Connect with us

Government

Internet companies write: “we need to know” letter to Washington

Today, 60 of the world’s major internet companies like Google and Facebook, advocacy groups like the Electronic Frontier Foundation and investors including Y Combinator have written to  Washington urging the administration to allow more transparency following the recent disclosures detailing extensive federal surveillance programs of global internet users.

Published

on

Yesterday, 60 of the world’s leading internet companies including Google and Facebook, the advocacy organisations ACLU and The Electronic Frontier Foundation and technology investors, including Y Combinator wrote to the US administration urging for more transparency to be allowed, following the recent revelations regarding the PRISM surveillance program first published in The Guardian and Washington Post.

With the existing legislation, Internet Service Providers and other Web companies can be compelled to provide the government with the metadata of customers, yet at the same time they are often prevented from acknowledging those requests. A number of companies have published vague information about these FISA (Foreign Intelligence Surveillance Acts) requests in recent months, including Google, Microsoft and Yahoo, yet the internet firms are prevented by law from publishing specific details of these requests.

“Basic information about how the government uses its various law enforcement–related investigative authorities has been published for years without any apparent disruption to criminal investigations. We seek permission for the same information to be made available regarding the government’s national security–related authorities.”

— We Need To Know Transparency Letter: July 18 2013

We Need to Know Transparency Letter

The 63 signatories on the letter sent this week say the US government should ensure that the internet firms entrusted with users security and privacy are allowed to report the statistics illustrating the number of government requests made under the PATRIOT Act and FISA, as well as the number of accounts or individuals impacted and figures reflecting instances in which the contents of phone calls or emails are recovered.

External links & references

  1. Patriot Act : Wikipedia
  2. FISA : Wikipedia
  3. Raytheon predict a RIOT: redcert.com
  4. Snowdens Message Buried in Mud  
  5. NSA leaks coverage at RT News
  6. Prism: coverage at the Guardian
  7. We Need To Know : Transparency letter

Education

McAfee’s Digital Divide Survey: Parents in the dark

It’s no surprise to read in McAfee’s Digital Divide survey that teenagers are hoodwinking their parents, that’s unlikely to stop any time soon. The difference for teenagers now though, is the internet never forgets.

Published

on

Source
Original version of this article published in the Irish Independent, November 7, 2013Irish Independent

It’s no surprise to read in McAfee’s Digital Divide survey that teenagers are hoodwinking their parents, that’s unlikely to stop any time soon. The difference for teenagers now though, is the internet never forgets. The ten percent of teenagers surveyed who posted an embarrassing photo, or the twelve percent who used foul language may have a long time to reflect on their embarrassment. And that embarrassment could follow them to a new school, college or job. Online, the world is watching and you can be judged by your past behaviour for a lifetime.

Digital learning initiatives like tablets in schools and emerging MOOCs, Massive Online Open Courses are transforming education and the potential for learning so it’s disturbing to read in McAfee’s survey that a third of parents have resorted to taking away their teens mobile devices or computers, counter-productive in the extreme. Neither is avoidance the answer. Parents appear to be in denial and exhibiting a trust that was not granted to my generation and platitudes from teenagers should be treated cautiously as half of teenagers are doing things online that their parents would not approve of.

When I was a student Civics was taught to imbue good citizenship but as we transition to a society with a growing population of digital natives there is a greater need for good digital citizenship, I would suggest even a dedicated course, ideally in the Junior Cycle curriculum. We don’t just need to teach children how to write apps and study using digital technology, we need to teach them how to be safe and sensible, and how what they say and do online can impact themselves and others emotionally, socially and even professionally. Parents must accept responsibility for the development of their children as digital citizens by providing supervision and taking an active, but unobtrusive, part in their children’s online lives. I’m not suggesting a digital version of peeking in the teenage diary, but parents generally, are interested in who their children are friends with and where they are after dark, and they should be interested in what their children are doing online. Installing monitoring software on a child’s computer would be a step too far and may even hinder the development of a teenager’s technical ability, but open discussion in the classroom and at home brings a sense of reality to digital life that is often lacking in the consciousness of teenagers who treat so much of online interaction in a way akin to playing a video game, allowing them to dissociate themselves from offensive behavior, sometimes with tragic outcomes.

Good initiatives like McAfee’s Online Safety for Kids are a great start, but there’s some distance to go and the school curriculum and parents must be part of the answer to the development of the teenage digital native. Human nature being what it is, teenagers will behave better when you keep an eye on them, because they know you’re watching, and their parents should be watching, because the rest of the internet is.

 

External links & references

  1. McAfee launch Online Safety for Kids programme : MerrionStreet.ie
  2. McAfee Digital Divide Survey : McAfee.com
  3. Twitter & the trolls : redcert.com
  4. The school curriculum : don’t ask.fm me why : redcert.com
  5. Pilot scheme launched in Wales : BBC News
  6. Redcert.com survey : should Digital Civics be on the school curriculum? 
Continue Reading

Government

Open data, does not mean losing our data. Get it?

Not much time passes between reports of another authority, company or agency losing someone’s data. Spying or intelligence agencies nosing around your data is one thing, I’m referring to how people are losing our data the old fashioned way; laptop, train home, oops. Laptops, tablets and USB keys – all of them it seems appear to be dropping out of sight, and control at an alarming rate the world over. I know we live in the era of open data – but someone needs to explain that means sharing data, not leaving it in a pub lavatory.

Published

on

Not much time passes between reports of another authority, company or agency losing someone’s data. Spying or intelligence agencies nosing around your data is one thing, I’m referring to how people are losing our data the old fashioned way; laptop, train home, oops. Laptops, tablets and USB keys – all of them, appear to be dropping out of sight, and control at an alarming rate the world over. I know we live in the era of open data – but someone needs to explain that means sharing data, not leaving it in a pub toilet.

Last week I did a radio piece with Will Faulkner on Midlands Radio.  Specifically we were looking at a report by Fiachra O’Cionnaith of The Examiner where following a Freedom of Information request, it was revealed that from January 2009 to Dec 2012,  69 devices owned or controlled by Ireland’s Health Service Executive (HSE) went missing, of which 61 of which have since been deemed stolen, this included 15 laptops presumed stolen in a single incident in the Midlands, in 2009. More than 50 had ‘sensitive’ data and, 20 were not encrypted. That’s a device lost or stolen, every three weeks.

“Somebody needs to be held accountable. Considering the previous assurances given in 2008, this is totally unacceptable.”

— Irish Patients’ Association chairman Stephen McMahon

Given the quote from Stephen McMahon above by I recalled a blog post I’d read a few years ago. So I got to browsing and found the excellent posts from 2008 & 2009 by John Lawlor of Trinity College in Dublin. John made the point contemporaneously that it was time everyone who was in control of:

personal private information, whether in the public or private sectors, took this issue seriously and started taking immediate, practical and effective steps to secure the data they store and control.

Alas, no-one acted on John’s good advice, which even went as far as including some pointers on encryption, from commercial to open-source and the practicalities around data-protection and security. Did anyone share blog posts then? Does anyone say “that makes sense, I’ll raise that at the monthly staff meeting – but I bet we have something in place already”; sad fact is, you don’t. Or if you do, no ones’ bothering to do what they should. Which is worse?

Using Cloud Computing to Build Next-Generation Government Services

In a previous post (regarding a private sector company, PA Consulting, who managed to lose data on thousands of criminals) John Lawlor referred to controlling access to internet storage sites as agency employees could create another vulnerability by using services like Gmail or Hotmail for storing data. Good advice at the time, and a there was indeed  a trend for ‘send it to yourself’, at the time. The gigabtye (and counting…) of storage was new – and huge for its time. Five years on things have changed. Well, the technology landscape has changed, the indifference of employees entrusted with our data appears much the same. Cloud services have evolved radically, and it is now practical and safe to store confidential data using a cloud service.

I’m not suggesting that government agencies upload something like patient data to Dropbox or Skydrive; in fact commercial cloud services vary widely on how they treat our data, for example Skydrive and Apple explicitly reserve the right to scan your data, sometimes with embarassing consequences. as experienced by a German photographer. What I am suggesting is that as we talk up the opportunities of Cloud computing, as a job-creator and cost solver, we also use it to solve some data protection challenges. SpiderOak, a company I particularly like offer personal, business and enterprise cloud services whereby your data is encrypted before you upload to the cloud, so they don’t know what your storing with them.  EMC run the clever and cost effective Mozypro, and Accellion offer FIPS 140-2 compliance services to stat authorities.

If you’ve got mobile devices with sensitive data, using Mobile Device Management software you can ensure important data is encrypted. If it’s stolen or lost the device can be wiped. And if you’re unsure whether it was stolen or lost or just where it is, by using a GPS boundary, you can ensure the device is wiped if it moves more than say, a mile from your office or 50 metres from an employees home. Waheed Qureshi the founder of Zenprise said to me last year, ‘people lose their tablets yes, but there’s no excuse for losing your data.’ Citrix and Good Technology amongst others, make this cost-effective, and more importantly, easy to do.

I’ve been a laptop user for more than a decade – and I’ve never lost one. Not one. I’ve never lost a tablet or a smartphone. Am I remarkably careful, security conscious and St Anthony is watching me? Maybe it’s just because I paid for them, myself. Cost = care. And care for our data, or it will cost, you and us.

External links & references

  1. Litany of HSE data breaches : Irish Examiner
  2. List of UK government data losses : WIkipedia
  3.  Laptop Theft and Data Loss By Irish Healt
  4. h Service Executive : John Lawlor, 2009
  5. Microsoft & Skydrive uploads : WMPowerUser.com
  6. My secret crush on big data : redcert.com

 

Continue Reading

Government

Prism: It’s been hiding in plain sight

Well, here it is. After weeks, months, and even years, the scandal has arrived. The scandal that may forever tarnish the Obama presidency: Prism, the top-secret NSA surveillance program that has been harvesting data from nearly every social network service and the world’s leading internet companies. Your personal information and mine and that of everyone you know is being hoovered up and examined and gleaned for whatever information the NSA considers pertinent. This is governmental overreach at its worst. An overwhelming example of the “Power corrupts; absolute power corrupts absolutely” adage.

Published

on

Well, here it is.  After weeks, months, and even years,   the scandal has arrived.  The scandal that may forever tarnish the Obama presidency:  Prism, the top-secret NSA surveillance program that has been harvesting data from nearly every social network service and the world’s leading internet companies.  Your personal information and mine and that of everyone you know is being hoovered up and examined and gleaned for whatever information the NSA considers pertinent.  This is governmental overreach at its worst. An overwhelming example of the “Power corrupts; absolute power corrupts absolutely” adage.

Even President Obama, who campaigned on being the antithesis of George W. Bush and everything he stood for, is not immune to its pull.  Had this occurred during Obama’s first term, I would have to give serious consideration to something I swore, from the day I turned eighteen, I would never do:  abstain from voting in a Presidential election.  This, to me, is an absolute dealbreaker.

And yet, I don’t feel the outrage that is very much justified coming from the media or the populace.  On Yahoo! News this morning the first Prism-related article was an astounding 55 headlines in, one of only three on the entire page, which seemed to be dominated by WWDC speculation and television gossip.  Network news has given it little more than a cursory glance.  On most of the major news channels the story garnered perhaps five minutes of coverage per half-hour, the ironic exception being the opinion programs of that liberal bastion MSNBC, which stayed on the story slightly longer.  Hours upon hours of news coverage has been spent on tempests-in-teacups like the IRS and Benghazi.  Now here’s the real thing being handed to them on a plate, and the response has been superficial at best.  It’s touched on briefly and then abandoned.

The reaction of the average citizen is even more frustrating.  Most people either just shrug as if to say “It’s not surprising but it’s out of my hands,” or they take the stance of  “Well, if that’s what it takes to catch the bad guys, so be it.”  Where is the attention and the anger this story deserves?  Is this the “boy who cried ‘wolf'” effect?  Have we all become so overloaded with pseudo-scandals that we fail to see the genuine article when it’s right in front of us?  Has Edward Snowden given up his life and, most likely, his freedom for nothing?  Is he martyring himself for the good of a public that just doesn’t seem to give a damn?

“NSA is focussed on getting intelligence wherever it can by any means possible… Increasingly we see that it’s happening domestically. The NSA specifically targets the communications of everyone, it ingests them by default, it collects them in its system and it filters them and it analyses them and it measures them and it stores them for periods of time … While they may be intending to target someone associated with a foreign government or someone they suspect of terrorism, they’re collecting your communications to do so. Any analyst at any time can target anyone…”

— Edward Snowden

It would be nice to think this is being done just for purposes of national security (although the effectiveness of this type of blanket surveillance is questionable), but honestly, do we really think it’ll stop there?  What else could this information be used for?  Could you suddenly find yourself under the scrutiny of your insurance company for a condition for which you haven’t even sought treatment?  Or perhaps for your choice of weekend past-time, such as rock-climbing or motorcycle racing?  The stories of the FBI tracking library records have been around for decades — what types of records could they be keeping now?  Is there a file on you out there somewhere, detailing your Facebook posts, your Google searches, the YouTube videos you watch . . . and the  other types of videos you watch?  This is the very definition of a slippery slope.

Right now this story is relatively self-contained, but the vastness of this violation of privacy is such that it   will be abused.  There are probably abuses and plans for abuses happening right now as you read this.  When those stories are exposed — when it finally becomes clear that your private life is anything but — will people’s indignation finally be awakened?  And will it come too late to spark change? I’m watching…they’re watching.

External Links & References

  1. NSA’s Prism Surveillance Program:  How It Works and What It Can Do
  2. UP with Chris Hayes on MSNBC
  3. Why Edward Snowden is a hero : John Cassidy @ New Yorker Blog
Continue Reading

Popular

Copyright © 2014 redcert.com

Skip to toolbar