Thursday, June 13, 2013

From Creekside to Cyveillance to PRISM-ID

Creekside is a really tiny insignificant Canadian blog, as I'm sure both of you know. I rarely venture into covering anything about the US unless it has a direct and immediate bearing on Canadian interests and hasn't been mentioned anywhere else. Consequently I don't get much US traffic unless I happen to blog something like State Dept. hires TransCanada consultant to approve Keystone pipeline, and it goes up some magical link chain via Think Progress to the New York Times.  

Then I get a wee spike in US traffic, some of which consists of the downloading of hundreds of pages over the course of a few hours from US data-mining firms like PSInet and Cyveillance who specialize in protecting the online reputations of their corporate clients. I can imagine the reason behind some of their search terms on Creekside - Carlyle Group, Manning Centre, CETA; but others make no sense at all - Kady O'Malley, Matt Taibbi, Stephen Harper.

Usually there are several different IP addresses from the same company working Creekside at the same time - some doing word or date searches while others download several posts per second. Must be some kind of metadata collecting program, thinks technodolt me. 
I google up Cyveillance; other bloggers have complained about them, but not recently. 
A 2009 news release says they were bought out by QinetiQ :
QinetiQ North America, of McLean, Va., is a subsidiary of British defense company QinetiQ Group PLC and ranks No, 24 on Washington Technology’s 2008 Top 100 list of the largest federal government prime contractors.
A Bloomberg story, China's Cyberspies Outwit Model for Bond's Q, notes "former CIA Director George Tenet was a director of the company from 2006 to 2008 and former Pentagon spy chief Stephen Cambone headed a major division." 

Which got me thinking about that corporate/government data-mining revolving door, and I wondered if there was a connection between Cyveillance and PRISM. 
There is - if PRISM-ID is related to PRISM. 

US Department of Homeland Security
Privacy Impact Assessment for the U.S. Secret Service Cyber Awareness Program (Cyveillance) December 14, 2012
Cyveillance, a subsidiary of QinetiQ of North America, is under contract by the Secret Service to search available information related to the Secret Service and its missions.The information captured by Cyveillance is reviewed by Cyveillance personnel to identify the results that appear to fall within the parameters of the Secret Service’s stated requirements. Potentially relevant information related to the Agency’s missions is forwarded to Secret Service personnel who determine whether further investigation is required to assess the content (e.g., to determine if it is a viable or potentially viable threat). If further investigation is deemed necessary, the information obtained through Cyveillance is incorporated into the Protective Research Information Management System (PRISM-ID)1, an existing Secret Service system.

And what is PRISM-ID?
PRISM-ID system records data on threats, inappropriate or unusual behavior, and incidents that may impact the Secret Service’s mission to protect persons, events, and facilities. The system also may contain PII [personally identifiable information] on subjects of an investigation. PRISM-ID does not include information on individuals merely seeking access to protected facilities or sites unless they are the subject of an investigation or otherwise came to the attention of the Secret Service for threatening, inappropriate, or unusual behavior. Information may include criminal history, health history, employment history, military service history, education history, immigration status, and other personal information provided by the subject or others familiar with the subject.
So does blogging about it count as "inappropriate or unusual behavior"? Asking for a friend.

Back to the Homeland Security Privacy Impact Assessment, which follows a Q&A format regarding the access and retention of "personally identifiable information" and how it is purged within 10 working days if not deemed relevant to further inquiry. All very reassuring, however :
While the general purpose of Cyveillance is not to collect PII, the collected information may contain PII. As Cyveillance’s function is not to collect PII, it is not possible for the Secret Service to know what PII, if any, may be contained in the collected information.
And this just blew me away : 
4.3 Privacy Impact Analysis: Related to Notice
Privacy Risk: Individuals may not be aware of the existence of Cyveillance and the data its collects and reports to the Secret Service. 
Mitigation: This PIA serves as public notice of the existence of Cyveillance in support of the Secret Service missions.
Ah but you'll only see it if you happen to be browsing through the pages of Homeland Security.
Suddenly I feel like Arthur Dent : "Yes, it was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the leopard'."

6.1 Is information shared outside of DHS as part of the normal agency operations? 

Identified information that becomes part of an investigative or criminal case file may be shared on a need-to-know basis with federal, state, and local law enforcement agencies, other foreign and domestic government units, or private entities in accordance with the routine uses outlined in the applicable SORN.

And just to destroy whatever tiny shreds of respect you were holding out for me not being totally tinfoil ....
After four days of Cyveillance hanging out at Creekside in January, I shut down my computer for 24 hours, checked in on my stats from a blackberry, and they had gone. The next day I logged back onto my computer and within seconds they were back again. 

I know, I know, but there you go - coincidence or not, it's what happened.
Beware of the leopard.

Update : 
Firedoglake : NSA Swaps Information On You With Private Companies For More Information On You


Anonymous said...

"Asking for a friend" ROTF

West End Bob said...

as I'm sure both of you know


Boris and I are in such good company . . . . ;-)

West End Bob said...

At least you can take comfort in the fact the aforementioned PIA gave you "public notice" of the Cyveillance, M'lady.

It would definitely make me sleep better at night . . . .

Anonymous said...

Obviously you are not as insignificant as you thought.
That PRISM or one of its related groups pays US cyberspy companies to spy on the content of Canadian blogs is pretty damn alarming.
You should tell CBC about this.

Dana said...

Has anyone actually *seen* Alison lately?

Anyone could have written this.

West End Bob said...

Had pasta & beer with her and Boris a couple of weeks ago, Dana.

'Course that was then and this is now . . . .

kootcoot said...

The mention of Cyveillance reminds me that a few years ago, during the reign of terror presided over by Bu$h the Lesser, I wrote a letter to the properly "selected" preznit. I don't even remember what it was about, some environmental issue I think.

Anyhoo, after that at my personal website/blog, which operates under my genuine monicker I became a subject of interest to Cyveillance. Once a month they would comb through my whole site, my music, pictures of the grandkids, some trivial Java Applets and such. These guys came once a month like clock work and the log each month of their visits read like a sitemap of my website.

When I started this website I had my own domain and it was hosted on a particular server, here in Canada. When it became necessary to renew the registration of my domain I decided I didn't like the domain name enough and chose to not renew. Then I moved the website to a server at the ISP that I get connected through, also in Canada. This made for a much more complicated URL, essentially the URL of my ISP with an added folder being my place. Apparently they either lost interest in my website or it was too hard for them to figure out where I went, because I haven't seen any sign of them since in my logs. I thought of e-mailing them with a change of address, and would have if I was somehow getting paid by clicks.

Alison said...

Anon : Someone at CBC has read it.
Can't really see them doing anything with it though, can you?

Dana : Lols. How to convince you that I'm me ... hmmm ... well this is a somewhat complicated post about an issue that isn't trending that no one will read and it was posted at 3am. Who else does that?
P.S. The LPC still blows. ;-)

Koot : Thanks so much for this; good of you to respond. So nothing from them since they got the Secret Service contract? Or from the Executive Office of the President or US Army Info Systems?

I was hoping this post would spur other Canadian bloggers to chime in - either here or on their own blogs - with their own accounts of US surveillance but so far you're the only one. Admittedly this isn't like scooping up phone calls or emails because blog content of course is already public, but I do notice people writing about US gov surveillance as if it's something that might happen in the future up here as opposed to noticing it's already here.

Rev.Dr. Joel Lamoure said...

.... I am having exactly the same problem. Thanks for the info Allison. I am a professor of psychiatry and a Dr in Divinity. I am going through the exact same picture and I have a wee metaphysical and spiritual blog. I too have the same friends as you, and closing in on London :P

Blog Archive