles Elgood)

New York man arrested in alleged plot to attack Times Square

New York City Police Department (NYPD) officers patrol in Time Square after a man was arrested in an alleged plot to buy grenades for an attack on Times Square in New York, U.S., June 7, 2019. REUTERS/Mike Segar

By Brendan Pierson

NEW YORK (Reuters) – A New York man was arrested after allegedly discussing acquiring grenades and detonating them in Times Square, one of midtown Manhattan’s most crowded crossroads, a person familiar with the matter told Reuters on Friday.

Ashiqul Alam, 22, from Jackson Heights in the city’s Queens borough, was arrested on Thursday afternoon, the person said. He is expected to appear in U.S. District Court in Brooklyn later on Friday, but it was unclear what charges he would face.

The New York Police Department declined to comment on the matter and referred inquires to the Federal Bureau of Investigation, which also declined to comment.

The alleged plot was uncovered after police and federal authorities learned the man had been inquiring about buying grenades and using them in Times Square, one of the most visited destinations in the United States, the New York Daily News reported.

Authorities do not believe the man had links to a wider plot involving other people, the Daily News said, citing unidentified law enforcement sources.

The man had been under surveillance for some time and authorities had been closely monitoring him, NBC News reported, citing unnamed officials.

He talked about wanting to make a suicide bomb vest as well as using explosives, and eventually settled on a shooting attack in Times Square, NBC reported.

The man had discussed potential attacks on politicians in New York and Washington before settling on a plot to attack Times Square, NBC said.

Members of the New York Joint Terrorism Task Force, which is made up of FBI agents and New York police detectives, made the arrest. The task force began tracking him and eventually took him into custody, according to media reports said.

With its millions of visitors each year, Times Square, often called the crossroads of the world, has been targeted by at least two bombers in recent years, despite its heavily-fortified police presence.

On May 1, 2010, police thwarted an attempted car bomb in Times Square, defusing a crude device made out of firecrackers and propane gas tanks.

A Pakistani-born U.S. citizen pleaded guilty to the plot, admitting that he had received bomb-making training from the Pakistani Taliban and that the group, known as Tehrik-e-Taliban Pakistan had funded the plot. He was sentenced to life in prison.

In December 2017, a Bangladeshi man set off a homemade pipe bomb strapped to his body in a crowded underground pedestrian tunnel near Times Square. The man, Akayed Ullah, was convicted of six criminal counts, including use of a weapon of mass destruction and support of a terrorist organization.

On Friday morning, it was business as usual in Times Square, with a bustle of people on their way to work and tourists beginning to stream into the area.

Kate Fan, a 28-year-old charity worker visiting from her home in Guangzhou, China, said that she heard about the incident but still felt safe.

“We hear a lot of stories about New York being unsafe, but we feel like people sometimes exaggerate safety issues,” she said.

(Writing and additional reporting by Meredith Mazzilli, Peter Szekely and Ayenat Mersie; Editing by Frank McGurty and Nick Zieminski)

Foreign media reporting conditions in China worsen, group says

Red flags flutter on the top of the Great Hall of the People in Beijing, China September 30, 2018. Picture taken September 30, 2018. REUTERS/Jason Lee

BEIJING (Reuters) – Last year marked a “significant deterioration” in reporting conditions for foreign journalists in China, the Foreign Correspondents’ Club of China said on Tuesday, with no reporter saying in a new survey that conditions had improved last year.

The group said 55 percent of respondents to its 2018 reporting conditions survey said they believed conditions deteriorated last year, the largest proportion since 2011.

“Not a single correspondent said conditions improved,” the group said, unveiling results of a survey of its 204 foreign correspondent members, 109 of whom responded to questions.

“Rapidly expanding surveillance and widespread government interference against reporting in the country’s far northwestern region of Xinjiang drove a significant deterioration in the work environment for foreign journalists in China in 2018.”

Foreign ministry spokesman Geng Shuang told a regular news briefing that the report was “not worth refuting” and could not represent the views of all foreign journalists.

The government has repeatedly said it is committed to ensuring foreign media can report easily, but that they must follow the rules and regulations.

According to rules issued just before the 2008 Beijing Olympics, foreign reporters can interview anyone as long as they have permission.

But the government often interprets the rules to suit its needs, rights groups say, especially when it comes to sensitive subjects. Tibet remains off limits for foreign journalists apart from government-organized visits.

While foreign journalists are occasionally harassed or temporarily detained, domestic media operate under strict government controls. Chinese reporters have been fired or jailed for writing stories that stray too far from the government line.

President Xi Jinping has overseen a sweeping crackdown on dissent since assuming office six years ago and his administration has tightened Communist Party controls on all levels of society, including in Xinjiang.

(Reporting by Ben Blanchard and Michael Martina; Editing by Neil Fullick)

Exclusive: U.S. widens surveillance to include ‘homegrown violent extremists’ – documents

Exclusive: U.S. widens surveillance to include 'homegrown violent extremists' - documents

By Dustin Volz

WASHINGTON (Reuters) – The U.S. government has broadened an interpretation of which citizens can be subject to physical or digital surveillance to include “homegrown violent extremists,” according to official documents seen by Reuters.

The change last year to a Department of Defense manual on procedures governing its intelligence activities was made possible by a decades-old presidential executive order, bypassing congressional and court review.

The new manual, released in August 2016, now permits the collection of information about Americans for counterintelligence purposes “when no specific connection to foreign terrorist(s) has been established,” according to training slides created last year by the Air Force Office of Special Investigations (AFOSI).

The slides were obtained by Human Rights Watch through a Freedom of Information Act request about the use of federal surveillance laws for counter-drug or immigration purposes and shared exclusively with Reuters.

The Air Force and the Department of Defense told Reuters that the documents are authentic.

The slides list the shooting attacks in San Bernardino, California, in December 2015 and Orlando, Florida, in June 2016 as examples that would fall under the “homegrown violent extremist” category. The shooters had declared fealty to Islamic State shortly before or during the attacks, but investigators found no actual links to the organization that has carried out shootings and bombings of civilians worldwide.

Michael Mahar, the Department of Defense’s senior intelligence oversight official, said in an interview that AFOSI and other military counterintelligence agencies are allowed to investigate both active duty and U.S. civilian personnel as long as there is a potential case connected to the military. Investigations of civilians are carried out cooperatively with the Federal Bureau of Investigation, Mahar said.

Executive order 12333, signed by former President Ronald Reagan in 1981 and later modified by former President George W. Bush, establishes how U.S. intelligence agencies such as the CIA are allowed to pursue foreign intelligence investigations. The order also allows surveillance of U.S. citizens in certain cases, including for activities defined as counterintelligence.

Under the previous Defense Department manual’s definition of counterintelligence activity, which was published in 1982, the U.S. government was required to demonstrate a target was working on behalf of the goals of a foreign power or terrorist group.

It was not clear what practical effect the expanded definition might have on how the U.S. government gathers intelligence. One of the Air Force slides described the updated interpretation as among several “key changes.”

‘CLOAK OF DARKNESS’

However, some former U.S. national security officials, who generally support giving agents more counterterrorism tools but declined to be quoted, said the change appeared to be a minor adjustment that was unlikely to significantly impact intelligence gathering.

Some privacy and civil liberties advocates who have seen the training slides disagreed, saying they were alarmed by the change because it could increase the number of U.S. citizens who can be monitored under an executive order that lacks sufficient oversight.

“What happens under 12333 takes place under a cloak of darkness,” said Sarah St. Vincent, a surveillance researcher with Human Rights Watch who first obtained the documents. “We have enormous programs potentially affecting people in the United States and abroad, and we would never know about these changes” without the documents, she said.

The National Security Act, a federal law adopted 70 years ago, states that Congress must be kept informed about significant intelligence activities. But the law leaves the interpretation of that to the executive branch.

The updated interpretation was motivated by recognition that some people who may pose a security threat do not have specific ties to a group such as Islamic State or Boko Haram, Mahar at the Defense Department said.

“The internet and social media has made it easier for terrorist groups to radicalize followers without establishing direct contact,” Mahar said.

“We felt that we needed the flexibility to target those individuals,” he said.

In August 2016, during the final months of former President Barack Obama’s administration, a Pentagon press release announced that the department had updated its intelligence collecting procedures but it made no specific reference to “homegrown violent extremists.”

The revision was signed off by the Department of Justice’s senior leadership, including the attorney general, and reviewed by the Privacy and Civil Liberties Oversight Board, a government privacy watchdog.

Mahar said that “homegrown violent extremist,” while listed in the Air Force training slide, is not an official phrase used by the Defense Department. It does not have a specific list of traits or behaviors that would qualify someone for monitoring under the new definition, Mahar said.

Hunches or intuition are not enough to trigger intelligence gathering, Mahar said, adding that a “reasonable belief” that a target may be advancing the goals of an international terrorist group to harm the United States is required.

The updated Defense Department manual refers to any target “reasonably believed to be acting for, or in furtherance of, the goals or objectives of an international terrorist or international terrorist organization, for purposes harmful to the national security of the United States.”

Mahar said that in counterterrorism investigations, federal surveillance laws, including the Foreign Intelligence Surveillance Act, continue to govern electronic surveillance in addition to the limitations detailed in his department’s manual.

(Reporting by Dustin Volz; editing by Grant McCool)

China to implement cyber security law from Thursday

FILE PHOTO: A woman uses a computer in an internet cafe at the centre of Shanghai, China January 13, 2010. REUTERS/Nir Elias/File Photo

SHANGHAI (Reuters) – China, battling increased threats from cyber-terrorism and hacking, will adopt from Thursday a controversial law that mandates strict data surveillance and storage for firms working in the country, the official Xinhua news agency said.

The law, passed in November by the country’s largely rubber-stamp parliament, bans online service providers from collecting and selling users’ personal information, and gives users the right to have their information deleted, in cases of abuse.

“Those who violate the provisions and infringe on personal information will face hefty fines,” the news agency said on Monday, without elaborating.

Reuters reported this month that overseas business groups were pushing Chinese regulators to delay implementation of the law, saying the rules would severely hurt activities.

Until now, China’s data industry has had no overarching data protection framework, being governed instead by loosely defined laws.

However, overseas critics say the new law threatens to shut foreign technology companies out of sectors the country deems “critical”, and includes contentious requirements for security reviews and data stored on servers in China.

(Reporting by Brenda Goh; Editing by Clarence Fernandez)

Wikipedia can pursue NSA surveillance lawsuit: U.S. appeals court

A man is silhouetted near logos of the U.S. National Security Agency (NSA) and Wikipedia in this photo illustration taken in Sarajevo March 11, 2015. REUTERS/Dado Ruvic/File Photo

By Jonathan Stempel

(Reuters) – A federal appeals court on Tuesday revived a Wikipedia lawsuit that challenges a U.S. National Security Agency (NSA) program of mass online surveillance, and claims that the government unconstitutionally invades people’s privacy rights.

By a 3-0 vote, the 4th U.S. Circuit Court of Appeals in Richmond, Virginia, said the Wikimedia Foundation, which hosts the Wikipedia online encyclopedia, had a legal right to challenge the government’s Upstream surveillance program.

The decision could make it easier for people to learn whether authorities have spied on them through Upstream, which involves bulk searches of international communications within the internet’s backbone of cables, switches and routers.

Upstream’s existence was revealed in leaks by former NSA contractor Edward Snowden in 2013.

Lawyers for the Wikipedia publisher and eight other plaintiffs including Amnesty International USA and Human Rights Watch, with more than 1 trillion international communications annually, argued that the surveillance violated their rights to privacy, free expression and association.

The U.S. Department of Justice countered that the Foreign Intelligence Surveillance Act had authorized Upstream’s review of communications between Americans and foreign “targets.”

In October 2015, U.S. District Judge T.S. Ellis III in Baltimore dismissed the lawsuit, finding a lack of evidence that the NSA, headquartered in Maryland, was conducting surveillance “at full throttle.”

Writing for the appeals court panel, however, Circuit Judge Albert Diaz found “nothing speculative” about the Wikimedia Foundation’s claims.

Diaz said the NSA interception and copying of communications showed “an invasion of a legally protected interest – the Fourth Amendment right to be free from unreasonable searches and seizures.”

The foundation could also pursue its First Amendment claim because it had “self-censored” some communications in response to the Upstream surveillance, Diaz said.

By a 2-1 vote, the same panel also ruled the plaintiffs lacked standing to challenge the NSA’s alleged “dragnet” to intercept “substantially all” text-based communications to and from the United States while conducting Upstream surveillance.

Justice Department spokesman Mark Abueg declined to comment.

Patrick Toomey, an American Civil Liberties Union lawyer representing the plaintiffs, said the ruling means Upstream “will finally face badly needed scrutiny” in the courts.

“This is an important victory for the rule of law,” he said in a statement. “Our government shouldn’t be searching the private communications of innocent people in bulk.”

Some Democratic and Republican lawmakers are working on legislation to curtail parts of Upstream. A section of FISA that authorizes the program expires at year end.

The case is Wikimedia Foundation et al v National Security Agency et al, 4th U.S. Circuit Court of Appeals, No. 15-2560.

(Reporting by Jonathan Stempel in New York; Additional reporting by Dustin Volz in Washington; editing by Jeffrey Benkoe and Phil Berlowitz)

NSA collected Americans’ phone records despite law change: report

An illustration picture shows the logo of the U.S. National Security Agency on the display of an iPhone in Berlin, June 7, 2013. REUTERS/Pawel Kopczynski

By Mark Hosenball

WASHINGTON (Reuters) – The U.S. National Security Agency collected more than 151 million records of Americans’ phone calls last year, even after Congress limited its ability to collect bulk phone records, according to an annual report issued on Tuesday by the top U.S. intelligence officer.

The report from the office of Director of National Intelligence Dan Coats was the first measure of the effects of the 2015 USA Freedom Act, which limited the NSA to collecting phone records and contacts of people U.S. and allied intelligence agencies suspect may have ties to terrorism.

It found that the NSA collected the 151 million records even though it had warrants from the secret Foreign Intelligence Surveillance court to spy on only 42 terrorism suspects in 2016, in addition to a handful identified the previous year.

The NSA has been gathering a vast quantity of telephone “metadata,” records of callers’ and recipients’ phone numbers and the times and durations of the calls – but not their content – since the September 11, 2001, attacks.

The report came as Congress faced a decision on whether to reauthorize Section 702 of the Foreign Intelligence Surveillance Act (FISA), which permits the NSA to collect foreign intelligence information on non-U.S. persons outside the United States, and is scheduled to expire at the end of this year.

Privacy advocates have argued that Section 702 permits the NSA to spy on Internet and telephone communications of Americans without warrants from the secret Foreign Intelligence Surveillance Court, and that foreign intelligence could be used for domestic law enforcement purposes in a way that evades traditional legal requirements.

The report said that on one occasion in 2016, the FBI obtained information about an American in response to a search of Section 702 data intended to produce evidence of a crime not related to foreign intelligence.

The report did not address how frequently the FBI obtained information about Americans while investigating a foreign intelligence matter, however.

On Friday, the NSA said it had stopped a form of surveillance that allowed it to collect the digital communications of Americans who mentioned a foreign intelligence target in their messages without a warrant.

TRUMP’S ALLEGATIONS

The new report also came amid allegations, recently repeated by U.S. President Donald Trump, that former President Barack Obama ordered warrantless surveillance of his communications and that former national security adviser Susan Rice asked the NSA to unmask the names of U.S. persons caught in the surveillance.

Both Republican and Democratic members of the congressional intelligence committees have said that so far they have found no evidence to support either allegation.

Officials on Tuesday argued that the 151 million records collected last year were tiny compared with the number collected under procedures that were stopped after former NSA contractor Edward Snowden revealed the surveillance program in 2013.

Because the 151 million would include multiple calls made to or from the same phone numbers, the number of people whose records were collected also would be much smaller, the officials said. They said they had no breakdown of how many individuals’ phone records were among those collected.

In all, according to the report, U.S. officials unmasked the names of fewer Americans in NSA eavesdropping reports in 2016 than they did the previous year, the top U.S. intelligence officer reported on Tuesday.

The report said the names of 1,934 “U.S. persons” were “unmasked” last year in response to specific requests, compared with 2,232 in 2015, but it did not identify who requested the names or on what grounds.

Officials said in the report that U.S. intelligence agencies had gone out of their way to make public more information about U.S. electronic eavesdropping.

“This year’s report continues our trajectory toward greater transparency, providing additional statistics beyond what is required by law,” said Office of the Director of National Intelligence spokesman Timothy Barrett.

(Reporting by Mark Hosenball; Additional reporting by Dustin Volz; Editing by John Walcott and Jonathan Oatis)

U.S. spy agency abandons controversial surveillance technique

FILE PHOTO - An aerial view shows the National Security Agency (NSA) headquarters in Ft. Meade, Maryland, U.S. on January 29, 2010. REUTERS/Larry Downing/File Photo

By Dustin Volz

WASHINGTON (Reuters) – The U.S. National Security Agency said on Friday it had stopped a form of surveillance that allowed it to collect without a warrant the digital communications of Americans who mentioned a foreign intelligence target in their messages, marking an unexpected triumph for privacy advocates long critical of the practice.

The decision to stop the once-secret activity, which involved messages sent to or received from people believed to be living overseas, came despite the insistence of U.S. officials in recent years that it was both lawful and vital to national security.

The halt is among the most substantial changes to U.S. surveillance policy in years and comes as digital privacy remains a contentious issue across the globe following the 2013 disclosures of broad NSA spying activity by former intelligence contractor Edward Snowden.

“NSA will no longer collect certain internet communications that merely mention a foreign intelligence target,” the agency said in a statement. “Instead, NSA will limit such collection to internet communications that are sent directly to or from a foreign target.”

NSA also said it would delete the “vast majority” of internet data collected under the surveillance program “to further protect the privacy of U.S. person communications.”

The decision is an effort to remedy privacy compliance issues raised in 2011 by the Foreign Intelligence Surveillance Court, a secret tribunal that rules on the legality of intelligence operations, sources familiar with the matter said.

The court recently approved the changes, NSA said in its statement.

The NSA is not permitted to conduct surveillance within the United States. The so-called “about” collection went after messages that mentioned a surveillance target, even if the message was neither to nor from that person.

That type of collection sometimes resulted in surveillance of emails, texts and other communications that were wholly domestic. The NSA will continue to collect communications directly involving intelligence targets.

Friday’s announcement came as a surprise to privacy advocates who have long argued that “about” collection was overly broad and ran afoul of the U.S. Constitution’s protections against unreasonable searches.

Julian Sanchez, a privacy and surveillance expert with the Cato Institute, a libertarian think tank, called the decision “very significant” and among the top priorities of surveillance reform among civil liberties groups.

“Usually you identify a specific individual to scrutinize their content; this was scrutinizing everyone’s content to find mentions of an individual,” Sanchez said.

Other privacy advocates seized on the change to advocate for additional reforms to the Foreign Intelligence Surveillance Act (FISA). The part of the law under which the banned surveillance occurred, known as Section 702, is due to expire at the end of the year unless Congress reauthorizes it.

Democratic Senator Ron Wyden said in a statement he would introduce legislation “banning this kind of collection in the future.”

A U.S. government official familiar with the matter said the change was motivated in part to ensure that Section 702 is renewed before it sunsets on Dec. 31, 2017. FISA has come under increased scrutiny in recent months amid unsubstantiated claims by President Donald Trump and other Republicans that the Obama White House improperly spied on Trump or his associates.

Pieces of differing bits of digital traffic are often packaged together as they travel across the internet. Part of the issue with “about” collection stemmed from how an entire packet of information would be vacuumed up if one part of it contained information, such as an email address or phone number, connected to a foreign target.

NSA told the Privacy and Civil Liberties Oversight Board as recently as last year that changes to “about” collection were not “practical at this time,” according to a report from the government watchdog.

News of the surveillance activity being halted was first reported on Friday by The New York Times, which first revealed its existence in 2013, two months after Snowden leaked intelligence documents to journalists.

(Additional reporting by Mark Hosenball; writing by Eric Beech; editing by Tim Ahmann, Leslie Adler and Bill Rigby)

Hackers release files indicating NSA monitored global bank transfers

FILE PHOTO: Swift code bank logo is displayed on an iPhone 6s among Euro banknotes in this picture illustration January 26, 2016. REUTERS/Dado Ruvic/File Photo - RTS11WHG

By Clare Baldwin

(Reuters) – Hackers released documents and files on Friday that cybersecurity experts said indicated the U.S. National Security Agency had accessed the SWIFT interbank messaging system, allowing it to monitor money flows among some Middle Eastern and Latin American banks.

The release included computer code that could be adapted by criminals to break into SWIFT servers and monitor messaging activity, said Shane Shook, a cyber security consultant who has helped banks investigate breaches of their SWIFT systems.

The documents and files were released by a group calling themselves The Shadow Brokers. Some of the records bear NSA seals, but Reuters could not confirm their authenticity.

The NSA could not immediately be reached for comment.

Also published were many programs for attacking various versions of the Windows operating system, at least some of which still work, researchers said.

In a statement to Reuters, Microsoft <MSFT.O>, maker of Windows, said it had not been warned by any part of the U.S. government that such files existed or had been stolen.

“Other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers,” the company said.

The absence of warning is significant because the NSA knew for months about the Shadow Brokers breach, officials previously told Reuters. Under a White House process established by former President Barack Obama’s staff, companies were usually warned about dangerous flaws.

Shook said criminal hackers could use the information released on Friday to hack into banks and steal money in operations mimicking a heist last year of $81 million from the Bangladesh central bank.

“The release of these capabilities could enable fraud like we saw at Bangladesh Bank,” Shook said.

The SWIFT messaging system is used by banks to transfer trillions of dollars each day. Belgium-based SWIFT downplayed the risk of attacks employing the code released by hackers on Friday.

SWIFT said it regularly releases security updates and instructs client banks on how to handle known threats.

“We mandate that all customers apply the security updates within specified times,” SWIFT said in a statement.

SWIFT said it had no evidence that the main SWIFT network had ever been accessed without authorization.

It was possible that the local messaging systems of some SWIFT client banks had been breached, SWIFT said in a statement, which did not specifically mention the NSA.

When cyberthieves robbed the Bangladesh Bank last year, they compromised that bank’s local SWIFT network to order money transfers from its account at the New York Federal Reserve.

The documents released by the Shadow Brokers on Friday indicate that the NSA may have accessed the SWIFT network through service bureaus. SWIFT service bureaus are companies that provide an access point to the SWIFT system for the network’s smaller clients and may send or receive messages regarding money transfers on their behalf.

“If you hack the service bureau, it means that you also have access to all of their clients, all of the banks,” said Matt Suiche, founder of the United Arab Emirates-based cybersecurity firm Comae Technologies, who has studied the Shadow Broker releases and believes the group has access to NSA files.

The documents posted by the Shadow Brokers include Excel files listing computers on a service bureau network, user names, passwords and other data, Suiche said.

“That’s information you can only get if you compromise the system,” he said.

ATTEMPT TO MONITOR FLOW OF MONEY

Cris Thomas, a prominent security researcher with the cybersecurity firm Tenable, said the documents and files released by the Shadow Brokers show “the NSA has been able to compromise SWIFT banking systems, presumably as a way to monitor, if not disrupt, financial transactions to terrorists groups”.

Since the early 1990s, interrupting the flow of money from Saudi Arabia, the United Arab Emirates and elsewhere to al Qaeda, the Taliban, and other militant Islamic groups in Afghanistan, Pakistan and other countries has been a major objective of U.S. and allied intelligence agencies.

Mustafa Al-Bassam, a computer science researcher at University College London, said on Twitter that the Shadow Brokers documents show that the “NSA hacked a bunch of banks, oil and investment companies in Palestine, UAE, Kuwait, Qatar, Yemen, more.”

He added that NSA “completely hacked” EastNets, one of two SWIFT service bureaus named in the documents that were released by the Shadow Brokers.

Reuters could not independently confirm that EastNets had been hacked.

EastNets, based in Dubai, denied it had been hacked in a statement, calling the assertion “totally false and unfounded.”

EastNets ran a “complete check of its servers and found no hacker compromise or any vulnerabilities,” according to a statement from EastNets’ chief executive and founder, Hazem Mulhim.

In 2013, documents released by former NSA contractor Edward Snowden said the NSA had been able to monitor SWIFT messages.

The agency monitored the system to spot payments intended to finance crimes, according to the documents released by Snowden.

Reuters could not confirm whether the documents released Friday by the Shadow Brokers, if authentic, were related to NSA monitoring of SWIFT transfers since 2013.

Some of the documents released by the Shadow Brokers were dated 2013, but others were not dated.

The documents released by the hackers did not clearly indicate whether the NSA had actually used all the techniques cited for monitoring SWIFT messages.

(Additional reporting by Tom Bergin in London; Dustin Volz and John Walcott in Washington; Joseph Menn in San Franciso; and Jim Finkle in Buffalo, New York.; Editing by Brian Thevenot and Cynthia Osterman)