Separately, Secretary of State Hillary Clinton called on corporations to do “human-rights due diligence” before making sales in new markets.

“In recent months we’ve seen cases where companies’ products and services were used as tools of oppression,” Mrs. Clinton told a conference on Internet freedom in the Netherlands.

Read the rest of this post on the original site »

It doesn’t.

While CIQ might “listen”* to a smartphone’s keyboard, it’s listening for very specific information. Company executives insist it doesn’t log or understand keystrokes. It’s simply looking for numeric sequences that trigger a diagnostic cue within the software. If it hears that cue, it transmits diagnostics to the carrier.

So, for example, if during a support call a technician asks a customer to enter a short code, CIQ will be listening for it; when it’s entered, CIQ will relay the appropriate diagnostic information to the carrier. Any keystrokes beyond that are ignored.

“The software receives a huge amount of information from the operating system,” Andrew Coward, Carrier IQ’s VP of marketing, told AllThingsD. “But just because it receives it doesn’t mean that it’s being used to gather intelligence about the user or passed along to the carrier.”

So what are we really seeing in security researcher Trevor Eckhart’s video, which shows Carrier IQ collecting all sorts of information about how a phone is being used and where?

“What the Eckhart video demonstrates is that there’s a great deal of information available on a handset,” says Coward. “What it doesn’t show is that all information is processed, stored, or forwarded out of the device.”

Okay. Then what information is being captured and passed along to the carriers who use Carrier IQ? Data related to call quality, battery life, device crashes — everything you’d expect, really.

“If there’s a dropped call, the carriers want to know about it,” says Coward. “So we record where you were when the call dropped, and the location of the tower being used. … Similarly, if you send an SMS to me and it doesn’t go through, the carriers want to know that, too. And they want to know why — if it’s a problem with your handset or the network.”

And Coward is quick to point out that CIQ isn’t doing anything nefarious with our text messages, either.

“We don’t read SMS messages. We see them come in. We see the phone numbers attached to them. But we are not storing, analyzing or otherwise processing the contents of those messages.”

The same is true of Web site URLs. CIQ has the ability to capture them, but not the associated content. So it might note a device having trouble accessing Facebook, but not the content on Facebook itself.

Which is reassuring. That said, CIQ still has the ability to capture a wide variety of user data. So who is determining what exactly is being collected?

The carriers. They decide what’s to be collected and how long it’s stored — typically about 30 days. And according to Carrier IQ, the data is in their control the whole time.

“It’s the operator that determines what data is collected,” says Carrier IQ CEO Larry Lenhart. “They make that decision based on their privacy standards and their agreement with their users, and we implement it.”

On this point, Lenhart is particularly emphatic. “We capture only the data they specify, and provide it to them,” he reiterates. “We don’t capture more than that.”

Which sounds a bit like “we only do what they asked us to,” but, as Coward reminds us, the carriers’ behavior is governed by their contract with customers.

“What’s actually gathered, stored and transmitted to the carrier is determined by its end-user agreement,” he says. “And, as I’m sure you’re aware, the carriers are highly sensitive about what data they’re allowed to capture and what they’re not allowed to capture.”

One last question: Does Carrier IQ share the data it collects with other third parties beyond the carriers? A vehement no from Lenhart. “The data is the consumer’s data,” he says. “We would never take that data and distrubute it to a third party. We are prohibited from doing that by our agreements.”

Trevor Eckhart did not respond to a request for comment.

(*Handy euphemism for “pattern match filtering.”)

Here’s a freshly released Carrier IQ statement:

MOUNTAIN VIEW, Calif., Dec 01, 2011 (BUSINESS WIRE) — To clarify misinformation on the functionality of Carrier IQ software, the company is updating its statement from November 23rd 2011 as follows:

We measure and summarize performance of the device to assist Operators in delivering better service.

While a few individuals have identified that there is a great deal of information available to the Carrier IQ software inside the handset, our software does not record, store or transmit the contents of SMS messages, email, photographs, audio or video. For example, we understand whether an SMS was sent accurately, but do not record or transmit the content of the SMS. We know which applications are draining your battery, but do not capture the screen.

“Having examined the Carrier IQ implementation it is my opinion that allegations of keystroke collection or other surveillance of mobile device user’s content are erroneous,” asserts Rebecca Bace of Infidel Inc. a respected security expert.

Privacy is protected. Consumers have a trusted relationship with Operators and expect their personal information and privacy to be respected. As a condition of its contracts with Operators, CIQ operates exclusively within that framework and under the laws of the applicable jurisdiction. The data we gather is transmitted over an encrypted channel and secured within our customers’ networks or in our audited and customer-approved facilities.

Carrier IQ is aware of various commentators alleging Carrier IQ has violated wiretap laws and we vigorously disagree with these assertions.

Our software makes your phone better by delivering intelligence on the performance of mobile devices and networks to help the Operators provide optimal service efficiency. We are deployed by leading Operators to monitor and analyze the performance of their services and mobile devices to ensure the system (network and handsets) works to optimal efficiency. Operators want to provide better service to their customers, and information from the device and about the network is critical for them to do this. While in-network tools deliver information such as the location of calls and call quality, they do not provide information on the most important aspect of the service – the mobile device itself.

Carrier IQ acts as an agent for the Operators. Each implementation is different and the diagnostic information actually gathered is determined by our customers — the mobile Operators. Carrier IQ does not gather any other data from devices.

CIQ is the consumer advocate to the mobile operator, explaining what works and what does not work. Three of the main complaints we hear from mobile device users are (1) dropped calls, (2) poor customer service, and (3) having to constantly recharge the device. Our software allows Operators to figure out why problems are occurring, why calls are dropped, and how to extend the life of the battery. When a user calls to complain about a problem, our software helps Operators’ customer service more quickly identify the specific issue with the phone.

Related Posts on Carrier IQ:

• Exclusive Interview: Carrier IQ Gets Transparent About Its Mobile Monitoring
• Carrier IQ: How to Hack Back Your Phone
  
• Carrier IQ Speaks: Our Software Monitors Service Messages, Ignores Other Data
• Apple: We Stopped Supporting Carrier IQ With iOS 5
• RIM, HTC, Google on Carrier IQ: Blame the Carriers
• Carrier IQ Improves My Wireless Service by Logging My Keystrokes? Please Explain.

Full Carrier IQ Coverage »

Smartphone manufacturers are fast lining up to distance themselves from the Carrier IQ privacy debacle. Responding to reports that Carrier IQ’s smartphone diagnostics software has been found on their handsets, Research In Motion and HTC issued statements today denying responsibility for it, and Google said it had no control over the matter.

None of them admitted to installing or authorizing their carrier partners to install the software which security researchers have shown to log essentially every keystroke made on devices on which it is running.

RIM claimed to have nothing to do with Carrier IQ on its devices.

“RIM is aware of a recent claim by a security researcher that an application called ‘CarrierIQ’ is installed on mobile devices from multiple vendors without the knowledge or consent of the device users,” the company said in a statement. “RIM does not pre-install the CarrierIQ app on BlackBerry smartphones or authorize its carrier partners to install the CarrierIQ app before sales or distribution. RIM also did not develop or commission the development of the CarrierIQ application, and has no involvement in the testing, promotion, or distribution of the app. RIM will continue to investigate reports and speculation related to CarrierIQ.”

HTC went one step further, fingering the carriers outright. “Carrier IQ is required on devices by a number of U.S carriers so if consumers or media have any questions about the practices relating to, or data collected by, Carrier IQ we’d advise them to contact their carrier,” the company said, stressing that it is not a customer or partner of Carrier IQ. “HTC is investigating the option to allow consumers to opt-out of data collection by the Carrier IQ application,” it added.

Google also disclaimed any connection, saying, “We do not have an affiliation with CarrierIQ. Android is an open source effort and we do not control how carriers or OEMs customize their devices.” 

Carrier IQ and Sprint haven’t yet returned requests for comment. AT&T said simply, “In line with our privacy policy, we solely use CIQ software data to improve wireless network and service performance.”

Verizon claims not to use Carrier IQ, though telecom industry sources tell me it almost certainly uses something similar to it.

Related Posts on Carrier IQ:

• Exclusive Interview: Carrier IQ Gets Transparent About Its Mobile Monitoring
• Carrier IQ: How to Hack Back Your Phone
  
• Carrier IQ Speaks: Our Software Monitors Service Messages, Ignores Other Data
• Apple: We Stopped Supporting Carrier IQ With iOS 5
• RIM, HTC, Google on Carrier IQ: Blame the Carriers
• Carrier IQ Improves My Wireless Service by Logging My Keystrokes? Please Explain.

Full Carrier IQ Coverage »

In an 18-minute video clip posted to YouTube, Eckhart demonstrates Carrier IQ’s software as it records virtually all keystrokes made on an HTC Evo 3D. Worse still, it’s shown logging encrypted Web searches, text messages and, well, you name it. In other words, it’s entirely possible that the wireless carriers who install Carrier IQ’s software on cellphones are able to watch what their subscribers are doing on their phones as they do it. Says Eckhart, “So, instead of seeing dropped calls in California, they now know ‘Joe Anyone’s’ location at any given time, what he is running on his device, keys being pressed, applications being used.”

Disconcerting to say the least. More so since Carrier IQ claims its “Mobile Intelligence platform” is currently deployed on more than 150 million devices worldwide, generally installed by the carrier. Eckhart says he’s found it on Android and BlackBerry devices, and others have found evidence of it on iOS, though it does appear to be disabled by default (if it is enabled, it can be turned off pretty simply).

As privacy violations go, this one seems particularly outrageous, though Carrier IQ would likely describe that characterization as an overreaction. It claims it doesn’t track keystrokes, nor does it sell information to third parties.

“While we look at many aspects of a device’s performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools,” the company said in a statement. “The metrics and tools we derive are not designed to deliver such information, nor do we have any intention of developing such tools.”

That’s great, but it doesn’t really explain what we see in the video above, in which the application is very clearly logging keystrokes.

If Carrier IQ isn’t recording keystrokes, why is it logging them?

That’s a question U.S. Sen. Al Franken (D-Minn.) would like answered. In a letter to Carrier IQ President and CEO Larry Lenhart today, Franken called on the exec to explain exactly what information the software records, whether that information is transmitted to Carrier IQ or to other companies, and whether that information is shared with anyone else.

“… It appears that Carrier IQ’s software captures a broad swath of extremely sensitive information from users that would appear to have nothing to do with diagnostics—including who they are calling, the contents of the texts they are receiving, the contents of their searches, and the websites they visit,” Franken wrote. “These actions may violate federal privacy laws, including the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act. This is potentially a very serious matter.”

Related Posts on Carrier IQ:

• Exclusive Interview: Carrier IQ Gets Transparent About Its Mobile Monitoring
• Carrier IQ: How to Hack Back Your Phone
  
• Carrier IQ Speaks: Our Software Monitors Service Messages, Ignores Other Data
• Apple: We Stopped Supporting Carrier IQ With iOS 5
• RIM, HTC, Google on Carrier IQ: Blame the Carriers
• Carrier IQ Improves My Wireless Service by Logging My Keystrokes? Please Explain.

Full Carrier IQ Coverage »

The sponsor, Rep. Chris Smith (R., N.J.), said the proposed legislation is in response to reports that some governments have used American products to crack down on dissidents.

“How will all these dictatorships ever matriculate into democracy if the dissenters … are all in prison, hunted down with high-tech capabilities sold or acquired through U.S.-listed companies?” Mr. Smith said.

Read the rest of this post on the original site »

The techniques described in the trove of 200-plus marketing documents include hacking tools that enable governments to break into people’s computers and cellphones, and “massive intercept” gear that can gather all Internet communications in a country.

Read the rest of this post on the original site »

The recently abandoned room is lined with posters and English-language training manuals stamped with the name Amesys, a unit of French technology firm Bull SA, which installed the monitoring center. A warning by the door bears the Amesys logo. The sign reads: “Help keep our classified business secret. Don’t discuss classified information out of the HQ.”

The room, explored Monday by The Wall Street Journal, provides clear new evidence of foreign companies’ cooperation in the repression of Libyans under Col. Gadhafi’s almost 42-year rule. The surveillance files found here include emails written as recently as February, after the Libyan uprising had begun.

Read the rest of this post on the original site »

The system, being built in the city of Chongqing over the next two to three years, is among the largest and most sophisticated video surveillance projects of its kind in China and perhaps the world. Dubbed “Peaceful Chongqing,” it is planned to cover a half-million intersections, neighborhoods and parks over nearly 400 square miles, an area more than 25 percent larger than New York City.

Read the rest of this post on the original site »

For almost two years, Alex Pentland at the Massachusetts Institute of Technology has tracked 60 families living in campus quarters via sensors and software on their smartphones–recording their movements, relationships, moods, health, calling habits and spending. In this wealth of intimate detail, he is finding patterns of human behavior that could reveal how millions of people interact at home, work and play.

Read the rest of this post on the original site »

The technology, known as “deep packet inspection,” is capable of reading and analyzing the “packets” of data traveling across the Internet. It can be far more powerful than “cookies” and other techniques commonly used to track people online because it can be used to monitor all online activity, not just Web browsing. Spy agencies use the technology for surveillance.

Now, two U.S. companies, Kindsight Inc. and Phorm Inc., are pitching deep packet inspection services as a way for Internet service providers to claim a share of the lucrative online ad market.

Read the rest of this post on the original site

“We think it sets a dangerous precedent.”

–State Department spokesman P.J. Crowley on the United Arab Emirates BlackBerry ban

Coming as it does after the State Department’s condemnation of the United Arab Emirates demand for oversight of BlackBerry mobile services, a White House-sponsored bill that would require all Internet-based communication services to be technically capable of intercepting and unscrambling encrypted messages on behalf of the government seems more than a little ironic.

Sadly, that irony appears to have been lost on the Obama administration, which plans to submit the bill for congressional deliberation next year despite the unsettling implications. Requiring providers of encrypted communications services to create back doors through which government officials with a wiretap order can eavesdrop carries no guarantee that only government officials with wiretap orders will use them, is it?

“Back door” is really just another term for vulnerability, and there are plenty of interests out there willing to try their hand at exploiting them. And that’s without including the National Security Agency.

“I think it’s a disaster waiting to happen,” Columbia University computer science professor Steven Bellovin told The New York Times. “If they start building in all these back doors, they will be exploited.”

With its admission last week that its Street View cars unwittingly captured data sent over unsecured wireless Wi-Fi networks, Google (GOOG) appears to have run afoul of regulators on both sides of the Atlantic.

Sources familiar with the matter tell the Financial Times that the Federal Trade Commission is considering an inquiry into the matter, and the panel of European privacy regulators that advises the European Commission is calling for a full investigation to determine exactly what information was collected and whether the manner of its collection was a violation of privacy law.

The Europeans seem particularly miffed over the cock-up and Google’s explanation for it, which they find a bit suspect. Over the weekend, Peter Schaar, Germany’s federal commissioner for data protection and freedom of information, fired off a caustic blog post questioning the credibility of the company’s claim that personal data were collected accidentally.

“So everything was a simple oversight, a software error!” Schaar wrote. “The data was collected and stored against the will of the project’s managers and other managers at Google. If we follow this logic further, this means: The software was installed and used without being properly tested beforehand. Billions of bits of data were mistakenly collected, without anyone in Google noticing it, including Google’s own internal data protection managers, who two weeks ago were defending to us the company’s internal data protection practices.”

Have to admit, he does have a point. How does a company with Google’s smarts and technological acumen collect and store Wi-Fi network payload data in more than 30 countries for three years without being aware of it?

Mistakes are made, I suppose. But the breadth of this one is pretty incredible. As Marc Rotenberg, executive director of the Electronic Privacy Information Center, told the Financial Times, “This may be one of the most massive surveillance incidents by a private corporation that has ever occurred. It is unprecedented vacuuming of WiFi data by a private company. Can you imagine what would happen if a German corporation was sending cars through Washington sucking up all this information?”

Yes, but to err is human…

“We actually did an evil scale and decided not to serve at all was worse evil.”

– Google CEO Eric Schmidt on the company’s decision to offer a censored version of its search services in China, Jan. 30, 2006

Evidently Google is taking its informal “don’t be evil motto” a bit more seriously these days. The search sovereign threatened late Tuesday to pull out of its operations in China after detecting a “highly sophisticated and targeted attack on [its] corporate infrastructure originating from China.” Targeted in the assault: The Gmail accounts of Chinese human rights activists.

“These attacks and the surveillance they have uncovered–combined with the attempts over the past year to further limit free speech on the web–have led us to conclude that we should review the feasibility of our business operations in China,” Google’s chief legal officer, David Drummond, wrote in a post to the company blog.

“We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all,” Drummond added. “We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.”

Shut down Google.cn, and potentially our offices in China? Hmm. What’s the Chinese word for “Bing”?

Drummond didn’t directly accuse the Chinese government of orchestrating the incursion, but he certainly seems to be implying there’s a link. And you’d think one would have to exist for Google (GOOG) to threaten pull out of a country that has more Internet users than the total population of the U.S.–even if its efforts to gain market share there haven’t met with the same success as in the rest of the world.

It’s tough to stake your claim in a country where the government favors the local rival and blocks your traffic if you fail to censor. Baidu’s share of the Chinese search market in the third quarter was 77 percent, up from 75.6 percent. Google’s share for the same period? Just 17 percent, down from 19 percent.

So, to some extent, Google can probably threaten to leave China because the country accounts for such a small portion of its revenue. On the other hand, China leads the world in Internet users and presents a hell of a market opportunity–large enough that Google willingly provided a censored version of its services as a prerequisite for doing business there. Or, rather, it used to.

At $395.50 Baidu shares are up more than two percent after hours on the news. Google shares are down 1.6 percent at $581.01.

Drummond’s post in full, below, as well as another on the safety of data on Google by Dave Girouard, President of Google Enterprise:

A new approach to China

Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google. However, it soon became clear that what at first appeared to be solely a security incident–albeit a significant one–was something quite different.

First, this attack was not just on Google. As part of our investigation we have discovered that at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors–have been similarly targeted. We are currently in the process of notifying those companies, and we are also working with the relevant U.S. authorities.

Second, we have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective. Only two Gmail accounts appear to have been accessed, and that activity was limited to account information (such as the date the account was created) and subject line, rather than the content of emails themselves.

Third, as part of this investigation but independent of the attack on Google, we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users’ computers.

We have already used information gained from this attack to make infrastructure and architectural improvements that enhance security for Google and for our users. In terms of individual users, we would advise people to deploy reputable anti-virus and anti-spyware programs on their computers, to install patches for their operating systems and to update their web browsers. Always be cautious when clicking on links appearing in instant messages and emails, or when asked to share personal information like passwords online. You can read more here about our cyber-security recommendations.

We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, but also because this information goes to the heart of a much bigger global debate about freedom of speech. In the last two decades, China’s economic reform programs and its citizens’ entrepreneurial flair have lifted hundreds of millions of Chinese people out of poverty. Indeed, this great nation is at the heart of much economic progress and development in the world today.

We launched Google.cn in January 2006 in the belief that the benefits of increased access to information for people in China and a more open Internet outweighed our discomfort in agreeing to censor some results. At the time we made clear that “we will carefully monitor conditions in China, including new laws and other restrictions on our services. If we determine that we are unable to achieve the objectives outlined we will not hesitate to reconsider our approach to China.”

These attacks and the surveillance they have uncovered–combined with the attempts over the past year to further limit free speech on the web–have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.

The decision to review our business operations in China has been incredibly hard, and we know that it will have potentially far-reaching consequences. We want to make clear that this move was driven by our executives in the United States, without the knowledge or involvement of our employees in China who have worked incredibly hard to make Google.cn the success it is today. We are committed to working responsibly to resolve the very difficult issues raised.

Keeping your data safe

Many corporations and consumers regularly come under cyber attack, and Google is no exception. We recently detected a cyber attack targeting our infrastructure and that of at least 20 other publicly listed companies. This incident was particularly notable for its high degree of sophistication. We believe Google Apps and related customer data were not affected by this incident. Please read more about our public response on the Official Google Blog.

This attack may understandably raise some questions, so we wanted to take this opportunity to share some additional information and assure you that Google is introducing additional security measures to help ensure the safety of your data.

This was not an assault on cloud computing. It was an attack on the technology infrastructure of major corporations in sectors as diverse as finance, technology, media, and chemical. The route the attackers used was malicious software used to infect personal computers. Any computer connected to the Internet can fall victim to such attacks. While some intellectual property on our corporate network was compromised, we believe our customer cloud-based data remains secure.

While any company can be subject to such an attack, those who use our cloud services benefit from our data security capabilities. At Google, we invest massive amounts of time and money in security. Nothing is more important to us. Our response to this attack shows that we are dedicated to protecting the businesses and users who have entrusted us with their sensitive email and document information. We are telling you this because we are committed to transparency, accountability, and maintaining your trust.

“According to complaints from many residents, Google’s English language search engine has spread large amounts of vulgar content that is lascivious and pornographic, seriously violating China’s relevant laws and regulations,” foreign ministry spokesman Qin Gang told a regularly scheduled news conference. “I’d like to stress that google.com, as an Internet enterprise providing services in China, should earnestly abide by Chinese laws and regulations.”

The disruption of Google (GOOG) services follows a widely criticized mandate from Beijing requiring all computers sold in the country to include Green Dam, an application designed to prevent citizens from viewing “offensive” content, which in the Chinese government’s case includes all manner of material. From a report by the Open Net Initiative, an academic consortium dedicated to the study of censorship and surveillance:

The version of the Green Dam software that we tested, when operating under its default settings, is far more intrusive than any other content control software we have reviewed. Not only does it block access to a wide range of web sites based on keywords and image processing, including porn, gaming, gay content, religious sites and political themes, it actively monitors individual computer behavior, such that a wide range of programs including word processing and email can be suddenly terminated if content algorithm detects inappropriate speech. The program installs components deep into the kernel of the computer operating system in order to enable this application layer monitoring. The operation of the software is highly unpredictable and disrupts computer activity far beyond the blocking of websites.

…The deeply intrusive nature of the software opens up several possibilities for use other than filtering material harmful to minors. With minor changes introduced through the auto-update feature, the architecture could be used for monitoring personal communications and Internet browsing behavior. Log files are currently recorded locally on the machine, including events and keywords that trigger filtering. The auto-update feature can used to change the scope and targeting of filtering without any notification to users.

Yesterday Dodd, along with Sen. Russ Feingold (D., Wis.) said they plan to take steps to block FISA as long as it grants retroactive immunity to telecoms complicit in the Bush administration’s warrantless surveillance program. “No one seriously wants to financially cripple our telecommunications industry,” Dodd said in remarks before the Senate last night. “The point is to bring checks and balances back to domestic spying. Setting that precedent would hardly require a crippling judgment. It’s much more troubling, though, that our director of National Intelligence even bothers to speak to ‘liability protection for private-sector entities.’ This isn’t the Secretary of Commerce we’re talking about, but the head of our nation’s intelligence efforts. For that matter, how does that even begin to be relevant to letting this case go forward? Since when did we throw entire suits out because the defendant stood to lose too much? It astounds me that some can speak in the same breath about national security and bottom lines. Approve immunity, and Congress will state clearly: The richer you are, the more successful you are, the more lawless you are entitled to be. A suit against you is a danger to the Republic! And so, at the rock-bottom of its justifications, the telecoms’ advocates are essentially arguing that immunity can be bought.”

And, according to MAPlight’s analysis of PAC campaign contributions from Verizon (VZ), AT&T (T) and Sprint (S), it can.

To prevail, Dodd’s filibuster must be supported by 41 of the 100 senators. If its opponents can muster 60 votes–a distinct possibility given the number of Democrat’s who’ve compromised with the Republican White House on this issue–it will fail. And the 40 or so lawsuits over civil-liberties violations arising from the Bush administration’s controversial domestic wiretap program will be dismissed.

U.S. House and Senate leaders agreed yesterday to extend the Bush administration’s controversial wiretap program through at least 2012 and grant immunity to the telcos that participated in its warrantless domestic surveillance operation. Great news for AT&T (T) and other companies facing some 40 lawsuits over civil liberties violations arising from the program. Lousy news for those who filed them. “The lawsuits will be dismissed, and we feel comfortable that the standard of evidence that the law requires will be easily met,” said House Minority Whip Roy Blunt, R-Mo., bluntly.

Comfortable that the standard of evidence the law requires will be met? How could you not be? The law allows the government to conduct “emergency wiretaps” without court orders on U.S. citizens for up to a week if the information is sensitive and the director of national intelligence fears it might be lost by seeking proper authorization.

Shades of J. Edgar Hoover, no? Said Rep. Barbara Lee (D., Calif.), co-chair of the House’s Progressive Caucus, “This bill scares me to death.“

U.S. House and Senate leaders agreed yesterday to extend the Bush administration’s controversial wiretap program through at least 2012 and grant immunity to the telcos that participated in its warrantless domestic surveillance operation. Great news for AT&T (T) and other companies facing some 40 lawsuits over civil liberties violations arising from the program. Lousy news for those who filed them. “The lawsuits will be dismissed, and we feel comfortable that the standard of evidence that the law requires will be easily met,” said House Minority Whip Roy Blunt, R-Mo., bluntly.

Comfortable that the standard of evidence the law requires will be met? How could you not be? The law allows the government to conduct “emergency wiretaps” without court orders on U.S. citizens for up to a week if the information is sensitive and the director of national intelligence fears it might be lost by seeking proper authorization.

Shades of J. Edgar Hoover, no? Said Rep. Barbara Lee (D., Calif.), co-chair of the House’s Progressive Caucus, “This bill scares me to death.“

That’s a good question to ask in light of FBI Director Robert Mueller’s call for “omnibus” Internet surveillance. In testimony to the Judiciary Committee of the House of Representatives on Wednesday, Mueller suggested legislation be passed that would give the bureau the right to monitor the Internet at the backbone level.

Said Mueller: “I think legislation has to be developed that balances on one hand, the privacy rights of the individual who are receiving the information, but on the other hand, given the technology, the necessity of having some omnibus search capability utilizing filters that would identify the illegal activity as it comes through and give us the ability to preempt that illegal activity where it comes through a choke point as opposed to the point where it is diffuse on the Internet.”

Shades of Carnivore, right? The “choke point” to which Mueller alludes is presumably the National Security Agency, which has been probing the data passing through the Internet backbone like some Orwellian spinal surgeon. Which is a little frightening. Because the packets of data being passed back and forth over the Internet don’t come prelabeled. There’s no “ILLEGAL ACTIVITY” designation. It’s just activity, and Mueller would apparently like permission to survey it all.

While respecting the privacy rights of the individual, of course. Thoughtful.

That’s a good question to ask in light of FBI Director Robert Mueller’s call for “omnibus” Internet surveillance. In testimony to the Judiciary Committee of the House of Representatives on Wednesday, Mueller suggested legislation be passed that would give the bureau the right to monitor the Internet at the backbone level.

Said Mueller: “I think legislation has to be developed that balances on one hand, the privacy rights of the individual who are receiving the information, but on the other hand, given the technology, the necessity of having some omnibus search capability utilizing filters that would identify the illegal activity as it comes through and give us the ability to preempt that illegal activity where it comes through a choke point as opposed to the point where it is diffuse on the Internet.”

Shades of Carnivore, right? The “choke point” to which Mueller alludes is presumably the National Security Agency, which has been probing the data passing through the Internet backbone like some Orwellian spinal surgeon. Which is a little frightening. Because the packets of data being passed back and forth over the Internet don’t come prelabeled. There’s no “ILLEGAL ACTIVITY” designation. It’s just activity, and Mueller would apparently like permission to survey it all.

While respecting the privacy rights of the individual, of course. Thoughtful.

The U.S. Senate approved espionage legislation yesterday that would not only grant the National Security Agency sweeping new powers to intercept international phone calls and emails, but it would also grant retroactive immunity to the telecom companies that participated in the government’s post-9/11 warrantless domestic spying program.

With a 68-29 vote, the Senate passed the revision to the 30-year-old Foreign Intelligence Surveillance Act along to the House of Representatives, which has already taken issue with its telecom-immunity provision. Said Sen. Chris Dodd (D., Conn.), “[The Senate has] just sanctioned … the single largest invasion of privacy in the history of the country.“

Sen. Russell Feingold (D., Wis.) was equally incredulous. “It is inconceivable that any telephone companies that allegedly cooperated with the administration’s warrantless wiretapping program did not know what their obligations were,” he said. “And it is just as implausible that those companies believed they were entitled to simply assume the lawfulness of a government request for assistance.”

Ah. And that being the case, it follows that we shouldn’t simply assume the lawfulness of a government request for broader clandestine surveillance powers. Right?

Said Michael Sussmann, a former Justice Department intelligence lawyer who represents several telecommunication companies: “This is a dramatic restructuring of surveillance law. And the thing that’s so dramatic about this is that you’ve removed the court review. There may be some checks after the fact, but the administration is picking the targets.”

Welcome to Oceania …

Today the NSA-preferred telecom announced AT&T Remote Monitor, a package of IP video cameras and environmental sensors with which to surveil business locations and the employees who work in them. “It’s a unique and affordable option for a small business that wants to keep in touch with various locations,” Steve Loop, executive director for business development at AT&T, told the New York Times. “It saves them a lot of time in their day from having to physically go to all of their locations.”

Bet that’s exactly how the NSA felt when AT&T provided it with access to millions of email messages, Web-browsing sessions and phone calls. Anyway … AT&T’s touting the service as an easy way to monitor employees, customers and operations, which folks like restaurateur Beaux Roby says is a necessity. “It is Big Brother,” Roby said, “but in this day and age, you need these type of tools.”

And AT&T is, of course, ready and willing to provide them–whether it’s busting time-wasting employees, filtering the Internet for widespread copyright infringement or building that massive database of Americans’ phone calls.