Declan McCullagh – Brian.Carnell.Com

Declan McCullagh on the Government’s Anti-HP Hypocrisy

Declan McCullagh does a nice job of pointing out the hypocrisy of Members of Congress who are outraged at the privacy invasion that Hewlett Packard carried out in an attempt to discover the identity of a board member who was an anonymous source.

The particular focus of Congress’ rage has been pretexting — in which private investigators pretend to be an individual in order to fraudulently obtain information, such as phone records. But as McCullagh points out, 7 of the 11 bills introduce in Congress to outlaw pretexting include exemptions for law enforcement. And, apparently, law enforcement agencies have no qualms about using private agencies that use pretexting,

Federal and local law enforcement officials were named as customers of Internet-based pretexting services in a June article on MSNBC.com. Some companies, like Advanced Research, have admitted in letters to Congress that they did work for the FBI. A high-level source at a cellular provider confirmed to me that the company’s internal investigations of pretexting show that many police agencies are customers.

An Associated Press article named the Department of Homeland Security, the Department of Justice, the FBI, the U.S. Marshal’s Service and municipal police departments in California, Colorado, Florida, Georgia and Utah as hiring pretexters. Time magazine has also reported on this.

According to McCullagh, efforts by Democrats to widen the ban on pretexting to include law enforcement are being blocked.

If police want phone records, they should follow the usual route; get a judge to issue a subpoena for the data and obtain it the old fashioned way — in compliance with the Fifth Amendment.

Source:

Perpsective: Anti-HP hypocrisy in Congress? Declan McCullagh, CNet News.Com, September 18, 2006.

Declan McCullagh Jumps the Gun

On July 7, Muslim extremists bombed London’s mass transportation system. Later that day Declan McCullagh pulled one of his typical bone-headed moves in wondering why there was no footage being aired yet from the thousands of security cameras deployed throughout London?

And with all
those CCTV cameras littered about London, where’s the footage of the
bombers? Is there none because the cameras weren’t pervasive/invasive
enough?

Now, of course, a week later, we know that the cameras were working and captured the terrorists. Because of the existence of the footage, police were able to quickly determine that the bombings were probably suicide attacks, and were able to identify the prepetrators and search their residences.

The impetus coming out of the bombing will, if anything, likely tilt toward upgrading and improving London’s CCTV system given how the existing network of cameras has been in the bombing investigation. In addition, U.S. law enforcement will surely use the success of the London CCTV system to push further for such systems in American cities.

Glib, premature comments by civil libertarians like McCullagh’s only reinforce the view that those concerned about such extensive surveillance are out of touch with real world concerns.

A Good Example of the Stupidity of Black Hole Lists

Declan McCullagh offers an excellent example of the sheer stupidity of e-mail blackhole lists.

McCullagh received a resume spam and reported the spammer to both Yahoo!, who the spammer was using to spam his resume, as well as to Spam Cop.

The spammer, in turn, reported McCullagh as a spammer to Spam Cop and to Relays.Osirusoft.Com. Spam Cop realized the report was bogus and took action against the spammer, but the good folks at OsiruSoft simply added McCullagh’s mail server to its open relay list without even a minimal investigation, causing many subscribers to his widely read list to miss some of his postings. As McCullagh puts it,

The Politech mail server is no longer listed, but a policy of add-first-and-check-later raises troubling questions about how reliable blacklists can be. I like the concept in theory, but in practice they seem to be far more problematic than smart perhaps eventually collaborative) end-user filtering.

I’d be a bit more blunt. It doesn’t “raise troubling questions,” the blacklisting practice is just plain stupid. I’m surprised more people haven’t tried to manipulate it like this clever (but vile) spammer did.