When you walk into the lobby of CIA Headquarters in Langley, Va., there is a wall to the right that honors CIA personnel killed in the line of duty. For every life lost, there is a star. Near the wall, there is a list of names that correspond to some of the stars. The reason I say "some" is because, while the CIA will acknowledge that an operative has died, they frequently do not publicly acknowledge them by name. If the fact that they worked for the CIA becomes known, it could compromise past and ongoing intelligence operations.
I thought of this when I heard about a lawsuit where several undercover police officers are suing their police department and a variety of individuals and other authorities for disclosing their identities.
The officers were members of a "gang strike force" in St Paul, Minn. It was disclosed that a group of the officers was going to a conference on Asian criminal gangs in Hawaii. There was outrage about the cost of the trip and its location at a worldwide travel destination. The names were given to a newspaper as part of a news story for the local community.
The police officers contend that the disclosure put their lives, and the lives of their families, at risk. Yet, as part of the ensuing lawsuit, it was determined that of the six people publicly named, the fact that four of them were part of the Metro Gang Strike Force and the other two were police officers could already be found on the Internet.
One of the officers in question posted his Strike Force participation on Classmates.com. Another received an award for undercover police work, a fact available on the Website of an organization that supports police. Another identity was found in an annual report from a police agency.
There is so much wrong about this case from so many different perspectives.
First of all, any outrage over the location of the conference is misplaced. Asian crime gangs are a growing problem for many cities around the country. They operate very differently than other types of gangs, so it is critical for police officers to obtain knowledge about them. The Pacific Rim is the most logical place to learn about Asian gangs; and to get international participation, the conference has to be centrally located. Hawaii is the best location for the event.
Additionally, if someone undercover wants to attend a convention, it should be far enough out of town that they can't be observed with other police officers. Ironically, though, I would say that the Asian gangs would be smart enough to monitor the conference attendees, so going in the first place puts them at risk.
Clearly, the police department in question endangered the police officers. Even if the information is otherwise available, it would take effort for criminals to put it together. There is no justification for just handing the information out. Much like the Valerie Plame case, where Dick Cheney's staff leaked the identity of a CIA employee, the information being widely publicized can compromise current and past operations, and endanger other people involved in the operations.
But the worst thing about this case is that the information was available on the Internet.
Frankly, anyone who is involved with undercover work, or even has an inkling that they might want to become involved, should not put anything up about police affiliation. That is part of the cost of being undercover.
Likewise, law enforcement organizations and the groups that support them should have a policy of not naming names. Especially with the spread of violent criminal gangs, there is always a potential threat of retribution. Any public information about these people puts them at risk.
During the application process at the CIA, strong potential applicants are warned that even their application is considered secret: They are not to discuss their application to the CIA with anyone.
While a select few people will be applying to intelligence or law enforcement agencies, this case reminds all of us that individuals and organizations should seriously consider what information they make available online in any context.
— Ira Winkler, Former National Security Agency analyst and author of Spies Among Us
Is there a Utility out there that can track and identify every single piece of information oN Websites/Databases,etc attributable to an individual so that it is then possible to wipe it off/Erase them?
Especially in todays Hyper-connected world;Where every 10-15 year old grows up with putting his/her whole life on Facebook/Myspace we need such utilties.Say someone decides to join the CIA/Law enforcement it should be possible to Clear it off the Internet completely-Maybe with Government Help.Any thoughts on this one,Guys?
"..Everybody is losing privacy - why should anybody working undercover think they won't be facing the same risks?..."
This is true, but undercover people or those in secure positions who put that information out there themselves, I think, need to be relieved of their clearance and position, as well as possible inprisionment if they have also put others at risk. Perhaps they need a psych evaluation as well to figure out why in the world they'ed do it to begin with!
Well put Ira! While I was going through the comments for this post, I received an email notification from my hosting provider that underlines a related area of concern: theft. Even if we willingly do not wish to disclose information on the Internet, the fact that information exists electronically on a data storage device - is a risk in itself.
In the case of my hosting provider, a laptop with sensitive information was stolen from an employee's home. Is my privacy at risk? My provider appears to be more concerned about access to the managed servers...
I totally agree that there is blame enough to go around, but I think you have defined the key elements appropriately.
There clearly needs to be respect and integrity for the highly sensitive work of those on undercover; that should have a no-tolerance regarding leaks.
Second, people need to be aware of the high impact of information on the internet and respect the wide exposure that that brings.
It goes to show that in some areas, we are only automating our communications based on limited intelligence (i.e., being aware of the distribution, audience, and potential impact) - that's like having a "private" conversation over a speaker system!
Ira - Clearly "two wrongs don't make a right" but the fact that there were two wrongs highlights the challenge in our technology ladden interconnected world.
The officer was wrong. The police department was wrong. but how do we stop errors like this from happening?
I've lived in the Washington DC are for almost 25 years and only once did I stumble onto a "cover story." I always suspected that person A was lying about what they did. One day I was taking to person B and they mentioned what they did for a living and I said "oh you must know person A" and after a puzzled look and one second too long pause they agreed. But in that second I virtually confirmed that both A and B were lying to me.
Now add technology to the mix - how many more moments like the one above will occur due to information, technology and the Internet. Everybody is losing privacy - why should anybody working undercover think they won't be facing the same risks?
While the officer's actions, posting their work on Classmates.com, might be used to minimize financial compensation, that doesn't change the wrong (I think the legal word is tort) committed by the police department in releasing the information. Apparently there is a law preventing the department from releasing the information in the first place.
Two wrongs dont make a right, or at least negate each other. Financially, it might reduce compensation, but it is still so very wrong. The information given out by the police department was in a much more usable format for the parties that they are trying to keep the identities from.
I think the issue is not that data has multiple purposes, but that people originating the information should exercise descretion as their life might be depending on it.
Just because a graduate school asks for the information, there is no legal obligation to give it to them, or you can just lie. Frankly, it would help with a cover story to give the graduate school wrong information.
Given that unmarked cars are a staple of police departments around the world, there should be a process to protect police operations.
It is not impossible, it just requires some fore thought and a review of operational security procedures. Again, the CIA tells all applicants not to let people know they are in the application process.
This is not a surprise. We all know that once our information is out, somebody else has already pocessed it. I think that the same amount of information could be gathered about most of us. The only thing we can expect is that the information won't be gathered by the bad guy.
Data is not single purpose. This policeman may have thought classmates is just to connect with old friends - but data, once released to the world, can be used in so many ways.
A graduate school once posted the a graduate had taken a job with the CIA. The person told the placement department so they could complete their statistics - but once in the database that data automatically went to the person who handled publishing the list of graduate's new jobs in the alumni newsletter....
A state agency provided my employer with a list of vehicles that were state owned so that could be shared with future potential car buyers. That list included vehicles that were currently being used as unmarked police vehicles.
My employer suspected a company was mining our web site for proprietary information. I confirmed that when I found a resume on Monster.com where the programmer discussed writing code to do exactly what we expected.
Whether we like it or not, data is multi-purpose, which makes keeping secrets in this electronic world a unique and sometimes close to impossible task.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
While I try to think that one should never be happy with the misfortunes of others, it is satisfying to see that Albert Gonzalez was sentenced to 20 years in prison for basically masterminding the compromise of more than 100 million credit cards.
I am surprised a recent news story is not getting more attention. In short, Iran took down 29 Websites the government said were operated by Iranian dissidents, supposedly backed by CIA operations intended to destabilize the country. The government arrested 30 people assumed to be affiliated with those sites.
Given what I do, I felt compelled to watch the CNN special, Cyber Shock, which featured a simulated cyber-attack against the United States. As I watched I wanted two things: a bullet in my head, and the return of Dick Cheney's take-charge governance style.
In his recent Congressional testimony, Dennis Blair, the U.S. director of national intelligence, stated that the U.S. is "severely threatened" by cyber attacks and that the recent Google (Nasdaq: GOOG) attacks should serve as a wake-up call.
I keep telling people that if they do everything right, they will be generally secure. I like to think I do everything right myself to minimize the likelihood of being hit by malware. I avoid going to unusual sites. I don’t click on links in strange emails. When reading normal emails, I verify any embedded links, just in case.
Getting to Work on Smart Work: How IT Is Transforming the Implementation of the 'Internet of Things' Organizations in all industry sectors are becoming more instrumented, interconnected, and intelligent -- and that's changing the way they approach virtually every facet of their operations. It's up to IT to help organizations adopt a "Three I's" approach that leverages the emerging Internet of Things and enables them to work smarter. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
What can users today do to protect their online privacy? The simplest and most obvious option is to not use the Internet – at all. However, once all digital information is consolidated over the Internet, trying to protect digital identity by simply unplugging from the Internet becomes impossible – a fact that has manifest implications for civil liberties, Saunders says.
By 2011 the number of Internet-connected sensors will exceed 1 trillion, making your chances of doing anything or going anywhere unnoticed pretty much zero. Saunders talks about how the 'sensortization' of the Internet is eliminating the traditional divide between online and offline populations.
The 20th Century Internet was characterized by the ability to interact with other people and information on the Internet largely without anyone knowing who you were. The Internet of this century, conversely, will be defined by identity. Saunders explains how Internet users are unwittingly contributing to the demise of the anonymous Internet.
It is 20 years since the invention of the World Wide Web, and the Internet has changed beyond recognition since then. Steve Saunders peers into the future to predict what the Web will look like in another 20 years time – and he doesn’t like what he sees.
McAfee has figured out how to prevent virus problems: Stop your system from running altogether. We could take this logic into taxes, email, and more, or we can start to demand vendors do online updates with a bit more care. The credibility of the whole online service concept is at stake.
Data mining of social networks means people might face unforeseen consequences as a result of their seemingly innocuous personal choices and associations.
In the final episode of this series about the death of Internet anonymity, Saunders describes how the Internet of the future will start to attain a level of intelligence that requires no human intervention. Scary.
Steve Saunders talks about the risks inherent in uncontrolled, widespread profiling of Internet users, and how one day this practice could form the basis of a new industry, the Outernet, which in economic terms will have outgrown the commercial value of the Internet itself.
Search companies and social networks are collecting incredibly detailed information about their users, says Steve Saunders, who predicts that these 'profiles' could one day become commodities to be bought and sold by companies on 'profile markets' or 'identity exchanges’ – the digital DNA equivalents of the financial and commodities exchanges on which stocks, oil, and gold are traded.
One of the most important Internet issues of all time is being ignored by the media. In this three-part video series Steve Saunders explains how search companies are turning the tables on their users by creating user profiles for financial gain, and how soon this trend will explode into full scale profiling.
There's a public-policy war on copyright that nobody is winning, and inconsistencies in viewpoint and interpretation seem to be multiplying. We need to step back and think our policies over again, or we risk having a strategy that fails everyone.
Ultraviolet is an industry-wide attempt to standardize video content delivery across multiple platforms. Apart from the fact that it’s based in the cloud, relies on the DRM system, and isn’t backed by Apple… it sounds great!
The FCC's Sixth Broadband Report has a hidden secret. But here’s a hint: The regulatory body plans to regulate broadband as a telecommunications service.
Once defined by epic journeys, planning, and maps, the phrase "on the road" takes on new meaning in a digital age, where we can make all our decisions using our connected devices en route.
Digg
Del.icio.us
Reddit
Email This
TWEET THIS
