Don, I personally don't think that we can draw a line here. With all the data held in warehouses and relational engines within a click's reach, it is bound to make even the morally strong reach out for information they should not have access to...

I think perhaps it is best that we accept the fact that staying connected is synonymous with being monitored. Sure this would give rise to a lot of unwanted paranoia but then again we are living in times where fear is driving decisions. 

Don,

As far as governing principles for the Internet, privacy and anonimity certainly aren't on the list for me. Information sharing and connectivty might be. But even then, it is really a judgement call on someone else's part to say that what I share on the net even qualifies as information.

Communications channels have always carried the risk of information leakage or interception, intentional or otherwise. If you are using a communications medium, you are at best a court order away from direct monitoring aggregious enough to send the most feint-hearted of Libertarians off of the grid for years.

The bits of intelligence that we leave as we wander about cyberspace, known and unknown, are really our own doing. When was the last time you gave you SSN, the whole number, over the phone? For that matter, when was the last time you gave out your complete birthdate over the phone. I did that one just today, and even though I knew the organization I was dealing with, and why they wanted the information, I still blanched.

We don't fill out the warranty registration cards anymore--we learned the hard way what happens to that information. And yet every day, more people than we'd like to admit--some our closest friends and colleagues maybe, fill out an online form on a website effectively handing our identities to the bad guys.

Personally, I don't think they need a million and a half square feet out west. Heck, why not just harvest a botnet or two, or do like SETI and distribute the processing out on our private systems on a subscription basis. But to imagine that it isn't being done already is naive to say the least.

What Cyber Threats (tm) will NSA be looking at? There's the real question.

Great points all around.  Where do we draw the line?  At this point, we don't know.  And at the same time, there's no reason to believe that they won't hold up their end of the bargain.

But what if they don't?

Don

First to David's post.

Since when is Google no longer doing no evil. Wanting to digitize every book, with no one else allowed it seems, paying authors a pittance or nothing at all, seems evil to me. Following every move you make on their site, putting cookies on your computer to follow the rest of your moves, also seems evil.

The company is not altruistic. It is in business to make money and to make money it needs advertising and click-throughs. To get those click-throughs it has targeted ads.

That's not to say that Bing, Yahoo or Ask don't do the same thing but at least they tell you exactly how long they keep your information. All Google says us that they keep your info for two years, generally. I take that to mean forever if the company wants to. Evil is evil, no matter mottos.

Maybe Google wasn't evil in the beginning but I sure as heck don't trust them now with anything and won't use any of their services.

Sorry for that diatribe.

As for the Feds. I was in Intel during the Vietnam War. We did nothing against Americans, or anyone in America. It was against the law then just as it is now. We didn't break the law. Or at least in my part of it, Operations, and those of us in that part of it were privy to everything and anything we wanted to see or use. We kept track of Foreign Intel, no more and no less. Now, since Bush, or 43 as a cousin of mine calls him, and Cheney decided that the Constitution only meant what it meant to them, well privacy has gone to hell in a hand basket.

Sure the NSA will keep track of American citizens, just as they will non-Americans. But the amount of information, something that we had to deal with, is going to  be enormous. And computers will be needed to analyze what other computers capture. Of course, with Virtulization it's pretty easy to have enough computers. We had to have people who did nothing but sift through the crap to get to the gold. This isn't going to change.

As for privacy on the Web. Well, privacy has never been there on the Web, even when it was just a few million of us around the world, paying by the hour. Just as virtulization is nothing new, now over a decade old. It was called a panacea then, just as now. But the people who use it will be small and medium businesses for the public cloud and large ones will have private clouds, basically virtualizating their information.

The problem, which the NSA I'm sure is aware of, is security. No matter how hard the NSA, or any company for that matter, tries there's going to be breaches. We had spies on the other sides that gave us information and spies on our side that gave them information. It happens. Much like data breaches happen today.

Sure there can be checks for thumb drives and so forth, but the NSA employees are bright people and can and do remember information. Microfiche is still around and can be used. Hell, I remember information, useless now I think, from my days in Intel.

Clouds can be and are by their very nature insecure. Virtulization can be gotten into, but with more work. Nothing is secure. And that's where the problem is.

What I've posted here is out in the wild. It's not secure. What anyone posts on an open forum, or a closed one for that matter, is in the wild.

Remember, eventually evil will be done and security is and always has been non-exstant. It's really as simple as that.

David,

You would have loved Ira's presentation at RSA 2009 about whether Google is Evil and how as you stated, the users of the Internet freely give Google their information in many ways through their free products without batting an eye, but in the very next breath would bring class action suits against the federal government for mining the same data crossing the ether.

Don Reisinger,

Firstly; I want to congratulate you on an insightful and well balanced article. I wholeheartedly agree with the positions you laid out. As a Libertarian at heart I cannot help but cringe for the way our beloved series of tubes [Internet] are headed. I find it personally difficult to comprehend the sheer amount of information that makes up the "trillions of phone conversations, e-mail messages", as Mark Everett Hall eloquently stated.

While it can give us a sense that Big Brother is watching, and believe me they are, it can also make us feel like just another number. No amount of staff resources or Echelon Signals Intelligence, in my opinion, can accurately and 100% pin-point and categorize the daily lives of each and every one of us unless we were specifically targetted by THE agency. I sincerely believe "they" are not interested in irrelevant conversations like partisan-politics and nonchalant topics like the weather and those World Series statistics... sorry sports fans.

It is now long overdue, long past the expiration date for people of this great tube-o-sphere to step back and realize that their information is out there and that the only way to preserve even an ounce of it is to be more careful how it is broadcasted. Use PGP (GnuPG is a free and open source alternative) in sensitive e-mails, surf questionable web-sites using Tor and/or I2P, tighten up the privacy settings on your Facebook account (Canadians; Facebook is now complying with The Privacy Commissioner of Canada), or simply step out of that social networking trap altogether and attempt to harness even a little bit of your privacy while you still have it. There are ways to control some of your information... even in ways so the FEDS don't see it. Not that they necessarily cared to begin with. ;-)

- Nathan Wosnack

p.s.

You even even encrypt telephone conversations with some VoIP providers using SIPS/MIKEY/SRTP, and IPSec encryption for SIP signaling and the RTP traffic.

Only half jokingly, I ask "Rather than spend the money to build, why can't they just outsource this to Google since Google essentially alreay has this database."  Plus Google is already commited to doing no evil!

But seriously, while I do have some worries about how the government uses data - I can't see any reason why they should use the data less than search and e-commerce sites.  Internet search, ecommerce or national security.  Hmmm, how can you say it is okay for Google to use the data (that people publicly post) but the government should not use the same data?

The actual data center will only occupy about 10 percent of the square footage (~100k sq ft), according to this account. And if consolidation of existing capabilities or personnel is all it takes to make civil libertarians shudder, they need to get over themselves (and the sooner, the better). Forget out tweets and Facebook updates and phone calls -- turning on our cell phones, using credit cards -- hell, even just having an IP address would tell tales on any citizen in any country across the globe.

"those who have enjoyed their Web privacy for quite awhile..."

To iterate again: No privacy here, my friends.

ON THE INTERNET EVERYONE CAN HEAR YOU SCREAM.

And when you hear "if you haven't done anything wrong, you have nothing to fear," it's time to hide the silver.

All the things you are worried about are entirely possible right now. The data center is just a point of consolidation. Having the data at one location may allow data mining to be more efficient, but that's about the only change I see.

As for the CIA and Visible Technologies, I suggest that is a good thing. I wrote a piece about that last week. Anything that they are capturing, you or I could as well. Isn't it better that they are at least aware of what is passing over public pipes?

For example, would it be a good thing if the authorities learned that someone was sending tweets about every B-2 that left North Dakota?