Thoughts on privacy

Thoughts on privacy
By Doc Searls
Aug 31 2013
<http://blogs.law.harvard.edu/doc/2013/08/31/thoughts-on-privacy/>

In Here Is New York, E.B. White opens with this sentence: “On any person who desires such queer prizes, New York will bestow the gift of loneliness and the gift of privacy.” Sixty-four years have passed since White wrote that, and it still makes perfect sense to me, hunched behind a desk in a back room of a Manhattan apartment.

That’s because privacy is mostly a settled issue in the physical world, and a grace of civilized life. Clothing, for example, is a privacy technology. So are walls, doors, windows and shades.

Private spaces in public settings are well understood in every healthy and mature culture. This is why no store on Main Street would plant a tracking beacon in the pants of a visiting customer, to report back on that customer’s activities — just so the store or some third party can “deliver” a better “experience” through advertising. Yet this kind of thing is beyond normative on the Web: it is a huge business.

Worse, the institution we look toward for protection from this kind of unwelcome surveillance — our government — spies on us too, and relies on private companies for help with activities that would be a crime if the Fourth Amendment still meant what it says. (Here’s what The Onion prophetically reported about this irony more than two years ago.)

I see two reasons why privacy is now under extreme threat in the digital world — and the physical one to, as surveillance cameras bloom like flowers in public spaces, and as marketers and spooks together look toward the “Internet of Things” for ways to harvest an infinitude of personal data.

The end-to-end principle was back-burnered when client-server (akacalf-cow) got baked into e-commerce in the late ’90s. In a single slide Phil Windley summarizes what happened after that. It looks like this:

The History of E-commerce
1995: Invention of the cookie.
The end.

For a measure of how far we have drifted away from the early promise of networked life, re-read John Perry Barlow‘s “Death From Above,” published in January 1995, and his “Declaration of the Independence of Cyberspace,” published one year later. The first argued against asymmetrical provisioning of the Net and the second expressed faith in the triumph of nerds over wannabe overlords.

[snip]

The Baby and the Baath Water

[Note:  This item comes from friend David Rosenthal.  From 2011, but provides good context and history for what is happening there now.  DLH]

From: “David S. H. Rosenthal” <dshr@abitare.org>
Subject: Syria
Date: August 31, 2013 6:41:26 AM PDT

THE BABY AND THE BAATH WATER
By Adam Curtis
Jun 16 2011
<http://www.bbc.co.uk/blogs/adamcurtis/2011/06/the_baby_and_the_baath_water.html>

What is happening in Syria feels like one of the last gasps of the age of the military dictators. An old way of running the world is still desperately trying to cling to power, but the underlying feeling in the west is that somehow Assad’s archaic and cruel military rule will inevitably collapse and Syrians will move forward into a democratic age.

That may, or may not, happen, but what is extraordinary is that we have been here before. Between 1947 and 1949 an odd group of idealists and hard realists in the American government set out to intervene in Syria. Their aim was to liberate the Syrian people from a corrupt autocratic elite – and allow true democracy to flourish. They did this because they were convinced that “the Syrian people are naturally democratic” and that all that was neccessary was to get rid of the elites – and a new world of “peace and progress” would inevitably emerge.

What resulted was a disaster, and the consequences of that disaster then led, through a weird series of bloody twists and turns, to the rise to power of the Assad family and the widescale repression in Syria today.

I thought I would tell that story.

In 1968 a CIA agent called Miles Copeland wrote a book called ‘The Game of Nations’ that revealed what went on in 1947. Back then Copeland was part of a mangement consulting team in Washington who were working out how America should contain the threat of communism in the Middle East, now the old European Empires had gone. This was before the CIA existed, and Copeland describes how they got together an odd group of diplomats, secret agents left over from the war, advertising men from Madison Avenue, and “pipe-smoking owls” (which is what intellectuals were called in those days).

[snip]

Syria intervention plan fueled by oil interests, not chemical weapon concern

Syria intervention plan fueled by oil interests, not chemical weapon concern
Massacres of civilians are being exploited for narrow geopolitical competition to control Mideast oil, gas pipelines
By Nafeez Ahmed
Aug 30 2013
<http://www.theguardian.com/environment/earth-insight/2013/aug/30/syria-chemical-attack-war-intervention-oil-gas-energy-pipelines>

On 21 August, hundreds – perhaps over a thousand – people were killed in a chemical weapon attack in Ghouta, Damascus, prompting the US, UK, Israel and France to raise the spectre of military strikes against Bashir al Assad’s forces.

The latest episode is merely one more horrific event in a conflict that has increasingly taken on genocidal characteristics. The case for action at first glance is indisputable. The UN now confirms a death toll over 100,000 people, the vast majority of whom have been killed by Assad’s troops. An estimated 4.5 million people have been displaced from their homes. International observers have overwhelmingly confirmed Assad’s complicity in the preponderance of war crimes and crimes against humanity against the Syrian people. The illegitimacy of his regime, and the legitimacy of the uprising, is clear.

Experts are unanimous that the shocking footage of civilians, including children, suffering the effects of some sort of chemical attack, is real – but remain divided on whether it involved military-grade chemical weapons associated with Assad’s arsenal, or were a more amateur concoction potentially linked to the rebels.

Whatever the case, few recall that US agitation against Syria began long before recent atrocities, in the context of wider operations targeting Iranian influence across the Middle East.

In May 2007, a presidential finding revealed that Bush had authorised CIA operations against Iran. Anti-Syria operations were also in full swing around this time as part of this covert programme, according to Seymour Hersh in the New Yorker. A range of US government and intelligence sources told him that the Bush administration had “cooperated with Saudi Arabia’s government, which is Sunni, in clandestine operations” intended to weaken the Shi’ite Hezbollah in Lebanon. “The US has also taken part in clandestine operations aimed at Iran and its ally Syria,” wrote Hersh, “a byproduct” of which is “the bolstering of Sunni extremist groups” hostile to the United States and “sympathetic to al-Qaeda.” He noted that “the Saudi government, with Washington’s approval, would provide funds and logistical aid to weaken the government of President Bashir Assad, of Syria,” with a view to pressure him to be “more conciliatory and open to negotiations” with Israel. One faction receiving covert US “political and financial support” through the Saudis was the exiled Syrian Muslim Brotherhood.

According to former French foreign minister Roland Dumas, Britain had planned covert action in Syria as early as 2009: “I was in England two years before the violence in Syria on other business”, he told French television:

“I met with top British officials, who confessed to me that they were preparing something in Syria. This was in Britain not in America. Britain was preparing gunmen to invade Syria.”

The 2011 uprisings, it would seem – triggered by a confluence of domestic energy shortages and climate-induced droughts which led to massive food price hikes – came at an opportune moment that was quickly exploited. Leaked emails from the private intelligence firm Stratfor including notes from a meeting with Pentagon officials confirmed US-UK training of Syrian opposition forces since 2011 aimed at eliciting “collapse” of Assad’s regime “from within.”

[snip]

Re: The parody shirt the NSA doesn’t want you to wear

[Note:  This comment comes from reader Brett Glass.  DLH]

From: Brett Glass <brett@lariat.net>
Subject: Re The parody shirt the NSA doesn’t want you to wear
Date: August 30, 2013 10:00:30 PM PDT
To: “Dewayne Hendricks” <dewayne@warpspeed.com>

The NSA is abusing the law.

The law says:

Sec. 15. (a) No person may, except with the written permission
of the Director of the National Security Agency, knowingly use the
words ‘National Security Agency’, the initials ‘NSA’, the seal of
the National Security Agency, or any colorable imitation of such
words, initials, or seal in connection with any merchandise,
impersonation, solicitation, or commercial activity in a manner
reasonably calculated to convey the impression that such use is
approved, endorsed, or authorized by the National Security Agency.

Could anyone possibly believe for a microsecond that the parody shirt (with the
credo “Peeping while you’re sleeping” on the seal) had been “approved, endorsed
or authorized” by the NSA?

–Brett Glass

Is the NSA surveillance program really about spying on environmentalists?

Is the NSA surveillance program really about spying on environmentalists?
By Sarah Laskow
Aug 26 2013
<http://grist.org/news/is-the-nsa-surveillance-program-really-about-spying-on-environmentalists/>

At the Guardian, Nafeez Ahmed, executive director of the Institute for Policy Research & Development, has an idea about what might be driving the massive expansion of the NSA’s domestic surveillance program that we’ve learned so much about lately. It’s not concerns about religious fundamentalists who hate America. Instead, he suggests, the government is worried about environmental activism:

But why have Western security agencies developed such an unprecedented capacity to spy on their own domestic populations? Since the 2008 economic crash, security agencies have increasingly spied on political activists, especially environmental groups, on behalf of corporate interests. This activity is linked to the last decade of US defence planning, which has been increasingly concerned by the risk of civil unrest at home triggered by catastrophic events linked to climate change, energy shocks or economic crisis — or all three.

Who would have thunk? It turns out the U.S. government is worried about climate change, after all. At least if being worried about climate change lets them use all their cool spy gear.

Across the government, security professionals are fretting about natural disasters and global oil shortfalls, Ahmed explains. The Department of Defense has written that “climate change, energy security, and economic stability are inextricably linked.” They’re nervous about what this means: What are people going to do when they realized they’re, to use the technical term, totally screwed? The Army’s Strategic Studies Institute has suggested that, in the case of a total freak-out, it might be necessary to “use of military force against hostile groups inside the United States.”

Who are those hostiles? Why, they might just be environmentalists.

[snip]

U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show

U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show
By Barton Gellman and Ellen Nakashima
Aug 30 2013
<http://www.washingtonpost.com/world/national-security/us-spy-agencies-mounted-231-offensive-cyber-operations-in-2011-documents-show/2013/08/30/d090a6ae-119e-11e3-b4cb-fd7ce041d814_story.html>

U.S. intelligence services carried out 231 offensive cyber-operations in 2011, the leading edge of a clandestine campaign that embraces the Internet as a theater of spying, sabotage and war, according to top-secret documents obtained by The Washington Post.

That disclosure, in a classified intelligence budget provided by NSA leaker Edward Snowden, provides new evidence that the Obama administration’s growing ranks of cyberwarriors infiltrate and disrupt foreign computer networks.

Additionally, under an extensive effort code-named GENIE, U.S. computer specialists break into foreign networks so that they can be put under surreptitious U.S. control. Budget documents say the $652 million project has placed “covert implants,” sophisticated malware transmitted from far away, in computers, routers and firewalls on tens of thousands of machines every year, with plans to expand those numbers into the millions.

The documents provided by Snowden and interviews with former U.S. officials describe a campaign of computer intrusions that is far broader and more aggressive than previously understood. The Obama administration treats all such cyber-operations as clandestine and declines to acknowledge them.

The scope and scale of offensive operations represent an evolution in policy, which in the past sought to preserve an international norm against acts of aggression in cyberspace, in part because U.S. economic and military power depend so heavily on computers.

“The policy debate has moved so that offensive options are more prominent now,” said former deputy defense secretary William J. Lynn III, who has not seen the budget document and was speaking generally. “I think there’s more of a case made now that offensive cyberoptions can be an important element in deterring certain adversaries.”

Of the 231 offensive operations conducted in 2011, the budget said, nearly three-quarters were against top-priority targets, which former officials say includes adversaries such as Iran, Russia, China and North Korea and activities such as nuclear proliferation. The document provided few other details about the operations.

Stuxnet, a computer worm reportedly developed by the United States and Israel that destroyed Iranian nuclear centrifuges in attacks in 2009 and 2010, is often cited as the most dramatic use of a cyberweapon. Experts said no other known cyberattacks carried out by the United States match the physical damage inflicted in that case.

[snip]

Re: Feds plow $10 billion into ‘groundbreaking’ crypto-cracking program

[Note:  This comment comes from a reader of Dave Farber’s IP List.  DLH]

From: Whitfield Diffie <whitfield.diffie@gmail.com>
Subject: Re: [IP] Feds plow $10 billion into “groundbreaking crypto-cracking_program_=
Date: August 30, 2013 7:38:43 PM EDT
To: Dave Farber <dave@farber.net>

Feds plow $10 billion into “groundbreaking” crypto-cracking program
Consolidated Cryptologic Program has 35,000 employees working to defeat enemy
crypto.

I think there is a misunderstanding here.  Both inside and outside
NSA, the word `cryptology’ refers to the combination of cryptography
and cryptanalysis.  According to an old edition of the Joint Chiefs of
Staff dictionary (though I doubt it has changed), cryptology means

The science which treats of hidden, disguised, or encrypted communications.
It embraces communications security and communications intelligence.

Department of Defense
Dictionary  of
Military and Associated Terms
JCS Pub. 1, 3 January 1972

As reflected in the second sentence, however, `cryptology’ is also
used in the government to embrace all of signals intelligence.

I don’t doubt that NSA continue to work on cryptanalysis but I
doubt that it could be spending a fifth of the intelligence budget on
it; I think that just refers the overall sigint budget.

Whit

Leaked documents reveal US sees Israel as a spying threat (Video)

Leaked documents reveal US sees Israel as a spying threat (Video)
By Julian Pecquet
08/29/13
<http://thehill.com/blogs/global-affairs/middle-east-north-africa/319513-leaked-documents-reveal-us-sees-israel-as-a-major-spying-threat>

The Obama administration views Israel as one of the top spying threats facing its intelligence services, leaked documents reveal.
A secret budget request obtained by The Washington Post from former NSA contractor Edward Snowden lumps Israel alongside U.S. foes Iran and Cuba as “key targets” for U.S. counterintelligence efforts. The document suggests Israel does not believe U.S. assurances that its interests are aligned with Israel’s on crucial issues such as Iran and peace talks with the Palestinians.

“To further safeguard our classified networks, we continue to strengthen insider threat detection capabilities across the Community,” reads the FY 2013 congressional budget justification for intelligence programs. “In addition, we are investing in target surveillance and offensive CI [counterintelligence] against key targets, such as China, Russia, Iran, Israel, Pakistan and Cuba.”

The White House and the Israeli Embassy did not respond to requests for comment.

The revelations come as no surprise to Georgetown University’s Paul Pillar, who retired as the national intelligence officer for the Near East in 1995 after a 28-year career in U.S. intelligence. Israeli spying, he said, has remained a major threat since U.S. citizen Jonathan Pollard received a life sentence in 1987 in a massive spying case that gravely strained relations between the two countries.

“Israel should be assumed to continue to have an aggressive intelligence collection operations against the United States,” Pillar said. While much information is collected through traditional political contacts, “I would personally have no doubt that that is supplemented by whatever means they can use to find out as much as they can about what we’re doing, thinking, deciding on anything of interest to Israel, which would include just about any Middle Eastern topic.”

The issues of continued Israeli settlement construction and Obama’s strong interest in reaching a negotiated settlement to avoid a confrontation with Iran over its nuclear program, Pillar said, are two issues where U.S. and Israeli interests “certainly diverge,” he said. Spying, he said, could give Israel “warning indicators” before any public decisions, and enable the country to put its “political machine in action” and get the United States to reconsider.

[snip]

Feds plow $10 billion into “groundbreaking” crypto-cracking program

Feds plow $10 billion into “groundbreaking” crypto-cracking program
Consolidated Cryptologic Program has 35,000 employees working to defeat enemy crypto.
By Dan Goodin
Aug 30 2013
<http://arstechnica.com/security/2013/08/feds-plow-10-billion-into-groundbreaking-crypto-cracking-program/>

The federal government is pouring almost $11 billion per year into a 35,000-employee program dedicated to “groundbreaking” methods to decode encrypted messages such as e-mails, according to an intelligence black budget published by The Washington Post.

The 17-page document, leaked to the paper by former National Security Agency (NSA) contractor Edward Snowden, gives an unprecedented breakdown of the massive amount of tax-payer dollars—which reached $52 billion in fiscal 2013—that the government pours into surveillance and other intelligence-gathering programs. It also details the changing priorities of the government’s most elite spy agencies. Not surprisingly, in a world that’s increasingly driven by networks and electronics, they are spending less on the collection of some hard-copy media and satellite operations while increasing resources for sophisticated signals intelligence, a field of electronic spying feds frequently refer to as “SIGINT.”

“We are bolstering our support for clandestine SIGINT capabilities to collect against high priority targets, including foreign leadership targets,” James Clapper, director of national intelligence, wrote in a summary published by the WaPo. “Also, we are investing in groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit Internet traffic.”

The document goes on to reveal that something called the Consolidated Cryptologic Program has received more than $10 billion annually for the past four years, and it employs about 35,000 people. It also shows that 23 percent of this year’s program funding supported collection and operations, 15 percent went to processing and exploitation, and 14 percent funded analysis and production.

[snip]

US won’t let Microsoft, Google reveal more data on FISA orders

US won’t let Microsoft, Google reveal more data on FISA orders
Tech rivals vow to press forward with litigation after talks with DOJ fail.
By Jon Brodkin
Aug 30 2013
<http://arstechnica.com/tech-policy/2013/08/us-wont-let-microsoft-google-reveal-more-data-on-fisa-orders/>

Microsoft and Google have not been able to convince the Department of Justice (DOJ) to let the tech companies reveal how many Foreign Intelligence Surveillance Act (FISA) orders they must comply with.

Noting that “there are many days when Microsoft and Google stand apart,” Microsoft General Counsel Brad Smith today wrote that the companies are united in trying to provide more information about orders that allow the government to spy on the companies’ customers:

We both remain concerned with the Government’s continued unwillingness to permit us to publish sufficient data relating to Foreign Intelligence Surveillance Act (FISA) orders.

Each of our companies filed suit in June to address this issue. We believe we have a clear right under the US Constitution to share more information with the public. The purpose of our litigation is to uphold this right so that we can disclose additional data.

On six occasions in recent weeks we agreed with the Department of Justice to extend the Government’s deadline to reply to these lawsuits. We hoped that these discussions would lead to an agreement acceptable to all. While we appreciate the good faith and earnest efforts by the capable Government lawyers with whom we negotiated, we are disappointed that these negotiations ended in failure.

While Smith noted the US government has said it would start “publishing the total number of national security requests for customer data for the past 12 months and do so going forward once a year,” he wrote that Microsoft and Google believe the public is constitutionally entitled to more than that.

“For example, we believe it is vital to publish information that clearly shows the number of national security demands for user content, such as the text of an e-mail,” Smith wrote. “These figures should be published in a form that is distinct from the number of demands that capture only metadata such as the subscriber information associated with a particular e-mail address. We believe it’s possible to publish these figures in a manner that avoids putting security at risk. And unless this type of information is made public, any discussion of government practices and service provider obligations will remain incomplete.”

Since the negotiations failed, Smith wrote that “we will move forward with litigation in the hope that the courts will uphold our right to speak more freely.”

A Google spokesperson said today that “while the government’s decision to publish aggregate information about certain national security requests is a step in the right direction, we believe there is still too much secrecy around these requests and that more openness is needed,” according to the Wall Street Journal.

[snip]