One of the first articles I covered for this site was a court case involving the United States Federal Bureau of Investigation and their refusal to comply with the US Privacy Act. At the time, the FBI was challenging their obligation to adhere to US Law, mandating that the agency formally inform any US citizen that the agency had obtained biometric data on, something that the plaintiff’s argued the US Privacy Act requires all Federal agencies to do.
According to estimates by the Electronic Frontier Foundation, whom first filed the complaint against the FBI’s biometric data collection program in July of 2016, the FBI has been secretly holding biometric records on hundreds of millions of American citizens dating as far back as 2008. Despite this however, Federal courts have since found the FBI innocent on all charges and the agency now has right to keep all of their biometric records sealed from the public eye. In response to their victory in court, on August 1st 2017, the FBI came out with a press release announcing that as of August 31st 2017, their biometric databases will officially be labeled “classified” and therefore exempt from the US Privacy Act on the grounds of “National Security.”
Read The FBI’s Full Statements On The Matter Here: https://www.federalregister.gov/documents/2017/08/01/2017-15423/privacy-act-of-1974-implementation
To be honest, I did not plan to write about the FBI’s victory in this case, that is until Wikileaks came out with a new data dump earlier this past week. On August 24th 2017, Wikileaks released a specialized hacking tool developed by researches at the US Central Intelligence Agency. The tool, officially named “Express Lane,” allowed the CIA to secretly collect biometric data from various agencies around the world, including the FBI, Department of Homeland Security and other affiliated intelligence agencies around the world.
To do this, the CIA essentially took advantage of the relationships they have been developing with various agencies and offices over the last several decades. Considering that the United States Government and CIA in particular is in possession of some of the most sophisticated networking programs in the entire world, many law enforcement and intelligence agencies throughout the world have turn to the CIA for advice or help. To deliver the Express Lane tool and extract data, the CIA would hide the program in system updates made available to their constituents. Once in place and installed, the CIA could then easily extract and export the data manually.
— WikiLeaks (@wikileaks) August 24, 2017
Long story short, this means that all of the biometric data the FBI has been hiding on US citizens has not been kept private. Furthermore, the fact that the information was hacked, and then the people whom hacked the material were hacked themselves, this means that all of the FBI’s biometric data is now theoretically out in the open and completely unprotected.
As for how this applies to US Law, considering that Wikileaks has released evidence proving that the FBI had their computer systems and biometric databases compromised, and these computer systems were holding classified information shielded under National Security, and these systems contained the private and personal data of hundreds of millions of US citizens, it could be argued that the FBI was “criminally negligent” in their handling and protection of this data.
There is already court precedent in place holding corporations and private entities accountable for the protection of consumer information and private data. I see no reason why the US Government wouldn’t be held to the same or higher standards, especially given the level of information which was exposed.
Moreover, Wikileaks announcement this week proves that the CIA is clearly guilty of violating the Computer Fraud and Abuse Act, which prohibits anyone from “accessing a computer without authorization, or in excess of authorization.” Both of these carry felony charges, not to mention the criminal “conspiracy” charges which come with the sentencing. Not only this, but considering that the CIA stole classified information recently protected by US courts under National Security, one could argue that the CIA’s actions come dangerously close to “treasonous.”
Donald Trump and Republicans have recently vowed to crack down on people whom leak information, often telling people to ignore all of the information that is released because they consider the act of leaking itself worse than any information the leak exposes. However, it is critically important to understand that Wikileaks recent releases from inside the CIA document criminal behavior. Not against Wikileaks for leaking the material, but criminal conduct on behalf of the CIA and US Government for developing and using all of these hacking tools in the first place.
The fact of the matter is that every tool Wikileaks releases exposes yet another felony operation by the United States Government. Considering that the US Department of Justice controls the FBI and Wikileaks has just exposed how the FBI was secretly hacked against their will, I can not understand for the life of me why the DOJ is not launching a criminal investigation into CIA leaders and their employees. A federal position in the United States Government does not give someone blanket immunity to carry out criminal acts whenever they want, against whomever they want.
Until an investigation is formally launched into the CIA, I will continue to maintain that accountability in the United States Government does not exist. In fact, I can only write this article today because several US agencies, including the FBI and CIA, have both been allowed to act without over-site or accountability for so long in the past. Until any of this changes, expect more of the same problems you are reading about today t re-occur throughout the future.
Categories: Hacking News