One of the most significant realizations to emerge since the Edward Snowden revelations, is the understanding that we need more secure tools for would be whistle-blowers to more easily provide sensitive information in a secure and anonymous manner. As such, we have seen the deployment of encrypted drop boxes by several media outlets. I highlighted one of these a little over a year ago called Strongbox, which was a project announced by the New Yorker and was what Aaron Swartz was working on just before his death.
Recently, the Washington Post and the Guardian have released something similar called SecureDrop. The Washington Post described it as such:
Users may have noticed a button on The Washington Post homepage called “SecureDrop.” The new feature enables confidential sources to contact The Post and share documents in an encrypted fashion. The Post launched this feature to offer even more security and anonymity to sources.
Naturally, this sort of potential transparency and ease of exposing corruption and criminality is not welcome within the halls of government. As such, the reaction from Obama Administration lawyers is to issue subpoenas for information so that they can avoid cracking the encryption and the U.S. legal system altogether.
ArsTechnica reports that:
It’s not shadowy spies or engineers from the National Security Agency secretly reading the hundreds of tips about government fraud that the Project on Government Oversight (POGO) has received in less than a month.
Instead, its lawyers from the President Barack Obama administration employing the power of the administrative subpoena in a bid to siphon data from POGO’s encrypted submission portal. POGO’s site encourages whistleblowers to use Tor as the gateway and has garnered more than 700 tips about abuse and mismanagement at the US Veterans Administration after less than a month of operation.
“If they are successful, that defeats the purpose of trying to improve our online security with encryption,” Joe Newman, the project’s communications director, said in a telephone interview.
The administrative subpoena, which does not require the Fourth Amendment standard of probable cause, comes as the number of so-called drop boxes from media organizations and other whistleblower groups is on the rise in the wake of the Edward Snowden revelations. The Washington Post and the Guardian were among the latest to deploy drop boxes on June 5. But no matter how securely encrypted the boxes might be, the subpoena is an old-school cracking tool that doesn’t require any electronic decryption methods.
Typical response from a “constitutional lawyer” President.
POGO launched its submission tool in the immediate aftermath of the disclosure of the Veterans Administration scandal, which on Monday blossomed to revelations that as many as 57,000 vets have been awaiting treatment for as long as three months each because of 1990s-era scheduling technology. The agency is also accused of trying to cover that up.
The subpoena from the Department of Veteran’s Affairs Inspector General demands from POGO records related to “wait times, access to care, and/or patient scheduling issues at the Phoenix, Arizona VA Healthcare System and any other VA medical facility.”
On Monday, POGO told the Obama administration that it would not comply with the subpoena. Most government agencies have such subpoena powers, and they have been doled out hundreds of thousands of times, all with the signature of federal officials as no judge is required. The subpoenas demand that utilities, ISPs, telecommunication companies, banks, hospitals, and bookstores cough up information if the authorities deem it relevant to an investigation.
If the VA doesn’t drop its subpoena, POGO said it would never turn the data over, even if ordered to by a judge.
“We are certainly prepared to go to court,” Newman said. “We are certainly prepared to go to jail to prevent any of that information from being released.” …