On Monday, eight major tech companies launched an unprecedented campaign asking President Obama and Congress to make sweeping reforms to the surveillance programs first revealed by former NSA contractor Edward Snowden. The companies—AOL, Apple, Facebook, Google, LinkedIn, Microsoft, Twitter and Yahoo—asked for an international ban on bulk Internet data collection (like that reportedly permitted under the NSA's PRISM program), as well as more public reports and independent oversight.
"We understand that governments have a duty to protect their citizens. But this summer’s revelations highlighted the urgent need to reform government surveillance practices worldwide," the companies wrote in an open letter to the president and members of Congress. "The balance in many countries has tipped too far in favor of the state and away from the rights of the individual rights that are enshrined in our Constitution. This undermines the freedoms we all cherish. It’s time for change."
The companies asked governments worldwide to enact five major reforms: End bulk collection of Internet communications; Ensure that courts reviewing the decisions made by intelligence communities are independent and push back (the Foreign Intelligence Surveillance Court has been criticized as a "rubber stamp"); allow tech companies to publish the number and type of government demands; establish a treaty to govern "lawful" data requests worldwide; and make it easier for companies to exchange data across borders. (My colleague Kevin Drum outlined these demands in more detail here.)
Tech companies have been vocal about their desire to publish more information about government demands before, and they've also been independently rolling out "Perfect Forward Secrecy"—encryption that makes it much harder for the NSA to snoop. But this is the first time that these companies have joined together to explicitly ask the US government to "limit surveillance to specific, known users for lawful purposes, and [not] undertake bulk data collection of Internet communications." The reforms closely mirror those included in the USA FREEDOM Act, introduced by Rep. James Sensenbrenner (R-Wis.) and Sen. Patrick Leahy (D-Vt.), and go much further than the reforms proposed in a competing bill backed by Sen. Dianne Feinstein (D-Calif.), the chair of the Senate intelligence committee.
The Guardian notes that these companies are asking for global reforms, likely because they're concerned that "competing national responses to the Snowden revelations will not only damage their commercial interests but also lead to a balkanisation of the web as governments try to prevent internet companies from escaping overseas." Brad Smith, General Counsel and Executive Vice President of Legal and Corporate Affairs at Microsoft, confirmed that there is an obvious business incentive for tech companies to stand against NSA spying: "People won’t use technology they don’t trust. Governments have put this trust at risk, and governments need to help restore it."
Last month, I reported on the "sumangali girls" in India, workers who are lured to textile factories on the promise that they will earn enough money for a dowry or higher education—but instead end up working long hours for little pay in exploitative conditions.
Since the story came out, many readers have asked how they can support fair labor with their purchases. Unfortunately, there's not one easy answer. As NPR's new Planet Money series illustrates, tracing a T-shirt from cotton field to store shelf is complicated business. But consumers can help. Here are seven tips to keep in your pocket during your holiday shopping:
1. Check the label.
For clothing that is not made in the United States, check out Fair Trade USA, a certification group that evaluates all parts of companies' supply chains. Between March 2010 and June 2012, only 4 out of 55 factories in 23 countries it considered were immediately certified. Today, the group certifies certain products made by these five companies. Social Accountability International is another good resource for which factories have undergone auditing. Some individual companies (like H&M) post some information about the factories they buy from online.
Another approach: Buy only clothes made in the United States, where labor laws are comparatively strong. As Mac McClelland reports, building an entire wardrobe out of made-in the-USA labels can be tough. But don't give up: Here is a list of stores to get you started.
And if you do decide to go the made-in the USA route, here's something to keep in mind: In order to earn a USA label, "all or virtually all" of a product must be produced here, according to Federal Trade Commission (FTC) requirements. However, garments made of fabric sewn in the United States are allowed to have a USA label "regardless of where materials earlier in the manufacturing process (for example, the yarn and fiber) came from." So it's possible that cotton production and spinning for your skinny jeans' denim, for example, could take place in India, but the jeans would still earn a USA label.
2. Buy used clothes.
Cheon Fong Liew/Flickr
At $15 a pair, your leopard-print pumps can fall apart after you wear them once—and you'll still be able to replace them without breaking the bank. As Elizabeth Cline noted in her book, Overdressed: The Shockingly High Cost of Cheap Fashion, Americans are "buying and hoarding roughly 20 billion garments per year." Keeping prices low encourages suppliers to drive their costs down abroad, so one way to beat the cycle is to reuse what's already out there by shopping at thrift stores, consignment shops, and online resale sites. Buffalo Exchange, eBay, and Bib+Tuck are good options. (Goodwill has been criticized in Forbes and NBC News for paying disabled workers below minimum wage, so check with your local store.)
3. Support small clothing companies that don't allow exploitation in their factories.
Look for companies that build fair labor into their business models. Alta Gracia, for example, makes its clothes in the Dominican Republic, but pays three times the local minimum wage and allows workers to unionize. San Francisco-based Everlane publishes information about its factories, providing full reports on each one with photos and owners' names. Its prices are comparable to those of chains like Urban Outfitters and the GAP.
4. Support big clothing companies making progress.
Sometimes, US companies respond to consumer boycotts by pulling out of a region entirely, leaving local workers without any jobs at all. So instead of boycotting, consider buying from companies whose social responsibility initiatives you believe in. H&M, for example, offers discounts to shoppers who recycle their clothing at its stores. Levi Strauss & Co. gives money to Social Awareness and Voluntary Education, which provides rehabilitation for sumangali workers in India. Eileen Fisher manufactures 10-20 percent of its products domestically and conducts mandatory anti-trafficking trainings for managers and workers at its Chinese factories.
5. Support companies that are making their factories safer.
Last April, Bangladesh's Rana Plaza collapsed, killing more than 1,000 garments workers, many of whom were reportedly making clothing for US companies. Following that incident, more than 100 garment companies signed a legally binding agreement requiring the signatories to share the costs of safety upgrades in more than 1000 factories over the next five years. To see a list of which companies have signed, click here.
In 2012, the anti-trafficking organization Free2Work released a comprehensive report comparing US clothing companies' labor practices. The Fair Labor Association regularly publishes reports on garment factory conditions around the world, as does Anti-Slavery International and the Clean Clothes Campaign. These organizations send researchers to conduct independent interviewers with workers on the ground, providing a more complete picture of the industry.
7. Ask yourself: Do I really need this?
Because a lot of the time, that new T-shirt simply isn't worth it.
When 27-year-old Samy Kamkar—a security researcher who famously made one million Myspace friends in a single day—heard the announcement on Sunday that Amazon was planning to start delivering packages via drone in 2015, he had an idea. He knew that whenever new technology, like drones, becomes popular quickly, there are bound to be security flaws. And he claims that he found one within 24 hours and promptly exploited it: America, meet the zombie drone that Kamkar says hunts, hacks, and takes over nearby drones. With enough hacks, a user can allegedly control an entire zombie drone army capable of flying in any direction, taking video of your house, or committing mass drone-suicide.
"I've been playing with drones for a few years," Kamkar, who is based in Los Angeles, tells Mother Jones. "I'm sure that with most of the drones out there, if you scrutinize the security, you'll find some kind of vulnerability." Kamkar says that the Amazon announcement was an opportunity to point out that drone security has room for improvement.
Kamkar's hack, also known as "Skyjack," was performed on a Parrot AR Drone 2 (More than 500,000 Parrot drones have been sold since 2010, and it's been used to help collected flight data for the European Space Agency.) It's unknown what kind of drone Amazon will end up using, but these drones have high-definition photo and video, a flying range of about 165 feet, and can be controlled using an iPhone or an iPad. Kamkar equipped his drone with a battery, a wireless transmitter, and a Raspberry Pi computer—the total of which costs about $400, including the drone. Then, he wrote software (which he made available on the open-source website GitHub, for anyone to use) that he says allows his drone to find wireless signals of other Parrot drones in the area and disconnect the wireless connection of another drone's original user, giving Kamkar—or any user with the software—control over both drones. The drones can even be forced to self-deactivate and drop out of the sky. "How fun would it be to take over drones carrying Amazon packages…or take over any other drones, and make them my little zombie drones. Awesome,"writes Kamkar.
Parrot did not respond to request for comment, but the BBC notes that, "experts said Parrot appeared to have ignored well-known guidelines" to prevent this kind of hack. Christopher Budd, a threat communications manager for Trend Micro, a data security company, tells Mother Jones that "reading what he's got, on the face of it, it certainly sounds like a plausible proof-of-concept" but says Parrot still needs to validate it.
Here's a video:
So does this mean that your Amazon blender will be attacked by a hoard of hungry zombie drones? Not necessarily: "Amazon would be able to make drones that are immune to this," Kamkar tells Mother Jones, claiming that the Parrot Drone's wi-fi system is not fully encrypted, which is a security measure that Amazon would be likely to take. (Amazon did not respond to Mother Jones request for comment.) "I just want people to be concerned enough that it forces these drone makers to take an additional look at them. When you have enough people scrutinizing technology, you're going to have added security and added attention, and that's the benefit."
That's certainly how companies have responded to Kamkar's hacks before: After he crippled Myspace in 2005 using what some called the fastest spreading virus up to that point—(he was arrested and convicted under California penal code, and Kamkar says, "community service was a blast!")—Myspace revamped its security procedures. Still, even if Amazon manages to fend off the zombie drones, it faces other obstacles—including states that have banned drones, potential collisions in urban areas, and major privacy concerns.
"Drones are an impressive piece of technology and part of me is super excited whenever I get it outside and fly it around," Kamkar says. "But part of me is a little fearful."
Not a month goes by without former National Security Agency contractor Edward Snowden, unleashing new government surveillance allegations, but on Wednesday, the Washington Post dropped a bombshell: The NSA is tracking cellphones around the world at a rate of almost five billion records per day. This revelation is particularly shocking because it affirms fears that the government is keeping tabs on the physical location of Americans. The newspaper notes that in terms of potential impact on privacy, the location-tracking report may be "unsurpassed." Here's five things you need to know from the mind-boggling new report:
1. The NSA can find you in a hotel and can probably tell if you're having an affair:
Cellphones broadcast location data to towers even when they're not being used or the GPS is turned off. The NSA gets cellphone location data by "tapping into the cables that connect mobile networks globally and that serve U.S. cellphones as well as foreign ones." This allows the agency to keep tabs on someone, even if he or she travels abroad with a cellphone, "into confidential business meetings or personal visits to medical facilities, hotel rooms, private homes and other traditionally protected spaces." Once the NSA has that information, it can use it to figure out who a person is visiting, where, and how often.
2. Americans are definitely being tracked, but providing the exact number is "awkward:"
Like other programs revealed by Snowden, this one is intended for foreign intelligence but nonetheless collects Americans' data, allegedly by accident. The Snowden documents do not reveal how many Americans are targeted at home and abroad. Intelligence officials told the paper that the agency can't calculate how many, and "it's awkward for us to try to provide any specific numbers." (Robert Litt, general counsel for the Office of the Director of National Intelligence, which oversees the NSA, confirmed to the Post that information isn't collected in bulk on cellphones in the United States "intentionally.")
3. All the collected location data wouldn't fit in the Library of Congress:
From the Post: "27 terabytes, by one account, or more than double the text content of the Library of Congress’s print collection."
4. Don't bother trying to hide. The NSA knows if you're trying to avoid them:
From the Post: "Like encryption and anonymity tools online, which are used by dissidents, journalists and terrorists alike, security-minded behavior — using disposable cellphones and switching them on only long enough to make brief calls — marks a user for special scrutiny...for example, when a new telephone connects to a cell tower soon after another nearby device is used for the last time." And Chris Soghoian, principal technologist at the American Civil Liberties Union, told the Post that "the only way to hide your location is to disconnect from our modern communication system and live in a cave."
5. And you don't need to be a suspect to be targeted:
This is the big one—"A central feature of each of these tools is that they do not rely on knowing a particular target in advance, or even suspecting one. They operate on the full universe of data in the NSA’s [repository] which stores trillions of metadata records, of which a large but unknown fraction include locations," wrote the Post. An intelligence lawyer said that the data collection is not covered by the Fourth Amendment, which outlaws unreasonable searches and seizures.
"It looks like science fiction, but it's real." That's how Amazon, the online retailing giant, describes its new plan to deliver blenders, spice racks, and sex toys in 30 minutes or less via drone. On Sunday, CEO Jeff Bezos announced that his company is in the process of testing these new delivery drones and aims to have them ready by the time the Federal Aviation Administration (FAA) is expected to open up US airspace to unmanned aerial vehicles in 2015. But after that date, Amazon's blender-delivering drones will still face big obstacles, such as the states and cities that are hostile towards drone use; potential accidents with passenger planes; GPS and privacy concerns; and roving bands of laser-wielding package bandits.
While many states are vying for the right to be official FAA drone test sites, others are doing their best to make their skies unwelcome to drones. Both Idaho and Texas have passed laws that restrict private citizens from using drones to take photos—and it's likely that Amazon drones will need to be equipped with cameras, according to the Washington Post. Another seven states have jumped on the drone-banning bandwagon, by stopping law enforcement (but not private companies) from using them for surveillance. There are also a number of cities and counties that are considering making their air spaces "drone-free zones." Charlottesville, Virginia, Iowa City, Iowa, and St. Bonifacius, Minnesota, have banned drones for at least two years. Syracuse, New York, considered a bill in October that would have banned drones but decided to hold it until the FAA regulations shake out. And a Colorado town even considered issuing drone-hunting licenses.
Here's a map showing which states have passed legislation restricting drone use, put together with help from the National Conference of State Legislatures and the ACLU. Many other states have introduced bills that are still under consideration, so check your own state legislature for more information:
Currently, FAA rules prohibit drones from carrying people or property for compensation and only allow them for "important missions in the public interest" like search and rescue, patrolling the border, and firefighting. Unmanned aircraft are also prohibited from airspace over major urban areas—because of a higher likelihood of accidents with traditional aircraft, and other obstacles, such as buildings and power lines. When the FAA lifts drone restrictions in 2015, Amazon drones would likely be traveling in urban areas, given that they can only fly within 10 miles of a distribution center, many of which are located in the suburbs of major cities. But cities aren't likely to be any less dense in two years, raising the possibility of collisions. The FAA is still working on how to safely implement drones in urban areas—particularly by employing sensor technology—but it's still a legitimate concern, given that drones have already crashed into a lake, a Navy ship, and Manhattan.
If Amazon can find a way to make drones work while avoiding cities or airplane flight paths, the company would still need to implement very precise GPS directions to ensure each package goes to the right place. (In many places, a foot or two can mean the difference between your front door and the sidewalk.) The Washington Post points out that technology isn't precise enough yet to let drones fly themselves, so one option would be to have pilots fly drones via computer, to avoid GPS mishaps. But that would require them all to have cameras, creating a slew of new privacy concerns: "We need rules so that we can enjoy the benefits of this technology without becoming closer to a surveillance state," saysAllie Bohm, an advocacy and policy strategist for the ACLU.
Finally, there's also the prospect of thievery. All it could take is an effective drone-destroyer—a hunting rifle? laser weapon? laser pointer?—for a bandit to be watching your movies, wearing your slippers, and making smoothies in your blender. Amazon claims that by 2015, it "will be ready" to unleash delivery drones in US skies—but America probably won't be.