Did New Zealand Spooks Tap Into PRISM To Spy On Dotcom?

from the suggestive dept

As Techdirt has reported, the attempts to extradite Kim Dotcom from New Zealand to the US have turned into one of the most catastrophically bungled legal cases in a long while. One of the biggest scandals to emerge was that New Zealand citizens had been wiretapped in an effort to gain evidence against Dotcom, since domestic spying was forbidden there just as it is in the US (oh, wait...). Unfortunately, rather than rapping knuckles and telling the local spooks not to do it again, the New Zealand government has instead just brought in new legislation to make it legal in the future.

But it seems that the revelations in the Dotcom case aren't over yet. A story on the Australian site ITnews drawing on a blog post by Keith Ng has the following remarkable claim:

Police affidavits related to the raid on Kim Dotcom's Mega mansion appear to show that New Zealand police and spy agencies are able to tap directly into United States surveillance systems such as PRISM to capture email and other traffic.

Here's why Ng thinks that's the case. On page 13 of the Kim Dotcom affidavits (pdf), which have been released in a redacted form (and are embedded below), there is a request from the Organised and Financial Crime Agency New Zealand (OFCANZ) to the Government Communications Security Bureau (GCSB), New Zealand's signals intelligence unit, to "conduct SIGINT analysis against persons associated with Mega Media Group" -- notably Kim Dotcom.

The police then provided a list of what page 19 of the affidavits calls "selectors" -- precisely the word used by the NSA for PRISM search terms. Page 17 contains some more tantalizing hints of what is going on, as Ng explains:

The selectors were entered into █████, in an email classified as "SECRET//COMINT//REL TO NZL, AUS, CAN, GBR, USA". In other words, the selectors were entered into a secret communications intelligence system, and this secret system was considered related to Five Eyes

"Five Eyes" is the cosy club of Anglo-Saxon countries -- US, UK, Canada, Australia and New Zealand -- that form a kind of inner circle for swapping surveillance information. It's probably fair to say that these documents don't constitute cast-iron "proof" that the New Zealand police drew on information from PRISM supplied through the Five Eyes collaboration, although it is certainly consistent with that. However, what this does show without doubt is that Kim Dotcom's case was being discussed with New Zealand's spy agency in the context of the Five Eyes group.

At the very least, this demonstrates the completely disproportionate lengths to which the New Zealand government was prepared to go in order to try to obtain evidence against Dotcom for a case that was essentially about alleged copyright infringement. It may even be the first indication that PRISM's global surveillance system is also being deployed in areas that have nothing to do with terrorism or serious threats to the US or its citizens.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Filed Under: kim dotcom, new zealand, prism, privacy

Kim Dotcom Planning To Invest In Privacy Startups

from the actions-have-consequences dept

We were just discussing how there's a sudden renewed interest among many entrepreneurs to build much more security and privacy conscious apps. In that post, we noted that Kim Dotcom's Mega is working on encrypted chat and email, but it appears he wants to go much further. He's now announced that he's starting a venture capital fund for privacy-focused startups as well. Of course, it will be interesting to see what the actual details are and what comes out of it, but it's yet another sign that the revelations that have come out about widespread government surveillance many lead to a much needed refocusing on how to build much more secure and private systems in this digital era. It seems odd to think that, indirectly, the US government's highly questionable legal assault on Dotcom may eventually lead to the funding of a variety of applications and services that block out the US government's prying eyes.

Filed Under: investments, kim dotcom, privacy, security, venture capital
Companies: mega

Kim Dotcom's Lawyer Says DOJ 'Blessed' Destruction Of Evidence In Megaupload Case

from the that-can't-be-good dept

Last week we wrote about the reports from Kim Dotcom that the main European hosting provider that Megaupload had used, Leaseweb, had deleted all of the data on the over 600 servers Megaupload had leased from the company with no warning. That's kicked off something of a he said / she said between the two sides concerning what communications and business offers were made, and on the timing of everything. It does seem clear that both Dotcom's lawyer and the EFF sent Leaseweb a notice to preserve the data, as it was a part of an ongoing criminal case. Leaseweb argues that it replied to these concerns and that it had no legal obligation to keep the data, but did so anyway for many months, before reprovisioning the servers. It also claims it gave Megaupload notice of these plans.

There's some suggestion that Dotcom may sue Leaseweb over all of this, but a much more interesting point is made all the way at the end of Ars Technica's coverage of the story, in which Dotcom's lawyer, Ira Rothken, is quoted about the DOJ's role in all of this:

"We learned that the [United States Department of Justice] blessed the LeaseWeb data destruction and we will raise these issues at the appropriate time with the Federal Court in the US."

Of course, that's the big issue here. If the DOJ blessed the destruction of evidence in a criminal case, that's going to look very, very bad for the DOJ, and make it a lot more difficult for them to have this case succeed. Of course, as we've discussed, almost from the very beginning, it has appeared that the DOJ wanted evidence destroyed in this case (that's from less than two weeks after the evidence was seized). It seems fairly incredible that this has remained the DOJ's position, since it seems like an issue that is almost certain to be raised in court. If the DOJ is so confident in their case, why would it support the destruction of evidence?

Filed Under: destruction of evidence, doj, evidence, ira rothken, kim dotcom
Companies: leaseweb, megaupload

LeaseWeb Deletes Megaupload's Servers Without Warning, Destroying Key Evidence

from the yikes dept

Last year, we found it absolutely bizarre that the DOJ would seize all of Megaupload's servers, and then, just weeks later, tell its hosting partners that they could wipe those servers clean. Considering that the servers held key evidence that might exonerate the defendants in a criminal trial, it seemed insane that the DOJ was advocating for the destruction of evidence. A judge later told hosting company Carpathia that it needed to preserve the data, rather than delete it. Carpathia was annoyed at the expense, and Megaupload asked the government to free funds for the purpose of keeping the data maintained.

However, now it appears that another hosting partner of Megaupload, LeaseWeb, has wiped Megaupload's servers clean, destroying all of the evidence, without any warning. Kim Dotcom has pointed out that his lawyers had repeatedly asked LeaseWeb not to destroy the evidence, so they were clearly on notice that they held key evidence in a criminal lawsuit, but they chose to destroy it anyway.

Even though the DOJ both supported this destruction of evidence and refused to release the funds to maintain it, it really seems like this could come back to bite the DOJ badly, because Dotcom and the other defendants can now point to the fact that the DOJ allowed for the destruction of key evidence that might prove their innocence. What a bizarre move by the DOJ.

Filed Under: destruction of evidence, doj, evidence, kim dotcom, servers
Companies: megaupload

Extradition Trial For Kim Dotcom Pushed Back Again

from the stalling,-stalling dept

It's not entirely clear why this is happening, but it appears that the hearings concerning Kim Dotcom's extradition have been postponed yet again (apparently for the 4th time). It mostly seems to have to do with this whole issue of getting access to the evidence against him, which the US has been fighting.

His extradition hearing has already been delayed several times due to legal action relating to an illegal raid on his home and disclosure of evidence relating to his case.

A hearing in August has now been put off until April next year.

But a tentative date has been set for November, just in case a final ruling on whether his lawyers should have access to evidence, is quickly made.

Either way, it seems like this case may drag on for quite a while.

Filed Under: doj, evidence, extradition, fbi, kim dotcom, new zealand
Companies: megaupload

New Zealand High Court Orders Kiwi Police & FBI To Return Seized Hard Drives To Kim Dotcom

from the another-failure dept

The investigation and arrest of Kim Dotcom continues to show itself to be an operation that was poorly thought out, where clear liberties were taken by law enforcement who so believed the "Dr. Evil" image that the MPAA set up for them that actually following official procedures seemed of little importance. They really seemed to think that they could do anything and Dotcom would cave. But, as he's challenged a variety of points, and won most of the battles, the carelessness and sloppiness of the whole production keeps getting highlighted over and over again. The latest example: a court has ordered New Zealand police to give Dotcom back "all digital material taken illegally" during the raid, and also "to return anything irrelevant to their investigation" -- and they need to do all of this at their own cost. And, yes, this includes the cloned hard drives that were already sent to the FBI in the US. The court also said that further copies of the cloned hard drives must be destroyed.

The judgement, made by chief High Court justice Helen Winkelmann today, says the seizure of devices without sorting them first was unlawful, and that the police have no right to keep irrelevant material.

[....] "The warrants could not authorise the permanent seizure of hard drives and digital materials against the possibility that they might contain relevant material, with no obligation to check them for relevance," Winkelmann wrote. "They could not authorise the shipping offshore of those hard drives with no check to see if they contained relevant material. Nor could they authorise keeping the plaintiffs out of their own information, including information irrelevant to the offences."

It will be interesting to see how the FBI reacts. Winkelmann told NZ law enforcement that it must inform the FBI of the order. I expect that the FBI will proceed to completely ignore the order, but I imagine that that, too, may complicate the extradition case.

Just a suggestion for the US DOJ and New Zealand Law Enforcement: next time, before rushing off when Chris Dodd and his buddies point their finger at someone and claim they're "evil," perhaps you should actually follow the law, rather than pretending you're a bunch of cowboys setting up a Hollywood-style raid to make Dodd happy.

Filed Under: evidence, extradition, fbi, helen winkelmann, illegal seizures, kim dotcom, new zealand high court, police
Companies: megaupload

Hollywood Studios Send DMCA Takedowns Over Kim Dotcom's Mega Service

from the they-really-don't-like-that-guy dept

Kim Dotcom launched his "Mega" service to great fanfare a few months back. Since then it hasn't really gotten much press coverage, but it appears that the Hollywood studios are looking to change that, sending DMCA takedown notices to Google to remove the Mega.com front page. You could understand it if it was a particular link to an infringing file (and, Mega itself claims to be completely complaint with any such DMCA notices). But, in this case, we have NBC Universal -- already known for being a bit overaggressive with these sorts of things -- sending a takedown notice that includes the very front page of Mega.co.nz, despite the fact that the front page has no links at all. They're claiming that the front page contains its film Mama. Meanwhile, Warner Bros. is claiming in a DMCA takedown that Mega.co.nz should be removed because it has its movie Gangster Squad.

Normally, we give the studios the benefit of the doubt, and we chalk these sorts of things up to over aggressive automated takedowns , but at this point you have to wonder if the studios aren't just attacking Mega because they can. They absolutely hate Dotcom with a passion well beyond any reason, and now that Google has told them it will hurt the search rankings of sites that receive too many DMCA notices, they have a direct incentive to look to weaken Mega, as it's something they're fearful of, in part because they don't understand it. Once again, though, we see that the major Hollywood studios completely abusing the DMCA takedown process. Is it any wonder they're so adamant that they shouldn't get in any trouble for filing bogus DMCA takedown notices?

Filed Under: dmca, kim dotcom, takedowns
Companies: mega, nbc universal, warner bros.

Copyright... Patent... It's All The Same To The World's Third-Largest News Agency

from the patent-that-catchphrase,-yo dept

While we realize that the intricacies of IP law (and its often-attendant ridiculousness) can be rather difficult for the average, uninterested person to parse, it's really not asking too much to expect large international news agencies to make an effort to get the terminology right.

As you recall, Kim Dotcom recently announced he holds a patent for two-factor authentication, which he then waved in the direction of other internet titans like Twitter and Google, promising not to sue in exchange for contributions to his legal defense fund.

Here's how AFP (Agence France-Presse), the third-largest news agency in the world (and one of the oldest) titled its coverage of the Dotcom/patent story: Kim Dotcom might sue Twitter, Google and Facebook over copyright infringement.

Congratulations, AFP. The headline sounds like Facebook itself wrote it, using machine learning to gather IP-related flotsam from the feeds of millions of teenagers, each one bragging about trademarking their copyright on some catchy phrase they misheard on Twitter ("Be careful talking when you have a mouthful of glass") and regurgitating its findings in 40-pt font across the top of Raw Story's piped-in news selection.

The story reiterates the "copyright" claim in the opening paragraph.

Internet mogul Kim Dotcom said Thursday he was considering taking legal action against tech giants such as Twitter, Google and Facebook for infringing copyright on a security measure he invented.

Then it quotes Dotcom tweeting about his patent and even remarks on the fact that Kim posted a patent approved in 2000 as proof. But, even with multiple chances to rescue this story from the unfortunate headline, AFP continues down its chosen path.

Dotcom said he had never sought to enforce copyright on his invention but was now reconsidering in light of the US case accusing him of masterminding massive online piracy through his now-defunct Megaupload file-sharing site.

Now, the hypothetical teens used above can be excused their (hypothetical) ignorance. But a news agency, especially one of AFP's size and longevity? Not a chance. It's especially inexcusable when AFP seems to know the correct terminology when its suing Google for linking to its stories or suing a photographer whose photographs it used without permission. (No, you read that last part right.)

Perhaps AFP truly doesn't understand the definitions and limitations of various IP protections. It certainly doesn't seem to be too well-informed in the linked stories. Maybe AFP views all IP terms as interchangable. It may be striving to know just enough to be dangerous, but to date, it only seems to have gathered enough knowledge to injure itself.

Filed Under: copyright, intellectual property, journalism, kim dotcom, patents, reporting, two factor authentication
Companies: afp

Kim Dotcom Threatens To Sue Google, Facebook And Twitter Over 2-Factor Authentication Patent If They Don't Help Him

from the hmmm dept

So, a lot of people are talking about Kim Dotcom's latest gambit, which was to point out that he holds a patent (US 6,078,908 and apparently others in 12 other countries as well) that covers the basics of two-factor authentication, with a priority date of April of 1997. While interesting, he goes on to point out that he's never sued over the patent because "I believe in sharing knowledge and ideas for the good of society."

But... he says he may sue them now. Specifically, he's asking them to help fund his defense, in exchange for not getting sued for the patent. He points out that his actual funds are still frozen by the DOJ and (more importantly) that his case actually matters a great deal to Google, Facebook and Twitter, because the eventual ruling will likely set a precedent that may impact them -- especially around the DMCA. That's actually a pretty good reason for the tech industry to think about participating in the case even if they don't like Dotcom at all and don't want to be associated with him. Bad cases make dangerous caselaw, so having a good defense would be useful.

That said, the threat of suing over a patent if they don't fund his defense seems like a potentially poorly thought out strategic move that could backfire. Remember, Dotcom has been hit with racketeering claims, and I would think that anything that implies "give me money or I'll sue" isn't the best move for someone already facing racketeering charges.

Filed Under: copyright, dmca, kim dotcom, lawsuits, patents, threats, two factor authentication
Companies: facebook, google, twitter

NZ Supreme Court Will Review Kim Dotcom's Extradition Case

from the not-over-yet dept

Back in March, we noted that while a district court had ordered the US to hand over the evidence it was planning to use against Kim Dotcom, an appeals court had overturned that ruling, and said that the evidence wasn't needed for the extradition fight. Dotcom immediately appealed to New Zealand's Supreme Court, who has now said that it will review that ruling as well, so this case will continue to drag on for some time.

Filed Under: doj, evidence, extradition, fbi, kim dotcom, new zealand, supreme court
Companies: megaupload