Britain’s secret listening service, GCHQ, uses a spying system codenamed “Royal Concierge” to carry out detailed surveillance on foreign diplomats and government delegations at more than 350 hotels across the world, Germany’s Der Spiegel magazine reported on Sunday.

The disclosures, based on intelligence data leaked by the US whistleblower Edward Snowden, follow reports that British intelligence installs secret software to spy on selected companies and revelations earlier this month by The Independent that GCHQ operates a listening post on the roof of the UK’s Berlin embassy.

Der Spiegel said that GCHQ used “Royal Concierge” to spy on the booking arrangements of the hotels involved in order to gain information about the travel plans of diplomats and government delegations. It said the system was used to “prepare” their hotel rooms for more detailed surveillance.

The magazine said the information gained enabled the GCHQ’s so-called “technical departments” to bug the telephones and computers used by diplomats in their hotel rooms. It said “Royal Concierge” was also used to prepare the ground for the setting up of the GCHQ’s so-called “Humint Operations” – an abbreviation for “Human Intelligence” surveillance involving the deployment of agents to spy on diplomats.

Der Spiegel did not say which hotels were targeted. Contacted by the magazine, a spokesman for GCHQ said he could “neither confirm nor deny” Der Spiegel’s report.

The disclosures are the latest in a series of embarrassing revelations about the covert activities of GCHQ and its US counterpart, the National Security Agency, leaked to the media by fugitive whistleblower Edward Snowden.

The intelligence leaks have revealed the existence of the GCHQ/NSA “Tempora” spying operation involving the mass surveillance of Internet, phone and email traffic which crosses the Atlantic through undersea fibre-optic cables. The British government has claimed to have had no knowledge of the programme.

Disclosures published by Der Spiegel last week said that GCHQ used doctored websites including those from the business network LinkedIn to install surveillance software on the computers of unwitting companies and individuals.

The system was said to be codenamed “Quantum Insert”. One of the targeted companies was identified as the part-state-owned Belgian telecommunications firm Belgacom. Another was a concern named Mach, which is used by several mobile phone companies to coordinate international roaming traffic.

In Germany, disclosures that the NSA used an embassy listening post to bug Chancellor Angela Merkel’s mobile phone were followed a fortnight ago by an investigation by The Independent which revealed that GCHQ runs a similar listening post.

German MPs have said they are outraged that US and British intelligence spies on the politicians of a country which is their key European ally. They have called for the setting up of no-spying agreements between Washington, London and Berlin.

Germany’s two main political parties announced yesterday that they had agreed to set up a cyber security centre to establish how networks could be better protected from invasive surveillance.

Tony Paterson
Sunday, 17 November 2013

Find this story at 17 November 2013

© independent.co.uk

Britain’s GCHQ intelligence service monitors diplomats’ travels using a sophisticated automated system that tracks hotel bookings. Once a room has been identified, it opens the door to a variety of spying options.

When diplomats travel to international summits, consultations and negotiations on behalf of governments, they generally tend to spend the night at high-end hotels. When they check-in, in addition to a comfortable room, they sometimes get a very unique form of room service that they did not order: a thorough monitoring by the British Government Communications Headquarters, or GCHQ in short.

Intelligence service documents from the archive of NSA whistleblower Edward Snowden show that, for more than three years, GCHQ has had a system to automatically monitor hotel bookings of at least 350 upscale hotels around the world in order to target, search and analyze reservations to detect diplomats and government officials.

The top secret program carries the codename “Royal Concierge,” and has a logo showing a penguin wearing a crown, a purple cape and holding a wand. The penguin is apparently meant to symbolize the black and white uniform worn by staff at luxury hotels.

The aim of the program is to inform GCHQ, at the time of the booking, of the city and hotel a foreign diplomat intends to visit. This enables the “technical operations community” to make the necessary preparations in a timely manner, the secret documents state. The documents cast doubt on the truthfulness of claims made last week to a committee in parliament by the heads of the three British intelligence agencies: Namely that the exclusive reason and purpose behind their efforts is the battle against terrorism, and to make sure they can monitor the latest postings by al-Qaida and similar entities.

The documents show that the prototype of “Royal Concierge” was first tested in 2010. The much-touted program, referred to internally as an “innovation,” was apparently so successful that further development continued.

Daily Alerts

The documents provide details on how the British program for tracking international diplomats functioned. Whenever a reservation confirmation is emailed to a conspicuous address inside a government domain (like gov.xx) from any of the 350 hotels around the world being monitored, a daily alert “tip-off” is sent to the appropriate GCHQ analysts. The documents seen by SPIEGEL do not include hotel names, but they do cite anonymized hotels in Zurich and Singapore as examples.

A further document states that this advance knowledge of which foreign diplomats will be staying in what hotels provides GCHQ with a whole palette of intelligence capabilities and options. The documents reveal an impressive listing of capabilities for monitoring a hotel room and its temporary resident that seem to exhaust the creative potential of modern spying. Among the possibilities, of course, are wiretapping the room telephone and fax machine as well as the monitoring of computers hooked up to the hotel network (“computer network exploitation”).

It also states that a “Technical Attack” is deployed by the British “TECA” team for guests of high interest. The documents state that these elite units develop a range of “specialist technologies” that are “designed to bridge the gaps to communications that our conventional accesses cannot reach.” These “Active Approach Teams” are small, but possess advanced technical skill that allow them to work within “often unique requirements.”

The guests, of course, have no clue about these advanced technical preparations that are made for their visits. In cases of “governmental hard targets,” the information obtained through “Royal Concierge” can also involve “Humint” operations. The abbreviation is short for “human intelligence” — in other words, the deployment of human spies who might then be listening in on a diplomat’s conversations at the hotel bar.

‘Wild, Wild West’

The documents seen by SPIEGEL do not state how often the program has been used, but they do indicate that it continued to be developed and that it captured the imagination of the intelligence agency’s workers, including the GCHQ unit responsible for “effects.” Given the access they had to hotel bookings through “Royal Concierge,” one document pondered: “Can we influence the hotel choice?” And: Did they have the ability to cancel visits entirely? Another slide lists “car hire” as one of the possible extensions to the program.

Contacted by SPIEGEL, GCHQ said that it “neither confirms nor denies the allegation.”

Her Royal Majesty’s agents appear to be very conscious of the fact that the automated monitoring of diplomats’ travel by the British intelligence service crosses into controversial terrain. One of the presentations describing “Royal Concierge” is titled “Tales from the Wild, Wild West of GCHQ Operational Datamining.”

11/17/2013 08:09 AM
By Laura Poitras, Marcel Rosenbach and Holger Stark

Find this story at 17 November 2013

© SPIEGEL ONLINE 2013

During a coffee break at an intelligence conference held in The Netherlands a few years back, a senior Scandinavian counterterrorism official regaled me with a story. One of his service’s surveillance teams was conducting routine monitoring of a senior militant leader when they suddenly noticed through their high-powered surveillance cameras two men breaking into the militant’s apartment. The target was at Friday evening prayers at the local mosque. But rather than ransack the apartment and steal the computer equipment and other valuables while he was away — as any right-minded burglar would normally have done — one of the men pulled out a disk and loaded some programs onto the resident’s laptop computer while the other man kept watch at the window. The whole operation took less than two minutes, then the two trespassers fled the way they came, leaving no trace that they had ever been there.

It did not take long for the official to determine that the two men were, in fact, Central Intelligence Agency (CIA) operatives conducting what is known in the U.S. intelligence community as either a “black bag job” or a “surreptitious entry” operation. Back in the Cold War, such a mission might have involved cracking safes, stealing code books, or photographing the settings on cipher machines. Today, this kind of break-in is known inside the CIA and National Security Agency as an “off-net operation,” a clandestine human intelligence mission whose specific purpose is to surreptitiously gain access to the computer systems and email accounts of targets of high interest to America’s spies. As we’ve learned in recent weeks, the National Security Agency’s ability to electronically eavesdrop from afar is massive. But it is not infinite. There are times when the agency cannot gain access to the computers or gadgets they’d like to listen in on. And so they call in the CIA’s black bag crew for help.

The CIA’s clandestine service is now conducting these sorts of black bag operations on behalf of the NSA, but at a tempo not seen since the height of the Cold War. Moreover, these missions, as well as a series of parallel signals intelligence (SIGINT) collection operations conducted by the CIA’s Office of Technical Collection, have proven to be instrumental in facilitating and improving the NSA’s SIGINT collection efforts in the years since the 9/11 terrorist attacks.
More FP Coverage
the NSA Leaks
Meet the Spies Doing the NSA’s Dirty Work
Exclusive: Inside America’s Plan to Kill Online Privacy Rights Everywhere
Spy Copters, Lasers, and Break-In Teams

Over the past decade specially-trained CIA clandestine operators have mounted over one hundred extremely sensitive black bag jobs designed to penetrate foreign government and military communications and computer systems, as well as the computer systems of some of the world’s largest foreign multinational corporations. Spyware software has been secretly planted in computer servers; secure telephone lines have been bugged; fiber optic cables, data switching centers and telephone exchanges have been tapped; and computer backup tapes and disks have been stolen or surreptitiously copied in these operations.

In other words, the CIA has become instrumental in setting up the shadowy surveillance dragnet that has now been thrown into public view. Sources within the U.S. intelligence community confirm that since 9/11, CIA clandestine operations have given the NSA access to a number of new and critically important targets around the world, especially in China and elsewhere in East Asia, as well as the Middle East, the Near East, and South Asia. (I’m not aware of any such operations here on U.S. soil.) In one particularly significant operation conducted a few years back in a strife-ridden South Asian nation, a team of CIA technical operations officers installed a sophisticated tap on a switching center servicing several fiber-optic cable trunk lines, which has allowed NSA to intercept in real time some of the most sensitive internal communications traffic by that country’s general staff and top military commanders for the past several years. In another more recent case, CIA case officers broke into a home in Western Europe and surreptitiously loaded Agency-developed spyware into the personal computer of a man suspected of being a major recruiter for individuals wishing to fight with the militant group al-Nusra Front in Syria, allowing CIA operatives to read all of his email traffic and monitor his Skype calls on his computer.

The fact that the NSA and CIA now work so closely together is fascinating on a number of levels. But it’s particularly remarkable accomplishment, given the fact that the two agencies until fairly recently hated each others’ guts.

Ingenues and TBARs

As detailed in my history of the NSA, The Secret Sentry, the CIA and NSA had what could best be described as a contentious relationship during the Cold War era. Some NSA veterans still refer to their colleagues at the CIA as ‘TBARs,’ which stands for ‘Those Bastards Across the River,’ with the river in question being the Potomac. Perhaps reflecting their higher level of educational accomplishment, CIA officers have an even more lurid series of monikers for their NSA colleagues at Fort Meade, most of which cannot be repeated in polite company because of recurring references to fecal matter. One retired CIA official described his NSA counterparts as “a bunch of damn ingenues.” Another CIA veteran perhaps put it best when he described the Cold War relationship amongst and between his agency and the NSA as “the best of enemies.”

The historical antagonism between the two agencies started at the top. Allen W. Dulles, who was the director of the CIA from 1953 to 1961, disliked NSA director General Ralph Canine so intensely that he deliberately kept the NSA in the dark about a number of the agency’s high-profile SIGINT projects, like the celebrated Berlin Tunnel cable tapping operation in the mid-1950s. The late Richard M. Helms, who was director of the CIA from 1966 to 1973, told me over drinks at the Army-Navy Club in downtown Washington, D.C. only half jokingly that during his thirty-plus years in the U.S. intelligence community, his relations with the KGB were, in his words, “warmer and more collegial” than with the NSA. William E. Colby, who served as Director of Central Intelligence from 1973-1976, had the same problem. Colby was so frustrated by his inability to assert any degree of control over the NSA that he told a congressional committee that “I think it is clear I do not have command authority over the [NSA].” And the animus between CIA director Admiral Stansfield Turner (CIA director from 1977-1981) and his counterpart at the NSA, Admiral Bobby Ray Inman, was so intense that they could only communicate through intermediaries.

But the 9/11 terrorist attacks changed the operational dynamic between these two agencies, perhaps forever. In the thirteen years since the 9/11 terrorist attacks, the NSA and CIA have largely, but not completely, moved past the Cold War animus. In addition, both agencies have become increasingly dependent on one another for the success of their respective intelligence operations, leading to what can best be described as an increasingly close symbiotic relationship between these two titans of the U.S. intelligence community.

While the increasingly intimate relationship between the NSA and CIA is not a secret, the specific nature and extent of the work that each agency does for the other is deemed to be extremely sensitive, especially since many of these operations are directed against friends and allies of the United States. For example, the Special Collection Service (SCS), the secretive joint CIA-NSA clandestine SIGINT organization based in Beltsville, Maryland, now operates more than 65 listening posts inside U.S. embassies and consulates around the world. While recent media reports have focused on the presence of SCS listening posts in certain Latin America capitals, intelligence sources confirm that most of the organization’s resources have been focused over the past decade on the Middle East, South Asia, and East Asia. For example, virtually every U.S. embassy in the Middle East now hosts a SCS SIGINT station that monitors, twenty-four hours a day, the complete spectrum of electronic communications traffic within a one hundred mile radius of the embassy site. The biggest problem that the SCS currently faces is that it has no presence in some of the U.S. intelligence community’s top targets, such as Iran and North Korea, because the U.S. government has no diplomatic relations with these countries.

At the same time, SIGINT coming from the NSA has become a crucial means whereby the CIA can not only validate the intelligence it gets from its oftentimes unreliable agents, but SIGINT has been, and remains the lynchpin underlying the success over the past nine years of the CIA’s secret unmanned drone strikes in Pakistan, Yemen and elsewhere around the world.

But the biggest changes have occurred in the CIA’s human intelligence (HUMINT) collection efforts on behalf of NSA. Over the past decade, foreign government telecommunications and computer systems have become one of the most important targeting priorities of the CIA’s National Clandestine Service (NCS), which since the spring of this year has been headed by one of the agency’s veteran Africa and Middle East hands. The previous director, Michael J. Sulick, is widely credited with making HUMINT collection against foreign computer and telecommunications systems one of the service’s top priority targets after he rose to the top of the NCS in September 2007.

Today, a cadre of several hundred CIA NCS case officers, known as Technical Operations Officers, have been recruited and trained to work exclusively on penetrating foreign communications and computer systems targets so that NSA can gain access to the information stored on or transmitted by these systems. Several dozen of these officers now work fulltime in several offices at NSA headquarters at Fort George G. Meade, something which would have been inconceivable prior to 9/11.

CIA operatives have also intensified their efforts to recruit IT specialists and computer systems operators employed by foreign government ministries, major military command headquarters staffs, big foreign multinational corporations, and important international non-governmental organizations.

Since 9/11, the NCS has also developed a variety of so-called “black boxes” which can quickly crack computer passwords, bypass commercially-available computer security software systems, and clone cellular telephones — all without leaving a trace. To use one rudimentary example, computer users oftentimes forget to erase default accounts and passwords when installing a system, or incorrectly set protections on computer network servers or e-mail accounts. This is a vulnerability which operatives now routinely exploit.

For many countries in the world, especially in the developing world, CIA operatives can now relatively easily obtain telephone metadata records, such as details of all long distance or international telephone calls, through secret liaison arrangements with local security services and police agencies.

America’s European allies are a different story. While the connections between the NSA and, for example, the British signals intelligence service GCHQ are well-documented, the CIA has a harder time obtaining personal information of British citizens. The same is true in Germany, Scandinavia and the Netherlands, which have also been most reluctant to share this sort of data with the CIA. But the French intelligence and security services have continued to share this sort of data with the CIA, particularly in counterterrorism operations.

U.S. intelligence officials are generally comfortable with the new collaboration. Those I have spoken to over the past three weeks have only one major concern. The fear is that details of these operations, including the identities of the targets covered by these operations, currently reside in the four laptops reportedly held by Edward Snowden, who has spent the past three weeks in the transit lounge at Sheremetyevo Airport outside Moscow waiting for his fate to be decided. Officials at both the CIA and NSA know that the public disclosure of these operations would cause incalculable damage to U.S. intelligence operations abroad as well as massive embarrassment to the U.S. government. If anyone wonders why the U.S. government wants to get its hands on Edward Snowden and his computers so badly, this is an important reason why.

David Burnett/Newsmakers

Matthew M. Aid is the author of Intel Wars: The Secret History of the Fight Against Terror and The Secret Sentry: The Untold History of the National Security Agency, and is co-editor with Cees Wiebes of Secrets of Signals Intelligence During the Cold War and Beyond.

BY MATTHEW M. AID | JULY 17, 2013

Find this story at 17 July 2013

©2013 The Slate Group, LLC. All rights reserved.

“I’d come back from an op and couldn’t wait for what happens next,” says Douglas Groat (shown in a reenactment with tools of the trade). (James Quantz Jr. )

The six CIA officers were sweating. It was almost noon on a June day in the Middle Eastern capital, already in the 90s outside and even hotter inside the black sedan where the five men and one woman sat jammed in together. Sat and waited.

They had flown in two days earlier for this mission: to break into the embassy of a South Asian country, steal that country’s secret codes and get out without leaving a trace. During months of planning, they had been assured by the local CIA station that the building would be empty at this hour except for one person—a member of the embassy’s diplomatic staff working secretly for the agency.

But suddenly the driver’s hand-held radio crackled with a voice-encrypted warning: “Maintain position. Do not approach target.” It was the local CIA station, relaying a warning from the agency’s spy inside: a cleaning lady had arrived.

From the back seat Douglas Groat swore under his breath. A tall, muscular man of 43, he was the leader of the break-in team, at this point—1990—a seven-year veteran of this risky work. “We were white faces in a car in daytime,” Groat recalls, too noticeable for comfort. Still they waited, for an hour, he says, before the radio crackled again: “OK to proceed to target.” The cleaning lady had left.

Groat and the others were out of the car within seconds. The embassy staffer let them in the back door. Groat picked the lock on the code room—a small, windowless space secured for secret communications, a standard feature of most embassies—and the team swept inside. Groat opened the safe within 15 minutes, having practiced on a similar model back in the States. The woman and two other officers were trained in photography and what the CIA calls “flaps and seals”; they carefully opened and photographed the code books and one-time pads, or booklets of random numbers used to create almost unbreakable codes, and then resealed each document and replaced it in the safe exactly as it had been before. Two hours after entering the embassy, they were gone.

After dropping the break-in specialists off at their hotel, the driver took the photographs to the U.S. Embassy, where they were sent to CIA headquarters by diplomatic pouch. The next morning, the team flew out.

The CIA is not in the habit of discussing its clandestine operations, but the agency’s purpose is clear enough. As then-chief James Woolsey said in a 1994 speech to former intelligence operatives: “What we really exist for is stealing secrets.” Indeed, the agency declined to comment for this article, but over the course of more than 80 interviews, 25 people—including more than a dozen former agency officers—described the workings of a secret CIA unit that employed Groat and specialized in stealing codes, the most guarded secrets of any nation.

What Groat and his crew were doing followed in the tradition of all espionage agencies. During World War II, for example, Soviet spies stole the secrets of how the United States built the atom bomb, and the British secretly read Nazi communications after acquiring a copy of a German Enigma cipher machine from Polish intelligence. The Office of Strategic Services, the CIA’s predecessor, targeted the Vichy French Embassy in Washington, D.C. one night in June 1942. An operative code-named Cynthia arranged a tryst inside the embassy with her lover, who was the press attaché there. The tryst, as both knew, was a cover story—a way to explain her presence to the night watchman. After the 31-year-old, auburn-haired spy and her lover stripped in the hall outside the code room, Cynthia, naked but for her pearls and high-heeled shoes, signaled out a window to a waiting OSS safe expert, a specialist known as the “Georgia Cracker.” He soon had the safe open and the codebooks removed; an OSS team photographed the books in a hotel nearby, and Cynthia returned them to the safe before dawn. The stolen codes were said to have helped OSS undercover operations in North Africa that paved the way for the Allied invasion there six months later.

In 1956, Soviet leader Nikita Khrushchev denounced Joseph Stalin’s mass terror and “cult of personality” in a speech to a closed session of the Communist Party Congress in Moscow. Khrushchev repudiated his predecessor in such stark terms that his speech weakened the Soviet Union’s grip on Eastern Europe and contributed to Moscow’s split with China. As word of his “secret speech” filtered out, the CIA fell under enormous pressure to obtain a copy. The agency’s director, Allen W. Dulles, secured one—he never disclosed how, but by most accounts his source was Israeli intelligence—and leaked it to the New York Times. He later wrote that getting the speech was “one of the major intelligence coups” of his career.

In a secret program called HTLINGUAL, the CIA screened more than 28 million first-class letters and opened 215,000 of them between 1953 and 1973, even though the Supreme Court held as far back as 1878 in Ex parte Jackson and reaffirmed in 1970 in U.S. v. Van Leeuwen that the Fourth Amendment bars third parties from opening first-class mail without a warrant. The program’s stated purpose was to obtain foreign intelligence, but it targeted domestic peace and civil rights activists as well. In a 1962 memo to the director of the CIA’s Office of Security, the deputy chief of the counterintelligence staff warned that the program could lead “to grave charges of criminal misuse of the mails” and therefore U.S. intelligence agencies must “vigorously deny” HTLINGUAL, which should be “relatively easy to ‘hush up.’ ”

One of the agency’s most ambitious known theft attempts took place after a Soviet submarine sank in 1968 several hundred miles northwest of Hawaii, losing all hands. After spending at least $200 million to build a ship designed especially for the mission, the agency tried in 1974 to steal the sub from its resting place, 17,000 feet deep. Using a giant claw, the ship, the Glomar Explorer, lifted the sub from the ocean bottom, but it broke in two as it was raised. The agency recovered the forward third of the vessel, but former CIA director William E. Colby confirmed in the French edition of his memoir, which slipped through the agency’s censorship, that the operation fell short of its main objective—recovering the part of the sub containing Soviet nuclear missiles and codebooks.

Codes have always been primary espionage targets, but they have become more valuable as encryption programs have become both more common and more complex. Today, even the National Security Agency, the nation’s code-making and -breaking arm and its largest intelligence agency, has trouble keeping up with the flood of messages it intercepts. When decrypting other countries’ codes is so difficult, the most obvious solution is to steal them.

That is why by 1955, and probably earlier, the CIA created a special unit to perform what the agency calls “surreptitious entries.” This unit was so secret that few people inside CIA headquarters knew it existed; it wasn’t even listed in the CIA’s classified telephone book. Officially it was named the Special Operations Division, but the handful of agency officers selected for it called it the Shop.

In Doug Groat’s time there, in the 1980s and early ’90s, the Shop occupied a nondescript one-story building just south of a shopping mall in the Washington suburb of Springfield, Virginia. The building was part of a government complex surrounded by a chain-link fence; the pebbled glass in the windows let in light but allowed no view in or out. The men and women of the Shop made up a team of specialists: lock pickers, safecrackers, photographers, electronics wizards and code experts. One team member was a master at disabling alarm systems, another at flaps and seals. Their mission, put simply, was to travel the world and break into other countries’ embassies to steal codes, and it was extraordinarily dangerous. They did not have the protection of diplomatic cover; if caught, they might face imprisonment or execution. The CIA, they assumed, would claim it knew nothing about them. “It was generally understood, from talking to the other guys,” Groat recalls. “Nobody ever said it in so many words.”

Groat started working at the Shop in 1982 and became the CIA’s top burglar and premier lock picker. He planned or participated in 60 missions in Europe, Africa, South America and the Middle East. He received several $5,000 awards for successful entry missions—a significant sum for someone earning less than $40,000 a year at the time—as well as an award from the CIA’s Clandestine Service and another from the NSA. In several instances, as in the operation in the Middle East capital, he led the entry team. But that operation was Groat’s last. The simple fact that a cleaning lady had unexpectedly shown up for work set off a chain of events that pit him against his employer. The operations of the Shop, as described by Groat, other former members of the Shop and other intelligence professionals, illustrate the lengths to which the CIA went to steal other nations’ secrets. What happened to Groat illustrates the measures the agency took to protect secrets of its own.

Groat would seem an excellent candidate for the job of stealing codes. Six-foot-three, handsome and articulate, he is a former Green Beret trained in scuba diving, underwater explosives, parachuting, survival and evasion; he knows how to build homemade pistols, shotguns, silencers, booby traps and bombs. He also speaks Mandarin Chinese. He says he relished his work at the Shop—both for the opportunity to serve his country and for the adrenaline rush that came with the risks.

He grew up in Scotia, New York, near Albany. He joined the Army in 1967, before marrying his high-school sweetheart, and served as a captain in the Special Forces. He left after four years and worked in a series of law-enforcement jobs. As a police officer in Glenville, New York, Groat displayed a streak of unyielding resolve: He ticketed fire engines when he believed they were breaking the law. “The trucks would run with lights flashing even when they were not responding to a fire. They were checking the hydrants,” he says. “I warned them, ‘Do it again and I’ll ticket you.’ They did and I did.” After he ticketed the fire chief, Groat was fired. He sued and won his job back—and then, having made his point, quit to become a deputy U.S. marshal in Phoenix.

By then Groat and his wife had a daughter and a son. In 1980, he joined the CIA and moved his family to Great Falls, Virginia. At age 33, he was sent off to the Farm, the CIA’s training base near Williamsburg, to learn the black arts of espionage. Two years later, after testing well for hand coordination and the capacity to pay painstaking attention to detail, he was accepted for the Shop.

In training there he demonstrated an exceptional talent for picking locks, so the CIA sent him to vocational courses in opening both locks and safes. As a result, the CIA’s top burglar was also a bonded locksmith, member number 13526 of the Associated Locksmiths of America. He was also a duly certified member of the Safe and Vault Technicians Association.

Although Hollywood films show burglars with an ear glued to a safe to listen for the tumblers, Groat says it doesn’t work that way. “You feel the tumblers. In your fingers,” he says. “There are three to four wheels in a typical safe combination lock. As you turn the dial you can feel it as you hit each wheel, because there’s extra tension on the dial. Then you manipulate one wheel at a time until the drop lever inside falls into the open position and the safe is unlocked.”

After training came the real thing. “It was exhilarating,” Groat recalls of his first mission, targeting a South American embassy in Northern Europe. When he traveled to a target, he used an alias and carried phony ID—”pocket litter,” as it is known in the trade. His fake identities were backstopped, meaning that if anyone called to check with the real companies listed on his cards, someone would vouch for him as an employee. He also was given bank and credit cards in an alias to pay his travel expenses.

Because Groat’s work was so sensitive, he had to conceal it. Although his wife understood the nature of his work, for years his children did not. “I didn’t know where my father worked until I was in high school, in the ninth or tenth grade,” says Groat’s son, Shawn. “My sister typed a report on special paper that dissolved in water, although we didn’t know it. My father realized what she was doing and said, ‘You can’t use that paper.’ Then he ate the paper.

“He then sat us down and said, ‘I don’t work for the State Department. I work for the CIA.’” The State Department had been his cover story to explain his frequent travels to friends, relatives and neighbors. He said he inspected security at U.S. embassies.

Groat would not talk about which countries’ codes he and his colleagues stole. Other intelligence sources said that in 1989, he led an extraordinary mission to Nepal to steal a code machine from the East German Embassy there—the CIA and the NSA, which worked closely with the Shop, wanted the device so badly that Groat was told to go in, grab the safe containing the code machine and get out. Never mind the rule about leaving no trace; in this case it would be immediately obvious that a very large object was missing.

According to two CIA sources, the agency and the NSA had collected three decades’ worth of encrypted East German communications traffic; the machine would allow them to read it and, if the Soviets and the other Warsaw Pact countries were linked in a common system, perhaps to decrypt Soviet traffic as well.

The CIA station in Katmandu arranged for an official ceremony to be held more than an hour away from the capital and for all foreign diplomats to be invited. The agency knew the East Germans could not refuse to attend. That would leave Groat’s team about three hours to work. Posing as tourists, they arrived in Katmandu two days before the mission and slipped into a safe house. On the appointed day, they left the safe house wearing disguises crafted by a CIA specialist—whole-face latex masks that transformed them into Nepalese, with darker skin and jet-black hair. At the embassy, Groat popped the front door open with a small pry bar. Inside, the intruders peeled off their stifling masks and with a bolt-cutter removed a padlock barring the way to the embassy’s security area. Once in the code room, Groat and two teammates strained to lift the safe from the floorboards and wrestled it down the stairs and out to a waiting van.

They drove the safe to the American Embassy, where it was opened—and found to contain no code machine. Based on faulty intelligence, the CIA had sent its break-in team on a Himalayan goose chase.

In planning an operation, Groat says, he would normally reconnoiter the target personally. But he was told there was no budget to send him before his 1990 mission to the Middle East capital, so he had to rely on assurances from the local CIA station. Although the team accomplished its mission and returned to the Shop within two days, Groat was enraged at what he believed was sloppy advance work.

“It was a near miss, very scary,” he says. “I had to complain. It could have been disastrous for the U.S. government and the officers involved.”

Not to worry, Groat’s boss told him; he would personally tell the official who supervised the Shop what had happened. Groat says his boss warned him that if he went outside channels and briefed the supervisor on his own, “it would end my career.” He went to the supervisor anyway. “I told [him] if we had been caught our agent would be killed,” he says. “He said he didn’t care. That it was an aberration and wouldn’t happen again.” Groat did not back down; in fact, he escalated matters by taking his complaint to the CIA inspector general. The IG at the time was Frederick P. Hitz, who now teaches law at the University of Virginia. Hitz recalls that his office investigated the matter.

“On the issue that preparations for that entry had not been properly made, we did find there was merit in his complaint,” Hitz says. “His grievances had some justification in fact. He felt there was sloppiness that endangered himself and his crew, the safety of the men for whom he was responsible. We felt there was some reason for his being upset at the way his operation was prepared.”

Given the tensions rising between Groat and his managers, the IG also recommended that Groat be transferred to another unit. Hitz says he is fairly certain that he also urged that steps be taken to avoid a repeat of the problems Groat had encountered and that “we expected this not to happen again.” But the recommendation that Groat be transferred created a problem: There was no other unit like the Shop. Groat says he was given a desk at a CIA building in Tysons Corner, in Northern Virginia, but no work to do—for 14 months. In October 1992, he says, he was moved to another office in Northern Virginia but still given no duties. He worked out at a gym in a nearby CIA building and went home by 11 a.m.

By then Groat was at the end of his rope. “I was under more and more pressure” to quit, he says. “I was being pushed out and I was looking at losing my retirement.” He called the inspector general, “and he told me to find another job because I wasn’t going to get my job [at the Shop] back.”

The way Groat saw it, he had risked his life for nearly a decade to perform some of his country’s most demanding, valuable and risky work. He was the best at what he did, and yet that didn’t seem to matter; some bureaucrats had forced him out of the Shop for speaking out.

So he decided to run his own operation. Against the CIA.

In September 1992, Groat sent three anonymous letters to the ambassador of an Asian country revealing an operation he had participated in about a year and a half earlier to bug computers in an embassy the country maintained in Scandinavia. “It was a last-ditch effort to get the agency to pay attention,” Groat says. Clearly, he knew he was taking a terrible risk. At least one letter was intercepted and turned over to the CIA. But one or more may have gotten through, because the bugs suddenly went silent.

By early 1993, CIA counterintelligence officers had launched an investigation to find out who wrote the letters. The FBI was brought in, and its agents combed through the library at CIA headquarters in Langley, Virginia, dusting for prints on a list of foreign embassies in case the letters’ author had found the address there. The FBI “came to my house two or three times,” Groat says. Its agents showed him a form stating that his thumbprints, and the prints of two other people, were identified on the page listing the foreign missions. Of course, that didn’t prove who had written the letters.<

Groat was called into CIA headquarters and questioned. “I knew they didn’t have anything,” he says. “Since I thought I was still in a negotiation with the Office of General Counsel to resolve this whole thing I wasn’t going to say anything. I wanted them to believe I had done it but not know that I had done it. I wanted to let that play out.” When he refused to take a polygraph, he was put on administrative leave.

By the summer of 1994 his marriage was disintegrating, and that October Groat left home. He later bought a Winnebago and began wandering the country with a girlfriend. Meanwhile, he began negotiating a retirement package with the CIA and hired an attorney, Mark Bradley, a former Pakistan analyst for the agency.

In a letter to James W. Zirkle, the CIA’s associate general counsel, Bradley noted that Groat “gave the CIA 14 years of his life….His numerous awards and citations demonstrate how well he performed his assignments, many of which were extremely dangerous. He gave his heart and soul to the Agency and feels that it has let him down.” Groat wanted $500,000 to compensate him, Bradley added, “for the loss of his career.”

In reply, Zirkle wrote that before the agency would consider “the very substantial settlement” being sought, Groat would have “to accurately identify the person…responsible for the compromise of the operation” under investigation. “If he can provide us with clear and convincing corroborating evidence confirming the information that he would provide, we would be prepared to consider not using the polygraph.” But the exchange of letters led nowhere. In September 1996 Groat was divorced, and a month later he was dismissed from the CIA, with no severance and no pension.

Seeking new leverage with the agency, Groat made another risky move: In January 1997 he telephoned Zirkle and said that without a settlement, he would have to earn a living as a security consultant to foreign governments, advising them on how to protect their codes.

Groat’s telephone call detonated like a bombshell at CIA headquarters. Senior officials had long debated what to do about him. Some favored negotiating a money settlement and keeping him quiet; others wanted to take a hard line. Groat’s call intensified the agency’s dilemma, but it seemed to have worked: Zirkle urged patience; a settlement was imminent. “We are working very hard to come to a timely and satisfactory resolution,” the lawyer wrote in a subsequent letter.

That March, Zirkle sent Groat a written offer of $50,000 a year as a contract employee until 2003, when he would be eligible to retire with a full pension. The contract amounted to $300,000—$200,000 less than what Groat had sought. Again, Zirkle reminded him, he would have to cooperate with the counterintelligence investigation. He would be required to take a polygraph, and he would have to agree not to contact any foreign government. Bradley urged his client to take the money and run, but Groat believed the agency’s offer was too low.

Later that month, he visited 15 foreign consulates in San Francisco to drop off a letter in which he identified himself as a former CIA officer whose job was “to gain access to…crypto systems of select foreign countries.” The letter offered his expertise to train security officers on ways to protect “your most sensitive information” but did not disclose any information about how the CIA stole codes. The letter included a telephone number and a mailbox in Sacramento where he could be contacted.

Groat says he had no takers—and claims he didn’t really want any. “I never intended to consult for a foreign country,” he says. “It was a negotiating ploy….Yes, I realized it was taking a risk. I did unconventional work in my career, and this was unconventional.” He did not act secretly, Groat notes; he wanted the agency and the FBI to know. He told the CIA what he planned to do, and he gave the FBI a copy of his letter after he had visited the consulates. The FBI opened another investigation of Groat.

Molly Flynn, the FBI agent assigned to the case, introduced herself to Groat and stayed in touch with him after he moved to Atlanta for training as an inspector for a gas pipeline company. In late March, Groat called Flynn to say he was heading for Pennsylvania to start on his first inspection job.

Flynn invited him to stop off in Washington for a meeting she would arrange with representatives of the CIA, the FBI and the Justice Department to try to resolve the situation. Still hoping to reach a settlement, Groat says, “I accepted eagerly.”

On April 2, 1998, he walked into an FBI building in downtown Washington. Flynn greeted him in the lobby. Had the others arrived yet? he asked as she led him to a first-floor conference room. She said they had not. As the door clicked shut behind him, she delivered unexpected news. “I told him we had resolved the matter, but not to his liking,” Flynn recalls. A man in a white shirt and tie—a Justice Department official, Groat later concluded—told him: “We decided not to negotiate with you. We indicted you instead.” Then the man turned and left.

Groat was arrested and held in the room for five hours. Flynn and two other agents remained with him, he says. His car keys were taken away. “One of the FBI agents said, ‘It probably wouldn’t do much good to ask you questions, would it?’ And I said, ‘No, it wouldn’t.’” After being strip-searched, fingerprinted and handcuffed, he says, he was driven to the Federal District Court building and locked in a cell. Held there for two days, he was strip-searched again in front of eight people, including a female officer, shackled and outfitted with a stun belt. “My eyes were covered with a pair of goggles, the lenses masked over with duct tape,” he says. He was moved by van, with a police escort, to a waiting helicopter.

After a short ride, he was taken to a windowless room that would be his home for the next six months. He was never told where he was, but he was told he was being treated as an “extreme risk” prisoner. The lights in his cell were kept on 24/7, and a ceiling-mounted camera monitored him all the time.<

Robert Tucker, a federal public defender in Washington, was assigned to Groat’s case. When Tucker wanted to visit his client, he was picked up in a van with blacked-out windows and taken to him. Tucker, too, never learned where Groat was being held.

A few days before Groat’s arrest, a federal grand jury in Washington had handed down a sealed indictment accusing him of transmitting, or trying to transmit, information on “the targeting and compromise of cryptographic systems” of unnamed foreign countries—a reference to his distributing his letter to the consulates. The formal charge was espionage, which carries a possible penalty of death. He was also charged with extortion, another reference to his approach to the consulates; the indictment accused him of attempting to reveal “activities and methods to foreign governments” unless the CIA “paid the defendant for his silence in excess of five hundred thousand dollars ($500,000).”

As a trial date approached, prosecutors offered Groat a plea agreement. Although they were not pressing for the death penalty, Groat faced the prospect of life in prison if a jury convicted him of espionage. Reluctantly, he agreed to plead guilty to extortion if the government would drop the spying charges. “I had no choice,” he says. “I was threatened with 40 years to life if I didn’t take the deal.” Groat also agreed to testify fully in the CIA and FBI counterintelligence investigations, and he subsequently confessed that he sent the letters about the bugged computers.

On September 25, 1998, Groat stood before Judge Thomas F. Hogan of the Federal District Court in Washington and entered his guilty plea. He was sentenced to five years.

The question of where Groat would serve his time was complicated by what a federal Bureau of Prisons official referred to as his “special abilities.” While still in solitary, he wrote to a friend: “The marshals are treating me like I’m a cross between MacGyver, Houdini and Rambo.” But in the end, he was sent to the minimum-security wing of the federal prison camp in Cumberland, Maryland. “My skills, after all, were not for escaping,” Groat notes. “They were for entering places.”

There Groat was assigned to a case manager, who introduced herself as Aleta. Given her new client’s reputation, she put him in solitary the first night. But officials gradually noticed she and Groat spent a lot of time talking to each other. As a result, he was transferred to the federal prison in Terre Haute, Indiana, after two years, but the two corresponded often.

In March 2002, Groat was released a month short of four years, his sentence reduced for good behavior. Aleta was waiting for him at the prison gate, and they were married that December. Today, Doug and Aleta Groat live on 80 acres in the South. He prefers not to disclose his location any more specifically than that. He has not told his neighbors or friends about his previous life as a spy; he works the land and tries to forget the past.

When he looks back, Groat tries to focus on the good parts. “I loved the work at CIA. I’d come back from an op and couldn’t wait for what happens next,” he says. “I thought the work was good for the country. I was saddened by the way I was treated by the agency, because I tried to do my job.”

The CIA was unwilling to talk about Douglas Groat or anything connected with his case. Asked whether it has a team that goes around the globe breaking into foreign embassies and stealing codes, a spokesperson provided a five-word statement: “The CIA declined to comment.”

By David Wise
Smithsonian magazine, October 2012, Subscribe

Find this story at October 2012

© smithsonianmag.com

Between 2006 and 2009, surveillance helicopters conducted daily flights over northwest Washington, D.C., taking high-resolution photographs of the new Chinese Embassy being constructed on Van Ness Street. The aircraft belonged to the Federal Bureau of Investigation, which wanted to determine where the embassy’s communications center was being located. But the Chinese construction crews hid their work on this part of the building by pulling tarpaulins over the site as it was being constructed.

The FBI also monitored the movements and activities of the Chinese construction workers building the embassy, who were staying at a Days Inn on Connecticut Avenue just north of the construction site, in the hopes of possibly recruiting one or two of them. According to one Chinese diplomat, his fellow officials detected individuals who they assumed to be FBI agents covertly monitoring the construction materials and equipment being used to build the embassy, which were stored on the University of the District of Columbia’s soccer field across the street from where the Chinese Embassy currently stands. The diplomat added that Chinese security officials assumed that the FBI agents were trying to determine whether it was possible to plant eavesdropping devices inside the construction materials stored at the site.

In recent weeks, the U.S. National Security Agency’s efforts to monitor foreign diplomats have become the stuff of worldwide headlines. But the FBI has been in the business of spying on diplomats and breaking their codes for far longer than the NSA has. The surveillance of the Chinese Embassy was just one piece of a far larger espionage operation. The FBI not only endeavors to steal or covertly compromise foreign government, military, and commercial computer, telecommunications, and encryption systems being used in the United States, but the FBI and NSA work closely to intercept the communications of all diplomatic missions and international organizations located on American soil. In some important respects, the FBI’s cryptologic work is more secretive than that being performed by the NSA because of the immense diplomatic sensitivity of these operations if they were to ever be exposed publicly.

The Bureau of Investigation, the predecessor to today’s FBI, has been monitoring diplomatic communications since at least 1910, when it periodically solved Mexican government and revolutionary group cable traffic coming in and out of the United States. And for over a century, the FBI and its predecessors have been aggressive practitioners of the age-old art of stealing codes and ciphers. In June 1916, Bureau of Investigations agents surreptitiously obtained a copy of the new Mexican consular code by picking the pockets of a Mexican diplomatic courier while he cavorted with “fast women” in one of the innumerable border fleshpots along the Rio Grande.
More FP Coverage
the NSA Leaks
Meet the Spies Doing the NSA’s Dirty Work
Exclusive: Inside America’s Plan to Kill Online Privacy Rights Everywhere
The FBI is Helping the NSA Spy, but Senators Don’t Want to Know About It

Little has changed in the intervening century. Despite the creation of the NSA in 1952 to centralize in one agency all U.S. government signals intelligence (SIGINT) collection and processing work, the FBI, which did not respond to requests for comment for this story, has never ceased its own independent cryptologic efforts, especially when those efforts have been aim at diplomats on American soil.

***

The number of foreign government targets that the FBI monitors inside the United States is huge and growing. State Department records show that 176 countries maintain embassies in Washington, not including Cuba and Iran, which the U.S. government does not have diplomatic relations with but which maintain interest sections inside the Swiss and Pakistani embassies, respectively.

In addition, 115 of the 193 members of the United Nations maintain diplomatic missions of varying sizes in New York City. There are also 62 consulates in Los Angeles, 52 in Chicago, 42 in San Francisco, 38 in Houston, 35 in Miami, and 26 in Boston and Atlanta.

All told, there are almost 600 foreign government embassies, consulates, missions, or representative offices in the United States, all of which are watched to one degree or another by the counterintelligence officers of the FBI. Only eight countries do not maintain any diplomatic presence in the United States whatsoever, the most important of which is nuclear-armed North Korea.

Every one of these embassies and consulates is watched by the FBI’s legion of counterintelligence officers to one degree or another. But some countries’ receive the vast majority of the FBI’s attention, such as Russia, China, Libya, Israel, Egypt, Syria, Jordan, Lebanon, Saudi Arabia, Iraq, Afghanistan, India, Pakistan, and Venezuela. The Cuban and Iranian interests section in Washington — and their missions to the United Nations in New York — of course receive special attention as well.

Unsurprisingly, most of the FBI’s surveillance is technical in nature. For example, with substantial technical assistance from the NSA and the “big three” American telecommunications companies (AT&T, Verizon, and Sprint), the FBI taps the phones (including cell phones) of virtually every embassy and consulate in the United States. The FBI also intercepts the home phones and emails of many diplomats. The FBI’s Washington and New York field offices have special wiretap centers that specialize in collecting all telephone, email, instant messaging, text messaging, and cellular telephone traffic coming in and out of all high-priority diplomatic targets in the United States 24 hours a day, seven days a week. According to a former Justice Department source, over the past decade these extremely sensitive intercepts have identified a number of spies working for governments that were caught in the act of stealing U.S. government secrets, as well as a larger number of cases involving the theft of industrial secrets from American companies.

Since 1978, all electronic communications, both plaintext and encrypted, between these embassies and their home countries have been routinely intercepted by the NSA’s BLARNEY fiber-optic-cable intercept program. The NSA provides copies of all these intercepts, including telephone calls and emails, to the FBI’s secretive signals-intelligence unit, the Data Intercept Technology Unit (DITU) at the Quantico Marine Corps base in Northern Virginia, and to the FBI’s electronic-eavesdropping centers in Washington and New York.

The FBI also uses a wide range of vehicles and airborne surveillance assets to monitor the movements and activities of foreign diplomats and intelligence operatives in Washington and New York. Some of the vans, aircraft, and helicopters used by the FBI for this purpose are equipped with equipment capable of intercepting cell-phone calls and other electronic forms of communication. And when that doesn’t work, the FBI calls in the burglars.

***

Another important part of the FBI’s surveillance effort is dedicated to trying to surreptitiously get inside these diplomatic establishments on behalf of the NSA, which increasingly depends on the FBI to penetrate the computer and telecommunications networks used by these embassies and compromise their information security systems.

The FBI perfected this clandestine technique, known as the Surreptitious Entry Program operation, during Cold War intelligence-gathering operations directed at the Soviet Union and its Eastern European allies. These missions remain highly classified because of the diplomatic sensitivity surrounding breaking into the embassies of friends and enemies alike. In one instance during the 1960s, FBI agents reportedly drove a garbage truck into the central courtyard of the Czech Embassy in the middle of the night and spirited away one of the embassy’s cipher machines for study by the NSA’s code breakers.

The FBI is still conducting these highly sensitive operations. Specially trained teams of FBI agents are still periodically breaking into foreign embassies and consulates in the United States, primarily in New York and Washington. In New York, a special team of FBI burglars is based in a converted warehouse in Long Island City in Queens, according to a former FBI employee who worked there. The nondescript facility is large enough that the FBI can build mock-ups of the exteriors and interiors of embassies being targeted for break-ins. The FBI has a similar facility in Northern Virginia, where full-size mock-ups of embassies in Washington are constructed to train FBI teams prior to conducting black-bag jobs of the facilities.

To facilitate these operations, the FBI has a huge library of architectural drawings, floor plans, building permits, and any other documents that it can lay its hands on concerning the layouts of every embassy and consulate in the United States. Many of these documents were obtained in close conjunction with the diplomatic security staff of the State Department and the uniformed branch of the Secret Service, which is responsible for providing security for foreign diplomatic establishments in the United States. The FBI also interviews the repair and maintenance personnel who service the leased computers and telecommunications equipment used by a host of embassies and other diplomatic establishments in Washington and New York.

Since the 9/11 terrorist attacks, the tempo of FBI clandestine operations designed to steal, compromise, or influence foreign computer, telecommunications, or encryption systems has increased by several orders of magnitude. According to a former Justice Department official, over the past decade clandestine human-intelligence operations run by the FBI’s Washington and New York field offices have been enormously successful in compromising a wide range of computer systems and encryption technology used by foreign governments and corporate entities. In a number of important cases, these FBI operations have allowed the NSA’s code-breakers to penetrate foreign encryption systems that had defied the ability of the code-breakers to solve through conventional cryptanalytic means. For example, the FBI was able to give the NSA the daily changes in cipher keys for an encryption system used by a country in the developing world. In another case, the FBI was able to covertly insert spyware into the operating system of a computer being used by a foreign mission in New York, allowing the NSA to read the plaintext versions of cables before they were encrypted.

***

But by far the most productive and sensitive intelligence source about what is going on inside embassies and consulates in the United States is a joint FBI-NSA electronic-eavesdropping program known as Close Access SIGINT. It enables the FBI and NSA to listen to what is transpiring inside these buildings by using a wide range of covert technical sensors that are monitored in real time from covert listening posts located in close proximity to the targets.

Some of these operations involve spyware software that has been covertly planted inside the computer systems of embassies and consulates, which allows the NSA’s computer-hacking organization, the Office of Tailored Access Operations (TAO), to read in real time everything that is being stored on individual computers or on the computer network itself. Some of these implants are designed and operated by TAO. Others are designed by the FBI’s SIGINT unit, the DITU. Some sensors periodically copy the contents of computer hard drives; another sensor takes screen shots of documents being processed or reviewed on compromised computer systems. The FBI is also using sophisticated laser and acoustic systems to image and record the sounds of what is being typed on computers, according to a source with access to the trove of documents leaked to the media by former NSA contractor Edward Snowden.

To pick up the signals from these clandestine sensors, the FBI uses front companies to lease office space within line of sight of nearly 50 embassies and consulates in Washington and New York. In other instances, the FBI and NSA have installed disguised receivers on building rooftops near these embassies to pick up the data signals from clandestine sensors implanted inside these embassies and consulates. Some of these disguised receivers can clearly be seen on the rooftop of a building located within line of sight of the Chinese, Israeli, and Pakistani embassies on Van Ness Street in northwest Washington. It’s a neighborhood that’s awfully familiar to the FBI and its eavesdroppers.
Save big when you subscribe to FP.

MICHAEL BRADLEY/AFP/Getty Images

Matthew M. Aid is the author of Intel Wars: The Secret History of the Fight Against Terror and The Secret Sentry: The Untold History of the National Security Agency.

BY MATTHEW M. AID | NOVEMBER 19, 2013

Find this story at 19 November 2013

© 2013 The Slate Group, LLC. All rights reserved.

The Federal Bureau of Investigation serves a crucial role in securing the United States from
criminals, terrorists, and hostile foreign agents. Just as importantly, the FBI also protects civil
rights and civil liberties, ensures honest government, and defends the rule of law. Its agents serve
around the country and around the world with a high degree of professionalism and competence,
often under difficult and dangerous conditions. But throughout its history, the FBI has also
regularly overstepped the law, infringing on Americans’ constitutional rights while
overzealously pursuing its domestic security mission.
After the September 11, 2001 terrorist attacks, Congress and successive attorneys general
loosened many of the legal and internal controls that a previous generation had placed on the FBI
to protect Americans’ constitutional rights. As a result, the FBI is repeating mistakes of the past
and is again unfairly targeting immigrants, racial and religious minorities, and political dissidents
for surveillance, infiltration, investigation, and “disruption strategies.”
But modern technological innovations have significantly increased the threat to American liberty
by giving today’s FBI the capability to collect, store, and analyze data about millions of innocent
Americans. The excessive secrecy with which it cloaks these domestic intelligence gathering
operations has crippled constitutional oversight mechanisms. Courts have been reticent to
challenge government secrecy demands and, despite years of debate in Congress regarding the
proper scope of domestic surveillance, it took unauthorized leaks by a whistleblower to finally
reveal the government’s secret interpretations of these laws and the Orwellian scope of its
domestic surveillance programs.
There is evidence the FBI’s increased intelligence collection powers have harmed, rather than
aided, its terrorism prevention efforts by overwhelming agents with a flood of irrelevant data and
false alarms. Former FBI Director William Webster evaluated the FBI’s investigation of Maj.
Nadal Hasan prior to the Ft. Hood shooting and cited the “relentless” workload resulting from a
“data explosion” within the FBI as an impediment to proper intelligence analysis. And members
of Congress questioned several other incidents in which the FBI investigated but failed to
interdict individuals who later committed murderous terrorist attacks, including the Boston
Marathon bombing. While preventing every possible act of terrorism is an impossible goal, an
examination of these cases raise serious questions regarding the efficacy of FBI methods. FBI
data showing that more than half of the violent crimes, including over a third of the murders in
the U.S., go unsolved each year calls for a broader analysis of the proper distribution of law
enforcement resources.
With the appointment of Director James Comey, the FBI has seen its first change in leadership
since the 9/11 attacks, which provides an opportunity for Congress, the president, and the
attorney general to conduct a comprehensive evaluation of the FBI’s policies and programs. This
report highlights areas in which the FBI has abused its authority and recommends reforms to ensure the FBI fulfills its law enforcement and security missions with proper public oversight
and respect for constitutional rights and democratic ideals.
The report describes major changes to law and policy that unleashed the FBI from its traditional
restraints and opened the door to abuse. Congress enhanced many of the FBI’s surveillance
powers after 9/11, primarily through the USA Patriot Act and the Foreign Intelligence
Surveillance Act Amendments. The recent revelations regarding the FBI’s use of Section 215 of
the USA Patriot Act to track all U.S. telephone calls is only the latest in a long line of abuse.
Five Justice Department Inspector General audits documented widespread FBI misuse of Patriot
Act authorities in 2007 and 2008. Congress and the American public deserve to know the full
scope of the FBI’s spying on Americans under the Patriot Act and all other surveillance
authorities.
Attorney General Michael Mukasey rewrote the FBI’s rule book in 2008, giving FBI agents
unfettered authority to investigate anyone they choose without any factual basis for suspecting
wrongdoing. The 2008 Attorney General’s Guidelines created a new kind of intrusive
investigation called an “assessment,” which requires no “factual predicate” and can include
searches through government or commercial databases, overt or covert FBI interviews, and
tasking informants to gather information about anyone or to infiltrate lawful organizations. In a
two-year period from 2009 to 2011, the FBI opened over 82,000 “assessments” of individuals or
organizations, less than 3,500 of which discovered information justifying further investigation.
The 2008 guidelines also authorized the FBI’s racial and ethnic mapping program, which
allows the FBI to collect demographic information to map American communities by race and
ethnicity for intelligence purposes, based on crass racial stereotypes about the crimes each group
commits. FBI documents obtained by the American Civil Liberties Union show the FBI mapped
Chinese and Russian communities in San Francisco for organized crime purposes, all Latino
communities in New Jersey and Alabama because there are street gangs, African Americans in
Georgia to find “Black separatists,” and Middle-Eastern communities in Detroit for terrorism.
The FBI also claimed the authority to sweep up voluminous amounts of information secretly
from state and local law enforcement and private data aggregators for data mining purposes. In
2007, the FBI said it amassed databases containing 1.5 billion records, which were predicted to
grow to 6 billion records by 2012, which is equal to 20 separate “records” for every person in the
United States. The largest of these databases, the Foreign Terrorist Tracking Task Force,
currently has 360 staff members running 40 separate projects. A 2013 Inspector General audit
determined it “did not always provide FBI field offices with timely and relevant information.”
The next section of the report discusses the ways the FBI avoids accountability by skirting
internal and external oversight. The FBI, which Congress exempted from the Whistleblower
Protection Act, effectively suppresses internal dissent by retaliating against employees who
report waste, fraud, abuse, and illegality. As a result, 28 percent of non-supervisory FBI employees surveyed by the Inspector General said they “never” reported misconduct they saw or
heard about on the job. The FBI also aggressively investigates other government whistleblowers,
which has led to an unprecedented increase in Espionage Act prosecutions over the last five
years. And the FBI’s overzealous pursuit of government whistleblowers has also resulted in the
inappropriate targeting of journalists for investigation, infringing on free press rights. Recent
coverage of overbroad subpoenas for telephone records of Associated Press journalists and an
inappropriate search warrant for a Fox News reporter are only the latest examples of abuse. In
2010 the Inspector General reported the FBI used an illegal “exigent letter” to obtain the
telephone records of 7 New York Times and Washington Post reporters. And the FBI thwarts
congressional oversight with excessive secrecy and delayed or misleading responses to
questions from Congress.
Finally, the report highlights evidence of abuse that requires greater regulation, oversight, and
public accountability. These include many examples of the FBI targeting First Amendment
activities by spying on protesters and religious groups with aggressive tactics that infringe on
their free speech, religion, and associational rights. In 2011, the ACLU exposed flawed and
biased FBI training materials that likely fueled these inappropriate investigations.
The FBI also operates increasingly outside the United States, where its activities are more
difficult to monitor. Several troubling cases indicate the FBI may have requested, facilitated,
and/or exploited the arrests of U.S. citizens by foreign governments, often without charges, so
they could be held and interrogated, sometimes tortured, and then interviewed by FBI agents.
The ACLU represents two proxy detention victims, including Amir Meshal, who was arrested
at the Kenya border in 2007 and subjected to more than four months of detention in three
different East African countries without charge, access to counsel, or presentment before a
judicial officer, at the behest of the U.S. government. FBI agents interrogated Meshal more than
thirty times during his detention.
Other Americans traveling abroad discover that their government has barred them from flying;
the number of U.S. persons on the No Fly List has doubled since 2009. There is no fair
procedure for those mistakenly placed on the list to challenge their inclusion. Many of those
prevented from flying home have been subjected to FBI interviews after seeking assistance from
U.S. Embassies. The ACLU is suing the government on behalf of 10 American citizens and
permanent residents who were prevented from flying to the U.S., arguing that barring them from
flying without due process is unconstitutional.
These FBI abuses of authority must end. We call on President Barack Obama and Attorney
General Eric Holder to tighten FBI authorities to prevent unnecessary invasions of Americans’
privacy; prohibit profiling based on race, ethnicity, religion and national origin; and protect First
Amendment activities. And we call on Congress to make these changes permanent through
statute and improve oversight to prevent future abuse. The FBI serves a crucial role in protecting
Americans, but it must protect our rights as it protects our security.

Find this story at 17 September 2013

© ACLU

Law-Enforcement Officials Expand Use of Tools Such as Spyware as People Under Investigation ‘Go Dark,’ Evading Wiretaps

Law-enforcement officials in the U.S. are expanding the use of tools routinely used by computer hackers to gather information on suspects, bringing the criminal wiretap into the cyber age.

Federal agencies have largely kept quiet about these capabilities, but court documents and interviews with people involved in the programs provide new details about the hacking tools, including spyware delivered to computers and phones through email or Web links—techniques more commonly associated with attacks by criminals.

People familiar with the Federal Bureau of Investigation’s programs say that the use of hacking tools under court orders has grown as agents seek to keep up with suspects who use new communications technology, including some types of online chat and encryption tools. The use of such communications, which can’t be wiretapped like a phone, is called “going dark” among law enforcement.

A spokeswoman for the FBI declined to comment.

The FBI develops some hacking tools internally and purchases others from the private sector. With such technology, the bureau can remotely activate the microphones in phones running Google Inc.’s GOOG +0.10% Android software to record conversations, one former U.S. official said. It can do the same to microphones in laptops without the user knowing, the person said. Google declined to comment.

The bureau typically uses hacking in cases involving organized crime, child pornography or counterterrorism, a former U.S. official said. It is loath to use these tools when investigating hackers, out of fear the suspect will discover and publicize the technique, the person said.

The FBI has been developing hacking tools for more than a decade, but rarely discloses its techniques publicly in legal cases.
Related

Earlier this year, a federal warrant application in a Texas identity-theft case sought to use software to extract files and covertly take photos using a computer’s camera, according to court documents. The judge denied the application, saying, among other things, that he wanted more information on how data collected from the computer would be minimized to remove information on innocent people.

Since at least 2005, the FBI has been using “web bugs” that can gather a computer’s Internet address, lists of programs running and other data, according to documents disclosed in 2011. The FBI used that type of tool in 2007 to trace a person who was eventually convicted of emailing bomb threats in Washington state, for example.

The FBI “hires people who have hacking skill, and they purchase tools that are capable of doing these things,” said a former official in the agency’s cyber division. The tools are used when other surveillance methods won’t work: “When you do, it’s because you don’t have any other choice,” the official said.

Surveillance technologies are coming under increased scrutiny after disclosures about data collection by the National Security Agency. The NSA gathers bulk data on millions of Americans, but former U.S. officials say law-enforcement hacking is targeted at very specific cases and used sparingly.

Still, civil-liberties advocates say there should be clear legal guidelines to ensure hacking tools aren’t misused. “People should understand that local cops are going to be hacking into surveillance targets,” said Christopher Soghoian, principal technologist at the American Civil Liberties Union. “We should have a debate about that.”

Mr. Soghoian, who is presenting on the topic Friday at the DefCon hacking conference in Las Vegas, said information about the practice is slipping out as a small industry has emerged to sell hacking tools to law enforcement. He has found posts and resumes on social networks in which people discuss their work at private companies helping the FBI with surveillance.

A search warrant would be required to get content such as files from a suspect’s computer, said Mark Eckenwiler, a senior counsel at Perkins Coie LLP who until December was the Justice Department’s primary authority on federal criminal surveillance law. Continuing surveillance would necessitate an even stricter standard, the kind used to grant wiretaps.

But if the software gathers only communications-routing “metadata”—like Internet protocol addresses or the “to” and “from” lines in emails—a court order under a lower standard might suffice if the program is delivered remotely, such as through an Internet link, he said. That is because nobody is physically touching the suspect’s property, he added.

An official at the Justice Department said it determines what legal authority to seek for such surveillance “on a case-by-case basis.” But the official added that the department’s approach is exemplified by the 2007 Washington bomb-threat case, in which the government sought a warrant even though no agents touched the computer and the spyware gathered only metadata.

In 2001, the FBI faced criticism from civil-liberties advocates for declining to disclose how it installed a program to record the keystrokes on the computer of mobster Nicodemo Scarfo Jr. to capture a password he was using to encrypt a document. He was eventually convicted.

A group at the FBI called the Remote Operations Unit takes a leading role in the bureau’s hacking efforts, according to former officials.

Officers often install surveillance tools on computers remotely, using a document or link that loads software when the person clicks or views it. In some cases, the government has secretly gained physical access to suspects’ machines and installed malicious software using a thumb drive, a former U.S. official said.

The bureau has controls to ensure only “relevant data” are scooped up, the person said. A screening team goes through all of the data pulled from the hack to determine what is relevant, then hands off that material to the case team and stops working on the case.

The FBI employs a number of hackers who write custom surveillance software, and also buys software from the private sector, former U.S. officials said.

Italian company HackingTeam SRL opened a sales office in Annapolis, Md., more than a year ago to target North and South America. HackingTeam provides software that can extract information from phones and computers and send it back to a monitoring system. The company declined to disclose its clients or say whether any are in the U.S.

U.K.-based Gamma International offers computer exploits, which take advantage of holes in software to deliver spying tools, according to people familiar with the company. Gamma has marketed “0 day exploits”—meaning that the software maker doesn’t yet know about the security hole—for software including Microsoft Corp.’s Internet Explorer, those people said. Gamma, which has marketed its products in the U.S., didn’t respond to requests for comment, nor did Microsoft.

The Wall Street Journal
August 1, 2013, 6:59 p.m. ET
By JENNIFER VALENTINO-DEVRIES and DANNY YADRON

Find this story at 1 August 2013

Copyright ©2013 Dow Jones & Company, Inc.

A shocking new study by the American Civil Liberties Union has found that more than 3,200 people nationwide are serving life terms without parole for nonviolent offenses. Of those prisoners, 80 percent are behind bars for drug-related convictions. Sixty-five percent are African-American, 18 percent are white, and 16 percent are Latino — evidence of what the ACLU calls “extreme racial disparities.” The crimes that led to life sentences include stealing gas from a truck, shoplifting, possessing a crack pipe, facilitating a $10 sale of marijuana, and attempting to cash a stolen check. We speak with Jennifer Turner, human rights researcher and author of the new ACLU report, “A Living Death: Life Without Parole for Nonviolent Offenses.”
Transcript

This is a rush transcript. Copy may not be in its final form.

JUAN GONZÁLEZ: A shocking new study by the American Civil Liberties Union has found that more than 3,200 people nationwide are serving life terms without parole for nonviolent offenses. Of those prisoners, 80 percent are behind bars for drug-related crimes. Sixty-five percent are African-American, 18 percent are white, and 16 percent are Latino—evidence of what the ACLU calls “extreme racial disparities.” The crimes that led to life sentences include stealing gas from a truck, shoplifting, possessing a crack pipe, facilitating a $10 sale of marijuana, and attempting to cash a stolen check.

AMY GOODMAN: Sixty-three percent of those serving life without parole for these nonviolent offenses are in federal prisons. Most were sentenced under mandatory minimum laws. The ACLU says keeping nonviolent offenders behind bars for life is costing taxpayers an additional $1.8 billion. In a minute, we’ll be joined by the author of the study. But first, this is a clip from a video that features family members of some of the more than 600 prisoners it profiles.

SARLOWER SURRY: Everything he did was to hurt himself, not others. And it went from—from one-year sentence to two-year sentence to natural life.

CASHAWNA TILMAN: My dad will never get out for something so little? Natural life.

LORETTA LUMAR: For stealing a $150 jacket. And that $150 jacket got him life in prison.

SARLOWER SURRY: Here in Louisiana, they use that habitual offender law: Three strikes, you automatically get natural life.

CATHERINE MATTHEWS: It’s like giving him a death sentence, because this is no life—no life for a man with his children or his parents or anybody else, once they’re in there.

BURL CAIN: Judge should have the discretion not to give a life sentence. I mean, that’s extreme. You tell that to anybody, they’ll say, “Ah, nah-uh, that’s a little bit too much.” That almost gets to be the point that that’s not what the forefathers envisioned, even with the Constitution. That’s extreme. That’s cruel and unusual punishment, to me.

CASHAWNA TILMAN: He’s a good person, my dad. I mean, he’s always—like I said, he’s always been there for me and my sister and brother. He’s always done his best, until he started abusing the drugs.

CATHERINE MATTHEWS: And a lot of times with Patrick, with the drugs, it came down to not being able to find work.

SARLOWER SURRY: Life sentence is no way to deal with a drug addiction.

EISIBE SNEED: My son wasn’t a menace to society.

DELOICE LEWIS: He would give his shirt off his back.

CATHERINE MATTHEWS: And being so tenderhearted in a place like that, it just doesn’t fit. It’s changed him that way, because I notice he is getting a little colder. I find that he’s not believing and he’s not keeping his faith as much. He’s not—like, he’s like, “I’m about ready to give up on this.”

WILLIE COMBS: Oh, it’s been hard. I go down there and see him. I can’t hardly stand to leave him, but I know I have to go. It be hard. It be hard.

CATHERINE MATTHEWS: To tell him what I ate for Thanksgiving, and he couldn’t eat it, you know, it’s hard. It’s little things like that.

DELOICE LEWIS: And my birthday coming up, and those are days I break.

BURL CAIN: But if this person can go back and be a productive citizen and not commit crimes again, these nonviolent crimes, then why are we keeping him here, spending all this money? Because maybe I’ve done my job, so he should have a parole hearing.

SARLOWER SURRY: There’s too many families that’s suffering out here.

LORETTA LUMAR: Give him a second chance. He’s 54 years old now.

WILLIE COMBS: I’m looking for things to change.

CATHERINE MATTHEWS: Because these boys are just getting wasted away in these prisons for no reason.

AMY GOODMAN: That’s a clip from a video that accompanies the ACLU’s new report, “A Living Death: Life Without Parole for Nonviolent Offenses.” For more, we’re joined by its author, Jennifer Turner, human rights researcher with the American Civil Liberties Union.

Welcome to Democracy Now! I mean, it is just astounding. A man—the story we just heard; another story, a man walks out of a store with a coat slung over his shoulder, $159, gets life in prison without parole.

JENNIFER TURNER: Absolutely. These sentences are grotesquely out of proportion of the crimes that they’re seeking to punish. And we found that 3,278 people are serving life without the possibility of parole for nonviolent crimes, but these numbers actually underrepresent the true state of extreme sentencing in this country. Those numbers don’t account for those who will die in prison because of sentences such as 350 years for a drug sale. It also doesn’t account for the many millions of lives ruined by excessive sentencing in this country, as well.

JUAN GONZÁLEZ: And especially the impact of federal mandatory minimum sentencings, could you talk about that and the efforts to try to roll back some of those—some of those laws?

JENNIFER TURNER: Yeah, what we found was that over 80 percent of these sentences were mandatory, both in the federal system and in the states. They’re the direct consequence of laws passed over the 40-year war on drugs and tough-on-crime policies that included mandatory minimum sentencing laws, habitual offender laws in the states.

And they tie judges’ hands. And in case after case after case that I reviewed, the judge said from the bench—outraged, would say, “I oppose this sentence as a citizen, as a taxpayer, as a judge. I disagree with the sentence in this case, but my hands are tied.” And one judge said, when sentencing one man to life without parole for selling tiny quantities of crack over a period of just a couple of weeks, he said, “This is a travesty. It’s just silly. But I have no choice.”

AMY GOODMAN: What if a judge said no?

JENNIFER TURNER: The judges can’t say no. In fact, I looked at cases where the judges tried to say no, where the judge tried to find a legal loophole, where prosecutors appealed, repeatedly. One man was sentenced to zero time in prison by a Louisiana judge for threatening a cop while handcuffed in the back of a police cruiser. He was drunk, threatened him, was sentenced initially to no time. The prosecutor appealed; the sentence increased to 10 years. Prosecutor appealed again. On the third appeal, it was increased to life without parole as a mandatory sentence because of his priors dating back as much as 20 years earlier.

AMY GOODMAN: Let’s go to another case. Another person profiled in your report, in the ACLU report, is Sharanda Jones. She was sentenced to life for conspiracy to distribute crack cocaine when she was a 32-year-old mother, with a nine-year-old daughter—no prior arrests. No drugs were found on her, but her supposed co-conspirators testified against her in exchange for reduced sentences. In this clip from the film, The War on Drugs, she talks about being separated from her daughter.

SHARANDA JONES: My sister bring her to visit. And every time she come, it’s hard. I see her like once a month. And to see her grow from a little bitty baby to almost a grown woman now, it’s just like, God, my dream is to just show up at her school. I mean, I know they gave me life, but I can’t imagine not being at her graduation, her high school graduation. I just can’t imagine me not being there.

AMY GOODMAN: Sharanda Jones. Jennifer, tell us more about her case.

JENNIFER TURNER: Well, Sharanda was caught up in a massive drug sweep in a majority white town in Texas. Over a hundred people were arrested, all of whom were black. Chuck Norris participated in some of the arrests. Sharanda had no information to trade for a lenient—a more lenient sentence. And the judge was required to sentence her to life without parole, objected to the sentence, but he had not choice.

AMY GOODMAN: So, they had nothing on her, but—

JENNIFER TURNER: They had nothing but one wiretap. What happened was, a couple had been arrested on drug charges and began cooperating with the feds as confidential informants and, from there, started implicating others in the community. They called Sharanda and said, “Hey, do you know where we can get some drugs?” The wiretap caught Sharanda saying, “Let me see what I can do.” That was the extent of the evidence against her, with the exception of testimony from these confidential informants and other co-conspirators. They never found any drugs on her. There were no even video surveillance of her with drugs. But she was sentenced to life without parole.

A single mother. Her daughter Clenesha has been separated her for many, many, many years. And Sharanda maintains a very close relationship with her daughter. She carefully apportions the 300 minutes she’s allowed to use per month for non-legal calls to call her daughter 10 minutes each day. When I talk to Sharanda on the phone, she’s like, “I’ve got to go! I can’t use up my minutes; I need to speak with my daughter.”

And Sharanda, unfortunately, has no relief available. Her sentence is final, like those of everyone else we were profiling. They have really no chance of relief unless President Obama, in Sharanda’s case, because it’s a federal case, or, in the states, where the governors use their executive clemency powers to reduce their sentence.

JUAN GONZÁLEZ: Could you talk about the racial disparities that your report highlights? They’re really amazing. I mean, everyone knows that African Americans and Latinos are disproportionately incarcerated, but in terms of these life-without-parole sentences, the amazing percentage of African Americans, specifically, in states like Louisiana, 91 percent are African-American.

JENNIFER TURNER: The racial disparities are staggering. Obviously, as you said, that blacks are treated disparately throughout the criminal justice system, but what we found was that in life-without-parole sentencing for nonviolent crimes, those disparities are even more marked. Nationwide, 65 percent of people serving these sentences for nonviolent crimes are black; 18 percent are white. In the federal system, blacks are 20 times more likely to be sentenced to life without parole for nonviolent crime. In some states it’s even higher. In Louisiana, where 91 percent of the people serving these sentences are black, they’re 23 times more likely. In the federal system, Latinos are five times more likely to be sentenced to life for nonviolent crime than whites.

AMY GOODMAN: So, the avenue for this to be changed is legislation?

JENNIFER TURNER: There are very clear avenues for change. These sentences are really symptomatic of the larger problem of excessive sentencing in this country. Many, many, many more thousands of people are serving excessive sentences that are disproportionate to their crimes. And they’re all the result of the 40-year war on drugs and tough-on-crime policies, such as mandatory minimums and three-strikes laws. We simply need to repeal the laws that led to these sentences. And with growing national consensus across both sides of the political aisle that mandatory minimum sentences, for instance, are a travesty of justice, this is quite possible. There have been two bipartisan bills introduced in Congress that would somewhat reduce the reach of mandatory minimum sentencing laws.

But also, as I mentioned before, the—President Obama, who has the worst pardon record of any modern president—he has pardoned five turkeys and commuted the sentence of only one prisoner—he does have the power and authority to review the sentences of the over 2,000 people like Sharanda serving life without parole for a nonviolent crime, and he can reduce their sentence. Same with state governors.

JUAN GONZÁLEZ: And as you note, even if there were changes in the law, these more than 3,000 people that have already been sentenced would not necessarily be affected. It would have to take some executive action by governors or by the president to get some of them—to assure they don’t die in prison, essentially.

JENNIFER TURNER: Absolutely. Some sentencing reforms have been retroactive, and certainly future sentencing reforms could be retroactive, and that’s what we’re calling for. But for many of these people, their only chance at release is some form of clemency. And we have a petition online on our website where you can all take action to call on President Obama to review these sentences and impose a fairer and smarter sentence for these prisoners.

AMY GOODMAN: Finally, just to shift gears a bit, about a year ago you came out with a report, “Island of Impunity: Puerto Rico’s Outlaw Police Force.” Explain what’s happening now.

JENNIFER TURNER: Absolutely. In Puerto Rico, I looked at Puerto Rico Police Department because it’s the second largest in the country, second only to NYPD, and because its policing practices are really off the map. We found that the police force uses lethal force at a rate much higher than other police departments—three times the per capita rate of police shootings by the NYPD, for instance; uses excessive force against protesters; brutal beatings of low-income and black Puerto Ricans and Dominican immigrants.

And we sued the police department, called on the Department of Justice to investigate the police department. And just in August, the department was entered into a consent decree with the Justice Department. And two weeks ago, a monitor was appointed to oversee the reform effort and to ensure that the police department actually institutes the reforms that they’ve promised to institute. One week ago, a top New York Police Department officer was appointed superintendent of the police force to start this reform process.

So it’s really the very beginning stages, and we will be watching closely to make sure the police department does follow through on its promise for reforms, which are truly an overhaul of the police force, which is required. The police force is so dysfunctional that it needs to be overhauled at all levels, from basic policies put in place to holding cops accountable when they kill or hurt people, as well as changing the reporting mechanisms. Really, everything has to be reformed in that police department.

AMY GOODMAN: Jennifer Turner, we want to thank you very much for being with us, human rights researcher with the American Civil Liberties Union, wrote the ACLU’s new report, “A Living Death: Life Without Parole for Nonviolent Offenses,” also authored the report, “Island of Impunity: Puerto Rico’s Outlaw Police Force.” We’ll link to both of them at democracynow.org. When we come back, Calle 13 joins us here in studio. Stay with us.

The original content of this program is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License. Please attribute legal copies of this work to democracynow.org. Some of the work(s) that this program incorporates, however, may be separately licensed. For further information or additional permissions, contact us.

Friday, November 15, 2013

Find this story at 15 November 2013

Life in prison without a chance of parole is, short of execution, the harshest imaginable punishment.1 Life without parole (LWOP) is permanent removal from society with no chance of reentry, no hope of freedom. One should expect the American criminal justice system to condemn someone to die in prison only for the most serious offenses.

Yet across the country, thousands of people are serving life sentences without the possibility of parole for nonviolent crimes as petty as siphoning gasoline from an 18-wheeler, shoplifting three belts, breaking into a parked car and stealing a woman’s bagged lunch, or possessing a bottle cap smeared with heroin residue. In their cruelty and harshness, these sentences defy common sense. They are grotesquely out of
proportion to the conduct they seek to punish. They offend the principle that all people have the right to be treated with humanity and respect for their inherent dignity.

This report documents the thousands of lives ruined and families destroyed by sentencing people to die behind bars for nonviolent offenses, and includes detailed case studies of 110 such people. It also includes a detailed fiscal analysis tallying the $1.784 billion cost to taxpayers to keep the 3,278
prisoners currently serving LWOP for nonviolent offenses incarcerated for the rest of their lives.
Our findings are based on extensive documentation of the cases of 646 prisoners serving LWOP for nonviolent offenses in the federal system and nine states. The data in this report is from the United States Sentencing Commission, Federal Bureau of Prisons, and state Departments of Corrections, obtained pursuant to Freedom of Information Act and open records requests filed by the ACLU. Our research is also
based on telephone interviews conducted by the ACLU with prisoners, their lawyers, and family members; correspondence with prisoners serving life without parole for nonviolent offenses; a survey of 355 prisoners serving life without parole for nonviolent offenses; and media and court records searches.

Sentenced to Die Behind Bars for Nonviolent Crimes

Using data obtained from the Bureau of Prisons and state Departments of Corrections, the ACLU calculates that as of 2012, there were 3,278 prisoners serving LWOP for nonviolent drug and property crimes in the federal system and in nine states that provided such statistics (there may well be more such prisoners in other states). About 79 percent of these 3,278 prisoners are serving LWOP for nonviolent drug crimes. Nearly two-thirds of prisoners serving LWOP for nonviolent offenses nationwide are in the federal system; of these, 96 percent are serving LWOP for drug crimes. More than 18 percent of federal prisoners surveyed by the ACLU are serving LWOP for their first offenses. Of the states that sentence nonviolent offenders to LWOP, Louisiana, Florida, Alabama, Mississippi, South Carolina, and Oklahoma have the highest numbers of prisoners serving LWOP for nonviolent crimes, largely due to three-strikes and other kinds of habitual offender laws that mandate an LWOP sentence for the commission of a nonviolent crime.

The overwhelming majority (83.4 percent) of the LWOP sentences for nonviolent crimes surveyed by the ACLU
were mandatory. In these cases, the sentencing judges had no choice in sentencing due to laws requiring mandatory minimum periods of imprisonment, habitual offender laws, statutory penalty enhancements, or other sentencing rules that mandated LWOP. Prosecutors, on the other hand, have immense power over defendants’ fates: whether or not to charge a defendant with a sentencing enhancement triggering an LWOP sentence is within their discretion. In case after case reviewed by the ACLU, the sentencing judge said on
the record that he or she opposed the mandatory LWOP sentence as too severe but had no discretion to take individual circumstances into account or override the prosecutor’s charging decision.

As striking as they are, the numbers documented in this report underrepresent the true number of people who will die in prison after being convicted of a nonviolent crime in this country. The thousands of people noted above do not include the substantial number of prisoners who will die behind bars
after being convicted of a crime classified as “violent” (such as a conviction for assault after a bar fight), nor do the numbers include “de facto” LWOP sentences that exceed the convicted person’s natural lifespan, such as a sentence of 350 years for a series of nonviolent drug sales. Although less-violent and
de facto LWOP cases fall outside of the scope of this report, they remain a troubling manifestation of extreme sentencing policies in this country.

Nonviolent Crimes that Result in Life-without-Parole Sentences

We documented scores of cases in which people were sentenced to LWOP for nonviolent drug crimes of possession, sale, or distribution of marijuana, methamphetamine, crack and powder cocaine, heroin, or other drugs, including the following:
• possession of a crack pipe
• possession of a bottle cap containing a trace, unweighable amount of heroin
• having a trace amount of cocaine in clothes pockets that was so minute it was invisible to
the naked eye and detected only in lab tests
• having a single, small crack rock at home
• possession of 32 grams of marijuana with intent to distribute
• acting as a go-between in the sale of $10 of marijuana to an undercover officer
• selling a single crack rock
• verbally negotiating another man’s sale of two small pieces of fake crack to an undercover officer
• serving as a middleman in the sale of $20 of crack to an undercover officer
• sharing several grams of LSD with Grateful Dead concertgoers
• having a stash of over-the-counter decongestant pills that could be manufactured into methamphetamine

In cases documented by the ACLU, the nonviolent property crimes that resulted in life-without-parole sentences include the following:
• attempting to cash a stolen check
• a junk-dealer’s possession of stolen junk metal (10 valves and one elbow pipe)
• possession of stolen wrenches
• siphoning gasoline from a truck
• stealing tools from a tool shed and a welding machine from a yard
• shoplifting three belts from a department store
• shoplifting several digital cameras
• shoplifting two jerseys from an athletic store
• taking a television, circular saw, and a power converter from a vacant house
• breaking into a closed liquor store in the middle of the night

Other nonviolent crimes that resulted in life-without-parole sentences include the following:
• making a drunken threat to a police officer while handcuffed in the back of a patrol car
• possession of a firearm by a convicted felon
• taking an abusive stepfather’s gun from their shared home

These cases are not outliers or flukes. Sentencing nonviolent offenders to die in prison is the direct outcome of harsh sentencing laws. This is the end result of policies put in place in the 1980s and 1990s: mothers and fathers separated from their children forever, toddlers and teens left parentless for a lifetime, aging and infirm parents left without family, first-time nonviolent offenders permanently denied a second chance, and young Black and low-income men and women locked up for the rest of their lives at as young as 18 years old.

Who is Serving Life without Parole for Nonviolent Crimes?

In the cases we documented, the prisoners serving LWOP are generally first-time drug offenders or nonviolent repeat offenders. These nonviolent lifers include drug couriers; drug addicts who sold small amounts of drugs in order to support their addictions; petty thieves; and girlfriends or wives who were caught up in the mass arrests of members of drug conspiracies and, because they knew little about their partners’ or ex-partners’ drug activities, were unable to trade information for more lenient sentences. Some did distribute large quantities of drugs but have been incarcerated for decades and have demonstrated both remorse and rehabilitation. Others were sentenced to LWOP for crimes they committed as teenagers, in some cases for their minor roles in drug conspiracies starting when they were as young as 15 years old. Several are Vietnam War veterans who were introduced to drugs during their military service and battled
addiction after leaving the military. The vast majority come from poor families and did not graduate from high school.

Most are Black, and in some cases the circumstances of their stop, search, and subsequent arrests appear to have involved racial profiling. Some are mentally ill and imprisoned for behavior directly related to their mental illnesses. Others spiraled into drug addiction when they could not find work, and some began selling drugs to pay the bills after they lost their jobs or to pay off medical debts incurred when they
were uninsured. Most of the nonviolent crimes for which these prisoners are serving life without parole would be more appropriately addressed outside of the criminal justice system altogether, some by significantly shorter incarceration, and some with more readily available drug treatment and mental health
resources. In many of the cases documented by the ACLU, offenders committed their crimes because of drug addictions and had never been offered state-sponsored drug treatment, even during previous brief stints in jail and despite their willingness to enter treatment. Many of these addicts told the ACLU they asked for treatment after previous drug arrests but were denied. When they reoffended, they were locked up
for the rest of their lives.

Racial Disparity in Life-without- Parole Sentencing

There is a staggering racial disparity in life-withoutparole sentencing for nonviolent offenses. Blacks are disproportionately represented in the nationwide prison and jail population, but the disparities are even worse among the nationwide LWOP population and worse still among the nonviolent LWOP population. Based on data provided by the United States Sentencing Commission and state Departments of Corrections, the ACLU estimates that nationwide, 65.4 percent of prisoners serving LWOP for nonviolent offenses are Black, 17.8 percent are white, and 15.7 percent are Latino.

In the 646 cases examined for this report, the ACLU found that 72.9 percent of these documented prisoners serving LWOP for nonviolent offenses are Black, 19.8 percent are white, and 6.9 percent are Latino.
According to data collected and analyzed by the ACLU, Black prisoners comprise 91.4 percent of the nonviolent LWOP prison population in Louisiana, 78.5 percent in Mississippi, 70 percent in Illinois, 68.2 percent in South Carolina, 60.4 percent in Florida, 57.1 percent in Oklahoma, and 60 percent in the federal system. In the federal system, Blacks were sentenced to LWOP for nonviolent crimes at 20 times the
rate of whites. In Louisiana, the ACLU’s survey found that Blacks were 23 times more likely than whites to be sentenced to LWOP for a nonviolent crime. The racial disparities range from 33-to-1 in Illinois to 18-to-1 in Oklahoma, 8-to-1 in Florida, and 6-to-1 in Mississippi.

The rate of Latinos serving LWOP for nonviolent offenses ranges from a high of 12.7 per 1,000,000 residents in Louisiana to 9 in Oklahoma, 7.32 in Florida, 1.25 in Illinois, 11.24 in the federal system, and 0 in South Carolina and Mississippi. Latinos are serving life without parole for nonviolent crimes
at a rate that is almost 8 times the rate of whites in Illinois and almost twice the rate of whites in Louisiana. Blacks are sentenced to life without parole for nonviolent offenses at rates that suggest unequal treatment and that cannot be explained by white and Black defendants’ differential involvement in crime alone.

Find the report at

ACLU report chronicles thousands of lives ruined by life sentences for crimes such as shoplifting or possession of a crack pipe

65% of the prisoners identified nationwide by the ACLU are African American. In Louisiana, that proportion rises to 91%. Photograph: Peter Macdiarmid/Getty Images

At about 12.40pm on 2 January 1996, Timothy Jackson took a jacket from the Maison Blanche department store in New Orleans, draped it over his arm, and walked out of the store without paying for it. When he was accosted by a security guard, Jackson said: “I just needed another jacket, man.”

A few months later Jackson was convicted of shoplifting and sent to Angola prison in Louisiana. That was 16 years ago. Today he is still incarcerated in Angola, and will stay there for the rest of his natural life having been condemned to die in jail. All for the theft of a jacket, worth $159.

Jackson, 53, is one of 3,281 prisoners in America serving life sentences with no chance of parole for non-violent crimes. Some, like him, were given the most extreme punishment short of execution for shoplifting; one was condemned to die in prison for siphoning petrol from a truck; another for stealing tools from a tool shed; yet another for attempting to cash a stolen cheque.

“It has been very hard for me,” Jackson wrote to the American Civil Liberties Union (ACLU) as part of its new report on life without parole for non-violent offenders. “I know that for my crime I had to do some time, but a life sentence for a jacket value at $159. I have met people here whose crimes are a lot badder with way less time.”

Senior officials at Angola prison refused to allow the Guardian to speak to Jackson, on grounds that it might upset his victims – even though his crime was victim-less. But his sister Loretta Lumar did speak to the Guardian. She said that the last time she talked by phone with her brother he had expressed despair. “He told me, ‘Sister, this has really broke my back. I’m ready to come out.’”

Lumar said that she found her brother’s sentence incomprehensible. “This doesn’t make sense to me. I know people who have killed people, and they get a lesser sentence. That doesn’t make sense to me right there. You can take a life and get 15 or 16 years. He takes a jacket worth $159 and will stay in jail forever. He didn’t kill the jacket!”

The ACLU’s report, A Living Death, chronicles the thousands of lives ruined and families destroyed by the modern phenomenon of sentencing people to die behind bars for non-violent offences. It notes that contrary to the expectation that such a harsh penalty would be meted out only to the most serious offenders, people have been caught in this brutal trap for sometimes the most petty causes.

Ronald Washington, 48, is also serving life without parole in Angola, in his case for shoplifting two Michael Jordan jerseys from a Foot Action sportswear store in Shreveport, Louisiana, in 2004. Washington insisted at trial that the jerseys were reduced in a sale to $45 each – which meant that their combined value was below the $100 needed to classify the theft as a felony; the prosecution disagreed, claiming they were on sale for $60 each, thus surpassing the $100 felony minimum and opening him up to a sentence of life without parole.

“I felt as though somebody had just taken the life out of my body,” Washington wrote to the ACLU about the moment he learnt his fate. “I seriously felt rejected, neglected, stabbed right through my heart.”

He added: “It’s a very lonely world, seems that nobody cares. You’re never ever returning back into society. And whatever you had or established, its now useless, because you’re being buried alive at slow pace.”

Louisiana, where both Washington and Jackson are held, is one of nine states where prisoners are serving life without parole sentences for non-violent offences (other states with high numbers are Alabama, Florida, Mississippi, Oklahoma and South Carolina). An overwhelming proportion of those sentences – as many as 98% in Louisiana – were mandatory: in other words judges had no discretion but to impose the swingeing penalties.

The warden of Angola prison, Burl Cain, has spoken out in forthright terms against a system that mandates punishment without any chance of rehabilitation. He told the ACLU: “It’s ridiculous, because the name of our business is ‘corrections’ – to correct deviant behaviour. If I’m a successful warden and I do my job and we correct the deviant behaviour, then we should have a parole hearing. I need to keep predators in these big old prisons, not dying old men.”

The toll is not confined to the state level: most of those non-violent inmates held on life without parole sentences were given their punishments by the federal government. More than 2,000 of the 3,281 individuals tracked down on these sentences by the ACLU are being held in the federal system. Overall, the ACLU has calculated that taxpayers pay an additional $1.8bn to keep the prisoners locked up for the rest of their lives.
Timothy Jackson, in an old license photograph. Photograph: Jackson family
‘It doesn’t have to be this way’

Until the early 1970s, life without parole sentences were virtually unknown. But they exploded as part of what the ACLU calls America’s “late-twentieth-century obsession with mass incarceration and extreme, inhumane penalties.”

The report’s author Jennifer Turner states that today, the US is “virtually alone in its willingness to sentence non-violent offenders to die behind bars.” Life without parole for non-violent sentences has been ruled a violation of human rights by the European Court of Human Rights. The UK is one of only two countries in Europe that still metes out the penalty at all, and even then only in 49 cases of murder.

Even within America’s starkly racially-charged penal system, the disparities in non-violent life without parole are stunning. About 65% of the prisoners identified nationwide by the ACLU are African American. In Louisiana, that proportion rises to 91%, including Jackson and Washington who are both black.

The US has the highest incarceration rate in the world, with 2.3 million people now in custody, with the war on drugs acting as the overriding push-factor. Of the prisoners serving life without parole for non-violent offences nationwide, the ACLU estimates that almost 80% were for drug-related crimes.

Again, the offences involved can be startlingly petty. Drug cases itemised in the report include a man sentenced to die in prison for having been found in possession of a crack pipe; an offender with a bottle cap that contained a trace of heroin that was too small to measure; a prisoner arrested with a trace amount of cocaine in their pocket too tiny to see with the naked eye; a man who acted as a go-between in a sale to an undercover police officer of marijuana – street value $10.

Drugs are present in the background of Timothy Jackson’s case too. He was high when he went to the Maison Blanche store, and he says that as a result he shoplifted “without thinking”. Paradoxically, like many of the other prisoners on similar penalties, the first time he was offered drug treatment was after he had already been condemned to spend the rest of his life in jail.

The theft of the $159 jacket, taken in isolation, carries today a six-month jail term. It was combined at Jackson’s sentencing hearing with his previous convictions – all for non-violent crimes including a robbery in which he took $216 – that brought him under Louisiana’s brutal “four-strikes” law by which it became mandatory for him to be locked up and the key thrown away.

The ACLU concludes that it does not have to be this way – suitable alternatives are readily at hand, including shorter prison terms and the provision of drug treatment and mental health services. The organisation calls on Congress, the Obama administration and state legislatures to end the imposition of mandatory life without parole for non-violent offenders and to require re-sentencing hearings for all those already caught in this judicial black hole.

A few months after Timothy Jackson was put away for life, a Louisiana appeals court reviewed the case and found it “excessive”, “inappropriate” and “a prime example of an unjust result”. Describing Jackson as a “petty thief”, the court threw out the sentence.

The following year, in 1998, the state’s supreme court gave a final ruling. “This sentence is constitutionally excessive in that it is grossly out of proportion to the seriousness of the offence,” concluded Judge Bernette Johnson. However, she found that the state’s four strikes law that mandates life without parole could only be overturned in rare instances, and as a result she reinstated the sentence – putting Jackson back inside his cell until the day he dies.

“I am much older and I have learned a lot about myself,” Jackson wrote to the ACLU from that cell. “I am sorry for the crime that I did, and I am a changed man.”

Jackson expressed a hope that he would be granted his freedom when he was still young enough to make something of his life and “help others”. But, barring a reform of the law, the day of his release will never come.

Ed Pilkington in New York
theguardian.com, Wednesday 13 November 2013 05.00 GMT

Find this story at 13 November 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Anonymous hacktivist told court FBI informant and fellow hacker Sabu supplied him with list of countries vulnerable to cyber-attack

Hammond said: ‘I took responsibility by pleading guilty, but when will the government be made to answer for its crimes?’ Photograph: Michael Gottschalk/AFP

The Anonymous hacktivist sentenced on Friday to 10 years in federal prison for his role in releasing thousands of emails from the private intelligence firm Stratfor has told a Manhattan court that he was directed by an FBI informant to break into the official websites of several governments around the world.

Jeremy Hammond, 28, told a federal court for the southern district of New York that a fellow hacker who went under the internet pseudonym “Sabu” had supplied him with lists of websites that were vulnerable to attack, including those of many foreign countries. The defendant mentioned specifically Brazil, Iran and Turkey before being stopped by judge Loretta Preska, who had ruled previously that the names of all the countries involved should be redacted to retain their secrecy.

Within a couple of hours of the hearing, the three countries had been identified publicly by Forbes, the Huffington Post and Twitter feeds serving more than a million followers. “I broke into numerous sites and handed over passwords and backdoors that enabled Sabu – and by extension his FBI handlers – to control these targets,” Hammond told the court.

The 28-year-old hacker has floated the theory in the past that he was used as part of an effective private army by the FBI to target vulnerable foreign government websites, using the informant Sabu – real name Hector Xavier Monsegur – as a go-between. Sabu, who was a leading figure in the Anonymous-affiliated hacking group LulzSec, was turned by the FBI into one of its primary informants on the hacker world after he was arrested in 2011, about six months before the Stratfor website was breached.

Referring to the hacking of foreign government websites, Hammond said that in one instance, he and Sabu provided details on how to crack into the websites of one particular unidentified country to other hackers who then went on to deface and destroy those websites. “I don’t know how other information I provided to [Sabu] may have been used, but I think the government’s collection and use of this data needs to be investigated,” he told the court

He added: “The government celebrates my conviction and imprisonment, hoping that it will close the door on the full story. I took responsibility for my actions, by pleading guilty, but when will the government be made to answer for its crimes?”

Hammond’s 10-year federal prison service makes it one of the longest punishments dished out for criminal hacking offences in US history. It joins a lengthening line of long jail terms imposed on hackers and whistleblowers as part of the US authorities’ attempt to contain data security of government agencies and corporations in the digital age.

Preska also imposed a three-year period of probationary supervision once Hammond is released from jail that included extraordinary measures designed to prevent him ever hacking again. The terms of the supervision state that when he is out of prison he must: have no contact with “electronic civil disobedience websites or organisations”; have all his internet activity monitored; subject himself to searches of his body, house, car or any other possessions at any time without warrant; and never do anything to hide his identity on the internet.

Hammond’s 10-year sentence was the maximum available to the judge after he pleaded guilty to one count of the Computer Fraud and Abuse Act (CFAA) relating to his December 2011 breach of the website of the Austin, Texas-based private intelligence company Strategic Forecasting, Inc. Delivering the sentence, Preska dismissed the defendant’s explanation of his motivation as one of concern for social justice, saying that he had in fact intended to create “maximum mayhem”. “There is nothing high-minded and public-spirited about causing mayhem,” the judge said.

She quoted from comments made by Hammond under various internet handles at the time of the Stratfor hack in which he had talked about his goal of “destroying the heart, hoping for bankruptcy, collapse”. She criticised what she called his “unrepentant recidivism – he has an almost unbroken record of offences that demonstrate an almost total disrespect for the law.”

Before the sentence came down, Hammond read out an outspoken statement to court in which he said he had been motivated to join the hacker group Anonymous because of a desire to “continue the work of exposing and confronting corruption”. He said he had been “particularly moved by the heroic actions of Chelsea Manning, who had exposed the atrocities committed by US forces in Iraq and Afghanistan. She took an enormous personal risk to leak this information – believing that the public had a right to know and hoping that her disclosures would be a positive step to end these abuses.”

In his own case, he said that as a result of the Stratfor hack, “some of the dangers of the unregulated private intelligence industry are now known. It has been revealed through Wikileaks and other journalists around the world that Stratfor maintained a worldwide network of informants that they used to engage in intrusive and possibly illegal surveillance activities on behalf of large multinational corporations.”

Margaret Kunstler, a prominent member of the Hammond’s defence team, told the Guardian after the sentencing that the maximum punishment was “not a great surprise”. She said that Preska had turned Hammond’s own comments in web chats against him, “but I think she doesn’t understand the language that’s used in chat rooms and the internet – for her to have used such language against him and not understand what his comments meant seemed piggy to say the least.”

• This article was amended on 17 November 2013. An earlier version incorrectly described Margaret Kunstler as Hammond’s lead defence lawyer.

Ed Pilkington in New York
theguardian.com, Friday 15 November 2013 20.22 GMT

Find this story at 15 November 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

On the day he learned he was to spend 10 years in federal prison for his involvement in an Anonymous hack, 28-year-old Jeremy Hammond read a statement to the Manhattan court. As well as framing his hacktivism as a public service, aimed at revealing the shadier operations of corporate intelligence firms, Hammond told the court that the FBI had played a significant role in cyberattacks in which he had participated, using infamous Anonymous snitch Sabu to provide information to hackers.

Hammond specifically noted that the FBI informant had provided him with information on vulnerabilities within the official websites of various governments around the world, including Brazil, Syria, Iran and Turkey. (The names of the nations were redacted from the court statement, but soon emerged online.)

Hammond stated: “I broke into numerous sites and handed over passwords and back doors that enabled Sabu — and by extension his FBI handlers — to control these targets … The government celebrates my conviction and imprisonment, hoping that it will close the door on the full story. I took responsibility for my actions, by pleading guilty, but when will the government be made to answer for its crimes?”

The hackivist’s contention here is that the U.S. government used hackers to garner information on, and cyber-advantage over, foreign governments. The hackers were then condemned as criminal, having unwittingly performed services for the U.S. government through illegal hacks. Whether or not the targets provided by Sabu were actually of interest to U.S. national intelligence, or whether they were simply valueless sting bate for hackers is unclear. What is evident, however, is that without government assistance, a number of illegal hacks would not have been carried out as they were. The decades-old question thus arises of when a government sting crosses the boundary into entrapment. In the years since 9/11, little more than a faint line in the sand seems to distinguish (legal) stings and (illegal) entrapment operations by the FBI.
advertisement

The criterion purportedly dividing sting and entrapment operations is weak. An operation counts as a sting (as opposed to entrapment) if it can be shown that a suspect would have carried out the crime, given the chance. It’s a perverse logic of hypotheticals when the government provides all the conditions for a crime to take place (e.g., providing talented hackers with government targets) — conditions that would not have been in place otherwise. A number of recent FBI cases relating to political activism have reeked of entrapment, but have been framed as stings. Recall, for example, the group of young Cleveland anarchists, strung along by an FBI agent into agreeing on a plan to blow up a bridge. The young men were, at every turn, prompted and offered materials by an FBI informant. “The alleged terrorist masterminds end up seeming, when the full story comes out, unable to terrorize their way out of a paper bag without law enforcement tutelage,” noted Rick Perlstein on the case in Rolling Stone last year.

Hammond’s case is different. The 28-year-old is a smart, articulate and experienced activist and hacker. As his guilty plea made clear, he knew what he was doing and he acted in what he felt was the public interest, to expose and hold accountable the private intelligence industry. However, Hammond also engaged in wholly government-prompted hacks and is now being ferociously punished. If it can be shown that the U.S. government used information gathered by hackers on Sabu’s tips, crucial questions arise about why the hackers and not the government agencies that used their skills are being persecuted. If, however, Sabu’s information about foreign government sites’ vulnerabilities were no more than a lure, questions of entrapment should be raised. Either way, as Hammond begins his lengthy federal prison sentence for a nonviolent crime, through which he received no personal enrichment, the FBI’s role in catching the hacktivist deserves greater scrutiny.

monday, Nov 18, 2013 05:51 PM +0100
Natasha Lennard

Find this story at 18 November 2013

© 2013 Salon Media Group, Inc.

Hammond calls his 10-year sentence a ‘vengeful, spiteful act’ by US authorities eager to put a chill on political hacking

‘I knew when I started out with Anonymous that being put in jail and having a lengthy sentence was a possibility,’ Hammond said. Photo: AP

Jeremy Hammond, the Anonymous hacktivist who released millions of emails relating to the private intelligence firm Stratfor, has denounced his prosecution and lengthy prison sentence as a “vengeful, spiteful act” designed to put a chill on politically-motivated hacking.

Hammond was sentenced on Friday at federal court in Manhattan to the maximum 10 years in jail, plus three years supervised release. He had pleaded guilty to one count under the Computer Fraud and Abuse Act (CFAA) flowing from his 2011 hack of Strategic Forecasting, Inc, known as Stratfor. In an interview with the Guardian in the Metropolitan Correction Center in New York, conducted on Thursday, he said he was resigned to a long prison term which he sees as a conscious attempt by the US authorities to put a chill on political hacking.

He had no doubt that his sentence would be long, describing it as a “vengeful, spiteful act”. He said of his prosecutors: “They have made it clear they are trying to send a message to others who come after me. A lot of it is because they got slapped around, they were embarrassed by Anonymous and they feel that they need to save face.”

Most pointedly, Hammond suggested that the FBI may have manipulated him to carry out hacking attacks on “dozens” of foreign government websites. During his time with Anonymous, the loose collective of hackers working alongside WikiLeaks and other anti-secrecy groups, he was often directed by a individual known pseudonomously on the web as “Sabu”, the leader of the Anonymous-affiliated group Lulzsec, who turned out to be an FBI informant.

Hammond, who is under court orders restricting what he says in public, told the Guardian that Sabu presented him with a list of targets, including many foreign government sites, and encouraged him to break into their computer systems. He said he was not sure whether Sabu was in turn acting on behalf of the FBI or other US government agency, but it was even possible that the FBI was using Sabu’s internet handle directly as contact between the two hackers was always made through cyberspace, never face-to-face.

“It is kind of funny that here they are sentencing me for hacking Stratfor, but at the same time as I was doing that an FBI informant was suggesting to me foreign targets to hit. So you have to wonder how much they really care about protecting the security of websites.”

In the interview, conducted in a secure prison meeting room hours before the 28-year-old Chicagoan was sentenced, he was sanguine about his prospects. “I knew when I started out with Anonymous that being put in jail and having a lengthy sentence was a possibility. Given the nature of the targets I was going after I knew I would upset a lot of powerful people.”

Dressed in a brown prison jump suit, and with a long wispy goatee and moustache (he planned to shave both off before the sentencing hearing), Hammond was scathing about the way the CFAA was being twisted in his view for political ends. “They are widening the definition of what is covered by the Act and using it to target specifically political activists,” he said.

He invoked the memory of Aaron Swartz, the open-data crusader who killed himself in January while awaiting trial under the CFAA for releasing documents from behind the subscription-only paywall of an online research group. “The same beast bit us both,” Hammond said. “They went after Aaron because of his involvement in legitimate political causes – they railroaded charges against him, and look what happened.”

Hammond has been in custody since March 2012 having been arrested in Chicago on suspicion of the Stratfor leak of millions of emails that were eventually released by WikiLeaks as the Global Intelligence Files. His sentence is an indication of the aggression with which prosecutors have been pursuing political hackers in the US – other Anonymous members in Britain involved in the breach of Stratfor were sentenced to much shorter jail terms.

Hammond stressed that he had not benefitted personally in any way from the Stratfor email release, that exposed surveillance by private security firms on activists including Anonymous members themselves, Occupy protesters and campaigners in Bhopal, India involved in the push for compensation for victims of the 1984 industrial catastrophe. “Our main purpose in carrying out the Stratfor hack was to find out what private security and intelligence companies were doing, though none of us had any idea of the scale of it.”

Paradoxically, Hammond insists that he would never have carried out the breach of Stratfor’s computer system had he not been led into doing it by Sabu – real name Hector Xavier Monsegur – the fellow hacker who is himself awaiting sentencing having pleaded guilty to 12 hacking-related criminal charges. “I had never heard of Stratfor until Sabu brought in another hacker who told me about it. Practically, I would never have done the Stratfor hack without Sabu’s involvement.”

Hammond discovered that Monsegur was an FBI informant the day after his own arrest. As he was reading the criminal complaint against him, he saw quotes marked CW for “co-operating witness” that contained details that could only have come from Sabu.

“I felt betrayed, obviously. Though I knew these things happen. What surprised me was that Sabu was involved in so much strategic targeting, in actually identifying targets. He gave me the information on targets.”

Part of Sabu’s interest in him, he now believes, was that Hammond had access to advanced tools including one known as PLESK that allowed him to break into web systems used by large numbers of foreign governments. “The FBI and NSA are clearly able to do their own hacking of other countries. But when a new vulnerability emerges in internet security, sometimes hackers have access to tools that are ahead of them that can be very valuable,” he said.

Looking back on his involvement with anonymous, the Chicagoan said that he had been drawn to work with Anonymous, because he saw it as “a model of resistance – it was decentralised, leaderless.” He grew increasingly political in his hacking focus, partly under the influence of the Occupy movement that began in Wall Street in September 2011 and spread across the country.

Chelsea Manning, the US soldier formerly known as Bradley who leaked a massive trove of state secrets to WikiLeaks now serving a 35-year sentence in military jail, was a major influence on him. Manning showed him that “powerful institutions – whether military or private security firms – are involved in unaccountable activities that the public is totally unaware of that can only be exposed by whistleblowers and hackers”.

Hammond has often described himself as an anarchist. He has a tattoo on his left shoulder of the anarchy symbol with the words: “Freedom, equality, anarchy”. Another tattoo on his left forearm shows the Chinese representation of “leader” or “army”, and a third tattoo on his right forearm is a glider signifying the hacking open-source movement that is drawn from the computer simulation Game of Life .

He says he plans to use his time in prison “reading, writing, working out and playing sports – training myself to become more disciplined so I can be more effective on my release”. As to that release, he says he cannot predict how he will be thinking when he emerges from jail, but doubts that he would go back to hacking. “I think my days of hacking are done. That’s a role for somebody else now,” he said.

Ed Pilkington in New York
theguardian.com, Friday 15 November 2013 17.12 GMT

Find this story at 15 November 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Jeremy Hammond, the Chicago activist and hacktivist (an activist who uses computer networks for political
protests and other actions), was sentenced last week to 10 years in prison and three years of supervised release for hacking into the intelligence contractor Strategic Forcasting (or Stratfor) and other government, law enforcement and military suppliers’ websites.

The Stratfor hack resulted in a cache of 5.2 million leaked emails and account information for approximately 860,000 Stratfor subscribers and clients, including information from 60,000 credit cards. To list a few of the many revelations, the emails revealed domestic spying on activists, including Occupy Wall Street; surveillance through persona management programs or fake online personas (“sock puppets”); and attempts to link American activist and journalist Alexa O’Brien to al-Qaeda. The Stratfor hack pullled back the curtain on the ofttimes illegal goings-on in the shadowy world of intelligence contractors.

Mr. Hammond’s supervised release includes limited computer access and prohibits him using encryption and from associating with civil disobedience groups. The ban on encryption shows a fundamental misunderstanding of how the Internet works. Encryption is used in nearly every online transaction, such as email, social networking and online banking. The broad ban on freedom of association raises potential Constitutional issues. At the time of his arrest, Mr. Hammond was working under the banner of AntiSec, an offshoot of the hacktivist collective Anonymous.

Jeremy Hammond, American Political Prisoner, courtesy of @FreeAnons.

The packed courtroom looked more like a church wedding than a sentencing, with dozens of Westpoint cadets on a field trip sitting on the left and Mr. Hammond’s parents, friends and supporters — who caravanned from all over the U.S. to show solidarity for their fallen comrade — sitting on the right. Mr. Hammond, his attorneys, Sarah, Emily and Margaret Kunstler and Susan Kellman faced the stoic Judge Loretta Preska presiding over the solemn ceremony.

On September 10th I visited Jeremy Hammond at Manhattan Correctional Center where he had been incarcerated for 18 months. Mr. Hammond, who was denied bail, was also disallowed all visitors, including family members. I am the first journalist with whom Mr. Hammond met since his arrest in March 2012. This interview was held months before sentencing. At the request of Mr. Hammond’s attorneys, who feared his words would be used at sentencing against him, I delayed publishing.
____________________________

Vivien Lesnik Weisman: You are both a boots on the ground activist and a hacktivist. Can you explain hacktivisim, hacking for political purposes and off line activism?

Jeremy Hammond: Hackers are by nature critical of systems, hacking is activism. The very act of hacking is inherently activist and political.

VLW: How effective is activism without the added thread of technology, or hacktivism, in the modern world? Which is more effective?

JH: Hacking is never going to take the place of grassroots community organizing. They complement each other.

There is more to it of course than hacking. Hacktivism involves online social networking, sharing ideas. Protest is predictable; they know how to contain it. The government knows how to ignore it. Both direct action and civil disobedience are unpredictable. I’m all for it.

I see hacktivism as a direct action tool. Offensive hacking with political intent is really nothing more than one more direct action tool. What you do when you get the information is what determines its efficacy as a direct action tool.

And now because of the state of the world — foreclosures, the wars — hackers are becoming politicized. We break into systems and then movements like Occupy deliver the message. It all works together. There is street protest. There is direct action, and hacking is one more tool.

Subverzo, hacktivist, at post-sentencing rally, Foley Square. Photo credit: Still from The Reality Wars, A.J. Abucay DP

VLW: How did the decision to target the intelligence contractor, Stratfor, come about and what was your involvement?

JH: Another hacker, who has not been indicted and therefore I will not name, brought the vulnerability. He had the credit cards already, before I ever got involved, on the Dec 5th. He chose Stratfor and brought it to us. There were 12 of us in the IRC (chat room) at that time.

Stratfor was chosen by that hacker because Stratfor had targeted Anonymous and specifically #OpCartel (Anonymous action against Mexican drug cartels).

Then the 12 of us in a private IRC channel approved it on the merits, as a meritocracy, the Anon way.

None of the 12 in that chat room that included me and Sabu [hacker leader turned FBI informant] have ever been caught.

Amongst the 12 were not only hackers. Some were social media types who brought attention to the actions.

I did the Stratfor hack all by myself except for the original vulnerability. I was the main hacker in Anti-Sec.

Sabu refers to Hetcor Xavier Monsegur, hacker and leader of LulzSec, an offshoot of Anonymous. LulzSec was an elite hacker collective that obtained notoriety as much for their high profile targets as for their clever self-promotion. Sabu was arrested by the FBI and began working for them that day. The following day he announced the formation of AntiSec, “the biggest unified collective of hackers in history.” Both in private IRC and through his various public Twitter accounts he encouraged hackers to join AntiSec and commit hacking crimes. Many hacktivists and rights organizations see these — including the Statfor hack — as government created crimes given that Sabu was working for his FBI handlers at the time he was inciting hackers to join AntiSec. After Sabu was turned, all of his actions can be seen as government actions. In essence, the name Sabu and the government can be used interchangeably in this context.

He is responsible for the arrests of many Anons including Jeremy Hammond.

Hector Xavier Monsegur Jr, hacker known by his nom de guerre Sabu, FBI informant.

VLW: Did you ever suspect that Sabu was a Fed (FBI informant) before that became public?

JH: I was in a chat room with 12 hackers. Chances are someone in there was a Fed. I don’t work with anyone who has not taken risks alongside me. Sabu had taken risks and hacked himself. Still, I could have done this all on my own. I was the main hacker in Anti-Sec.

VLW: And that hacker who provided the exploits also came with the credit cards? And were the credit cards live?

JH: Yes. The credit cards were live. We all spoke on Dec 6th and planned a coordinated day of action when we would choose charities and use the credit cards to make donations for Christmas to these charities, Christmas donations.

VLW: LulzXmas?

JH: Yes.

Jeremy Hammond is often referred to as a digital Robin Hood for his participation in LulzXmas. Margaret Ratner Kunstler, Hammond’s attorney, clarified that her client did not himself make any donations or use the credit cards. He also did not personally profit from the hacked credit cards.

JH: But our main focus was the emails, to reveal the spying. Stratfor was spying on the world. We revealed the anti-WikiLeaks actions by Stratfor. Stratfor was spying on Occupy Wall Street, WikiLeaks, and Anonymous.

We didn’t even know about the Venezuelan coup discussions proving U.S. involvement in the attempted coup until we saw that in the Strafor emails later.

It was all revealed on WikLeaks but I had moved on. I’d rather be hacking.

[He smiles.]

VLW: There is speculation that the Stratfor hack was designed by the government and carried out by their informant Sabu as an attempt to entrap Julian Assange by getting him to solicit information or even sell him information. Were you aware of such a plan and if so did you make a conscious decision to foil that plan by dumping on the Pirate Bay before the transaction could be completed?

JH: No, that did not happen. Julian Assange and WikiLeaks was not a factor.

In fact, many hacktivists make the claim that the Stratfor hack was designed to entrap Julian Assange. Hammond is not necessarily in a position to know whether that was the case or not.

VLW: Stratfor was notified by the government that they had been penetrated and told to do nothing. Why did they allow Stratfor to be sacrificed?

JH: We do not know to what degree they notified Stratfor. Interesting question, but we don’t know.

VLW: Why did the Stratfor hack take so long to complete? And why destroy the servers?

JH: I had to get to the mail servers. It takes time. We always destroy the servers.

First you deface, then you take the information, then you destroy the server, for the Lulz [for fun], and so they can’t rebuild the system. We don’t want them to rebuild. And to destroy forensic information that could be used to find out who did it and how it was done.

VLW: What are your preferred targets?

JH: My preferred targets are military contractors, military suppliers and law enforcement.

VLW: Intelligence contractors like Stratfor?

JH: Tech intelligence firms are a preferred target. Tech firms — where white hat hackers are paid to target the 99% for their corporate overlord clients.

Chris Hedges, journalist, TruthDig columnist, speaks at Hammond Rally. Photo credit: Still from The Reality Wars, A.J. Abucay DP

Those firms also contain the keys to their corporate clients so there is a big payoff — Endgame Systems and Palantir, for example.

Endgame Systems is the subject of much discussion. Engame Systems is self-described as providing offensive and defensive vulnerability research, mitigation of cyber-threats and cyber operations platforms. It is in the business of selling “zero day exploits.” That is, the vulnerabilities that have not yet been detected. According to a Business Week article, these zero day exploits are militarized and include entire blueprints of the computer systems of airports and other critical infrastructure including that of our western allies for example Paris’s Charles De Gaulle Airport. It is difficult to see how the sale of these exploits makes us more secure.

A package of these zero day exploits can be purchased for 2.5 million dollars a year. The price list was revealed in a cache of emails in the HBGary hack, an earlier Anonymous operation. Endgame weaponry is sold by region — China, the Middle East, Russia, Latin America, and Europe. There are even target packs for European and other allies. That raises the question of whether these exploits are being sold to foreign actors. Even if not sold directly to enemies of the U.S., cyber munitions like conventional arms have a way of showing up in unintended places. Once these exploits are out there they are vulnerable to rouge hackers and rogue states.

JH: White hat hackers are being paid to do supposedly defensive actions but they are offensive. White hat hackers are supposed to identify a vulnerability and then announce. But instead they sell the vulnerability, the exploits. So if you hack for the thrill it’s not ok. But for money, like Endgames, then somehow it is. And instead of going to jail for hacking you get awarded a government contract.

At least, the NSA is supposed to — and that is a big “supposed to” — have some kind of government oversight and again that’s overstated; these government contractors, intel firms and tech firms like Stratfor have no oversight whatsoever. They are not bound by any laws. They are above the law. No FOIA (request for classified or other non-public information from the government under the Freedom Of Information Act) can compel them to reveal what they do. Rogue hackers have better access to vulnerabilities than government hackers.

VLW: That reminds me of The Conscience of a Hacker by the Mentor. Did you read that?

Known as the Hacker Manifesto, it could just be Jeremy Hammond’s ethos.

It reads:
You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it’s for our own good, yet we’re the criminals.

Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like.

My crime is that of outsmarting you, something that you will never forgive me for. I am a hacker, and this is my manifesto. You may stop this individual, but you can’t stop us all… after all, we’re all alike.

JH: From the 90’s? You hate me because I’m better than you are. Yeah, yeah.

[He smiles.]

Citizen journalist/activist and Hammond supporter Tara Jill Livestreams outside the court house. Photo credit: Still from The Reality Wars, A.J. Abucay DP

VLW: What do you think about the new battlefield, or cyberwarfare?

JH: The government calls it cybersecurity, but it’s really offensive hacking not just defensive.

The Department of Defense deals in war and aggression but it is not called Department of War is it? The government calls what they do mitigation of the threat of a cyber offensive. But these are offensive acts. They are acts of war. This is the new terrain. The new battlefield.

The war is on and it’s for the Internet. They spy on us, they spy on others, intellectual property rights wars, censorship….

For example, when encryption first came out PGP (Pretty Good Privacy, the first publicly available encryption software) it was called a munition and they immediately tried to ban it.

Encryption is part of our arsenal. It trumps the surveillance state.

As Mr. Hammond was waiting to be handcuffed in order for me to be escorted out of the small room at Manhattan Correctional Center where Mr. Hammond and I had conversed for over 4 hours, I asked him one last question.

VLW: You want to challenge the political system in the US and the world with technology. Is technology your weapon in the same way rifles were weapons in the past? Are you willing to die for your cause?

Handcuffed and standing before me with the guard awaiting my exit he pondered the question. As the guard ushered me out he responded.

JH: Die for my cause? Yes.
Go to prison, die for my cause… or choose to live a life of submission.
____________________________

Mr. Hammond’s bold and principled stand is sure to inspire others to make a similar choice.

This is part one of a two part article.

I am currently working on The Reality Wars, a feature length documentary about the targeting of activists, hacktivists and journalists by the US government and the nexus between intelligence contractors and the surveillance state. Jeremy Hammond and the Stratfor hack are covered in my film.

Posted: 11/19/2013 10:18 am

Find this story at 19 November 2013

© 2013 TheHuffingtonPost.com, Inc.

Cyber-activist Jeremy Hammond was sentenced to 10 years in federal prison this morning by Judge Loretta A. Preska in a federal courtroom in lower Manhattan for hacking the private intelligence firm Stratfor. When released, Hammond will be placed under supervised control, the terms of which include a prohibition on encryption or attempting to anonymize his identity online.

Hammond has shown a “total lack of respect for the law,” Judge Preska said in her ruling, citing Hammond’s criminal record – which includes a felony conviction for hacking from when he was 19 – and what she called “unrepentant recidivism.” There is a “desperate need to promote respect for the law,” she said, as well as a “need for adequate public deterrence.”

Read ‘Enemy of the State,’ Our 2012 Feature on Jeremy Hammond’s Rise and Fall

As Hammond was led into the courtroom, he looked over the roughly 100 supporters who had shown up, smiled, and said, “What’s up, everybody?” Prior to the verdict, he read from a prepared statement and said it was time for him to step away from hacking as a form of activism, but recognized that tactic’s continuing importance. “Those in power do not want the truth exposed,” Hammond said from the podium, wearing black prison garb. He later stated that the injustices he has fought against “cannot be cured by reform, but by civil disobedience and direct action.” He spoke out against capitalism and a wide range of other social ills, including mass incarceration and crackdowns on protest movements.

The Stratfor hack exposed previously unknown corporate spying on activists and organizers, including PETA and the Yes Men, and was largely constructed by the FBI using an informant named Hector Monsegur, better known by his online alias Sabu. Co-defendants in the U.K. were previously sentenced to relatively lighter terms. Citing Hammond’s record, Judge Preska said “there will not be any unwarranted sentencing disparity” between her ruling and the U.K. court’s decision.

Hammond’s supporters and attorneys had previously called on Judge Preska to recuse herself following the discovery that her husband was a victim of the hack she was charged with ruling on. That motion was denied. (Full disclosure: This reporter previously spoke at a rally calling on Judge Preska to recuse herself.)

Hammond’s defense team repeatedly stressed that their client was motivated by charitable intentions, a fact they said was reflected in his off-line life as well. Hammond has previously volunteered at Chicago soup kitchens, and has tutored fellow inmates in GED training during his incarceration.

Rosemary Nidiry, speaking for the prosecution, painted a picture of a malicious criminal motivated by a desire to create “maximum mayhem,” a phrase Hammond used in a chat log to describe what he hoped would come from the Stratfor hack. Thousands of private credit card numbers were released as a result of the Stratfor hack, which the government argued served no public good.

Sarah Kunstler, a defense attorney for Hammond, takes issue with both the prosecution and judge’s emphasis on the phrase “maximum mayhem” to the exclusion of Hammond’s broader philosophy shows an incomplete picture. “Political change can be disruptive and destructive,” Kunstler says. “That those words exclude political action is inaccurate.”

Many supporters see Hammond’s case as part of a broader trend of the government seeking what they say are disproportionately long sentences for acts that are better understood as civil disobedience than rampant criminality. Aaron Swartz, who faced prosecution under the Computer Fraud and Abuse Act – the same statute used to prosecute Hammond – took his own life last year, after facing possible decades in prison for downloading academic journals from an MIT server. “The tech industry promised open access and democratization,” says Roy Singham, Swartz’s old boss and executive chairman of ThoughtWorks, a software company that advocates for social justice. “What we’ve given the world is surveillance and spying.” Singham says it’s “shameful” that “titans of the tech world” have not supported Hammond.

Following his first conviction for hacking, Hammond said, he struggled with returning to that life, but felt it was his responsibility. That decision ultimately lead to the Stratfor hack. “I had to ask myself, if Chelsea Manning fell into the abysmal nightmare of prison fighting for the truth, could I in good conscience do any less, if I was able?” he said, addressing the court. “I thought the best way to demonstrate solidarity was to continue the work of exposing and confronting corruption.”

by John Knefel
NOVEMBER 15, 2013

Find this story at 15 November 2013

©2013 Rolling Stone