NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information

 


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Snowden's NSA Truths, Untruths, and Where We Go From Here


         Snowden's NSA Truths, Untruths, and Where We Go From Here

               http://lauren.vortex.com/archive/001045.html


As the NSA/Snowden situation gradually comes into sharper focus
(though not Snowden himself, who is apparently on the run after
exiting his luxury hotel in Hong Kong) we are faced with an
interesting dilemma.

Some of what he has claimed is clearly true and has been acknowledged.
Some of what he claims is obviously false.  And various aspects of his
claims (or at least how his claims have been interpreted) are
logically false.

There is a lingering sense that he may have grabbed and released some
materials without necessarily ever having been "read into" all of the
associated programs or understanding them in context.

We know his stated, altruistic motives.  There also seems a bit of
"martyr complex" in his behavior, but psychology isn't my specialty.

Nor am I in the "revenge, retribution, and punishment" department --
our public officials seem to have those aspects well in hand with
rather bloodthirsty calls for him to be publicly drawn and quartered
even before a full investigation and trial.

In the Snowden "true column" so far, we have the telephone metadata
collection programs, which authorities have now admitted have been
long in place.

A Republican congressman who was a key author of the PATRIOT Act has
been making a lot of hay over the last couple of days claiming that
the program is an overreach of PATRIOT authorization.

It likely was not -- and he knows it.  Such abominations in PATRIOT
have been loudly protested by civil liberties groups at every
opportunity.  The congressman knew full well what he was authorizing.
Known informally as "Mr. Impeachment," he was already calling for
Obama's impeachment before any of these current NSA stories, and was a
key force in pushing through Clinton's impeachment years ago.  Now
that he sees a political opportunity to try distance himself from the
legislative monster he created, he's trying to change history.  It
won't work.

Odds are that courts will find that the appropriate notifications were
provided to the necessary legislators, and that the abuses of privacy
represented by the NSA telco metadata program will be found to be
legal.

In the Snowden "logically false category" to date, we have the claims
(or interpretations by media and others) that the major Internet
companies have provided direct NSA access to Web company servers,
allowing the intelligence community free reign to rummage through user
data.

The firms have all categorically denied this, and it seems clear that
the PRISM program in question is actually a FISA/NSL compliance
mechanism, with all data demands individually vetted and then either
accepted or challenged by the firms.

And then there's the "obviously false" category.  Snowden claims that,
"Any analyst at any time can target anyone ... I, sitting at my desk,
certainly have the authorities to wiretap anyone -- from you or your
accountant, to a federal judge, to even the President."

Even if a 29-year-old outside firm NSA contractor had the technical
means to perform such actions on such a scale -- which seems unlikely
in the extreme -- we know with absolute certainty that he would not
have had the authority to do so.  Period.

So on this point he is certainly outright lying, exaggerating, or is
seriously misinformed.  Take your pick.

What this all means for Snowden's overall credibility remains to be
seen, but we can still draw some useful conclusions from the situation
even now.

Some pundits have declared these events the "death knell" of cloud
computing.  This is not the case, though we can stipulate that
government overuse of FISA/NSL authorizations appears to be a genuine
problem.

Cloud resource systems provide so much value to users, in terms of
capabilities and reliability among so many other factors, that it is
impossible to contemplate most consumers moving forward with
alternative models, especially considering the ever more demanding
requirements for features, storage space, and other functionalities
that consumers and businesses are demanding.

Having said that, I believe consideration should be given to providing
cloud-based document and email systems the capability to provide at
least limited locally-homed capabilities for special cases.

Various systems already come close to this.  Gmail and Google Drive
now provide excellent "offline" access capabilities, allowing
creating, reading, replying, and otherwise manipulating materials
without an Internet connection, using later connections to synchronize
data automatically.

Perhaps an additional capability could be "local sync only" -- meaning
that connections would only be used to sync the copies between local
devices, but not leave copies on the central servers.

To be clear, I don't see such an capability as being practical for
more than a limited subset of overall use cases.  Perhaps some users
would want to tag some specific documents, or correspondence with
particular parties, for handling in this manner, with the
understanding that they'd be giving up major capabilities for those
items by not being able to work with them via the full-featured Web
interfaces on central systems.

And I believe it would be entirely appropriate for services to set
reasonable limits on the use of such "local" capabilities, at least
for services being provided without fees.

But the cloud is crucial to our computing and communications futures,
and ultimately our main goal in this context must be to bring our laws
back into a real balance, where government secrecy isn't an ever
expanding default condition, and civil liberties once again attain the
stature of overriding importance that our Founding Fathers so
earnestly intended.

As is so often the case, we must deal with these issues in both the
technology and policy realms -- one or the other alone won't do, and
the tasks involved will be anything but trivial, especially in the
current political environment.

Still, the first step on this road is a realization of the scope
involved, and in that respect Snowden's NSA saga -- even given the
apparent melange of his various truths and non-truths -- has served a
useful purpose.

Now the ball is in our corner, and there's hard work ahead.

Interesting times, indeed.

--Lauren--
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren 
Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info
Founder:
 - Network Neutrality Squad: http://www.nnsquad.org 
 - PRIVACY Forum: http://www.vortex.com/privacy-info
 - Data Wisdom Explorers League: http://www.dwel.org
 - Global Coalition for Transparent Internet Performance: http://www.gctip.org
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://vortex.com/g+lauren / Twitter: http://vortex.com/t-lauren 
Tel: +1 (818) 225-2800 / Skype: vortex.com

_______________________________________________
nnsquad mailing list
http://lists.nnsquad.org/mailman/listinfo/nnsquad