Archive for the ‘Government Secrecy’ Category

Goldilocks and Cybersecurity

posted by Derek Bambauer

It may seem strange in a week where Megaupload’s owners were arrested and SOPA / PROTECT IP went under, but cybersecurity is the most important Internet issue out there. Examples? Chinese corporate espionage. Cyberweapons like Stuxnet. Anonymous DDOSing everyone from the Department of Justice to the RIAA. The Net is full of holes, and there are a lot of folks expert in slipping through them.

I argue in a forthcoming paper, Conundrum, that cybersecurity can only be understood as an information problem. Conundrum posits that, if we’re worried about ensuring access to critical information on-line, we should make the Net less efficient – building in redundancy. But for cybersecurity, information is like the porridge in Goldilocks: you can’t have too much or too little. For example, there was recent panic that a water pump burnout in Illinois was the work of cyberterrorists. It turned out that it was actually the work of a contractor for the utility who happened to be vacationing in Russia. (This is what you get for actually answering your pager.)

The “too little” problem can be described via two examples. First, prior to the attacks of September 11, 2001, the government had information about some of the hijackers, but was impeded by lack of information-sharing and by IT systems that made such sharing difficult. Second, denial of service attacks prevent Internet users from reaching sites they seek – a tactic perfected by Anonymous. The problem is the same: needed information is unavailable. I think the solution, as described in Conundrum, is:

increasing the inefficiency with which information is stored. The positive aspects of both access to and alteration of data emphasize the need to ensure that authorized users can reach, and modify, information. This is more likely to occur when users can reach data at multiple locations, both because it increases attackers’ difficulty in blocking their attempts, and because it provides fallback options if a given copy is not available. In short, data should reside in many places.

But there is also the “too much” problem. This is exemplified by the water pump fiasco: after 9/11, the federal government, including the Department of Homeland Security, began a massive information-sharing effort, such as through Fusion Centers. The difficulty is that the Fusion Centers, and other DHS projects, are simply firehosing information onto companies who constitute “critical infrastructure.” Much of this information is repetitive or simply wrong – as with the water pump report. Bad information can be worse than none at all: it distracts critical infrastructure operators, breeds mistrust, and consumes scarce security resources. The pendulum has swung too far the other way: from undersharing to oversharing. Finding the “just right” solution is impossible; this is a dynamic environment with constantly changing threats. But the government hasn’t yet made the effort to synthesize and analyze information before sounding the alarm. It must, or we will pay the price of either false alarms, or missed ones.

(A side note: I don’t put much stock in which federal agency takes the lead on cybersecurity – there are proposals for the Department of Defense, or the Department of Energy, among others – but why has the Obama administration delegated responsibility to DHS? Having the TSA set Internet policy hardly seems sensible. Beware of Web-based snow globes!)

Cross-posted at Info/Law.

  January 21, 2012 at 7:38 pm   Posted in: Architecture, Cyberlaw, Government Secrecy, Innovation, Intellectual Property, Technology, Web 2.0   Print This Post   No Comments

Ackerman and Benkler on the Occupied First Amendment

posted by Frank Pasquale

Slate writer Raymond Vasvari recently observed that, “for every uplifting paragraph” of precedent vindicating rights to protest, there are a “thousand cases bending an abstract right to the prosaic realities of protest.” We may never learn the extent to which Occupy Wall Street protesters were classified “enemies within,” and subject to coordinated intergovernmental suppression. But we can observe, with professors Ackerman and Benkler, that the “irony of free speech” is reaching a breaking point:

Whatever else it accomplishes, Occupy Wall Street is revealing distortions in our current understanding of the First Amendment. In recent decisions, the Supreme Court has protected Wall Street’s constitutional right to pour millions into political campaigns. But as presently construed, the First Amendment isn’t an obstacle when it comes to silencing the Occupiers. . . .

Instead of hiding behind obsolete court decisions, big city mayors must recognize that they are on the constitutional front-line. Michael Bloomberg is failing this test when he keeps Occupiers out of New York’s public parks and tolerates the arrests of dozens of protesters, providing an example for similar actions in Boston, Denver, and San Diego. In contrast, Antonio Villaraigoso is showing that leadership on behalf of the First Amendment is well within the realm of the politically possible. Los Angeles has not only avoided arrests, but seems to be expanding available public space as the protest swells. Similarly, the U.S. Parks police are on the right track in giving the demonstrators a four month extension on Freedom Plaza.

How to explain Mayor Bloomberg’s deviance from constitutional ideals? Maybe he’s one of the worried wealthy, realizing that he can only afford another 170 of his trademark $100 million dollar political campaigns with his fortune of $17 billion. Ensconced in an alternate reality of privilege, Bloomberg retails stories of struggling and put-upon banks. It is his very plutocratic disconnection from the daily life of his subjects that makes an extraordinary protest like OWS necessary.
Read the rest of this post »

  November 16, 2011 at 12:30 am   Posted in: First Amendment, Government Secrecy, Privacy (Electronic Surveillance), Privacy (Law Enforcement), Technology   Print This Post   21 Comments

The Month Ahead: Spies, Lies, Russia, and Terrorist Watchlists

posted by Jeffrey Kahn

It’s great to be back at Concurring Opinions (and thanks to Danielle for the generous (re)introduction last week).  This month, I plan to blog on a few ongoing projects and some upcoming news events.  Here are two topics soon to come, with two more after the break.

(1)  Spies.  Immigration authorities seize a suspected spy in Manhattan on the grounds that he entered the country unlawfully.  Rather than process him through the immigration system, or transfer him to the criminal justice system, he is secretly flown more than a thousand miles away, interrogated without a lawyer, and kept virtually incommunicado for almost seven weeks in a government facility on the Texas-Mexican border.  When he doesn’t break, he is transferred back to New York to be tried in federal court for a capital offense.  The evidence from his warrantless arrest and secret detention helps to convict him. 

When did this happen?

No surprise that the story resonates with our national security debates today.  But it all happened during the Eisenhower Administration.  Rudolf Abel was the top Soviet spy in North America before he was convicted of atomic espionage.  Thanks to his lawyer, his life was spared (and he was later exchanged for U-2 pilot Francis Gary Powers).  I think that there are lessons to be learned from this history today, but mine seems to be the minority view.

(2)  Lies.  Okay, not lies exactly, but pretext.  (You try rhyming pretext with anything.  You’ll wind up perplexed, if not vexed, with the text that comes next.)  Pretextual use of the law is all around us.  The most common example is the law governing arrests.  In Whren v. United States, the Supreme Court unanimously agreed that the police were free to do “under the guise of enforcing the traffic code what they would like to do for different reasons,” namely, stop and search Whren’s car for drugs.  Abel’s case (referenced in Whren) presented another classic instance of pretext: his detention for an immigration violation was used for the unintended purpose of counterespionage, neatly skirting in the process constitutional protections against warrantless searches and seizures, not to mention official disappearances.  When Abel’s able lawyer argued pretext, however, the Supreme Court sustained the conviction.

Sometimes the law abhors pretext.  For example, in Kelo v. City of New London, the Supreme Court categorically rejected the idea that the state may take property under the pretext of a public purpose.  How should citizens regard the pretextual use of the law by state officials?  Does such use tend to weaken the rule of law in ways that should matter to us as individuals or as a society?  When tempted to use a law for an unintended purpose, how should the “good” official distinguish an innovative pretextual use from a destructive one?  The Supreme Court dodged these questions just last term in Ashcroft v. Al-Kidd and I’d like to think hard about why.

Read the rest of this post »

  November 6, 2011 at 1:17 pm   Posted in: Articles and Books, Civil Rights, Constitutional Law, Criminal Procedure, Government Secrecy, Uncategorized   Print This Post   3 Comments

Audit Trails: The Corporate Surveillance We Need

posted by Frank Pasquale

What do the following problems have in common?

1) food poisoning
2) systemic risk in the financial system
3) data breaches
4) violations of civil liberties
5) tax evasion
6) insider trading

In each case, we could do a lot more to stop the problem if we better tracked the actions that lead to it. An “audit trail” can enable that tracking. Decades ago, such tracking would be inordinately costly. Nowadays, it is increasingly embedded into any quality logistical system. The technologies of RFID chips, cheap imaging and data storage, and rapid search are ubiquitous. Corporations use them to track customers and products. Now public authorities need to use them to track corporations.

Consider, for instance, this recent story on food safety:
Read the rest of this post »

  August 28, 2011 at 5:42 pm   Posted in: Bankruptcy, Financial Institutions, Government Secrecy, Privacy, Privacy (Electronic Surveillance), Privacy (Medical)   Print This Post   One Comment

The War Against Disclosure

posted by Frank Pasquale

Three remarkable recent lobbying campaigns go beyond the normal bounds of partisan sniping over “markets vs. regulation.” They threaten our capacity to understand how society is ordered: whom it serves, for what purposes, and at what costs. Consider these attacks on basic disclosure norms in politics and business:

1) Campaign Finance Disclosures: Regardless of ideology, almost everyone used to agree that campaign funding sources and amounts should be disclosed. 92% of Americans had that position in 2010. Justice Scalia has eloquently insisted that such disclosure laws violate no one’s rights. But thought leaders in the Republican party are now vigorously resisting disclosure, as Norm Ornstein observes:

The 2010 mid-term elections showed clearly how legal loopholes involving non-profit groups called 501(c)4s, and the failure to adopt clear regulations surrounding campaigns, can result in hundreds of millions of dollars of spending to influence campaigns that masked the identity of huge donors. In response to these realities, the Federal Communications Commission is considering requiring robust disclosure by TV stations of the major donors of political ads; the Securities and Exchange Commission is considering requiring public corporations to disclose to stockholders their spending on politics, and the White House has drafted an executive order to require companies applying for federal contracts to disclose their spending on political campaigns. . . .

Last month, Mitch McConnell [said] he views disclosure as “a cynical effort to muzzle critics of this administration and its allies in Congress.” . . . The Wall Street Journal’s full-throated support for transparency has disappeared as well; it blasted the FCC recently for considering requiring TV stations to put donors of campaign spots on the Internet . . .

John Yoo has also joined the debate, arguing that presidential power stops just short of the prerogative to require federal contractors to disclose their political donations.

2) Conflict Mineral and Extractive Industry Disclosures: One of the surprising victories for decency in the Dodd-Frank Act last year was a provision requiring certain disclosures from mining and resource extraction companies, and companies using “conflict minerals” from in or around the Congo. If you’re a consumer with preferences for certain industrial processes (say, those that don’t create incentives for rape, murder, and starvation), you want to be able to see which companies are fueling conflict and corruption and which are not. But intense corporate pressure is now delaying the rulemaking process needed to implement the disclosure provisions. According to Gerry Fay, “it is estimated that going ‘conflict free’ would cost companies just one penny per product.” But apparently that is too high a price to end corporate complicity in one of Africa’s bloodiest wars.
Read the rest of this post »

  May 15, 2011 at 3:32 pm   Posted in: Constitutional Law, Corporate Law, Corruption, Government Secrecy, Law and Inequality, Politics, Privacy, Privacy (National Security), Technology   Print This Post   15 Comments

Black Box Government: The Whole Picture

posted by Danielle Citron

The media often assesses governmental transparency issue by issue.  The Obama Administration gets an annual rating for its performance on FOIA compliance.  It receives press for its invocation on the state secrets privilege.  And so on.  But it may be worth taking stock of the total picture.  From the state secrets privilege to the proposed SHIELD Act and FOIA, the Obama Administration seems in pursuit of black box government much like its predecessor.  On reflection, the Administration’s call for a more transparent government in January 2009 seems a mismatch with its actions.  In this way, theory and practice don’t coincide.

The Administration has not backed away from its predecessor’s aggressive use of the state secrets privilege.  According to Steven Aftergood, “there is a great deal of continuity between the Bush and Obama administrations . . . . there is no case where the Obama administration has rescinded a claim of state secrets privilege that was advanced by the Bush [administration].”  The U.S. government has recently invoked the state secrets privilege in instances that appear designed to hide government screw ups rather than to protect national security.  For instance, the government hopes to block evidence in a case against a contractor who duped the government into spending millions on allegedly fake counterterrorism technology.  It has invoked the privilege to block a personal injury lawsuit by a CIA employee who alleged that environmental contamination in his home made his family sick. In a case inherited from the Bush administration, Obama’s Justice Department has continued to argue that classified records of eavesdropping on an Islamic charity were state secrets.  Two wiretapped lawyers were awarded $20,400 each, a ruling that last week the Obama administration indicated it would appeal.  ACLU Executive Director Anthony Romero laments that although the President promised to reform abuses of the state secrets privilege as a candidate, he has reneged on that promise as the President.

The Obama Administration has devoted significant energy to punishing whistle blowers.  As Politico reporter Josh Gerstein explains, the Administration is “pursuing an unexpectedly aggressive legal offensive against federal workers who leak secret information to expose wrongdoing, highlight national security threats or pursue a personal agenda.”  Since President Barack Obama took office, prosecutors have filed criminal charges in five cases involving unauthorized distribution of classified national security information to the media and is now considering prosecuting WikiLeaks founder Julian Assange.  The U.S. government, by contrast, only brought three such cases in the preceding 40 years.  Moreover, in response to the Wikileaks disclosures, the Administration has gotten behind the proposed SHIELD Act, which would amend Section 798 of the Espionage Act of 1917.  The amendment would expand the kinds of information covered by the Espionage Act and enables the U.S. government to prosecute private citizens who have not worked for the government or signed a security agreement.

In a recent post, I underscored that FOIA compliance continues to disappoint.  The National Security Archive recently issued its report “Glass Half Full: 2011 Knight Open Government Survey Finds Freedom of Information Change But Many Agencies Lag in Following Obama’s Openness Order.”Although the group found some progress (49 agencies took concrete action in light of the March 2010 White House memorandum instructing agencies to update all FOIA material and assess whether their FOIA resources were adequate), its results were decidedly mixed.  Only 24 agencies actually updated their FOIA training materials, only 13 agencies followed its mandate, and 41 of the agencies remained inert. Of those 41 agencies, 17 could not provide concrete records showing that they had followed the memo’s instructions; two agencies withheld documents by incorrectly citing FOIA exemptions; 17 agencies were still working on the request after more than 100 business days (in violation of FOIA); and four agencies never acknowledged the team’s requests despite numerous calls and faxes. Ancient requests, as old as 18 years, “still languish in the system.” As the team reports, twelve agencies have outstanding FOIA requests older than six years.” Eric Newton, an advisor to the Knight Foundation, remarked that “at this rate, the President’s first term in office may be over by the time federal agencies do what he asked them to do on his first day in office.”  At a hearing before the House Committee on Oversight and Government Reform, FOIA expert Daniel Metcalfe expressed his disappointment by the “surprising slowness and incompleteness of the Obama Administration’s new FOIA policy implementation.” Metcalfe lamented the administration’s “do as I say, not as I do mentality,” as evinced by the performance of its lead agency, the Department of Justice, whose FOIA backlog is worse than it was a year ago.

Viewed together with my co-blogger Frank Pasquale’s insights on fusion centers (see our forthcoming article) and his important forthcoming book on The Black Box Society, the Obama Administration, issue for issue, seems to support black box government, not a transparent one.

  May 11, 2011 at 1:02 pm   Posted in: Administrative Law, Government Secrecy   Print This Post   No Comments

Nothing to Hide: The False Tradeoff Between Privacy and Security

posted by Daniel Solove

I’m pleased to announce the publication of my new book, NOTHING TO HIDE: THE FALSE TRADEOFF BETWEEN PRIVACY AND SECURITY (Yale University Press, May 2011).  Here’s the book jacket description:

“If you’ve got nothing to hide,” many people say, “you shouldn’t worry about government surveillance.” Others argue that we must sacrifice privacy for security. But as Daniel J. Solove argues in this important book, these arguments and many others are flawed. They are based on mistaken views about what it means to protect privacy and the costs and benefits of doing so. The debate between privacy and security has been framed incorrectly as a zero-sum game in which we are forced to choose between one value and the other. Why can’t we have both?

In this concise and accessible book, Solove exposes the fallacies of many pro-security arguments that have skewed law and policy to favor security at the expense of privacy. Protecting privacy isn’t fatal to security measures; it merely involves adequate oversight and regulation. Solove traces the history of the privacy-security debate from the Revolution to the present day. He explains how the law protects privacy and examines concerns with new technologies. He then points out the failings of our current system and offers specific remedies. Nothing to Hide makes a powerful and compelling case for reaching a better balance between privacy and security and reveals why doing so is essential to protect our freedom and democracy.

This book grows out of an essay I wrote a few years ago about the Nothing-to-Hide Argument.   The essay’s popularity surprised me and made me realize that there is a hunger out there for discussions about the arguments made in the debate between privacy and security.

The primary focus of NOTHING TO HIDE is on critiquing common pro-security arguments.  I’ve given them nifty names such as the “Luddite Argument,”the “War-Powers Argument,” the “All-or-Nothing Argument,” the “Suspicionless-Searches Argument,” the “Deference Argument,” and the “Pendulum Argument,” among others.  I also discuss concrete issues of law and technology, such as the Fourth Amendment Third Party Doctrine, the First Amendment, electronic surveillance statutes, the USA-Patriot Act, the NSA surveillance program, and government data mining.

  May 3, 2011 at 12:50 pm   Posted in: Articles and Books, Book Reviews, Criminal Procedure, Government Secrecy, Privacy, Privacy (Electronic Surveillance), Privacy (Law Enforcement), Privacy (National Security), Technology   Print This Post   One Comment

YLJ Online Symposium: A Republic of Statutes

posted by Yale Law Journal

  March 31, 2011 at 1:25 pm   Posted in: Conferences, Government Secrecy, Health Law, Immigration, Law Rev (Yale)   Print This Post   No Comments

The Aftermath of Wikileaks

posted by Danielle Citron

The U.K.’s freedom of information commissioner, Christopher Graham, recently told The Guardian that the WikiLeaks disclosures irreversibly altered the relationship between the state and public.  As Graham sees it, the WikiLeaks incident makes clear that governments need to be more open and proactive, “publishing more stuff, because quite a lot of this is only exciting because we didn’t know it. . . WikiLeaks is part of the phenomenon of the online, empowered citizen . . . these are facts that aren’t going away.  Government and authorities need to wise up to that.”  If U.K. officials take Graham seriously (and I have no idea if they will), the public may see more of government.  Whether that more in fact provides insights to empower citizens or simply gives the appearance of transparency is up for grabs.

In the U.S., few officials have called for more transparency after the release of the embassy cables.  Instead, government officials have successfully pressured internet intermediaries to drop their support of WikiLeaks.  According to Wired, Senator Joe Lieberman, for instance, was instrumental in persuading Amazon.com to kick WikiLeaks off its web hosting service.  Senator Lieberman has suggested that Amazon, as well as Visa and and PayPal, came to their own decisions about WikiLeaks. Lieberman noted:

“While corporate entities make decisions based on their obligations to their shareholders, sometimes full consideration of those obligations requires them to act as responsible citizens.  We offer our admiration and support to those companies exhibiting courage and patriotism as they face down intimidation from hackers sympathetic to WikiLeaks’ philosophy of irresponsible information dumps for the sake of damaging global relationships.”

Unlike the purely voluntary decisions that Internet intermediaries make with regard to cyber hate, see here, Amazon’s response raises serious concerns about what Seth Kreimer has called “censorship by proxy.”  Kreimer’s work (as well as Derek Bambauer‘s terrific Cybersieves) explores American government’s pressure on intermediaries to “monitor or interdict otherwise unreachable Internet communications” to aid the “War on Terror.”

Legislators have also sought to ensure opacity of certain governmental information with new regulations.  Proposed legislation (spearheaded by Senator Lieberman) would make it a federal crime for anyone to publish the name of U.S. intelligence source.  The Securing Human Intelligence and Enforcing Lawful Dissemination (SHIELD) Act would amend a section of the Espionage Act that forbids the publication of classified information on U.S. cryptographic secrets or overseas communications intelligence.  The SHIELD Act would extend that prohibition to information on human intelligence, criminalizing the publication of information “concerning the identity of a classified source or information of an element of the intelligence community of the United States” or “concerning the human intelligence activities of the United States or any foreign government” if such publication is prejudicial to U.S. interests.

Another issue on the horizon may be the immunity afforded providers or users of interactive computer services who publish content created by others under section 230 of the Communications Decency Act.  An aside: section 230 is not inconsistent with the proposed SHIELD Act as it excludes federal criminal claims from its protections.  (This would not mean that website operators like Julian Assange would be strictly liable for others’ criminal acts on its services; the question would be whether a website operator’s actions violated the SHIELD Act).   Now for my main point: Senator Lieberman has expressed an interest in broadening the exemptions to section 230′s immunity to require the removal of certain content, such as videos featuring Islamic extremists.  Given his interest and the current concerns about security risks related to online disclosures, Senator Lieberman may find this an auspicious time to revisit section 230′s broad immunity.

  January 7, 2011 at 1:25 pm   Posted in: Anonymity, Architecture, Current Events, Cyberlaw, First Amendment, Google & Search Engines, Government Secrecy, Privacy (Electronic Surveillance), Privacy (National Security), Technology   Print This Post   2 Comments

Can Suspicious Activity Reports Trigger Health Data Gathering?

posted by Frank Pasquale

In an article entitled “Monitoring America,” Dana Priest and William Arkin describe an extraordinary pattern of governmental surveillance. To be sure, in the wake of the attacks of 9/11, there are important reasons to increase the government’s ability to understand threats to order. However, the persistence, replicability, and searchability of the databases now being compiled for intelligence purposes raise very difficult questions about the use and abuse of profiles, particularly in cases where health data informs the classification of individuals as threats.
Read the rest of this post »

  December 22, 2010 at 7:48 pm   Posted in: Criminal Procedure, Cyberlaw, Google & Search Engines, Government Secrecy, Health Law, Privacy, Privacy (Electronic Surveillance), Privacy (Medical), Social Network Websites, Technology, Uncategorized   Print This Post   No Comments

19 Points on Wikileaks

posted by Frank Pasquale

Don’t worry, it’s not another prolix post from me, just commentary on Jack Goldsmith’s Seven Thoughts on Wikileaks and Lovink & Riemens’s Twelve theses on WikiLeaks. (And here’s an FAQ for those confused by the whole controversy.)

Goldsmith, who takes cybersecurity very seriously, nevertheless finds himself “agreeing with those who think Assange is being unduly vilified.” He believes that “it is not obvious what law he has violated,” and Geoff Stone today said that many Lieberman-inspired efforts to expand the Espionage Act to include Assange’s conduct would be unconstitutional. Goldsmith asks:

What if there were no wikileaks and Manning had simply given the Lady Gaga CD to the Times? Presumably the Times would eventually have published most of the same information, with a few redactions, for all the world to see. Would our reaction to that have been more subdued than our reaction now to Assange? If so, why?

Lovink & Riemens provide something of an answer:
Read the rest of this post »

  December 11, 2010 at 9:39 pm   Posted in: Anonymity, Current Events, Cyber Civil Rights, First Amendment, Google & Search Engines, Government Secrecy, Privacy, Privacy (Electronic Surveillance), Privacy (National Security), Science Fiction, Wiki   Print This Post   2 Comments

Surveillance State Accelerates: Fusion Centers and Beyond

posted by Frank Pasquale

My co-blogger Danielle Keats Citron and I have recently posted our draft article on “fusion centers” (forthcoming in the Hastings Law Journal). As we state in the abstract:

A new domestic intelligence network has made vast amounts of data available to federal and state agencies and law enforcement officials. The network is anchored by “fusion centers,” novel sites of intergovernmental collaboration that generate and share intelligence and information. Several fusion centers have generated controversy for engaging in extraordinary measures that place citizens on watch lists, invade citizens’ privacy, and chill free expression. In addition to eroding civil liberties, fusion center overreach has resulted in wasted resources without concomitant gains in security.

We began our work by holding (along with Priscilla Regan of GMU) a roundtable on fusion centers in April, 2009. Citron convened a panel on fusion centers at AALS in New Orleans. Since then, we’ve repeatedly found ourselves astonished by the pace of advances in domestic intelligence operations. In roughly reverse chronological order:

1) The Obama administration is now pushing for “Congress to require all services that enable communications — including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct “peer to peer” messaging like Skype — to be technically capable of complying if served with a wiretap order.” The insistence on a “backdoor” here recalls the UAE/Saudi ban on Blackberrys—not exactly regimes the US should be emulating. Julian Sanchez and the ACLU provide more background.
Read the rest of this post »

  September 28, 2010 at 1:15 pm   Posted in: Anonymity, Government Secrecy, Military Law, Privacy, Privacy (Electronic Surveillance), Privacy (Law Enforcement), Privacy (National Security), Technology   Print This Post   No Comments

Cato Debate on Surveillance

posted by Frank Pasquale

Today brings news that the “Electronic Privacy Information Center [has] filed a request under the Freedom of Information Act for documents related to any agreement between Google and the NSA” on cybersecurity and related matters. The controversy over the request reminds me of an excellent recent debate on the digital surveillance state at Cato Unbound. Glenn Greenwald leads off by documenting an array of intrusive surveillance practices:

[T]he Bush administration . . . ordered the National Security Agency to eavesdrop on American citizens without the warrants required by law and without any external oversight at all. Despite the fact that the 30-year-old FISA law made every such act of warrantless eavesdropping a felony, “punishable by a fine of not more than $10,000 or imprisonment for not more than five years, or both,” and despite the fact that all three federal judges who ruled on the program’s legality concluded that it was illegal, there was no accountability of any kind. . . .

[Medical] “files” are maintained through a 2005 law which, the Government claims, authorizes it to monitor and record all prescription drug use by all citizens via so-called “Prescription Drug Monitoring Programs.” And there is a slew of other under-discussed surveillance programs whereby the U.S. government stores vast data on our private activities: everything from every domestic telephone call we make to “risk assessment” records based on our travel activities. A bipartisan group of Senators is currently promoting mandated “biometric ID cards” for every American as a purported solution to illegal immigration.

Paul Rosenzweig responds that there are several programs internal to federal agencies designed to protect privacy, including DHS’s “statutorily required Privacy Officer” and “Officer for Civil Rights and Civil Liberties.” Julian Sanchez insists that, regardless of these formal protections, the overall architecture of communications and data storage has enabled a quantum leap in surveillance:
Read the rest of this post »

  September 14, 2010 at 8:33 am   Posted in: Anonymity, Google & Search Engines, Government Secrecy, Privacy, Privacy (Electronic Surveillance), Privacy (Law Enforcement), Privacy (National Security), Technology, Uncategorized   Print This Post   No Comments

Rethinking Net Neutrality after the Verizon/Google Framework

posted by Frank Pasquale

There has been a lot of insightful commentary on the new Verizon/Google framework proposal; Marvin Ammori’s post is a good place to start. Here are my “two cents” on the larger implications of this move from business cooperation to lobbying alliance.

1) The companies’ CEOs have stated that, in their view, “A provider that offers a broadband Internet access service complying with [basic net neutrality] principles” should be able to “offer any other additional or differentiated services” free of net neutrality regulation. The key question here is the quality and cost of the “broadband Internet access service complying with [net neutrality] principles,” as compared with the “additional services” that can be offered without net neutrality. In the best case scenario, most people use the compliant service for most traffic, and run “additional services” on top of it in order to access special content/apps. Unfortunately, I think it’s far more likely that the net-neutrality-compliant service will gradually decline in quality, so that it’s vestigial (like public broadcasting) or a poor program for poor people (ala Medicaid).
Read the rest of this post »

  August 10, 2010 at 11:21 am   Posted in: Cyberlaw, First Amendment, Google & Search Engines, Government Secrecy, Intellectual Property, Privacy, Privacy (Electronic Surveillance), Technology   Print This Post   No Comments

The Decline of Media Studies (and Privacy) in a Search Engine Society

posted by Frank Pasquale

I often hear statements like “I’m the top Google result for my name!” or “Kiwi is the top search result for shoe polish!” Truth is, there’s no such thing. You can know the top results that you see, and you can survey what others see, but only the search engine knows what everybody is seeing in response to a query. Evgeny Morozov worries about this trend:

There is a danger that we will become even less well-informed, as the web becomes both more personalised and more social. Concerns that the internet traps users in unchallenging information ghettos are not new, stretching back to 2001 and the US legal scholar Cass Sunstein’s book Republic.com. Sunstein argues that, when compared to older media, the internet allows users to seek out opinions and news with which they already agree, creating online news ghettos in which the views of right and left rarely mix.

What is surprising, however, is that today’s technology companies seem to use that book as a to-do-list. Google, for example, has been pushing to provide personalised search results to its users, meaning that two people searching for the same term may now get different results, altered according to what they have clicked on before. In December 2009, Google tweaked its rules in such a way that even users who are not signed into Google—thus denying the search giant access to their previous search history—will see their results personalised too. Facebook is not far behind.

Admittedly, these developments are helpful to individuals—how could anyone use Facebook without hiding Farmville? But they counsel extreme epistemological modesty for anyone who would write about the effects of search engines on the public sphere. Alex Halavais notes in his book Search Engine Society that, “[i]n the process of ranking results, search engines effectively create winners and losers on the web as a whole.” But we have little idea who exactly those winners and losers are at the level of granularity that search engines can operate at.
Read the rest of this post »

  July 10, 2010 at 7:11 pm   Posted in: Anonymity, Google & Search Engines, Government Secrecy, Privacy (National Security), Social Network Websites, Technology   Print This Post   3 Comments

Go FOIA yourself…you might be surprised

posted by Tuan Samahon

I have a love/hate relationship with FOIA. I need it and can’t live without it. For those who do original primary research, it’s an essential tool. But it is also painfully slow, hit or miss, unpredictable, and frustrating.

It also turns out that FOIA research may make you the subject of FBI scrutiny. The FBI approaches disclosure of information (predictably) like a security agency.

Author and attorney Alexander Charns wrote a very interesting book entitled Cloak and Gavel (1992), which concerned the history of the Supreme Court and its interactions with the FBI. Pursuant to one of his FOIA requests seeking historical records about Hoover abuses of power, the FBI inadvertently released to him an internal FBI memorandum that described him, his research, and the type of information he was provided.  Apparently, such memoranda on FOIA requesters are not uncommon. They are called “high visibility memoranda” and are created by the FBI FOIA section to “anticipate and minimize negative publicity resulting from FOIA releases.” A former student who recently worked with FOIA shared that she too was aware of similar memoranda maintained by the government. Apparently this practice continues.

Laying aside any question about the FBI’s authority to prepare such memoranda (perhaps based on Google research or other Internet-based information), does the FBI appreciate how the maintenance of memoranda about FOIA requesters plays with the public? I won’t hold out great hopes for more information transparency from the Obama administration, but perhaps it could at least get the FBI to lay off on the domestic FOIA surveillance?

Update (3-29-2010): This article just ran today in the Boston Globe’s online edition on the subject of the FBI, the release of documents held in the FBI’s “Special File Room,” and their availability through a volunteer group called governmentattic.org. H/T Michael Ravnitzky

  March 25, 2010 at 2:35 pm   Posted in: Administrative Law, Government Secrecy, Law School (Scholarship), Privacy   Print This Post   2 Comments

What Do We Gain From Transparency? Or Metrics for Open Government

posted by Deven Desai

The folks at CITP and many others are quite excited about open government. One specific project, RECAP, looks to open access to court cases. The briefs and opinions of federal courts would be available to the public. Although I tend to laud this effort, I have also started to press on exactly why such access is a good thing. The standard techno-libertarian more information is a good thing model is most unsatisfying and does not provide enough guidance for my taste. I tend to agree that increased access to knowledge can have beneficial effects and that openness is a solid guiding star in many areas of policy. Still, once one gets into a specific context, I fear that the general assertions fall short. The recent open government conference that CITP hosted at Princeton lead me to try and state why access to court documents is desired. Here are the three goals that I think capture the reasons to support the idea.

1. Insofar as ignorance of the law is no defense, one needs access to the the law as rules. Providing the public with free access to court documents, especially opinions, allows the public to have the potential to investigate, understand, use, and challenge the law as it may see fit.

2. Another area that I believe few, if any, have offered, is that in addition to knowing the law, one needs to know how to use it. In other words, one needs to know how the law works. As law students and young associates quickly discover, the format and style in which one presents a legal argument matters. Providing access to briefs fulfills an instructional role. Lawyers do not re-invent wheels. They borrow briefs and exemplars from colleagues and now can even get briefs for some cases off of Westlaw. As a general matter, improving writing entails reading good writing. In addition, pro se and really anyone appearing before a court, can benefit from seeing how others argued a point. In addition, details such as how to organize a brief, state jurisdiction, and matter. My guess is that the more a brief looks professional, the more credence it is given. Thus, a second reason to open access to court documents is to provide the public with the tools it needs understand how the courts work and to use the law.

3. Open access to court documents also permits the public to take on a watchdog function. When anyone uses the system, as they are allowed to do, to bring several suits (e.g., file sharing suits), or use the system to push around smaller competitors, or use the system to pester large corporations with frivolous or greenmail suits, or any other practice that may be suspect, open access to court documents would enable the public to police the system. More obviously, such access would reduce the potential for corruption in the courts as well.

There are, of course, potential downsides to opening access to court documents. Privacy problems loom large. The practical obscurity that perhaps balanced the watchdog aspect with privacy problems would diminish if not vanish. Thus, I offer the above metrics in part to argue that one might be able to achieve the goals without sacrificing privacy. In short, completely full access to court documents that starts to harm privacy does not seem necessary to achieve the goals set forth above. Yet, it seems that if we have a system that hampers the public’s ability to engage with the court system on these three levels, we seem to have an impoverished idea of what access to the court means and the power it could have.

  March 17, 2010 at 1:31 pm   Posted in: Government Secrecy, Privacy   Print This Post   One Comment

The SeaWorld Killer Whale Death Video and the Right to Privacy

posted by Daniel Solove

Jessica Bennett at Newsweek brought my attention to a story about the family of the killer whale trainer (Dawn Brancheau) who was killed while training the whale at SeaWorld:

Brancheau’s family announced this week that they would seek an injunction to protect the release of the death imagery, captured by SeaWorld’s surveillance cameras on Feb. 24. And though the video has not yet been publicly released, it’s presently in the hands of the Florida Orange County Sheriff’s Office, which is investigating the woman’s death.

According to FoxNews:

The Orange County Sheriff’s Office, who now has the video, has received several calls from sources trying to obtain copies of the video, the Orlando Sentinel reported.Once the Orange County Sheriff’s Office concludes its investigation, the material would become public under Florida law. . . .

Brancheau’s family said through a spokesman that public airing of the killing would only worsen their grief.They could seek a court injunction to stop the release, at least temporarily. The family has been consulting the lawyer who represented Dale Earnhardt’s widow in a court fight over his autopsy photos.

I believe that the Brancheau family has a good case.  They want to prevent the sad events that happened to the family of Nikki Catsouras, whose gruesome accident death photos started appearing all over the Internet.  In that case, the court held that the family could bring common law privacy claims against the police department for improperly leaking the photographs.

In this instance, the video might be required to be disclosed by public records law, so tort privacy claims would likely not be available against the government if they conflicted with state disclosure obligations or against others who disseminated the video post-disclosure (due to First Amendment protection).

Thus, the family’s redress could come in two possible forms: (1) a provision of the public record law that would not allow for the disclosure of the video; or (2) a constitutional right to information privacy challenge.

Read the rest of this post »

  March 10, 2010 at 6:46 am   Posted in: First Amendment, Government Secrecy, Privacy, Privacy (Gossip & Shaming)   Print This Post   6 Comments

Open Government Update: GPO and CITP’s FedThread Project

posted by Deven Desai

The Federal Register has moved to an XML format. That has allowed Princeton’s Center For Information Technology Policy to be on the move once more. The new project is called FedThread. As the site puts it now that the Federal Register is in XML, “citizens [can] create new services that in turn provide value back to government. Kudos to the Government Printing Office, National Archives and Records Administration, and Office of Science and Technology Policy for making this all possible.”

What does this mean for the public? Through FedThread people can more easily track issues regarding “rules, proposed rules, and notices of Federal agencies and organizations, as well as executive orders and other presidential documents” as they are posted to the Federal Register website (weekdays except for government holidays). So today’s documents include material about the Delaware River Basin Commission, Department of Education, Federal Communication Commission, Department of Health and Human Services, and the National Science Foundation proceedings. Actions regarding postesecondary education, rulemaking at the FCC, and pandemic influenza vaccines are apparently on the table. Go to this link for today’s full list.

In other words, rejoice, wonk and non-wonk, for you may can now see what your government is doing. In fact FedThread offers some rather great features including:

* collaborative annotation: Attach a note to any paragraph of the Federal Register; start a conversation.
* advanced search: Search the Federal Register (back to 2000) on full text, by date, agency, and other fields.
* customized feeds: Turn any search into an RSS or email feed, which will send you any new items that match the search query.

As I understand it, one can set up a search and receive updates about the topic. Policy makers, academics, and engaged citizens should take advantage of these features. It should allow one to see how the law is evolving and take action much more quickly than before.

One point for those who may confuse making a note with a comment. FedThread is not affiliated with the U.S. government. Notes appear on the FedThread site but are not part of the Federal Register. Formal comments must follow the proper procedures related to commenting on whatever particular topic upon which one wishes to comment. In addition, the notes are just that, notes of those who wnat to share their views about a topic. It should open debate and discussion, but as with many areas of the Web, one will have to sort between useful and irrelevant notes.

I am sure I will learn more from my colleagues here at CITP as the project moves forward. For now, I hope people enjoy the offering.

For those interested in “some of the driving principles behind the project,” this paper Government Data and the Invisible Hand is a good place to start. Last, I want to call out the people involved in building this project. Joe Calandrino, Ari Feldman, Harlan Yu, and Bill Zeller developed it. Calvin Lee at Princeton’s Student Design Agency handled the graphic design. Prof. Ed Felten and Stephen Schultze led the project. You can contact FedThread at info@fedthread.org.

  October 5, 2009 at 7:44 am  Tags: Federal Register, FedThread, government 2.0, open government  Posted in: Government Secrecy, Technology, Web 2.0   Print This Post   No Comments

The Public and Private Goods Produced By Litigation

posted by Dave Hoffman

Eugene Volokh (among many others) recently posted the opinions in Klein v. Amtrak, the now famous EDPA unpublication case involving a settlement that led to the vacating of eight defense-unfriendly district court opinions.  Although commentators across the web seemed surprised, in my experience the practice of asking a judge to vacate an opinion that produced a settlement is fairly common – this particular instance is only a small variant on the ordinary case.  But Klein provides the opportunity to reflect on some of the unexpected benefits that we get from our ridiculous court system.

The obvious one is that judicial opinions are the public good that the parties prompt society to buy.  The price we would pay for any kind of litigation reform would be fewer public decisions, and thus more uncertainty of the kind that unpublication like Klein promotes. The Third Circuit in particular was known for years for having very thin law  – indeed, the late Chief Judge Eddie Becker of the Circuit famously led a one-man crusade against the dearth of law by writing copious dicta.  The certainty that we get from having opinions strongly suggests that we should resist private attempts to keep the law secret – and should be similarly skeptical of the courts’ unwillingness to free PACER. Here, it appears merely that Judge Stengel asked WL and LEXIS to remove his opinions from his databases.  Thus, like 80% of all substantive orders, they are on the docket, but aren’t available to the general public.

There’s an additional private benefit that accompanies litigation which is less illuminated by Klein: the parties get to communicate with one another.  Given a regulatory regime that prohibits competitor contact, litigation can be the best way for companies to talk to one another (through discovery and signalling about which positions to take).  That litigation-mediated-communication is one reason why some companies might prefer to continue to fight in the public system, rather than in commercial arbitration, where their ability to get discovery may be limited.  Again, this isn’t to say that all lawsuits are worth the time and expense that the public invests in settling them, but it does suggest that litigation reform needs to account for these substantial litigation spillovers.

  August 20, 2009 at 8:50 pm   Posted in: Civil Procedure, Empirical Analysis of Law, Government Secrecy, Sociology of Law   Print This Post   One Comment

• « Older Entries