One of the things that civil liberties activists like to lament about is that the general public seems to care more about Google and Facebook using their personal data to target advertising than the government using it to target drone strikes.
The reality is that both types of abuse are dangerous, and they work hand in hand.
It’s hard to find a more perfect example of this collusion than in a bill that’s headed for a vote soon in the U.S. Senate: the Cybersecurity Information Sharing Act, or CISA.
CISA is an out and out surveillance bill masquerading as a cybersecurity bill. It won’t stop hackers. Instead, it essentially legalizes all forms of government and corporate spying.
Here’s how it works. Companies would be given new authority to monitor their users — on their own systems as well as those of any other entity — and then, in order to get immunity from virtually all existing surveillance laws, they would be encouraged to share vaguely defined “cyber threat indicators” with the government. This could be anything from email content, to passwords, IP addresses, or personal information associated with an account. The language of the bill is written to encourage companies to share liberally and include as many personal details as possible.
That information could then be used to further exploit a loophole in surveillance laws that gives the government legal authority for their holy grail — “upstream” collection of domestic data directly from the cables and switches that make up the Internet.
Thanks to Edwards Snowden, we know that the NSA, FBI, and CIA have already been conducting this type of upstream surveillance on suspected hackers. CISA would give the government tons of new domestic cyber threat indicators to use for their upstream collection of information that passes over the Internet. This means they will be gathering not just data on the alleged threat, but also all of the sensitive data that may have been hacked as part of the threat. So if someone hacks all of Gmail, the hacker doesn’t just get those emails, so does the U.S. government.
The information they gather, including all the hacked data and any incidental information that happens to get swept up in the process, would be added to massive databases on people in the U.S. and all over the world that the FBI, CIA, and NSA are free to query at their leisure. This is how CISA would create a huge expansion of the “backdoor” search capabilities that the government uses to skirt the 4th Amendment and spy on Internet users without warrants and with virtually no oversight.
All of this information can be passed around the government and handed down to local law enforcement to be used in investigations that have nothing to do with cyber crime, without requiring them to ever pull a warrant. So CISA would give law enforcement a ton of new data with which to prosecute you for virtually any crime while simultaneously protecting the corporations that share the data from prosecution for any crimes possibly related to it.
There’s little hope for ever challenging this system in court because you’ll never know if your private information has been shared under CISA or hoovered up under a related upstream collection. In a particularly stunning display of shadyness, the bill specifically exempts all of this information from disclosure under the Freedom of Information Act or any state, local, or tribal law.
http://thehill.com/blogs/congress-blog/technology/249521-cisa-the-dirty-deal-between-google-and-the-nsa-that-no-one-is
DIRTY DEEDS The New NSA Spying Hootenany With Geo Spatial Engineering
No comments:
Post a Comment