Posts

The Most Counterproductive Letter in Defense of Julian Assange

/20 Comments/in , /by

How seriously do you think the Joe Biden Administration is going to take a letter that,

  • Implicitly treats helping Edward Snowden flee Hong Kong to Russia (one of the overt acts Julian Assange is currently charged with) as a journalistic activity
  • Was written by an organization on the board of which Edward Snowden serves, without any disclosure of the relationship (or that another Freedom of the Press Foundation board member, Laura Poitras, decided in real time that such activities weren’t journalism, thereby eliminating the New York Times problem the letter claims still exists)
  • Treats the Julian Assange extradition request as a Trump Administration decision at a time when Biden is trying to emphasize that DOJ represents the country, not one president
  • Ties the Assange prosecution to Trump’s other politicization of DOJ when the evidence shows the opposite happened, that Trump abused power to attempt to protect Assange (in her ruling, Judge Baraitser also noted that Trump in no way treated WikiLeaks like he treated journalistic outlets)
  • Relies on dated 2013 reporting about the sum total of WikiLeaks’ actions targeting the US, ignoring much of the public record since, not to mention the grave damage incurred by a release — Vault 7 — that had almost no news value, which was allegedly leaked while Acting Deputy Attorney General John Carlin (who will probably field this letter) was in charge of DOJ’s National Security Division
  • Exhibits zero familiarity with the 54-page report — citing testimony from Biden Administration members Avril Haines, Lisa Monaco, Susan Rice, Tony Blinken, Samantha Power, Denis McDonough, and John Kerry — that concluded one reason the Obama Administration didn’t respond in more timely fashion to Russia’s attack on the 2016 election was because of a delayed understanding of how WikiLeaks had been “coopted” by Russia:

Despite Moscow’s history of leaking politically damaging information, and the increasingly significant publication of illicitly obtained information by coopted third parties, such as WikiLeaks, which historically had published information harmful to the United States, previous use of weaponized information alone was not sufficient for the administration to take immediate action on the DNC breach. The administration was not fully engaged until some key intelligence insights were provided by the IC, which shifted how the administration viewed the issue.

[snip]

The executive branch struggled to develop a complete understanding of WikiLeaks. Some officials viewed WikiLeaks as a legitimate news outlet, while others viewed WikiLeaks as a hostile organization acting intentionally and deliberately to undermine U.S. or allies’ interests.

The letter claims to want to protect a “robust” press. But this letter fails to meet journalistic standards of transparency or accuracy.

Nevertheless, the following organizations signed onto such a (in my opinion) counterproductive letter:

  • Access Now
  • American Civil Liberties Union
  • Amnesty International – USA
  • Center for Constitutional Rights
  • Committee to Protect Journalists
  • Defending Rights and Dissent
  • Demand Progress
  • Electronic Frontier Foundation
  • Fight for the Future
  • First Amendment Coalition Free Press
  • Freedom of the Press Foundation
  • Human Rights Watch
  • Index on Censorship
  • Knight First Amendment Institute at Columbia University
  • National Coalition Against Censorship
  • Open The Government
  • Partnership for Civil Justice Fund
  • PEN America
  • Project on Government Oversight
  • Reporters Without Borders
  • Roots Action
  • The Press Freedom Defense Fund of First Look Institute
  • Whistleblower & Source ProtectionProgram (WHISPeR) at ExposeFacts

I have a great deal of respect for these organizations, have worked for several of them, and have received funding in the past from Freedom of the Press Foundation. I agree with the sentiment of the letter that some of the current charges against Assange pose a risk to journalism. I believe these organizations could have written an effective letter to Acting Attorney General Monty Wilkinson (or, more effectively and with better targeting, to Carlin).

Instead, they signed onto a letter that violates several of the principles of journalism they claim to want to defend.

How Did Two CISA Beneficiaries and Numerous Agnostics Come to Support CISA?

/2 Comments/in /by

When the Business Software Alliance released this letter a while back, I was perplexed.

In addition to its call for Congress to pass a set of designated bills, including ECPA reform, that would give assurances to international customers that US services weren’t more exposed to US spying, the letter also called for passage of cybersecurity sharing legislation.

Cyber Threat Information Sharing Legislation will promote cybersecurity and protect sensitive information by enabling private actors in possession of information about vulnerability and intrusions to more easily share that information voluntarily with others under threat, thus enabling the development of better solutions faster.

As TechDirt noted, the letter didn’t name any particular cyber sharing bill, but there are three and all expand US government access to data. Even if some or all tech companies that make up BSA wanted such a bill it seemed odd to include in a call for legislation that would reassure international customers. I asked around and the impression was it was just convenience to include a CISA-type legislation (but why include it at all)?

So then Fight for the Future went to work. It got thousands of activists to complain to the companies directly about their stated support for a CISA-type legislation. And also announced their intention to stop using Heroku, which is part of Salesforce, as their host.

That led first Salesforce then BSA more generally to deny they had ever supported CISA. The BSA language pretended their original letter called for balanced legislation. And it also claimed to consistently advocate for strong privacy protections on such legislation — which of course they didn’t do in the letter.

There have been questions about our views of the current CISA legislation. For clarity, BSA does not support any of the three current bills pending before Congress, including the Cybersecurity Information Sharing Act (CISA), the Protecting Cyber Networks Act (PCNA), and the National Cybersecurity and Communications Integration Center (NCCIC) Act.

Consistent with this view, BSA’s September 14 data agenda letter to Congressional leaders identified five key areas where Congress can pass legislation to strengthen the policy environment around digital commerce, including voluntary information sharing, and highlighted the need for balanced legislation in this area.

BSA has consistently advocated for strong privacy protections in all information sharing bills currently pending before the Congress.

We will continue to work with the Congress, others in industry and the privacy community to advance legislation that effectively deals with cyber threats, while protecting individual privacy.

All of raises more questions about how the endorsement for cyber sharing at a time when all the cyber sharing bills before Congress don’t balance privacy interests got into the letter.

Especially given the signatories. The signatories include companies — like Apple — that have fought hard to protect their customers’ privacy. It included several — notably Adobe and Siemens — that could significantly benefit from any kind of immunity, given that their products are among the most consistent targets of hacks. Most interesting, it includes several companies — including IBM and Symantec — that will benefit when a CISA bill makes it easier for cybersecurity contractors to get more data with which to serve customers.

Indeed, the language from the original bullet support cyber sharing — “enabling private actors in possession of information about vulnerability and intrusions to more easily share that information voluntarily with others under threat” — might well describe how cybersecurity contractors will get a boost from CISA.

Some members of BSA probably do, individually, support CISA for the immunity and data it would give them. Others neither need it nor want the stigma.

So how did it get in this letter?