Site Meter

Category: Privacy (Electronic Surveillance)

0

Schneier on the NSA, Google, Facebook Connection But What About Phones?

Bruce Schneier argues that we should not be fooled by Google, Facebook, and other companies that decry the recent NSA data grabs, because the nature of the Internet is surveillance; but what about phone companies? The press has jumped on the Obama administration’s forthcoming plan that

would end its systematic collection of data about Americans’ calling habits. The bulk records would stay in the hands of phone companies, which would not be required to retain the data for any longer than they normally would. And the N.S.A. could obtain specific records only with permission from a judge, using a new kind of court order.

The details are to come, but Schneier’s point about the structure of the system applies to phone companies too, “The biggest Internet companies don’t offer real security because the U.S. government won’t permit it.”

There are few things to parse here. OK there are many things to parse, but a blog post has limits. First, Schneier’s point about Internet companies is different than his one about the government. His point is that yes, many companies have stepped up security to prevent some government spying, but because Gooogle, Microsoft, Facebook, Yahoo, Apple and almost any online company needs access to user data to run their businesses and make money, they all have built “massive security vulnerability” “into [their] services by design.” When a company does that, “by extension, the U.S. government, still has access to your communications.” Second, as Schneier points out, even if a company tried to plug the holes, the government won’t let that happen. Microsoft’s Skype service has built in holes. The government has demanded encryption keys. And so it goes. And so we have a line on the phone problems.

The proposed changes may solve little, because so far the government has been able to use procedure and sheer spying outside procedure to grab data. The key will be what procedures are required and what penalties follow for failing to follow procedure. That said, as I argued regarding data security in January 2013, fixing data security (and by extension phone problems) will require several changes:

A key hurdle is identifying when any government may demand data. Transparent policies and possibly treaties could help better identify and govern under what circumstances a country may demand data from another. Countries might work with local industry to create data security and data breach laws with real teeth as a way to signal that poor data security has consequences. Countries should also provide more room for companies to challenge requests and reveal them so the global market has a better sense of what is being sought, which countries respect data protection laws, and which do not. Such changes would allow companies to compete based not only on their security systems but their willingness to defend customer interests. In return companies and computer scientists will likely have to design systems with an eye toward the ability to respond to government requests when those requests are proper. Such solutions may involve ways to tag data as coming from a citizen of a particular country. Here, issues of privacy and freedom arise, because the more one can tag and trace data, the more one can use it for surveillance. This possibility shows why increased transparency is needed, for at the very least it would allow citizens to object to pacts between governments and companies that tread on individual rights.

And here is the crux of Schneier’s ire: companies that are saying your data is safe, are trying to protect their business, but as he sees it:

A more accurate statement might be, “Your data is safe from governments, except for the ways we don’t know about and the ways we cannot tell you about. And, of course, we still have complete access to it all, and can sell it at will to whomever we want.” That’s a lousy marketing pitch, but as long as the NSA is allowed to operate using secret court orders based on secret interpretations of secret law, it’ll never be any different.

In that sense he thinks companies should lean on the government and openly state security is not available for now. Although he knows no company can say that, the idea that we should all acknowledge the problem and go after the government to change the game is correct.

The point is correct for Internet companies and for phone companies. We should not over-focus on phones and forget the other ways we can be watched.

Industrial Policy for Big Data

If you are childless, shop for clothing online, spend a lot on cable TV, and drive a minivan, data brokers are probably going to assume you’re heavier than average. We know that drug companies may use that data to recruit research subjects.  Marketers could utilize the data to target ads for diet aids, or for types of food that research reveals to be particularly favored by people who are childless, shop for clothing online, spend a lot on cable TV, and drive a minivan.

We may also reasonably assume that the data can be put to darker purposes: for example, to offer credit on worse terms to the obese (stereotype-driven assessment of looks and abilities reigns from Silicon Valley to experimental labs).  And perhaps some day it will be put to higher purposes: for example, identifying “obesity clusters” that might be linked to overexposure to some contaminant

To summarize: let’s roughly rank these biosurveillance goals as: 

1) Curing illness or precursors to illness (identifying the obesity cluster; clinical trial recruitment)

2) Helping match those offering products to those wanting them (food marketing)

3) Promoting the classification and de facto punishment of certain groups (identifying a certain class as worse credit risks)

Read More

6

Protecting the Precursors to Speech and Action

The Constitution cares deeply about the pre-cursors to speech. Calo wondered where my paper, Constitutional Limits on Surveillance: Associational Freedom in the Age of Data Hoarding, parts ways with Solove; it does and it doesn’t. On the one hand, I agree with Dan’s work and build it out. I of course look to the First Amendment as part of understanding what associational freedom is. I also want that understanding to inform criminal procedure. On the other hand, I think that the Fourth Amendment on its own has strong protection for associational freedom. I thus argue that we have missed that aspect of the Fourth Amendment. Furthermore, since Solove and after him Kathy Strandburg, wrote about First Amendment connections to privacy, there has been some great work by Ashutosh Bhagwat, Tabatha Abu El-Haj, John Inazu, on the First Amendment and associational freedom. And Jason Mazzone started some of that work in 2002. I draw on that work to show what associational freedom is. Part of the problem is that when we look to how and why we protect associational freedom, we mistake what it is. That mistake means Fourth Amendment becomes too narrow. We are stuck with protection only for speech acts and associations that speak.

As I put it in the paper:

Our current understanding of associational freedom is thin. We over-focus on speech and miss the importance of the precursors to speech—the ability to share, explore, accept, and reject ideas and then choose whether to speak. Recent work has shown, however, that the Constitution protects many activities that are not speech, for example petition and assembly, because the activities enable self-governance and foster the potential for speech. That work has looked to the First Amendment. I show that these concerns also appear in Fourth Amendment jurisprudence and work to protect us from surveillance regardless of whether the acts are speech or whether they are private.

In that sense I give further support to work by Julie Cohen, Neil Richards, Spiros Simitis, and Solove by explaining that all the details that many have identified as needing protection (e.g., our ability to play; protection from surveillance of what we read and watch) align with core ideals of associational freedom. This approach thus offers a foundation for calls to protect us from law enforcement’s ability to probe our reading, meeting, and gathering habits—our associational freedom—even though those acts are not private or speech, and it explains what the constitutional limits on surveillance in the age of data hoarding must be.

1

It’s About Data Hoards – My New Paper Explains Why Data Escrow Won’t Protect Privacy

A core issue in U.S. v. Jones has noting to do with connecting “trivial” bits of data to see a mosaic; it is about the simple ability to have a perfect map of everywhere we go, with whom we meet, what we read, and more. It is about the ability to look backward and see all that information with little to no oversight and in a way forever. That is why calls to shift the vast information grabs to a third party are useless. The move changes little given the way the government already demands information from private data hoards. Yes, not having immediate access to the information is a start. That might mitigate mischief. But clear procedures are needed before that separation can be meaningful. That is why telecom and tech giants should be wary of “The central pillar of Obama’s plan to overhaul the surveillance programs [which] calls for shifting storage of Americans’ phone data from the government to telecom companies or an independent third party.” It does not solve the problem of data hoards.

As I argue in my new article Constitutional Limits on Surveillance: Associational Freedom in the Age of Data Hoarding:

Put differently, the tremendous power of the state to compel action combined with what the state can do with technology and data creates a moral hazard. It is too easy to harvest, analyze, and hoard data and then step far beyond law enforcement goals into acts that threaten civil liberties. The amount of data available to law enforcement creates a type of honey pot—a trap that lures and tempts government to use data without limits. Once the government has obtained data, it is easy and inexpensive to store and search when compared to storing the same data in an analog format. The data is not deleted or destroyed; it is hoarded. That vat of temptation never goes away. The lack of rules on law enforcement’s use of the data explains why it has an incentive to gather data, keep it, and increase its stores. After government has its data hoard, the barriers to dragnet and general searches—ordinarily unconstitutional—are gone. If someone wishes to dive into the data and see whether embarrassing, or even blackmail worthy, data is available, they can do so at its discretion; and in some cases law enforcement has said they should pursue such tactics. These temptations are precisely why we must rethink how we protect associational freedom in the age of data hoarding. By understanding what associational freedom is, what threatens it, and how we have protected it in the past, we will find that there is a way to protect it now and in the future.

1

Atrocious Privacy Invasion: Non-Consensual Videotaping of Sex Indicted in NY

Criminalizing privacy invasions has a long history. In their ground-break article The Right to Privacy published in 1890, Samuel Warren and Louis Brandeis argued that “[i]t would doubtless be desirable that the privacy of the individual should receive the added protection of the criminal law.” Since that time, lawmakers have banned the non-consensual recording of individuals in a state of undress in contexts where they have reasonable expectation of privacy. New York’s unlawful surveillance law, for instance, prohibits use of an imaging device to secretly record or to broadcast another person undressing or having sex for the purpose of degrading that person in cases where the person had a reasonable expectation of privacy.

In November 2013, a New York former private wealth adviser was indicted for nineteen counts of unlawful surveillance and attempted unlawful surveillance for secretly taping himself having sex with different women without their consent. The illegal tapings allegedly occurred over a year’s time and apparently were many.

The New York Post talked to one of the victim’s attorney, Daniel Parker, who explained that the man posted the illegal videos on Internet sites. According to Parker, the man “used an elaborate system of surveillance using multiple devices in both his bedroom and their homes.” In other words, the man not only had various cameras in his own bedroom to tape himself having sex with women who had no idea and never consented but he also secretly taped himself having sex with the women in their homes. Parker explained that the man “left a trail and it was on YouTube and Vimeo.” What were those hidden devices? The man apparently used a hidden camera, a web cam and a stealth phone app to film the women engaged in various sexual acts. According to Parker, the man installed a hidden camera in the bookshelf of his East 69th Street apartment.

The victims delivered the video footage to the Manhattan District Attorney’s Office prompting the investigation. Kudos to prosecutor Siobahn Carty for bringing the case, though my sense is that it took the victims considerable energy and time to convince law enforcement to take their case seriously and to understand the technology used to perpetrated the egregious privacy violations. Technical ignorance is common amongst law enforcement, well, and common for may people. Troubling cultural attitudes and “I don’t get the tech” response are notorious responses to different forms of harassment, including non-consensual taping of individuals in their most intimate moments. I will report more on the case as I get a hold of the indictment.


 

CoreHarms

What President Obama’s Surveillance Speech Should Have Addressed

In his recent speech on surveillance, President Obama treated the misuse of intelligence gathering as a relic of American history. It was something done in the bad old days of J. Edgar Hoover, and never countenanced by recent administrations. But the accumulation of menacing stories—from fusion centers to “joint terrorism task forces” to a New York “demographics unit” targeting Muslims—is impossible to ignore. The American Civil Liberties Union has now collected instances of police surveillance and obstruction of First Amendment‐protected activity in over half the states. From Alaska (where military intelligence spied on an anti-war group) to Florida (where Quakers and anti-globalization activists were put on watchlists), protesters have been considered threats, rather than citizens exercising core constitutional rights. Political dissent is a routine target for surveillance by the FBI.

Admittedly, I am unaware of the NSA itself engaging in politically driven spying on American citizens. Charles Krauthammer says there has not been a “single case” of abuse.* But the NSA is only one part of the larger story of intelligence gathering in the US, which involves over 1,000 agencies and nearly 2,000 private companies. Moreover, we have little idea of exactly how information and requests flow between agencies. Consider the Orwellian practice of “parallel construction.” Reuters has reported that the NSA gave “tips” to the Special Operations Division (SOD) of the Drug Enforcement Administration, which also shared them with the Internal Revenue Service.
Read More

Surveillance Man 02
0

10 Reasons Why Privacy Matters

Why does privacy matter? Often courts and commentators struggle to articulate why privacy is valuable. They see privacy violations as often slight annoyances. But privacy matters a lot more than that. Here are 10 reasons why privacy matters.

1. Limit on Power

Privacy is a limit on government power, as well as the power of private sector companies. The more someone knows about us, the more power they can have over us. Personal data is used to make very important decisions in our lives. Personal data can be used to affect our reputations; and it can be used to influence our decisions and shape our behavior. It can be used as a tool to exercise control over us. And in the wrong hands, personal data can be used to cause us great harm.

2. Respect for Individuals

Privacy is about respecting individuals. If a person has a reasonable desire to keep something private, it is disrespectful to ignore that person’s wishes without a compelling reason to do so. Of course, the desire for privacy can conflict with important values, so privacy may not always win out in the balance. Sometimes people’s desires for privacy are just brushed aside because of a view that the harm in doing so is trivial. Even if this doesn’t cause major injury, it demonstrates a lack of respect for that person. In a sense it is saying: “I care about my interests, but I don’t care about yours.”

3. Reputation Management

Privacy enables people to manage their reputations. How we are judged by others affects our opportunities, friendships, and overall well-being. Although we can’t have complete control over our reputations, we must have some ability to protect our reputations from being unfairly harmed. Protecting reputation depends on protecting against not only falsehoods but also certain truths. Knowing private details about people’s lives doesn’t necessarily lead to more accurate judgment about people. People judge badly, they judge in haste, they judge out of context, they judge without hearing the whole story, and they judge with hypocrisy. Privacy helps people protect themselves from these troublesome judgments.

Read More

0

NSA Metadata Surveillance and the Fourth Amendment

Phone NSA 01

 

A U.S. District Court recently held that the NSA surveillance of telephone metadata likely violates the Fourth Amendment. The case is Klayman v. Obama.

The NSA surveillance program involves an incredibly broad gathering of metadata about people’s conversations. Metadata doesn’t include the conversations themselves, just data about when and to whom they are made — i.e., not the content of the phone conversations but the phone numbers of the people having the conversations.

The key Fourth Amendment case at issue is Smith v. Maryland, 442 U.S. 745 (1979), which held that a pen register device capturing the phone numbers a person dialed wasn’t protected by the Fourth Amendment partly because the phone company had access to the phone numbers and partly because phone numbers weren’t viewed to be as sensitive as the phone conversations themselves.

The court in Klayman has an interesting view of why Smith v. Maryland is no longer applicable. Essentially, the court argues that the pen register information the government could gather when Smith was decided is much different from the very broad systematic gathering of phone records today.

The Klayman court relies on the U.S. Supreme Court’s fairly recent decision in United States v. Jones, 132 S.Ct. 945 (2012), where five justices in concurrences noted that wide-scale extensive surveillance technologies have different implications than there older more limited counterparts. Jones involved GPS, and the Court there distinguished an earlier case involving a beeper device that tracked a car. In a concurring opinion, Justice Alito wrote that “relatively short-term monitoring of a person’s movements on public streets accords with expectations of privacy that our society has recognized as reasonable. But the use of longer term GPS monitoring in investigations of most offenses impinges on expectations of privacy. For such offenses, society’s expectation has been that law enforcement agents and others would not—and indeed, in the main, simply could not—secretly monitor and catalogue every single movement of an individual’s car for a very long period.”

I find much merit to the Klayman court’s analysis. I have long argued that Smith was wrongly decided, and not too long ago, I wrote here about why there are strong privacy interests in metadata.

Read More

2

The NSA’s Santa Surveillance Program

I was able to obtain the latest National Security Agency (NSA) memo leaked by Edward Snowden.  I reprint it in full below.

TOP SECRET AND CLASSIFIED

THE NATIONAL SECURITY AGENCY

SANTA SURVEILLANCE PROGRAM (SSP)

 

Intelligence reports have indicated an alarming amount of chatter between citizens of the United States and a foreign organization with unknown whereabouts somewhere near the North Pole.  The organization is led by an elderly bearded cleric with the alias, “Santa.”

We have probable cause to believe that this “Santa” organization is providing material support to terrorist cells in the United States.  On numerous occasions, “Santa” has reportedly entered the country illegally by flying across the border in a stealth aircraft.  He delivers contraband to various enemy combatants who request weapons and other military vehicles and aircraft.

For example, the intercepted letter below is from an enemy combatant by the name of “Johnny Smith”:

NSA Santa 01

Another letter, written by enemy combatant “Mikey Brown” – an alias for Michael Brown – indicates a desire for a weapon of mass destruction called “the Death Star.”   Mikey is now being questioned at an unidentified secure location.

Santa has an army of followers who call themselves “elves” and who train in Santa’s camp.  We fear that these elves are highly radicalized.

Based upon a recent dramatic increase in chatter between the Santa organization and enemy combatants in the U.S., we will initiate a new surveillance program caked the “Santa Surveillance Program” (SSP).

We will monitor all communications by all people everywhere.  For minimization standards, we will limit our surveillance to human beings only and not include other life forms.

The SSP will be ongoing until “Santa” is terminated by a drone attack.

Cross-posted at LinkedIn

0

With Great Power Comes Great Responsibility

In a sentence, Anupam Chander’s The Electronic Silk Road contains the good, the bad and the ugly of the modern interconnected and globalized world.

How many times do we use terms like “network” and “global”? In Professor Chander’s book you may find not only the meanings, but also the possible legal, economical and ethical implications that these terms may include today.

It’s well known that we are facing a revolution, despite of recent Bill Gates’ words that “The internet is not going to save the world”. I partly agree with Mr. Gates. Probably the internet will not save the world, but for sure it has already changed the world as we know it, making possible the opportunities that are well described in The Electronic Silk Road.

However, I would like to use my spot in this Symposium not to write about the wonders of the Trade 2.0, but to share some concerns that , as a privacy scholar, I have.

The problem is well known and is connected to the risk of the big data companies, that base their business model on consumer-profiling for selling advertisement or additional services to the companies.

“[T]he more the network provider knows about you, the more it can earn” writes Chander, and as noted by V. Mayer-Schönberger and K. Cukier in their recent book Big Data, the risks that could be related with the “dark side” of the big data are not just about the privacy of individuals, but also about the processing of those data, with the “possibility of using big data predictions about people to judge and punish them even before they’ve acted.”.

This is, probably, the good and the bad of big data companies as modern caravans of the electronic silk road: they bring a lot of information, and the information can be used, or better processed, for so many different purposes that we can’t imagine what will happen tomorrow, and not only the risk of a global surveillance is around the corner (on this topic I suggest to read the great post by D. K. Citron and D. Gray Addressing the Harm of Total Surveillance: A Reply to Professor Neil Richards), but also the risk of a dictatorship of data.

This possible circumstance, as Professor Solove write in the book Nothing To Hide “[…] not only frustate the individual by creating a sense of helpness and powerlessness, they also affect social structure by altering the kind of relationships people have with the institutions that make important decisions about their lives.”

Thus, I guess that the privacy and data protection ground could be the real challenge for the electronic silk road.

Professor Chander’s book is full of examples about the misuse of data (see the Paragraph Yahoo! in China), the problem of protection of sensitive data shared across the world (see the Paragraph Boston Brahmins and Bangalore Doctors), the problem about users’ privacy posed by social networks (see Chapter 5 Facebookistan).

But Professor Chander was able also to see the possible benefits of big data analysis (see the Paragraph Predictions and Predilections), for example in healthcare, thus is important to find a way to regulate the unstoppable flowing of data across the world.

In a so complex debate about a right that is subject to different senses and definitions across the world (what is “privacy” or “personal data” is different between USA, Canada, Europe and China for example), I find very interesting the recipe suggested by Anupam Chander.

First of all, we have to embrace some ground principles that are good both for providers and for law and policy makers: 1) do no evil; 2) technology is neutral; 3) the cyberspace need a dematerialized architecture.

Using these principles, it will be easy to follow Professor Chander’s fundamental rule: “harmonization where possible, glocalization where necessary”.

A practical implementation of this rule, as described in Chapter 8, will satisfy the different view of data privacy in a highly liberal regimes and in a highly repressive regime, pushing the glocalization (global services adapt to local rules) against the deregulation in the highly liberal regimes and the “do no evil” principle against the oppression in the highly repressive regime.

This seems reasonable to me, and at the end of my “journey” in Professor Chander’s book, I want to thank him for giving us some fascinating, but above all usable, theories for the forthcoming international cyberlaw.