The tech web has been abuzz this week about what has been dubbed “Heartbleed,” a code exploit in the OpenSSL encryption system, which could have allowed hackers and cyberterrorists to access login credentials from some of the biggest websites in the world over the last two years. Lists were quickly constructed to explain to users which sites were affected and which passwords they needed to change immediately.
It turns out the NSA has known about the Heartbleed vulnerability for years, but never warned anyone that millions of Americans’ online identities could be at risk. Indeed, not only did they not sound the alarm, the NSA used the bug to access those online accounts in its already questionable surveillance activities.
The news, detailed in excellent fashion yesterday by Jason Pye in this space, that around 5 pm Friday — after many on the Hill had left their offices — the Obama administration formally relinquished involvement/control over the internet to the Internet Corporation for Assigned Names and Numbers, or ICANN, was met with what has become a trademark in analysis of this current executive office: confusion.
Why would this administration quietly make a move like this now when — despite the loud and dire warnings of net neutrality enthusiasts — the internet is working pretty well by most standards of measurement (i.e. is free and open, relatively cheap, easily accessible, and rarely plagued by massive outages)?
Admittedly, ICANN has been a huge player in managing Internet architecture since it was created in 1998 as something like a quasi-governmental non-profit that would take control of the technical maintenance of root servers as well as managing all the unique identifiers associated with surfing the web — IP addresses, domain names, registries and the like. So it’s not like government is handing control over as much as they’re just stepping back and letting ICANN assume all responsibility when the contract expires with the group in 2015. Isn’t less government involvement in the business of the internet desirable?
What happens when businesses aren’t able to provide the service that customers were promised? That’s right: customers get mad.
The Electronic Frontier Foundation (EFF) has published a report indicating that the National Security Agency’s massive surveillance programs aren’t simply putting an end only to our privacy rights; they are also causing major damage to the economy.
Once revelations surfaced and the public was made aware that the spying programs were collecting phone and Internet data from average Americans, major sectors of the U.S economy started to feel the financial damage caused by the loss of consumer confidence. According to EEF, companies that have been compromised by the revelations regarding the surveillance programs are watching as U.S. trade partners simply distance themselves to avoid any potential problems or even lawsuits in the future.
Vodafone, a major European company, was on its way to becoming a sister company to AT&T, whose desire to purchase the European giant was well documented, until the moment details concerning the NSA’s data-collection programs came to light. According to the Wall Street Journal, AT&T could face major issues trying to purchase Vodafone since the company has been under scrutiny for participating in the NSA’s surveillance programs.
Rep. James Sensenbrenner (R-WI), the author and primary sponsor of the USA PATRIOT Act, announced on Wednesday that he would introduce legislation, the USA FREEDOM Act, to end the National Security Agency’s bulk collection of Americans’ phone and Internet metadata.
“My view of the PATRIOT Act hasn’t changed,” said Sensenbrenner at a Cato Institute conference on NSA surveillance.
“What has changed is what two administrations, Bush 43 and the Obama Administration, have done after I left office as chairman of the [House] Judiciary Committee and did not have my tart oversight pen to send oversight letters that usually were cosigned by Congressman [John] Conyers, then-the ranking member, to the Justice Department, and specifically acting like a crabby, old professors when they were non-responsive in their answers,” he explained.
Sensenbrenner has become a fierce critic of the NSA’s surveillance techniques, referring to them as “excessive and un-American” in a letter to Attorney General Eric Holder. The NSA has justified the bulk data collection through a controversial provision of the PATRIOT Act. He contends that the NSA is defying congressional intent as the provision, Section 215, allows intelligence agencies to seize records related to an actual investigation into terrorist activity.
There is a focus, and rightly so, on what the U.S. reaction to the crises in Syria will be — if anything — from the perspective of how strong the United States looks on the world stage, and what that means as regards our relationships with long-standing allies. These are important considerations.
But Syria may have something else to teach us that is just as timely and relevant as the ubiquitous relevance of international relationships and war games. The country, along with the other hotbed of unrest Egypt, is the Petri dish of the Internet “killswitch.” (Read: what happens when the government controls access to the Internet and decides a population has had enough of communication and information gathering. Yeah. Scary.)
The Internet is a decentralized global network, designed to be resilient and hard to take down. But it’s still possible to black out a certain area, or even an entire country, disconnecting it from the rest of the world.
That’s what happened in Egypt in 2011 and three times in Syria in just the last year…does Syrian President Bashar al-Assad’s regime have stronghold over the country’s Internet access? Most likely yes, according to experts.
The National Security Agency’s Internet communications surveillance is so vast that it can reach nearly 75% of all online communications, according to a report from the Wall Street Journal.
President Barack Obama has gone to great lengths recently to downplay the NSA’s surveillance apparatus, telling Americans that the government isn’t spying on them and publicly discussing reforms that would protect privacy. But the Wall Street Journal’s report indicates that the snooping programs do in fact retain both email and phone communications between American citizens.
“The system has the capacity to reach roughly 75% of all U.S. Internet traffic in the hunt for foreign intelligence, including a wide array of communications by foreigners and Americans. In some cases, it retains the written content of emails sent between citizens within the U.S. and also filters domestic phone calls made with Internet technology, these people say,” noted the Wall Street Journal.
“The NSA’s filtering, carried out with telecom companies, is designed to look for communications that either originate or end abroad, or are entirely foreign but happen to be passing through the U.S.,” the paper added. “But officials say the system’s broad reach makes it more likely that purely domestic communications will be incidentally intercepted and collected in the hunt for foreign ones.”
Last week on The Diane Rehm Show, Susan Crawford, former special assistant to President Obama for science, technology, and innovation policy, claimed that China “makes us look like a backwater when it comes to [broadband] connectivity.” When she was asked how this could be, Ms. Crawford responded:
It happened because of [Chinese industrial] policy. You can call that overregulation. It’s the way we make innovation happen in America.
Ms. Crawford is wrong on the facts and the philosophy.
The Actual Facts
Two months ago, Ms. Crawford’s former employer, the Office of Science and Technology Policy, released a report with these conclusions:
Unless you’ve been living under a rock, you know the National Security Agency (NSA) has been using a program called PRISM to collect “metadata,” under a broad interpretation of Section 215 of the PATRIOT Act, to spy on Americans’ phone records and online data, even if they aren’t accused or suspected of a crime.
These revelations are nothing new, actually; we are just now getting the details. A YEAR AGO, Spencer Ackerman (@attackerman) reported at WIRED’s Dangerroom:
“On at least one occasion,” the intelligence shop has approved Sen. Ron Wyden (D-Ore.) to say, the Foreign Intelligence Surveillance Court found that “minimization procedures” used by the government while it was collecting intelligence were “unreasonable under the Fourth Amendment.”
At the time, Cato Institute’s Julian Sanchez elaborated:
“The standard procedure for FISA surveillance is that “large amounts of information are collected by automatic recording to be minimized after the fact.” The court elaborated: “Virtually all information seized, whether by electronic surveillance or physical search, is minimized hours, days, or weeks after collection.”
Internet Analogies: Twice as Many Americans Lack Access to Public Water-Supply Systems than Fixed Broadband
After abandoning the “information superhighway” analogy for the Internet, net neutrality advocates began analogizing the Internet to waterworks. I’ve previously discussed the fundamental difference between infrastructure that distributes commodities (e.g., water) and the Internet, which distributes speech protected by the First Amendment – a difference that is alone sufficient to reject any notion that governments should own and control the infrastructure of the Internet. For those who remain unconvinced that the means of disseminating mass communications (e.g., Internet infrastructure) is protected by the First Amendment, however, there is another flaw in the waterworks analogy: If broadband Internet infrastructure had been built to the same extent as public water-supply systems, more than twice as many Americans would lack fixed broadband Internet access.
As the U.S. Postal Service closes 53 processing plants to trim $2 billion from its bloated budget, government officials - who earlier floated ideas to suspend Saturday service - look for other ideas to balance their budget. While USPS handles 40 percent of all the mail delivered in the world, it lost $15.9 billion last year with revenues of $65 billion. What’s more, its unfunded pension liabilities are nearly $50 billion.
Instead of privatizing the postal service - which would allow it to compete with FedEx and UPS, who seem to be able to make profits even up against a subsidized postal service - a California city councilman is proposing a tax on email as a fix:
Berkeley City Councilman Gordon Wozniak brought up taxing emails during a recent council meeting. He suggested the money collected, which would be part of a wider-reaching Internet tax, could be used in Berkeley’s case to save the local post office.
“There should be something like a bit tax,” he said during the March 5 meeting. “I mean, a bit tax could be a cent per gigabit and they would make, probably, billions of dollars a year.”
Plus, he said, there should be a “very tiny tax on email.”