Constitutional Communications Indypendent article on secure email providers

Internet Service Providers You Can Trust

Newly leaked FBI guidelines for the use of National Security Letters (NSLs) have finally opened a window into how little control third parties, from Google, to Facebook to the phone company, have over the data of their users. The classified rules, were obtained by The Intercept in June, but date back to 2013, and concern the FBI’s use of national security letters (NSLs).

NSLs allow for an FBI agent to request any type of data from a third-party provider, and then use a gag order to prevent the provider from speaking about the fact that the data has ever been requested. This allows the bureau to obtain information about activists and journalists without going to a judge, as is the case with a regular search warrant, or informing the organization being targeted.

Sixteen thousand NSLs are issued annually. The letters only require the signature of a unit director at the FBI to obtain data from any provider and are often used for investigations that have nothing to do with national security, including investigations carried out against journalists who expose information that displeases the government. This type of surveillance has dubious legality and becomes even more dubious when evidence from these sources is used in criminal trials. The most striking use of information from NSL’s is when it is combined with “parallel construction”: the laundering of illegally acquired evidence into court proceedings.

Anyone who has watched the “The Wire” or “The Good Wife” has seen fictional examples of how parallel construction may currently happen. But the most clear-cut case of parallel construction in present-day prosecutions is through the Special Operations Division, a $125 million unit of the Drug Enforcement Administration (DEA), where agents are trained to utilize “parallel construction” to hide NSA or NSL data by covering it with fake witnesses. The use of this illegally acquired evidence in trials has therefore been hidden from attorneys, clients and the judiciary, threatening the integrity of the legal process as a whole. This startling practice undermines the Sixth Amendment right of defendants to know the evidence that is being used against them in an open court, and it destroys an attorney’s ability to effectively serve their clients. The vice chairman of the criminal justice section of the American Bar Association, James Felman, calls this domestic use of evidence from NSL or NSA intercepts “outrageous” and “indefensible.”

What can activists or concerned citizens do to stop this broad attack on freedom of speech and association? There are groups such as the National Lawyers Guild and The Electronic Frontier Foundation that work on specific legal strategies. As individuals, people need to understand that for law enforcement social media is public space. Although you may have privacy settings that can stop your mom or ex-partner from reading your posts, as far as federal law enforcement is concerned every page, post, mail, like or click on Facebook, Twitter, or Google could be used as evidence against you in a court of law.

To thwart these overbearing snoops there are a number of excellent Internet providers who take user privacy seriously, don’t collect log data and/or utilize warrant canaries that allow them to warn users if they are ever asked to comply with government requests for NSL information. There are a number of long-running projects that exist to support activists maintain their constitutional rights while using digital communications. Two of special significance are Riseup.net and Mayfirst.org.

Riseup.net is a non-profit collective active since the 1999 Seattle WTO protests. Riseup runs an email service (mail.riseup.net), a groupware network for organizing (we.riseup.net), pastebins for securely exchanging large files (share.riseup.net), a “google docs” type collaborative document writing (pad.riseup.net). All of these are maintained by ensuring no logging data is saved. It has a “warrant canary” that they publish and update regularly. It also allows people to sign up for and use services over the Tor network to preserve their anonymity (something that Google, Facebook, Apple, and Twitter, don’t allow.) Riseup relies on individual donations to survive.

May First/People Link (www.mayfirst.org) “engages in building movements by advancing the strategic use and collective control of technology for local struggles, global transformation, and emancipation without borders.” This redefines the concept of “Internet Service Provider” in a collective and collaborative way as a democratic membership organization with an elected Leadership Committee and coop model where everyone pay dues and collectively manage websites, email, email lists, and more.

This is the second in a two-part series.

Indypendent Issue # 216

First part: In an Age of Mass Surveillance, Encryption Gives Us an Edge

The Indypendent is a monthly New York City-based newspaper and website founded in 2000.  It has a print and online audience of more than 100,000 readers and has won more than 50 awards from the New York Community Media Alliance for excellence in journalism.

https://indypendent.org/2016/08/15/internet-service-providers-you-can-trust