NSA Hooking Up Ominously Named 'Perfect Citizen' To Watch The Internet
from the not-so-perfect dept
Recalling the old plans for the "Total Information Awareness" system from nearly a decade ago (which eventually was scrapped -- at least publicly -- after widespread outrage), apparently the NSA is setting up a top secret new internet surveillance program with the ominously creepy name "Perfect Citizen." The NSA, of course, is quick to claim that the program is just for "research" purposes, to assess vulnerabilities and capabilities, but not everyone is buying that explanation.Part of the problem, of course, is the tremendous secrecy around it. Jim Harper does a good job making the case that much of this program should be public, and blames Congress for falling prey to "cyberwar" hype in not forcing the details of this program to be publicly scrutinized:
If there is to be a federal government role in securing the Internet from cyberattacks, there is no good reason why its main components should not be publicly known and openly debated. Small parts, like threat signatures and such--the unique characteristics of new attacks--might be appropriately kept secret, but no favor is done to any potential attackers by revealing that there is a system for detecting their activities.Harper's points are worth repeating. He's not saying saying that the government shouldn't be looking for potential threats or vulnerabilities, but that many of the details should be public. It's fine to keep some aspects secret, but keeping the entire program secret inevitably means that it will be less effective. On top of that, even if it's officially just for "assessment" at this time, we've all seen how government programs morph and change over time (especially to political will) -- especially when it comes to monitoring. Or do we need to remind everyone how often the feds have admitted to violating the law with wiretaps?
A cybersecurity effort that is not tested by public oversight will be weaker than ones that are scrutinzed by private-sector experts, academics, security vendors, and watchdog groups.
Benign intentions do not control future results, and governmental surveillance of the Internet for "cybersecurity" purposes may warp over time to surveillance for ideological and political purposes.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cyberwar, nsa, perfect citizen, privacy, surveillance, transparency
Reader Comments
Subscribe: RSS
View by: Time | Thread
A perfect name choice?
I guess they didn't want to be sued for copyright infringement and get a DMCA for using the name "Big Brother"...
[ link to this | view in thread ]
A couple of things...
2. Does it make sense that, given how much secrecy surrounds Perfect Citizen, the fact that we've now heard about it means it's likely already in operation?
3. What relation does this program and/or technology have to the Echelon SIG/INT project?
4. What are the data retention policies? If they're housing personal information or private communications at Ft. Meade, how long do they keep it?
5. The key to our Democratic principles has ALWAYS been public oversight of government and military institutions. Given that NSA (No Such Agency) employee records are classified, they're budget is classified, they're director is a military General, they report to the DoD, that they've participated in warrantless wiretaps dating back to the Nixon administration, that they do public transaction data mining, what public oversight is there over the NSA?
[ link to this | view in thread ]
This is the true purpose for this cybersecurity nonsense. and as evidence look how coerced the MSM outside the Internet is.
Important information gets censored and often times only one side of various issues gets presented, despite the indefensible nature of those positions. It was even much worse before the current prominence of the Internet, to the extent that the MSM doesn’t blatantly lie to us now it’s only because the Internet will no longer let them get away with it. Even NPR is a joke.
I don't trust our government and I have many very good reasons not to. The laws in this country ensure that the American public is constantly lied to, brainwashed, not told the whole story, is only told one side of the story, and has tons of important information censored from them.
America is the government granted monopoly capital of the world and yet the mainstream media constantly proclaims it to be a free market capitalistic society.Do you want these lies to continue?
[ link to this | view in thread ]
Re: A couple of things...
Yes.
[ link to this | view in thread ]
considering what you left out on that story, would you care to mention some of the things you forgot in this story too?
[ link to this | view in thread ]
Perfect Citizen
[ link to this | view in thread ]
"to detect cyber attacks on private companies running critical infrastructure like the electricity grid or nuclear plants. All companies have to do is let the NSA deploy a bunch of sensors within their networks..."
- sounds nothing like capturing all your traffic for some Big Brother action.
[ link to this | view in thread ]
Re: A couple of things...
Since we are a Republic the sign of a responsible government is the redressability of its citizens with the structures that have power. As you rightly point out we have no oversight in the NSA but it doesn't stop there.
Try our say in the Pentagon, which is probably the most powerful organization on Earth. The FBI, CIA, EPA, the list of governing agencies with complete power over our lives is staggering. Something is broken within our Republic and that is without a doubt our ability to question what all these organizations are really doing and then making changes if we discover it necessary.
As long as we are missing that redressability the common citizen will remain a pawn of the wealthy and powerful.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
http://www.infowars.com/feds-plan-nsa-cyber-shield-for-utilities-companies/
[ link to this | view in thread ]
http://www.infowars.com/feds-plan-nsa-cyber-shield-for-utilities-companies/
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
1. What the hell is Raytheon doing with an INFOSEC contract?
2. This isn't public internet monitoring, this is a much needed seperate internet grid for vital national utilities which provides monitoring across that grid.
[ link to this | view in thread ]
Re:
You have the name of the poster. Do a "#%!* search and make your own conclusions. Or is this blog your only source of information?
[ link to this | view in thread ]
Re:
I can only guess, as I don't work for Raytheon, or indeed, in the Defence Contracting business at all, but...
My guess is that only one of the Big 3 defense contractors can stomach the cost of the paperwork to get a DoD contract these days. I'd also guess that the secrecy requirements of any such contract would overwhelm anybody else. The Big 3 defense contractors have had 50 or 60 years of "boiling frog" experience with secrecy and compartmentalization, and have become accustomed to working in a near vacuum.
At another level, part of me wants to say that the DoD is nothing more than an unauditable way to funnel money to some new ruling elite, and that the Big 3 defense contractors can do this sort of thing without raising very many eyebrows due to their already existing HR departments that are used to doing clearances, and hiring "qualified" people to do what amounts to hourly work.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
Security through obscurity works *so* well after all.
[ link to this | view in thread ]
Re:
Many cryptographic protocols are open and public, and yet, no (serious) vulnerabilities have been found. The fact that they are open is actually a good thing. It means that many more people will try to crack it. If they succeed, at least you know you can scrap that protocol (since it is not secure). If you hide it, you'll never know if the protocol is actually secure.
Your pin number analogy is also wrong. What they are hiding is the method (in banking terms, it would be the DES algorithm, the most commonly used cryptographic algorithm in bank transactions...at least that's what I was told). The PIN is what they are trying to protect (i.e., you). At least, that's what they claim.
[ link to this | view in thread ]
I agree with Mike Masnick
What types of information are gathered and how long they are stored (and yes said information that is not involved in an investigation should be destroyed after a set amount of time) should definitely be among the things they tell the public about. We aren't asking to know what super secret technique the government is using (probably just shaking down the ISPs anyway), but it would be nice to know that mountains of our private information, belonging to innocent Americans no less, is sitting at the fingertips of the most power government on the planet with no expiration date, no controls on what data can be gathered, and no oversight. And this is just the start. When they boost their original budget of $100 mil into the billions range and open that data up to other purposes then it will be probably be too late. And when we get a super conservative republican in office... and maybe when the House and the Senate are controlled by conservative Republicans, what then?
Who will guard the guards?
[ link to this | view in thread ]
WIll NSA Need A Warrant To Admit Internet Infor to Court?
In 2008 Telecoms were granted government immunity after they helped U.S. Government spy on millions of Americans’ electronic communications. Since, Government has not disclosed what happened to NSA’s millions of collected emails, faxes and phone call information that belong to U.S. Citizens? Could those wiretaps perhaps illegal, become a problem for some Americans? Neither Congress nor the courts—determined what NSA electronic surveillance could be used by police or introduced into court by the government to prosecute Citizens.
In 2004, former Attorney General John Ashcroft asked government prosecutors to review thousands of old intelligence files including wiretaps to retrieve information prosecutors could use in “ordinary” criminal prosecutions. That was shortly after a court case lowered a barrier that prior, blocked prosecutors from using illegal-wire tap evidence in Justice Dept. “Intelligence Files” to prosecute ordinary crimes. It would appear this information, may also be used by government to prosecute civil asset forfeitures.
See: http://www.securityfocus.com/news/5452
Considering that court case, it appears NSA can share its electronic-domestic-spying with government contractors and private individuals that have security clearances to facilitate the arrest and forfeiture of Americans’ property—-to keep part of the bounty. Police too easily can take an innocent person’s hastily written email, fax, phone call or web post out of context to allege a crime or violation was committed to cause an arrest or asset forfeiture.
There are over 200 U.S. laws and violations mentioned in the Civil Asset Forfeiture Reform Act of 2000 and the Patriot Act that can subject property to civil asset forfeiture. Under federal civil forfeiture laws, a person or business need not be charged with a crime for government to forfeit their property. In the U.S., private contractors and their operatives, work so close with police exchanging information, to arrest Americans and or share in the forfeiture of their assets, they appear to merge with police.
Rep. Henry Hyde’s bill HR 1658 passed, the “Civil Asset Forfeiture Reform Act of 2000” and effectively eliminated the “statue of limitations” for Government Civil Asset Forfeiture. The statute now runs five years from when police allege they “learned” that an asset became subject to forfeiture. With such a weak statute of limitations and the low standard of civil proof needed for government to forfeit property “A preponderance of Evidence”, it is problematic law enforcement and private government contractors will want access to NSA and other government wiretaps perhaps illegal and Citizens’ private information U.S. Government agencies glean monitoring the Internet, to arrest Americans and to seize their homes, inheritances and businesses under Title 18USC and other laws. Of obvious concern, what happens to fair justice in America if police and government contractors become dependent on “Asset Forfeiture” to pay their salaries and operating costs?
Under the USA Patriot Act, witnesses including government contractors can be kept hidden while being paid part of the assets they cause to be forfeited. The Patriot Act specifically mentions using Title 18USC asset forfeiture laws: those laws include a provision in Rep. Henry Hyde’s 2000 bill HR 1658—for “retroactive civil asset forfeiture” of “assets already subject to government forfeiture”, meaning "property already tainted by crime" provided “the property” was already part of or “later connected” to a criminal investigation in progress" when HR.1658 passed. That can apply to more than two hundred federal laws and violations.
[ link to this | view in thread ]
Are we that stupid?
Hey Obama - This isn't the change we voted for, this is just more of the same BS we got from the last moron in your office.
[ link to this | view in thread ]