This is my tech links post that I am putting up outside the paywall and free for non-registered users. The only tech links in today’s post are on the NSA. I hadn’t intended to write this post but I decided to do it as the impetus for this post was the revelation that the NSA can get access to data in 75% of American Internet communication via its upstream wiretapping at American telecom companies. That is the lead link here but I want to make some general comments below.
Here’s what I think is the big picture:
The Internet is a data gold mine. As such, privacy is always going to be a central issue and Internet users will only trust companies with data if they believe their privacy is valued and protected. But right now, we are learning none of the (American) technology companies can be trusted because of their Faustian bargain with the U.S. government’s grandiose espionage campaign. The US government wants to bring everyone important in the (American) technology space onside in order to collect as much communications data as possible regardless of whether the source is foreign or domestic. They see the Internet companies as the owners of the most important data streams and are working to infiltrate them, co-opt them, bring them onside as willing partners in a widespread espionage operation. And they are succeeding.
The US government and US military have deep roots in the US technology industry that go back to World War II. Over time, those roots have made the technology industry a major part of the military-industrial complex. Tech companies are in bed with government. During the Cold War this was largely because of a defensive need to block the Russians. But, part of the complicity of technology companies was offensive i.e. to break down the defenses of others, the Russians and even American allies in Nato. Echelon is but one example. The US embassy in Moscow, for example, was so heavily bugged by the Russians it had to be ripped down – and this was after the fall of the Berlin War. Since the fall of the Soviet Empire, the threat of terrorism has replaced the Cold War in terms of national security and so American government espionage continues unabated. The bottom line here is that technology companies – especially the telecoms – have all long been co-opted.
However, for the last thirty-five or forty years, technology’s center has been shifting. Silicon Valley began moving to mini, micro and personal computers and so we are beyond the era of IBM and HP. Companies like Intel, Oracle and Microsoft have become important too. It has long been suspected that they too have been fully co-opted as a result. But Internet companies are newer. So they are not there… yet. What the PRISM program is all about from the government’s strategic perspective is bringing the Internet companies into the fold, getting them to be as complicit in espionage activities as possible in order to get them into relationships like the ones government already has with the Telcos and the old-line Silicon Valley companies. We are seeing the early stages of this and the penetration is probably uneven – hence the cries of foul from Internet execs. I believe that these companies all have some level of complicity, even in companies not in the PRISM program, especially at the top where decisions have to be made. But I do not believe the government has infiltrated them nearly as completely as the military tech companies, the telcos or the mainline Silicon Valley companies. However, again the goal is to develop a consistent working relationship that over time gets the government into these companies in the same way they are into the others.
Bruce Schneier has some good advice for them on this front, about joining what he calls the Public-Private Surveillance Partnership.
I have one message to the executives of those companies: fight.
Do you remember those old spy movies, when the higher ups in government decide that the mission is more important than the spy’s life? It’s going to be the same way with you. You might think that your friendly relationship with the government means that they’re going to protect you, but they won’t. The NSA doesn’t care about you or your customers, and will burn you the moment it’s convenient to do so.
We’re already starting to see that. Google, Yahoo, Microsoft and others are pleading with the government to allow them to explain details of what information they provided in response to National Security Letters and other government demands. They’ve lost the trust of their customers, and explaining what they do — and don’t do — is how to get it back. The government has refused; they don’t care.
It will be the same with you. There are lots more high-tech companies who have cooperated with the government. Most of those company names are somewhere in the thousands of documents that Edward Snowden took with him, and sooner or later they’ll be released to the public. The NSA probably told you that your cooperation would forever remain secret, but they’re sloppy. They’ll put your company name on presentations delivered to thousands of people: government employees, contractors, probably even foreign nationals. If Snowden doesn’t have a copy, the next whistleblower will.
This is why you have to fight. When it becomes public that the NSA has been hoovering up all of your users’ communications and personal files, what’s going to save you in the eyes of those users is whether or not you fought. Fighting will cost you money in the short term, but capitulating will cost you more in the long term.
Already companies are taking their data and communications out of the US.
-The NSA is Commandeering the Internet, 15 Aug 2013
This is exactly how the US government wants the system to work. It wants these companies to cooperate – even begrudgingly and under court order. The government knows full well that a history of cooperation, even if it grudging, eventually makes for willing and compliant partners. And that’s how you get the Public-Private partnership which creates a surveillance state. But, as I have said from the beginning these companies are shooting themselves in the foot because they are already losing the trust of their customers.
P.S. – Keep in mind that while we are fighting for our right to privacy as a badge of freedom, others in Egypt and Syria are fighting for even more basic rights and freedoms – and losing their lives doing so. I do want to put this debate in context then. It doesn’t mean, however, that privacy is unimportant. It is very important. Government is the only entity that has the power to conscript, tax and imprison and kill at will legally. It can be an unstoppable force of malevolence if those levers of power fall into the wrong hands. Maintaing the right to privacy from government keeps government power in check and ensures freedom for the future.
If we do not wake up and beat this back, government will feel emboldened and up the ante, fully co-opt the Internet companies in PRISM and move on to the next set of companies, which are the cloud data storage companies (Amazon, Dropbox, SugarSync, Box, etc).
The ultimate goal: Commandeering all forms of communication on the Internet. The proximate goal: infiltrate the important Internet and telecom companies as much as possible until their ongoing cooperation makes it easy to implicate them for breaching privacy and therefore buy their full complicity.
Today’s links are below.
The telecom connection is the one to watch as I have said all along:
“The National Security Agency-which possesses only limited legal authority to spy on U.S. citizens-has built a surveillance network that covers more Americans’ Internet communications than officials have publicly disclosed, current and former officials say.
The system has the capacity to reach roughly 75% of all U.S. Internet traffic in the hunt for foreign intelligence, including a wide array of communications by foreigners and Americans. In some cases, it retains the written content of emails sent between citizens within the U.S. and also filters domestic phone calls made with Internet technology, these people say.”
“Following the UK government’s decision to detain Guardian journalist Glenn Greenwald’s partner at Heathrow Airport under the auspices of a counterterrorism law, the country’s Home Office is ramping up the rhetoric, saying that he had “highly sensitive stolen information” and suggesting journalists and critics do some soul searching before pointing fingers at law enforcement.”
“As Jones points out, the cumulative effect of a multitude of decisions like hers could have substantial repercussions for internet companies (and in fact have already done so) as well as the digital economy as a whole. How many people will want to use an e commerce solution like Facebook is said to be launching if they know every transaction will be indexed and tracked by the government or the NSA? That’s just one example.”
“The law about when cops can search your phone is a cluster of confusion. But now the issue is teed up for the Supreme Court to define the privacy rights surrounding the personal computers in our pockets.”
“What happens when you lose privacy? Well, a hell of a lot it turns out. And when you defy arrogated state authority, they don’t like it. Not one bit. But we don’t care if they don’t like it. What we want returned to us is our right to be private”
“Equating NSA’s efforts at listening in to world communications to being robbed, Jones writes that she can no longer maintain the site – dependent on emails from readers – without compromising her ability to report on legal information related to the open source movement. The site was seen as a place for “lawyers and geeks” to meet to discuss issues pertinent to programming, networks, and FOSS software.”
“Officially, Uncle Sam says it doesn’t interfere. But behind the scenes, the feds have been trying to browbeat Internet firms into helping with surveillance demands.
“Nobody wants it on-premises,” said a representative of a large Internet company who has negotiated surveillance requests with government officials. “Nobody wants a box in their network…[Companies often] find ways to give tools to minimize disclosures, to protect users, to keep the government off the premises, and to come to some reasonable compromise on the capabilities.””
“I have one message to the executives of those companies: fight.
Do you remember those old spy movies, when the higher ups in government decide that the mission is more important than the spy’s life? It’s going to be the same way with you. You might think that your friendly relationship with the government means that they’re going to protect you, but they won’t. The NSA doesn’t care about you or your customers, and will burn you the moment it’s convenient to do so.”
“Google has filed a rare petition to challenge an ultra-secret national security letter issued by the government to obtain private data about one or more of its users.
The extraordinary petition, which was filed under seal in the U.S. District Court of Northern California on March 29, comes just days after a U.S. District Judge in California ruled in a case brought by an unnamed company and the Electronic Frontier Foundation that so-called NSLs that come with a gag order on the recipient are an unconstitutional impingement on free speech.
On March 14, U.S. District Judge Susan Illston ordered the government to stop issuing NSLs and to cease enforcing the gag provision in cases where they have already been issued. Illston, however, stayed her order for 90 days to give the government a chance to appeal her ruling to the Ninth Circuit Court of Appeals.
The recent Google challenge has also been assigned to Judge Illston.”
“In a secret court in Washington, Yahoo’s top lawyers made their case. The government had sought help in spying on certain foreign users, without a warrant, and Yahoo had refused, saying the broad requests were unconstitutional.
The judges disagreed. That left Yahoo two choices: Hand over the data or break the law.
the decision has had lasting repercussions for the dozens of companies that store troves of their users’ personal information and receive these national security requests — it puts them on notice that they need not even try to test their legality. And despite the murky details, the case offers a glimpse of the push and pull among tech companies and the intelligence and law enforcement agencies that try to tap into the reams of personal data stored on their servers.”
“Computers and networks inherently produce data, and our constant interactions with them allow corporations to collect an enormous amount of intensely personal data about us as we go about our daily lives. Sometimes we produce this data inadvertently simply by using our phones, credit cards, computers and other devices. Sometimes we give corporations this data directly on Google, Facebook, Apple Inc.’s iCloud and so on in exchange for whatever free or cheap service we receive from the Internet in return.
The NSA is also in the business of spying on everyone, and it has realized it’s far easier to collect all the data from these corporations rather than from us directly. In some cases, the NSA asks for this data nicely. In other cases, it makes use of subtle threats or overt pressure. If that doesn’t work, it uses tools like national security letters.
The result is a corporate-government surveillance partnership, one that allows both the government and corporations to get away with things they couldn’t otherwise. “
“I spoke with Brewster Kahle, the founder of the nonprofit Internet Archive, perhaps the greatest of our digital libraries, and of the Wayback Machine, which allows you to browse an archive of the Web that reaches back to 1996. He is one of very few people in the United States who can talk about receiving a national-security letter. These letters are one of the ways government agencies, in particular the F.B.I., can demand data from organizations in matters related to national security. They do not require prior approval from a judge, only the assertion that the information demanded is relevant to a national-security investigation. Recipients of a national-security letter typically are not allowed to disclose it.”
“Users have a right to expect technology firms to safeguard their privacy from state spying. Fixes like encryption are not enough”
“The actual story that matters is not hard to see: the NSA is attempting to collect, monitor and store all forms of human communication”
“U.S. President Barack Obama met with the CEOs of Apple Inc, AT&T Inc as well as other top technology and privacy representatives on Thursday to discuss government surveillance in the wake of revelations about the programs, the White House confirmed”
“there’s no need to pester the security people at the provider if you want to update your collection rules: you just give yourself a classified order to now start collecting something new, on your box, in their data center.
having “direct access” would be a huge disadvantage for you, because you now have a greater potential for information about your collection program leaking out. No, they do not have “direct access” to google, facebook, twitter, etc. They have something better: field-programmable completely invisible classified and unregulated access.”
“When Max Kelly, the chief security officer for Facebook, left the social media company in 2010, he did not go to Google, Twitter or a similar Silicon Valley concern. Instead the man who was responsible for protecting the personal information of Facebook’s more than one billion users from outside attacks went to work for another giant institution that manages and analyzes large pools of data: the National Security Agency.
Mr. Kelly’s move to the spy agency, which has not previously been reported, underscores the increasingly deep connections between Silicon Valley and the agency and the degree to which they are now in the same business. Both hunt for ways to collect, analyze and exploit large pools of data about millions of Americans.”
“Oversight involves meaningful constraints on the NSA, the FBI and others. This will be a combination of things: a court system that acts as a third-party advocate for the rule of law rather than a rubber-stamp organization, a legislature that understands what these organizations are doing and regularly debates requests for increased power, and vibrant public-sector watchdog groups that analyze and debate the government’s actions.
Accountability means that those who break the law, lie to Congress or deceive the American people are held accountable. The NSA has gone rogue, and while it’s probably not possible to prosecute people for what they did under the enormous veil of secrecy it currently enjoys, we need to make it clear that this behavior will not be tolerated in the future. Accountability also means voting, which means voters need to know what our leaders are doing in our name.
This is the only way we can restore trust. A market economy doesn’t work unless consumers can make intelligent buying decisions based on accurate product information. That’s why we have agencies like the FDA, truth-in-packaging laws and prohibitions against false advertising.
In the same way, democracy can’t work unless voters know what the government is doing in their name. That’s why we have open-government laws. Secret courts making secret rulings on secret laws, and companies flagrantly lying to consumers about the insecurity of their products and services, undermine the very foundations of our society. “
Here is yet another consumer-oriented cloud data offering. They will continue to proliferate despite the NSA scandal because the ease of use trumps privacy concerns for consumers at least.
It is business-oriented cloud services that will be most impacted by the NSA scandal. I think consumer-oriented cloud offerings will fare better.
“One initial theory about the detainment in the Twittersphere was that UK authorities were trying to hassle and harass Greenwald, who is obviously the bane of secrecy-loving government authorities these days.
But this morning, geo-political expert Ian Bremmer of the Eurasia Group suggested that the motive was far more serious. Bremmer thinks it’s likely that the U.S. and U.K. authorities are preparing “indictments” against Glenn Greenwald.”