FISA Orders for Hacking Help

In its latest Snowden story, the WaPo reports that NSA has used Google’s cookies to help track people for hacking purposes.

The National Security Agency is secretly piggybacking on the tools that enable Internet advertisers to track consumers, using “cookies” and location data to pinpoint targets for government hacking and to bolster surveillance.

The agency’s internal presentation slides, provided by former NSA contractor Edward Snowden, show that when companies follow consumers on the Internet to better serve them advertising, the technique opens the door for similar tracking by the government. The slides also suggest that the agency is using these tracking techniques to help identify targets for offensive hacking operations.

[snip]

The NSA’s use of cookies isn’t a technique for sifting through vast amounts of information to find suspicious behavior; rather, it lets NSA home in on someone already under suspicion – akin to when soldiers shine laser pointers on a target to identify it for laser-guided bombs.

This will be sure to make software opposition to NSA’s unbridled spying louder, if not less hypocritical (after all, every way Google limits its own tracking amounts to another tool the NSA can’t exploit).

I’m particularly interested in how NSA collects cookies it uses. The article suggests they may do it via FISC order (though they don’t say whether it would involve an individualized FISA order or bulk FAA collection).

These specific slides do not indicate how the NSA obtains Google PREF cookies or whether the company cooperates in these programs, but other documents reviewed by the Post indicate that cookie information is among the data NSA can obtain with a Foreign Intelligence Surveillance Act order. If the NSA gets the data that way, the companies know and are legally compelled to assist.

That is, is a PREF cookie just one of many identifying details they’re asked to turn over on customers in general? If so, in what volume?

Remember, too, that one thing the Internet companies are fighting for in their transparency suit is the right to explicate metadata requests from content ones. This is the kind of information request that would be very informative for potential targets (because, if they don’t already, they can just keep their cookies clean).

I’m particularly interested in the disclosure that the NSA may be using information collected on a FISA order for offensive hacking purposes, not for information collection. That’s not surprising — it doesn’t necessarily clearly distinguish between information collection and hacking. And we know the NSA uses the content it collects to coerce informants, so why not aide in hacks?

But that does seem to extend the use of FISC orders beyond the spirit of their use.

Tweet about this on Twitter2Share on Reddit0Share on Facebook5Google+2Email to someone

6 Responses to FISA Orders for Hacking Help

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6

Emptywheel Twitterverse
JimWhiteGNV RT @bmaz: Pat Tillman Was A Man, Not Just A Symbol http://t.co/LHFaQOUS99 Who Pat was in life, not just death
4mreplyretweetfavorite
bmaz Pat Tillman Was A Man, Not Just A Symbol http://t.co/LHFaQOUS99 Who Pat was in life, not just death
4mreplyretweetfavorite
bmaz @HzmtH1 @terraformer @radleybalko @WPTheWatch I do this for a living, and thought "exigent circumstances" warrants marshal law is absurd
1hreplyretweetfavorite
emptywheel @gideonstrumpet need to check my schedule but I might have time to touch base.
1hreplyretweetfavorite
bmaz @HzmtH1 @terraformer @radleybalko @WPTheWatch Yeah, well, the central premise is irrefutable if you actually believe in US+MA Constitutions.
1hreplyretweetfavorite
emptywheel @gideonstrumpet I'm speaking at 4:15 @ Hampshire but will be here thru Sat AM. What's your schedule tomorrow? @bmaz @FalguniSheth
2hreplyretweetfavorite
bmaz @GregoryMcNeal @radleybalko Already have and do!
2hreplyretweetfavorite
bmaz Now that Fed govt has initiated pardon+sentencing reform, pressure on governors and states to do the same should be brought.
2hreplyretweetfavorite
bmaz @TimothyS Yes yes, but I really detest the former too!
2hreplyretweetfavorite
bmaz Can Obama pardon enough inmates to shut down the loathsome private prisons like CCA et. al? He should. http://t.co/nXFmq0tE2V
2hreplyretweetfavorite
bmaz @janehamsher @SavannahGuthrie @JohnKiriakou @TODAYshow Then whispers sweet nothings in his ear on the way out.
2hreplyretweetfavorite
bmaz RT @michaelbkiefer: If the AZ Supreme Court issues a death warrant, Joe Wood will be executed with medazolam + hydromorphone, which didn't …
2hreplyretweetfavorite
December 2013
S M T W T F S
« Nov   Jan »
1234567
891011121314
15161718192021
22232425262728
293031