UPS Denies Helping the NSA 'Interdict' Packages

An anonymous reader writes "When Glenn Greenwald's book came out recently, one of the most startling revelations was that the NSA has been intercepting shipments of networking gear to add spyware. Cisco was one of the vendors whose gear was altered, and now their shipping provider has spoken up about it: 'UPS, which Cisco has used since 1997 to ship hardware to customers around the world, said on Thursday that it did not voluntarily allow government officials to inspect its packages unless it is required to do so by law. "UPS' long-standing policy is to require a legal court-ordered process, such as a subpoena, before responding to any third-party requests," UPS spokeswoman Kara Ross wrote in an e-mail to TheBlot Magazine. "UPS is not aware of any court orders from the NSA seeking to inspect technology-related shipments." In a follow-up e-mail, Ross said UPS had no knowledge of similar orders from the FBI, CIA or any other federal agency.' That sounds like carefully parsed language to me. 'Did not voluntarily,' 'unless it is required to do so by law.' Perhaps they're bound by a National Security Letter?"

Re:Guilty

[jythie]

Because 'we will never allow XYZ', while it makes for a good speech, would not be truthful or accurate, in fact it would be downright deceitful. I would consider such a statement to be a far greater indicator of guilt then even staying quiet since it is legally not an option.

There is a huge difference between 'yeah, we will voluntarily do XYZ when asked' and 'we will comply with the law when required'.

Re:Guilty

[Anonymous Coward]

Yup. "required by law" is called an NSL.

And you aren't allowed to talk about it either.

Re:Can NSA serve National Security Letters?

[Cassini2]

The NSA rarely admits to doing anything. The other agencies are directed to cover up their involvement and how they got their information. For example: Exclusive: U.S. directs agents to cover up program used to investigate Americans. [reuters.com]

Re:No need for UPS to help

[Anonymous Coward]

When you say Custom's warehouse, I think you actually mean the two types of regulated facilities which are bonded and foreign-trade zone warehouses.

Bonded warehouses are only allowed to store imported goods. The importer files customs entry forms for the goods prior to storing them within the warehouse and must paid the owed duties prior to removing the goods from the warehouse. This is the most common type. Basically it is where you put things while you pay your entry fees.

Foriegn-trade zone (FTZ) warehouses allow both domestic and foreign cargo to be stored. Small manufacturing can be performed within the FTZ too. You would use this if you plan to re-export the goods or the product you manufacture have a mixture of domestic and foreign parts and it would be cheaper to import the finished product than each individual part. The goods are not considered imported until they leave the warehouse for a domestic address. A lot of global manufacturers have FTZ facilities and despite what the parent comment implied, this facility is operated by the manufacturer or a contracted agent for the manufacturer. It is not a place where customs or the NSA can freely enter and have access to any of the goods.

Yes I used to make a living in this field.

Geezus, UPS is flat out lying

[Anonymous Coward]

In a follow-up e-mail, Ross said UPS had no knowledge of similar orders from the FBI, CIA or any other federal agency.

This just beggars belief. It's well known that all US couriers have security divisions that work with federal and state government agencies. They routinely help with investigations of suspicious packages containing drugs, counterfeit products, explosive materials, firearms, etc.

Here's what one UPS executive, customs and brokerage manager Norman T. Schenk, had to say in a Congressional hearing in 2000 on how to stop illegal drugs from being delivered by mail:

Our partnership with the Customs Service has dramatically
curtailed the flow of contraband. Today, Mr. Chairman, we urge
you to ensure that the Customs Service has the 21st century
tools it needs to maintain the extraordinary growth of commerce
in this new millennium. Last year, the United States received
21 million commercial shipments. By 2004, that number is
projected to climb to 50 million. Customs simply cannot inspect
each shipment by hand.
        Mr. Chairman, full funding of the new automation system
known as ACE, the Automated Commercial Environment, is
essential for Customs to keep pace with the growth of commerce.
        No technology can enable the Customs Service to inspect 50
million shipments, but ACE can help Customs leverage the power
of information to target its inspections efficiently and
precisely.
        Our own experience at UPS shows the difference such a
system will make. Our advanced electronic manifesting procedure
provides Customs with extensive information from the
destination of a parcel to a description of its contents on
every package we transport to the United States before it
arrives at a UPS facility. ...
In addition to our work with Customs, UPS conducts an
aggressive and thorough drug interdiction program of our own.
We train delivery drivers to spot packages that may contain
illegal drugs. We screen for suspicious parcels. We routinely
work with the other law enforcement agencies like the FBI, DEA,
and State and local authorities, including providing them
information about any offender we identify.

So they not work with 3 letter federal agencies routinely, but they do it without the prompting of a subpoena, or NLS.

Re:Guilty

[geekmux]

Not voluntarily unless required by law? Why do companies release statements like this? It just makes them seem more guilty. Better not to say anything.

Uh, no. I'd rather know about it so then we can at least attempt to do something about it. Not knowing would do nothing to resolve the issue.

And it's quite the serious issue. Where we used to have only the government legally allowed to sit behind the bullshit excuse of "cannot confirm or deny", they have now expanded that standard legal waiver (via NSLs) to every American corporation they touch.

And the secret monitoring will be legally allowed to continue without your knowledge. Sorry, but until they dismantle secret courts, Snowdens revelations haven't done a damn thing to change policy or weaken the NSAs capability at all.

Re:Can NSA serve National Security Letters?

[NotDrWho]

I thought only the F.B.I. could serve National Security Letters. Can the NSA also serve them?

Even if they couldn't (and they won't say whether this is the case or nor), they could easily get the FBI to do it for them.

We the public are never going to know either say (without another heroic whistleblower), since even the process is a secret. Maybe we can find out the truth in about 75 years when they declassify it.

Re:Guilty

[Anonymous Coward]

There is a huge difference between 'yeah, we will voluntarily do XYZ when asked' and 'we will comply with the law when required'.

As it has become more and more clear that the Executive Branch believes that we are not under a rule of law but a rule of men, then it becomes more and more clear that "comply with the law" and the Executive Branch's "I am the law" basically makes all those "we will comply with the law' equivalent to "voluntarily do XYZ". I mean, sure, I have no doubt that the telecoms are run by a bunch of sell-outs who would gladly sell their user's information to the government and effectively circumvent search and seizure laws*, but much like the Red Scare, most CEOs are also equally scared of being labelled a terrorist sympathizer or being charged for violating a NSL or being guilty of espionage for revealing the things that Snowden showed us. That doesn't make them guiltless as the foundation of how things have gone so bad so quickly is that good men** have sat by and let bad things happen.

So, honestly, as much as we might not have seen a Snowden type leak from a CEO before the NSA's doings were revealed, now that they're know the people who did stand up to the FBI and the NSA in private should be actively speaking out about exactly what they did or did not do and make it very clear that their actions weren't to comply with the rule of men that has becomes the pretense for the rule of law for over a decade.

*For as much as the courts have ruled that third party holders of information don't need to be served a warrant, that's a patently false idea given the notion of companies having similar rights to people being made of people. That is, if a law says the government can't take a person's property without due process, it does not follow that once they give it to someone else for whatever reason that the government can*** force that someone to hand it up under a lower burden since it's still taking property from the someone and the basis for search and seizure still has every reason to be effective. Hence the qualifier of "subpoena" which have a significantly lower threshold than a warrant is really heavily a handwave given the NSA's actions that may have had a "warrant"**** for all export bound UPS packages.

**It's hard to argue still they're good men, but now that the pressure is off more, perhaps they could try to redeem themselves.

***Obviously in this context meaning what the law actually says, not what has been followed. The courts, after all, don't like having their hands tied any more than anyone else and have conveniently created subpoenas and lower threshold warrants**** that clearly violate the intent of the Constitution.

****Secret courts with close hearings where even if a warrant is denied there's basically no way to verify it, so the NSA kept on going even though at a technical level it was in contempt of court. The idea that the legislature needs to step in or really could do anything if the FISA court decided to jail most of the NSA's top staff through the US Marshals for contempt of court for an indefinite period*****...well, you get the idea. Fuck, people who are a lot less contemptuous of the courts have rotted in a jail sell much longer for less.

*****Which is actually illegal also as that's a Fifth Amendment violation, but it's conveniently forgotten just as the Executive at the Federal and State level regularly ignores it to jail protesters or all those people in Guantanamo Bay. Regardless, it'd be rather hard to argue against the practice they themselves engage in regularly, but then it'd require the sort of self-reflection from a Judiciary who took the step also to relinquish the long-held unconstitutional power.

Re:Guilty

[Frobnicator]

Reading the rest of the article (yeah, who does that) has more of the little gems.

The quotes fro the headlines were from a PR drone. They write PR, but they don't know the actual secrets. They are not the ones who are called in to a private executive meeting with the legal team.

When they question Mark Chandler, the executive general counsel who does hear the legal secrets:

“We ought to be able to count on the government tonot interfere with the lawful delivery of our products in the form in which we have manufactured them,” Chandler wrote. “To do otherwise, and to violate legitimate privacy rights of individuals and institutions around the world, undermines confidence in our industry.”

We ought to trust... people need to trust... because that is good for business.

Chandler didn’t say if the company knew of the NSA interdiction program, nor did the executive acknowledge if Cisco participated in the interception of packages delivered to certain customers.