Privacy Part 3: Government Surveillance

From Technologies and Politics of Control
Jump to navigation Jump to search

Syllabus


March 3

Over the past two weeks we’ve looked at big-picture concepts of privacy and how the Internet reflects these issues in the context of corporations and people. This week, we dive into the specific question of surveillance by governments: how the Internet allows governments to observe their (and other governments') citizens, how these issues are different than from the corporate context, and what government surveillance does to us and the Internet as a system. We'll also look at how companies are working to inform citizens about surveillance, and the issues they encounter.


Download slides from this week's class


Assignment 2

Your final project prospectus is due today before class. Please upload your prospectus here.


Readings

Government vs. Corporate Surveillance
Surveillance Theory and Practice
  • If you're interested, the Donohue article can be found here.
Transparency and Accountability

Optional Readings

  • The Jennifer Granick / Orin Kerr debates on metadata and the Fourth Amendment


Links from Class

MLK Letter: http://www.nytimes.com/2014/11/16/magazine/what-an-uncensored-letter-to-mlk-reveals.html

2+2=5! http://en.wikipedia.org/wiki/Nineteen_Eighty-Four

ECPA: http://en.wikipedia.org/wiki/Electronic_Communications_Privacy_Act

Pen Register: http://en.wikipedia.org/wiki/Pen_register

Exclusionary Rule: http://en.wikipedia.org/wiki/Exclusionary_rule

Smith v. Maryland: http://en.wikipedia.org/wiki/Smith_v._Maryland

More information on non-standard warrants: https://www.law.cornell.edu/rules/frcrmp/rule_4.1

States have their own rules: http://mnbenchbar.com/2010/12/telephonic-search-warrants/

USPS Recording Letters: http://www.nytimes.com/2013/07/04/us/monitoring-of-snail-mail.html

Police can't put a GPS unit on your car, but they can follow you with officers in a car: http://en.wikipedia.org/wiki/United_States_v._Jones_(2012)

"The Cloud": http://en.wikipedia.org/wiki/Cloud_computing

Warshak: http://en.wikipedia.org/wiki/United_States_v._Warshak

Image of US Court systems: http://wlwatch.westlaw.com/aca/west/images/uscrtsys.gif

NSA Utah Data Center: http://en.wikipedia.org/wiki/Utah_Data_Center

Petabyte: http://en.wikipedia.org/wiki/Petabyte

EO 12333: http://en.wikipedia.org/wiki/Executive_Order_12333

Signal App: http://arstechnica.com/security/2015/03/now-you-can-easily-send-free-encrypted-messages-between-android-ios/

ProtonMail: http://en.wikipedia.org/wiki/ProtonMail

PGP: http://en.wikipedia.org/wiki/Pretty_Good_Privacy

Tor: http://en.wikipedia.org/wiki/Tor_(anonymity_network)

MLAT process: http://en.wikipedia.org/wiki/Mutual_legal_assistance_treaty

Kyllo: http://en.wikipedia.org/wiki/Kyllo_v._United_States

Police can now see through walls: http://www.usatoday.com/story/news/2015/01/19/police-radar-see-through-walls/22007615/

Metadata: http://en.wikipedia.org/wiki/Metadata

Class Discussion

Please remember to sign your postings by adding four tildes (~~~~) to the end of your contribution. This will automatically add your username and the date/time of your post, like so: Andy 15:12, 7 November 2013 (EST)

Kerr's Washington Post article "Apple's Dangerous Game" (and his follow-up post) seems to highlight an overall quandary with cyber and technological surveillance that the other readings point to. The fact that his second post comes from "the strongest counterargument" on his original article about the new Apple software that can thwart lawful search warrants proves the complexity and the seeming inability of tailoring proper security techniques when there is some much that cannot be known or predicted. In the original post, he states, "Incidentally, I have long argued that the Supreme Court should wait until a technology stabilizes before applying the Fourth Amendment to it to avoid the problem of announcing a rule that doesn’t make sense over time." (Here he points to the potential Fourth Amendment arguments as related to the search and seizure of someone's iPhone). At the same time, arguments like this point to the impossible paradox of law both attempting to keep pace with technology when certain forms of technological security cannot be made transparent due to the fear of cyberattacks as well as the issue of creating some sort of precedent without knowing what innovations lie ahead. (Amchugh (talk) 15:44, 3 March 2015 (EST))

Hello everyone, just wanted to start off the discussions with net neutrality. Regardless of which camp you're on, it seems like it has taken a huge step towards one direction.

Links:

http://www.bloomberg.com/news/articles/2015-02-26/fcc-adopts-net-neutrality-rule-backed-by-obama-for-open-internet

http://www.nytimes.com/2015/02/27/technology/net-neutrality-fcc-vote-internet-utility.html?_r=0

http://money.cnn.com/2015/02/26/technology/comcast-net-neutrality/

http://www.politico.com/story/2015/02/republicans-gop-split-on-net-neutrality-115564.html (government split on net neutrality)

http://www.huffingtonpost.com/2015/02/26/net-neutrality-fcc-vote_n_6761702.html

http://www.vox.com/2015/2/26/8117905/new-net-neutrality-rules-explained

http://www.theguardian.com/technology/2015/feb/26/net-neutrality-activists-landmark-victory-fcc (Net Neutrality activists)

Caelum (talk) 11:45, 27 February 2015 (EST)



We'll talk more about Net Neutrality in a future class, after we get the written rules from the FCC. Thanks for sharing! Andy (talk) 11:57, 27 February 2015 (EST)

thanks Caelum. It seems net neutrality is another one of those issues of balancing the govmt's ability to function v. individual's rights. Hromero10 (talk) 13:16, 2 March 2015 (EST)

Re: Government Surveillance. When the revelations of the NSA surveillance program first came to the surface my first reaction was, who the hell these CEO's think they are to just open the doors for the feds to come in and take whatever they want without even challenging their authority to do this? The answer quickly became clear - like everything else related to National Security - intimidation. Intimidation by the government against private companies for the consequences of refusing to cooperate which could cause them to be responsible for allowing the next 9-11 to happen. The scepter of a similar terrorist attack has been the cudgel the government has wielded over every questionable piece of legislation to come from the Patriot Act, like the approval of 'enhanced interrogations' to holding enemy combatants without charges, to the assassination of U.S. Citizens abroad without due process.

As expected, most companies folded promptly like a deck of cards, and only a few courageos souls had the conviction to challenge the government's authority and methods. Its important to note that many of those executives who opened the door for the feds to come in had already been helped handsomely by the government in previous years in their transition from phone providers to internet service providers like Verizon and Comcast, so they were not in a strong position to tell the government to take a hike - the feds practically owned them. So with the doors wide open - one stream of information went to the phone and internet companies, the other went straight to the government's servers - the feds have been collecting massive amounts of personal information on private citizens without a search warrant for years.

Because of the inaction of some spineless executives and CEOs, some of them simply beholden to the government's wishes, there is very little that can be done to stop the government's constant intrusion and gathering of relevant and irrelevant information about millions of citizens without a warrant. Court litigation and lobbying in congress will help some, but what citizens can do is hold these web service and phone companies' feet to the fire. Consumers should demand that our privacy be respected and guarded, not sold to the highest bidder, or third or fourth parties. On that, we are only in the begining stages - the public is only becoming more aware of the depth of the surveilance and the possible consequences in future years.

A very important question was raised in passing during RE/Code's interview with President Obama in which he asks: "Who owns your data? Your health records,your financial information, your e-mail?" He didn't elaborate much on the issue but it is a hugely important question. If the answer is data belongs to the individual that generates it, then we have a big problem because we know corporations are gonna find a way to own it and charge people to release it or erase it if they want, getting back tangentially to the issue of the right to be forgotten. But the bottom line is that all data about a person should belong to the individual. As it stands today, no one is really sure, but one thing is for certain, no one has any control of their own data today. No one can control what government does with it or what a company does with it, much less what any hacker can do with your personal information. The only thing I've seen on the web out there is a handful of websites that show people how to prevent advertisers and third parties from following your clicks on line and purchases for marketing purposes. In conclusion, the internet is a long way, hundreds of thousands of miles, perhaps even light years away from anything resembling privacy. Hromero10 (talk) 13:16, 2 March 2015 (EST)

I enjoyed this week’s readings as it goes into the reasonings from the government’s perspectives. I also liked the video interview with Obama in it. Perhaps that is what I shall be talking first. Perhaps the main aspect I could draw out from the video is that US has no cyber army, and if so, these armies are not just for defense, but also offense. Furthermore, I liked how he explains that there are many non-state actors that are “hard to pinpoint”. Yet the greatest state actors would be China, Russia and Iran. The highlight would bring it to when Obama said it is hard to get information from companies as a warrant is required, and subsequently encryptions makes their job even harder. (ref 1)

I do share the same vision as Obama for teaching kids to code. For one, I too felt extremely dated for not being exposed to coding at an early age. Therefore I am now learning to code. Teaching code to kids earlier, or the concepts of it during “abc’s” would ensure more knowledge about computers and coding. The other issue deals with gender equality, and a bigger influence and encouragement of women into sciences and technology subjects. I started off by mentioning this video is because it summarizes the views of US about cyber security and surveillance right now. It came from the man himself. (ref 1)

The next point to emphasize is that the difference between a company and a government doing the surveillance means a whole big deal. The key here according to Fung is that us individual citizens could boycott a company if necessary, but we cannot do so for a government. The government has the power to imprison us, and from one of his responses it says, “I am a strong believer in the 1st, 2nd, 4th and 5th amendments”, which meant that individual privacy should be respected. (ref 2) Just as Obama said it was hard to get data about your online communications, Fung also mentioned the same thing that it is hard for NSA to crack the encryption (as of now). Yet as the price of technology goes down, it directly benefits the surveillance from companies and governments. The government’s use of the “three hops”, which meant that three connections away from a suspicious individual, meant that they could pretty much surveillance quite a number of people! (ref 3) Also the four hurdles is almost child’s play with the ways the government overcomes them. The NSA actually have a lot of spying power. (ref 4)

So now with relatively low levels of threat, it seems like net neutrality and low government surveillance seems like the right thing to do. But as Goldsmith points out, “If a “catastrophic cyber-attack occurs,” the Timesconcluded, “Americans will be justified in asking why their lawmakers ... failed to protect them.”. What do we do when something really does happen? Will it be too late then? As it continues, since anyone anywhere can do a cyber attack, it makes it very easy and vulnerable to do so. (ref 5)

With all that in place, I do see the value of having some balances in check. The NSA does have its powers, but it is limited when it requires to extract data from companies. You could also see a whole bunch of transparency reports. Yet it is also questionable whether such transparency reports tells us enough of what is going on. If the warrant leads to the search of a suspected individual’s messages which stops some sort of crime, it should be applauded. Yet it does seem that we have this rigid stance against government surveillance right now. I remember seeing a comic about two individuals on a phone conversation while Obama was listening in to their conversation. (I tried looking for it, but I can’t find it) Surveillance seems necessary but also unnecessary at the same time. I agree it is very contradictory, but perhaps a new type of “system” could be created to ensure more security and still allow people to obtain and maintain some of their liberties. (Ref 6, 7, 8)

Lastly, I really liked the NSA spying timeline. (ref 9) I believe that government surveillance would not lower. It would only increase, as the potential for a huge cyberattack is much more dangerous than for everyone to keep their liberties. Since if a cyberattack occurs, the US would be devastated, and whatever liberties doesn’t matter at that point. US’s online presence is too huge, and people would complain if that happens anyways.


References:

Ref 1 - https://www.youtube.com/watch?v=yaylQmnXztU

Ref 2 - http://www.washingtonpost.com/blogs/the-switch/wp/2013/11/04/yes-there-actually-is-a-huge-difference-between-government-and-corporate-surveillance/

Ref 3 - https://www.schneier.com/blog/archives/2013/10/the_trajectorie.html

Ref 4 - http://www.dmlp.org/blog/2013/nsas-spying-powers-reading-statute

Ref 5 - http://www.newrepublic.com/article/115002/invasive-nsa-will-protect-us-cyber-attacks

Ref 6 - https://www.google.com/transparencyreport/userdatarequests/US/

Ref 7 - https://transparency.twitter.com/

Ref 8 - http://icontherecord.tumblr.com/

Caelum (talk) 17:35, 2 March 2015 (EST)

As I contemplate this week’s readings on the concerns raised about whether or not government surveillance, through the collection of digital metadata, is unconstitutional, I find I must consider it against the intrusiveness of commercial entities that have been allowed to follow our moves as we seek information on the internet. I believe both of these instances pose a substantial risk with regards to invading our privacy. While I can see that in good measure both are becoming somewhat necessary and tolerable, I can also see that it would be quite easy for this information to be abused and I believe preventing these potential abuses should be a core focus of this debate.

After I watched Kara Swisher’s Re/Code interview with President Obama I became more sympathetic to the cause of the NSA, and the government surveillance camp, as I now realize we will need to accept some version of this intrusiveness as a way of life. One of the aspects of the interview that I found most interesting was when the President discussed the pros and cons between air tight encryption verses seeking protection from terrorist plots. Consequently I think we need to contemplate creating a new set of laws and/or protocols that outline how this data can be handled and used, after it's collected and stored, so that this information cannot be used to confine our civil liberties.

As Laura K. Donohue points out in her paper, “Bulk Metadata Collection: Statutory and Constitutional Considerations,” during the Nixon Administration the CIA collected more than 10,000 intelligence files on Americans in an effort to thwart “the antiwar movement and other dissident groups in the United States,” and they did so “under the auspices of foreign intelligence gathering”(7). Clearly, as we move forward we need to engage in the creation of restrictions that would prevent this type of exploitation and manipulation of the metadata that is being collected.

Works Cited

Swisher, Kara. “President Obama: The Re/code Interview.” YouTube.com. 13 February 2015.

Donohue, Laura K. “Bulk Metadata Collection: Statutory and Constitutional Considerations.” forthcoming in the Harvard Journal of Law & Public Policy. 2014.

EmiMac (talk) 09:33, 3 March 2015 (EST)

EmiMac. I don't believe the public should let down their guard in terms of government surveillance, there have been many instances in which the U.S. government has taken expansive powers and not used them wisely, e.g. asset forfeiture laws, immigration enforcement, amongst others.

As to the question of how to reign in the government's surveillance powers and its abuses, one of the first things that needs to happen is for the FISA courts to be reformed. They need to stop being a rubber stamp agency made up of five judges meeting ex parte, or in secrecy, with requests being made by the NSA, the FBI or the Dept of Justice, going virtually uncontested.

The FISA court needs to be, as Laura Donahue suggested in one of the readings for this class (Comprehensive Case Against Metadata Collection), an adversarial proceeding in which one of the parties argues for the interest of the public or the individual. As it stands right now, the FISA courts is heavily weighed by considerations of national security and it rarely, if ever grants an appeal to a decision (.03 % of all applications) or a rejects a request, this has been done only four times since 2002.

Again, the establishment of these laws owe a lot to intimidation by the government and conservative proponents of more expansive and permissive rules regarding government surveillance in the aftermath of 9-11, at the expense of individual's civil rights and fourth amendment protection for illegal searches. This is one reason to reject the doctrine of 'perpetual war' because all these intrusions by the government are done in the name of the 'war against terror'. If the country is never at peace, the government has no reason to stop surveillance without warrants on its own citizens. Jack Goldsmith argues persuasively for government surveillance, but no one has been blasted by conservatives more than he has been, and I believe he still shell shocked from his dealings with the Bush administration. Hromero10 (talk) 12:32, 3 March 2015 (EST)

Meta-Monsters

[As] Flying Dragons rushing through the air counting time and space as nothing…. Producing companionship among communities in distant points, increasing intelligent intercourse, union, and productive wealth… these iron monsters have made their path… it has no passions and no motives… guided by its directors…it may be applied to so many uses, and expanded to any strength. We believe that it is to be the great moral agent in bringing the world into neighborhood.

This passage, written anonymously, was written 175 years ago. The “Iron monster” was the steam engine. In time, the line between who the monster really was blurred as these engines carried men with undiscerning guns westward, decimating flora and fauna to an unprecedented degree. Man made a machine that enabled him to do as many great things as evil. With great systems and inventions come the inherent risks that their awesome power can bring as much good to the world as it can bring bad. The question is, in who’s hands do we put this huge and immeasurable Iron Monster. The Internet is today’s Iron Monster, but it is harmless without directive; whoever directs this has the immense ease and temptation of becoming the true Iron Monster. The question after this week’s readings is. Who is it? The Public or the Private sectors? Most of us err on one side or the other reluctantly, but it’s a question with no one answer.

Bruce Schneier’s article succinctly discusses the two “Hands” –the public and private sectors -- that wield the Internet in order to gather our “private data”; neither of whom are comforting rulers. Especially frightening is the seepage, this “merge” Schneier discusses between the two kinds of databases; as companies gather increasingly more information about customers, it becomes more tempting for the government to transition from “asking” for information from the corporate databases to “demanding” information.

And the chilling thought is the most simple one; Schneier’s argument that with the creation of data, surveillance is simply inevitable – that we have created a world of “ubiquitous surveillance.”

Few of us can deny this.

Even more suffocating is the increasing truth found in the Faris and O’Brien article on Privacy and Data from class 3; that “Currently, the only surefire way to protect one’s digital privacy is to opt out entirely.” An incredibly difficult proposition in today’s world seeing that we’re not only barraged from all sides for our data, the private and public sector, but that our notions of what Richard in his “The Dangers of Surveillance” article labels, “Intellectual Privacy” become so eroded or at least de-valued for that trade-off of using services or simply being a citizen, of essentially, living in a civilized world apart from Emerson’s desolate cabin in the woods.

We will never revolt against these essential ways of living; we return to Schneier’s argument that simply living provides enough of a digital footprint that surveillance is indeed inevitable. Outstanding articles this week. Especially Neil Richards’ Dangers of Surveillance article in combination with Bruce Schneier’s thoughts.

In Richards’ words: “Our society lacks an understanding of why (and when) government surveillance is harmful.”

In Bruce Schneier’s words: “data equals surveillance.”

And in Robert Faris and David O’Brien’s words: “We constantly contradict ourselves: we want to protect “privacy” but constantly give it away.”

Mostly because, in Solove’s words: “Everybody is talking about [privacy] but no one knows what they are talking about…”

With this inevitable crawl towards surveillance and this weak and vague push against it because he have no idea what exactly we are defending – even with ideas as clear as Richards’ four principles – we are all riding this “Iron Monster” that is at once our own creation but the controlled monster of even greater monsters – also of our own collective creations. It is the inevitable crawl not to a doomed world but one that is not something we will accept – but we cannot stop it and surveillance will be an inevitable part of the next generations’ futures. They won’t stop it because they won’t likely care.

Chanel Rion (talk) 14:11, 3 March 2015 (EST)

I want to start with the quote from Schneier´s text: ”We need to decide whether our data is a shared societal resource, a part of us that is inherently ours by right, or a private good to be bought and sold.” (Schneier, 2013). For me, that is the root to the problem discussed in this week´s class literature, and your personal view on this matter will most likely affect your opinion in government and corporate surveillance.

This week was all about different interests and their rights. The literature discussed privacy vs. protection from terrorism and privacy vs. solving crimes. As President Obama said in the Re/Code interview, there are problems with encoding (which was what they talked about in this particular interview) but also tradeoffs (Swisher, 2015). The problem is to decide which interest is the most important? It is a difficult question to answer and I can´t really decide for myself what I think. At the moment, I would say that privacy is the less important interest when it comes to this issue, but I might say something else later on. And I am not the only one thinking this is a hard nut to crack. If it wasn´t, we wouldn´t even discuss it.

I believe that the really big security threat now and in the future is cyber attacks and cyber terrorism, since we are relying more and more on the Internet and computers. We barely even pay in cash anymore and governments use the Internet all the time. Actually, when I read the newspaper today I saw an article about the increased amount of cyber attacks against both the government and companies here in my country. One example was from February 23rd this year, when 112 (Europe´s version of 911) was affected by a technical breakdown (Törnmalm, Spängs, 2015). That could have had huge consequences. I would say that especially in a country like Sweden, where I am a citizen, cyber attacks feels way more threatening than more traditional threats. Sweden has been a country in peace for more than 200 years, even though you never know what will happen in the future of course.


References:

Schneier B, 10/21/2013. https://www.schneier.com/blog/archives/2013/10/the_trajectorie.html Retrieved 2/27/2015

Swisher K. “President Obama: The Re/code Interview.” YouTube.com. 13 February 2015.

Törnmalm K., Spängs T., 2015. Dagliga attacker mot myndigheter och företag. Dagens Nyheter, 03 March. page. 8-9. JosefinS (talk) 14:29, 3 March 2015 (EST)

I have come across a few articles this week that deal directly with the issues we have been discussing. Specifically, I was interested in seeing the below post on Jezebel about a man dealing in revenge porn, who now wants his personal information removed from Google searches. The story is extreme and somewhat ridiculous, and Google has disregarded his requests, but I do think it speaks to a truth about the conflicting expectations we have about what information we can control about others and about ourselves.

http://jezebel.com/revenge-porn-dude-wants-his-personal-info-removed-from-1687953903

This actually ties into the other interesting article I saw, which focuses on surveillance and data collection, and what we can about it. The author discusses options for avoiding and blocking it, but it mostly focuses on how to distort surveillance data – that is, to feed it incorrect or random information, thereby blinding the data collectors to any true or valuable information about yourself. I found that idea really fascinating. As an Internet user, I like knowing that that’s a possibility for me. But I can also see how there are certain cases where the government or a company might be interested in finding data about me for reasons that will ultimately benefit me, in which case, feeding them bad data doesn’t help anyone.

http://www.slate.com/articles/technology/future_tense/2015/03/data_and_goliath_excerpt_the_best_ways_to_undermine_surveillance.html

This brings me to my main issue with surveillance, which is the lack of transparency around when it’s happening and why. This is true for both corporate and government surveillance and data collection. In his article, Brian Fung argues that government surveillance is worse than corporate surveillance because we don’t have any choices surrounding it. I would argue that the two forms are similarly insidious, however, and both lack transparency, making them equally difficult for me to reconcile.

Beccalew (talk) 14:45, 3 March 2015 (EST)

As someone who spends a lot of time at the Kennedy School, it’s always been a little scary to hear from practitioners in the national security field about just how easily and how much government and corporate entities can access personal information—both in how comfortably we give it away and how sophisticated tracking software can be. When the Edward Snowden controversy unfolded instead of being surprised at the actions of the NSA, I was actually more surprised by the whirlwind of outrage produced by the media and public. After years of hearing national discourse about the overreaching powers of the Patriot Act, rhetoric about the never-ending war on terror, and debates about privacy on websites like MySpace and Facebook, it seemed glaringly apparent to me that regulation was not on par with how fast technology was growing. It seems only natural that something that went from rare to deeply ubiquitous in such a short period of time would be used and/or abused by those in power.

But, while I think the NSA and other government agencies may have overstepped in certain places, a friend of mine made the apt comparison that government surveillance is like being in Times Square on New Year’s Eve—you know you’re on camera, you know you’re kind of loosely being watched, but as long as you don’t do anything, you’re unlikely to be noticed specifically—you’re just kind of part of the general pack. One of the issues is that of over collection, with algorithms and software at a point where it just isn’t sophisticated enough to allow the government to collect less data and concentrate on what is actually useful. Corporate collection of information however, totally freaks me out because (and perhaps this is hopelessly naïve of me) for the time being unless I’m breaking a law or doing something wrong, my online activity isn’t of huge importance to the government. Organizations like Google and Amazon however, make me feel like they know more about me than me sometimes.

Essentially, an my background in politics is probably influencing my opinion that national security concerns are more important than me preferring that government agents don’t read my emails, but the right to privacy from the government shouldn’t be discounted. I agree with President Obama’s remark Apple and Google are “improperly responding to a market demand” by rolling out encryption software in the wake of public outcry and increased interest in privacy. It does appear that there needs to be a better forum for government agencies and entities like Google and Twitter to work together or even for those entities to inform their users that the government will be provided access to their usage under a specific variety of legal circumstances. Meredith (talk) 15:03, 3 March 2015 (EST)

I am in complete agreement with HRomero’s prospective on ‘perpetual war’ and it being the basis for continued surveillance. NSA’s use of the Foreign Intelligence Surveillance Act (FISA) is much more intrusive than it has been in the past. One-way observation is in some ways an expression of control. While Fung (2013) demonstrates the similarity in the ways private and government, there is a significant difference in the action a person is able to respond to a company versus the government. What is evident is the very little recourse a person has against the government’s violation of their rights. Although the Fourth Amendment states “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated; and no Warrants shall issue but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized”, there lays the question of the NSA violating the Fourth Amendment by surveying and searching the communications of individuals suspected of no wrongdoing without a warrant. Citizens are not in a position to contest government surveillance laws, which has me to question if the freedom of expression is under threat. Having quite a few friends around the globe who are writers, the potential scrutiny of their communications it has impacted their eagerness to write about provocative subjects. While the data collected should be minimized and anonymized unless it is a crime, Walsh (2014) draws the correlation between the minimization of data and the ability to re-identify people from anonymized records. Here is a link to Section 702 of FISA, http://fas.org/irp/news/2013/06/nsa-sect702.pdf, which speaks about minimizing data collected. The idea of de-anonymizing was discussed in our previous readings of Schneider and demonstrated how easy it was to do with very little information. With all facts considered, I believe the NSA’s use of FISA creates an indirect by-product of censorship with the attempts to minimize of the use of personal identifiable information being questioned.

References:

Fung, B. (2013). ‘Yes, there is actually a huge difference between government and corporate survaillance.’

Schneier B, (2007). ‘Why Sometimes Anonymous Data Isn’t.’

Walsh, K. (2013), ‘The NSA’s Spying Powers: Reading the Statute’.

TashaTasha (talk) 15:23, 3 March 2015 (EST)

After taking a look on today’s class reading my overall impression is that we are talking about “cyber wars” and “cyber armies”. All this military allusions are giving me the impression that our governments are preparing for military clashes old style. The problem is who is considered to be the enemy? Historically a war is to be led between two or more different countries but in this case the hostile conflict is not localized. As long as we have military threat certain measures , actions and arms are used which would not be allowed during a homeland issue, if not during a revolution, but if it is consider as such it is another story. So it is not very clear to me why one and the same “weapons” are to be used to fight different groups groups of enemies foreign and domestic? Another question is whether the government is making any difference between “spying” and “surveillance”?

I very much liked the “Kit Walsh, The NSA's Spying Powers: Reading the Statute” , where the analysis shows clearly that the governmental authorities are creating the laws (probably the term “law” is not correctly used, for which I apologize) in order to give themselves the authority and scope of freedom they need. But it is wrong, the government should adjust its actions according to the laws, not the other way round.

My final impression , after watching president’s Obama interview and reading Neil M. Richards’ “ THE DANGERS OF SURVEILLANCE”, is that people are just not well informed of what exactly is going on and what is done here and now in their name.

The second issue about the information collected by private sector and then used by the government, I very much enjoyed reading about this, because it came as a follow up to something I read less then a month ago “The NSA hides surveillance software in hard drives” (http://www.engadget.com/2015/02/16/hard-drive-spyware/) . I think we should not forget the fact that all private individuals, huge companies included, have the right to follow their economical interest and to enter in whatever contractual relation with a third party, including the government, as long as it stays legal. I would say it means that it is up to us, to take better care what information we are giving as users and under what conditions. If we click by default “I agree” and simply do not care that we a putting our biometric date at the disposal of a world corporation (iphone5 http://edition.cnn.com/2013/09/12/tech/mobile/iphone-fingerprint-privacy/), we could neither elect, refuse to elect or control in any other way the democracy has given us the right to do with our government, than we should start doing something about this first. (Gia (talk) 15:40, 3 March 2015 (EST))

A couple of things jumped out at me in this week’s readings. The first, according to Schneier, is that the Government can analyze not only me, but people “3 hops away.” That could mean that as far as the government is concerned I am related in some abstract way not only to my friends, but also their friends and their friends’ friends. That is a lot of people, most of whom I do not even know. Yet, their data may somehow be linked to me. I shudder a bit at that prospect. It would seem that the “six degrees of separation” in the digital world is smaller than ever. What level of affinity is too thin? I suppose the answer would be no connection is too thin, if we can qualify that it serves a legitimate need of the government.

This brings me to the second thing that jumped out. In looking at the transparency reports and their useless consumption of ink (or pixels), I am reminded that whatever their level of uselessness, the government has no transparency report at all that I can see, with the possible exception of Snowden. That seems like a risky alternative. Something less risky would be more appropriate. Gary Brown (talk) 15:46, 3 March 2015 (EST)

Thanks for all the great comments and contributions during lecture. I'm interested if anyone knows why exactly the NSA decided to build the storage units for all this data in Utah. I grew up living in Draper, about 20 minutes away from Salt Lake and my entire family lives in Salt Lake, but I had no clue the storage units were being built out there? Also, when I researched the facility and was initially shocked with the amount of money that went in to building it. But after lecture, I guess 1.3 billion is the amount expected on providing adequate protection to such valuable data. But I'm still puzzled at why Utah was chosen as the location to store all this data.

Mhoching (talk) 23:31, 4 March 2015 (EST)



Wired broke the story about the Utah facility in a 2012 article. I'd start there to answer your question. Andy (talk) 08:12, 5 March 2015 (EST)

Thanks for the link Andy! I also found Governor Herbert's article when the project was in the process of being built in Utah. http://blog.governor.utah.gov/2012/02/2012-energy-summit/

Being from an area just south from there I can attest to the massive amounts of barren land to build out on! Again, thanks for link! Mhoching (talk) 23:46, 8 March 2015 (EDT)

I think that the way how corporations and the government use surveillance to monitor threats are different between each other, the aim of government is safety and the aim of corporations is compliance and business oriented, serve the public. Also the way how president spoke and the fact that there is evidence that technologically sometimes business cannot comply retrieving data for the government because of compressed decryption data is an issue that must be solved.

Transparency reports explain the ways how agencies act towards people in this way I think that people should be aware of encryption, transparency, in this way the public can be aware of what the government does, in a way can monitor the government on privacy issues.

Edwin Duque (15:36, 23 March 2015 (EDT))

Retrieved from "http://cyber.harvard.edu/is2015/?title=Privacy_Part_3:_Government_Surveillance&oldid=4068"