Does The US Government Really Need 'Wider Latitude' To Monitor Private Networks?

from the e-Maginote-Line dept

Harvard Law Professor, and former Bush White House lawyer, Jack Goldsmith has an opinion piece today in the NYT about cyber-security. In it, he makes a number of obvious (though admittedly often overlooked) points about the need for better education and information sharing, but then asserts that those, untried, methods will not be enough. Instead, he argues, "The government must be given wider latitude than in the past to monitor private networks and respond to the most serious computer threats." For a lawyer who saw first-hand (and even wrote a book about) the excesses of the Bush administration, this is a reckless claim. The repeatedly documented violations of civil liberties by the NSA and other government agencies (not to mention their private sector compatriots) through widespread network surveillance did not serve to protect and defend US critical infrastructure. In fact, by adding legitimacy to network monitoring, scholars like Goldsmith and respected countries like the USA make it easier for less savorable regimes to justify their digital surveillance and crackdowns. While China's "Green Dam" censorship software was justified on child-safety grounds, the next iteration of liberty limiting code could very well be to stop "cyber-terrorism" or some other amorphous, ill-defined concept.

A far more level-headed approach to cyber-security is taken by Evgeny Morozov in his recent essay in the Boston Review, which points out that "[m]uch of the data are gathered by ultra-secretive government agencies—which need to justify their own existence—and cyber-security companies—which derive commercial benefits from popular anxiety. Journalists do not help. Gloomy scenarios and speculations about cyber-Armaggedon draw attention, even if they are relatively short on facts." While Goldsmith is certainly not promoting increased government intervention out of self-interest, it is not good enough to pay lip-service to privacy and network openness. Decision-makers need to recognize that certain policies and rhetoric will inevitably have dangerous, unproductive unintended consequences.

Filed Under: cybersecurity, jack goldsmith, monitoring

Massachusetts Wants GPS Driving Tax, Too

from the big-brother dept

For several years, authorities in Oregon have been pursuing a plan to put GPS units in every car in the state to track and tax drivers' mileage. Now, Massachusetts wants to get in on the act, and replace its gas tax with a mileage-based tax (via Boing Boing) generated by GPS units in cars. The state wants to ditch its gas tax because rising fuel efficiency is leading to decreasing tax revenue, so the new plan would instead charge drivers a quarter of a cent for each mile they drive. The state's governor is talking not just about boosting tax revenue, but says he likes ideas that are "faster, cheaper, simpler." It's not clear how replacing the current gas tax by forcing drivers to install GPS trackers in their cars and building an infrastructure to gather data from them, then assess and collect a mileage tax will be fast, cheap or simple. This doesn't even mention the myriad privacy concerns of giving state employees access to records of Massachusetts drivers' activity. This idea continually pops up, whether as a tax idea or a new way to charge for auto insurance -- but it never seems to hold any more value beyond a soundbite.

Filed Under: driving, gps, massachusetts, monitoring, tax

Is Nokia Demanding The Right To Spy On Its Employees?

from the or-it-will-leave-Finland? dept

There's quite a story making the rounds, suggesting that Nokia is putting significant pressure on the Finnish government, demanding that it pass a law allowing it to spy on its employees, or the company will leave Finland. Nokia is quickly denying the claim, which does seem pretty extreme. However, that doesn't mean that Nokia hasn't put political pressure on the government to pass this law. Apparently, the company has been caught multiple times illegally spying on employees, and has worked hard to get this law passed, which would legalize its actions. Despite legal experts all insisting that the law is unconstitutional, apparently the Finnish Parliament's Constitutional Law Committee has decided to move forward with it anyway -- which is what resulted in the speculation about the threat to leave Finland.

Filed Under: employees, finland, monitoring
Companies: nokia

RIAA Dumps MediaSentry, But Hires DtecNet Instead

from the the-king-is-dead,-long-live-the-king dept

Over the past few days there's been a lot of attention paid to the news that the RIAA has ended its relationship with MediaSentry, the highly controversial firm that the RIAA used to try to find those involved in file sharing. There have been various lawsuits questioning MediaSentry's techniques -- and the sheer number of falsely identified people certainly suggested pretty strongly that the company wasn't doing a particularly good job. Of course, with the RIAA's "new strategy" of abandoning lawsuits in favor of having ISPs be their enforcers, the record labels still need a company to come up with whatever flimsy evidence it can find. So, don't think the ending of the relationship means that the RIAA has stopped monitoring file sharing. Instead, it's simply switched to a new company: DtecNet out of Copenhagen.

Filed Under: monitoring
Companies: dtecnet, mediasentry, riaa

Wait, You Mean Homeland Security Isn't Already Scanning Blogs & Forums For Terrorists?

from the uh,-yikes? dept

USA Today is reporting that Homeland Security is looking to start scanning blogs, forums and message boards to try to track terrorists and terrorist activity. My first reaction to this, honestly, was shock. Shouldn't they have been doing this already? As in, for many, many years? To be fair, the article suggests that the real difference here is that in the past Homeland Security has done static searches that they check on every so often -- and now they're hoping for a more real-time solution. Even so, it strikes me as odd that Homeland Security didn't already have something that was at least close to real-time in alerting them to certain things online. For all the talk of sophisticated monitoring on internet activities, could it be that we're really that far behind in internet terrorist monitoring?

Filed Under: blogs, comments, forums, homeland security, monitoring, terrorists

UK Releases Details, But Delays, Plan To Surveil Every Bit Of Communication

from the one-more-year-to-be-free-of-draconian-rules dept

We recently noted that some articles were appearing in the UK about a plan by the government to track all phone calls, emails and internet surfing histories in that country in a giant database. The whole thing sounded so extreme we even doubted it was true. However, it appears to be based in fact, as the government is outlining the details of the plan, while at the same time agreeing to delay introducing it for at least year, in order to hear from the public (or, perhaps, to hope that public dislike of this proposal dies down enough that it can be introduced quietly). The backers of the plan stress that all they want is the data about the communications, rather than the communications themselves. So, that would mean they're interested in who called whom, not what was said, and who emailed whom, not what was written. That may be small comfort to some, but it still seems like a huge privacy violation, and the database is almost certainly to be abused and misused by those who have access to it.

Filed Under: monitoring, privacy, surveillance, tracking, uk

Germany Says P2P Company Must Proactively Monitor Content For Infringement

from the a-little-understanding-please? dept

Another day, another awful legal ruling about file sharing. This time, coming out of Germany. A German court has told file hosting company Rapid Share that it needs to proactively screen and monitor all content hosted on its site and remove any infringing files. The company already uses a hash method to screen out infringing files its been alerted to and employs six people who monitor for infringement, but the court has said that's not enough. Specifically, it notes (correctly) that an uploader need only change a file slightly to avoid the hash filter -- but then somehow makes the leap to suggesting that this becomes Rapid Share's liability. It's yet another case where judges seem to not understand where liability should lie. It should be common sense that liability lies with the user who's doing the actual infringing, rather than the platform provider -- but it seems to get mixed up way too often. Of course, in the grand scheme of things, this will have almost no impact as people will simply migrate to other sites instead.

Filed Under: copyright, file sharing, germany, liability, monitoring
Companies: rapid share

ABA Says RIAA File Sharing Watchers Shouldn't Need Private Investigators' Licenses

from the and-they're-probably-right dept

We've seen a few cases against the RIAA in which either state officials or defendants will point out that the RIAA's hired hands in tracking down file sharers -- companies like MediaSentry -- are violating state laws requiring private investigators' licenses for certain activities. Now, the American Bar Association (ABA) has put out a report suggesting that this is silly, and that states and judges shouldn't require such companies to have a PI's license. While I'm a bit surprised at myself, I actually agree with the ABA. As distasteful as the RIAA's legal strategy is, and as flimsy as the evidence is that these company's collect, going after them for not having a PI's license is focusing on a loophole, not the actual merits. And, honestly, most of these requirements for PI licenses are really just a way to create artificial scarcity in the PI business, not actually a way to ensure safety or quality. The RIAA's efforts to sue music fans have plenty of problems, but focusing on whether or not companies like MediaSentry need a PI license seems like a tangent that takes away from the bigger picture.

Filed Under: copyright, investigations, lawsuits, monitoring, private investigators license

Parents Are Never Going To Be Able To Monitor All Kids Online Activities

from the but-think-of-the-children! dept

Over the past few years, the "but think of the children!" crowd constantly talks up the importance of having parents monitor their kids' online activities, and often puts out studies like the following one, bemoaning the fact that not enough parents are monitoring their kids enough. Of course, the simple fact is that parents are never going to be able to fully monitor what their kids do online (at least without seriously pissing off their kids). If kids want to chat online, they're going to find a way to be able to do so. Perhaps rather than focusing so much on spying on everything that kids do, the focus should be more on educating them to the dangers that are out there, the laws that they should be aware of and the risks of not obeying them. We have this tendency in our society to overprotect kids, which often has the opposite effect: not preparing them properly to face the real world. Kids who understand the risks tend to make better choices online. As for those who are constantly spied on and overly protective? We'll again quote Richard Posner in one of his legal rulings:

"Violence has always been and remains a central interest of humankind and a recurrent, even obsessive theme of culture both high and low ... It engages the interest of children from an early age, as anyone familiar with the classic fairy tales collected by Grimm, Andersen, and Perrault are aware. To shield children right up to the age of 18 from exposure to violent descriptions and images would not only be quixotic, but deforming; it would leave them unequipped to cope with the world as we know it."

Parents should be aware of what their kids are doing online by talking to them about it, and helping to educate their kids on the risks they face, but that doesn't mean spying on their every move. That will only backfire.

Filed Under: education, internet usage, kids, monitoring, parents

Turns Out Drivers Not So Interested In Big Brother Style Car Insurance

from the please-don't-spy-on-me dept

Four years ago, we wrote about the concept of "Big Brother-style car insurance," where drivers would agree to have special black boxes attached to their cars which would transmit all sorts of info to the insurance company about their driving habits, including how much, when and how fast they drove. Those drivers who drove safer (or at safer "times") were offered better rates. We were actually quite surprised in 2005 to hear the company behind the most intrusive of these programs, Norwich Union in the UK, claim that the early tests were going so well that it was expanding the program. Three years later, we now learn that the "going so well" part may have only been on the insurers' side, rather than the customers' side. In a post talking about why such surveillance insurance plans are a bad, bad idea, the EFF also points out that Norwich Union has just ditched its offering, noting that... well... almost no one signed up. Turns out that people aren't so keen to sign up for Big Brother Brand car insurance after all. The "going well" part was actually all just wishful thinking, as the company says that it thought people would sign up only to discover that they didn't.

Filed Under: driving, gps, insurance, monitoring