Doubtless to the agency's chagrin, details of the FBI's plans for enhanced Internet surveillance are slowly starting to leak out.
It's no big surprise, of course, that such plans are afoot. After all, for every Internet activist who believes that information wants to be free, there's a law enforcement operative who believes that information wants to be collected.
Let's not rush to embrace the conspiracy theory that the FBI wants to monitor your every online move; but it certainly wants to monitor every online move of potential criminals and terrorists, and being able to track everyone, everywhere is always going to make that easier.
The nub of the agency's problem is that, with the increased use of email, not to mention social platforms and services like Skype, its traditional wire-tapping skills are becoming increasingly irrelevant. This has been recognized for some time. In a statement addressed to the House Judiciary Committee's Subcommittee on Crime, Terrorism, and Homeland Security, FBI General Counsel Valerie Caproni explained that:
Some providers are currently obligated by law to have technical solutions in place prior to receiving a court order to intercept electronic communications, but do not maintain those solutions in a manner consistent with their legal mandate. Other providers have no such existing mandate and simply develop capabilities upon receipt of a court order. In our experience, some providers actively work with the government to develop intercept solutions, while others do not have the technical expertise or resources to do so. As a result, on a regular basis, the government is unable to obtain communications and related data, even when authorized by a court to do so. We call this capabilities gap the "Going Dark" problem.
The Feds' response to the "Going Dark" problem has been to create the Domestic Communications Assistance Center (DCAC), a sort of R&D hub to improve electronic surveillance techniques. The Justice Department is allocating $15 million to establishing the DCAC (2012 security budget request here).
While the DCAC has been described, reasonably enough, as "secretive" -- it's a spying operation, after all -- its appearance in government documents means it's hardly secret.
What's arguably more disturbing is the pressure the FBI is bringing on lawmakers to amend the 1994 Communications Assistance for Law Enforcement Act (CALEA) to mandate the creation of "back doors" into social media platforms, email systems, and services like Skype and Google Hangouts. This would meet Caproni's concern that providers are technically incapable of responding to surveillance requirements, even when backed by a court order.
Internet service providers seem reluctant to install such "back doors" on a voluntary basis, although it remains to be seen how forcefully they will oppose legislation to make them compulsory. Will it be possible to stir up a new anti-SOPA/PIPA frenzy?
Would it even be justified? After all, do we want law enforcement agencies to be prevented from conducting legitimate surveillance activities, simply because the technical barriers are too great? Is there anything wrong with the FBI assembling the technology necessary to execute a warrant?
It's a trust issue, of course. And in 2012, there isn't a lot of trust going around.
You make your point very well, Rufus, but it brings me back to the question of whether -- in any circumstances -- you'd agree that a law enforcement authority should be able to execute a properly obtained warrant. Once you agree they should, then questions about how whether warrants are being properly obtained can be aired.
If you don't agree, then I assume you're opposed to all any wire-tapping too.
Kim, the problem with your assumption is that there is a multi-pronged assault on U.S. Citizens going on. The collective impact is frightening.
1. A recent suit by the Electronic Privacy Information Center-- so recent that I didn't know about it when I posted-- compelled the Department of Homeland Security to reveal the list of 353 words or phrases that, if you use them online, will put you on their electronic monitoring list
2. Patterns of activity that the computer considers suspicious get shared. A friend, who runs a security blog, where he writes about malware, hackiers and trojans (I just used three of the forbidden words), explaining how the methods work and what to do, was recently notified by his ISP/host that the FBI had requested his information. If this behavior contiunued, they said, they'd pull his account.
3. Based on that pattern of activity, the FBI can get a warrant to tap. There are judges who don't even question it. Reportedly, they bring lists if people every month (like a landlord does with delinquent tenants that they want evicted). When they do, of course, you aren't notified. You can't contest it.
4. If you are being monitored, you immediately go onto the no-fly list. You lose any chance to get a security clearance, or any job that might require you to do business with the government. If you don't already have a password, you won't get one.
5. If this happens to you, you will not know why. You will not be able to fight it-- the government routinely replies to suits by saying that discussing the details of the case would pose a secrity threat. You're screwed, plainly and simply.
This is how police states works. And a substantial percentage of it is automated. Since no one will ever vote to abolish DHS, people have to be on top of them and fight everything. There should be no assumptions of good faith, because the people who do these things don't make any about you or I.
Rufus, my assumption throughout this discussion has been that the FBI needs a warrant to do this kind of surveillance. The question is whether we think the FBI should be getting this kind of backdoor access to electronic communications with a warrant, not without.
"If we trusted government and law enforcement, that would be a no-brainer: but I have the sense we don't."
Do you?
Of course not. We have documented evidence that we can't. The Associated Press just won both a Pulitzer and a Polk award for documenting the New York Police Department's ongoing surveillance of local Muslims. The stories can be found here, and they document a pattern of spying, infiltration and harassment. Homes, businesses and mosques were targeted.
Dossiers were collected and distributed, with people who had done nothing wrong described as suspects. NYPD even decided to start collecting information in New Jersey.
Some of the information was obtained from the CIA and some allegedly from the FBI (that isn't documented). Of course since the FBI targets anyone whose politics they don't agree with, and that has been shown over and over again going back decades (do I need to drop Martin Luther King's name?), if they have not, it's aonly because they don't like competition.
Notice that when the New Jersey FBI complained, they did not say that this was morally wong, or that it violated anyone's rights. The FBI's complaint was that people weren't coming to the FBI with tips.
That's just two examples. Anyone who does even a halfassed check can find several hundred cases of peop;e who have been abused and harassed because they believe things that America's KGB does not agree with.
Of course there is a security issue. If I'm a terrorist or a crook and I knowfor a fact that there is a backdoor, I'll find it. And I can almost certainly do it in a way that a government bereaucrat (which is what FBI agents are, folks), can't detect.
More that that, there's a legal and a constitutional issue. If the FBI has concerns, let them get a damned warrent. Show cause and present evidence-- not just you think something bad might be happening and WOOO-- 9/11!!!.LAst I heard, this was still a nation of laws and not a police state-- hard as some people are trying to turn it into one.
Embarrasing to admit, but I'm not as up on the details of CISPA as I should be. Is that what CISPA calls for?
I'm one of those that believes that advice is good, but look for one's self is required as well. We fellows here on IE aren't going to be held legally liable for failure to comply. Know what I mean? I recommend a couple of different places.
For an advocate's view of CISPA, try the Electronic Frontier Foundation. Here's a good tracking site that provides bill text, as well as progress through to becoming law, if ever. And the "raw" data on bill status from Library of Congress' Thomas Archive here. There are five or six other sites, including IE, that I'd recommend as well.
I've heard, that if you try to google "Kill all humans"- a famous quotation by Robot Bender from Futurama, this request will be defined by FBI immediatly and you might have unexpected visitors. Is that true?
Not all the time, but we can't, of course, have ad hoc rules which apply in some cases but not others. I think Mitch is presenting a red herring. Of course surveillance of private conversations involves breaching the security of those conversations. What else does wire-tapping do? That's the objective.
It seems to me that ensuring the objective is achieved in a proper, above-board manner is as much a question of policy and procedure than technology.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Edward Snowden was so convinced that the Prism program involved secretive surveillance through Internet backdoors that he walked out on his job and his girlfriend, spoke to the media, and resigned himself to jail, or worse. It turns out, he might just be wrong.
In one of the nastiest -- not to mention large scale and long-term -- hacking exploits yet to be reported, it appears that the Chinese army has been rummaging through the data of those who have served in the US Armed Forces.
ASA Risk Consultants added its voice this week to the slowly growing chorus of voices demanding a coordinated international response to cyberattacks. In a research note circulated by IDG, ASA asserts that "nations will need to come to an agreement on how cyber warfare should be handled."
Extending existing US wiretap laws to give federal agencies easier backdoor access to Internet communications -- especially real-time P2P services like VoIP -- will give, not only aid and comfort, but also technical assistance, to the country's enemies. Not to mention cyberthieves.
In the final episode of this series about the death of Internet anonymity, Saunders describes how the Internet of the future will start to attain a level of intelligence that requires no human intervention. Scary.
What can users today do to protect their online privacy? The simplest and most obvious option is to not use the Internet – at all. However, once all digital information is consolidated over the Internet, trying to protect digital identity by simply unplugging from the Internet becomes impossible – a fact that has manifest implications for civil liberties, Saunders says.
By 2011 the number of Internet-connected sensors will exceed 1 trillion, making your chances of doing anything or going anywhere unnoticed pretty much zero. Saunders talks about how the 'sensortization' of the Internet is eliminating the traditional divide between online and offline populations.
The 20th Century Internet was characterized by the ability to interact with other people and information on the Internet largely without anyone knowing who you were. The Internet of this century, conversely, will be defined by identity. Saunders explains how Internet users are unwittingly contributing to the demise of the anonymous Internet.
Law enforcement agencies are poised to use iPhones as facial recognition systems in the coming months. The technical advance promises efficiency but has created a backlash among civil liberties proponents.
Google's problems in Korea and the leaked internal document on exploiting private data show that, if we want to avoid active regulation, we need more explicit disclosure of what companies do and don’t do with what they collect.
That's what Larry Page said on Google's earnings call, referring to the conjunction of mobile and the cloud. Well, let's chart it then! We need to be thinking about an Internet where 90% of our traffic goes to 70 destinations within 40 miles of us.
EU operators are considering joining up to create a pan-European network to reduce competitive overbuild and cost. This might lower costs and focus operators on higher-level, more interesting services.
Big-data and analytics tools enable marketers to understand customers as individuals, identifying unmet needs and addressing each customer as a "segment of one," says John Kennedy, VP corporate marketing, IBM.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The IBM Smarter Commerce Global Summit in Monaco kicked into high gear today, and we've already begun to see news emerging from that lovely city-state by the sea.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
Email This
