Privacy, Security & Government Surveillance

Awesome:

By loosenut (Seattle, WA) I was a little disappointed when I first bought this item, because the functionality is limited. My 5 year old son pointed out that the passenger’s shoes cannot be removed. Then, we placed a deadly fingernail file underneath the passenger’s scarf, and neither the detector doorway nor the security wand picked it up. My son said “that’s the worst security ever!”. But it turned out to be okay, because when the passenger got on the Playmobil B757 and tried to hijack it, she was mobbed by a couple of other heroic passengers, who only sustained minor injuries in the scuffle, which were treated at the Playmobil Hospital. The best thing about this product is that it teaches kids about the realities of living in a high-surveillance society. My son said he wants the Playmobil Neighborhood Surveillance System set for Christmas. I’ve heard that the CCTV cameras on that thing are pretty worthless in terms of quality and motion detection, so I think I’ll get him the Playmobil Abu-Gharib Interrogation Set instead (it comes with a cute little memo from George Bush).

My fianceé wants to know if it comes with miniature plastic baggies for putting your miniature miniature bottles of shampoo in.

They ought to make John Gilmore and Bruce Schneier action figures to go with it.

As to the spin that applying for a REAL ID extension amounts to planning for compliance, nothing takes the cake quite like an email that was forwarded to me today. Because I can’t find an online version, I’ve screen-capped the relevant part of an email sent out by Digimarc lobbyist Mark Rhoads:

For reference, here is the relevant language from the regulation. You can infer from this what everyone involved in the process knows – the extension to December 31, 2009 is a free pass. It requires no statement of compliance, and it has been given to states that will not comply:

Sec. 37.63 Extension of deadline. (a) A State may request an initial extension by filing a request with the Secretary no later than March 31, 2008. In the absence of extraordinary circumstances, such an extension request will be deemed justified for a period lasting until, but not beyond, December 31, 2009. DHS shall notify a State of its acceptance of the State’s request for initial extension within 45 days of receipt. (b) States granted an initial extension may file a request for an additional extension until no later than May 10, 2011, by submitting a Material Compliance Checklist demonstrating material compliance, per Sec. 37.51(b) with certain elements of subparts A through E as defined by DHS. Such additional extension request must be filed by October 11, 2009. DHS shall notify a State whether an additional extension has been granted within 45 days of receipt of the request and documents described above. (c) Subsequent extensions, if any, will be at the discretion of the Secretary.

No state will comply with the REAL ID Act’s requirement to begin issuing a national ID by the forthcoming statutory deadline, May 11th.

Because of this, the Department of Homeland Security is giving states deadline extensions just for the asking. Interestingly, it’s turning around and spinning the acceptance of those extensions as commitments to comply. Many of the states shown in green on this map have passed statutes outright refusing to implement the law. (For readers new to planet earth, the color green typically means “go.” Green is at least a strange choice of color for states which have legally barred themselves from issuing the DHS’ national ID.)

With her state – the first in the nation to pass anti-REAL ID legislation – considering refusing even the deadline extension, Senator Susan Collins (R-ME) is once again working with DHS in support of the national ID law.

She has written a letter to the governor of her state, asking him to go ahead and take the waiver, playing into the DHS strategy. Followers of REAL ID know that delaying implementation helps a national ID go forward by giving the companies and organizations that sustain themselves on these kinds of projects time to shake the federal money tree and get this $11 billion surveillance mandate funded.

The cumulative profit margin of the airline industry is less than 1%. Should even a single state refuse to accept this national ID mandate, the airline industry, airport operators (faced with reconfiguring their operations), and travelers groups would be on the Hill in an instant. The Congress would have to revisit the issue.

Evidently, Senator Collins doesn’t want to risk the chance of an up-or-down vote on whether the U.S. should have a national ID. Her work behind the scenes in favor of REAL ID reveals where she stands.

Despite the similarity in our names, I’m afraid we at TLF can’t take credit for the Billboard Liberation Front’s prank on AT&T. I’m normally a stickler for property rights, but I can’t get too worked up about this:

AT&T initially downplayed its heroic efforts in the War on Terror, preferring to serve in silence behind the scenes. “But then we realized we had a PR win on our hands,” noted AT&T V.P. of Homeland Security James Croppy. “Not only were we helping NSA cut through the cumbersome red tape of the FISA system, we were also helping our customers by handing over their e-mails and phone records to the government. Modern life is so hectic – who has time to cc the feds on every message? It’s a great example of how we anticipate our customers’ needs and act on them. And, it should be pointed out, we offered this service free of charge.” Commenting on the action, and responding to questions about pending privacy litigation and the stalled Congressional effort to shield the telecoms from these lawsuits, NSA spokesperson [REDACTED] remarked: “[REDACTED] we [REDACTED] condone [REDACTED] warrantless [REDACTED], [REDACTED] SIGINT intercepts, [REDACTED] torture [REDACTED] information retrieval by [REDACTED] means necessary.”

Hat tip: Brian Doherty via Julian

The Institute for Health Freedom says that Google’s personal health records system gives consumers greater control over privacy than the rules issued under the Health Insurance Portability and Accountability Act. That should be no surprise:

“. . . [B]eing covered under HIPAA rules does not guarantee privacy; rather it gives government and the health-care industry control over your personal health information,” says Sue Blevins, founder and president of the Institute for Health Freedom.

Equal parts credit go to Google and discredit to the HIPAA law. No better proof is needed that legislation and regulation are no way to get privacy protection.

This has got to be the best defense of warrantless wiretapping I’ve seen yet:

One seems to forget what FISA stands for—Foreign Intelligence Surveillance Act. “Foreign” doesn’t stand for “Americans”. But another mass-casualty terrorist attack might be unavoidable for Democrats, because it involves “nonviolations of the nonrights of nonAmericans” (Rich Lowry/ TownHall). FISA gave the government a way to monitor foreign communications and to act. But it requires a warrant to do so. The Protect America Act changed that–temporarily.

Don’t you understand?!? If the word “foreign” is in the bill’s title, then it only applies to foreigners! Kind of like how the title of the No Child Left Behind Act guaranteed that Pres. Bush’s education agenda would succeed in educating every child. It’s amazing how dense these left-wingers can be.

Gary D. Barnett at the Libertarian Future of Freedom Foundation sounds the alarm about InfraGard, a collaboration between the FBI and private-sector people interested in security. Barnett paints InfraGard as a sinister effort by the FBI to get private information about American citizens.

Jim Lippard has a different perspective, explaining in some detail what InfraGard does, and convincing me, at least, that there’s nothing especially sinister going on. It’s perfectly legitimate for law enforcement to cooperate with the private sector to inform one another of potential security threats. Obviously, companies shouldn’t disclose their customers’ private information without a warrant, but Barnett offers no evidence that companies do that as part of InfraGard. It’s great that Barnett is working to ferret out potential threats to Americans’ privacy, but it looks like he might have raised the alarm prematurely in this case.

Gene Healy and I have an op-ed in the OC Register today giving some historical background on the FISA debate:

The Senate voted Feb. 12 to authorize warrantless domestic surveillance of Americans’ international phone calls and e-mails. Unlike the legislation the House passed in November, the Senate version allows the government to spy on its own citizens’ international communications without meaningful judicial oversight. In 1976, a special Senate committee revealed massive abuses of power by the FBI, the National Security Agency and other government agencies. One notorious case was the FBI’s attempts to undermine and discredit Dr. Martin Luther King Jr. The bureau tapped King’s phones and bugged his hotel rooms. The FBI used the information in attempts to discredit King with churches, universities and the press. For three decades, the NSA obtained copies of virtually all telegrams to and from the United States without court oversight. The NSA also tapped international phone calls. From 1967-73, the NSA kept a “watchlist” of surveillance targets that included many Americans.

Congress passed FISA to make sure this sort of thing never happened again. If Congress eviscerates it, there’s a real danger that it will happen again.

Also today, my Slate piece is quoted on Speaker Pelosi’s blog.

The phrase you’re looking for is “the libertarian Cato Institute.”

Update: Incidentally, why are major media outlets like MSNBC so bad at getting embedding to work properly? I cut and pasted what MSNBC called the embed code for the above video into this post, and it didn’t cause my browser to display the video. Now, maybe I did something wrong, but web startups with much smaller budgets than MSNBC’s seem to have managed to implement embedding that I can use without difficulty. So why can’t big sites manage it?