Document Sample
Privacy Powered By Docstoc
					IT, Security & Surveillance
       January 31, 2006
     New Century, New Risks?
• Development in information technologies has
  fundamentally changed the global environment
  for individual & state security: its perception,
  maintenance and the nature of its threat.
• Ontological insecurity: a profound emotional
  uneasiness about one’s safety and security, or
  even one’s existence. A term coined by R.D.
• A new feeling of fear and impending catastrophe.
• Security has become a central political, societal
  and economic issue.
• The need for safety vs. the need for freedom:
  How to balance between the two?
                 IS 376: Information Technology &   2
                      Society Lecture Notes
Changing Nature of Surveillance in
      the Information Age
• A heavy (in some cases, exclusive)
  reliance on modern information and
  communication technologies (ICTs).
• Shift from centralized state informational
  power to dispersed assemblage (although
  the state keeps its powerful presence).
• Shift from targeting specific individuals to
  categorical suspicion, and from individuals
  to networks and organizations.
               IS 376: Information Technology &   3
                    Society Lecture Notes
               Social Sorting
• Categorical suspicion: someone is in the
  suspect category because he/she belongs to a
  particular category or group.
• Social categorizing: a discriminatory
  mechanism to classify people based on
  superficial social-demographic or other criteria.
• “Racial” profiling: typically along “Arab” lines
• Other types of profiling: e.g., particular
  behavioral patterns; communication &
  purchasing activities; religious groups.
                  IS 376: Information Technology &    4
                       Society Lecture Notes
Perspectives on Surveillance (1)
• Big Brother (by George Orwell, Nineteen Eighty-Four,
  Published in 1949): A dictator in Occana, a totalitarian
  state, that keeps everybody under complete surveillance
  (via a telescreen) at all times. The “thought police” co-
  ordinate the monitoring effort of the state in order to
  maintain social order and conformity.
• Panopticon (Michel Foucault, Discipline and Punish,
  published in 1975): a prison design in which visibility of
  inmates are maximized by enabling the guards in the
  central tower to watch the prisoners at all times without
  being seen.
   – New surveillance technologies, some argue, have created an
     “electronic panopticon” for modern societies.

                      IS 376: Information Technology &            5
                           Society Lecture Notes
Perspectives on Surveillance (2)
• Surveillant assemblage: a term proposed by Haggerty
  and Ericson (2000) to describe the evolving mechanisms of
  surveillance techniques and technologies.
• With the latest developments of new information and
  communication technologies, discrete electronic monitoring
  systems can be combined to provide for exponential
  increases in the degree of surveillance capacity, both by
  the state and extra-state institutions.
• The “disappearance of disappearance”: it is increasingly
  difficult for individuals to maintain their anonymity or stay
  away from monitoring mechanisms.
• A series of discreet flows about individuals is reassembled
  in different locations to achieve an unprecedented level of
  surveillance over those individuals.
                     IS 376: Information Technology &       6
                          Society Lecture Notes
     Surveillance is Omnipresent
• CCTV cameras in public places
    – There are about 3,000 surveillance cameras in
      Manhattan, NYC
    – The city of Chicago has at least 2,000 surveillance
      cameras in its neighborhoods.
•   Iris-scans at the airports
•   DNA databanks by law enforcement agencies
•   Fingerprint databases by federal agencies
•   Other technologies: smart cards, face-recognition,
    biometrics, automatic number plate recognition
    (ANPR), etc.
                     IS 376: Information Technology &       7
                          Society Lecture Notes
Surveillance: Important Legislations
• Espionage Act of 1917
• Communications Act of 1934
• The Omnibus Crime Control Act of 1968
• Foreign Intelligence Surveillance Act of 1978
• Electronic Communications Privacy Act of
• Communications Assistance for Law
  Enforcement Act of 1994
• USA Patriot Act of 2001
• Homeland Security Act of 2002
                IS 376: Information Technology &   8
                     Society Lecture Notes
      Espionage Act of 1917
• Passed shortly after the United States
  entered WWI.
• Intended to suppress dissent in time of
• It authorized the surveillance and
  wiretapping of German delegations to the
  United States.

              IS 376: Information Technology &   9
                   Society Lecture Notes
  Communications Act of 1934
• “No person not being authorized by the sender
  shall intercept any communication and divulge
  or publish the existence, contents, substance,
  purport, effect or meaning of such interrupted
  communication to any person.”
• Federal agents, however, argued that the law
  did not apply to them because they were not
  divulging information.
• The Supreme Court ruled in 1937 that
  wiretapping prohibitions did apply to the Federal
                 IS 376: Information Technology &   10
                      Society Lecture Notes
  Court Rulings Against Wiretapping: Two
             Milestone Cases
• In Berger vs. New York, the Supreme Court
  sided with Berger in ruling that the New York
  State wiretapping statute was unconstitutional
  because it did not provide for adequate
  – The statue did not specify the crimes for which
    wiretapping was permitted, the places or the people
    that could be tapped, or the time limitation on
• In Katz vs. U.S. of the same year, the Supreme
  Court declared that wiretapping was a violation
  of the Fourth Amendment.

                  IS 376: Information Technology &        11
                       Society Lecture Notes
The Omnibus Crime Control Act of 1968
• In response to the decisions in the previous two
  cases, Congress passed the Act to allow
  wiretapping in domestic circumstances under
  very limited conditions.
  – To protect the nation from attacks and protect
    national security from foreign powers;
  – To protect the Government against any clear and
    present danger.
• Wiretapping was allowed for the first time with a
  court order.
• Agents had to prove “probable cause.”
                  IS 376: Information Technology &    12
                       Society Lecture Notes
 Foreign Intelligence Surveillance
            Act of 1978
• Allowed for electronic surveillance and
  physical search of a foreign power.
• It limited its application to U.S. persons.
• No “probable cause” was needed if it
  involved a foreign power.

               IS 376: Information Technology &   13
                    Society Lecture Notes
Electronic Communications Privacy
            Act of 1986
• ECPA stipulated that online (electronic)
  communications are protected. It extended
  government restrictions on wiretapping to
  transmissions of data by computers, cell phones
  and other electronic devices.
• It also protects messages stored on computers.
• The Act, however, is significantly weakened by
  the USA Patriot Act.
• Only against government agencies, not private
                IS 376: Information Technology &   14
                     Society Lecture Notes
• The Communications Assistance for Law
  Enforcement Act (CALEA). Passed by Congress
  in 1994, and came into force in 1995.
• It is intended to aid law enforcement in its effort to
  conduct surveillance of citizens via digital
  telephone networks.
• The Act requires telephone companies to make it
  possible for law enforcement agencies to tap any
  phone conversations carried out over its
  networks, as well as making call records
• The act also stipulates that it must not be possible
  for a person to detect that his or her conversation
  is being monitored by the respective government
  agency.           IS 376: Information Technology &   15
                      Society Lecture Notes
            USA Patriot Act (1)
• Passed 45 days after the 9/11 terrorist attacks on the
• The Act gave government investigators the ability to
  look into personal phone and Internet records on the
  basis of being "relevant for an on going investigation
  concerning international terrorism or clandestine
  intelligence activities", rather than probable cause as
  outlined in the Fourth Amendment.
• So government agencies do not need “sufficient
  evidence” (i.e. probable cause) to show that somebody
  is involved in some kind of terrorist activities in order to
  wiretap or collect other information in relation to the
• Several amendments have already been made by
                     IS 376: Information Technology &            16
                          Society Lecture Notes
            USA Patriot Act (2)
• The Act greatly expanded the scope of traditional tools of
   – Traditionally, pen register and trap and trace are used without
     having to obtain court order to intercept phone calls. The Act
     allows more sophisticated tools to trace personal
• The type and amount of information the government can
  obtain has been vastly increased.
• Increased information-sharing between law enforcement
  and intelligence agencies.
• Secret searches: the government can conduct secret
  searches without notifying the subjects.
• Several provisions of the Act expired on Dec. 31, 2005.
  The government is seeking further renewal.
                      IS 376: Information Technology &            17
                           Society Lecture Notes
• Terrorism Information and Prevention System:
  an initiative proposed by the Bush Administration.
• Designed as a national system for reporting
  suspicious, and potentially terrorist-related
  activity, and originally intended to be started in
  August 2002.
• TIPS volunteers, to be in the millions, were to be
  recruited primarily from among those whose work
  provided access to homes, businesses or public
  transport systems.
• However, Congress voted this initiative down in
  November 2002.
                 IS 376: Information Technology &   18
                      Society Lecture Notes
                    HSA (1)
• The Homeland Security Act was signed by
  President Bush on November 25, 2002.
• It created a new Cabinet-level Department of
  Homeland Security (DHS) that consolidated 22
  agencies into one department with 170,000
• One of the Department’s main roles is to access,
  receive and analyze information collected from
  sources including intelligence agencies, law
  enforcement, and the private sector in order to
  identify and assess terrorist threats.
                 IS 376: Information Technology &   19
                      Society Lecture Notes
                     HSA (2)
• It will also produce “watch lists” which contain
  names of persons suspected of some
  involvement in terrorism, though not wanted for
• The HSA included the Cyber Security
  Enhancement Act, which has a provision that
  expands the ability of ISPs to voluntarily disclose
  information to government officials. The content
  of e-mail messages or instant messages can be
  given to a government official in an emergency,
  without requiring a factual basis stated for the
  emergency or imminent threat of injury
                  IS 376: Information Technology &   20
                       Society Lecture Notes
             ECHELON (1)
• Created by the US National Security Agency
• A global electronic surveillance system that
  captures and analyzes virtually every phone
  call, fax, email and telex message sent
  anywhere in the world.
• Other countries participating in the system
  include: Britain, Australia, New Zealand, and
                IS 376: Information Technology &   21
                     Society Lecture Notes
                  ECHELON (2)
• How it works:
   – Intercept stations are positioned all over the world to
     capture all satellite, microwave, cellular and fiber-optic
     communications traffic
   – The information is processed through the NSA super
     computers using technologies like advanced voice
     recognition and optical character recognition (OCR), and
     looking for code words or phrases
   – Intelligence analysts at each of the “listening stations” then
     analyze the messages and forward the results to the
• In addition to being used for anti-terrorist purposes,
  ECHELON has been knowingly used for political
  spying (on the opponents and unpopular
  groups/activists) and commercial espionage.
                     IS 376: Information Technology &         22
                          Society Lecture Notes
• Was developed by the FBI to intercept any
  suspicious online message.
• It uses a common technology called
  packet sniffer to monitor network activities.
• As of 2005, the FBI has opted for more
  sophisticated commercial software for the
  same purpose.

               IS 376: Information Technology &   23
                    Society Lecture Notes
• A database created by the Pentagon to track domestic
  terrorist threats against the military.
• It contains “raw, non-validated” reports of “anomalous
  activities” within the United States.
• Its stated purpose is “to assemble, process and analyze
  suspicious activity reports to identify possible terrorist
  pre-attack activities.”
• It provides a mechanism to collect and rapidly share
  reports by “concerned citizens and military members”
  regarding suspicious incidents.
• Counterintelligence Field Activity, or CIFA, created in
  February 2002 by the Pentagon, funds and manages this

                    IS 376: Information Technology &      24
                         Society Lecture Notes
         Campus Surveillance
• In August 2005, the U.S. government (FCC) extended the
  reach of CALEA passed in 1994 that requires hundreds of
  universities, online communications companies and cities
  to overhaul their Internet computer networks to make it
  easier for law enforcement authorities to monitor e-mail
  and other online communications.
• The law requires institutions to become compliant within
  18 months of the decision.
• Estimated costs for college campuses come at $7 billion,
  which will come at the expense of student tuitions.
• Fiercely resisted by university administrators.
• Compliance with the law is estimated to increase college
  tuition by about $450 annually.
• Still an ongoing issue.
                   IS 376: Information Technology &    25
                        Society Lecture Notes
General Concerns and Criticisms
The government wants us to believe that seeking superior
technologies is the best solution to fighting terrorism. But many
experts argue that these measures will only result in pervasive
surveillance of the general public, yet they will not actually
enhance security in the purported campaign against terrorists.
Here are an incomplete of common criticisms:

– Not effective, and easy to exploit;
– Subject to abuse and misuse;
– Too much information; and the information already existed in one form or
  another already prior to these measures;
– Lack of oversight from independent parties over these programs;
– Unprecedented scope of domestic surveillance;
– Lack of justifications for most measures;
– Lack of openness and public involvement;
– Crucial resources are wasted to pull away law enforcement from key
– Unconstitutional.
                     IS 376: Information Technology &                  26
                          Society Lecture Notes