Policy wonk. Torontonian. Photographer. Not necessarily in that order.
In the UK, the public, press, and politicians vigorously debated the Communications Data Bill, a law that would require ISPs and telecommunications providers to keep metadata records for 12 months (as of this writing, the bill has been withdrawn). The US had no discussion of such a bill; something more draconian simply happened through a secret interpretation of the law.
Susan Landau, “Making Sense from Snowden”
In 2012, the Migration Policy Institute reported that immigration and border enforcement spending totaled almost $18 billion. That is 24 percent more than the $14.4 billion combined budgets in the last fiscal year of the F.B.I., the Secret Service, the Drug Enforcement Agency, the Marshals Service and the Bureau of Alcohol, Tobacco, Firearms and Explosives. Add the billions anticipated in the Senate bill, and you have what the trade publication Homeland Security Today calls a “treasure trove” for contractors in the border security industry.
Projected as an approximately $19 billion industry in 2013, defense contractors seem, in the words of one representative from a small surveillance technology company hoping to jump into the border security market, to be “bringing the battlefield to the border.“
Todd Miller, “War on the Border”
Well, just sent in a completed version of the dissertation to my committee. Ended up being just a hair over 90K words (286 pages). I should (ideally) get comments back in the next week or so, implement them, and then submit the dissertation to grad studies by end of the month/early September for an October defence!
I suppose everything Alexander said was technically true, since the “congressional review” was different from the “NSA audit”, but it’s still gross deception. He acts with the ethics of the head of a police state. We should either upgrade him to the title he deserves, “Chief of the Secret Police”, or ask for his resignation.
Robert Graham, Errata Security
In one of Michael Geist’s recent articles on secret surveillance he notes three key issues with the secretive intelligence surveillance actions that are coming to light. Specifically:
First, the element of trust has been severely compromised. Supporters of the current Internet governance model frequently pointed to Internet surveillance and the lack of accountability within countries like China and Russia as evidence of the danger of a UN-led model. With the public now aware of the creation of a massive, secret U.S.-backed Internet surveillance program, the U.S. has ceded the moral high ground on the issue.
This has been a point that academics have warned about for the past decade: when/if it is apparent that the US and other Western governments aren’t ‘fit to govern’ critical Internet infrastructure then foreign states will increasingly agitate to influence network design. Still, while the US government’s mass surveillance systems may accelerate the rate at which governments are ‘interested’ in critical infrastructure design and deployment, this isn’t a novel path or direction: governments throughout the world have been extending their surveillance capacities, often pointing to the US’ previously disclosed behaviours as justifications. The consequence of the recent high-profile articles on NSA surveillance has been to (arguably) ensure that a ‘moral high ground’ cannot be reclaimed; arguably, that ground has actually been lost for quite some time.
Geist continues:
Second, as the scope of the surveillance becomes increasingly clear, many countries are likely to opt for a balkanized Internet in which they do not trust other countries with the security or privacy of their networked communications. This could lead to new laws requiring companies to store their information domestically to counter surveillance of the data as it crosses borders or resides on computer servers located in the U.S. In fact, some may go further by resisting the interoperability of the Internet that we now take for granted.
Again, we’ve been seeing these kinds of law crop up for the past many years. However, the countries that have been engaging in such actions are all (generally) regarded as ‘foreign’ by individuals in North America. So, when Iran, India, China, or other countries have imposed localization laws those nations are seen as ‘rogue’; missing from much of the critique, however, has been how ‘domestic’ governments have sought to contain or delimit the flow of information. Admittedly, most of Canada, the UK, and America lacks ‘data localization’ laws, but all of those jurisdictions do have ‘data limitation’ laws, insofar as some information is blocked at an ISP level. In effect, while a hardware balkanization of the Internet might accelerate, the content balkanization of the Internet has been ongoing for over a decade.
Geist concludes:
Third, some of those same countries may demand similar levels of access to personal information from the Internet giants. This could create a “privacy race to the bottom”, where governments around the world create parallel surveillance programs, ensuring that online privacy and co-operative Internet governance is a thing of the past.
This is an area that will be particularly interesting to watch for. In terms of content localization, there are laws around the world limiting what citizens in various nations can access. While such localization laws were initially seen as heralding the end of the Internet this has not been the case: save for in particularly censorious regimes, local norms have guided what should(n’t) be accessible (e.g. child pornography, nazi symbology and paraphernalia, etc). At issue is that efforts to ‘block’ certain content tends to often not work well, and also tends to reduce efforts to legally punish those responsible for the content in the first place. In effect, the former problem speaks to the limitations of blocking any content effectively and without accidental overreach, and the latter with poor international cooperation between policing agencies to actually act against the producers of obviously nefarious content (e.g. child pornography).
The ability for nations to demand strong data/server/service localization requirements will, I suspect, be predicated on economic size and relative ‘value’ of a nation’s citizens to a particular company. So, if you have a very large multinational, with ‘boots on the ground’ and a large subscriber base in a profitable nation-state, then the multinational may be more likely to comply with localization requirements compared to a similar demand from a small/economically insignificant state in which the company lacks ‘boots’. Moreover, the potential for certain services to no longer be accessible – say, GMail, if Google refused to comply with a given nations’ localization laws – could lead citizens to turn on their own government on the basis that the services are needed for ongoing, daily, commercial or personal activity.
In effect, I think that while Geist’s third point is arguably the most significant, it’s also the one that we’re furthest off from necessarily crossing over to. Admittedly there are some isolated cases of localization requirements now (e.g. India), but the ability to successfully impose such requirements is as much based on the attractiveness of a given market as anything else. So, there could actually be a division between the ‘localization countries’: ones that are ‘big enough’ to commercially demand compliance versus ones that are ‘too small’ to successfully impose their sovereign wills on Internet multinationals. How any such division were to line up, and the political and economic rationales for all involved, will be fascinating to watch, document, and explore in the coming years!
All four of Obama’s proposed reforms are useful. The second is adding an adversary to proceedings of the Foreign Intelligence Surveillance Act court, which has the power to approve secret warrants. Another is to assemble a committee that would issue a report about the balance between liberty and security. And then there’s a call to increase transparency. Some of this area’s elements are cosmetic—a new Web site for the N.S.A., for example, for which one hopes there is a better graphic designer than whoever puts together the agency’s classified PowerPoint presentations—and others are important but fragmentary. Obama said he’d make public the “legal rationale for the government’s collection activities under Section 215.” That is good, but legal rationales, for this and all other collection activities, are not things that should ever be fully classified in the first place. How an agency proceeds in a given case is one thing, but what it and we understand our rights to be should never be secret.
Source: http://m.newyorker.com/online/blogs/closeread/2013/08/nsa-dirty-dishes-obama-press-conference.html
You’ll forgive me if thinking that releasing details of how laws are secretly interpreted constitutes ‘transparency’ to any reasonable degree. Though I’m well aware that a vast portion of American jurisprudence is effectively withheld from the public (you have to pay for access to PACER to see how legislation has actually been interpreted by courts, thus excluding individuals from understanding their laws and court processes) it is inexcusable that POTUS thinks that making their rationales public is sufficient. What is legal is not necessarily right nor constitutional, and dragnet surveillance of the world’s communications is an inexcusable affront to basic human freedoms and liberties in today’s digital era.
When Dmitry Argarkov was sent a letter offering him a credit card, he found the rates not to his liking.But he didn’t throw the contract away or shred it. Instead, the 42-year-old from Voronezh, Russia, scanned it into his computer, altered the terms and sent it back to Tinkoff Credit Systems.Mr Argarkov’s version of the contract contained a 0pc interest rate, no fees and no credit limit. Every time the bank failed to comply with the rules, he would fine them 3m rubles (£58,716). If Tinkoff tried to cancel the contract, it would have to pay him 6m rubles.Tinkoff apparently failed to read the amendments, signed the contract and sent Mr Argakov a credit card.“The Bank confirmed its agreement to the client’s terms and sent him a credit card and a copy of the approved application form,” his lawyer Dmitry Mikhalevich told Kommersant. “The opened credit line was unlimited. He could afford to buy an island somewhere in Malaysia, and the bank would have to pay for it by law.”what a hero!
Different situation, but I’ve done the same thing with publishers around copyright terms. Contracts: something to negotiate, not just something to submit to.
[Privacy] has to be institutional; it also has to do with social conventions that we adopt. The reason there isn’t a technological solution is that the ability to infer information from partial information is extremely powerful — you can take information which appears to be anonymous and (extrapolate identity). It has to be a set of conventions that we adopt, either a legal framework or social conventions.
Technology is racing ahead so quickly and we are so eager to embrace it with our mobiles and everything else that we don’t fully appreciate the side effects. When we put photos on the web and other people tag them, we create (problems) for people who just happen to be in the image. They get caught… we learned this with Street View.
There are a lot of things that we do everyday that we think are innocent… but there are cascades of things that happen. I don’t think we’ve figured out what the right intuitive set of social conventions should be in order to protect privacy. We’re going to have to learn by making mistakes.
This can’t be just a national issue because the internet is everywhere. The consequence of that is it causes us to confront head-on this problem of global issues, of frameworks, legal frameworks, social conventions and the like.
Vinton Cerf, “Internet inventor Vint Cerf: No technological cure for privacy ills”
More than a little startled that it really, seriously, looks like the dissertation might be defended, revised, and submitted in the next 60-90 days!
Excited Pixels