Privacy Part 3: Government Surveillance: Difference between revisions

March 3

Over the past two weeks we’ve looked at big-picture concepts of privacy and how the Internet reflects these issues in the context of corporations and people. This week, we dive into the specific question of surveillance by governments: how the Internet allows governments to observe their (and other governments') citizens, how these issues are different than from the corporate context, and what government surveillance does to us and the Internet as a system. We'll also look at how companies are working to inform citizens about surveillance, and the issues they encounter.

Assignment 2

Your final project prospectus is due today before class. Please upload your prospectus here.

Readings

Government vs. Corporate Surveillance

• Brian Fung, Yes, There Is Actually a Huge Difference Between Government and Corporate Surveillance

• Bruce Schneier, The Trajectories of Government and Corporate Surveillance

Surveillance Theory and Practice

• Neil Richards, The Dangers of Surveillance (pages 1934-96; 1942-45; and 1952-58)

• Kit Walsh, The NSA's Spying Powers: Reading the Statute

• Jack Goldsmith, We Need an Invasive NSA

• Steve Vladeck, Laura Donohue's Comprehensive Case Against Bulk Metadata Collection

• If you're interested, the Donohue article can be found here.

• Re/Code, An Interview with President Obama (10:50-15:25 only)

• Orin Kerr, Apple's Dangerous Game and Apple's Dangerous Game, Part 2: The Strongest Counterargument

Transparency and Accountability

• Ryan Budish, What Transparency Reports Don't Tell Us

• Electronic Frontier Foundation, Timeline of NSA Domestic Spying (skim)

• IC on the Record (skim)

• Google Transparency Report: United States (skim)

• Twitter Transparency Report (skim)

Optional Readings

• The Jennifer Granick / Orin Kerr debates on metadata and the Fourth Amendment

• Granick's opening
• Kerr's response
• Granick's reply
• Kerr's sur-reply

• Emily Bell et al., Comment to Review Group on Intelligence and Communication Technologies Regarding the Effects of Mass Surveillance on the Practice of Journalism (pages 9-12 ("Mass surveillance raises issues beyond individual surveillance," "Secret and confusing law," and "Chilling Effects") only)

• The Guardian, NSA Surveillance Revelations Decoded (skim)

• Ryan Gallagher, Meet the Machines That Steal Your Phone's Data

Class Discussion

Hello everyone, just wanted to start off the discussions with net neutrality. Regardless of which camp you're on, it seems like it has taken a huge step towards one direction.

Links:

http://www.bloomberg.com/news/articles/2015-02-26/fcc-adopts-net-neutrality-rule-backed-by-obama-for-open-internet

http://www.nytimes.com/2015/02/27/technology/net-neutrality-fcc-vote-internet-utility.html?_r=0

http://money.cnn.com/2015/02/26/technology/comcast-net-neutrality/

http://www.politico.com/story/2015/02/republicans-gop-split-on-net-neutrality-115564.html (government split on net neutrality)

http://www.huffingtonpost.com/2015/02/26/net-neutrality-fcc-vote_n_6761702.html

http://www.vox.com/2015/2/26/8117905/new-net-neutrality-rules-explained

http://www.theguardian.com/technology/2015/feb/26/net-neutrality-activists-landmark-victory-fcc (Net Neutrality activists)

Caelum (talk) 11:45, 27 February 2015 (EST)

We'll talk more about Net Neutrality in a future class, after we get the written rules from the FCC. Thanks for sharing! Andy (talk) 11:57, 27 February 2015 (EST)

thanks Caelum. It seems net neutrality is another one of those issues of balancing the govmt's ability to function v. individual's rights. Hromero10 (talk) 13:16, 2 March 2015 (EST)

Re: Government Surveillance. When the revelations of the NSA surveillance program first came to the surface my first reaction was, who the hell these CEO's think they are to just open the doors for the feds to come in and take whatever they want without even challenging their authority to do this? The answer quickly became clear - like everything else related to National Security - intimidation. Intimidation by the government against private companies for the consequences of refusing to cooperate which could cause them to be responsible for allowing the next 9-11 to happen. The scepter of a similar terrorist attack has been the cudgel the government has wielded over every questionable piece of legislation to come from the Patriot Act, like the approval of 'enhanced interrogations' to holding enemy combatants without charges, to the assassination of U.S. Citizens abroad without due process.

As expected, most companies folded promptly like a deck of cards, and only a few courageos souls had the conviction to challenge the government's authority and methods. Its important to note that many of those executives who opened the door for the feds to come in had already been helped handsomely by the government in previous years in their transition from phone providers to internet service providers like Verizon and Comcast, so they were not in a strong position to tell the government to take a hike - the feds practically owned them. So with the doors wide open - one stream of information went to the phone and internet companies, the other went straight to the government's servers - the feds have been collecting massive amounts of personal information on private citizens without a search warrant for years.

Because of the inaction of some spineless executives and CEOs, some of them simply beholden to the government's wishes, there is very little that can be done to stop the government's constant intrusion and gathering of relevant and irrelevant information about millions of citizens without a warrant. Court litigation and lobbying in congress will help some, but what citizens can do is hold these web service and phone companies' feet to the fire. Consumers should demand that our privacy be respected and guarded, not sold to the highest bidder, or third or fourth parties. On that, we are only in the begining stages - the public is only becoming more aware of the depth of the surveilance and the possible consequences in future years.

A very important question was raised in passing during RE/Code's interview with President Obama in which he asks: "Who owns your data? Your health records,your financial information, your e-mail?" He didn't elaborate much on the issue but it is a hugely important question. If the answer is data belongs to the individual that generates it, then we have a big problem because we know corporations are gonna find a way to own it and charge people to release it or erase it if they want, getting back tangentially to the issue of the right to be forgotten. But the bottom line is that all data about a person should belong to the individual. As it stands today, no one is really sure, but one thing is for certain, no one has any control of their own data today. No one can control what government does with it or what a company does with it, much less what any hacker can do with your personal information. The only thing I've seen on the web out there is a handful of websites that show people how to prevent advertisers and third parties from following your clicks on line and purchases for marketing purposes. In conclusion, the internet is a long way, hundreds of thousands of miles, perhaps even light years away from anything resembling privacy. Hromero10 (talk) 13:16, 2 March 2015 (EST)

I enjoyed this week’s readings as it goes into the reasonings from the government’s perspectives. I also liked the video interview with Obama in it. Perhaps that is what I shall be talking first. Perhaps the main aspect I could draw out from the video is that US has no cyber army, and if so, these armies are not just for defense, but also offense. Furthermore, I liked how he explains that there are many non-state actors that are “hard to pinpoint”. Yet the greatest state actors would be China, Russia and Iran. The highlight would bring it to when Obama said it is hard to get information from companies as a warrant is required, and subsequently encryptions makes their job even harder. (ref 1)

I do share the same vision as Obama for teaching kids to code. For one, I too felt extremely dated for not being exposed to coding at an early age. Therefore I am now learning to code. Teaching code to kids earlier, or the concepts of it during “abc’s” would ensure more knowledge about computers and coding. The other issue deals with gender equality, and a bigger influence and encouragement of women into sciences and technology subjects. I started off by mentioning this video is because it summarizes the views of US about cyber security and surveillance right now. It came from the man himself. (ref 1)

The next point to emphasize is that the difference between a company and a government doing the surveillance means a whole big deal. The key here according to Fung is that us individual citizens could boycott a company if necessary, but we cannot do so for a government. The government has the power to imprison us, and from one of his responses it says, “I am a strong believer in the 1st, 2nd, 4th and 5th amendments”, which meant that individual privacy should be respected. (ref 2) Just as Obama said it was hard to get data about your online communications, Fung also mentioned the same thing that it is hard for NSA to crack the encryption (as of now). Yet as the price of technology goes down, it directly benefits the surveillance from companies and governments. The government’s use of the “three hops”, which meant that three connections away from a suspicious individual, meant that they could pretty much surveillance quite a number of people! (ref 3) Also the four hurdles is almost child’s play with the ways the government overcomes them. The NSA actually have a lot of spying power. (ref 4)

So now with relatively low levels of threat, it seems like net neutrality and low government surveillance seems like the right thing to do. But as Goldsmith points out, “If a “catastrophic cyber-attack occurs,” the Timesconcluded, “Americans will be justified in asking why their lawmakers ... failed to protect them.”. What do we do when something really does happen? Will it be too late then? As it continues, since anyone anywhere can do a cyber attack, it makes it very easy and vulnerable to do so. (ref 5)

With all that in place, I do see the value of having some balances in check. The NSA does have its powers, but it is limited when it requires to extract data from companies. You could also see a whole bunch of transparency reports. Yet it is also questionable whether such transparency reports tells us enough of what is going on. If the warrant leads to the search of a suspected individual’s messages which stops some sort of crime, it should be applauded. Yet it does seem that we have this rigid stance against government surveillance right now. I remember seeing a comic about two individuals on a phone conversation while Obama was listening in to their conversation. (I tried looking for it, but I can’t find it) Surveillance seems necessary but also unnecessary at the same time. I agree it is very contradictory, but perhaps a new type of “system” could be created to ensure more security and still allow people to obtain and maintain some of their liberties. (Ref 6, 7, 8)

Lastly, I really liked the NSA spying timeline. (ref 9) I believe that government surveillance would not lower. It would only increase, as the potential for a huge cyberattack is much more dangerous than for everyone to keep their liberties. Since if a cyberattack occurs, the US would be devastated, and whatever liberties doesn’t matter at that point. US’s online presence is too huge, and people would complain if that happens anyways.

References:

Ref 1 - https://www.youtube.com/watch?v=yaylQmnXztU

Ref 2 - http://www.washingtonpost.com/blogs/the-switch/wp/2013/11/04/yes-there-actually-is-a-huge-difference-between-government-and-corporate-surveillance/

Ref 3 - https://www.schneier.com/blog/archives/2013/10/the_trajectorie.html

Ref 4 - http://www.dmlp.org/blog/2013/nsas-spying-powers-reading-statute

Ref 5 - http://www.newrepublic.com/article/115002/invasive-nsa-will-protect-us-cyber-attacks

Ref 6 - https://www.google.com/transparencyreport/userdatarequests/US/

Ref 7 - https://transparency.twitter.com/

Ref 8 - http://icontherecord.tumblr.com/

Caelum (talk) 17:35, 2 March 2015 (EST)

As I contemplate this week’s readings on the concerns raised about whether or not government surveillance, through the collection of digital metadata, is unconstitutional, I find I must consider it against the intrusiveness of commercial entities that have been allowed to follow our moves as we seek information on the internet. I believe both of these instances pose a substantial risk with regards to invading our privacy. While I can see that in good measure both are becoming somewhat necessary and tolerable, I can also see that it would be quite easy for this information to be abused and I believe preventing these potential abuses should be a core focus of this debate.

After I watched Kara Swisher’s Re/Code interview with President Obama I became more sympathetic to the cause of the NSA, and the government surveillance camp, as I now realize we will need to accept some version of this intrusiveness as a way of life. One of the aspects of the interview that I found most interesting was when the President discussed the pros and cons between air tight encryption verses seeking protection from terrorist plots. Consequently I think we need to contemplate creating a new set of laws and/or protocols that outline how this data can be handled and used, after it's collected and stored, so that this information cannot be used to confine our civil liberties.

As Laura K. Donohue points out in her paper, “Bulk Metadata Collection: Statutory and Constitutional Considerations,” during the Nixon Administration the CIA collected more than 10,000 intelligence files on Americans in an effort to thwart “the antiwar movement and other dissident groups in the United States,” and they did so “under the auspices of foreign intelligence gathering”(7). Clearly, as we move forward we need to engage in the creation of restrictions that would prevent this type of exploitation and manipulation of the metadata that is being collected.

Works Cited

Swisher, Kara. “President Obama: The Re/code Interview.” YouTube.com. 13 February 2015.

Donohue, Laura K. “Bulk Metadata Collection: Statutory and Constitutional Considerations.” forthcoming in the Harvard Journal of Law & Public Policy. 2014.

EmiMac (talk) 09:33, 3 March 2015 (EST)

EmiMac. I don't believe the public should let down their guard in terms of government surveillance, there have been many instances in which the U.S. government has taken expansive powers and not used them wisely, e.g. asset forfeiture laws, immigration enforcement, amongst others.

As to the question of how to reign in the government's surveillance powers and its abuses, one of the first things that needs to happen is for the FISA courts to be reformed. They need to stop being a rubber stamp agency made up of five judges meeting ex parte, or in secrecy, with requests being made by the NSA, the FBI or the Dept of Justice, going virtually uncontested.

The FISA court needs to be, as Laura Donahue suggested in one of the readings for this class (Comprehensive Case Against Metadata Collection), an adversarial proceeding in which one of the parties argues for the interest of the public or the individual. As it stands right now, the FISA courts is heavily weighed by considerations of national security and it rarely, if ever grants an appeal to a decision (.03 % of all applications) or a rejects a request, this has been done only four times since 2002.

Again, the establishment of these laws owe a lot to intimidation by the government and conservative proponents of more expansive and permissive rules regarding government surveillance in the aftermath of 9-11, at the expense of individual's civil rights and fourth amendment protection for illegal searches. This is one reason to reject the doctrine of 'perpetual war' because all these intrusions by the government are done in the name of the 'war against terror'. If the country is never at peace, the government has no reason to stop surveillance without warrants on its own citizens. Jack Goldsmith argues persuasively for government surveillance, but no one has been blasted by conservatives more than he has been, and I believe he still shell shocked from his dealings with the Bush administration. Hromero10 (talk) 12:32, 3 March 2015 (EST)

Meta-Monsters

[As] Flying Dragons rushing through the air counting time and space as nothing…. Producing companionship among communities in distant points, increasing intelligent intercourse, union, and productive wealth… these iron monsters have made their path… it has no passions and no motives… guided by its directors…it may be applied to so many uses, and expanded to any strength. We believe that it is to be the great moral agent in bringing the world into neighborhood.

This passage, written anonymously, was written 175 years ago. The “Iron monster” was the steam engine. In time, the line between who the monster really was blurred as these engines carried men with undiscerning guns westward, decimating flora and fauna to an unprecedented degree. Man made a machine that enabled him to do as many great things as evil. With great systems and inventions come the inherent risks that their awesome power can bring as much good to the world as it can bring bad. The question is, in who’s hands do we put this huge and immeasurable Iron Monster. The Internet is today’s Iron Monster, but it is harmless without directive; whoever directs this has the immense ease and temptation of becoming the true Iron Monster. The question after this week’s readings is. Who is it? The Public or the Private sectors? Most of us err on one side or the other reluctantly, but it’s a question with no one answer.

Bruce Schneier’s article succinctly discusses the two “Hands” –the public and private sectors -- that wield the Internet in order to gather our “private data”; neither of whom are comforting rulers. Especially frightening is the seepage, this “merge” Schneier discusses between the two kinds of databases; as companies gather increasingly more information about customers, it becomes more tempting for the government to transition from “asking” for information from the corporate databases to “demanding” information.

And the chilling thought is the most simple one; Schneier’s argument that with the creation of data, surveillance is simply inevitable – that we have created a world of “ubiquitous surveillance.”

Few of us can deny this.

Even more suffocating is the increasing truth found in the Faris and O’Brien article on Privacy and Data from class 3; that “Currently, the only surefire way to protect one’s digital privacy is to opt out entirely.” An incredibly difficult proposition in today’s world seeing that we’re not only barraged from all sides for our data, the private and public sector, but that our notions of what Richard in his “The Dangers of Surveillance” article labels, “Intellectual Privacy” become so eroded or at least de-valued for that trade-off of using services or simply being a citizen, of essentially, living in a civilized world apart from Emerson’s desolate cabin in the woods.

We will never revolt against these essential ways of living; we return to Schneier’s argument that simply living provides enough of a digital footprint that surveillance is indeed inevitable. Outstanding articles this week. Especially Neil Richards’ Dangers of Surveillance article in combination with Bruce Schneier’s thoughts.

In Richards’ words: “Our society lacks an understanding of why (and when) government surveillance is harmful.”

In Bruce Schneier’s words: “data equals surveillance.”

And in Robert Faris and David O’Brien’s words: “We constantly contradict ourselves: we want to protect “privacy” but constantly give it away.”

Mostly because, in Solove’s words: “Everybody is talking about [privacy] but no one knows what they are talking about…”

With this inevitable crawl towards surveillance and this weak and vague push against it because he have no idea what exactly we are defending – even with ideas as clear as Richards’ four principles – we are all riding this “Iron Monster” that is at once our own creation but the controlled monster of even greater monsters – also of our own collective creations. It is the inevitable crawl not to a doomed world but one that is not something we will accept – but we cannot stop it and surveillance will be an inevitable part of the next generations’ futures. They won’t stop it because they won’t likely care.

Chanel Rion (talk) 14:11, 3 March 2015 (EST)