How the feds are tracking us

Evidence continues to mount that the U.S. government is keen on tracking its citizens.

The FBI has started rolling out its $1 billion biometric Next Generation Identification (NGI) system, a nationwide database of mug shots, iris scans, DNA samples, voice recordings, palm prints, and other biometrics collected from more than 100 million Americans and intended to help identify and catch criminals.

The FBI has been piloting the program with several states and by the time its fully deployed in 2014 will have at its fingertips a facial recognition database that includes at least 12 million photos of peoples faces.

Privacy watchdog groups have some concerns. According to the Electronic Frontier Foundation, the NGI system will allow photo submissions independent of arrests.

This is a problem because the FBI has stated it wants to use its facial recognition system to identify subjects in public datasets and conduct automated surveillance at lookout locations, the EFF writes in a blog post. This suggests the FBI wants to be able to search and identify people in photos of crowds and in pictures posted on social media siteseven if the people in those photos havent been arrested for or even suspected of a crime. The FBI may also want to incorporate those crowd or social media photos into its face recognition database.

When an EFF representative testified at a U.S. Senate Subcommittee hearing on facial recognition in July, the organization said Americans should be concerned about the governments plans to bolster its facial recognition capabilities because it allows for covert, remote, and mass capture and identification of images, and the photos that may end up in a database include not just a persons face but also what she is wearing, what she might be carrying, and who she is associated with.

And theres much more.

TrapWire is 'person of interest' technology

Last month Wikileaks released a huge cache of leaked e-mail from private intelligence firm Stratfor regarding surveillance software called TrapWire. Used by both private industry and the U.S. government and its allies, TrapWire lets both public and private sector users contribute to counter-terrorism and anti-crime efforts.

The software uses algorithms and data from a variety of surveillance sources -- including CCTV and human-input from spotted 'suspicious' behavior -- to, in essence, 'predict' potentially criminal activity, explained ZDNets Zach Whittaker in a fantastic FAQ on the subject.

According to the leaks, TrapWire is in use in public places in Washington D.C., New York, Los Angeles, Seattle, London, some Canadian cities, and in privately owned Las Vegas casinos.

Apple IDs pilfered from an FBI laptop

A hacker collective known as AntiSec this week published more than a million UDIDsUnique Device Identifier numbers associated with Apple mobile devicesthat the group claims it stole from the laptop of an FBI agent. The information was acquired and released as a political statement by the hackers.

[Expletive] FBI IS USING YOUR DEVICE INFO FOR A TRACKING PEOPLE PROJECT OR SOME [expletive], reads AntiSecs announcement on Pastebin.

The details stolen from the FBI laptop included more personal information as wellsuch as full names, cell phone numbers, addresses, and zip codes, but AntiSec did not release that data.

The FBI says theres no evidence one of its laptops was compromised and AntiSec has followed up with cryptic evidence that it says validate its claims.

In any case, the UDIDs are legit and many people who have looked up the alphanumeric string of characters associated with their Apple devices are finding them on AntiSecs list. So if what AntiSec says is true, the big question is why does the FBI have peoples device identification and personal info?

[See more: Apple Device IDs Hacked: What You Need to Know]

Other Evidence

Legislation pending in the U.S. CongressCISPA in the House and SECURE IT in the Senateaims to protect the U.S. from cyberterrorism but would actually make it easier for the government to spy on people. The measures would allow companies to share users private data with the government without a warrant or any oversight.

[See more: 10 Terrible Tech Laws That Have You in Their Bulls-Eye]

And in January the Supreme Court ruled that police and the FBI violated the Fourth Amendment when they secretly attached a GPS tracker to a mans car and tracked him for 28 days. However, in preliminary proceedings surrounding the mans retrial, his attorney says prosecutors have records that indicate the locations of his cell phone for five months.

The American Civil Liberties Union takes issue with this and says tracking someones cell phone without a warrant is also unconstitutional, yet hundreds of law enforcement entities do it all the time.

The ACLU says the Geolocation Privacy and Surveillance (GPS) Act currently in Congress would require law enforcement agents to obtain a warrant before accessing a persons location information. To support the legislation, the ACLU has a tool on its website that will auto-generate a message to your legislators urging them to vote for the bill.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Christina DesMarais

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place