technology, privacy, law national security - #4 Fred Chang

Fred Chang -

Moore's law buy a house for 1m in 1968, worth .20 today

cell phone of the future - video camera, internet connected, rfid chips - embedded technology, manufactured for .06 - hackers are trying to get virus' to hop rfid chips

software trends - draws a contrast between analog and digital systems (bridge analogy - bolts missing, no problem, in a digital system, one line of code kills the bridge)

Wirth's law (Nicholas Wirth invented Pascal) - software becomes slower faster than hardware becomes faster

software complexity - increasing

shoppers at UK supermarket - hackers had added chip underneath credit card readers and transmitted credit card info offsite

Google hack summary hacked the facebook accounts of friends of google accounts, send links from facebook accounts that had been hacked, vulnerability in IE allows software to be downloaded onto the sysadmin machine - opens ssl tunnel and admin box was popped

human is the weakest link - key point of vulnerability

human genome - vulnerability

brain computer interfaces - bci - you can purchase right now, helmet will control video games



Jim Simon Microsoft -institute for advanced technology in government

democratization of weapons and technology - can build them in your garage
cyber crime has surpassed drugs
US has lost supremecy -
march of technology is not stoppable
China produced more cs majors than any country
ubiquitous encryption is a few years away
cost of breaking cell phone call will be prohibitive

minicore - laptop will be 100 times faster, will require 256 character password - fingerprints not long enough, requires 18 points - technology doesn't exist

waiting list for this tech, us gov is not on the list, will take 2-3 years to certify it before it can be bought

quantum computing - may or may not work, but would change the game

cybercrime - companies don't prosecute b/c it would require giving away trade secrets.

market for hacks

attestation - how do we know it is you on the other end of the cell phone or computer?

crowdsourcing - photosynth

tempest - intercept apple Iphone calls from 400 meters -

us government is absolescent tending toward obsolete, just approving windows vista for use

civil governments are insecure

need some formal mechanism to get congress to take on issues that are important



Ken Flamm -
interception of communications has been most discussed today, but is the smallest part of the problem
pace of technology is due to investment, not some natural force and will continue into indefinite future

what are the origins of this technology pace problem - U.S. played a major role as the parent

"cyberpower" - abiliy to use cyberspace to create advantages and influence events...

tech policy - direct and indirect measures to promote national R&D investment
different than my previous understanding - Flamm claims regulation of technology is related to other issues

manufacturing - interchangeable parts for rifles - after Napoleonic wars

World War II - cyberpower won the war - first modern digital computers were created, decryption of intercepted axis powers communications - tipped the balance of war, not declassified until 1970

1950's and 60's government poured money into tech, huge increases - did not happen accidentally, man made event

So what is new now?

1. scale - rates of decline 15 - 30% in cost 
2. is the toyota problem a software problem? etc.
3. border between mil and commercial increasingly nebulous
4. globalization of IT

Tech policy is important b/c it is what got us here

what investments do we currently have in place to solve these security problems?

QUESTION AND ANSWER

elliptical curve encryption - is the change - will this take off?
ubiquitous encryption - if all communications are encrypted, how do you know which communications to capture?

national security, policy and law - Investigations

Orin kerr - George Washington
Paul Ohm - Colorado
Samuel Rascoff  - NYU

Notes from this session follow:

Orin -  fourth amendment different in national security than civil law

two easy explanations - article 2 presidential authority, and FISA has by statute trumped constitutional issues

3rd reason - in expanding role of warrant clause outside criminal investigations
courts are not able to answer the questions related to the warrant clause

flexible warrant requirement -

battery dying

Law at the Intersection of National Security, Privacy and Technology

Great seminar sponsored by the Texas Law Review and the Strauss Center. My notes follow, for later use in my diss:


church and pike committees
resulting in FISA
congressional oversight committee and structure
system of rules EO 12333
U.S. person rules person, corporation or organization
WD commission - said these rules impede investigations


- Alex Joel - civil liberties protection officer, ODNI

Nathan Sales - George Mason law professor
have norms changed so much that the concept is obsolete?

privacy had to be "created" as an idea, long post dates the founding of the republic
relationship between technology and privacy is no longer well described by privacy
100 years after the constitution - that privacy as an idea is developed - (warren and brandeis?)
we never define the term with precision
key unifying ideas - value that protects - things that you mean to keep private as such (reasonable expectation - if you have taken steps to keep it private)

intellectual development inspired by technology - camera, inspired warren and brandeis
microphone the other major tech - pre-existing vocab no longer described the challenge we were facing
creating a mosaic of data that describes us
nothing private about driving down the NJ turnpike, or walking down the street - real problem is the creation of a log of your life -
actions taken in public generate public information?
"mosaic data" - some is protected, content of phone calls is protected, most is not b/c it has been disclosed to someone
action isn't private, but records of those actions should be
how do you amass a privacy interest out of many small actions?
Brandeis had the imagination in 1890 to refigure a definition of the value that we think is being violated


Discussion -
fifth amendment violation is our fear - our "mosaic data" can be used against us - Nathan Sales - develop a new concept to describe the problem you are dealing with (Ben?)

Alex Joel - civil liberties officer - olmstead case - brandeis predicts greater ways to violate privacy - lost, but won in Katz in 1967

eruption of privacy relates to the number of "paths" into your mind



Jameel Jaffer - usual state of affairs - intelligence as a sword rather than a shield
harnessing intelligence to democratic ends has failed in the past
intelligence under law - phrase or slogan
there should be limits
there should be compliance mechanisms
there should be judicial review

intelligence community - job is to protect a democratic society, if your activities subvert democratic institutions, you're not doing your job.

FAA - permits surveillance FISA - dragnet surveillance of American international communication - does not conform to the warrant or reasonable expectation clauses

constitutionality of FAA - Jameel questions this on the basis of the third amendment

targets of surveillance directives (vocab)
senator cardin (?) chilling effect of surveillance on society, not just the targets. Point also made by Supreme Court in 1976 and the Church Committee

Standing doctrine and state secret doctrine block a "face review" -

ethics requirements - lawyers were advised to protect their communications with their clients (recommendations may be available - I should find this) - as an ethical responsibility ACLU suit that was dismissed recently

Need information about the surveillance programs - surveillance under democratic control

forces that shaped the "evolution" of FAA are opaque to ordinary citizens

Burger case was the only facial challenge the Supreme Court has engaged