• Thanks for stopping by. Logging in to a registered account will remove all generic ads. Please reach out with any questions or concerns.

NSA Whistle-blower Ed Snowden

A little bit more detail on PRISM from the Washington Post:

Here’s everything we know about PRISM to date

(more like a FAQ)

http://www.washingtonpost.com/blogs/wonkblog/wp/2013/06/12/heres-everything-we-know-about-prism-to-date/?hpid=z2

Since the Guardian and The Washington Post revealed the existence of the NSA’s PRISM program last week, there’s been a confusing debate about what exactly the program is and how it works. While the Obama administration has tacitly acknowledged the program’s existence, tech companies have angrily denied that they had given the NSA “direct” or “unfettered” access to their servers. So what’s going on? Let’s try to separate the facts from the hype.

What do we know for sure about PRISM?

We know that PRISM is a system the NSA uses to gain access to the private communications of users of nine popular Internet services. We know that access is governed by Section 702 of the Foreign Intelligence Surveillance Act, which was enacted in 2008. Director of National Intelligence James Clapper tacitly admitted PRISM’s existence in a blog post last Thursday. A classified PowerPoint presentation leaked by Edward Snowden states that PRISM enables “collection directly from the servers” of Microsoft, Yahoo, Google, Facebook and other online companies.

What do the Internet companies who allegedly participate in this program have to say about it?

In a Friday post titled “What the …?” Google CEO Larry Page stated that “any suggestion that Google is disclosing information about our users’ Internet activity on such a scale is completely false.”

In a weekend follow-up, Google chief architect Yonatan Zunger wrote that “the only way in which Google reveals information about users are when we receive lawful, specific orders about individuals.” He said that “it would have been challenging — not impossible, but definitely a major surprise — if something like this could have been done without my ever hearing of it.” He said that even if he couldn’t talk about such a program publicly, he would have quit Google rather than participate. “We didn’t fight the Cold War just so we could rebuild the Stasi ourselves,” he concluded.

“The notion that Yahoo! gives any federal agency vast or unfettered access to our users’ records is categorically false,” wrote Yahoo’s Ron Bell on Saturday. “Of the hundreds of millions of users we serve, an infinitesimal percentage will ever be the subject of a government data collection directive.”

Facebook CEO Mark Zuckerberg called media reports about PRISM “outrageous,” stating that “Facebook is not and has never been part of any program to give the U.S. or any other government direct access to our servers.”

“We only ever comply with orders for requests about specific accounts or identifiers,” Microsoft said in a statement last Thursday. “If the government has a broader voluntary national security program to gather customer data, we don’t participate in it.”

“We have never heard of PRISM,” said Steve Dowling, a spokesman for Apple. “We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order.”

Are the companies lying? Or using legalistic language to hide their participation?

It’s hard to be sure, but the number of companies that have issued denials, and the vehemence of some of their statements, suggests that they may be sincere.

Initially, many people were suspicious of the fact that a number of companies only denied giving the NSA “direct access” to their servers, suggesting that the companies might be giving the agency access to the contents of their servers through some intermediary.

But the more recent statements, especially Zunger’s and Bell’s, seem to leave little wiggle room. Google’s Zunger says that Google only responds to “specific orders about individuals.” Yahoo’s Bell says that only an “infinitesimal percentage” of Yahoo’s customers will have their information turned over to the feds. That’s in tension with initial reports about how PRISM operates. And Zunger’s crack about the Stasi is very different from the careful, legalistic statements the firms released in the initial hours after news of PRISM broke.

If PRISM doesn’t give the NSA unfettered access to our online information, what does it do?
Reporting by the New York Times and CNet offers some clues about how PRISM works.

The Times says that major tech companies have systems that “involve access to data under individual FISA requests. And in some cases, the data is transmitted to the government electronically, using a company’s servers.”

Data is “shared after company lawyers have reviewed the FISA request according to company practice. It is not sent automatically or in bulk,” the Times reports. The scheme is “a more secure and efficient way to hand over the data.”

A source told CNet’s Declan McCullagh that PRISM is “a very formalized legal process that companies are obliged to do.” A source — perhaps the same one — says that “you can’t say everyone in Pakistan who searched for ‘X’ … It still has to be particularized.”

Doesn’t that contradict what the slides released by Snowden say?

Not necessarily. Here’s the key slide from the PRISM presentation: (see slide at link)

This slide draws a distinction between NSA surveillance programs that collect communications “as data flows past” on fiber optic cables and PRISM, which collects communications “directly from the servers” of U.S. Internet companies.

Some have interpreted this to mean that the NSA has “direct access” in a technical sense: automatic, unfettered access to the servers’ contents. But in context, “direct” is more likely to mean that the NSA is receiving data sent to them deliberately by the tech companies, as opposed to intercepting communications as they’re transmitted to some other destination. That’s not inconsistent with tech company lawyers scrutinizing each request before complying with it.

Does that mean there’s nothing to worry about?
While the NSA may not have unfettered access to tech companies’ servers, there are still serious questions about the breadth of the information the government is collecting, and whether that information is subject to appropriate judicial oversight. FISA orders are not search warrants under the Fourth Amendment, and the FISA Amendments Act doesn’t require the government to show probable cause to believe that the target of surveillance has committed a crime.

Defenders of the NSA’s activities argue the Fourth Amendment doesn’t apply because FISA orders only target non-Americans. Instead of showing probable cause to a judge, Section 702 of FISA allows senior Obama administration officials to “authorize” the “targeting of persons reasonably believed to be located outside the United States.” The surveillance may not “intentionally target” an American, but the NSA can obtain the private communications of Americans as part of a request that officially “targets” a foreigner.

The Supreme Court has yet to rule on the constitutionality of these provisions. In February, the Supreme Court threw out a legal challenge to the law because the plaintiffs couldn’t prove that they had personally been the target of surveillance. It’s not clear whether any of the recent revelations will give FISA opponents enough evidence to convince a court to rule on the program’s merits.

FISA only allows targeting of foreigners. That means it can’t use FISA orders to read Americans’ e-mails, right?

The “targeting” rule may not protect Americans as much as it might seem. Last week’s revelation that the government used an obscure provision of the Patriot Act to obtain records of every phone call on Verizon’s network with a single court order suggests that the government is willing to adopt permissive interpretations of the law.

According to the Times, “FISA orders can range from inquiries about specific people to a broad sweep for intelligence, like logs of certain search terms.” In one case, an NSA agent “installed government-developed software on the company’s server and remained at the site for several weeks to download data to an agency laptop.” In other cases, the government has sought “real-time transmission of data, which companies send digitally.”

So a FISA order might “target” a suspected terrorist, but also request access to the private data from all of the target’s associates — some of whom might happen to live in the United States.

In its initial report on PRISM, The Washington Post said that NSA analysts use search queries “designed to produce at least 51 percent confidence in a target’s ‘foreignness.’ ” Training materials advise new analysts that “it’s nothing to worry about” if they accidentally collect U.S. content.
And even if the NSA is only collecting foreigners’ communications, that doesn’t rule out abusive surveillance. For example, the environmental nonprofit organization Greenpeace has been targeted for surveillance by the NSA in the past. The organization is based outside the United States, but it has many U.S. members who might not appreciate having their government spy on its activities.
 
From the NSA Director's appearance in front of the Senate Committee.

(I think he makes a really good beer. I like it. I like it a lot.  ;D )

NSA director says surveillance programs thwarted ‘dozens’ of attacks

http://www.washingtonpost.com/politics/nsa-director-says-surveillance-thwarted-dozens-of-attacks/2013/06/12/d1297190-d396-11e2-a73e-826d299ff459_story.html?hpid=z1

The head of the National Security Agency said Wednesday that his agency’s extensive electronic surveillance programs have played a critical role in thwarting “dozens” of terrorist attacks aimed at U.S. targets and abroad.

Gen. Keith Alexander, in making the assertion, cited the two intelligence collection programs that have been the focus of public scrutiny in recent days, one that allows the government to collect the call records of millions of Americans from U.S. telecommunications companies and another that collects Internet records.

In testimony before the Senate Appropriations Committee, he cited in particular the cases of Najibullah Zazi, an Afghan American who pleaded guilty to planning suicide attacks in New York, and Pakistani American David Headley, who conducted surveillance in support of the 2008 attacks in Mumbai, India, which killed more than 160 people. In both instances, he said, the Internet data-mining program helped unravel the plots.

The Obama administration had defended its extensive collection of telephone and Internet records amid a political furor over the surveillance that has consumed Washington for the past week. It follows disclosures in the The Washington Post and the Guardian newspaper.

President Obama last week said he would welcome a public debate over the surveillance, saying Americans will have to sacrifice some privacy for the sake of security. Alexander vowed to quickly make public records that show the success of the phone program in preventing attacks.

“I don’t have those figures today,” he said. “Over the next week it will be our intent to get those figures out...I want the American people to know we’re being transparent here.’’

The order that allowed for the NSA collection of phone records of millions of Americans was based on Section 215 of the Patriot Act, which allows law enforcement to obtain a wide variety of “business records,” including calling records. The program collects customer “metadata,” including the phone numbers dialed and the length of calls, which is used by intelligence analysts to detect patterns and personal connections, on every phone call made or received by U.S. customers of major American phone companies.

The principal source of the recent revelations was Edward Snowden, a 29-year-old NSA contractor who has worked for several government agencies.

A senior intelligence official said Wednesday that the CIA has opened an internal investigation to determine what Snowden was involved in when he worked there. Separately, the Office of the Director of National Intelligence has ordered a damage assessment following Snowden’s disclosures, which he acknowledged on Sunday in interviews with the Post and the Guardian.

“Obviously, Mr. Snowden’s actions over the past week-plus are generating a lot of activity on the part of the intelligence community and the CIA (in terms of taking) a look back and seeing what we can learn about just what he may have been involved in, and also see if there are some lessons we can learn,” said the official, who spoke on condition of anonymity to discuss an ongoing inquiry.

CIA officials did not dispute that Snowden was a CIA employee, though they could not say exactly when he worked there. After leaving the agency, he worked for the technology company Dell and later for Booz Allen Hamilton, the consulting firm. While working for Booz Allen earlier this year, he was assigned to the National Security Agency Threat Center in Honolulu, where he is believed to have downloaded highly classified material, including information about widespread surveillance programs run by the NSA.
 
And more of the obvious from Mr. Snowden.

NSA leaker Edward Snowden: U.S. targets China with hackers

http://www.washingtonpost.com/business/economy/snowden-wants-people-of-hong-kong-to-decide-my-fate/2013/06/12/a69e94ee-d370-11e2-a73e-826d299ff459_story.html?hpid=z1

HONG KONG — Edward Snowden, the self-confessed leaker of secret surveillance documents, claimed Wednesday that the United States has mounted massive hacking operations against hundreds of Chinese targets since 2009.

The former contractor, whose work at the National Security Agency gave him access to highly classified U.S. intelligence, made the assertions in an interview with the South China Morning Post. The newspaper said he showed it “unverified documents” describing an extensive U.S. campaign to obtain information from computers in Hong Kong and mainland China.

“We hack network backbones — like huge Internet routers, basically — that give us access to the communications of hundreds of thousands of computers without having to hack every single one,” he told the newspaper.

According to Snowden, the NSA has engaged in more than 61,000 hacking operations worldwide, including hundreds aimed at Chinese targets. Among the targets were universities, businesses and public officials.

The interview was the first time Snowden has surfaced publicly since he acknowledged in interviews with The Washington Post and Britain’s Guardian newspaper Sunday that he was responsible for disclosing classified documents outlining extensive U.S. surveillance efforts in the United States.

Senior American officials have accused China of hacking into U.S. military and business computers. Snowden’s claims of extensive U.S. hacking of Chinese computers tracks assertions made repeatedly by senior Chinese government officials that they are victims of similar cyber-intrusions.

Snowden’s claims could not be verified, and U.S. officials did not respond to immediate requests for comment.

In the interview with the Morning Post posted online late Wednesday, Snowden said he stood by his decision to seek asylum in Hong Kong, a semiautonomous city, after leaking documents about a high-level U.S. surveillance program.

“People who think I made a mistake in picking Hong Kong as a location misunderstood my intentions,” he said in the interview. “I am not here to hide from justice; I am here to reveal criminality.”

He added, “I have had many opportunities to flee HK, but I would rather stay and fight the United States government in the courts, because I have faith in Hong Kong’s rule of law.”

By speaking with Hong Kong’s oldest English-language newspaper, Snowden seemed to be directly addressing the city he has chosen as his safe harbor. And by disclosing that he possesses documents that he says describe U.S. hacking against China, he appeared to be trying to win support from the Chinese government.

Snowden told the Hong Kong newspaper that he was describing what he says are U.S. cyber attacks on Chinese targets to illustrate “the hypocrisy of the U.S. government when it claims that it does not target civilian infrastructure, unlike its adversaries.”

Some in Hong Kong are responding to his campaign. A rally is being organized Saturday to support the 29-year-old former government contractor, who has been in the city since May 20. A Web site, www.supportsnowden.org, has been set up with details about the event, which will include speeches from human rights activists and local legislators.

Activists in Hong Kong said they admired Snowden’s effort to shed light on his government’s practices.

“He is a brave man. The authorities cannot use the ‘anti-terrorism’ excuse to invade people’s privacy without boundaries,” said Yang Kuang, a prominent Hong Kong activist. “I hope more and more people will stand out and expose such practices.”

Snowden said in his interview that he has “been given no reason to doubt [Hong Kong’s] legal system.”

“My intention is to ask the courts and people of Hong Kong to decide my fate,” Snowden said.

Snowden is up against an extradition treaty between the United States and Hong Kong that many view as being clear — that in the vast majority of cases, Hong Kong must cooperate with U.S. government requests for help apprehending suspected criminals.

The United States has yet to file a formal extradition request, although there are other ways for the governments to be cooperating.

James To Kun-sun, a Hong Kong legislator and solicitor, said that even without an extradition request, the United States can ask Hong Kong law enforcement to watch Snowden while the U.S. Justice Department moves on its investigation. The FBI has a legal attache in Hong Kong, and Snowden has also identified a CIA presence in the city.

“I suspect in this case . . . the FBI tells the HK police, ‘The request will be very soon,’ and [they can] ask police to keep an eye on him,” Kun-sun said.

Once an extradition request is received, a judge here will decide whether it falls under the treaty and whether Hong Kong law enforcement should help the United States by, for example, collecting evidence or carrying out an arrest. Snowden could also appeal any decision, so the process could be drawn out.

“As long as I am assured a free and fair trial, and asked to appear, that seems reasonable,” Snowden said in the interview.

He added that he plans to stay in Hong Kong as long as the city will have him.
 
devil39 said:
Nemo888,

While an interesting debate as to motives and responsibilities, with an opinion like that I hope you don't have a security clearance. 

I would assume he has sworn an oath to his nation.  This is not how one should deal with issues of National Security and Policy when it does not agree with matters of personal conscience/morals in the realm of national security.  Presidents and National Security Advisors get paid to make these types of decisions.  The nation gets to elect the President.  (my bold and italics in the quote)

When I was in the Ph with family I was going to travel to a very beautiful unspoiled reef. I was told it was infested with rebels and so began collecting firearms from my father-in-laws villa in a rather gleeful fashion. My wife and her sister looked on in horror. I still did not get it. They had to explain to me that such a risk was inappropriate especially considering I have a child. I'm embarrassed that I was so out of it I was going to bring my daughter with me. A fun day with the family on the reef armed to the teeth ready for a gunfight. It then occurred to me that the army makes you a bit skewed. We need a broad base of opinions from which to make solid judgements. That commenter was smart, distrusted authority and I have a soft spot for dirty hippies.

I think these policies should not be made in secret. I want people to know the real cost and take responsibility. Most people are fine with data collection as long as it has limited access. On the other hand Vice Presidents drawing up kill lists with no congressional, judicial or CIA oversight is not a functioning Democracy anymore. I don't really care about data collection. It has been here longer than I've been alive and as I realized earlier today is an amazing cultural achievement. I do want to go back to the days when Special Forces commanders complained about red tape. The killing has gotten a bit out of hand. From a doctrine standpoint it is becoming counter productive. Our enemies have programs too. They often call their failed attempts with barely literate morons "Operation Hemorrhage". They want to make us over react. It is very effective. We are broke and when I travel most of the world thinks we are no better than China or the Russians. This depresses me. When I grew up we were better than that.

Also private contractors have many customers. The products they develop for the NSA can also be retooled for other regimes as we saw in Libya. These tools are also contracted out to corporations to spy on business rivals. The adverse outcomes become quite obvious. A debate is necessary. Without them there is no democracy.
 
Nemo888 said:
On the other hand Vice Presidents drawing up kill lists with no congressional, judicial or CIA oversight is not a functioning Democracy anymore. I don't really care about data collection. It has been here longer than I've been alive and as I realized earlier today is an amazing cultural achievement. I do want to go back to the days when Special Forces commanders complained about red tape. The killing has gotten a bit out of hand.

If you are speaking of warfare why would the Vice President need authority.  Authority could be delved much lower than that and I don't think you should assume that there is no oversight either.  It is not like the VP has 20 TVs with an X-box controller with 24/7 satellite/UAV feeds in his bedroom... or does he?  :worms:

Your comment about wishing the red tape be brought back.  I am guessing that you will get much adversity to that.  Let's go back the stats you posted a while back.  I don't know how true they are, but I'll play with them anyway.

Nemo888 said:
The system had many checks and balances. I'll use one of the first Delta team shooters who became a head of the GWOT Lieutenant General William G. "Jerry" Boykin as a public source. in the 80's and 90's he complained bitterly about only getting approval for roughly 10% of possible targets.  After 9/11 that went to almost 100% and both congressional and CIA oversight was removed as power shifted to the Pentagon. By 2003 at least 3000 persons in 100 countries were disappeared or captured.

First you mention that only 10% missions were appproved and you seem to think that is good.  Most military minds would disagree, and they would see it as 90% of potential threats didn't get interrogated.  The stats also conveniently leave out how many of those 90% turned out to be actual threats.

Next you mention 3000 persons captured in 100 countries over 2 years(ish).  OK, I'll play along.  That's 3000/730 days = 4.1/day, which is not so much in my mind, considering it was world wide.  Now let's assume again that 3000 is a high number and I will skew this in favour of your argument.  Of those well guess high and say 1/5 was a wrongful capture, that's now 600 wrongful captures, still a high number.  And of those we'll say that 1/10 turned out to be a bad deal i.e. the wrong people got hurt or killed.  Once again I believe these numbers to be exaggerated in your favour.  That is a fraction of a fraction 1/5 x 1/10 x 3000= 60 wrongfully hurt or killed persons.  60/3000 or 2% (remember that is an exaggerated guess).  Still think that is too high?  I ask this then.  What if we used conventional kinetic methods to retrieve these 3000 persons?  Do you think the innocent casualty rate would be higher than 60?  I do.

I am not saying your are wrong, but beware of stats.  They can be manipulated and emphasized anyway you want. 

You may have something on an ethical level, and if there is a higher power judging then maybe he did do the right thing.  Professionally, he did the wrong thing, although I do not categorize him in the same group as the wikileaks or other groups like that.

 
From the news reports coming out after the Senate and House got their in camera briefing from General Alexander today, many that loudly expressed concern of lax checks and balances are now satisfied with the system being robust enough to prevent abuse.

The biggest concern was the FISA courts being just a rubber stamp for the agencies. One former NSA general council commented that even though the stats from last year showed that 100% of the applications were approved by the courts, a significant majority of those approvals were "wire brushed" by the courts to cut back the scale of the request, to put in more stringent limits, or require more definitive background before approval was given.

So it seems that the concerns about agencies running rampant may been blown out or proportion by the pols, the media and the leaker himself.
 
cupper said:
From the news reports coming out after the Senate and House got their in camera briefing from General Alexander today, many that loudly expressed concern of lax checks and balances are now satisfied with the system being robust enough to prevent abuse.

The biggest concern was the FISA courts being just a rubber stamp for the agencies. One former NSA general council commented that even though the stats from last year showed that 100% of the applications were approved by the courts, a significant majority of those approvals were "wire brushed" by the courts to cut back the scale of the request, to put in more stringent limits, or require more definitive background before approval was given.

So it seems that the concerns about agencies running rampant may been blown out or proportion by the pols, the media and the leaker himself.

Corporate contractors have little oversight. Some even abuse the database to try and impress people to feel important. Rampant sounds about right to me.
http://www.youtube.com/watch?feature=player_embedded&v=3ux1hpLvqMw
 
Concerns about agencies are beside the point.

I do not want any level of government to record who is present when I speak with someone.

I do not want any level of government to record the address and return address of any piece of mail I send or receive.

I do not want any level of government to save a record of a telephone call I initiate or receive.

That technology has made the third one easier than the first two, does not suddenly make it appropriate.
 
Nemo888 said:
Corporate contractors have little oversight. Some even abuse the database to try and impress people to feel important. Rampant sounds about right to me.
http://www.youtube.com/watch?feature=player_embedded&v=3ux1hpLvqMw

There is a big difference between some peon douche trying to impress his douche friends, and the government investigating individuals or groups without legal justification.
 
Brad Sallows said:
Concerns about agencies are beside the point.

I do not want any level of government to record who is present when I speak with someone.

I do not want any level of government to record the address and return address of any piece of mail I send or receive.

I do not want any level of government to save a record of a telephone call I initiate or receive.

That technology has made the third one easier than the first two, does not suddenly make it appropriate.

But you are OK with you ISP and phone service collecting and keeping the same info?

And using that info for whatever purpose they deem necessary, including selling it to other companies for unknown purposes?
 
cupper said:
There is a big difference between some peon douche trying to impress his douche friends, and the government investigating individuals or groups without legal justification.

The problem is obviously that even lowly "peon douches" can abuse the database for things as unimportant as impressing douche friends. My problem isn't the government. It is that most of the work is farmed out to corporations with questionable and clearly divided loyalties and the even more questionable minions that subcontract for them.
 
More to society and personal privacy.

Are American Attitudes Toward Privacy Changing?

http://www.npr.org/player/v2/mediaPlayer.html?action=1&t=1&islist=false&id=191226108&m=191226087

LINDA WERTHEIMER, HOST:

Revelations this week that the government is tracking billions of email messages and phone calls have produced conflicting responses among Americans. Some are outraged that their government is spying on them. For others, it's more like, duh. The debate is bringing to the fore larger questions about our changing attitudes toward privacy.

And to talk about that, we've brought in NPR's social science correspondent Shankar Vedantam, who joins us regularly to discuss new research.

Shankar, welcome.

SHANKAR VEDANTAM, BYLINE: Hi, Linda.

WERTHEIMER: Now, in just the past few years, it seems as if Americans are more willing than ever to share fairly private portions of their personal lives online. But is that actual evidence that our attitudes toward privacy are changing?

VEDANTAM: That's really an interesting question, Linda, because when social scientists look at this empirically, they find that people actually don't want less privacy. People seem to want more privacy - at least they want more control over their privacy, and this is true of both younger, as well as older people. But when you look at that behavior, people seem to be revealing more than they used to. You know how much money they make, the status of their relationships, illnesses. So there's this disconnect between what people say they want in terms of privacy and what they actually seem to choose in terms of their privacy options. And, you know, it's sort of ironic that we're debating how the NSA is tracking how phone A calls phone B, because in many ways, marketers are well ahead of spies in this game. They've not only found ways to get much more private information out of us, ostensibly, it's without permission.

WERTHEIMER: We have heard a lot about how marketers make it hard for us to understand their privacy policies, so that inadvertently, we cannot control our privacy.

VEDANTAM: Yes, that's absolutely true. I think complicated privacy rules are very powerful in shaping people's behavior. At Carnegie Mellon University, Alessandro Acquisti, George Loewenstein and Lorrie Cranor have done a number of experiments exploring different dimensions of privacy. I talked to Acquisti. He told me that between 2005 and 2009, there was actually a decrease in willingness to share information on Facebook. But then in 2009, Facebook changed its privacy rules, and the sharing went back up. So, just because people don't like rules doesn't mean they don't follow the rules.

And it's not just rules. There are actually much more subtle ways in which people can be influenced. When we see other people disclosing private information, or we are led to believe that other people are disclosing private information, we may say we don't want to disclose our private information, but we end up doing it, anyway.

WERTHEIMER: So you're saying if I'm on Facebook and I see my friends sharing very personal information, say, about a breakup then I'll do it, too?

VEDANTAM: Yeah. Or I might reveal something about my child, or a problem that my child is encountering at school. I think what Acquisti is basically saying is that there are these unconscious biases that really are very powerful.

You know, there's another very clever technique that he's discovered. He initially assumed that when you're trying to get private information out of people, it's better to start by asking a trivial question and then slowly build up to more intrusive questions.

So what Acquisti did was he asked 30 questions for people, and they ranged all the way from the innocuous - have you ever left a light on in a room when you left the room - all the way up to: Have you ever had sex with the current partner of a friend?

And interestingly, what he found was exactly the opposite: people revealed much more when you asked them the most intrusive question first. Now, they didn't actually reveal the answer to that most intrusive question, but for every other question, they compared the next questions with the most intrusive question. And compared to revealing things about adultery, you know, questions about whether they'd falsified an insurance claim seemed much less intrusive.

And so when he asked the questions in decreasing orders of intrusiveness, he found nearly twice as many people admitted to falsifying an insurance claim, and nearly three times as many people said they hadn't told a partner about a sexually transmitted disease.

WERTHEIMER: So what do these researchers make of the controversy over the NSA surveillance?

VEDANTAM: You know, I asked a question about that, and what he said is that, you know, the cloak-and-dagger stuff really worked great in 1913 and maybe in 1963, but in 2013, people are much more likely to reveal their private information not when they're spied on, but when they feel they have total control over their information. That's when they let loose.

WERTHEIMER: That's Shankar Vedantam, who joins us regularly to talk about social science research. Shankar, thank you.

VEDANTAM: Thanks, Linda.

WERTHEIMER: You can follow him on Twitter @HiddenBrain. And while you're at it, you can follow this program @MorningEdition.
 
Nemo888 said:
The problem is obviously that even lowly "peon douches" can abuse the database for things as unimportant as impressing douche friends. My problem isn't the government. It is that most of the work is farmed out to corporations with questionable and clearly divided loyalties and the even more questionable minions that subcontract for them.

And my previous question applies here as well:

cupper said:
But you are OK with you ISP and phone service collecting and keeping the same info?

And using that info for whatever purpose they deem necessary, including selling it to other companies for unknown purposes?


But there is another aspect of your argument that does raise concerns, the considerable number of contractors that are employed by the government makes the keeping of secrets more difficult.

As Benjamin Franklin said: "Three can keep a secret, if two of them are dead."
 
cupper said:
From the news reports coming out after the Senate and House got their in camera briefing from General Alexander today, many that loudly expressed concern of lax checks and balances are now satisfied with the system being robust enough to prevent abuse.

The biggest concern was the FISA courts being just a rubber stamp for the agencies. One former NSA general council commented that even though the stats from last year showed that 100% of the applications were approved by the courts, a significant majority of those approvals were "wire brushed" by the courts to cut back the scale of the request, to put in more stringent limits, or require more definitive background before approval was given.

So it seems that the concerns about agencies running rampant may been blown out or proportion by the pols, the media and the leaker himself.

Here are the news clips I referenced in my previous post.

http://www.npr.org/templates/story/story.php?storyId=191400440

http://www.npr.org/2013/06/13/191400442/senator-nsa-program-expanded-beyond-original-vision

http://www.npr.org/2013/06/13/191226106/fisa-court-appears-to-be-rubberstamp-for-government-requests
 
The potential for abuse is quite massive. As pointed out, warentless serching is rolling for information, and allied with the escalating overreach of bureaucratic organs could lead to a situation where anyone at all could be at risk of being attacked for a politicized agenda. Canadians already should be familier with this throught the "Human Rights" kangaroo courts; the potential in the US is far worse:

http://www.wired.com/opinion/2013/06/why-i-have-nothing-to-hide-is-the-wrong-way-to-think-about-surveillance/

Why ‘I Have Nothing to Hide’ Is the Wrong Way to Think About Surveillance
BY MOXIE MARLINSPIKE06.13.136:30 AM

Photo: Dell’s Pics / Flickr
Suddenly, it feels like 2000 again. Back then, surveillance programs like Carnivore, Echelon, and Total Information Awareness helped spark a surge in electronic privacy awareness. Now a decade later, the recent discovery of programs like PRISM, Boundless Informant, and FISA orders are catalyzing renewed concern.

The programs of the past can be characterized as “proximate surveillance,” in which the government attempted to use technology to directly monitor communication themselves. The programs of this decade mark the transition to “oblique surveillance,” in which the government more often just goes to the places where information has been accumulating on its own, such as email providers, search engines, social networks, and telecoms.

Apologists will always frame our use of information-gathering services like a mobile phone plan or Gmail as a choice.
Both then and now, privacy advocates have typically come into conflict with a persistent tension, in which many individuals don’t understand why they should be concerned about surveillance if they have nothing to hide. It’s even less clear in the world of “oblique” surveillance, given that apologists will always frame our use of information-gathering services like a mobile phone plan or Gmail as a choice.

We Won’t Always Know When We Have Something To Hide
As James Duane, a professor at Regent Law School and former defense attorney, notes in his excellent lecture on why it is never a good idea to talk to the police:

Estimates of the current size of the body of federal criminal law vary. It has been reported that the Congressional Research Service cannot even count the current number of federal crimes. These laws are scattered in over 50 titles of the United States Code, encompassing roughly 27,000 pages. Worse yet, the statutory code sections often incorporate, by reference, the provisions and sanctions of administrative regulations promulgated by various regulatory agencies under congressional authorization. Estimates of how many such regulations exist are even less well settled, but the ABA thinks there are ”nearly 10,000.”

If the federal government can’t even count how many laws there are, what chance does an individual have of being certain that they are not acting in violation of one of them?

As Supreme Court Justice Breyer elaborates:

The complexity of modern federal criminal law, codified in several thousand sections of the United States Code and the virtually infinite variety of factual circumstances that might trigger an investigation into a possible violation of the law, make it difficult for anyone to know, in advance, just when a particular set of statements might later appear (to a prosecutor) to be relevant to some such investigation.

For instance, did you know that it is a federal crime to be in possession of a lobster under a certain size? It doesn’t matter if you bought it at a grocery store, if someone else gave it to you, if it’s dead or alive, if you found it after it died of natural causes, or even if you killed it while acting in self defense. You can go to jail because of a lobster.

If the federal government had access to every email you’ve ever written and every phone call you’ve ever made, it’s almost certain that they could find something you’ve done which violates a provision in the 27,000 pages of federal statues or 10,000 administrative regulations. You probably do have something to hide, you just don’t know it yet.


Moxie Marlinspike
A security researcher who has published numerous attacks on SSL and other secure protocols, Moxie Marlinspike was formerly the director of application security at Twitter and co-founder and CTO of Whisper Systems.

We Should Have Something To Hide
Over the past year, there have been a number of headline-grabbing legal changes in the U.S., such as the legalization of marijuana in Colorado and Washington, as well as the legalization of same-sex marriage in a growing number of U.S. states.

As a majority of people in these states apparently favor these changes, advocates for the U.S. democratic process cite these legal victories as examples of how the system can provide real freedoms to those who engage with it through lawful means. And it’s true, the bills did pass.

What’s often overlooked, however, is that these legal victories would probably not have been possible without the ability to break the law.

The state of Minnesota, for instance, legalized same-sex marriage this year, but sodomy laws had effectively made homosexuality itself completely illegal in that state until 2001. Likewise, before the recent changes making marijuana legal for personal use in Washington and Colorado, it was obviously not legal for personal use.

Imagine if there were an alternate dystopian reality where law enforcement was 100% effective, such that any potential law offenders knew they would be immediately identified, apprehended, and jailed. If perfect law enforcement had been a reality in Minnesota, Colorado, and Washington since their founding in the 1850s, it seems quite unlikely that these recent changes would have ever come to pass. How could people have decided that marijuana should be legal, if nobody had ever used it? How could states decide that same sex marriage should be permitted, if nobody had ever seen or participated in a same sex relationship?

If everyone’s every action were being monitored, and everyone technically violates some obscure law at some time, then punishment becomes purely selective.

The cornerstone of liberal democracy is the notion that free speech allows us to create a marketplace of ideas, from which we can use the political process to collectively choose the society we want. Most critiques of this system tend to focus on the ways in which this marketplace of ideas isn’t totally free, such as the ways in which some actors have substantially more influence over what information is distributed than others.

The more fundamental problem, however, is that living in an existing social structure creates a specific set of desires and motivations in a way that merely talking about other social structures never can. The world we live in influences not just what we think, but how we think, in a way that a discourse about other ideas isn’t able to. Any teenager can tell you that life’s most meaningful experiences aren’t the ones you necessarily desired, but the ones that actually transformed your very sense of what you desire.

We can only desire based on what we know. It is our present experience of what we are and are not able to do that largely determines our sense for what is possible. This is why same sex relationships, in violation of sodomy laws, were a necessary precondition for the legalization of same sex marriage. This is also why those maintaining positions of power will always encourage the freedom to talk about ideas, but never to act.

Technology and Law Enforcement
Law enforcement used to be harder. If a law enforcement agency wanted to track someone, it required physically assigning a law enforcement agent to follow that person around. Tracking everybody would be inconceivable, because it would require having as many law enforcement agents as people.

Those in power will essentially have what they need to punish anyone they’d like, whenever they choose, as if there were no rules at all.
Today things are very different. Almost everyone carries a tracking device (their mobile phone) at all times, which reports their location to a handful of telecoms, which are required by law to provide that information to the government. Tracking everyone is no longer inconceivable, and is in fact happening all the time. We know that Sprint alone responded to eight million pings for real time customer location just in 2008. They got so many requests that they built an automated system to handle them.

Combined with ballooning law enforcement budgets, this trend towards automation, which includes things like license plate scanners and domestically deployed drones, represents a significant shift in the way that law enforcement operates.

Police already abuse the immense power they have, but if everyone’s every action were being monitored, and everyone technically violates some obscure law at some time, then punishment becomes purely selective. Those in power will essentially have what they need to punish anyone they’d like, whenever they choose, as if there were no rules at all.

Even ignoring this obvious potential for new abuse, it’s also substantially closer to that dystopian reality of a world where law enforcement is 100% effective, eliminating the possibility to experience alternative ideas that might better suit us.

Compromise
Some will say that it’s necessary to balance privacy against security, and that it’s important to find the right compromise between the two. Even if you believe that, a good negotiator doesn’t begin a conversation with someone whose position is at the exact opposite extreme by leading with concessions.

We’re not dealing with a balance of forces looking for the perfect compromise between security and privacy, but an enormous steam roller.
And that’s exactly what we’re dealing with. Not a balance of forces which are looking for the perfect compromise between security and privacy, but an enormous steam roller built out of careers and billions in revenue from surveillance contracts and technology. To negotiate with that, we can’t lead with concessions, but rather with all the opposition we can muster.

All the Opposition We Can Muster
Even if you believe that voting is more than a selection of meaningless choices designed to mask the true lack of agency we have, there is a tremendous amount of money and power and influence on the other side of this equation. So don’t just vote or petition.

To the extent that we’re “from the internet,” we have a certain amount of power of our own that we can leverage within this domain. It is possible to develop user-friendly technical solutions that would stymie this type of surveillance. I help work on Open Source security and privacy apps at Open Whisper Systems, but we all have a long ways to go. If you’re concerned, please consider finding some way to directly oppose this burgeoning worldwide surveillance industry (we could use help at Open Whisper Systems!). It’s going to take all of us.
 
Thucydides said:
The potential for abuse is quite massive. As pointed out, warentless serching is rolling for information, and allied with the escalating overreach of bureaucratic organs could lead to a situation where anyone at all could be at risk of being attacked for a politicized agenda. Canadians already should be familier with this throught the "Human Rights" kangaroo courts; the potential in the US is far worse:

http://www.wired.com/opinion/2013/06/why-i-have-nothing-to-hide-is-the-wrong-way-to-think-about-surveillance/

"The more corrupt the state, the more numerous the laws." Tacticus, AD 100
 
I just heard on the (CBC Radio) news that the UK has warned international air carriers to not attempt to transport Mr. Snowden to he UK. The report says that he is unlikely to be admitted and any airline that brings him will be subject to hefty fines.
 
>But you are OK with you ISP and phone service collecting and keeping the same info?

Yes; it is billing information.  However, I doubt they have a capability or desire to retain it "forever".

>And using that info for whatever purpose they deem necessary, including selling it to other companies for unknown purposes?

I'd prefer not, but if those are the terms, I can change providers or do without.

Here's the interesting thing: government should be setting limits on records retention and exchange of information (as in "no"), not saying "me too".
 
Brad,

It seems you would like the government to choose the do nothing COA in their efforts to combat crime and warfare.  Our current request and approval systems for tapping don't stand a chance against the speed and adaptability of the internet.  It is time to upgrade our security and this is the first step.

I don't get the paranoia argument.  Authorities are busy enough with legitimate concerns to worry about what people bought online at crappy tire or that fact that they called their cousin 3 times last week.

I do agree that the outsourcing has probably gotten out of control.  Especially when these agencies willfully withhold and hoard information to ensure that they get the credit.  It has become a competitive space rather than a collaborative one. 
 
As a gun owner and working as Public Servant, my trust in government is quite low. Some of the abuse is malicious, some is out of laziness and other is out a belief that rights are obstacles to a smoothly running bureaucracy and can be ignored for the most part.
 
Back
Top