FDA Spied On Emails To Try To Silence Critics
from the and-it-may-have-just-made-new-critics dept
We've discussed how the government often seems much more focused on silencing leaks of information, rather than recognizing that those leaks are often highlighting serious misconduct. The latest example involves the Food and Drug Administration (FDA), who apparently started trying to find the source of a leak, but in the end started collecting thousands of emails to try to stifle all sorts of criticism of the FDA, as revealed by the NY Times over the weekend.What began as a narrow investigation into the possible leaking of confidential agency information by five scientists quickly grew in mid-2010 into a much broader campaign to counter outside critics of the agency’s medical review process, according to the cache of more than 80,000 pages of computer documents generated by the surveillance effort.The details show that the FDA installed key logger software on the computers of their own scientists, tracked the personal emails they wrote to others, and tracked documents they copied to key drives. Now, you can make a reasonable argument that since these were work laptops, the FDA has every right to track the usage, but it seems pretty clear that the FDA went really far here, and it wasn't just about stopping leaks, but about trying to stifle criticism and whistleblowing.
Moving to quell what one memorandum called the “collaboration” of the F.D.A.’s opponents, the surveillance operation identified 21 agency employees, Congressional officials, outside medical researchers and journalists thought to be working together to put out negative and “defamatory” information about the agency.
In fact, much of the evidence suggests that this absolutely was an attempt to blow the whistle on faulty review procedures by the FDA, that resulted in the approval of medical imaging devices that weren't actually safe. And, apparently, the complaints by the whistleblowers were convincing enough that there's now a Congressional investigation into "a substantial and specific danger to public safety" from this activity.
If the FDA were functioning as it was supposed to, it would have seen these complaints as a reason to investigate its own activities. Instead, in the supposed attempt to "stop leaks," the FDA used this info to try to squelch the attempt to have its own practices investigated.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: fda, key logger, leak, whistleblower
Reader Comments
Subscribe: RSS
View by: Time | Thread
Dat goverment's all about dat corruption dawg
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
I read the NYTimes article and I don't see any mention of actually monitoring Congressional Aides, only that they monitored the emails the scientists sent *to* Congress. That's a far far different thing and since these laptops are issued by the gov't, the gov't has every right to monitor anything done with them.
[ link to this | view in chronology ]
Re: Re:
It is for the people to monitor their government, not to be surveiled by it.
[ link to this | view in chronology ]
Re: Re:
I'll take "natural and legal rights" of the citizenry to an accountable government and safe medicine.
[ link to this | view in chronology ]
...
Damn what am I doing wrong? This trolling thing is hard...
[ link to this | view in chronology ]
Re:
B+
[ link to this | view in chronology ]
Re:
I think I make a better troll because I can make up things and raise completely unrelated arguments.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Just part of their device testing protocol...
[ link to this | view in chronology ]
Re: Just part of their device testing protocol...
i think what you mean is that the new CYA device will need to be wiped and testing started again!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
They should sue the FDA.
[ link to this | view in chronology ]
Re:
However, if the FDA logged the passwords and then *later* logged in to their email, that is not. But I don't see any mention of that in the NYT article.
[ link to this | view in chronology ]
Re: Re:
Besides, if there's enough sensitive information you have to block all access to the internet because you wouldn't be able to see exactly what's going through an encrypted connection that easily (please correct me if I'm wrong). I don't see how they could see who were the ppl the employees sent their e-mails on external webmails without effectively logging into their accounts.
All the rest is fair game, including monitoring what files go into what usb sticks and that's something we know it's done regularly within the US Govt from Bradley Manning's case (again correct me if I'm mixing up something but they got to him by checking the files that were transferred to a usb stick with his login).
[ link to this | view in chronology ]
Re: Re: Re:
The US government (USG) does have the right to monitor everything done on their computers and network because users may not log into a USG computer unless they agree to monitoring. All properly configured USG computers display a log-in warning banner that states the computer is an official USG computer to conduct USG business. The banner also states that there is no expectation of privacy, all activity is monitored, and by logging in the user consents to monitoring.
All USG employees and contractors are also required to complete annual FISSA training. A reminder that users consent to monitoring is also in that training. The USG also has an ROB that users must accept before they are allowed to use a USG computer, and guess what the ROB contains? That makes three notices warning of monitoring, one of which appears every time you log in.
The scientists only have a case if they were using a USG computer that did not have a warning banner, they never took FISSA training, and they did not sign an ROB.
Besides, if there's enough sensitive information you have to block all access to the internet because you wouldn't be able to see exactly what's going through an encrypted connection that easily (please correct me if I'm wrong).
All unsolicited SSL connection attempts from the Internet to USG computers are (well, are supposed to be) blocked. Outbound SSL connections are decrypted by the USG using a proxy similar to a man-in-the-middle attack.
I don't see how they could see who were the ppl the employees sent their e-mails on external webmails without effectively logging into their accounts.
Yahoo! webmail only encrypts authentication, everything else is sent in clear text which can be obtained through a network packet capture. I beleive GMail encrypts everything. Decryption of GMail is accomplished with a proxy as mentioned above.
[ link to this | view in chronology ]
well
that way they can just 100% refuse all licenses without $100 million dollar bribes
OMG the heads of the FDA have been taking bribes all the way upto july 2012 to pass completely unsafe drugs that cause spontaneous abortions and aneuryms? and would cream their pants for this kind of power?
say it aint so!
[ link to this | view in chronology ]
Re: well
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Its why the monitoring of citizens will lead to more monitoring. Because when you know what people actually think of you, you begin thinking there is a conspiracy behind every door.
[ link to this | view in chronology ]
To me it's rather simple: we tried playing nice relying on the relevant authorities to keep their hands of our privacy, they failed, it's time we take away all their control so they simply cannot abuse it.
[ link to this | view in chronology ]
Re:
How do you encrypt your keyboard strokes as they are being recorded by the OS?
Those people were using compromised computers, maybe that is a lesson to everyone to not trust a work computer ever.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
What else can I say that has not been said before.
[ link to this | view in chronology ]
Down with the US government
[ link to this | view in chronology ]