Privacy, Security & Government Surveillance

Why the Lawsuit Challenging NSA Surveillance is Crucial to Internet Freedom

by Ryan Radia on July 16, 2013 · 3 comments

In June, The Guardian ran a groundbreaking story that divulged a top secret court order forcing Verizon to hand over to the National Security Agency (NSA) all of its subscribers’ telephony metadata—including the phone numbers of both parties to any call involving a person in the United States and the time and duration of each call—on a daily basis. Although media outlets have published several articles in recent years disclosing various aspects the NSA’s domestic surveillance, the leaked court order obtained by The Guardian revealed hard evidence that NSA snooping goes far beyond suspected terrorists and foreign intelligence agents—instead, the agency routinely and indiscriminately targets private information about all Americans who use a major U.S. phone company.

It was only a matter of time before the NSA’s surveillance program—which is purportedly authorized by Section 215 of the USA PATRIOT Act (50 U.S.C. § 1861)—faced a challenge in federal court. The Electronic Privacy Information Center fired the first salvo on July 8, when the group filed a petition urging the U.S. Supreme Court to issue a writ of mandamus nullifying the court orders authorizing the NSA to coerce customer data from phone companies. But as Tim Lee of The Washington Post pointed out in a recent essay, the nation’s highest Court has never before reviewed a decision of the Foreign Intelligence Surveillance Act (FISA) court, which is responsible for issuing the top secret court order authorizing the NSA’s surveillance program.

Today, another crucial lawsuit challenging the NSA’s domestic surveillance program was brought by a diverse coalition of nineteen public interest groups, religious organizations, and other associations. The coalition, represented by the Electronic Frontier Foundation, includes TechFreedom, Human Rights Watch, Greenpeace, the Bill of Rights Defense Committee, among many other groups. The lawsuit, brought in the U.S. district court in northern California, argues that the NSA’s program—aptly described as the “Assocational Tracking Program” in the complaint—violates the First, Fourth, and Fifth Amendments to the Constitution, along with the Foreign Intelligence Surveillance Act.

Continue reading →

3 comments

The NSA is screwing us on Internet governance

by Eli Dourado on July 15, 2013 · 11 comments

The New York Times reports:

The Russians, who with only minimal success, had for years sought to make these companies provide law enforcement access to data within Russia, reacted angrily. Mr. Gattarov formed an ad hoc committee in response to Mr. Snowden’s leaks.

Ostensibly with the goal of safeguarding Russian citizens’ private lives and letters from spying, the committee revived a long-simmering Russian initiative to transfer control of Internet technical standards and domain name assignments from two nongovernmental groups that control them today to an arm of the United Nations, the International Telecommunications [sic] Union.

It’s not immediately clear to me how moving Internet standards and DNS from IETF and ICANN to the ITU is supposed to stop the NSA from spying on Russians, so the smart read is that this is retaliation pure and simple.

Brazil’s foreign minister, Antonio Patriota, for example, a week ago endorsed the Russian proposal to transfer some control over Internet technical standards to the United Nations telecommunications agency.

While these are not major changes in policy positions, the NSA’s surveillance programs seem to be galvanizing those who want the ITU to take an active role in Internet governance. It’s time for the USA to practice what it preaches on Internet freedom.

11 comments

What Are We Going to Do after COPPA Fails?

by Adam Thierer on July 8, 2013 · 0 comments

This afternoon, Berin Szoka asked me to participate in a TechFreedom conference on “COPPA: Past, Present & Future of Children’s Privacy & Media.” [CSPAN video is here.] It was a in-depth, 3-hour, 2-panel discussion of the Federal Trade Commission’s recent revisions to the rules issued under the 1998 Children’s Online Privacy Protection Act (COPPA).

While most of the other panelists were focused on the devilish details about how COPPA works in practice (or at least should work in practice), I decided to ask a more provocative question to really shake up the discussion: What are we going to do when COPPA fails?

My notes for the event follow down below. I didn’t have time to put them into a smooth narrative, so please pardon the bullet points. Continue reading →

0 comments

Declan McCullagh on the NSA leaks

by Jerry Brito on June 18, 2013 · 0 comments

Declan McCullagh, chief political correspondent for CNET and former Washington bureau chief for Wired News, discusses recent leaks of NSA surveillance programs. What do we know so far, and what more might be unveiled in the coming weeks? McCullagh covers legal challenges to the programs, the Patriot Act, the fourth amendment, email encryption, the media and public response, and broader implications for privacy and reform.

Download

My take on Prism

by Eli Dourado on June 12, 2013 · 6 comments

Over at The Umlaut, I try to articulate why even people who have “nothing to hide” should be concerned about NSA surveillance:

I have no doubt that Prism is a helpful tool in combatting terrorism and enforcing the law, as the Obama administration claims. But ubiquitous surveillance doesn’t just help enforce the law; it changes the kinds of laws that can be enforced. It has Constitutional implications, not just because it violates the Fourth Amendment, which it does, but because it repeals a practical barrier to ever greater tyranny.

Read the whole thing, and pass it on.

6 comments

The Media’s Sound and Fury Over NSA Surveillance

by Larry Downes on June 10, 2013 · 1 comment

***Cross-posted from Forbes.com***

It was, to paraphrase Yogi Berra, déjà vu all over again. Fielding calls last week from journalists about reports the NSA had been engaged in massive and secret data mining of phone records and Internet traffic, I couldn’t help but wonder why anyone was surprised by the so-called revelations.

Not only had the surveillance been going on for years, the activity had been reported all along—at least outside the mainstream media. The programs involved have been the subject of longstanding concern and vocal criticism by advocacy groups on both the right and the left.

For those of us who had been following the story for a decade, this was no “bombshell.” No “leak” was required. There was no need for an “expose” of what had long since been exposed.

As the Cato Institute’s Julian Sanchez and others reminded us, the NSA’s surveillance activities, and many of the details breathlessly reported last week, weren’t even secret. They come up regularly in Congress, during hearings, for example, about renewal of the USA Patriot Act and the Foreign Intelligence Surveillance Act, the principal laws that govern the activity.

In those hearings, civil libertarians (Republicans and Democrats) show up to complain about the scope of the law and its secret enforcement, and are shot down as being soft on terrorism. The laws are renewed and even extended, and the story goes back to sleep.

But for whatever reason, the mainstream media, like the corrupt Captain Renault in “Casablanca,” collectively found itself last week “shocked, shocked” to discover widespread, warrantless electronic surveillance by the U.S. government. Surveillance they’ve known about for years.

Let me be clear. As one of the long-standing critics of these programs, and especially their lack of oversight and transparency, I have no objection to renewed interest in the story, even if the drama with which it is being reported smells more than a little sensational with a healthy whiff of opportunism. Continue reading →

1 comment

My Filing to the FTC in its ‘Internet of Things’ Proceeding

by Adam Thierer on May 31, 2013 · 0 comments

In mid-April, the Federal Trade Commission (FTC) requested comments regarding “the consumer privacy and security issues posed by the growing connectivity of consumer devices, such as cars, appliances, and medical devices” or the so-called “Internet of Things.” This is in anticipation of a November 21 public workshop that the FTC will be hosting on the same issue.

These issues are finally starting to catch the attention of the public and policymakers alike with the rise of wearable computing, remote home automation and monitoring technologies, smart grids, autonomous vehicles and intelligent traffic systems, and so on. The Internet of Things represents the next great wave of Internet innovation, but it also represents the next great battleground in the field of Internet policy.

I filed comments with the FTC today in this proceeding and made a few simple points about why they should proceed cautiously here. A summary of my filing follows. Continue reading →

0 comments

What Does It Mean to “Have a Conversation” about a New Technology?

by Adam Thierer on May 23, 2013 · 3 comments

My colleague Eli Dourado brought to my attention this XKCD comic and when tweeting it out yesterday he made the comment that “Half of tech policy is dealing with these people”:

The comic and Eli’s comment may be a bit snarky, but something about it rang true to me because while conducting research on the impact of new information technologies on society I often come across books, columns, blog posts, editorials, and tweets that can basically be summed up with the line from that comic: “we should stop to consider the consequences of [this new technology] before we …” Or, equally common is the line: “we need to have a conversation about [this new technology] before we…”

But what does that really mean? Certainly “having a conversation” about the impact of a new technology on society is important. But what is the nature of that “conversation”? How is it conducted? How do we know when it is going on or when it is over? Continue reading →

3 comments

The Best Essay on ‘The Right to be Forgotten’ That You Will Read This Year

by Adam Thierer on May 15, 2013 · 2 comments

The International Association of Privacy Professionals (IAPP) has been running some terrific guest essays on its Privacy Perspectives blog lately. (I was honored to be asked to submit an essay to the site a few weeks ago about the ongoing Do Not Track debate.) Today, the IAPP has published one of the most interesting essays on the so-called “right to be forgotten” that I have ever read. (Disclosure: We’ve written a lot here about this issue here in the past and have been highly skeptical regarding both the sensibility and practicality of the notion. See my Forbes column, “Erasing Our Past on the Internet,” for a concise critique.)

In her fascinating and important IAPP guest essay, archivist Cherri-Ann Beckles asks, “Will the Right To Be Forgotten Lead to a Society That Was Forgotten?” Beckles, who is Assistant Archivist at the University of the West Indies, powerfully explains the importance of archiving history and warns about the pitfalls of trying to censor history through a “right to be forgotten” regulatory scheme. She notes that archives “protect individuals and society as a whole by ensuring there is evidence of accountability in individual and/or collective actions on a long-term basis. The erasure of such data may have a crippling effect on the advancement of a society as it relates to the knowledge required to move forward.”

She concludes by arguing that:

From the preservation of writings on the great pharaohs to the world’s greatest thinkers and inventors as well as the ordinary man and woman, archivists recognise that without the actions and ideas of people, both individually and collectively, life would be meaningless. Society only benefits from the actions and ideas of people when they are recorded, preserved for posterity and made available. Consequently, the “right to be forgotten” if not properly executed, may lead to “the society that was forgotten.”

Importantly, Beckles also stresses the importance of individual responsibility and taking steps to be cautious about the digital footprints they leave online. “More attention should instead be paid to educating individuals to ensure that the record they create on themselves is one they wish to be left behind,” she notes. “Control of data at the point of creation is far more manageable than trying to control data after records capture.”

Anyway, read the whole essay. It is very much worth your time.

2 comments

Timothy Ravich on drones

by Jerry Brito on May 14, 2013 · 0 comments

Timothy Ravich, a board certified aviation lawyer in private practice and an adjunct professor of law at the Florida International University School of Law and the University of Miami School of Law, discusses the future of unmanned aerial system (UAS), also known as drones.

Ravich defines what UAVs are, what they do, and what their potential non-military uses are. He explains that UAV operations have outpaced the law in that they are not sufficiently supported by a dedicated and enforceable regime of rules, regulations, and standards respecting their integration into the national airspace.

Ravich goes on to explain that Congress has mandated the FAA to integrate UAS into the national airspace by 2015, and explains the challenges the agency faces. Among the novel issues domestic drone use raises are questions about trespass, liability, and privacy.