Category: Privacy

0

NSA Metadata Surveillance and the Fourth Amendment

Phone NSA 01

 

A U.S. District Court recently held that the NSA surveillance of telephone metadata likely violates the Fourth Amendment. The case is Klayman v. Obama.

The NSA surveillance program involves an incredibly broad gathering of metadata about people’s conversations. Metadata doesn’t include the conversations themselves, just data about when and to whom they are made — i.e., not the content of the phone conversations but the phone numbers of the people having the conversations.

The key Fourth Amendment case at issue is Smith v. Maryland, 442 U.S. 745 (1979), which held that a pen register device capturing the phone numbers a person dialed wasn’t protected by the Fourth Amendment partly because the phone company had access to the phone numbers and partly because phone numbers weren’t viewed to be as sensitive as the phone conversations themselves.

The court in Klayman has an interesting view of why Smith v. Maryland is no longer applicable. Essentially, the court argues that the pen register information the government could gather when Smith was decided is much different from the very broad systematic gathering of phone records today.

The Klayman court relies on the U.S. Supreme Court’s fairly recent decision in United States v. Jones, 132 S.Ct. 945 (2012), where five justices in concurrences noted that wide-scale extensive surveillance technologies have different implications than there older more limited counterparts. Jones involved GPS, and the Court there distinguished an earlier case involving a beeper device that tracked a car. In a concurring opinion, Justice Alito wrote that “relatively short-term monitoring of a person’s movements on public streets accords with expectations of privacy that our society has recognized as reasonable. But the use of longer term GPS monitoring in investigations of most offenses impinges on expectations of privacy. For such offenses, society’s expectation has been that law enforcement agents and others would not—and indeed, in the main, simply could not—secretly monitor and catalogue every single movement of an individual’s car for a very long period.”

I find much merit to the Klayman court’s analysis. I have long argued that Smith was wrongly decided, and not too long ago, I wrote here about why there are strong privacy interests in metadata.

Read More

0

Exciting news for the Center on Democracy & Technology: Nuala O’Connor Appointed President and CEO

Brilliant news: CDT’s Board of Directors just announced that Nuala O’Connor has been named President & CEO, effective January 21, 2014. O’Connor will succeed Leslie Harris, who is stepping down after leading CDT for nearly nine years. As the privacy community knows well, Harris provided extraordinary leadership: vision, enthusiasm, and commitment. O’Connor will build on that tradition in spades. She is the perfect leader for CDT.

From CDT’s announcement:

“Nuala drove an ambitious civil liberties agenda as the first Chief Privacy Officer at the Department of Homeland Security in a post 9-11 world. She fought for and implemented policies to protect the human rights of U.S. and global citizens in a climate of overreaching surveillance efforts. The Board is thrilled to have Nuala at the helm as CDT expands on 20 years of Internet policy work advancing civil liberties and human rights across the globe,” said Deirdre Mulligan, CDT Board Chair.

O’Connor is an internationally recognized expert in technology policy, particularly in the areas of privacy and information governance. O’Connor comes to CDT from Amazon.com, where she served both as Vice President of Compliance & Customer Trust and as Associate General Counsel for Privacy & Data Protection. Previously she served as the first Chief Privacy Officer at the U.S. Department of Homeland Security (DHS). At DHS, O’Connor was responsible for groundbreaking policy creation and implementation on the use of personal information in national security and law enforcement.

“I am honored to join the superb team at the Center for Democracy & Technology. CDT is at the forefront of advocating for civil liberties in the digital world,” said O’Connor. “There has never been a more important time in the fight to keep the Internet open, innovative and free. From government surveillance to data-driven algorithms to the Internet of things, challenges abound. I am committed to continuing to grow CDT’s global influence and impact as a voice for the open Internet and for the rights of its users.”

“Nuala is a brilliant choice to lead CDT. She is a passionate advocate for civil liberties, highly expert about the emerging global challenges and fully committed to CDT’s mission. She is a bold leader who will guide CDT into its next chapter. I have had the honor of working with CDT’s talented and thoughtful team for almost nine years. I am confident that they will thrive with Nuala at the helm,” said Leslie Harris.

Beyond her experience at Amazon and DHS, O’Connor has also worked in consumer privacy at General Electric, and as Chief Counsel for Technology at the U.S. Department of Commerce. She also created the privacy compliance department at DoubleClick and practiced law at Sidley Austin, Venable, and Hudson Cook.

O’Connor, who is originally from Belfast, Northern Ireland, holds an A.B. from Princeton University, an M.Ed. from Harvard University, and a J.D. from Georgetown University Law Center. She currently serves on numerous nonprofit boards, and is the recipient of a number of national awards, including the IAPP Vanguard Award, the Executive Women’s Forum’s Woman of Influence award, and was named to the Federal 100, but is most proud of having been named “Geek of the Week” by the Minority Media & Telecom Council in May 2013. She lives in the Washington, D.C. area with her three school-aged children.

2

The NSA’s Santa Surveillance Program

I was able to obtain the latest National Security Agency (NSA) memo leaked by Edward Snowden.  I reprint it in full below.

TOP SECRET AND CLASSIFIED

THE NATIONAL SECURITY AGENCY

SANTA SURVEILLANCE PROGRAM (SSP)

 

Intelligence reports have indicated an alarming amount of chatter between citizens of the United States and a foreign organization with unknown whereabouts somewhere near the North Pole.  The organization is led by an elderly bearded cleric with the alias, “Santa.”

We have probable cause to believe that this “Santa” organization is providing material support to terrorist cells in the United States.  On numerous occasions, “Santa” has reportedly entered the country illegally by flying across the border in a stealth aircraft.  He delivers contraband to various enemy combatants who request weapons and other military vehicles and aircraft.

For example, the intercepted letter below is from an enemy combatant by the name of “Johnny Smith”:

NSA Santa 01

Another letter, written by enemy combatant “Mikey Brown” – an alias for Michael Brown – indicates a desire for a weapon of mass destruction called “the Death Star.”   Mikey is now being questioned at an unidentified secure location.

Santa has an army of followers who call themselves “elves” and who train in Santa’s camp.  We fear that these elves are highly radicalized.

Based upon a recent dramatic increase in chatter between the Santa organization and enemy combatants in the U.S., we will initiate a new surveillance program caked the “Santa Surveillance Program” (SSP).

We will monitor all communications by all people everywhere.  For minimization standards, we will limit our surveillance to human beings only and not include other life forms.

The SSP will be ongoing until “Santa” is terminated by a drone attack.

Cross-posted at LinkedIn

0

With Great Power Comes Great Responsibility

In a sentence, Anupam Chander’s The Electronic Silk Road contains the good, the bad and the ugly of the modern interconnected and globalized world.

How many times do we use terms like “network” and “global”? In Professor Chander’s book you may find not only the meanings, but also the possible legal, economical and ethical implications that these terms may include today.

It’s well known that we are facing a revolution, despite of recent Bill Gates’ words that “The internet is not going to save the world”. I partly agree with Mr. Gates. Probably the internet will not save the world, but for sure it has already changed the world as we know it, making possible the opportunities that are well described in The Electronic Silk Road.

However, I would like to use my spot in this Symposium not to write about the wonders of the Trade 2.0, but to share some concerns that , as a privacy scholar, I have.

The problem is well known and is connected to the risk of the big data companies, that base their business model on consumer-profiling for selling advertisement or additional services to the companies.

“[T]he more the network provider knows about you, the more it can earn” writes Chander, and as noted by V. Mayer-Schönberger and K. Cukier in their recent book Big Data, the risks that could be related with the “dark side” of the big data are not just about the privacy of individuals, but also about the processing of those data, with the “possibility of using big data predictions about people to judge and punish them even before they’ve acted.”.

This is, probably, the good and the bad of big data companies as modern caravans of the electronic silk road: they bring a lot of information, and the information can be used, or better processed, for so many different purposes that we can’t imagine what will happen tomorrow, and not only the risk of a global surveillance is around the corner (on this topic I suggest to read the great post by D. K. Citron and D. Gray Addressing the Harm of Total Surveillance: A Reply to Professor Neil Richards), but also the risk of a dictatorship of data.

This possible circumstance, as Professor Solove write in the book Nothing To Hide “[…] not only frustate the individual by creating a sense of helpness and powerlessness, they also affect social structure by altering the kind of relationships people have with the institutions that make important decisions about their lives.”

Thus, I guess that the privacy and data protection ground could be the real challenge for the electronic silk road.

Professor Chander’s book is full of examples about the misuse of data (see the Paragraph Yahoo! in China), the problem of protection of sensitive data shared across the world (see the Paragraph Boston Brahmins and Bangalore Doctors), the problem about users’ privacy posed by social networks (see Chapter 5 Facebookistan).

But Professor Chander was able also to see the possible benefits of big data analysis (see the Paragraph Predictions and Predilections), for example in healthcare, thus is important to find a way to regulate the unstoppable flowing of data across the world.

In a so complex debate about a right that is subject to different senses and definitions across the world (what is “privacy” or “personal data” is different between USA, Canada, Europe and China for example), I find very interesting the recipe suggested by Anupam Chander.

First of all, we have to embrace some ground principles that are good both for providers and for law and policy makers: 1) do no evil; 2) technology is neutral; 3) the cyberspace need a dematerialized architecture.

Using these principles, it will be easy to follow Professor Chander’s fundamental rule: “harmonization where possible, glocalization where necessary”.

A practical implementation of this rule, as described in Chapter 8, will satisfy the different view of data privacy in a highly liberal regimes and in a highly repressive regime, pushing the glocalization (global services adapt to local rules) against the deregulation in the highly liberal regimes and the “do no evil” principle against the oppression in the highly repressive regime.

This seems reasonable to me, and at the end of my “journey” in Professor Chander’s book, I want to thank him for giving us some fascinating, but above all usable, theories for the forthcoming international cyberlaw.

3

The Life of Pi in the Electronic Silk Road

The Life of Pi presents an epic journey that a boy survives by maximizing spiritual strength in the most adverse circumstances. Called Pi, the boy harnesses curiosity, spirituality, and love to go through his adventurous “international” journeys through religions, cultures, and most notably nature with a stormy ocean.

In his new book The Electronic Silk Road: How the Web Binds the World in Commerce, Anupam Chander also narrates an epic journey that we must embark on in the digital age. Skillfully written with elegant prose, the book explores complex challenges posed by culture, politics, and technology associated with trade in information services.

As a boundless venue hosting trade in services, cyberspace turns out to be the ocean that Pi crossed. According to Anupam, it has enormous barriers blocking the freedom of trading information services in the global context. Culture matters. While some information services are totally fine in western societies, they may be seen as hostile to Islamic beliefs. Politics matters. It has resulted in information suppression in certain authoritarian countries. Technology matters. It facilitates the growth of information services. But it has been used to block trade in information services.

The great firewalls that exist in the electronic silk road best illustrate the difficulty of promoting trade in information services. As mighty as the storm and waves that Pi suffered on the ocean, they are utilized by repressive regimes to monitor, filter, and even shut down the Internet. In 2010 Google withdrew its operations from mainland China. This incident, as I understand from reading Anupam’s book, is a shipwreck as serious as the one that Pi remembers as the darkest day of his life. But it is also a shipwreck similar to the one that Pi regards as a new journey into knowing himself, other beings with him, and the world or nature at large.

On the one hand, Google’s retreat sounded the loudest alarm to the protection of freedom of information in repressive regimes. Nearly 1.3 billion Chinese citizens as well as many other fellow human beings are subject to cyberspace information suppression by authoritarian regimes. As Anupam bluntly reminds us, “[w]hen allied with willing Internet service providers, websites, software providers, and financial intermediaries, a government can gain an omniscience heretofore unknown.” In the digital age, it is the cross-border information services that supply state-of-the-art technologies and abundant financial resources to the authoritarian regimes.

On the other hand, the Google incident calls for immediate and long-term interventions in order to reshape cyberspace as a sphere free of uncivilized surveillance. This journey to information freedom is, indeed, as arduous as the one that Pi experienced across the ocean and continents. Religion, language, imagination, dignity, and even capacity for love all play an important part contributing to Pi’s triumph. The same applies to the journey toward information freedom. After all, people subject to information suppression live with (or without) different religions and speak different languages. Therefore, the capacity for a concerted effort to empower human dignity and love to address information suppression varies significantly across the world. Toward the end of book, Anupam hints that the World Trade Organization, an international institution that governs global trade both in goods and services, might be of little help to resolve this issue. Without any competent international organizations charting the map, the journey to the heaven of information freedom is destined to be a long and tricky adventure.

Reading The Electronic Silk Road together with The Life of Pi prompted me to think about issues that go beyond information suppression existing in repressive regimes. I realized that there are two major issues looming large in the digital age. While we enjoy the unprecedented freedom, convenience, and entertainment that digital technology can bring to us, we must ponder the dark side of digital technology and how the law should tackle it.

First and foremost, we can identify and understand the ways in which the ubiquity of information services can spawn profound problems. The Life of Pi conveys problems of this kind: hostility toward another religion and culture; indifference to other human beings deemed as inferior; and unwillingness to reciprocate others’ good deeds (Richard Parker, the tiger who has a human name, runs into the nearby jungle without a glance back). All these problems remain for Pi, although he has miraculously made it to shore. Online information services have caused similar problems. For example, the websites hosting information services are rife with fraud. Shortly after I posted an advertisement on Craigslist for subleasing my apartment last fall, I received several emails through which the senders attempted to persuade me to deposit money into their bank accounts before they took over the lease. After doing a bit research about online fraud, I could not help asking myself why there are so many people who choose fraud as their jobs.

Thus, digital technology is a double-edged sword. It promotes free flow of information and provides the social glue to bind many people together to wage revolutions against repressive regimes (e.g., the Jasmine Revolution). However, it also wields the power to alienate many people from the social network of direct interactions, leaving them increasingly alone in their spaces of egoism. Today, the majority of people on the subway spend much of their time using their smartphones or tablets. They appear in the tangible public spaces, but they confine themselves to those machines connected with the Internet, enjoying the private fun of checking Facebook or Twitter, playing electronic games, reading news, shopping online, or watching YouTube videos. Digital technology has facilitated widespread use of emails and text messages, further reducing the occasions for face-to-face conversations, greetings, or smiles. Thus, these trends raise the question whether digital technology promotes engagement with others or reinforces the individual quest for solitude. A new book by Sherry Turkle, Alone Together: Why We Expect More from Technology and Less from Each Other, has a comprehensive and nuanced discussion about this tangled issue.

How should the law tackle the double-edged nature of digital technology? Law is critically important in this regard, because it informs people of what they can and cannot do. Anupam teaches us that core to the law regulating trade mediated via cyberspace is the protection of “the right of individuals to share and receive information.” This core right prioritizes the “delivery and consumption” of information “regardless of frontiers” (p.202). His novel proposal that combines globalization together with harmonization of laws serves the full realization of this right.

But can celebration of the individual right to share and receive information offer means by which we can deal with the alienating effect of digital technology? In other words, does the language of rights really increase the consciousness of sharing information as it purports to? To some extent, it does. Anupam proves this with many vivid examples, particularly the Jasmine Revolution in which sharing information about freedom and democracy was the focal point. But as I discussed earlier and others’ works have proven, digital technology has also driven an increasing number of people to withdraw from traditional means of communication and confine themselves to an egoistic world of isolation.

I believe the language of responsibility can play a big part in dealing with this problem. In my recent article entitled Copyright and Responsibility, I point out that law “regulates human affairs through rules that require people to enjoy their freedoms and exercise their rights in responsible ways.” Responsibilities always come together with rights. Without the infusion with responsibilities, rights are meaningless. Persons are not only individuals but also social members of communities, countries, and the whole world. As social members, persons must not single-mindedly pursue only the realization of their individual rights. Rather, they should also constantly ask what responsibilities they should take on and how they can fulfill them in their social membership.

Anupam does mention the importance of responsibility. For example, he urges that Internet service providers follow the “Do No Evil” responsibility, which requires them not to collaborate with repressive regimes that suppress the free flow of information. Indeed, this responsibility is crucial. But should we also ask Internet service providers to take on more responsibilities to encourage people to spend slightly less time using computers, smartphones, or tablets and slightly more time interacting with others in various ways? In this sense, Internet service providers may have a responsibility to cultivate a healthy environment and culture for human interactions. A follow-up question is whether individuals should have the responsibility to spend slightly more time paying attention to others and their communities via computers, smartphones, or tablets.

Both The Life of Pi and The Electronic Silk Road prompt me to think more about the problems in the human world. The Life of Pi teaches me how a person can grow and mature through overcoming tough challenges and even evils. Anupam’s The Electronic Silk Road teaches me how globalized human societies can continue to flourish through overcoming the obstacles caused by national boundaries and the self-centered energy embedded in each human being. Both The Life of Pi and The Electronic Silk Road celebrate the beauty of human spirituality and its power to deter selfishness and even evil.

10

On the NSA and Media Bias: An Extended Analysis

By Albert Wong and Valerie Belair-Gagnon, Information Society Project at Yale Law School

In a recent article in the Columbia Journalism Review, we reported that major US newspapers exhibited a net pro-surveillance bias in their “post-Edward Snowden” coverage of the NSA. Our results ran counter to the general perception that major media outlets lean “traditionally liberal” on social issues. Given our findings, we decided to extend our analysis to see if the same bias was present in “traditionally conservative” and international newspapers.

Using the same methods described in our previous study, we examined total press coverage in the Washington Times, one of the top “traditionally conservative” newspapers in the US. We found that the Washington Times used pro-surveillance terms such as security or counterterrorism 45.5% more frequently than anti-surveillance terms like liberty or rights. This is comparable to USA Today‘s 36% bias and quantitatively greater than The New York Times‘ 14.1% or the Washington Post‘s 11.1%. The Washington Times, a “traditionally conservative” newspaper, had the same, if not stronger, pro-surveillance bias in its coverage as neutral/”traditionally liberal”-leaning newspapers.

In contrast, The Guardian, the major UK newspaper where Glenn Greenwald has reported most of Snowden’s disclosures, did not exhibit such a bias. Unlike any of the US newspapers we examined, The Guardian actually used anti-surveillance terms slightly (3.2%) more frequently than pro-surveillance terms. Despite the UK government’s pro-surveillance position (similar to and perhaps even more uncompromising than that of the US government), the Guardian‘s coverage has remained neutral overall. (Neutral as far as keyword frequency analysis goes, anyway; the use of other methods, such as qualitative analysis of article tone, may also be helpful in building a comprehensive picture.)

Our extended results provide additional context for our earlier report and demonstrate that our analysis is “capturing a meaningful divide.”

On a further note, as several commenters suggested in response to our original report, the US media’s pro-surveillance bias may be a manifestation of a broader “pro-state” bias. This theory may be correct, but it would be difficult to confirm conclusively. On many, even most, issues, the US government does not speak with one voice. Whose position should be taken as the “state” position? The opinion of the President? The Speaker of the House? The Chief Justice? Administration allies in Congress? In the context of the Affordable Care Act, is there no “pro-state” position at all, since the President, the Speaker, and the Chief Justice each have different, largely irreconcilable views?

3

Will We Be Ever Able To Go Off-grid Again? And Other Questions about the Electronic Silk Road

Will we ever be able to go off-grid again? What do we gain and lose if not? These questions came to mind as I was reading Anupam Chander’s Electronic Silk Road. The book is excellent. Indeed, these questions and the rest of this post’s ideas would not have come to mind had he not set out how the Electronic Silk Road operates and might operate. And my questions are perhaps prompted by a good book that addresses much and better still opens the doors to the next questions. Chander makes a strong case for benefits of a modern silk road where trust and trade work together and promote “net-work” which he defines as “information services delivered remotely through electronic communications systems.” This two way world facilitates labor shifted to Asia but also Google and Facebook spanning the globe with their services. His plea for new laws to address this change in trade makes sense. Our world of goods is fading to a world of digital things. Yet I wonder whether this new rule of trade maps to all the wonders we may want.

There may be unintentional irony here. Chapter One epigraph quotes Keynes “What an extraordinary episode in the economic progress of man that age was which came to an end in August, 1914!” Does trade stop war or at least make countries less likely to war against each other? Maybe. To get there Chander points out that, “the characteristics that permit net-work trade might be deployed to create a robust infrastructure for such trade: real-time information transfer, low information and other transactions costs, the ability of individuals around the world to collaborate, and electronic identification.” But the same systems that may promote trade can lead to greater surveillance and repression.

In other words, the recent spying amongst countries may be a good thing. I fear greater coordination amongst countries rather than friction. Chander calls this issue “Stalinization—the imposition of the world’s most repressive rules on cyberspace, in aggregated form.” He acknowledges this point at p. 197. Nonetheless this greater connection and improved grid may be inescapable. The idea that local laws must balance global over-reach does not appear to address what happens when the big boys agree. The electronic silk road thus seems to kill the romance of the silk road.

The Silk Road evokes adventure, the ability to test, change identities, and yet somehow trade worked. Failure on the Silk Road or even mistakes or cheating could be hidden by moving from the Road to some other country. In that sense, a modern system of trade on a global scale seems to defeat the room for play that Julie Cohen has described in Configuring the Networked Self. To where would one go to experiment, reinvent, and rehabilitate? Even with greater freedom to communicate things can go awry. A WTO response may be futile if all agree on bad behavior. Public shaming of corporations may mean little when they are forced to comply. To be clear, I agree with much of what Chander offers and have hope that the mitigation he offers will take it root. At bottom it may be a faith that discourse and debate defeats evil in all forms. Part of me thinks this idea is true. Part wonders whether we have come that far from the days leading up to World War I or II. If not, tighter understanding and trade may do less than both Chander and I hope. Then again Chander may be setting us up for the next step in his ideas. I certainly hope so.

0

Opportunities and Roadblocks Along the Electronic Silk Road

977574_288606077943048_524618202_oLast week, Foreign Affairs posted a note about my book, The Electronic Silk Road, on its Facebook page. In the comments, some clever wag asked, “Didn’t the FBI shut this down a few weeks ago?” In other venues as well, as I have shared portions of my book across the web, individuals across the world have written back, sometimes applauding and at other times challenging my claims. My writing itself has journed across the world–when I adapted part of a chapter as “How Censorship Hurts Chinese Internet Companies” for The Atlantic, the China Daily republished it. The Financial Times published its review of the book in both English and Chinese.

International trade was involved in even these posts. Much of this activity involved websites—from Facebook, to The Atlantic, and the Financial Times, each of them earning revenue in part from cross-border advertising (even the government-owned China Daily is apparently under pressure to increase advertising) . In the second quarter of 2013, for example, Facebook earned the majority of its revenues outside the United States–$995 million out of a total of $1,813 million, or 55 percent of revenues.

But this trade also brought communication—with ideas and critiques circulated around the world.  The old silk roads similarly were passages not only for goods, but knowledge. They helped shape our world, not only materially, but spiritually, just as the mix of commerce and communication on the Electronic Silk Road will reshape the world to come.

Read More

0

Introducing the Electronic Silk Road Online Symposium

Silk Road coverThis week, a great group will be blogging about Professor Anupam Chander’s book, The Electronic Silk Road: How the Web Binds the World Together in Commerce. Professor Chander is a leading scholar on globalization and digitization. He is Director of the California International Law Center and Martin Luther King, Jr. Hall Research Scholar at UC Davis. He has been a visiting professor at Yale Law School, the University of Chicago Law School, Stanford Law School, and Cornell Law School. He is also a dear friend. Nonetheless, it is time for us to do what we hope to do well, and if lucky, our friends do for us. That is, it is time to press Professor Chander about his work as it tries to show us how the new Silk Road operates, what it promises, what is yields, and what it threatens. Work and services are now blending, if not blended. Old rules for trade struggle to adapt to new rules for information. Where will we go from here? Join Professor Chander and our panelists including Paul Berman, Miriam Cherry, Graeme Dinwoodie, Nicklas Lundblad, Frank Pasquale, Pierluigi Perri, Adam Thierer, Haochen Sun, Fred Tung, and of course Danielle Citron and me for the fun this week.