Quote

If those responsible for security believe that the law does not give them enough power to protect security effectively, they must try to persuade the law-makers, Parliament and the provincial legislatures, to change the law. They must not take the law into their own hands. This is a requirement of a liberal society.

  • Canada, Commission of Inquiry Concerning Certain Activities of the Royal Canadian Mounted Police, Second Report: Freedom and Security Under the Law, vol 1, Part II (Ottawa: Privy Council Office, 1981) at 45.

Link

Dissecting CSIS’ Statement Concerning Indefinite Metadata Retention

The Canada Security Intelligence Service (CSIS) released a public statement after the Federal Court found the Service to be breaking the law by permanently retaining metadata they had been collecting. To date, the Public Safety Minister has refused to clarify the numbers of Canadians who have been caught up in this ‘catch once, catch forever’ surveillance regime.

The Service’s statement is incredibly misleading. It is designed to trick Canadians and parliamentarians into thinking that CSIS didn’t do anything that was really ‘that’ bad. I fundamentally disagree with CSIS’ activities in this regard and, as a result, I’ve conducted a detailed evaluation of each sentence of the Service’s statement.

You can read my dissection of CSIS’ statement at Technology, Thoughts, and Trinkets.

Link

France’s Emergency Powers: The New Normal

Just Security:

The new, six-month extension of emergency powers creates France’s longest state of emergency since the Algerian War in the 1950s. The new law restores or extends previous emergency provisions, such as empowering police to carry out raids and local authorities to place suspects under house arrest without prior judicial approval. It also expands those powers, for example allowing the police to search luggage and vehicles without judicial warrants. In addition it reinstates warrantless seizures of computer and cellphone data that France’s highest legal authority had struck down as unconstitutional, adding a few restrictions that still fall short of judicial oversight.

In separate reports in February, Human Rights Watch and Amnesty International documented more than three dozen cases in which the use of these emergency powers violated universal rights to liberty, privacy, or freedoms of movement, association and expression. The two groups also found that the emergency acts lost suspects jobs, traumatized children, and damaged homes. The vast majority of those targeted were Muslims. Those interviewed said the actions left them feeling stigmatized and eroded their trust in the French authorities. The latest version of the emergency law risks compounding these effects.

The decisions to advance unconstitutional and discriminatory ‘security’ laws and policies following serious crimes threaten to undermine democracies while potentially strengthening states. But worryingly there are fewer and fewer loud voices for the rough and tumble consequences of maintaining a democratic form of governance as opposed to those who assert that a powerful state apparatus is needed if normalcy is to exist. The result may be the sleepwalking from governments for and by the people, to those that protect citizen-serfs and harshly discriminate against difference.

Link

On Encryption and Terrorists

On Encryption and Terrorists:

I’ve come to see encryption as the natural extension a computer scientist can give a democracy. A permeation of the simple assurance that you can carry out your life freely and privately, as enshrined in the constitutions and charters of France, Lebanon as well as the United States. To take away these guarantees doesn’t work. It doesn’t produce better intelligence. It’s not why our intelligence isn’t competing in the first place. But it does help terrorist groups destroy the moral character of our politics from within, when out of fear, we forsake our principles.

If we take every car off the street, every iPhone out of people’s pockets and every single plane out of the sky, it wouldn’t do anything to stop terrorism. Terrorism isn’t about means, but about ends. It’s not about the technology but about the anger, the ignorance that holds a firm grip over the actor’s mind.

Nadim’s explanation of what encryption is used for, and his correlates between using encryption or automobiles for terror-related activties, is amongst the clearest I’ve read. It’s worth the 5-7 minutes it’ll take you to read.

Link

The Security of Our Election Systems

The Security of Our Election Systems:

Government interference with foreign elections isn’t new, and in fact, that’s something the United States itself has repeatedly donein recent history. Using cyberattacks to influence elections is newer but has been done before, too ­ most notably in Latin America. Hacking of voting machines isn’t new, either. But what is new is a foreign government interfering with a U.S. national election on a large scale. Our democracy cannot tolerate it, and we as citizens cannot accept it.

Last April, the Obama administration issued an executive orderoutlining how we as a nation respond to cyberattacks against our critical infrastructure. While our election technology was not explicitly mentioned, our political process is certainly critical. And while they’re a hodgepodge of separate state-run systems, together their security affects every one of us. After everyone has voted, it is essential that both sides believe the election was fair and the results accurate. Otherwise, the election has no legitimacy.

Election security is now a national security issue; federal officials need to take the lead, and they need to do it quickly.

The effects of a decade of focusing on attack capabilities at the expense of defence is now becoming apparent. And I’d bet that we’ll see democratic governments call for heightened national ‘defence’ capabilities that entail fully inspecting packets. Which will require laws that water down communicative privacy rights. Which will themselves damage the democratic characters of our political systems.

Link

Roger Ailes Got Us To Mistrust Everyone—Including Himself

Roger Ailes Got Us To Mistrust Everyone—Including Himself:

The best evidence that Ailes no longer wields the power he once did? If reports are to be believed, Ailes himself is about to step down from the network he defined. On its surface, the reasons have nothing to do with Fox News’ diminishing political influence. Gretchen Carlson, a former anchor, has accused Ailes of harassment, and apparently a number of other women—including Kelly—have come forward with their own accusations. James and Lachlan Murdoch, Rupert’s sons, have long looked to boot Ailes, and now they seem to have found the opportunity to do so. Still, it’s hard to imagine that Ailes would be so vulnerable if his role as GOP kingmaker were still secure.

He wouldn’t be ‘vulnerable’ to being fired for sexual misconduct if he still was influential in, or with, the Republican Party. This is the definition of casual sexism in journalism.

Link

Hacking Our Humanity: Sony, Security and the End of Privacy

Hacking Our Humanity: Sony, Security and the End of Privacy :

The lesson here isn’t that Hollywood executives, producers, agents and stars must watch themselves. It isn’t to beware of totalitarian states. It’s to beware, period. If it isn’t a foreign nemesis monitoring and meddling with you, then it’s potentially a merchant examining your buying patterns, an employer trawling for signs of disloyalty or indolence, an acquaintance turned enemy, a random hacker with an amorphous grudge — or of course the federal government.

And while this spooky realization prompts better behavior in certain circumstances that call for it and is only a minor inconvenience in other instances, make no mistake: It’s a major loss. Those moments and nooks in life that permit you to be your messiest, stupidest, most heedless self? They’re quickly disappearing if not already gone.

Though I find various aspects of Bruni’s article insulting (e.g. “…the flesh that Jennifer Lawrence flashed to more people than she ever intended…”) the discussion of who are the most common threat actors that people have to worry about is a fair point. It’s also important to discuss, and discuss regularly, that the ‘defences’ which are commonly preached to protect our privacy are fraught with risk. While being silent, not associating with one another, or not reading certain things online might keep one ‘safe’, engaging in such censorious activities runs counter to the freedoms that we ought to cherish.

Such responses ignore the costs — often paid in blood or years of people’s lives— that have gone into fighting for the freedoms that we now enjoy and that are engrained in our constitutions, our laws, and our social norms. They forget the men and women who fight and die on battlefields to protect the freedoms of citizens of other nations. And, perhaps most significantly, such responses demonstrate how larger social movements directed at enshrining our freedoms through collective action are set aside, often cynically, so that we can try and resolve the problems we all face as individuals instead of as collective political actors. Self-censorship isn’t just a means of ensuring self-protection; it’s an exhibition of citizens’ unwillingness to at try and utilize our political processes to resolve common social ills.