(Not) Another brick in the wall - Cyber security & Big Brother
We live in an age where privacy and individual rights are at stake and are constantly threatened. For years we've been told that it was necessary to trade our liberties for more security but the question than needs to be answered is: how far can this go? Is it sustainable to allow the government, security agencies, financial institutions, credit score companies, collection companies and other subjects collect any sort of data about private individuals without their knowledge?
Picture from the movie "1984" |
Is true democracy one where people are afraid to speak their mind because their personal communications are monitored?
We should probably rethink of the definition of democracy, because what we post online remains there virtually forever. How long can the rights of the American people be threatened, diminished and crushed in the name of an ambiguous notion of cyber security and, more importantly, is it worthwhile? Politicians advocate for a wider control on private communications to counter the increasing number of incidents, but do all these monitoring activities actually realize a better security?
As reported by Damon Beres, a recent decision on net neutrality has established that the Internet is a public utility and neither service providers nor governments can take it down for political reasons. The Internet is like Antarctica: doesn't have any borders, doesn't belong to any countries or governments and no one can legally seize or censor it. Therefore, if the cyber criminals don't reside in the U.S. (as it is in most cases), they can't be prosecuted. If no real deterrent can be used against cyber crimes, why should we give up on our rights in the name of an ineffective counter offense?
President Obama has recently announced the creation of a new intelligence agency and new regulations. Part of Obama's proposed plan includes prosecuting anyone who sells networks of compromised computers (botnets), spyware (spying software, software that tracks your surfing activities), and malware (malicious software); updating the Racketeering Influenced and Corrupt Organizations (RICO) Act to include cyber-crimes; and modernizing the Computer Fraud and Abuse Act to prosecute people who access information they shouldn't. This is but a totally ineffective militarized response and not an actual solution.
As Will Yakowicz points out, juridical and technical reasons make the proposed solution impractical and ineffective. Cyber terrorists try to create networks of compromised PCs (botnets), which they use to attack a certain server or website. Even though the compromised PCs (zombies) might be in the US, the attacker usually isn't and they can't be prosecuted.
Taking down botnets is technically impractical, as well. Yakowicz has interviewed Joel Brenner, former senior counsel at the National Security Agency, who observed that the Internet Service Providers could dismantle the botnets, "but taking them down might disrupt subscribers' communications, and service providers don't want a customer revolt (...)".
Yakowicz also points out that the proposed legislation adopts a too wide concept of hacker and cites the case of Aaron Swartz, an Internet activist who committed suicide because prosecuted for accessing and sharing scholarly articles. The proposed plan is but a shot in the dark and the government knows it.
Snowden's revelations have shown that we don't have to worry only about hackers but also about the very subjects supposed to protect our security.
NSA, FBI and other agencies have monitored all American citizens, regardless of a criminal investigation, but it's very questionable whether this has or has not delivered a higher security.
Myriam Dunn Cavelty claims that "despite concerted efforts and increasing sums of money spent on various aspects of cyber-security over the years, cyberspace does not seem to become more secure—rather the opposite". She points out that cyber security involves different parties (corporate users, governments, individual users, customers etc.) and each one of them has different needs and notions of security. On the other hand, cyber attacks and threats have become more dangerous and frequent, motivating an increasing number of states to create 'cyber-commands', i.e. military units for (potentially offensive) cyber war activities. This creates a security dilemma "(...) where efforts by one actor (traditionally, states) to enhance its security decrease the security of others (...)".
What really seems to be at stake is a power struggle between government and corporate sector. With the words of Gregg Levine, U.S. intelligence was able to collect almost limitless amounts of data from the likes of AT&T and Verizon, "but that electronic surveillance has made many in the private sector nervous. The likes of Google and Apple want to be able to promise their users — U.S. citizens, but more to the point, multinational companies — that private information, personal communications and proprietary business secrets are safe from both hackers and the government's prying eyes".
The two positions aren't always opposed. Intelligence agencies and large corporations are interested in the Big Data. Corporations want it to predict what customers could be interested in buying in the future. Intelligence agencies can monitor suspected individuals, by tracking down their social media accounts, their browsing activity, etc.
Large corporations, especially Internet Service Providers (ISPs), monitor their customers, too, and must report to law enforcement if their customers use their accounts for illegal activities. Google has recently reported a sex offender for uploading child porn material to its Gmail. Samantha Murphy Kelly reports that Google's Terms of Service and the policy statements explicitly state that the company's "automated systems analyze your content, including emails, (...) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored." Our privacy is also endangered by our careless attitude. Recent researches about cyber security have shown that the most popular passwords are password and 123456. We rely on technology, share our information to the Internet, handle our banking accounts and purchase goods online and upload so much about us (family pictures, opinions, comments, hangovers etc.) thinking we are safe and that's our information and no one can see it or handle but us. Things are not exactly this way.
Every time we sign up to a social media or file sharing website, we electronically sign an agreement called Terms of Service (ToS) that defines the supplied services and our obligations towards the service provider. It's such a hassle, isn't it?
Lawyer's stuff that nobody reads but we should. When signing up to Facebook, the user hands over their personal information to Zuckerberg's company, which legally becomes its owner but most people keep thinking that's their information, regardless.
If we rely so heavily on technology, we should probably rethink of all this and learn the basics, to make sure not to get the bank account hacked, or our identity stolen and to keep our jobs.
We rely more and more on technology but most people don't have a clue how it really works. They think they're tech-savvy because they can push a button to post the latest bulls on Facebook but using technology isn't knowing technology. Knowing something means to be aware of what's under the hood and why an action causes a reaction. Most of us know why turning a key starts a car but lots of people don't know basic computer notions. If I pulled up a command line right now, someone would think I'm a hacker, not knowing it is the core behind all they see in a computer. The graphical interface they utilize every day is a user-friendly simplification but the command line is what makes their computers work.
Pink Floyd, The Wall. Rock and Roll Hall of Fame, Cleveland, OH |
The question that should be asked at any level is: is this situation sustainable anymore? Can this world afford to have an elite of technocrats holding the keys to knowledge and an unlearned mass of consumers who only have to eat, consume and die?
Knowledge is power and an informed citizen is an empowered citizen. A dictatorship can thrive as long as the citizen base is uniform, docile and dumb.
We're living the so-called Information Age but it's rather the Disinformation Age. Political organizations and large corporations own most newspapers, TV news and media and all the information they supply is biased, one way or another. They leverage on our laziness, but this hurts all of us.
An endless information database is available online and we can use it to compare and judge for ourselves what's true and what's propaganda. The Internet is information we can use to improve our lives and protect our rights and our privacy.
Pink Floyd, The Wall. Rock and Roll Hall of Fame, Cleveland, OH |
We can adopt simple precautions, such as avoiding to hand over personal information (e.g. Social Security Number) to any website requesting it, unless it's strictly necessary (e.g. for a job application, or in case of a governmental website such as IRS).
Don't always choose the easiest option because that's what corporations and government want. They count on our laziness and try to make all of us dumber and dumber to control us better.
Information is power, let's embrace it.
Don't be another brick in the wall.
Comments
Post a Comment