snowden | Parasam

It’s still Snowing… (the thread on Snowden, NSA and lack of privacy continues…)

February 10, 2014 · by parasam

Just a short follow-up here: two more articles that relate to my observations on the unending revelations of data collection, surveillance, etc. by our friendly No Secrets Anymore agency…

The first article (here) relates how NSA whistleblower Edward Snowden used a common “webcrawler” software to comb through the NSA databases and download thousands of pages of classified information. The first thing I thought when reading this was “WTF! – How was this even possible inside what should be one of the most secure networks on the planet??” Turns out that even super-secret networks have rollout delays in deploying critical network monitoring software… (Snowden ran the webcrawler from a Hawaii field office instead of NSA central in Fort Meade, MD…)

The other article (here) is an odd clarification on how much metadata the NSA has been gathering on domestic phone calls – now we are told about 20% of all landline calls made, not the close to 100% that was earlier believed. In addition, we are told that not much bulk collection of cellphone calls is currently occurring, due to a restriction on collection of location information (which is normally embedded in the cellphone call record metadata). This raises an interesting question: since I doubt that many would-be terrorists install a landline (with the requisite time and details for commissioning) in order to make clandestine calls – what is the use of any landline collection (in bulk terms)? Isn’t this just a large waste of taxpayer time and funds that really will have no useful purpose?

What one may take away from these observations is that policy often gets in the way of efficient application of a process – in some cases allowing security leaks, and in other cases seriously diluting the desired effect of a surveillance plan. Many of the same issues that confront commercial entities also plague our (and others) governmental agencies…

NSA (No Secrets Anymore), yet another Snowden treatise, practical realities…

February 6, 2014 · by parasam

I really did intend to write about a different topic today… but this article in the New York Time (here) prompted this brief comment. Of course it was inevitable that a book (the first of several) would pop out of the publishing machine to review the NSA/Snowden privacy debacle – and presumably make some coin for the author… Disclosure: I have not yet read the book, but my comments are more around the general issue – not this particular retelling of this Orwellian story…

Again, without regard to the position of Snowden (or those like him) – traitor or whistleblower – the underlying issue is vitally important. The difficult balance between a nation/state’s “need to know” about supposedly private communications of their citizens – in order to ‘protect’ them against perceived threats; and the vital human ‘freedom’ of individual privacy – the lack of unauthorized and unknown surveillance by government or other commercial entities – is a subject that we collectively must not ignore. It is all of our responsibility to be informed: lack of knowledge is not an excuse for the day when your personal details are splattered all over a billboard…

As I have written before: while one may not be able to prevent the dispersal of some of your personal information, the knowledge that using the ‘internet’ is not free, and will inevitably result in the sharing of some of your information and data, is I believe a vitally important fact. Just as knowing that the speed limit on a US highway – in absence of a posted sign – is 55-65MPH (depending on the state in which you are speeding…) will prevent surprise if you are pulled over for driving faster – you shouldn’t be surprised if your browsing history shows up in future targeted advertising – or if you perform lots of web searches for plastic explosives, instructional papers for using cellphones to activate blasting caps, etc. – you may someday get a visit from some suits…

However – and this closing observation will hopefully reduce some of the paranoia and anxiety of online activity: re-read the last line of the quoted article “…the book also manages to leave readers with an acute understanding of the serious issues involved: the N.S.A.’s surveillance activities and voluminous collection of data, and the consequences that this sifting of bigger and bigger haystacks for tiny needles has had on the public and its right to privacy.” The critical bit is something that the NSA (and the GCHQ) is dealing with right now: the vast amount of data being gathered is making ‘sifting’ really, really difficult. Finding your 100-word e-mail in literally trillions and trillions of mails, pictures, files, etc. etc. is becoming wretchedly difficult – even the massively powerful supercomputers of the NSA are choking on this task. Hidden in plain sight…

Privacy: a delusion? a right? an ideal?

February 3, 2014 · by parasam

With all of the ‘exploits’ of the NSA and their brethren agencies concerning the “intelligence data” gathering process in the news recently, I wanted to expand on a post I wrote some time ago (here) on the “Perception of Privacy” – although that post was more narrowly focused on privacy as it relates to photography. Without regard to the legality or morality of Edward Snowden’s activities [or similar activities that have shed light on what our collective governments have been doing in terms of ‘snooping’] (I’ll reserve that for a future post) – I want to address the notion of ‘privacy’ in our changing world.

Privacy ultimately implies a separation of thought, speech, activity or other action from the larger world around one. If one reviews your Greek history, the Cynics (one of the three Schools that came from Socrates, Plato, Aristotle) were perhaps the best example of way of life in which there was no privacy. They practiced living with complete “shameless behavior” and did everything in public – not to shock, but to rather exercise indifference to the societal norms and rise above them. However, most cultures have evolved into a balance of public and private activity – although with a substantial variation on what is acceptable “public behavior.”

The issue at hand today with our beliefs around privacy of communications (whether voice or data) is around our “expectation of privacy.” If we post a public comment on Facebook or the New York Times web site, we have no reasonable expectation of privacy and therefore are not worried if this communication is shared or observed by others. However, if we send an e-mail to single recipient, or converse on the telephone with a family member, we have a reasonable expectation of privacy – and would be upset if this communication was shared with others (such as government agencies, etc.) – when there is no pre-existing reason for such a violation of privacy.

The big difference – and the root of much of the dialog currently regarding online privacy – is that various companies (mostly ad based or other big data firms), or nation-state governmental agencies have taken the position that extracting and storing virtually all possible data from communications within their reach is ethical, potentially useful, and profitable. From a governance pov the position is that if we have all this data on hand, then we can review it if we come to believe that person X has potentially violated some standard of behavior and is therefore deserving of surveillance. The commercial position (Big Data) is that the more we know about everyone, the better we can target commercial opportunities – or perhaps protect certain company’s profits [health/life insurance firms, corporate employment, financial institutions will all argue in favor of knowing everything possible about their potential customers].

There are a few problems with this philosophy: one of which is just practical and economic – the vast amount of storage capacity that unfocused data gathering requires. Eventually someone has to pay for all those hard disks… with one of the latest methodologies that has been revealed (harvesting of data from ‘leaky apps’ on mobile devices) generating terabytes of data per hour just from this type of activity – the scope of this data storage dilemma is becoming quite large. When you fill out one of those annoying forms when you sign up to WhatsApp (for example), are you aware that your e-mail address, cellphone number, and potentially your entire contact list is shared and propagated to a huge slew of firms outside of WhatsApp? Including Washington, D.C.? Everything from Angry Birds to top newspaper and television firms that use apps for mobile connectivity have been shown to basically have no safeguards whatsoever in terms of subscriber data privacy.

This is a new and relatively unknown issue for courts, philosophers, commercial firms, governments and their subject citizens to wrestle with. It will take some time for a collective rationale to emerge – and whatever balance between real privacy (almost impossible to have in a highly connected society) and public forum is achieved will vary widely from culture to culture. I’ll continue to observe and post on this topic, but comments are welcome.