Privacy, Surveillance, and the Human Implications of New Technology
The FBI has been given an expanded role in coordinating the domestic intelligence-gathering activities of the CIA and other agencies under a plan enacted this year by Director of National Intelligence James R. Clapper Jr., officials said.
The bureau’s highest-ranking field agents now also serve as the DNI’s representatives across the country. The change is intended to improve collaboration, but some officials say it has created new friction between the FBI and CIA.
Specifically, Schumer is asking the two companies for three security and privacy provisions:
- Provide notification to communities as to when you plan to conduct mapping
- Automatically blur photos of individuals who are captured, and give property owners the right to opt-out of having the company map their homes
- Put protocols in place with law enforcement and local municipalities to ensure that sensitive infrastructure details are blurred from published maps
The House Judiciary Committee, following the Senate Intelligence Committee’s lead last month, (.pdf) voted 23-11 to reauthorize the FISA Amendments Act. The legislation, expiring at year’s end, authorizes the government to electronically eavesdrop on Americans’ phone calls and emails without a probable-cause warrant so long as one of the parties to the communication is outside the United States. The communications may be intercepted “to acquire foreign intelligence information.”...
At the time (2001), then-senator and presidential candidate Barack Obama voted for the measure, though he said the bill was flawed and that he would push to amend it if elected. Instead, Obama, as president, simply continued the Bush administration’s legal tactics aimed at crushing any judicial scrutiny of the wiretapping program, and his administration is now demanding that federal lawmakers extend the legislation for five years.
ARIN and the other regional registries maintain public Whois databases for IP addresses, meaning that if you type in 64.30.224.118, you can see that it's registered to CNET's publisher. ARIN tries to ensure that Internet providers keep their segments of the Whois database updated, and because it's been handing out IPv4 addresses blocks every few months, it currently enjoys enough leverage to insist on it.
But for IPv6, ARIN will be handing out much larger Internet address blocks only every 10 to 15 years, meaning it loses much of its ability to convince Internet providers to keep their Whois entries up-to-date. That means it may take law enforcement agencies -- presumably armed with court orders -- longer to trace an IPv6 address such as 2001:4860:4860::8888 back to an Internet service provider's customer.
It's easy to understand why countries like Russia, China and Iran would want to rewire the Internet, cutting off access to their citizens and undermining the idea of a World Wide Web. What's more surprising is that U.S. diplomats are letting authoritarian regimes hijack an obscure U.N. agency to undermine how the Internet works, including for Americans.
The failure by U.S. negotiators to stop attacks on the Internet became known only through documents leaked last week. They concern a U.N. agency known as the International Telecommunications Union. Founded in 1865 to regulate the telegraph, the body (now part of the U.N.) is planning a World Conference on International Telecommunications in December, when the 193 U.N. member countries, each of which has a single vote, could use the International Telecommunications Regulations to take control of the Internet. The U.N. process is mind-numbing, but as Vincent Cerf, one of the founders of the Web, recently told Congress, this U.N. involvement means "the open Internet has never been at a higher risk than it is now."
Known in the cyber security industry as "active defense" or "strike-back" technology, the reprisals range from modest steps to distract and delay a hacker to more controversial measures. Security experts say they even know of some cases where companies have taken action that could violate laws in the United States or other countries, such as hiring contractors to hack the assailant's own systems.
In the past, companies that have been attacked have mostly focused on repairing the damage to their computer networks and shoring them up to prevent future breaches.
But as prevention is increasingly difficult in an era when malicious software is widely available on the Internet for anyone wanting to cause mischief, security experts say companies are growing more aggressive in going after cyber criminals.
"Not only do we put out the fire, but we also look for the arsonist," said Shawn Henry, the former head of cybercrime investigations at the FBI who in April joined new cyber security company CrowdStrike, which aims to provide clients with a menu of active responses.
The data, which was released Monday, shows that American authorities requested over 3,800 items via court order. That's more than twice as many as the next country, Germany. Google says it complied with 40 percent of the American requests. In addition, over 2,300 items were requested from law enforcement or other means that did not involve a court order.
Interestingly, according to the Irish Times (reporting from this week’s Dublin Conference for Internet Freedom) Thomas Melia, deputy assistant secretary of state in the US Bureau of Democracy, told attendees that “too many governments were filtering, censoring content, taking down sites, and perpetuating Internet shutdowns.”
According to Facebook’s help center, users cannot opt out of being featured in Sponsored Stories, but can configure their privacy settings to make sure they’re only sharing information about their “likes” with the people they find appropriate.
“Sponsored Stories respect your privacy settings. This means only the people you’re already sharing your activity with on Facebook can see Sponsored Stories about you,” the company’s FAQ says.
Facebook is also facing around 40 lawsuits related to its initial public offering — cases that the company has moved to consolidate in the Southern District of New York. The cases deal with losses related to the debut, both as a result of the technical problems the Nasdaq had on the morning the stock began trading and over allegations that select investors received secret information about the company’s profit forecasts.
On Thursday, Google, Facebook, AOL and Twitter announced they’ve joined the Interactive Advertising Bureau in creating the Ads Integrity Alliance. The group will work together to share information and establish policy recommendations to deal with counterfeit, scammy and malware-laden advertisements.
Specifically, the bill states that other than given exceptions involving border patrol, “exigent circumstances,” and “high risk” of terrorist attack as determined by the Secretary of Homeland Security, “a person or entity acting under the authority, or funded in whole or in part by, the Government of the United States shall not use a drone to gather evidence or other information pertaining to criminal conduct or conduct in violation of a statute or regulation except to the extent authorized in a warrant that satisfies the requirements of the Fourth Amendment to the Constitution of the United States.”
Currently, the DoD and the military have “88 active certificates of authorization (COAs) at various locations around the country” that permit them to fly UASs outside of restricted military zones, the report to Congress said. COAs are issued by the Federal Aviation Administration.
But “The rapid increase in fielded UAS has created a strong demand for access within the NAS [National Airspace System] and international airspace. The demand for airspace to test new systems and train UAS operators has quickly exceeded the current airspace available for these activities,” the report said.
The Web is overrun with dumb hashtags, chart-topping fart apps, and guys just waiting to show you their d*cks. But with this week’s launch of Twitter’s Tailored Trends, Facebook’s App Center, and Airtime’s safety net, some tech companies are fighting back.
If you can’t get people to act smarter, at least you can hide their idiocy, and that’s what each of these products does. But can we make the Internet smarter and safer with without whitewashing away differing opinions and locking ourselves in an echochamber?image; from the TechCrunch article - had to do it
The Information Commissioner's Office previously dropped a probe into the affair after being told limited data had been "mistakenly collected".
However, it said it had since become aware of reports that a Google engineer had deliberately written software to obtain a wider range of material.
Justice Department officials have spoken to several online video providers, including Netflix Inc. NFLX +0.11% and Hulu LLC, those people said. Investigators have also questionedComcast Corp., CMCSA -0.36% Time Warner Cable Inc. TWC -0.21% and other cable companies about issues such as setting data caps, limits to the amount of data a subscriber can download each month, these people said.
Under the newly proposed bill, a person’s genetic information may only be accessed by individuals specifically named on a consent form, and only for purposes written on the form. Genetic information along with the original samples must be destroyed once their specified purposes are fulfilled.
Such requirements could seriously hinder genomic research, says geneticist David Segal, associate director of genomics at the University of California, Davis. He points out that scientists typically sequence DNA from thousands of people to discover genes associated with particular diseases. Under the proposed legislation, a large genomic dataset could not be re-used to study a different disease. Researchers would either need to destroy the data after each study, or track down thousands of former subjects for new authorisations—an infeasible task, he says.Other resources:
In the coming months the Center for Copyright Information (CCI) will start to track down ‘pirates’ as part of an agreement all major U.S. Internet providers struck with the MPAA and RIAA.
The parties agreed on a system through which copyright infringers are warned that their behavior is unacceptable. After six warnings ISPs may then take a variety of repressive measures, which include slowing down offenders’ connections and temporary disconnections.
The plan was announced under the name ‘Copyright Alerts‘ in July last year and the first ISPs were expected to send out the first warnings before the end of 2011. But this deadline passed silently and as things stand now it looks like the July 1, 2012 deadline is not going to be met by all ISPs either.
The DEA and two sheriffs are asking permission to install stationary license plate scanners on the freeway in Beaver and Washington counties. The primary purpose would be to catch or build cases against drug traffickers, but at a Utah Legislature committee meeting Wednesday, the sheriffs and a DEA representative described how the scanners also could be used to catch kidnappers and violent criminals.
That, however, wasn’t the concern of skeptical legislators on the Law Enforcement and Criminal Justice Interim Committee. They were worried about the DEA storing the data for two years and who would be able to access it.
As is often the case, the investigation into the alleged pirate site was not started by the police, but by Hollywood. In 2008 and working closely with the MPAA, the Federation Against Copyright Theft (FACT) hired former Dutch policeman Pascal Hetzschold to try and make contact with SurfTheChannel’s owner.
Using the cover “Roger Van Veen,” Hetzschold pretended to represent a venture capitalist who was interested in the site. After a few emails back forth, SurfTheChannel operator “Anton” agreed to meet with him in London.
During that meeting Anton opened up about the site according to Hetzschold. He allegedly explained that the site made $50,000 in revenue each month from an average of 400,000 visitors per day. Anton also admitted that he founded the site which he ran in collaboration with two other people.
The move supports efforts by State Department officials and Silicon Valley giants to prevent the United Nations from becoming the regulatory body for the Internet.
In December, U.N. members will vote on an update of a 1988 communications treaty and consider proposals from Russia, China and Arab states to extend oversight to the Internet.
The bipartisan resolution, introduced by House Energy and Commerce members, won’t have a direct affect on the December vote, but what it does is strengthen opposition from the U.S. to the Internet regulatory proposals.
The federal government is pushing ahead with reforms that could see consumers' information kept on file for up to two years by internet service providers (ISPs).
This could include the data retention of personal internet browsing information which intelligence agencies could access in the event of criminal activities by individuals or organisations.
Attorney-general Nicola Roxon told 774 ABC Melbourne last week that she has referred the matter to the joint intelligence committee, as well as other reforms to four pieces of legislation: the Telecommunications (Interception and Access) Act 1979; the Telecommunications Act 1997; the Australian Security Intelligence Organisation Act 1979; and the Intelligence Services Act 2001.
This is the second time Facebook Inc. is letting users vote on policy changes. The first time was in 2009 when Facebook was a much smaller, privately held company with fewer than 200 million users.
It may be the last time, though.
Thirty percent of Facebook’s 900 million users, or 270 million people, have to vote on the changes — for or against — to have the process be binding. Otherwise, Facebook considers the vote “advisory.”
The origins of the cyberweapon, which outside analysts dubbed Stuxnet after it was inadvertently discovered in 2010, have long been debated, with most experts concluding that the United States and Israel probably collaborated on the effort. The current and former U.S. officials confirmed that long-standing suspicion Friday, after a New York Times report on the program....
The use of the cyberweapon — malware designed to infiltrate and damage systems run by computers — was supposed to make the Iranians think that their engineers were incapable of running an enrichment facility.
“The idea was to string it out as long as possible,” said one participant in the operation. “If you had wholesale destruction right away, then they generally can figure out what happened, and it doesn’t look like incompetence.”
