Essay
Barca nep
Articles.zipSmartphones Have Privacy Risks.docx
Smartphones Have Privacy Risks
Smartphones, 2013
Top of Form
Bottom of Form
Around the turn of the century, the FBI [Federal Bureau of Investigation] was pursuing a case against a suspect—rumored to be Las Vegas strip-club tycoon Michael Galardi, though documents in the case are still sealed—when it hit upon a novel surveillance strategy.
The suspect owned a luxury car equipped with an OnStar-like system that allowed customers to "phone home" to the manufacturer for roadside assistance. The system included an eavesdropping mode designed to help the police recover the vehicle if it was stolen, but the FBI realized this same antitheft capability could also be used to spy on the vehicle's owner.
When the bureau asked the manufacturer for help, however, the firm (whose identity is still secret) objected. They said switching on the device's microphone would render its other functions—such as the ability to contact emergency personnel in case of an accident—inoperable. A federal appeals court sided with the company; ruling the company could not be compelled to transform its product into a surveillance device if doing so would interfere with a product's primary functionality.
The specifics of that 2003 ruling seem quaint today [in 2012]. The smartphones most of us now carry in our pockets can easily be turned into surveillance and tracking devices without impairing their primary functions. And that's not the only privacy risk created as we shift to a mobile, cloud-based computing world. The cloud services we use to synchronize data between our devices increase the risk of our private data falling prey to snooping by the government, by private hackers, or by the cloud service provider itself. And we're packing ever more private data onto our mobile devices, which can create big headaches if we leave a cell phone in a taxicab.
What to do about it? In this [viewpoint], we'll explore the new privacy threats being created as the world shifts to an increasingly mobile, multi-device computing paradigm. Luckily, there are steps both device makers and lawmakers can take to shore up privacy in the mobile computing age.
Cloudy with a Chance of Snooping
Law enforcement loves cloud computing. We don't know exactly how much information the government collects from online service providers, but Google alone fields thousands of requests from the US government each year for private customer data. Other providers have been less transparent, but they presumably experience similar request volumes.
Shifting data to a remote server makes life easier for mobile users, but it also makes life easier for people who want to access their data with or without permission. Data stored on third-party servers is much more vulnerable to surreptitious snooping not only by the government but also by hackers and the service provider itself.
Google's new privacy policy, which allows Google to more freely swap data among Google products, has attracted criticism from privacy groups such as the Electronic Privacy Information Center. Last year, Dropbox revealed it had accidentally left some of its users' data exposed to casual snooping for a few hours. Sony also had trouble safeguarding the data of PlayStation users.
A FreedomBox Future?
What can we do to avoid the privacy problems created by third-party storage? Ars Technica talked to Eben Moglen, a law professor at Columbia University and chairman of the Software Freedom Law Center. He argued the only way for users to truly safeguard their privacy is not to relinquish control of personal information in the first place.
The best approach, Moglen argued, is for "storage and sync service to be provided in a form which deliberately disables computation on that data on the storage provider." Under Moglen's preferred model, services like Amazon's S3 might help users store their data in encrypted form, but computation using unencrypted data would only occur on devices physically under the control of the data's owner.
Moglen is a driving force behind the FreedomBox, a project to build a user-friendly home server that would allow ordinary users to provide many of the computing and communications services currently offered by firms like Google and Facebook.
Moglen acknowledges it's a big technical challenge to make the FreedomBox a reality. Free web servers, mail servers, content management systems, and other software exists, but currently requires far too much user configuration to provide a plausible alternative to managed services for the average user. Improvements in reliability are also needed. And even federated social networking services like Identi.ca have failed to gain significant traction against centralized services like Twitter and Facebook.
But while progress has been relatively slow, Moglen believes his model will prevail eventually. "What we're talking about is what's going to affect the nature of humanity in the long run," he told us. "The important question is can we do it at all. We've never met a problem we can't solve"—given enough time.
Fixing the Third-Party Doctrine
While Moglen and his colleagues work on a user-friendly alternative to the cloud, users are entrusting a growing amount of information to cloud providers. Under a legal principle called the third-party doctrine, this data does not enjoy the same robust Fourth Amendment protections available to data physically controlled by a user. That means that the government may be able to obtain access to your private Facebook posts and even the contents of your Dropbox folder without getting a warrant.
There have been some moves toward extending full Fourth Amendment protections to online services. In 2010, the United States Court of Appeals for the Sixth Circuit held that remotely stored e-mail is protected by the Fourth Amendment. And in January, Supreme Court justice [Sonia] Sotomayor called the third-party doctrine "ill-suited to the digital age." In the future, she may convince a majority of her colleagues to embrace the Sixth Circuit's arguments. For now, data stored in the cloud lacks full Fourth Amendment protections in most jurisdictions.
In the meantime, Congress could update federal privacy law to give cloud services stronger statutory protections than the constitutional minimum established by the courts. The last time Congress rewrote electronic privacy law was in 1986. Obviously, communication technologies have changed dramatically in the last quarter-century. The legal categories Congress established then don't necessarily make much sense today.
My Phone, the Spy
Lower Merion High School in suburban Philadelphia issued laptops to its 2300 students in the fall of 2009. Freshman Katarina Perich soon noticed the green light next to the camera on her school-issued MacBook was turning on for no apparent reason. "It was just really creepy," she told USA Today.
Perich's concerns were justified. The district eventually admitted it had installed an antitheft system that included the ability to remotely activate laptop cameras. The system had been activated and thousands of pictures of students' homes were taken and transmitted back to the district's servers. School district officials contend the surveillance was due to a technical glitch, and the authorities ultimately decided not to press charges. A civil lawsuit brought by some students was settled for $610,000.
A growing number of mobile devices have built-in cameras, microphones, and GPS [global positioning system] sensors. This means law enforcement agents no longer have to take the risk of physically invading a suspect's property to install a bug or tracking device. They can simply order whichever company is in charge of the target device's software to modify it to enable remote surveillance and tracking. And because most mobile devices do not have hardwired LED indicators like those on laptop cameras, the owners of these devices are none the wiser.
In repressive regimes, the danger of government spying is already considered severe. Removing batteries from cell phones is a common practice among dissidents. As the Washington Post reported last year, "The practice has become so routine that Western journalists sometimes begin meetings with Chinese dissidents by flashing their batteries—a knowing nod to the surveillance risk."
The Need for Notification
Chris Soghoian, a privacy researcher and fellow at the Open Society Foundations, argues all device manufacturers should follow the good example set by laptop cameras. A user-visible LED should be hardwired to every camera, microphone, or GPS sensor on every mobile device. Soghoian argues LEDs have become cheap enough in bulk that the cost of adding two or three LEDs to every mobile device would be trivial.
But LEDs cannot help against another, related privacy threat: the use of cellular tower records to track a device's location. This location tracking is inherent to the way cellular networks work; your cell phone provider needs to know which cell phone tower you're close to in order to deliver information to you. On the other hand, cell-site location data is much less precise than the location data collected by GPS sensors. The privacy risk is somewhat reduced.
As with so many aspects of privacy law, the rules for law enforcement access to cell-site location records have not been clearly established. Some courts have ruled the government can obtain this data without a warrant; others have disagreed. January's GPS tracking decision at the Supreme Court suggests that several justices are concerned about protecting location privacy, but the high court has not ruled clearly on whether cell-site location records are protected by the Fourth Amendment.
Crypto
We use our smartphones to send and receive e-mail, take photographs, store lists of contacts, access social networks, and much more. As our mobile devices become increasingly packed with personal information, the potential harms from losing our phones grow accordingly....
There's a well-known solution to this problem: disk encryption. If the data on a mobile device were properly encrypted, then a lost or stolen device wouldn't create privacy problems. The new owner simply wouldn't be able to access the previous owner's data.
Unfortunately, full-disk encryption on mobile platforms is still a work in progress. One obstacle to effective disk encryption is the difficulty of entering a password with sufficient entropy using a touch-screen interface. On the desktop we commonly use passwords consisting of eight ASCII characters. But the "bandwidth" of our fingers is reduced on a touch screen, so smartphone password systems tend to be simpler, employing a 4-digit PIN [personal identification number] number or a sequence of simple "swipes." Yet these systems have few enough possible combinations—10,000 for a 4-digit PIN, for example—that an attacker can write software to simply try all possible combinations until he finds the right one.
Theoretically, mobile users could enter longer passwords. For example, a 14-digit number has about as much entropy as an 8-character alphanumeric password. But the average user is unlikely to have the patience to enter a 14-digit password every time she pulls out her cell phone. Soghoian tells Ars that finding more efficient ways to enter secure passwords using a touch screen is an "open research problem."
Still, Soghoian says smartphone vendors should at least offer their users the option to encrypt the storage on their mobile devices. Encryption with low-entropy passwords is better than no encryption at all, and users who particularly care about the privacy of their data do have the option of entering 14-digit passwords.
Making Privacy a Priority
This isn't the first time firms pioneering a new computing paradigm have failed to pay adequate attention to security and privacy. For example, it took several embarrassing malware incidents before Microsoft began taking desktop security more seriously. It may take a series of similar privacy disasters on mobile platforms before leading mobile vendors make security a top priority.
The stakes are higher today than they were in the 1990s. Users carry their phones with them everywhere, and use them for more purposes than they used their desktop computers for a decade ago. It would be a mistake to wait for disaster to strike before acting. Taking proactive steps now—like supporting full-disk encryption and adding LEDs to input devices—could avoid major embarrassment later.
Policy makers also have work to do. The Supreme Court should heed Justice Sotomayor's call to reconsider the third-party doctrine. And whether or not the court extends the Fourth Amendment to cloud services, Congress should overhaul electronic privacy law to ensure people enjoy the same robust privacy rights on 21st-century communications platforms as they do for 20th-century ones.
Full Text: COPYRIGHT 2013 Greenhaven Press, a part of Gale, Cengage Learning.
Source Citation
Lee, Timothy B. "Smartphones Have Privacy Risks." Smartphones. Ed. Roman Espejo. Detroit: Greenhaven Press, 2013. Opposing Viewpoints. Rpt. from "My Smartphone, the Spy: Protecting Privacy in a Mobile Age." 2012. Opposing Viewpoints In Context. Web. 15 Aug. 2013.
Cybercriminals Use Personal Information on Social Networking Websites.docx
Cybercriminals Use Personal Information on Social Networking Websites to Commit Crimes
Top of Form
Bottom of Form
More than 5 million online U.S. households experienced some type of abuse on Facebook in the past year [2010], including virus infections, identity theft, and for a million children, bullying, a Consumer Reports survey shows. And consumers are at risk in myriad other ways, according to our national State of the Net survey of 2,089 online households conducted earlier this year [2011] by the Consumer Reports National Research Center. Here are the details:
· Overall, online threats continue at high levels. One-third of households we surveyed had experienced a malicious software infection in the previous year. All told, we estimate that malware cost consumers $2.3 billion last year and caused them to replace 1.3 million PCs [personal computers].
· Millions of people jeopardize bank information, medical records, and other sensitive data they store on mobile phones, we project. Almost 30 percent in our survey who said they use their phone in such ways didn't take precautions to secure their phones.
· Many active Facebook users take risks that can lead to burglaries, identity theft, and stalking. Fifteen percent had posted their current location or travel plans, 34 percent their full birth date, and 21 percent of those with children at home had posted those children's names and photos. Moreover, roughly one in five hadn't used Facebook's privacy controls, making them more vulnerable to threats.
· Twenty-three percent of active Facebook users didn't know some of their "friends" well enough to feel completely comfortable about their own or their family's security or safety. An additional 6 percent admitted to having a friend who made them uneasy about those things. That means almost one in three Facebook users aren't fully comfortable with all their friends.
· The persistence of Internet threats makes it important to use security software. In our tests, we found that free anti-malware programs should provide adequate protection for many people.
Facing Up to Facebook
If you're like some 150 million Americans, you share the details of your life on Facebook, assuming that you and other users are its main customers and that it's accountable to you. But Bruce Schneier, chief security technology officer at security firm BT Global Services, says you're not Facebook's customer. "You are Facebook's product that they sell to their customers," he says, referring to the network's advertisers.
With "Find us on Facebook" tags popping up in malls, on popular TV shows, and elsewhere, Facebook has a lot of product to sell. And with no comparable alternative service, consumers are left as fodder for Facebook's advertisers and app [application] developers. "You are on Facebook because everybody else is," Schneier says. "You can say 'I don't like Facebook, I'm going to LiveJournal,' and suddenly you're alone."
Its position as the king of social networks has made Facebook the custodian of arguably the nation's largest collection of details about consumers' personal lives. "Any time you have a party with such a large amount of data, there's reason for concern," says Justin Brookman, director of consumer privacy for the nonprofit Center for Democracy & Technology.
Access to Data by Outsiders
Already, use of that data by outsiders is widespread. It might not be news that people have been fired because they posted ill-considered status updates or photos. But job recruiters might check Facebook to find out who people are connected to.
One recruiter told us that headhunters have used social network data to make sure job candidates are a fit with their clients. So if you lost out on a job because of Facebook, it might not have been because of just one indiscretion. You might have been rejected because an employer or recruiter found telling details in your postings, even though such a rejection might constitute discrimination.
Facebook posts are also widely used as evidence in divorce and family-law cases. Randall Kessler of Kessler, Schwarz & Solomiany, chair-elect of the American Bar Association's family-law section, says he advises new clients to "consider a cyber vacation."
"Facebook makes our lives so much easier as divorce lawyers," he adds. "Some people give it to us on a silver platter. There are spouses who list themselves as single while they are still married."
Lawyers and recruiters aren't alone in tapping into Facebook's vast database. Despite the uproar last year over Facebook's sharing of user data with some websites, the service recently proposed allowing developers of its more than 550,000 apps to request and obtain users' home addresses and phone numbers. The proposal prompted howls from several members of Congress.
Concerns About Privacy
"This information is extremely sensitive, and the policy Facebook proposed would force users to give up this info if they want an app," says Sen. Al Franken (D-Minn.), who heads the new Senate Subcommittee on Privacy, Technology and the Law. "The potential for fraud is just too great." Franken and three other senators noted in a letter to Facebook that a phone number and a home address, coupled with a small fee paid to a "people search" website, could yield enough information to complete a credit card application in someone else's name.
Franken told us that he's particularly concerned about the potential violation of children's privacy if Facebook implements that policy. "Kids should not be able to give that information away to strangers even if they wanted to."
Facebook recently began testing a program to use status updates and other information to deliver highly targeted ads. So if you post that you're looking for a car, you might find ads from auto dealers peppering the screen. Some might welcome such customization, but others might consider it an invasion of privacy. Regardless, such plans raise questions about what else the service hopes to do with the immense database of personal information it controls. Consumers' concerns might be allayed if they had more of a say in what Facebook does with their personal information.
Facebook publishes privacy policies like other companies do, but as a private corporation it needn't file the annual reports and other disclosures required of publicly held firms such as Microsoft and Google, which can provide even more information about a company.
Whatever the company's obligations, Franken told us, "Facebook needs to make its users' privacy a top priority."
Full Text: COPYRIGHT 2013 Greenhaven Press, a part of Gale, Cengage Learning.
Source Citation
"Cybercriminals Use Personal Information on Social Networking Websites to Commit Crimes." Cybercrime. Ed. Louise I. Gerdes. Detroit: Greenhaven Press, 2013. Opposing Viewpoints. Rpt. from "Online Exposure: Social Networks, Mobile Phones, and Scams Can Threaten Your Security." Opposing Viewpoints In Context. Web. 15 Aug. 2013.
Edward Snowden Is Completely Wrong.docx
Edward Snowden Is Completely Wrong
National Journal, June 13, 2013
Top of Form
Bottom of Form
Byline: Michael Hirsh and Sara Sorcher
Is he a hero--the most important whistle-blower in U.S. history, as Pentagon Papers leaker Daniel Ellsberg called him? Or is Edward Snowden a flat-out traitor and a very deluded young man? The 29-year-old contractor at the center of the biggest national security scandal in years is eloquent and impressively intelligent, having risen from high school dropout and security guard at the National Security Agency to uber systems administrator at the CIA. Snowden also appears to have acted genuinely out of conscience, because it's clear he could have sold what he knows for quite a lot of money, taken down "the surveillance structure in an afternoon" (as he declared in an interview), or revealed undercover assets that might "have cost lives. Instead, Snowden, a product of the federal government ecosystem who grew up in the D.C. suburbs, says he has sacrificed his own "very comfortable" life to expose what he calls Washington's "architecture of oppression."
What's not clear is why Snowden thought that revealing the NSA's surveillance methods would change very much in our government or society, except to make it much harder for the NSA, the CIA, and defense and intelligence contractors to hire anyone like him in the future.
That process, if little else, must now change. Snowden will likely be charged with espionage, or worse. Washington will massively revamp its vetting procedures, especially for giant contractors such as Booz Allen Hamilton, which has grown fat on a diet of government work and appeared to hire Snowden in Hawaii at a generous salary of $120,000 almost as an afterthought. Contracts like the one he worked on--to help the government analyze an overwhelming stream of data--represented 99 percent of its revenue, most of them related to the NSA.
Other than tightened security clearances, though, the startling revelations of the past several days will probably alter very little in the lives of Americans or the way the government works in a data-driven world. That's not just because, apart from a few outraged senators--Democrats Ron Wyden of Oregon and Mark Udall of Colorado and libertarian Republican Rand Paul of Kentucky--almost the entire U.S. government, from the White House to Congress to the judiciary, has come out in support of the NSA program of collecting troves of telephone data and personal Internet information, using the servers and telecommunications systems of America's biggest companies. If the mandarins of official Washington don't amend their conduct, it's because Americans aren't asking them to.
A NEW CONCEPT OF PRIVACY
The reason may not be entirely obvious at first. In the past decade, our very concept of privacy has changed to the point that we're less likely to see information-sharing as a violation of our personal liberty. In an era when our daily lives are already networked, we have E-ZPasses that give us access to the fast lane in exchange for keeping the government informed about where we drive. We shop online despite knowing that the commercial world will track our buying preferences. We share our personal reflections and habits not only with Facebook and Google but also (albeit sometimes inadvertently) with thousands of online marketers who want our information. All of this means Americans are less likely to erupt in outrage today over one more eye on their behavior. "One thing I find amusing is the absolute terror of Big Brother, when we've all already gone and said, 'Cuff me,' to Little Brother," jokes John Arquilla, an intelligence expert at the Naval Postgraduate School in Monterey, Calif.
The latest Allstate/National Journal Heartland Monitor Poll bears this out. Americans are vaguely aware of these slowly eroding walls of privacy, and 55 percent say they are worried about the overall accumulation of personal information about them "by businesses, law enforcement, government, individuals, and other groups." The survey also found that an overwhelming majority of Americans believe that business, government, social-media sites, and other groups are accessing their most personal information without their consent. Even so, for the most part, they accept it as an unavoidable modern phenomenon. Most younger and college-educated people--in contrast to Snowden--take a benign view of these changes.
Despite the press treatment of the NSA story, which judging from editorial opinion has come out largely on Snowden's side, most Americans appear relatively unperturbed. A Pew Research Center/Washington Post poll conducted last weekend found that 56 percent of Americans believe NSA access to the call records of millions of Americans is an "acceptable" way for the federal government to investigate terrorism. An even bigger majority, 62 percent, said it was more important for the government to investigate terrorist threats than it was to safeguard personal privacy. That explains why soft queasiness has not congealed into hard political outrage.
Another problem for the alarmists: No evidence suggests that the worst fears of people like Snowden have ever been realized. In his interview with The Guardian, which broke the story along with The Washington Post, Snowden warned that the NSA's accumulation of personal data "increases every year consistently by orders of magnitude to where it's getting to the point where you don't have to have done anything wrong. You simply have to eventually fall under suspicion from somebody."
In a state with no checks and balances, that is a possibility. But even the American Civil Liberties Union, which has called NSA surveillance "a stone's throw away from an Orwellian state," admits it knows of no cases where anything even remotely Orwellian has happened. Nor can any opponent of NSA surveillance point to a Kafkaesque Joseph K. who has appeared in an American courtroom on mysterious charges trumped up from government surveillance. Several civil-liberties advocates, asked to cite a single case of abuse of information, all paused for long seconds and could not cite any.
There is also great misunderstanding about how the NSA system works and whether such abuse could even happen in the future. It's unclear if the government will be capable of accessing and misusing the vast array of personal data it is accumulating, as Snowden predicts. The NSA appears primarily to use computer algorithms to sift through its database for patterns that may be possible clues to terrorist plots. The government says it is not eavesdropping on our phone calls or voyeuristically reading our e-mails. Instead, it tracks the "metadata" of phone calls--whom we call and when, the duration of those conversations--and uses computer algorithms to trawl its databases for phone patterns or e-mail and search keywords that may be clues to terrorist plots. It can also map networks by linking known operatives with potential new suspects. If something stands out as suspicious, agents are still required by law to obtain a court order to look into the data they have in their storehouses. Officials must show "probable cause" and adhere to the principle of "minimization," by which the government commits to reducing as much as possible the inadvertent vacuuming up of information on citizens instead of foreigners--the real target of the NSA's PRISM program. The program, according to Director of National Intelligence James Clapper, has had success. He told NBC that tracking a suspicious communication from Pakistan to a person in Colorado allowed officials to identify a terrorist cell in New York City that wanted to bomb its subway system in the fall of 2009.
Indeed, the scandal is perhaps narrower in scope than it's made out to be. "The only novel legal development that I see in that area is the government says, 'We know there's relevant information in there--if we don't get it now it will be gone; we won't be able to find it when we need it. So we'll gather it now and then we'll search it only when we have a good basis for the search to be done,' " says Stewart Baker, who was the first assistant secretary for policy at the Homeland Security Department and is a former NSA general counsel. "The courts are still involved. They say, 'You put it in a safe place, lock it up, come to me when you want to search it.' If you're serious about ways to make [counterterrorism] work and still protect privacy, it seems like a pretty good compromise."
Baker says the government built in as many controls and oversights as it could think of. "Two different presidents from two different parties with very different perspectives. Two different Intelligence committees led by two different parties. A dozen judges chosen from among the life-appointed judiciary. None of them thought this was legally problematic," Baker says. "And one guy says, 'Yeah, I disagree, so I'm going to blow it up.' If the insistence is, 'It only satisfies me if it's out in public,' then we're not talking about intelligence-gathering. We're not even talking about law enforcement. We're talking about research. And I'm not sure you can run a large country in a dangerous world just by doing open-source research."
Other advocates of the NSA operation say the sheer vastness of the program is what helps shield citizens. "Individuals are protected by the anonymity granted by the quantity of information," says Eric Posner, a University of Chicago law professor. "It's just too difficult to spy on such a vast number of people in a way that's meaningful."
THE CULTURE OF INTRUSION
Behavioral research shows that, like the proverbial frog in the pot of water who doesn't notice the rising temperature, Americans have grown inured to the "culture of intrusion" in today's world of continuous data exchange. "There are undeniable changes in behavior we have been observing in the past 10 years or so, with the birth and rise of social media," says Alessandro Acquisti, an economist at Carnegie Mellon University who has studied the effects. "There is evidence that people will give away personal data for very small rewards, such as the psychological benefit of sharing with others, or even for a discount coupon," he says. "For instance, on social media, people quite openly talk, without containing their audience only to their Facebook friends, about dating, eating, going out, success, and failures--something that 10 years ago you would have disclosed only to your direct friends."
The Michigan-based Ponemon Institute, which conducts independent research on privacy and data collection, has found that a relatively small number of Americans, only about 14 percent, care enough about their privacy on a consistent basis to change their behavior to preserve it. These are the people who will not buy a book on Amazon because they would have to surrender information about themselves, or don't go to certain websites if they fear they're going to be behaviorally profiled, or won't contribute to political campaigns for the same reason. By contrast, a substantial majority of Americans, about 63 percent, say they care about their privacy, but "there's no evidence to suggest they're going to do anything different to preserve it," says Larry Ponemon, who runs the institute. (Some 23 percent care so little about the issue they are known as "privacy complacent," Ponemon says.)
People are blithe even as they discover how much their online behavior can hurt them personally, on everything from job and college applications to terrorist investigations. "People are losing jobs because of things they posted on their Facebook page," says Loren Thompson, chief operating officer of the Lexington Institute, who refuses to use Facebook or Twitter or even conduct potentially controversial searches on Google. "I just had a feeling all along that by the time people realized how vulnerable they were, it would be too late. There would be too much information about them online."
There is a difference, to be sure, between government and private-sector abuses of privacy. "Even I recognize that it's one thing for Google to know too much, because they aren't putting me in jail. It's another thing for government, because they can coerce me," says Michael Hayden, who as director of the NSA from 1999 to 2006 was a primary mover behind the agency's transformation from Cold War dinosaur to a post-9/11 terror-detection leviathan with sometimes frightening technical and legal powers. "But if we weren't doing this, there would be holy hell to raise."
That is likely true, too. Defenders of the program say, as Hayden does, that the government had no choice. "This is about taping foreign telecommunications transmissions that just happen to pass through the United States because of the way the Internet architecture is designed," Thompson says. "It really doesn't have anything to do with spying on Americans; it's about spying on foreigners the easy way." At first this meant finding the right communications hardware. The USS Jimmy Carter, a Seawolf-class submarine, was modified to tap into the trunk lines, but there are really only a handful of major Internet conduits to the Middle East, Thompson says. Eventually, someone probably said, "Jeepers, most of this traffic passes through the U.S. anyway. Why don't we just talk to Verizon?"
Hayden admitted this, surprisingly, in an open session of the House Intelligence Committee way back in 2000, telling the members that this monitoring was needed to enable the NSA to get in front of the data. No one listened right way, but after 9/11 and the passage of the USA Patriot Act, the mood shifted dramatically in favor of more aggressive surveillance. "This agency grew up in the Cold War. We came from the world of Enigma [the Nazi encryption device whose code was broken by the Allies], for God's sake. There were no privacy concerns in intercepting German communications to their submarines, or Russian microwave transmissions to missile bases," Hayden says today. Now, "all the data you want to go for is coexisting with your stuff. And the trick then, the only way the NSA succeeds, is to get enough power to be able to reach that new data but with enough trust to know enough not to grab your stuff even though it's whizzing right by." The demonization of the NSA now is ironic, he says, considering that in late 2002 the Senate Intelligence Committee (which included Wyden), in its joint 9/11 report with the House, criticized the agency for its "failure to address modern communications technology aggressively" and its "cautious approach to any collection of intelligence relating to activities in the United States."
Most Americans, based on the polls, seem willing to make the trade-off between what President Obama called "modest encroachments on privacy" and safety from terrorists. "There is a lot of authoritarian overreach in American society, both from the drug war and the war on terror," David Simon, the writer and producer of the hit HBO shows The Wire and Treme, wrote in his blog this week, in a scathing blast at Snowden and the pundits who have lionized him. "But those planes really did hit those buildings. And that bomb did indeed blow up at the finish line of the Boston Marathon. And we really are in a continuing, low-intensity, high-risk conflict with a diffuse, committed, and ideologically motivated enemy. And for a moment, just imagine how much bloviating would be wafting across our political spectrum if, in the wake of an incident of domestic terrorism, an American president and his administration had failed to take full advantage of the existing telephonic data to do what is possible to find those needles in the haystacks."
HOW WE SURRENDER PRIVACY
Every time you go online, you're a target. Advertisers are searching for you--maybe not by name, but through your interests and your assessed income and even your health symptoms, all based on your search-engine terms and the cookies deposited on your computer to watch you surf the Internet and report back on your habits. Sites may have an agreement with advertisers, which can target their messages to you. And they likely sell this information to third-party brokers who can do what they want with it.
A sweeping Wall Street Journal investigation in 2010 found that the biggest U.S. websites have technologies tracking people who visit their pages, sometimes upwards of 100 tools per site. One intrusive string of code even recorded users' keystrokes and transmitted them to a data-gathering firm for analysis. "A digital dossier over time is built up about you by that site or third-party service or data brokers," says Adam Thierer, senior research fellow at the Mercatus Center's Technology Policy Program at George Mason University. "They collect these data profiles and utilize them to sell you or market you better services or goods." This is what powers the free Internet we know and love; users pay nothing or next
to nothing for services--and give up pieces of personal information for advertisers in exchange. If you search for a Mini Cooper on one website, you're likely to see ads elsewhere for lightweight, fuel-efficient cars. Companies robotically categorize users with descriptions such as "urban upscale" to "rural NASCAR" to tailor the advertising experience, says Jim Harper of the libertarian Cato Institute. "They'll use ZIP codes and census data to figure out what their lifestyle profile is."
As a result of these changes, the government's very concept of privacy has grown ever narrower and more technical. "Too often, privacy has been equated with anonymity; and it's an idea that is deeply rooted in American culture," Donald Kerr, the principal deputy director of national intelligence, said in 2007 as Congress was busy debating new rules for government eavesdropping. That's quickly fading into history, Kerr said. The new version of privacy is defined by enough rules affecting the use of data that Americans' constitutionally enumerated rights (privacy not among them) will be safe. "Protecting anonymity isn't a fight that can be won. Anyone that's typed in their name on Google understands that." We've already given up so much privacy to the government, Kerr said back then, that it can be protected only by "inspectors general, oversight committees, and privacy boards" that have become staples of the intelligence community.
Clapper seems to be relying on a similar concept. The United States, he said in an interview with NBC, can put all the communications traffic that passes through the country in a massive metaphorical library. Presumably, the "shelves" contain the phone numbers of Americans, the duration of their calls, and their e-mail correspondence. "To me, collection of U.S. persons' data would mean taking the book off the shelf, opening it up, and reading it," Clapper said. Instead, the government is "very precise" about which "books" it borrows from the library. "If it is one that belongs or was put in there by an American citizen or a U.S. person, we are under strict court supervision, and have to get permission to actually look at that. So the notion that we're trolling through everyone's e-mails and voyeuristically reading them, or listening to everyone's phone calls, is on its face absurd. We couldn't do it even if we wanted to, and I assure you, we don't want to."
Critics say the Constitution's Fourth Amendment, designed to guard against unreasonable searches and seizures, should impede the government's access to personal data--even if that information is available in the commercial sphere. "If Google has it, that says nothing about whether the government should have it," says Cato's Harper. "It's not reasonable to collect information without probable cause or reasonable suspicion."
For most Americans, the reassurance that the government won't gratuitously pursue them may well be enough. For Snowden and his defenders, it clearly is not. In explaining his daring act, he said he hoped to provoke a national debate about surveillance and secrecy, and added: "The greatest fear that I have regarding the outcome for America of these disclosures is that nothing will change."
That fear is likely to be realized. Snowden offered a valuable window into a top-secret world The Washington Post wrote about in great detail three years ago, when it published a series on a clandestine intelligence-industrial complex that "has become so large, so unwieldy, and so secretive that no one knows how much money it costs, how many people it employs, how many programs exist within it, or exactly how many agencies do the same work." Perhaps the country should thank Snowden for reopening that issue, even as it prosecutes him for what is plainly a violation of his oath of secrecy. But after the thanks are offered, we will probably just get back to business.
Michael Hirsh and Sara Sorcher
Full Text: COPYRIGHT 2013 Atlantic Media, Inc. http://www.atlanticmedia.com/
Source Citation
Hirsh, Michael, and Sara Sorcher. "Edward Snowden Is Completely Wrong." National Journal (2013). Opposing Viewpoints In Context. Web. 15 Aug. 2013.
Security Requires that Civil Liberties.docx
Security Requires that Civil Liberties, Including Privacy, Not Be Absolute
Top of Form
Bottom of Form
"There are those who once again want to implement a wall that would place civil liberties ahead of national security and Americans' safety."
In the following viewpoint, Elise Cooper argues that it is a mistake to privilege civil liberties above national security. Cooper describes a metaphorical wall built to prevent law enforcement from sharing information with intelligence in an attempt to protect civil liberties, including privacy. In the interest of security, she claims, the wall was eradicated after 9/11. However, she expresses concern that a resurgence of the wall is once again threatening national security. Cooper is a columnist and assistant publicist.
As you read, consider the following questions:
1. According to the author, what act was passed in response to the intelligence scandals of the mid-1970s?
2. The author expresses concern that a wall is being built by privacy groups in what realm of possible future warfare?
3. What political entity is refusing to share passenger information with the United States, according to Cooper?
The 9/11 attacks occurred in part because the intelligence on terrorist dangers was suppressed as a result of a policy known as "the wall." This policy prevented the intelligence and prosecution sides from sharing information. On April 13, 2004, Attorney General [John] Ashcroft told the 9/11 Commission that the "wall" between law enforcement and intelligence was responsible for many of the failures.
The Wall Between Law Enforcement and Intelligence
FISA (Foreign Intelligence Surveillance Act) was brought into existence during the [Jimmy] Carter administration in response to the intelligence scandals of the mid-1970s because of the assumption that the intelligence agencies acted improperly. A set of rules was written for intelligence-gathering in the states to make sure wiretaps and surveillance were carried out in accordance with the law. The rules that apply to law enforcement wiretaps were not appropriate for intelligence wiretaps, which require more flexibility.
The idea behind FISA was that the contact between prosecutors and intelligence wiretaps should be kept to a minimum to prevent American liberties from being eroded. The "wall" would keep the prosecution side and the intelligence side separate. All that could be given to the prosecutors was a tip to start an investigation, but not the details of the intelligence. Prior to 9/11, there were warning signs which Stewart Baker, former assistant secretary for homeland security, called a "failure of imagination. Frances Townsend [who spearheaded the FISA intelligence investigations] tried to break down the wall. She tried to make a lot of changes for the good. She was more open-minded and aggressive." Unfortunately, she was dismissed because of her efforts.
After 9/11, "the wall" was formally eradicated by Congress and the Court of Appeals. However, there are still barriers today, walls that are less pronounced. Baker, who recently wrote the book Skating on Stilts, notes that
even after the 9/11 attack people are suspicious of limits to their civil liberties, are pushing back the pendulum in the other direction, and still have the assumption that the threats have been overstated by government agencies that want to yield more power.
Civil Liberties vs. Security
One example is the ACLU [American Civil Liberties Union] lawsuit asking a federal judge to halt an alleged [Barack] Obama administration plan to kill an American citizen cleric. The cleric is living in Yemen and encourages radicalized Americans to initiate terrorist attacks. The suit alleges that the targeted-killing program violates Anwar al-Awlaki's Fourth Amendment right to be free from unreasonable seizure and his Fifth Amendment right not to be deprived of life without due process. There are those who once again want to implement a wall that would place civil liberties ahead of national security and Americans' safety.
Will cyber warfare be the next area of attack? A wall is being built by the privacy groups and the cyber industry because they do not want any form of regulation. Jim Roth, the former New York Chief Division Council of the FBI who was heavily involved in FISA, wants a balance between national security concerns and the internet. He strongly believes that "the side of national security must win during any emergency since our First Amendment rights are not absolute. You can't yell fire in a movie theatre."
America's cyber infrastructure is not well-protected, and it is possible that an attack would bring this nation to its knees. Baker says the cyber-industrial complex does not want to be regulated, so they play off the civil liberties side, claiming that any regulation, even for security measures, would be a civil liberties disaster. Townsend suggests that this cyber wall can be easily demolished if the government changes its perspective. According to Townsend, the government must initiate a private-public partnership since so much of the "intellectual capital with cyber resides in the private sector. The government should change its thinking process and involve the private sector in the policy generated process not after."
The Need for Balance
Another wall has been created by the European Union. They refuse to share any passenger name recognition data because of their perceived threat to civil liberties. The Europeans are attempting to limit the kind of information that is passed on to the U.S. and will allow only Homeland Security to use it. They do not want it passed on to other agencies, such as the FBI. Baker emphasized that the data is needed to improve passenger screening. For example, if a European flies to Pakistan and back to Europe and then some time later flies to the U.S., the first leg of the trip is not passed on; thus, the Europeans are preventing the U.S. from connecting the dots. According to Baker, "The EU will forbid airlines from giving the information to the third country (the U.S.) if the third country doesn't dance to their tune: the European supervision on privacy issues." To break down this wall, Baker proposes that the U.S. might consider talking directly with individual countries and bypassing the EU. He also believes that the U.S. might want to limit the "sharing of terrorism data with countries that restrict our ability to collect such data. It makes no sense that the Europeans are trying to limit the kind of information needed to make sure people don't get on planes and blow themselves up over the U.S."
All interviewed agree that there must be an honest dialogue sooner rather than later. Michael Hayden, the former CIA [Central Intelligence Agency] Director, feels that the balance between the concerns of the civil libertarians and national security "should lead to an honest conversation of what do we want to do and what don't we want to do. Some of the decisions of what not to do will increase the risk."
Full Text: COPYRIGHT 2013 Greenhaven Press, a part of Gale, Cengage Learning.
Source Citation
Cooper, Elise. "Security Requires that Civil Liberties, Including Privacy, Not Be Absolute." Civil Liberties. Ed. Noël Merino. Detroit: Greenhaven Press, 2013. Opposing Viewpoints. Rpt. from "The 'Wall' Continues to Hamstring Anti-Terror Activities." American Thinker. 2012. Opposing Viewpoints In Context. Web. 15 Aug. 2013.
