CSC 379:Week 4, Group 1

From Expertiza_Wiki
Jump to navigation Jump to search

Internet Surveillance (e.g. AT&T’s NSA Rooms)

The issues concerning internet surveillance

Most of us are aware of government surveillance as it pertains to wiretapping to listen in on phone conversations. This type of government surveillance has had many laws developed around it and how and when it may be done. With the growth of internet traffic, similar surveillance has appeared in the realms of email, voice over IP (VOIP), and general internet traffic. The same problems that occurred years ago for the telephone communications networks have been approached for internet communications.

The first issue that surrounds internet surveillance is how to make it possible. In order to conform to Communications Assistance for Law Enforcement Act (CALEA), phone networks had to be designed so that wiretapping was an easy thing to do if an appropriate government organization requested it. However, much internet traffic is optical instead of electrical. When electricity travels through a wire, it emits a small magnetic field. Something very close to the wire could intercept the electrical communication without affected it. Optical communication doesn't "leak" any of the light, so the communication has to be disturbed in order to intercept it. This is usually done with a splitter which diverts a percentage of the light down another path.

The second issue is authority. Mainly, who decides whether and how much internet surveillance can take place. Should there be a different authority or amount of evidence in order to intercept foreign communications as opposed to domestic? Does the person whose information is being gathered have to be notified? Does the court have to issue a warrant for a government agency to investigate internet traffic? If so, how much information can be gathered without a warrant?

Links

Ethical issues with CALEA

Making it possible to intercept internet communications has several privacy issues surrounding it. A large amount of information passing through the internet is encrypted making it difficult to intercept. "Wiretapping" optical lines involves splitting which degrades the signal strength unlike typical phone line wiretapping. Because the information is essentially anonymous once it leaves the local network and enters the world wide web, is it even possible to filter out a single person's communication? If there is a backdoor for government internet surveillance capabilities, how can the typical American be assured that this backdoor is only used by the government?

Encryption

Especially when talking about VOIP, much communication is encrypted. Even the networks serving such content cannot decrypt the content without the decryption key. The United States government has requested a backdoor to such communication in the past, but it could not be provided by the VOIP networks that supported such encryption. If these networks can allow for criminal communication without a method for the government to intercept the communication, should they be allowed to exist? Or should citizens be allowed to have a form of communication that they can be reasonably assured is completely private?

Splitting optical communication

With electrical communications, government organizations could easily start intercepting information without affecting that communication in any way. This can not be done with optical communications. Therefore, in order to allow surveillance effectively, the intercepting of information must have already been started before it was requested. This means that average citizens of the United States will have the information intercepted (even if not recorded) regardless of whether the citizen is under suspicion. Shouldn't unsuspected people be allowed privacy of their communications?

Difficulty of filtering

Most legal surveillance depends upon the governments right to intercept communication from or to a particular person or organization. However, in many circumstances, this is impossible without intercepting a large amount of communication between other people. Since this information is intercepted, a government agent could stumble upon private communications. The only method preventing this accidental invasion of privacy is programs that attempt to filter out only certain types of data. Since it cannot be proven that such filters will actually prevent invasion of privacy, should the government be allowed to intercept communications when they can't intercept only the suspected persons' data? What if the program could filter out all unsuspected individuals? Would it not still be an invasion of privacy for those communications to be intercepted and stored even if they are later filtered out?

Backdoor security

Having a backdoor for internet surveillance must be extremely secure. If a government agency can use the backdoor to intercept communications when given the appropriate authority, how can we be sure that such a backdoor can't be used without appropriate authority? Especially when dealing with the NSA, citizens fear that given an inch, they will take a mile. Allowing the backdoor to exist gives them the opportunity to use it at their own discretion no matter what the legal authority says. Just as well, building a backdoor into a system that doesn't intrinsically have such a backdoor lowers the security of the entire system. It may be possible for criminals to use the backdoor created in order to combat them for their own cybercrime.

Links

Ethical issues with the limits of internet surveillance

Internet surveillance is a very touchy issue for many people. There is a wide range of thought and laws regarding the limits to which such surveillance can go. Especially recently and due to the Patriot Act, their is an increasing difference between how much surveillance can be done on foreign communications versus domestic communications. There is a question, especially due to the NSA's recent actions to make it easier for them to intercept data, about how much data can be acquired before a warrant or other such authority is given. Along with how much data, is what type of data. Can government agencies freely collect information about where you send emails as long as they don't collect the content?

Foreign and domestic communications

There is a general idea that foreign communications should be closely monitored in order to prevent terrorism. However, most Americans also value their personal privacy and think that unsuspected citizens shouldn't have their everyday communications recorded and scrutinized by government officials. Therefore, there exists the Foreign Intelligence Surveillance Act (FISA) which allows a great deal of intelligence gathering for foreign communications that are not allowed for domestic law enforcement. In recent times, many citizens believe that the NSA is gathered information on internet traffic that is unrelated to international matters. Another interesting international surveillance issue deals with the Council of Europe Cybercrime Convention. This would have allowed foreign governments to request the NSA to intercept Americans. Should foreign governments be allowed to intercept internet data of Americans? Should domestic government agencies be allowed to investigate crimes through internet communications? Should the United States have different policies regarding international communications and domestic communications?

Requiring a warrant

Naturally, requiring a warrant to intercept internet communication is desired by most Americans. However, much surveillance or alledged surveillance has occurred specifically by the NSA without such a warrant being given. Some people have pursued a lawsuit against the NSA for such information gathering. However, the lawsuit was thrown out because the people could not show that the NSA's gathering of information damaged them in any regardless to whether the NSA had gathered the data. The EFF also sued AT&T for allowing the NSA to illegally gather data through the use of secret rooms. Should a warrant be required for putting the technology in place for surveillance? Or should a warrant simply be required for using such surveillance technology? If the NSA is brought to court for gathering data, shouldn't the proof needed to find the NSA guilty simply be the gathering of data without warrant rather than whether the data gathered caused any harm to the individual?

What types of data can be collected?

During police investigations, what types of information can be gathered about an individual's internet communication before a warrant is issued? This is an especially important question because the data that can be collected without getting a warrant is the data that can be used as evidence to request a warrant. The typical idea is that meta-data about the communications can be collected whereas the content of the communication can not. This meta-data typically consists of who sent the communication, to whom the communication was sent, the time and date of the communication, and (where applicable) the length of communication. This is all information that can be gathered about email and VOIP communication without the ability to intercept the actual content of the message. Are these types of data invasion of privacy? Should such data require a warrant as well? Should such data require at least suspicion of one of communicators in a currently investigated crime?

Links

Prompt

During the mid 1990s, one would consider himself/herself lucky to find what one was looking for though an internet search. As internet usage has grown, better search technologies has emerged displacing many human created directory-based search engines with ones providing a vast array of dynamically-created and helpful results. Technologies such as Google Alerts allows the tracking of yourself and others content on the internet based on keyword identifiers. Voluntary technologies such as blogs, online photo albums, and social networking have added a wealth of information available about us online.

AT&T has come under scrutiny by members of the public for allegedly constructing “NSA rooms” containing equipment that has the capability to monitor large amounts of internet traffic and are only accessible special US Government-affiliated staff members.

Examine a variety of ethical concerns related to tracking of both voluntarily and non-voluntarily provided information on the internet by members of the public, employers, government, and schools. Cite relevant laws, policies, and/or actions taken that are related to these concerns.

Resources

Relevant External Links:

Relevant Class Website Links: