Data and Goliath (60 page)

Read Data and Goliath Online

Authors: Bruce Schneier

BOOK: Data and Goliath
2.83Mb size Format: txt, pdf, ePub

organizations are less likely:
Nassim Nicholas Taleb and Constantine Sandis (1 Oct 2013), “The skin in the game
heuristic for protection against tail events,”
Review of Behavioral Economics
1, http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2298292.

Advancing technology adds:
Any complex system that is both nonlinear and tightly coupled will have catastrophic
failures. Charles Perrow (1984),
Normal Accidents: Living with High-Risk Technologies
, Princeton University Press, https://encrypted.google.com/books?id=VC5hYoMw4N0C.

If systemic imperfections:
Supposedly it’s therapeutic to think this way. Kevin Griffin (23 Sep 2011), “Step
9 of Buddhist addiction recovery: The freedom of imperfection,”
Huffington Post
, http://www.huffingtonpost.com/kevin-griffin/buddhist-addiction-recovery-step-9_b_958708.html.

If something is going to fail:
Yacov Y. Haimes (Apr 2009), “On the definition of resilience in systems,”
Risk Analysis: An International Journal
29, http://onlinelibrary.wiley.com/doi/10.1111/j.1539-6924.2009.01216.x/abstract.

resilience comes from:
Jesse Robbins et al. (Nov 2012), “Resilience engineering: Learning to embrace failure,”
Communications of the ACM
55, http://queue.acm.org/detail.cfm?id=2371297.

I am advocating for:
Some ideas are here. Warigia Bowman and L. Jean Camp (Apr 2013), “Protecting the
Internet from dictators: Technical and policy solutions to ensure online freedoms,”
Innovation Journal
18, http://www.innovation.cc/scholarly-style/warigia_camp_bowman5edits18vi1a3.pdf.

the NSA has been entrusted:
James Bamford (2002),
Body of Secrets: Anatomy of the Ultra-Secret National Security Agency
, Anchor, http://www.randomhouse.com/features/bamford/author.html.

Jack Goldsmith, a Harvard law:
Jack Goldsmith (12 Apr 2014), “Cyber paradox: Every offensive weapon is a (potential)
chink in our defense—and vice versa,”
Law
fare
, http://www.lawfareblog.com/2014/04/cyber-paradox-every-offensive-weapon-is-a-potential-chink-in-our-defense-and-vice-versa.

StingRay might have been:
Stephanie K. Pell and Christopher Soghoian (15 May 2014), “Your secret Stingray’s
no secret anymore: The vanishing government monopoly over cell phone surveillance
and its impact on national security and consumer privacy,”
Harvard Journal of Law and Technology
(forthcoming), http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2437678.

dozens of these devices:
Kim Zetter (3 Sep 2014), “Phone firewall identifies rogue cell towers trying to intercept
your calls,”
Wired
, http://www.wired.com/2014/09/cryptophone-firewall-identifies-rogue-cell-towers.
Ashkan Soltani and Craig Timberg (17 Sep 2014), “Tech firm tries to pull back curtain
on surveillance efforts in Washington,”
Washington Post
, http://www.washingtonpost.com/world/national-security/researchers-try-to-pull-back-curtain-on-surveillance-efforts-in-washington/2014/09/17/f8c1f590-3e81-11e4-b03f-de718edeb92f_story.html.

13: Solutions for Government

President Obama set up:
Richard A. Clarke et al. (12 Dec 2013), “Liberty and security in a changing world:
Report and recommendations of the President’s Review Group on Intelligence and Communications
Technologies,” US Executive Office of the President, http://www.whitehouse.gov/sites/default/files/docs/2013-12-12_rg_final_report.pdf.

“Necessary and Proportionate” principles:
Electronic Frontier Foundation (May 2014), “Necessary and proportionate: International
principles on the applications of human rights law to communications surveillance:
Background and supporting legal analysis,” https://en.necessaryandproportionate.org.

International Principles:
Electronic Frontier Foundation (5 Jan 2014), “13 international principles on the
application of human rights to communication surveillance,” https://necessaryandproportionate.org/files/2014/01/05/13p-onepagerfinal.pdf.

Since 9/11, the Bush and Obama:
To take one example, Director of National Intelligence James Clapper said, “Disclosing
information about the specific methods the government uses to collect communications
can obviously give our enemies a ‘playbook’ of how to avoid detection.” Associated
Press (9 Jun 2013), “Intelligence chief James Clapper defends Internet spying program,”
New York Daily News
, http://www.nydailynews.com/news/politics/intelligence-chief-james-clapper-defends-internet-spying-program-article-1.1367423.

And sometimes we need:
In 2014, we learned that Israel intercepted diplomatic communications between US
Secretary of State John Kerry and various countries in the Middle East. Der Spiegel
(3 Aug 2014), “Wiretapped: Israel eavesdropped on John Kerry in Mideast talks,”
Der Spiegel
,
http://www.spiegel.de/international/world/israel-intelligence-eavesdropped-on-phone-calls-by-john-kerry-a-984246.html.

Criminals can read up:
Conor Friedersdorf (18 Mar 2014), “Why isn’t the Fourth Amendment classified as top
secret?”
Atlantic
, http://www.theatlantic.com/politics/archive/2014/03/why-isnt-the-fourth-amendment-classified-as-top-secret/284439.

Yet the police regularly manage:
Remember that much of this came as a reaction to police abuse. It isn’t that the
police are less likely to abuse the rules; it’s that we’ve had longer to develop rules
to control them.

Terrorists don’t cause:
Bruce Schneier (31 Jul 2012), “Drawing the wrong lesson from horrific events,” CNN,
http://www.cnn.com/2012/07/31/opinion/schneier-aurora-aftermath/index.html.

We have to design systems:
IT security people call nontransparent security systems “security by obscurity.”
Good security design is the opposite of that: it works even if all the details are
made public. Bruce Schneier (15 May 2002), “Secrecy, security, and obscurity,”
Crypto-Gram
, https://www.schneier.com/crypto-gram-0205.html#1.

the US gave up trying:
Michael J. Selgelid (Sep 2009), “Governance of dual-use research: An ethical dilemma,”
Bulletin of the World Health Organization
87, http://www.who.int/bulletin/volumes/87/9/08-051383/en. Carl Zimmer (5 Mar 2012),
“Amateurs are new fear in creating mutant virus,”
New York Times
, http://www.nytimes.com/2012/03/06/health/amateur-biologists-are-new-fear-in-making-a-mutant-flu-virus.html.
Michael Specter (12 Mar 2012), “The deadliest virus,”
New Yorker
, http://www.newyorker.com/magazine/2012/03/12/the-deadliest-virus. Arturo Casadevall
(Jan/Feb 2014), “Redaction of sensitive data in the publication of dual use research
of concern,”
mBio
5, http://www.ncbi.nlm.nih.gov/pmc/articles/PMC3884058.

Military thinkers now realize:
Beth M. Kaspar (Aug 2001), “The end of secrecy? Military competitiveness in the age
of transparency,” Occasional Paper No. 23, Center for Strategy and Technology, Air
War College, Air University, Maxwell Air Force Base, Alabama, http://www.fas.org/sgp/eprint/kaspar.pdf.

The NSA has justified:
US National Security Agency (31 Oct 2013), “NSA’s activities: Valid foreign intelligence
targets are the focus,” http://www.nsa.gov/public_info/press_room/2013/NSA_Activities_Valid_FI_Targets.pdf.

We know from recently declassified:
In one opinion, Judge Bates held that the “NSA exceeded the scope of authorized acquisition
continuously.” Spencer Ackerman (19 Nov 2013), “FISA court order that allowed NSA
surveillance is revealed for first time,”
Guardian
, http://www.theguardian.com/world/2013/nov/19/court-order-that-allowed-nsa-surveillance-is-revealed-for-first-time.
Yochai Benkler (16 Oct 2013), “How the NSA and FBI foil weak oversight,”
Guardian
, http://www.theguardian.com/commentisfree/2013/oct/16/nsa-fbi-endrun-weak-oversight.
John D. Bates (3 Oct 2011), “Memorandum opinion,” (case title and number redacted),
US Foreign Intelligence Surveillance Court, https://www.aclu.org/files/assets/fisc_opinion_10.3.2011.pdf.
Marcy Wheeler (22 Aug 2014), “This is why you can’t trust the NSA. Ever,”
Week
, http://theweek.com/article/index/266785/this-is-why-you-cant-trust-the-nsa-ever.

The NSA has gamed the rules:
Peter Wallsten (10 Aug 2013),
“Lawmakers say obstacles limited oversight of NSA’s telephone surveillance program,”
Washington Post
, http://www.washingtonpost.com/politics/2013/08/10/bee87394-004d-11e3-9a3e-916de805f65d_story.html.

Members of Congress can’t:
Glenn Greenwald (4 Aug 2013), “Members of Congress denied access to basic information
about NSA,”
Guardian
, http://www.theguardian.com/commentisfree/2013/aug/04/congress-nsa-denied-access.

They can only bring along:
Ailsa Chang (11 Jun 2013), “What did Congress really know about NSA tracking?”
All Things Considered
, NPR, http://www.npr.org/blogs/itsallpolitics/2013/06/11/190742087/what-did-congress-really-know-about-nsa-tracking.

they’re lobbied heavily:
Ron Wyden (29 Jan 2014), “Wyden statement at Senate Intelligence Committee’s open
hearing,” http://www.wyden.senate.gov/news/press-releases/wyden-statement-at-senate-intelligence-committees-open-hearing.

Senator Dianne Feinstein:
Dianne Feinstein (28 Oct 2013), “Feinstein statement on intelligence collection of
foreign leaders,” http://www.feinstein.senate.gov//files/21/64/47/f216447/public/index.cfm/2013/10/feinstein-statement-on-intelligence-collection-of-foreign-leaders.

Congressman Alan Grayson:
Alan Grayson (25 Oct 2013), “Congressional oversight of the NSA is a joke. I should
know, I’m in Congress,”
Guardian
, http://www.theguardian.com/commentisfree/2013/oct/25/nsa-no-congress-oversight.

In 2014, I was invited:
Bruce Schneier (16 Jan 2014), “Today I briefed Congress on the NSA,”
Schneier on Security
, https://www.schneier.com/blog/archives/2014/01/today_i_briefed.html.

There’s also political risk:
Peter Wallsten (10 Aug 2013), “Lawmakers say obstacles limited oversight of NSA’s
telephone surveillance program,”
Washington Post
, http://www.washingtonpost.com/politics/2013/08/10/bee87394-004d-11e3-9a3e-916de805f65d_story.html.
Glenn Greenwald (4 Aug 2013), “Members of Congress denied access to basic information
about NSA,”
Guardian
, http://www.theguardian.com/commentisfree/2013/aug/04/congress-nsa-denied-access.

Executive Order 12333:
John Napier Tye (18 Jul 2014), “Meet Executive Order 12333: The Reagan rule that
lets the NSA spy on Americans,”
Washington Post
, http://www.washingtonpost.com/opinions/meet-executive-order-12333-the-reagan-rule-that-lets-the-nsa-spy-on-americans/2014/07/18/93d2ac22-0b93-11e4-b8e5-d0de80767fc2_story.html.
Charlie Savage and Alicia Parlapiano (13 Aug 2014), “Two sets of rules for surveillance,
within U.S. and on foreign soil,”
New York Times
, http://www.nytimes.com/interactive/2014/08/13/us/two-sets-of-rules-for-surveillance.html.
Ellen Nakashima and Ashkan Soltani (23 Jul 2014), “Privacy watchdog’s next target:
The least-known but biggest aspect of NSA surveillance,”
Washington Post
, http://www.washingtonpost.com/blogs/the-switch/wp/2014/07/23/privacy-watchdogs-next-target-the-least-known-but-biggest-aspect-of-nsa-surveillance.
Charlie Savage (13 Aug 2014), “Reagan-era order on surveillance violates rights, says
departing aide,”
New York Times
, http://www.nytimes.com/2014/08/14/us/politics/reagan-era-order-on-surveillance-violates-rights-says-departing-aide.html.

It is supposed to:
Alex Abdo (29 Sep 2014), “New documents shed light on one of the NSA’s most powerful
tools,”
Free Future
, https://www.aclu.org/blog/national-security/new-documents-shed-light-one-nsas-most-powerful-tools.

the president believed:
Marcy Wheeler (7 Dec 2007), “Whitehouse
reveals smoking gun of White House claiming not to be bound by any law,”
Empty Wheel
, https://www.emptywheel.net/2007/12/07/whitehouse-rips-the-white-house.

The example the administration:
Justin Elliott (17 Jun 2013), “Remember when the Patriot Act debate was all about
library records?”
Pro Publica
, http://www.propublica.org/article/remember-when-the-patriot-act-debate-was-about-library-records.

Eventually they decided to argue:
Mike Masnick (17 Sep 2013), “Court reveals ‘secret interpretation’ of the Patriot
Act, allowing NSA to collect all phone call data,”
Tech Dirt
, https://www.techdirt.com/articles/20130917/13395324556/court-reveals-secret-interpretation-patriot-act-allowing-nsa-to-collect-all-phone-call-data.shtml.

Even Congressman Jim Sensenbrenner:
Andrea Peterson (11 Oct 2013), “Patriot Act author: ‘There has been a failure of
oversight,’”
Washington Post
, http://www.washingtonpost.com/blogs/the-switch/wp/2013/10/11/patriot-act-author-there-has-been-a-failure-of-oversight.

“It’s like scooping up”:
Jennifer Valentino-DeVries and Siobhan Gorman (8 Jul 2013), “Secret court’s redefinition
of ‘relevant’ empowered vast NSA data-gathering,”
Wall Street Journal
, http://online.wsj.com/news/articles/SB1
000
1424127887323873904578571893758853344.

We saw this in the 1970s:
US Senate (23 Apr 1976), “Final report of the Select Committee to Study Governmental
Operations with Respect to Intelligence Activities: National Security Agency Surveillance
affecting Americans,” US Government Printing Office, http://www.aarclibrary.org/publib/church/reports/book3/pdf/ChurchB3_10_NSA.pdf.

Other books

The Ooze by R.L. Stine
Give Me Hope by Zoey Derrick
Complication by Isaac Adamson
My Wicked Little Lies by Victoria Alexander
The Gallant by William Stuart Long
WickedBeast by Gail Faulkner
Walk the Blue Fields by Claire Keegan
His Acquisition by Ava Lore