“Like with the tax bill and healthcare, House Republicans are now trying to pass an awful NSA surveillance expansion bill within hours of releasing the text and with zero debate,” Freedom of the Press Foundation executive director Trevor Timm warned in a tweet on Tuesday. (Photo: Joe Brusky/Flickr/cc)
Civil libertarians and internet freedom groups declared tentative victory on Wednesday after House Republicans announced that they have—at least for now—abandoned efforts to sneak through a measure that would have reauthorized Section 702 of the Foreign Intelligence Surveillance Act (FISA) and vastly expanded NSA spying powers.
A number of prominent groups and public figures—including Fight for the Future, the Freedom of the Press Foundation (FPF), and Edward Snowden—have been working to call attention to the legislation in recent days amid the flurry of tax and budget developments. Continue reading →
Free Chelsea Manning.Grafitti in Vienna, Austria, 2014. Wikicommons/smuconlaw.
On January 17, 2017, whistleblower Chelsea Manning’s 35-year prison sentence was commuted to seven years from her date of arrest, in one of President Obama’s last acts before leaving office. At the time of her commutation, Private Manning had spent more time behind bars than any other person in US history who had disclosed information considered to be in the public interest.
The information leaked by Chelsea Manning – videos, diplomatic cables and reports relating to the Iraq War and the War in Afghanistan – exposed corruption and human rights abuses, and is widely regarded to have been a catalyst for the Arab Spring that began in December 2010. Continue reading →
“Censorship in all its forms reflects official fear of ideas and information,” said U.N. Special Rapporteur on the freedom of opinion and expression, David Kaye. (Photo: Rachel Hinman/flickr/cc)
“Governments are treating words as weapons,” a United Nations expert has warned, previewing a report on the global attack on the freedom of expression.
The report, based on communications with governments stemming from allegations of human rights law violations—reveal “sobering” trends of threats worldwide and “how policies and laws against terrorism and other criminal activity risk unnecessarily undermining the media, critical voices, and activists.” Continue reading →
“The Snowden leaks caused a sea change in the policy landscape related to surveillance,” writes watchdog, from the recent passage of the USA Freedom Act to the coming showdown in Congress over Section 702.
“There can be no renewal of Section 702 unless warrantless surveillance of Americans’ private lives is stopped,” declared bipartisan coalition End702. (Photo: Gage Skidmore/cc/flickr)
Three years ago on Monday, the world was shattered by news that the United States was conducting sweeping, warrantless surveillance of people, heads of state, and organizations across the globe.
To mark the anniversary of those revelations, brought forth by a then-unknown contractor working for the National Security Administration (NSA), a coalition of public interest groups have launched a new campaign fighting for the expiration of the law that the government claims authorizes its mass spying. Continue reading →
John Crane described how the Pentagon illegally represses whistleblowers—and revealed how the same internal office tasked with protecting whistleblowers has set about betraying them. (Photo: Screenshot/The Guardian)
Pentagon officials tasked with protecting whistleblowers have lied under oath, illegally destroyed documents, and gone out of their way to ruin people’s careers and lives for attempting to raise concerns about government abuses of power, according to a high-ranking Department of Defense (DoD) official, John Crane, who went public with his story on Sunday.
What is privacy and what is an individual’s right to it?
That is the question that renowned linguist and MIT professor Noam Chomsky, National Security Agency (NSA) whistleblower Edward Snowden, and Intercept co-founding editor Glenn Greenwald sought to answer on Friday evening as the three (virtually) shared a stage for a panel discussion at the University of Arizona in Tuscon.
Coming amid the FBI’s public battle against Apple as well as days after the bombings in Brussels last week, which have spurred another round of calls for heightened security and surveillance, the conversation challenged the rhetoric that national security requires that governments can access individual communications. Continue reading →
The ongoing fight between Apple and the FBI over breaking into the iPhone maker’s encryption system to access a person’s data is becoming an increasingly challenging legal issue.
With a deadline looming, Apple filed court papers explaining why it is refusing to assist the FBI in cracking a password on an iPhone used by one of the suspects in the San Bernardino shooting. CEO Tim Cook has declared he will take the case all the way to the Supreme Court.
The tech company now wants Congress to step in and define what can be reasonably demanded of a private company, though perhaps it should be careful what it wishes for, considering lawmakers have introduced a bill that compels companies to break into a digital device if the government asks.
But there is an irony to this debate. Government once pushed industry to improve personal data privacy and security – now it’s the tech companies who are trumpeting better security. My own research has highlighted this interplay among businesses, users and regulators when comes to data security and privacy.
For consumers, who in coming years will see ever more of their lives take place in the digital realm, this heightened attention on data privacy is a very good thing.
The business case for better privacy grows
Not too long ago, everyone seemed to be bemoaning that companies aren’t doing enough to protect customer security and privacy.
The White House, for example, published a widely cited report saying that the lack of online privacy is essentially a market failure. It highlighted that users simply are in no position to control how their data are collected, analyzed and traded. Thus, a market-based approach to privacy will be ineffective, and regulations were necessary to force firms to to protect the security and privacy of consumer data.
The tide seems to have turned. Repeated stories on data breaches and privacy invasion, particularly from former NSA contractor Edward Snowden, appears to have heightened users’ attention to security and privacy. Those two attributes have become important enough that companies are finding it profitable to advertise and promote them.
Whether it is through its payment software or operating system, Apple has emphasized security and privacy as an important differentiator in its products. Of course, unlike Google or Facebook, Apple does not make money using customer data explicitly. So it may have more incentives than others to incorporate these features. But it competes directly with Android and naturally plays an important role in shaping market expectation on what a product and service should look like.
These features possibly play an even more critical role outside the U.S. where privacy is under threat not only from online marketers and hackers but also from governments. In countries like China, where Apple sells millions of iPhones, these features potentially are very attractive to end users to keep their data private from prying eyes of authorities.
Regulators hum a different tune
It is clear that Apple is offering strong security to its users, so much so that FBI accuses it of using it as a marketing gimmick.
It seems we have come a full circle in the privacy debate. A few years ago, regulators were lamenting how businesses were invading consumers’ privacy, lacked the proper incentives to do so and how markets needed stronger rules to make it happen. Today, some of the same regulators are complaining that products are too secure and firms need to relax it in some special cases.
While the legality of this case will likely play out over time, we as end users can feel better that in at least in some markets, companies are responding to a growing consumer demand for products that more aggressively protect our privacy. Interestingly, Apple’s mobile operating system, iOS, offers security by default and does not require users to “opt-in,” a common option in most other products. Moreover, these features are available to every user, whether they explicitly want it or not, suggesting we may be moving to a world in which privacy is fundamental.
Data sharing gets complicated
At its core, this debate also points to a larger question over how a public-private partnership should be structured in a cyberworld and how and when a company needs to share details with either the government or possibly with other businesses for the public good.
When Google servers were breached in China in 2010, similar questions arose. United States government agencies wanted access to technical details on the breach so it could investigate the perpetrators more thoroughly to unearth possible espionage attempts by Chinese hackers. The breach appeared to be aimed at learning the identities of Chinese intelligence operatives in the U.S. that were under surveillance.
Information sharing on data breaches and security infiltration is something the government has widely encouraged, last year passing the Cybersecurity Information Sharing Act of 2015 to encourage just that.
Unfortunately, various government agencies themselves have become self-interested parties in this game. In particular, the Snowden disclosures revealed that many government agencies conduct extensive surveillance on citizens, which arguably not only undermine our privacy but compromise our entire information security infrastructure.
These agencies, including the FBI in the current case, may have good intentions, but all of this has finally given profit-maximizing companies the right incentives they need to do what the regulators once wanted. Private businesses now have little incentive to get caught up in the bad press that usually follows disclosures like Snowden’s, so it’s no wonder they want to convince their customers that their data are safe and secure, even from the government.
With cybersecurity becoming a tool for government agencies to wage war with other nation-states, it is no surprise that companies want to share less, not more, even with their own governments.
The battle ahead
This case is obviously very specific. I suspect that, in this narrow case, Apple and law enforcement agencies will find a compromise.
But the Apple brand has likely strengthened. In the long run, its loyal customers will reward it for putting them first.
However, this question is not going away anywhere. With the “Internet of things” touted as the next big revolution, more and more devices will capture our very personal data – including our conversations.
This case could be a precedent-setting event that can reshape how our data are stored and managed in the future. But at least for now, some of the companies appear to be – or least say they want to be – on our side in terms protecting our privacy.
About the Author: Rahul Telang is Professor of Information Systems and Management, Carnegie Mellon University.
Are our elected officials “once again cutting out the public from an important debate over mass surveillance?” as Mark Jaycox and Dave Maass of Electronic Frontier Foundation (EFF) write?
It appears to be the case, as EFF and two dozen other civil liberties organizations say, because the House Judiciary Committee’s upcoming hearing on Section 702 of the Foreign Intelligence Surveillance Act (FISA) is to be held in a classified format. Continue reading →
Critics warn that the draft Investigatory Powers Bill would represent an unprecedented expansion of the UK government’s surveillance powers. (Photo: Paul Downey/flickr/cc)
The UK unveiled on Wednesday a draft bill to expand the government’s spy powers that privacy watchdogs are decrying as a further step towards becoming a surveillance state.
“[T]his long-awaited Bill constitutes a breath-taking attack on the internet security of every man, woman and child in our country,” stated Shami Chakrabarti, Director of the UK-based rights group Liberty.
Home Secretary Theresa May unveiled the draft Investigatory Powers Bill and called it “unprecedented.” Continue reading →
The U.S. Senate approved CISA on Tuesday. (Screenshot)
The U.S. Senate on Tuesday passed the Cybersecurity Information Sharing Act (CISA) without any of the proposed amendments that would have strengthened user protections. The bill passed 74-21 (see the roll call here).
Rights groups immediately called for President Barack Obama to veto the bill and vowed to keep pressure up.
“Every senator supporting #CISA today voted against a world with freedom, democracy, and basic human rights,” tweeted digital rights organization Fight for the Future. “If President Obama does not veto this bill, he’ll be showing that his administration never truly cared about the open Internet.”
“This vote will go down as the moment Congress codified the US government’s unconstitutional spying. A sad day for the Internet,” the group added.
In their response to CISA’s passage in the Senate, the Electronic Frontier Foundation marked its disappointment and said: “The bill is fundamentally flawed due to its broad immunity clauses, vague definitions, and aggressive spying authorities.”
With the bill now moving to conference committee, but EFF expressed no confidence that the bill would be improved.
“The passage of CISA reflects the misunderstanding many lawmakers have about technology and security,” EFF continued. “Computer security engineers were against it. Academics were against it. Technology companies, including some of Silicon Valley’s biggest like Twitter and Salesforce, were against it. Civil society organizations were against it. And constituents sent over 1 million faxes opposing CISA to Senators.”
EFF vowed that the fight against the bill would continue through the conference committee process, where it will urge lawmakers to add pro-privacy provisions. “We will never stop fighting for lawmakers to either understand technology or understand when they need to listen to the people who do,” the group said.
The official Senate roll call to the vote follows:
As the U.S. Senate gears up for a vote on the controversial Cybersecurity Information Sharing Act (CISA) on Tuesday, privacy advocates are galvanizing an 11th-hour push against the bill they say does nothing more than expand government spying powers.
A slew of digital rights groups including Fight for the Future and the Electronic Frontier Foundation, along with whistleblower Edward Snowden and outspoken CISA opponent Sen. Ron Wyden (D-Ore.), joined forces Monday night for an Ask Me Anything (AMA) session on Reddit, which has also come out against the bill. The session was the latest action by civil society groups, activists, and tech companies calling on Congress to reject CISA for its anti-privacy provisions.
“CISA isn’t a cybersecurity bill,” Snowden wrote during the Q&A. “It’s not going to stop any attacks. It’s not going to make us any safer. It’s a surveillance bill.”
Supporters of CISA—including Sens. Dianne Feinstein (D-Calif.) and Richard Burr (R-N.C.)—say the bill would make it easier for tech companies to share data in cases of security breaches and other digital attacks. But critics say there aren’t enough safeguards in place to protect user privacy and the bill only works to serve intelligence agencies in domestic surveillance operations.
“What it allows is for the companies you interact with every day—visibly, like Facebook, or invisibly, like AT&T—to indiscriminately share private records about your interactions and activities with the government,” Snowden wrote on Monday. “CISA allows private companies to immediately share a perfect record of your private activities the instant you click a link, log in, make a purchase, and so on—and the government with reward for doing it by granting them a special form of legal immunity for their cooperation.”
Fight for the Future campaign director Evan Greer said the Senate’s vote on Tuesday “will go down in history as the moment that lawmakers decided not only what sort of Internet our children and our children’s children will have, but what sort of world they will live in.”
The campaigns, which are being waged under the hashtag #StopCISA, urge senators to oppose the bill and protect civil liberties.
Greer added, “Every Senator who votes for CISA will be voting for a world without freedom of expression, a world without true democracy, a world without basic human rights. And they will be voting for their own removal from office, because the Internet will not forget which side of history they stood on.”