Confidentiality and mass surveillance

These are preliminary notes based on collaborative research in the Digital Security and Awareness folder at Zotero. This post is not legal advice and is offered for educational purposes only.

James Risen and Laura Poitras report in the New York Times on February 15, 2014: “Andrew M. Perlman, a Suffolk University law professor who specializes in legal ethics and technology issues, said the growth of surveillance was troubling for lawyers. […] “Given the difficulty of finding anything that is 100 percent secure, lawyers are in a difficult spot to ensure that all of the information remains in confidence.”” [1]

In an April 2008 article in the Oregon State Bar Bulletin, T.H. Nelson and Mark J. Fucile write: “As a general proposition, when a lawyer knows or reasonably suspects that communications are being intercepted by the government (whether legally or not), the lawyer needs to take steps such as face-to-face meetings with clients and disabling cell phones or pagers that might otherwise be subject to electronic surveillance or tracking that would allow advance placement of “bugs.” [2]

T.H. Clarke and L.D. Andara, writing for a LexisNexis blog on July 24, 2013 suggest “the client needs to be informed of the risks inherent in all communications, and to give their informed consent to proposed modes of communication having been advised of the potential risks.” [3]

Kurt Opsahl and Trevor Timm, writing at the EFF Deeplinks blog on June 21, 2013, suggest that the risks include: “In sum, if you use encryption they’ll keep your data forever. If you use Tor, they’ll keep your data for at least five years. If an American talks with someone outside the US, they’ll keep your data for five years. If you’re talking to your attorney, you don’t have any sense of privacy.” [4]

Larson and Shane report in the New York Times on September 5, 2013 that the NSA “has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show.” [5]

Timberg and Soltani report in The Washington Post on December 13, 2013 that “[e]ven with strong encryption, the protection exists only from a phone to the cell tower, after which point the communications are decrypted for transmission on a company’s internal data network. Interception is possible on those internal links, as The Washington Post reported last week.” [6]

Dominic Rushe reports in the Guardian on August 14, 2013: “People sending email to any of Google’s 425 million Gmail users have no “reasonable expectation” that their communications are confidential, the internet giant has said in a court filing.” [7]

Ed Pilkington reports in the Guardian on February 2, 2014, per the Committee to Protect Journalists (CPJ), that “the NSA could develop the capability to recreate a reporter’s research, retrace a source’s movements and listen in on past communications,” and according to CPJ internet advocacy coordinator Geoffrey King, “[i]t could soon be possible to uncover sources with such ease as to render meaningless any promise of confidentiality a journalist may attempt to provide.” [8]

According to Mikki Barry on September 10, 2013: “As attorneys, each one of us should be screaming bloody murder about this potential breach of attorney/client privilege at its very core. It’s not that it is “possible” to get our privileged information, our work product through Google Apps, both the “metadata” and the content of our correspondence, etc., it has already happened, and continues to this day. We KNOW our communications have been compromised. The question now is what to do about it.” [9]

Nadia Kayyali writes at the EFF Deeplinks blog on February 22, 2014: “The American Bar Association has responded to these allegations by urging the NSA to clarify its procedures for minimizing exposure of privileged information” and “ABA president James R. Silkenat writes in his letter to NSA Director Keith Alexander: “The attorney client privilege is a bedrock legal principle of our free society.”” [10]

References:
Read the rest of this entry »

Advertisements

a philosophy of technology

The use of digital technology is rapidly increasing across higher education, [1] but knowledge, concerns, and literacy related to digital security and privacy vary greatly among consumers of digital media. [2]

During this era of rapid transition in our society, there is a broad spectrum of concern about digital security and privacy, including potential impacts on personal and professional levels, as well as social justice movements and democratic systems of government. [3]

Literacy related to digital security and privacy is now a threshold competency for participation in higher education today. [4]

* This post reflects collaborative research and discussion with my classmates Brian J. Davidson and Gabe Gossett, and was developed as background research for class projects in November and December 2013.

Read the rest of this entry »

The Digital Divide

This post is an exploration and critique of a May, 2008 article entitled “Closing the Digital Divide:7 Things Educators Need to Do” [pdf] by Ian Jukes, The InfoSavvy Group and Tim McCain, Cystar.

Read the rest of this entry »

“a carnival house of mirrors”

via the Wired blog Threat Level on August 13, 2008:

Despite a recent high-profile vulnerability that showed the net could be hacked in minutes, the domain name system — a key internet infrastructure — continues to suffer from a serious security weakness, thanks to bureaucratic inertia at the U.S. government agency in charge, security experts say.

If the complicated politics of internet governance continue to get in the way of upgrading the security of the net’s core technology, the internet could turn into a carnival house of mirrors, where no URL or e-mail address could be trusted to be genuine, according to Bill Woodcock, research director at the nonprofit Packet Clearing House.