Home Tags Islamic State

Tag: Islamic State

Ever visited a land now under Islamic State rule? And you...

Uncle Sam turns up the heat on visa hopefuls US embassies have been told to examine social media accounts of visa applicants who have ever set foot in Islamic-State-controlled areas.…

ISIS builds quadcopter “bomber” with DJI drone and badminton supplies

Downed drone outside Mosul shows off-the-shelf tech creatively used to kill.

Former US Army National Guard member jailed for supporting ISIS

The 27-year-old has been charged with attempting to help members of the Islamic State of Iraq and the Levant (ISIL).

Families of ISIS victims sue Twitter for being 'weapon for terrorism'

The families of three Americans killed in ISIS terror attacks are suing Twitter for allegedly knowingly providing support for the terrorist group and acting as a “powerful weapon for terrorism.” The suit was filed over the weekend in a federal court in New York City on behalf of the relatives of three U.S. nationals who were killed by ISIS in the March 22, 2016, terrorist attacks in Brussels and the Nov. 13, 2015, terrorist attacks in Paris.

At least 32 people died in the Brussels attack and about 130 in the attack in Paris. The suit alleges that Twitter has violated, and continues to violate, the U.S.

Anti-Terrorism Act.

The plaintiffs are asking for a jury trial and monetary damages to be determined at trial. Twitter did not reply to a request for comment. “Twitter’s social media platform and services provide tremendous utility and value to ISIS as a tool to connect its members and to facilitate the terrorist group’s ability to communicate, recruit members, plan and carry out attacks, and strike fear in its enemies,” the suit alleges. “ISIS has used Twitter to cultivate and maintain an image of brutality, to instill greater fear and intimidation, and to appear unstoppable ...” The lawsuit also contends that specifically for the Brussels and Paris attacks, ISIS used Twitter to issue threats, as well as to announce and celebrate the attacks. The lawsuit was filed by the family of siblings Alexander Pinczowski and Sascha Pinczowski, who were killed in Brussels, and the family of Nohemi Gonzalez, who was killed in Paris. Last year, another lawsuit was filed by Gonzalez’s father against Twitter, Facebook and YouTube for allegedly knowingly allowing ISIS to “use their social networks as a tool for spreading extremist propaganda, raising funds and attracting new recruits.” In December, the families of three victims of the June shooting at the Pulse nightclub in Orlando, Florida, sued Facebook, Twitter and Google, the owner of YouTube, for allegedly ”providing support to the Islamic State.” Forty-nine people were killed in the attack. The question, if either case goes to trial, is whether a social network can be held responsible for the actions of any of its users. “While I certainly can sympathize with the families, it’s hard for me to see how Twitter can be held responsible for the rise of ISIS and their terror activities,” said Dan Olds, an analyst with OrionX. “Let’s imagine the world a few decades ago, before the internet. Would someone try to hold AT&T responsible for criminal activities that were planned over the telephone? Or is the printing press manufacturer responsible for magazines that encourage terrorism that were printed using presses they built and sold? “ In response to the attacks, Twitter took steps to prevent terrorists from using its network. In August, the company reported that in the previous six months, it had suspended 235,000 accounts for violating its policies related to the promotion of terrorism. That was in addition to 125,000 accounts that been suspended since mid-2015, bringing the total number of terrorist-related suspended accounts to 360,000. “We strongly condemn these acts and remain committed to eliminating the promotion of violence or terrorism on our platform,” the company said in a blog post at the time. Judith Hurwitz, an analyst with Hurwitz & Associates, said it would be a significant challenge for Twitter to keep terrorists completely off its site. “Perhaps Twitter could do a better job identifying users who are terrorists,” she said, saying the company would likely need advanced machine learning tools to weed out the bad players. “Of course, it would have to be advanced… Remember that terrorists are very good at adapting.
If they are thrown off of the system, they can come back with a different persona and try to game the system.” Brad Shimmin, an analyst with Current Analysis, said social networks like Twitter, Facebook and Google can’t be held responsible for their users’ actions. “There is no way of effectively policing those sites based upon affiliation or behavior,” Shimmin said. “Twitter itself has gone to some extreme measures to single out and remove accounts engaged in this sort of thing.

That will help, and I think such efforts are a moral responsibility for Twitter and other social networking vendors, but those actions can’t rule out future misuse.” Olds said it would be impossible for Twitter to keep terrorists from using its site 100% of the time, but the company could do a better job of curtailing it. “Terrorist messages should be able to be rooted out with some solid language processing software,” Olds said. “I’d like to see them do more along these lines.

The technology is there, they just need to adapt it to anti-terrorist tasks.” If Twitter loses the lawsuit and is ordered to pay significant damages, the impact on other social networks would be chilling, he said. “Social networks would be forced to keep a much closer eye on user activities and crack down on anything that could be interpreted as ‘bad,’ “ Olds said. “The end result would be self-imposed censorship on the part of the nets, which would greatly upset many users.

But I just don’t see this happening—at least not with this case.” This story, "Families of ISIS victims sue Twitter for being 'weapon for terrorism' " was originally published by Computerworld.

Ex-soldier pleads guilty to terror crime after not revealing iPhone PIN

Welshman insisted he was travelling to fight Islamic State and help war victims A former soldier from Wales has pleaded guilty to a terrorism offence after failing to reveal his mobile phone PIN to police. Robert Clarke, a 23-year-old former Royal Artillery soldier from Carmarthenshire, pleaded guilty to obstructing a search under Schedule 7 of the Terrorism Act 2000, according to the Press Association (via Wales Online). Clarke had been arrested at Heathrow Airport in September as he tried to leave the UK to go and fight against Islamic State terrorists in Syria. Police had been tipped off that he was using social media to tell world+dog that he wanted to go to Syria to fight Islamic State.

Anti-terror cops tried to pressure him out of his plan, visiting him on four separate occasions. He was stopped and searched, and then arrested, in September while waiting to board a flight to Jordan, from where he planned to join Kurdish anti-IS militants. Police seized his passport and phone and drove him back to Wales.

A police statement from the time claimed that Clarke was arrested "on suspicion of terrorism offences". While technically correct in a narrow sense, Clarke's offence was to obstruct a search carried out under the notorious Schedule 7 of the Terrorism Act 2000 – not in itself a terrorist crime as ordinary people would recognise. He refused to give police the PIN to his iPhone, claiming that he used the fingerprint access method and that he couldn't remember the numerical PIN.

A PIN he gave them allegedly did not work. Clarke said that he planned to travel to "assist victims of war", though Crown prosecutor Louise Gray said his luggage included "military paraphernalia" and items with which to "defend himself with". According to the Mail Online, Clarke told police at the airport: "I ain't telling you shit, charge me with perverting the court of justice, fuck your interview and fuck you." He was reportedly remanded in custody after speaking out about his arrest and identifying himself, which caused a deluge of death threats from people claiming to be Islamist terrorists.

This in turn led to a spell in solitary confinement in prison as his safety allegedly could not be guaranteed by guards. The unemployed ex-soldier pleaded guilty to obstructing or frustrating a search, contrary to article 18(1) of schedule 7. He was handed a 12-month community service order, banned from leaving the UK for a year and ordered to complete 50 hours of unpaid work.
In addition, Clarke was fined £85 for the government's victim surcharge fund.

The maximum punishment available to the State under article 18 is three months' imprisonment or a fine of up to £2,500. Sentencing him at Westminster Magistrates' Court yesterday, District Judge John Zani said: "I'm afraid, Mr Clarke, we live in difficult and potentially dangerous times and whatever frustration you felt has to be relaxed when you are asked to supply necessary information by the police officers merely doing their job." Section 49 of the Regulation of Investigatory Powers Act allows a whole host of state agencies to demand your password. Refusing to hand it over under that provision is also a criminal offence, albeit carrying far harsher penalties than obstructing a Schedule 7 search.

Although section 49 was not invoked in Clarke's case, the use of the Terrorism Act offence is a neat way of ensuring the serious stigma of being convicted of a "terrorism offence" follows him round for the rest of his life. ® Sponsored: Customer Identity and Access Management

2017: A Year of Acute Uncertainty For Business – RiskMap 2017...

Press Release Challenge to globalisation and free trade highlighted by US election and Brexit referendum ushers in year of heightened strategic uncertainty for business The distinction for businesses between perceived safe domestic markets and foreign ones rife with challenges has become marginal as risks increasingly come home through political, cyber and terrorism threats A US-led brake on regulation could transform the global regulatory environment London, Monday 12 December, 2016.

Control Risks, the specialist risk consultancy, today publishes its annual RiskMap forecast, the leading guide to political and business risk and an important reference for policy makers and business leaders. Richard Fenning, CEO, Control Risks, said: “The unexpected US election and Brexit referendum results that caught the world by surprise have tipped the balance to make 2017 one of the most difficult years for business’ strategic decision making since the end of the Cold War. “The catalysts to international business – geopolitical stability, trade and investment liberalisation and democratisation – are facing erosion.

The commercial landscape among government, private sector and non-state actors is getting more complex.” The high levels of complexity and uncertainty attached to the key political and security issues for the year, highlighted by RiskMap, mean that boards will need to undertake comprehensive reviews of their approaches to risk management. Control Risks has identified the following key business risks for 2017: Political populism exemplified by President-elect Trump and Brexit.

The era of greater national control of economic and security policy ushered in by the US election and Brexit provides increased uncertainty for business leaders.

Caution prevails because of the lack of political policy clarity from the USA and UK and the impacts on the global trading and economic environment, as well as geopolitics. Political sparks will fly as the new presidency places pressure on the economic relationship between the US and China, vital for the stability of the global economy; and the US withdrawal from the Trans-Pacific Partnership threatens to redraw Trans-Pacific commerce.

The calls across Europe for further referendums on EU membership is causing nervousness and populism in other parts of the world such as sub-Saharan Africa is adding fuel to investor risk. Persistent terrorist threats.

The threat of terrorism will remain high in 2017 but become more fragmented.

The eventual collapse of Islamic State’s territorial control in Syria and Iraq will lead to an exodus of experienced militants across the world. Responding to terrorism is becoming ever more difficult for businesses; risk adjustment is critical, including big data solutions and reviews of potential insider radicalisation, physical security and scenario planning. Increasing complexity of cyber security. 2017 will see the rise of conflicting data legislation: US and EU data protection regulations remain at odds; the EU’s Single Digital Market is isolationist; and China and Russia are introducing new cyber security laws.

This will lead to data nationalism, forcing companies to store data locally, at increased cost, as they are unable to meet regulatory requirements in international data transfer.

E-commerce will be stifled.

Fears of terrorism and state sponsored cyber-attacks will exacerbate national legislation, adding burden to businesses. A potential brake on US regulation could lead to a transformation of the global regulatory environment.

The US adherence to the Paris climate accords is under question, the Dodd-Frank Act could be modified substantially and the Foreign Corrupt Practices Act is not off limits, either.

This could have a domino impact on regulation around the world. Intensifying geopolitical pressures driven by nationalism, global power vacuums and proxy conflicts.
Syria, Libya, Yemen and Ukraine are likely to remain intractable conflicts and the Middle East will continue to be shaped by friction between Saudi Arabia and Iran; China’s increased focus on diplomacy and military influence will extend from Central Asia and the Indian Ocean to sub-Saharan Africa; and North Korea’s systematic nuclear capability development is upending a relatively static regional and global nuclear status quo. Richard Fenning continued: “Digitalisation and the internet of everything take risk everywhere and the distinction between safe home markets and dangerous foreign ones has largely gone.

The sheer mass of stored data, teetering on a fulcrum between asset and liability, has shifted the gravitational centre of risk. “Terrorist attacks across continents in 2016 made possible in large part by the internet have shown that Islamist inspired violence can be planned and carried out anywhere in the world. “With the seismic shift in risk scenario planning now required by businesses, we can expect the competitive playing field in many industries to see significant change as organisations respond in different ways to the multitude of complexities facing them.” Ends For further information please contact:Georgina Parkesgeorgina.parkes@controlrisks.com Simon Barkersbarker@barkercomms.com Note to Editors:About Control RisksControl Risks is a global risk consultancy specialising in political, security and integrity risk.

The company enables its clients to understand and manage the risks of operating in complex or hostile environments.

Through a unique combination of services, wide geographical reach and by adopting a close partnership approach with clients, Control Risks helps organisations effectively solve their problems and realise new opportunities across the world.www.controlrisks.com

Man names Wi-Fi network “Daesh 21,” prosecuted under French anti-terror law

EnlargeNiroDesign / Getty Images News reader comments 89 Share this story French media reported Friday that an 18-year-old man from Dijon was convicted for "praising terrorism" and was given a suspended sentence of three months in prison because the SSID of his Wi-Fi network was "Daesh 21." Daesh is the Arabic acronym for Islamic State, and "21" in this context represents the number for the Côte d’Or, the French department, or province, where Dijon is located. The unnamed man was prosecuted under a new French anti-terrorism law (Article 421-2-5) passed in November 2014 that makes it a crime to "directly provoke acts of terrorism or to publicly praise one such act." If convicted, offenders can be punished by up to five years in prison and a €75,000 ($83,000) fine. Such penalties are raised to seven years and €100,000 ($111,000) if the crime was committed by using a "public online communication service." A local newspaper, Le Bien public, described the man as being "totally dazed" in front of the court and said that he was "not a terrorist." He was first sentenced to 100 hours of community service, which he refused, but he was finally given a three-month suspended sentence. The man's lawyer, Karima Manhouli, who did not immediately respond to Ars' request for comment, said that one of the man's neighbors reported him to police. "The authorities went to the street to evaluate the signal, made numerous inquiries, in vain, with Samsung, and then to the operator, etc., to eventually be able to identify this young man," she told Next Inpact. "He's an 18-year-old who has not even been able to explain the name.
I don't think that renaming a Wi-Fi network is an act of praise! It's neutral, it's nonsense, it's not an argument." She added that the man's computer, phone, Twitter, and Instagram were seized and searched. Nothing else terrorist-related was found. His Wi-Fi network has been subsequently re-named "Roudoudou 21," the name of a French electronic musician. The case could be further appealed in France or in European courts. "The question is whether it is in accordance with French law," Marie Fernet, a French lawyer, told Ars. "And if this law is itself consistent with the fundamental principles protected by the Constitution, the Declaration of Human Rights and the European Convention on Human Rights.

This legislation regarding the praise of terrorism is recent, and many people think it is not consistent with our texts on human rights and freedom of expression."

Alleged ISIS member ‘wore USB cufflink and trained terrorists in encryption’

33-year-old Cardiff man faces trial next year over six terrorism charges A Cardiff man said to be a member of ISIS and who is alleged to have trained terrorists in the use of encryption will be put on trial in March. Samata Ullah, 33, was charged earlier this month with six terrorism offences. Today at the Old Bailey Mr Justice Holroyde remanded Ullah in custody until 17 November, according to the Mail Online, when an application may be made to move the trial back to Wales. Police were said to have gathered 6TB of data after searching Ullah's devices, of which 2TB will be used as evidence against him. He was also said to have used encrypted messaging app Telegram to offer his services to the "Cyber Caliphate Army". Among the charges Ullah faces is an allegation that he had a USB stick disguised as a cufflink, which had "an operating system loaded on to it for a purpose connected with the commission, preparation or instigation of terrorism" contrary to section 57 of the Terrorism Act 2000. He is also accused of providing "instruction or training in the use of encryption programs" while knowing that people receiving it "intended to use the skills... in connection with the commission or preparation of acts of terrorism" or for helping other terrorists. Another charge states he breached section 5 of the Terrorism Act 2000 by "researching an encryption program, developing an encrypted version of his blog site and publishing the instructions around the use of programme on his blog site". This could be understood to relate to Tor rather than HTTPS, as excitable internet idiots began speculating when the charges were originally made. The Register has made enquiries with the Metropolitan Police and will update this story if they give a substantive response. Other charges brought against Ullah included membership of Islamic State, directing a terrorist organisation, possession of a PDF document about advances in missile guidance and control, and possession of a book about guided missiles. The full trial is provisionally listed for 20 March. ®

Trump: “The security aspect of cyber is very, very tough”

Enlarge / Republican presidential nominee Donald Trump and Democratic presidential nominee Hillary Clinton shook hands after the Monday debate.Drew Angerer / Getty News Images Campaign 2016 Journalists must fork over $200 for Wi-Fi at presidential debate Trump takes on “Crooked Hillary” with Snapchat geofilter View more storiesreader comments 44 Share this story Hillary Clinton and Donald Trump faced off in their first presidential debate—but they only touched on technological issues briefly Monday, and even then, in simplistic terms. Toward the end of the 90-minute debate, moderator and NBC anchor Lester Holt asked: "We want to start with a 21st century war happening every day in this country, our institutions are under cyber attack, and our secrets are being stolen. So my question is who's behind it and how do we fight it?" The two candidates disagreed as to who was behind the recent attacks on the Democratic National Committee, but concurred that cybersecurity should be a top priority. The former secretary of state, Clinton, laid the blame squarely at the feet of Moscow—concurring with the intelligence community and the view of the President Obama administration—and did not mince words. "There's no doubt now that Russia has used cyberattacks," she said. "[Russian President Vladimir] Putin is playing a tough, long game here." Clinton also mentioned theft of "private information," and "public sector information," which likely referred to the massive heist of government employee files at the Office of Personnel Management in 2015. As she continued: And we are not going to sit idly by and permit state actors to go after our information, our private sector information or our public sector information, and we're going to have to make it clear that we don't want to use the kinds of tools that we have. We don't want to engage in a different kind of warfare. But we will defend the citizens of this country, and the Russians need to understand that. I think they've been treating it as almost a probing, how far would we go? How much would we do? And that's why I was so, I was so shocked when Donald publicly invited Putin to hack into Americans. That is, that is just unacceptable. It's one of the reasons why 50 national security officials who served in Republican information, administration have said that Donald is unfit to be the Commander-in-Chief. It's comments like that that really worry people who understand the threats that we face. "It could also be China" When Holt turned to Trump, he said he "agree[s] to parts of what Secretary Clinton said, we should be better than anybody else, and perhaps we're not." But then, Trump deviated from the consensus view that it was the Russian government, or Russian-backed entities that recently targeted the Democratic National Committee. "I don't know if we know it was Russia who broke into the DNC," he said. "She's saying Russia, Russia, Russia. Maybe it was. It could also be China, it could be someone sitting on their bed that weighs 400 pounds." The Republican candidate then continued to harp on a theme that he has hit repeatedly on the campaign trail, that Islamic State, also known as ISIS, is "beating us at our own game." "So we have to get very, very tough on cyber and cyber warfare," he continued. "It is a, it is a huge problem. I have a son. He's 10 years old. He has computers. He is so good with these computers, it's unbelievable. The security aspect of cyber is very, very tough. And maybe it's hardly doable. But I will say, we are not doing the job we should be doing, but that's true throughout our whole governmental society. We have so many things that we have to do better, Lester and certainly cyber is one of them." When Clinton was given a chance to respond, she noted that the United States needs to "do much more with our tech companies to prevent ISIS and their operatives from being able to use the Internet, to radicalize, even direct people in our country and Europe and elsewhere." But the Democratic candidate didn’t explain exactly what she meant by that. Earlier in the evening, Holt asked Clinton specifically about her use of a private e-mail server. She called it a "mistake," and tried to dispense with the issue quickly. "And if I had to do it over again, I would obviously do it differently," she said. "But I'm not going to make any excuses. It was a mistake and I take responsibility for that." Trump shot back: That was more than a mistake. That was done purposely. Okay? That was not a mistake. That was done purposely. When you have your staff taking the Fifth Amendment, taking the fifth so they are not prosecuted, when you have the man that set up the illegal server taking the Fifth, I think it's disgraceful. And believe me, this country thinks it's disgraceful—really thinks it's disgraceful, also. The next debate, between the two vice presidential candidates, is scheduled for Tuesday, October 4 at 9pm Eastern.

ISIS hacker gets 20 years for giving terrorists US military kill...

Enlargereader comments 1 Share this story An overseas hacker from the group Kosovo Hacker's Security was handed a 20-year term Friday.

This is the nation's first prosecution of a hacker trying to carry out an act of terrorism. Kosovo citizen Ardit Ferizi, a 20-year-old with the online handle Th3Dir3ctorY, was arrested in Malaysia in 2015.
In a Virginia federal court earlier this year, he pleaded guilty to stealing data on US military personnel by hacking undisclosed US corporate computers and then providing that data to the Islamic State (ISIS) terror group. "This case represents the first time we have seen the very real and dangerous national security cyber threat that results from the combination of terrorism and hacking," said US Assistant Attorney General John Carlin. "This was a wake-up call not only to those of us in law enforcement but also to those in private industry." The defendant admitted (PDF) to forwarding the data to Junaid Hussain, an Islamic State hacker killed in August by a military airstrike.

Days before his death, Hussain tweeted, "NEW: U.S. Military AND Government HACKED by the Islamic State Hacking Division!" The tweet contained a hyperlink that included the "names, e-mail addresses, e-mail passwords, locations, and phone numbers for approximately 1,351 US military and other government personnel (PDF)," the government said. According to federal prosecutors, that linked document also said, in part, that "we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!'" Nobody on the list was believed to have been attacked because of the hack.

Op-ed: Why President Obama won’t, and shouldn’t, pardon Snowden

Oliver Wunder remixed by Aurich LawsonFormer NSA contractor Edward Snowden has asked President Barack Obama for a pardon, and the ACLU, which represents Snowden in the US, agrees.

The following piece is a response to Snowden's argument.

The author, Jack Goldsmith, is a Harvard Law professor and a senior fellow at the Hoover Institution.

This piece first appeared at Lawfare. NSA leaks Snowden’s bias is blatant—but Gordon-Levitt makes its message powerful Snowden to President Obama: I deserve a pardon GCHQ tried to track Web visits of “every visible user on Internet” Director of national intelligence: Snowden forced “needed transparency” Edward Snowden faces John Oliver’s semi-tough questions View more storiesreader comments 63 Share this story A “pardon Snowden” campaign was launched Wednesday in conjunction with the Snowden film.
Snowden himself made the “moral case” for why he should be pardoned, and Tim Edgar made a much more powerful case.
I remain unconvinced.
I don’t think the president will, or should, pardon Snowden. I say this even though I agree with Tim about many of the upsides to Snowden’s theft and leak of documents from NSA databases. On the third anniversary of the Snowden disclosures, I wrote about how, despite their many costs, the disclosures strengthened the intelligence community.

They forced the NSA to be more transparent and to better explain itself, demonstrated that the NSA was acting with the full knowledge and support of three branches, resulted in its authorities being strengthened and its collection practices barely narrowed (and in some respects expanded), and overall enhanced its domestic legitimacy going forward.
I was not kidding when I said that “[t]hese are but some of the public services for which the US government has Snowden to thank.” This was not a new theme with me.
I have made similar points for years. (See here and here and here and here.) But to say that the intelligence community benefited from the Snowden leaks is not to say that the president should pardon Snowden, for the price of the benefits was enormously high in terms of lost intelligence and lost investments in intelligence mechanisms and operations, among other things. Many Snowden supporters pretend that these costs are zero because the government, understandably, has not documented them.

But it is naïve or disingenuous to think that the damage to US intelligence operations was anything but enormous. (To his credit, Tim acknowledges that “Snowden’s actions caused great damage to national security.”) Much remains unknown regarding the extent of the damage (because the intelligence community cannot publicly say much beyond generalities) and the specifics of Snowden's actions and motivations (because DOJ is preserving a criminal prosecution).
I imagine we would learn considerably more information—from both sides, but especially from the government—if a criminal trial ever took place.

And indeed it is hard for the public to even assess the case for a pardon until we know the full extent of Snowden’s crimes and the harms they caused.

But I have no doubt that the harms from his actions were very significant. Another difficulty in determining whether a pardon is warranted for Snowden’s crimes is that the proper criteria for a pardon are elusive. Oliver Wendell Holmes once declared that a pardon “is the determination of the ultimate authority that the public welfare will be better served by inflicting less” than what the criminal law specified.

But how to measure or assess the elusive public welfare? The Constitution delegates that task exclusively to the president who can use whatever criteria he chooses. Many disagreements about whether a pardon is appropriate are, at the bottom, disagreements about what these criteria should be.
Some will question whether Snowden should be pardoned even if his harms were trivial and the benefits he achieved were great.
Indeed, presidents don’t usually grant pardons because a crime brought benefits. My own view is that in this unusual context, it is best to examine the appropriateness of a pardon in the first instance through an instrumental lens, and also to ask how well Snowden’s stated justification for his crimes matches up with the crimes he actually committed. A good place to begin is with my former colleague Geoffrey Stone’s analysis: I think if [Snowden] had only disclosed the existence of the second 215 metadata program, then one might be able to make the case he did more good than harm because there were reforms adopted because of his disclosures.

That's a good thing.

And the program itself had not been up to this point all that valuable, and therefore even though its disclosure makes it largely ineffective going forward–they work in part because the person you're surveilling doesn't know they exist–the cost was pretty modest because the program wasn't that valuable...

The problem is he disclosed vastly more than that, involving foreign intelligence not of Americans but of individuals who aren't American citizens in other countries. No changes were generally made in those programs, and Americans don't really care.

But disclosing those programs has had a serious impact on their being as effective as they had been.
I think he did a lot more harm than good. Let me say a few more words about this.
Snowden has long claimed that he took an oath to “support and defend the Constitution” (see here and here), and he has implied that he was fulfilling this oath when he stole and distributed the documents. “The oath of allegiance is not an oath of secrecy,” he told Bart Gellman. “That is an oath to the Constitution.

That is the oath that I kept that Keith Alexander and James Clapper did not.” Let’s assume that Snowden is right that his oath to the Constitution trumps his employment agreement secrecy duties (but see here; cf. here).
Snowden might plausibly argue that his exposure of the 215 program was genuine whistleblowing in support of the Constitution.

Even though the program was vetted by the three branches of government, its revelation sparked legal controversy and subsequent substantial reforms. His exposure of the 702 programs (PRISM and upstream collection) is harder to justify on these grounds, because these programs were clearly authorized by public law and have not sparked nearly the same criticism, pushback, or reform.

For this reason Stone implies that the 702 leaks were not justified.
I tend to agree, but for purposes of argument I will assume (but only assume) that this and every example of Snowden leaks that involved unknown collection inside the United States or of US persons were examples of admirable whistleblowing. What I do not get, and what I have never seen Snowden or anyone explain, is how his oath to the US Constitution justified the theft and disclosure of the vast number of documents that had nothing to do with operations inside the United States or US persons. (Every one of the arguments I read for Snowden’s pardon yesterday focused on his domestic US revelations and ignored or downplayed the vast majority of revelations that did not involve US territory or citizens.) To take just a few of hundreds of examples, why did his oath to the Constitution justify disclosure that NSA had developed MonsterMind, a program to respond to cyberattacks automatically; or that it had set up data centers in China to insert malware into Chinese computers and had penetrated Huawei in China; or that it was spying (with details about how) in many other foreign nations, on Bin Laden associate Hassam Ghul’s wife, on the UN Secretary General, or on the Islamic State; or that it cooperates with intelligence services in Sweden and Norway to spy on Russia; and so on, and so on.

These and many other disclosures (see here for many more) concern standard intelligence operations in support of national security or foreign policy missions that do not violate the US Constitution or laws and that did extraordinary harm to those missions. There is such a disconnect between Snowden’s constitutional oath and the scale and type of sensitive intelligence information that he disclosed that it makes me question whether the Constitution had anything to do with the leaks.

And indeed, when Snowden “set out the case” for his pardon on Wednesday, he did not (at least in the stories I read) argue from the Constitution. Rather, he now says of the disclosures: “when we look at them morally, when we look at them ethically, when we look at the results, it seems these were necessary things, these were vital things.” Let us set aside the “results” of having blown numerous intelligence operations against adversaries and many other legitimate intelligence targets. What might be the moral and ethical case for disclosing US intelligence techniques against other countries and institutions? (I will ignore possible cosmopolitan impulses for Snowden’s theft and leaks, which I think damage the case for a pardon for violations of US law.) I think the most charitable moral/ethical case for leaking details of electronic intelligence operations abroad, including against our adversaries, is that these operations were harming the Internet, were hypocritical, were contrary to American values, and the like, and Snowden’s disclosures were designed to save the Internet and restore American values.

This is not a crazy view; I know many smart and admirable people who hold it, and I believe it is ethically and morally coherent. But it is also not a crazy view, and it is also ethically and morally coherent to think that US electronic intelligence operations abroad were entirely lawful and legitimate efforts to serve US interests in a complex and dangerous world and that Snowden’s revelations violated his secrecy pledges and US criminal law and did enormous harm to important American interests and values. Unfortunately for Snowden’s pardon gambit, President Obama, and anyone who sits in the Oval Office charged with responsibility for American success around the globe, will (and should) embrace the second moral/ethical perspective and will not (and should not) countenance the first moral/ethical perspective, which I take to be Snowden’s.
Snowden can act on whatever conception of American values he likes, but when he acts in massive violation of criminal laws in ways that reveal lawful intelligence activities against adversaries and other legitimate intelligence targets, he cannot expect a pardon. Another reason why Snowden won’t and shouldn’t be pardoned for his actions is that doing so would have a demoralizing effect on the thousands of intelligence community personnel who devote (and in some cases risk) their lives to US national security, who follow the rules laid down by Congress and the president, whose work was diminished, and whose jobs were made much harder as a result of Snowden’s non-US related disclosures.
I disagree with Tim that “a pardon sets no precedent and so creates no incentives.” Pardoning the perpetrator of the most damaging leak by far in American history would send a clear signal of approval for what Snowden did and a clear signal about a lack of seriousness on the part of the government about its truly most important secrets.

Those signals would affect the attitude of everyone in the intelligence community about the value of our most important secrets and would have a terrible impact on the government’s already-difficult ability to keep such secrets.
In saying this, I do not detract from the importance of the greater transparency that Snowden brought to the intelligence community.

That community was self-defeatingly secretive and insular and terrible at explaining what it was doing and why.

But to say that it needed to open up a great deal, especially about the extent of and legal bases of its domestic operations, is not to say the government should countenance disclosure of details about its lawful electronic intelligence operations abroad against non-US citizens, which is what the pardon Snowden seeks would do. In sum, I can imagine a pardon for Snowden for the smidgen of his revelations about possibly unlawful domestic surveillance or collection against US persons.

But the possible case for a pardon extends only to that smidgen of the leaks.
It is hard to see how the president could pardon the manifold violations of US criminal law of the broader leaks about obviously lawful operations, given the costs to the United States in terms of lost intelligence, compromised techniques, and destroyed investments, among others.

Encryption backdoors? It’s an ongoing dialogue, say anti-terror bods

Silicon Valley's uneasy alliance with Washington CloudFlare Internet Summit It's not every day you walk into a tech conference in San Francisco to find a propaganda video for the Islamic State playing on the screens. Two counterterrorism experts from Washington, DC, were opening the CloudFlare Internet Summit by talking about the use of social media by terrorist groups and what could be done to counteract them. It's a conversation that is had on the East Coast all the time, but not so much in Silicon Valley, as the shocked faces on attendees confirmed. And that's why they were here. "After the San Bernardino shootings, the President asked how we could work together with the tech community," explains Jen Easterly, the president's special assistant and a senior director for counterterrorism at the National Security Council. "We had a meeting in January where we brainstormed with tech companies how we could share information on how terrorists were using their platforms – because they don't want this stuff on their systems either." Left to their own devices for a few minutes, both Easterly and her co-presenter John Mulligan, deputy director of the National Counterterrorism Center, start devising how Silicon Valley can help in their fight against groups like ISIL and Al-Qaeda. "We're trying to get the broader ecosystem to reach young people, point out the hypocrisy of the so-called Caliphate," Easterly enthuses. "We can use tech to amplify those campaigns. We can underwrite and fund resources that help people that can make a difference – moms, dads, teachers, pastors..." And... relax It took CloudFlare's general counsel Doug Kramer to bring things back down to Earth. Things work a little differently on the West Coast. "The values of privacy and transparency can often be in conflict with what we are asked to do – how can they be reconciled?" he noted diplomatically, before adding a few sidenotes: "There is the history of the NSA, the use of National Security Letters; they can run counter to the principles of privacy and transparency..." To their credit, both Washingtonites got it immediately – clearly something useful has come out of the efforts to bridge the East-West gap. "Your point is completely valid," said Mulligan. "It's a continuing dialogue," he added before switching to talk about European governments. The same language – continuing dialogue – was also used by Easterly. "We're dancing around the encryption question," she noted before continuing that same dance. "Everyone believes in the value of strong encryption ... It's not going to be resolved with this administration ... The American people will have to weigh in ... The problem is big and broad..." It's clear that the uneasy stalemate between tech companies and law enforcement – most clearly signaled in the battle between the FBI and Apple over the San Bernardino shooter's iPhone – is still there, resting unhappily in the background. What will get the wheels moving again? After the collapse of several legislative efforts in Congress, the November elections seem to be the answer. Hillary Clinton has already backtracked from her call for some kind of backdoor/frontdoor in encryption products and now advocates for a special commission to look at the issue. Donald Trump... well, who knows? After the session, we asked Kramer and a number of CloudFlare's senior policy and technical people where they think the conversation is going. The short answer: no one knows. As a tech company, CloudFlare feels obliged to point out the same argument that the tech industry has repeatedly made: encryption is mathematics; a hole is a hole; if you introduce a backdoor for the US authorities, it can be opened by anyone. The claim by the FBI, politicians and others that there is somehow a solution to this logical conundrum has been termed "magical thinking." What's the answer? There will be some kind of solution that will be arrived at in the next few years, however. As Mulligan noted: "[Groups like ISIL] throw out a wide net, and start pulling people in. And when people are pulled in, then they start using secure communications." It's for that reason that the authorities are determined to find a way around encryption because to them, secure comms are the point at which people move from curious innocents to national security risks. We'll have to wait until 2017 for that conversation to start properly. What will be the startpoint? The best thinking is two areas: First, static versus communications in transit: are the dangerous people emailing or talking? The two forms are very different animals and will likely need different approaches. And second, precision. As much as the NSA loves mass surveillance, they are always going to have to do it in the dark, because neither the American people nor tech companies accept it. If Washington wants Silicon Valley's help, it will have to be more open. And that means precise, focused efforts – this communication here; that communication there. Then, perhaps the answer is pointing enormous computing resources at cracking a very small number of communications that represent real threats. But for that to happen, both coasts are going to have to learn to trust one another a little more. ®