Single-Pixel Tracker Leads Paranoid Turkish Authorities To Wrongly Accuse Over 10,000 People Of Treason

from the tiny-web-beacons,-massive-consequences dept

We've written many articles about the thin-skinned Turkish president, Recep Tayyip Erdoğan, and his massive crackdown on opponents, real or imagined, following the failed coup attempt in 2016. Boing Boing points us to a disturbing report on the Canadian CBC News site revealing how thousands of innocent citizens have ended up in prison because they were falsely linked with the encrypted messaging app Bylock:

The Turkish government under President Recep Tayyip Erdogan links Bylock with treason, because of the app's alleged connection to followers of Fethullah Gülen, the man the Turkish government believes is behind the deadly 2016 coup attempt. Gülen denies the allegations.

Alleged Bylock users are a large part of the nearly 150,000 Turks detained, arrested or forced from their jobs under state of emergency decrees since the summer of 2016.

An estimated 30,000 are believed to be among the innocent swept up in this particular campaign, victims of the chaos, confusion and fear in Turkey.

It's bad enough that the Turkish authorities are equating the mere use of the Bylock app with treason. But it gets worse. It turns out that many of those arrested for that reason didn't even use Bylock, but were falsely accused:

it was due to a single line of code, which created a window "one pixel high, one pixel wide" -- essentially invisible to the human eye -- to Bylock.net. Hypothetically, people could be accused of accessing the site without having knowingly viewed it.

That line redirected people to the Bylock server using several other applications, including a Spotify-like music app called Freezy and apps to look up prayer times or find the direction of Mecca. Some people have been accused because someone they shared a wifi connection with was linked to Bylock.

According to the CBC News report, the single-pixel trackers that linked back to Bylock.net were used intentionally by the Bylock developers in order to muddy the waters, and make it harder to identify real Bylock users. However, it's not clear how these Web "beacons" came to be associated with other apps. Whatever the mechanism used to accuse innocent people, the Turkish authorities have confirmed indirectly that the misleading calls to Bylock.net did indeed take place, albeit releasing that information in a way that violates the victims' privacy pretty badly:

The Turkish government and the country's courts rarely admit they are wrong, but in December, they revealed the gravity of the mistake they'd made by publishing a list of 11,480 mobile phone numbers. Each number represented a person wrongly accused of terrorism in the Bylock affair.

As well as confirming that Turkey remains in the grip of institutionalized paranoia emanating from the country's president, this episode underlines just how serious the implications of single-pixel tracking can be. In an ideal world, such surreptitious tracking would not be taking place. As a second best, browsers would incorporate technology that warned users of such tricks and blocked their callbacks as a matter of course, but it's hard to see how this could be done in a way that isn't easily circumvented.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: bylock, evidence, pixel, tracking, treason, turkey

Germany Officially Drops Ridiculous 'Treason' Investigation Into Netzpolitik

from the took-long-enough dept

Last month, we wrote about how German officials were investigating the German news site Netzpolitik (which covers a lot of the same things that Techdirt covers) for treason. That was because of a few stories on Netzpolitik that published whistleblowing documents on plans to expand Germany's internet surveillance powers. The investigation resulted in widespread protests by people concerned about the chilling effects created by investigating reporters for possible treason for merely reporting on the news.

There was also plenty of disagreement within the government itself, with the German Justice Minister expressing his disapproval of the investigation and eventually firing the prosecutor after that prosecutor accused the Justice Minister of "encroaching" on his independence.

Now, a week later, German prosecutors have officially dropped the investigation, though it still raises questions about why it was started in the first place.

On Monday the federal prosecutor’s office said it was closing the case because it believed the leaked documents on which the website’s reports were based were not a “state secret”, and that other conditions for treason charges had not been met.

Thankfully, Markus Beckedahl, the editor-in-chief of Netzpolitik, does not want the matter to end there either. He wants to know why the investigation began in the first place:

Beckedahl suggested the decision to drop the inquiry was not enough. “We want to know precisely whether we were subject to surveillance measures during the almost three-month investigation,” he said. Beckedahl said he hoped the case would motivate authorities to improve protection for whistleblowers in Germany.

Hopefully, this does lead to much better protection for both journalists and whistleblowers.

Filed Under: germany, investigation, journalism, treason, whistleblowers
Companies: netzpolitik

Hundreds Of Journalists, Researchers, Concerned Citizens Sign Letter Protesting Netzpolitik 'Treason' Investigation

from the sign-the-letter dept

We've written a few times now about how the news site Netzpolitik has been investigated for treason for reporting on some efforts to expand German internet surveillance. The site published the leaked documents supporting that claim, which would be clearly protected by the First Amendment here in the US. However, in Germany, it resulted in a treason investigation... and widespread protests as people are quite rightly concerned about the chilling effects of targeting journalists. There's also been some political mudslinging as there's been some debate over whether or not the investigation should move forward.

Now a bunch of people (including me) have signed an open letter protesting the investigation. The statement is quite short and to the point:

"The investigation against Netzpolitik.org for treason and their unknown sources is an attack against the free press. Charges of treason against journalists performing their essential work is a violation of the fifth article of the German constitution. We demand an end to the investigation into Netzpolitik.org and their unknown sources."

You can also see the statement in a variety of other languages as well. The statement has received many hundreds of signatures already and you can add your name as well.

Filed Under: free speech, germany, journalism, surveillance, treason, whistleblower
Companies: netzpolitik

German Justice Minister Fires Top Prosecutor Over 'Treason' Probe Into Journalists After War Of Words

from the escalation-issue dept

We've written a couple stories already about the ridiculous (and chilling) decision by German prosecutors to investigate the news site Netzpolitik for treason in publishing a couple of stories about plans to expand German surveillance capabilities and powers, with whistleblowers as sources. Things have become fairly heated over the past few days and appear to have just resulted in the country's Justice Minister firing the top prosecutor behind the investigation.

On Friday, Justice Minister Heiko Maas said publicly that he didn't think the investigation was appropriate and that he had told the chief federal prosecutor Harald Range exactly that. Following this, Range announced that he was pausing the investigation "for the good of press and media freedom," but then lashed out angrily at Maas, saying that his statements were "an intolerable encroachment on the independence of the judiciary." Details of internal discussions quickly slipped out into the public, after Range had told Maas he was intending to continue the investigation after an "independent" expert he had brought on determined that the documents revealed by Netzpolitik did contain state secrets.

[Range] said the independent expert had agreed that the documents appeared to be state secrets, as asserted by domestic security agency chief Hans-Georg Maassen.

Range said he had informed the justice minister of this but was told "to immediately stop" the process of commissioning outside advice.

The chief prosecutor said he had complied, but he added angrily that "to exert influence on an investigation because its possible outcome may not be politically opportune represents an intolerable encroachment on the independence of the judiciary".

"I saw myself obliged to inform the public about this," he added in a statement.

On the broader Netzpolitik case, he said: "The freedom of the press and of expression is a valuable asset.

"But this freedom, including on the Internet, is not limitless. It does not absolve journalists of the duty to comply with the law."

And... in response to that, it appears that Maas has fired Range:

"I have told federal prosecutor Range that my trust in his ability to fulfill the office has suffered lasting damage and therefore in agreement with the Chancellery I will request his retirement today," Maas told reporters in Berlin.

Maas also claims that Range's statement about Maas telling him to stop commissioning outside advice was "false."

The whole thing appears to have turned into quite the soap opera. Over the weekend, I had a long discussion about this case with someone quite knowledgeable about German law and legal process, who noted that the situation may not be quite as troubling as some are making it out to be, because all of this needs to happen in public under German law (including the notification of the investigation) unlike the American system, under which a grand jury can proceed with an investigation for years in total secrecy. And while the publicity around this investigation appears to be having an impact on (hopefully) curtailing and ending this investigation, it does not change the fact that the investigation happened in the first place, or the kind of chilling effects that it is clearly creating for journalists and whistleblowers alike.

Filed Under: constitutional crisis, free press, free speech, germany, harald range, heiko maas, investigation, treason
Companies: netzpolitik

Yes, German Authorities Are Pushing Treason Charges Against Netzpolitik For Publishing Surveillance Plans

from the this-is-ridiculous dept

A few weeks ago, we reported that it appeared German investigators were investigating the excellent German news site Netzpolitik, which covers a lot of the same issues that we do at Techdirt, with a similar sensibility. Netzpolitik had just published stories concerning plans to expand German bulk surveillance efforts to internet users, as well as plans by the German Secret Service to expand its internet surveillance capabilities. As part of this, the site (like we do) published source documents concerning those plans. The site's editor-in-chief Markus Beckedahl, noted:

Naturally, we uploaded the original documents relating to our article because there was still enough disk space and because it is part of our philosophy to enable our readers to inform themselves using the original source. Thus, they can scrutinise us and our reporting.

This resulted in claims of an investigation for "treason," though some later clarified that it appeared that the investigation was into who leaked the info to Nezpolitik, and the site's staff were seen as witnesses, rather than potential defendants. Except... nope. It looks like the original fears were accurate.

Netzpolitik has received a letter from the German government telling it that Netzpolitik staffers are being investigated for treason:

If it were up to the Federal Attorney General and the President of the German Domestic Security Agency, two of our reporters would soon be in prison for at least two years. Today, we were officially informed about investigations against our Markus Beckedahl, Andre Meister and an "unknown" party. The accusation: Treason.

Today, we received a letter from the Federal Attorney General of Germany confirming ongoing investigations against our reporters Markus Beckedahl, Andre Meister and an "unknown" source, suspecting us of treason according to the German Penal Code:

Whosoever […] allows a state secret to come to the attention of an unauthorised person or to become known to the public in order to prejudice the Federal Republic of Germany or benefit a foreign power and thereby creates a danger of serious prejudice to the external security of the Federal Republic of Germany, shall be liable to imprisonment of not less than one year.

Until now, we were reported merely as witnesses in the case, but now we shall be held responsible (for treason) like our unknown source(s) – as joint principals.

As Netzpolitik itself notes, this is an incredible attack on the freedom of the press, and the site says it's geared up to fight. Either way, this should really call into question the priorities of the German government, looking to intimidate reporters, rather than hold an open debate about surveillance practices. Makes you wonder what else they're afraid is going to come out....

Filed Under: germany, journalism, markus beckedahl, surveillance, treason, whistleblowers
Companies: nezpolitik

Germany's Leading Digital Rights Blog Netzpolitik.org Accused Of 'Treason' After Leaking Bulk Surveillance Plans

from the still-enough-disk-space dept

Netzpolitik.org is arguably the most influential German blog in the realm of digital rights. It played a key role in marshalling protests against ACTA three years ago. You'd think the German government would be proud of it as an example of local digital innovation, but instead, it seems to regard it as some kind of traitor:

The president of the German domestic secret service has filed criminal charges with the public prosecutor because of two of our articles. The accusation: leaking state secrets.

Those two articles concerned a leak about extending bulk surveillance of online users (original in German), and plans to create a new department of the German secret service to extend its Internet surveillance capabilities (in English.) As Netzpolitik's founder and Editor-in-chief, Markus Beckedahl, explains, he decided to publish this information because it showed that despite Edward Snowden's revelations about NSA surveillance, the German government still thinks the best way of spending taxpayers' money is by spying on them. He adds:

Naturally, we uploaded the original documents relating to our article because there was still enough disk space and because it is part of our philosophy to enable our readers to inform themselves using the original source. Thus, they can scrutinise us and our reporting.

Apparently, this suffices for a twice charge for treason because it seems to be confidential when the Federal Office for the Protection of the Constitution expands the Internet’s surveillance and keeps social networks under surveillance using the dragnet principle. This affects everybody, e.g. we could be under surveillance because we have sign up for the same Facebook event as a potential terrorist. But a public debate thereon is undesired.

This is not the first time that the German government has given Netzpolitik.org a hard time:

Already in the autumn of 2014, the German Federal Chancellery (German: Bundeskanzleramt, translator’s note) has threatened us with a charge which was also announced but later on abandoned.

Like the present case, that seems a clear attempt to intimidate reporting. As Beckedahl points out, even though the new hunt for whistleblowers is not aimed directly at the blog and its journalists, they are likely to be caught up in any investigation, probably just to act as a warning:

It is very rare that the German Federal Public Prosecutor investigates against journalistic sources. We could not find any case since 2005. Now we shall experience the full rigour of the constitutional state. The charge is not directed straight to our reporting but we are nevertheless affected. We are mentioned and have to expect to be under surveillance and possibly to be subject to a house search.

What makes this kind of bullying doubly outrageous is that there is a rather bigger story regarding the press in Germany: the fact that both the NSA and CIA spied on the news magazine Der Spiegel. And yet rather than investigate that fact, or that other newspapers seem to have been victims too, the German government is more concerned about intimidating journalists that dare to report on its own plans to spy on millions of its citizens.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: chilling effects, digital rights, germany, investigative reporting, surveillance, treason, whistleblowing
Companies: nezpolitik

Though Wrong About 'Treason', Yahoo's Marissa Mayer Shows Why It's Hard To 'Just Say No' When The NSA Comes Calling

from the that's-not-true dept

We were just having a discussion in our comments about how companies should respond to NSA (and other law enforcement) requests for information. Many of our commenters take the extreme positions that companies should never abide by such requests and should always reveal them publicly. I tend to take the view that this is a counterproductive approach that is much more likely to destroy a company and have the execs end up in jail. So, I can kind of see where Yahoo CEO Marissa Mayer is coming from when she was asked about the NSA efforts and falsely stated it would be "treason" to disobey:

"Releasing classified information is treason. It generally lands you incarcerated," she said, clearly uncomfortable with the turn of the conversation.

She repeated that claim again later, so it wasn't a one-off thing:

"I'm proud to be part of an organization that from the very beginning in 2007, with the NSA and FISA and PRISM, has been skeptical and has scrutinized those requests. In 2007 Yahoo filed a lawsuit against the new Patriot Act, parts of PRISM and FISA, we were the key plaintiff. A lot of people have wondered about that case and who it was. It was us ... we lost. The thing is, we lost and if you don't comply it's treason."

First off, let's get this out of the way: she's wrong. It's not treason. Not by any stretch of the imagination. Treason is defined in 18 USC 2381, and revealing classified info isn't there:

Whoever, owing allegiance to the United States, levies war against them or adheres to their enemies, giving them aid and comfort within the United States or elsewhere, is guilty of treason and shall suffer death, or shall be imprisoned not less than five years and fined under this title but not less than $10,000; and shall be incapable of holding any office under the United States.

Releasing classified information to the public is not covered. She is right that Yahoo fought a key FISA court lawsuit and lost -- and she's right that if Yahoo didn't comply, it (and its executives) would be in serious trouble, but not treason-level trouble.

That said: this does raise a serious question about what companies can do. I know that many don't trust any other process to get this information out there. And, like everyone else, I'm happy that some individuals such as Ed Snowden and Chelsea Manning had the courage to blow the whistle and reveal government misdeeds. And I'd likely support other individuals and companies that choose to take a stand and reveal government wrongdoing. But it's a step too far to claim that it's a requirement when it's not your life on the line. And, for many companies it's not hard to recognize that there are strategies that are likely to be much more effective than flat out breaking the law. Doing so would not just open them up to a lawsuit that would be expensive, but would also open them up to being tarred and feathered by a large portion of the population. And that would likely make any "statement" they were making much less effective.

Even Lavabit, which many of us respect for choosing to shut down in the face of a government order, has not revealed the nature of that order, knowing that doing so would be monumentally stupid in the long run and counterproductive.

Strategy involves thinking multiple moves ahead, not just making the one big move upfront. That's how you lose. These fights and the efforts to stop government surveillance will die an early death if companies just flat-out ignore FISA Court orders. First off, many of them are legit, even if some people don't want to recognize that. But, more importantly, there are multiple ways you fight back against these programs, and blowing the entire strategy upfront by publicizing a single request like that is almost certainly destined to backfire. Snowden didn't just reveal the first document he came across. He planned out a detailed strategy. Assuming companies should blow a ton of goodwill and the power to effect real change by revealing the first FISA Court order that comes along, even if it's legitimate, is a quick way to destroy the company, the lives of execs, and do little to create actual change.

Marissa Mayer is wrong to claim that it's treason, but she's right that there are limits to what a single company can do. Yes, we can hope that more companies fight back against more secret orders, but at some point reality has to be a part of the discussion.

Filed Under: fisc, marissa mayer, nsa, nsa surveillance, prism, tech industry, treason
Companies: yahoo

Wikileaks Afghan War Document Leak Again Raises Questions: Treason Or Whistleblowing?

from the depends-on-who-you-ask dept

A few weeks back, as part of our discussion on the arrest of Bradley Manning for handing over classified documents to Wikileaks, we questioned where to draw the line between "whistleblowing" and "criminal" leaking of military secrets. At the time, we compared the situation to Daniel Ellsberg and the Pentagon Papers. With the the new leak of nearly 100,000 documents about the war in Afghanistan, that same question is getting a lot more attention.

Ellsberg says that the leak is no different than the Pentagon Papers. Both involved massive leaks that showed a government was not being entirely forthright with the public about the status of a war. Others in that article suggest there are some key differences, in the lack of any smoking gun of direct lying by the government (in the latest case, it was more about just not telling the full truth), as well as the scattershot nature of the content. But that's no matter to some grandstanding politicians, like Rep. Pete King who were quick to call the leak treasonous and demand prosecution of those involved (he seems to imply that he believes Manning leaked these documents, though no one has said that conclusively yet).

Of course, that was the strategy taken by the Nixon White House in response to the Pentagon Papers -- to attack the messenger. It looks like the Obama White House is taking a rather different response. While worrying about how the leaks could "jeopardize" people or operations on the ground, the White House is actually trying to turn the few revelations into an advantage, by claiming that the information revealed support the strategy the military has taken under his watch. Whether that's true or not, this actually does seem like the type of response that could diffuse the criticism much faster than simply screaming "traitor!"

Of course, some of the revelations, such as the news that the US was paying Afghani press people to run positive stories about the US don't look good at all, no matter how you spin them.

On the whole, it seems like the debate about whether this is "whistleblowing" or "traitorous" behavior misses the point. The fact is, information like this is going to get out -- probably at an increasing rate. The real question is how does the government and the military learn to function in a society where information is a lot more open and free.

Filed Under: journalism, treason, whistleblowing, wikileaks
Companies: wikileaks