Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: E-Records

Investigative Report Claims NSA Hacking of Cellphone Networks Is Global

Ryan Gallagher – The Intercept“The AURORAGOLD operation is carried out by specialist NSA surveillance units whose existence has not been publicly disclosed: the Wireless Portfolio Management Office, which defines and carries out the NSA’s strategy for exploiting wireless communications, and the Target Technology Trends Center, which monitors the development of new communication technology to ensure that the NSA isn’t blindsided by innovations that could evade its surveillance reach. The center’s logo is a picture of the Earth overshadowed by a large telescope; its motto is “Predict – Plan – Prevent.” The NSA documents reveal that, as of May 2012, the agency had collected technical information on about 70 percent of cellphone networks worldwide—701 of an estimated 985—and was maintaining a list of 1,201 email “selectors” used to intercept internal company details from employees. (“Selector” is an agency term for a unique identifier like an email address or phone number.) From November 2011 to April 2012, between 363 and 1,354 selectors were “tasked” by the NSA for surveillance each month as part of AURORAGOLD, according to the documents. The secret operation appears to have been active since at least 2010. The information collected from the companies is passed onto NSA “signals development” teams that focus on infiltrating communication networks. It is also shared with other U.S. Intelligence Community agencies and with the NSA’s counterparts in countries that are part of the so-called “Five Eyes” surveillance alliance—the United Kingdom, Canada, Australia, and New Zealand.”

Documents published with this article:

Unprecedented leak of Sony Pictures internal personal data

“After sifting through almost 40GB of leaked internal data, one thing is clear: Sony Pictures appears to have suffered the most embarrassing and all-encompassing hack of internal corporate data ever made public. The data dump, which was reviewed extensively by BuzzFeed News, includes employee criminal background checks, salary negotiations, and doctors’ letters explaining the medical rationaleContinue Reading

Text of the Presidential and Federal Records Act Amendments of 2014

NARA – “On November 26, 2014, President Barack Obama signed into law H.R. 1233, the Presidential and Federal Records Act Amendments of 2014. This new law modernizes records management by focusing more directly on electronic records, and complements efforts by the National Archives and the Office of Management and Budget to implement the President’s 2011Continue Reading

Symantec – Government agencies and private sector businesses are drowning in information

Navigating Information Governance – “In addition to managing the growing variety, velocity, and volume of data, they must: Meet information transparency objectives Respond quickly to eDiscovery requirements Manage Freedom of Information Act (FOIA) requests and internal investigations Comply with records management regulations With data requirements skyrocketing, how can organizations leverage information governance to meet thisContinue Reading

Home Depot Reports Findings in Payment Data Breach Investigation

News release: “The Home Depot®, the world’s largest home improvement retailer, today disclosed additional findings related to the recent breach of its payment data systems. The findings are the result of weeks of investigation by The Home Depot, in cooperation with law enforcement and the company’s third-party IT security experts. Additional Investigation Details Disclosed – InContinue Reading

Bitcoin over Tor isn’t a good idea – Paper

Paper by Alex Biryukov, Ivan Pustogarov “Bitcoin is a decentralized P2P digital currency in which coins are generated by a distributed set of miners and transaction are broadcasted via a peer-to-peer network. While Bitcoin provides some level of anonymity (or rather pseudonymity) by encouraging the users to have any number of random-looking Bitcoin addresses, recent research shows that this level ofContinue Reading

Safeguarding the Personal Information of all People – ODNI

Office of the Director of National Intelligence (ODNI) – Safeguarding the Personal Information of all People, July 2014. “As the President said in his speech on January 17, 2014, “the challenges posed by threats like terrorism, proliferation, and cyber-attacks are not going away any time soon, and for our intelligence community to be effective over theContinue Reading

Retired NSA Technical Director Explains Snowden Docs

New Data Release from Centers for Medicare and Medicaid Services

FCW.com: “A new government database that debuted Sept. 30 offers information on financial connections between doctors and teaching hospitals and pharmaceutical firms and medical device manufacturers. The open-data play by the Centers for Medicare and Medicaid Services was mandated under provisions of the 2010 health care overhaul. The inaugural data dump covers $3.5 billion in payments fromContinue Reading

A Review of Security Requirements for Local Number Portability Administration

A Review of Security Requirements for Local Number Portability Administration, The Chertoff Group, September 29, 2014: “For years, Americans have had the legal right to keep their wireless and wireline telephone numbers when switching carriers, and they frequently exercise this right. Carriers must constantly keep track of this switching of carriers in order to route telephone callsContinue Reading

Appeals Court Limits Military Surveillance of Civilian Internet Use

“The U.S. Court of Appeals for the Ninth Circuit ruled in United States v. Dreyer that an agent for the Naval Criminal Investigative Service violated Defense Department regulations and the Posse Comitatus Act when he conducted a surveillance operation in Washington state to identify civilians who might be sharing illegal files. The 1878 Act prevents the U.S.Continue Reading

New GAO Reports – Army Corps of Engineers, Bureau of Prisons, CFPB, ID Theft, Oil and Gas Transportation, Affordable Care Act

ARMY CORPS OF ENGINEERS: The Corps Needs to Take Steps to Identify All Projects and Studies Eligible for Deauthorization, GAO-14-699: Published: Aug 21, 2014. Publicly Released: Sep 22, 2014. BUREAU OF PRISONS: Management of New Prison Activations Can Be Improved, GAO-14-709: Published: Aug 22, 2014. Publicly Released: Sep 22, 2014. CONSUMER FINANCIAL PROTECTION BUREAU:Some Privacy and Security Procedures for Data CollectionsContinue Reading