• United States



Going Dark in the Golden Age of Cyber-Surveillance?

Jun 24, 20126 mins
CybercrimeData and Information SecurityMicrosoft

We keep hearing the government claiming it is blindly stumbling around in dark and unable to catch cyber scum like pedophiles and cybercrooks. In real time crime, law enforcement waits for a law to be broken, waits for an actual offense to be committed, before investigating people. IPv6 has joined the ranks of Skype and other encrypted communications that alleged cause ‘going dark. The threat of terrorism is always used as a justification to crank up surveillance online. Offline a person is a potential terrorist threat by asking ‘too many questions,’ yet at the border we can be drilled with questions; Israel even requires social networking passwords before allowing some people into the country. There has never been as much surveillance as there is today, impacting each of our cyber and real lives, so how valid is the ‘going dark’ argument?

To justify increased cyber-surveillance, time and again we’ve heard government “going dark” arguments claiming that if more surveillance and backdoors are not allowed, then child pornography will run rampant, cybercrime will flourish, and terrorism will thrive. Yet OpenDemocracy said, “The argument that the government needs real time, rather than retrospective access to traffic data for investigating ‘ordinary decent’ cyber-crime, or even quintessentially evil child pornography is surely disingenuous.” Furthermore “the conventional approach to crime is that one waits for a crime to take place before one tries to investigate it. If that approach is good enough for physical burglary or rape it is difficult to see why it doesn’t hold for their virtual equivalents.”

The Center for Democracy & Technology (CDT) suggested that the federal government and law enforcement’s claims of “going dark” give the wrong image of those agencies being blinded in some way. “Instead, today should be understood as a ‘golden age of surveillance’.”

Compared with earlier periods, surveillance capabilities have greatly expanded. Consider three areas where law enforcement has far greater capabilities than ever before: (1) location information; (2) information about contacts and confederates; and (3) an array of new databases that create “digital dossiers” about individuals’ lives. This information about any individual suspect is made even more useful because of the way data mining can help identify suspects.

The FBI and NSA may regard “going dark” and needing CALEA and similar laws that trample privacy due to the problems from bad guys using encrypted email, digital telephony or Skype. But as Bruce Schneier pointed out about the “Golden Age of Surveillance,” the “massive increase of online data and Internet communications systems gives the government a far greater ability to eavesdrop on our lives. They can get your e-mail from Google, regardless of whether you use encryption. They can install an eavesdropping program on your computer, regardless of whether you use Skype. They can monitor your Facebook conversations, and learn thing that just weren’t online a decade ago. Today we all carry devices that tract our locations 24/7: our cell phones.”

The FBI created a new “secret surveillance unit” to build backdoors for eavesdropping on the web. Alongside of the FBI, U.S. Marshals and DEA agents will work at the new Domestic Communications Assistance Center to find new ways to decode and intercept electronic communications to keep from “going dark.” Conversely, there are others who are trying to defeat government eavesdropping capabilities such as the Calyx Institute that is hoping to build a privacy-centered ISP with end-to-end encryption of all electronic communications.

CNET’s Declan McCullagh reported, now the FBI and DEA are warning that IPv6 may make us too anonymous and thereby shield criminals. The feds say that IPv4 provided traceability that is “necessary to identify people suspected of crimes.” The FBI said IPv6 “needs that same level of traceability.”

Alongside of going dark arguments that allegedly mean the good guys couldn’t hunt down cyber scum like pedophiles, we hear the same line of reasoning and justifications to increase surveillance applied toward stopping terrorists from proliferating in the cyber world. Yet criminologists at the UK Home Office conducted the “most thorough and theoretically rigorous review of ‘Al Qaeda influenced radicalization’ yet.” They found the opposite to be true in websites that blatantly post Al Qaeda recruiting material. According to OpenDemocracy, the study found “that ‘the Internet does not appear to play a significant role in AQIR’. If anything, they argue, the inherent nature of online relationships may mitigate against movement from speech to violent action.”

So where are all these potential terrorists hiding out, since that threat has greatly impacted all Americans, even in real time such as flying? Do we need to look no further than inquiring minds who want to know?  Public Intelligence said that the FBI and DHS are warning business owners and law enforcement to be on the lookout for people who ask too many questions. The government believes people who ask questions are exhibiting highly suspicious behavior and need to be reported as potential terrorists or criminals. “What kind of questions go beyond simple conversation to full-fledged terrorist elicitation of information?  To illustrate the concept of ‘suspicious elicitation,’ the bulletin includes two examples of actual SARs (suspicious activity reports).

In one incident, a man working at a gas station asked a worker from a nearby chemical plant “what types of chemicals were used at the plant, whether any were explosive, and whether employees were allowed to take chemicals home.” The gas station employee then asked about the explosiveness of certain chemicals and whether the plant was hiring. In another incident, a man asked a security officer at a train station about shift times and changes, where the security company was located and if security personnel worked after midnight. The man also asked about security cameras at the location and asked for contact information for the security company.

Where will this all hunting for suspicious terrorism-inclined people lead? Will the U.S. follow Israel and start demanding passwords to social networking accounts in order for a person to be allowed into the country? The Australian reported, “In a cyber-age twist on Israel’s vaunted history of airport security, the country has begun to force incoming travelers deemed suspicious to open personal email accounts for inspection.” Diana Butto, a former legal adviser to the Palestinian Authority and a fellow at the Harvard Kennedy School of Government, said “that in the case of journalists, agents typically wanted to see people’s itineraries, articles they have written or Facebook status updates.”

2012 indeed seems much more like the “Golden Age of Surveillance” than blindly stumbling along in world that is “going dark.” Next time we’ll look at this argument as applied to encryption and the cloud.

Like this? Here’s more posts:
  • Get ready for more TSA pat-downs
  • Study Finds 1 in 2 Americans are ‘Clueless’ about Webcam Hacking
  • Track the trackers with Collusion: Interview with Mozilla’s Ryan Merkley
  • Microsoft ‘sorry’ for raunchy Windows Azure video with dancing girls, bad sexual lyrics
  • Sanitize Microsoft Office: How to remove personal metadata
  • The Future of Drone Surveillance: Swarms of Cyborg Insect Drones
  • Male or female, who’s the better social engineer? Battle of the SExes!
  • Apple and Google Maps: Will eye-in-the-sky ‘spy planes’ place our privacy at risk?
  • Is Microsoft right and W3C wrong about Do Not Track being turned on by default?
  • NSA claims it would violate Americans’ privacy to say how many of us it spied on
  • Bill proposes to protect Americans’ privacy from warrantless drone surveillance
  • Feds investigate who leaked classified Stuxnet cyberattack details to NYT
  • This is why people pirate Windows
  • Hacktivists UGNazi attack 4chan, CloudFlare and Wounded Warrior Project
  • FBI Creates Surveillance Unit to Build Backdoors into the Web

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.