Data and Goliath (69 page)

Read Data and Goliath Online

Authors: Bruce Schneier

BOOK: Data and Goliath
4.35Mb size Format: txt, pdf, ePub

France Télécom, 79

free association, government surveillance and, 2, 39, 96

freedom,
see
liberty

Freeh, Louis, 314

free services:

overvaluing of, 50

surveillance exchanged for, 4, 49–51, 58–59, 60–61, 226, 235

free speech:

as constitutional right, 189, 344

government surveillance and, 6, 94–95, 96, 97–99

Internet and, 189

frequent flyer miles, 219

Froomkin, Michael, 198

FTC,
see
Federal Trade Commission, US

fusion centers, 69, 104

gag orders, 100, 122

Gamma Group, 81

Gandy, Oscar, 111

Gates, Bill, 128

gay rights, 97

GCHQ,
see
Government Communications Headquarters

Geer, Dan, 205

genetic data, 36

geofencing, 39–40

geopolitical conflicts, and need for surveillance, 219–20

Georgia, Republic of, cyberattacks on, 75

Germany:

Internet control and, 188

NSA surveillance of, 76, 77, 122–23, 151, 160–61, 183, 184

surveillance of citizens by, 350

US relations with, 151, 234

Ghafoor, Asim, 103

GhostNet, 72

Gill, Faisal, 103

Gmail, 31, 38, 50, 58, 219

context-sensitive advertising in, 129–30, 142–43

encryption of, 215, 216

government surveillance of, 62, 83, 148

GoldenShores Technologies, 46–47

Goldsmith, Jack, 165, 228

Google, 15, 27, 44, 48, 54, 221, 235, 272

customer loyalty to, 58

data mining by, 38

data storage capacity of, 18

government demands for data from, 208

impermissible search ad policy of, 55

increased encryption by, 208

as information middleman, 57

linked data sets of, 50

NSA hacking of, 85, 208

PageRank algorithm of, 196

paid search results on, 113–14

search data collected by, 22–23, 31, 123, 202

transparency reports of, 207

see also
Gmail

Google Analytics, 31, 48, 233

Google Calendar, 58

Google Docs, 58

Google Glass, 16, 27, 41

Google Plus, 50

real name policy of, 49

surveillance by, 48

Google stalking, 230

Gore, Al, 53

government:

checks and balances in, 100, 175

surveillance by,
see
mass surveillance, government

Government Accountability Office, 30

Government Communications Headquarters (GCHQ):

cyberattacks by, 149

encryption programs and, 85

location data used by, 3

mass surveillance by, 69, 79, 175, 182, 234

government databases, hacking of, 73, 117, 313

GPS:

automobile companies’ use of, 29–30

FBI use of, 26, 95

police use of, 26

in smart phones, 3, 14

Grayson, Alan, 172

Great Firewall (Golden Shield), 94, 95, 150–51, 187, 237

Greece, wiretapping of government cell phones in, 148

greenhouse gas emissions, 17

Greenwald, Glenn, 20

Grindr, 259

Guardian
, Snowden documents published by, 20, 67, 149

habeas corpus, 229

hackers, hacking, 42–43, 71–74, 216, 313

of government databases, 73, 117, 313

by NSA, 85

privately-made technology for, 73, 81

see also
cyberwarfare

Hacking Team, 73, 81, 149–50

HAPPYFOOT, 3

Harris Corporation, 68

Harris Poll, 96

Hayden, Michael, 23, 147, 162

health:

effect of constant surveillance on, 127

mass surveillance and, 16, 41–42

healthcare data, privacy of, 193

HelloSpy, 3, 245

Hewlett-Packard, 112

Hill, Raquel, 44

hindsight bias, 322

Hobbes, Thomas, 210

Home Depot, 110, 116

homosexuality, 97

Hoover, J. Edgar, attempted intimidation of King by, 98, 102–3

hop searches, 37–38

HTTPS Everywhere, 215, 216

Huawei, 74, 86, 182

Human Rights Watch, 96, 178

IBM, 104, 122

iCloud, 58

ICREACH, 67

identification, anonymity and, 131–33

identity theft, 116–19

iMacs, 58

imperfection, systemic, resilience and, 163–64

IMSI-catchers, 68, 165–66

independence, oversight and, 162–63, 169, 177–78

India, 76

individuals, data rights of, 192–93, 200–203, 211, 232

data storage by, 18–19

see also
mass surveillance, individual defenses against

inferences, from data mining, 34–35, 258, 259

and correlation of data sets, 40–42

error rates in, 34, 54, 136–37, 269

information fiduciaries, 204–5

information middlemen:

Internet’s empowering of, 57–58

monopolistic nature of, 57

Information Technology and Innovation Foundation, 121–22

InfoUSA, 53

Initiate Systems, 41

Instagram, 58

intelligence community, US, 67

budget of, 64–65, 80

fear and, 228

international partnerships of, 76–77

private contractors in, 80, 228

revolving door in, 80

see also
specific agencies

Internal Revenue Service, US (IRS), 137, 159

International Association of Privacy Professionals, 124

International Principles on the Application of Human Rights to Communications Surveillance,
167, 168–69

International Telecommunications Union, 106, 187

Internet:

anonymity on, 43–44, 131–33

benefits of, 8

commons as lacking on, 188–89

cyberattacks on,
see
cyberwarfare

deliberate insecurity of, 7, 146–50, 182

early history of, 119

fee-based vs. ad-based business model of, 50, 56, 206

freedom of, 107, 188

government censorship and control of, 94–95, 106–7, 187–88, 237

identification and, 131–33

information middlemen and,
see
information middlemen

international nature of, 6–7, 187–88, 209, 220–21

laws and, 220–21

as media source, 15

physical wiring of, 64

privacy and, 203–4, 230–31

traditional corporate middlemen eliminated by, 56–57

trust and, 181–82

Internet companies, transparency reports of, 207–8

Internet Movie Database, 43

Internet of Things, 15–17

Internet searches, NSA collection of data on, 22

Internet surveillance, 47–51

advertising and,
see
advertising, personalized

cable companies and, 48–49

cookies and, 47–48, 49

global, 69–71

NSA and, 62, 64–65, 78, 122, 149–50, 188, 207

ubiquity of, 32

see also
mass surveillance, corporate

iPads, 58

iPhones, 31, 42, 58

Iran:

government surveillance in, 71–72

Stuxnet cyberattack on, 75, 132, 146, 150

Iraq War, 65

IRC, 119

Israel:

mass surveillance by, 182

Stuxnet cyberattack by, 75, 132, 146, 150

US intelligence data shared with, 77

Israeli assassination team, identification of, 43

ISS (Intelligence Support Systems) World, 81

iTunes store, 57

Jawbone, 16

Jay-Z, 48

Joint Terrorism Task Forces, 69

journalists, government surveillance and, 96

JPMorgan Chase, 116

judiciary, surveillance and, 168, 170, 179–80

justice, as core American value, 230

Justice Department, US, 184, 186

Kerry, John, 101

keyboard loggers, 25

key escrow, 120–21

keyword searches, 28, 261

Kindle, 28, 59

King, Martin Luther, Jr., 237

Hoover’s attempted intimidation of, 98, 102–3

Kinsey, Alfred, database of, 44

Klein, Mark, 250, 288

Kunstler, James, 206

Kurds, 76

Lanier, Jaron, 201

Lavabit, 83–84, 209

law enforcement, state and local:

abuse of power by, 135, 160

IMSI-catchers used by, 68

location data and, 2, 243

militarization of, 184

predictive algorithms used by, 98–99, 100, 137, 159

racism in, 184

secrecy of, 100, 160

transparency and, 170

lawyers, government surveillance and, 96

legal system:

as based on human judgment, 98–99

government surveillance and, 168, 169

secrecy and, 100

Lenddo, 111, 113

Level 3 Communications, 85

Levison, Ladar, 84

liberty:

commons and, 189

as core American value, 230

social norms and, 227

liberty, government surveillance and, 6, 91–107, 184

abuses of power in, 101–5, 160, 234–35

anonymity and, 133

censorship and, 94–95, 106–7, 187–88

and changing definition of “wrong,” 92–93, 97–98

discrimination and, 103–4

fear and, 4, 7, 95–97, 135, 156–57, 171, 182–83, 222, 226, 227–30

Internet freedom and, 106–7, 188

political discourse and, 97–99

secrecy and, 99–101

security and, 135, 157–59, 361–62

ubiquitous surveillance and, 92, 97

Library of Congress, 199

Libya, 81

license plate scanners, 26–27, 40

storage of data from, 36

lifelogging, 16

Lincoln, Abraham, 229

Little Brother
(Doctorow), 217

location data, 1–3, 28, 39, 62, 243, 339

advertising and, 39–40

de-anonymizing with, 44

embedded in digital photos, 14–15, 42–43

selling of, 2

Locke, John, 210

Los Angeles Police Department, 160

LOVEINT, 102, 177

Lower Merion School District, 104

LulzSec hacker movement, 42

MAC addresses, 29

MacKinnon, Rachel, 210, 212

Madrid Privacy Declaration (2009), 211–12

Magna Carta, information age version of, 210–12

manipulation, surveillance-based, 113–16

Manning, Chelsea, 101

marijuana use, 97

MARINA, 36

Mask, The, 72

Massachusetts Group Insurance Commission, 263

mass surveillance:

algorithmic-based, 129–31, 159, 196

as automated process, 5, 129–31

dangers of, 4–5, 6

economic harms from, 6–7, 121–22, 151

false positives in, 137, 138, 140, 323–24

fatalism and, 224–25

lack of consent in, 5, 20, 51

metadata in, 20–23

minimum necessary, 158–59, 176, 211

moratorium urged on new technologies of, 211

noticing, 223

security harmed by, 7, 146–50

social norms and, 226–38

society’s bargains with, 4, 8–9, 47, 49–51, 58–59, 60–61, 158, 226, 235–38

speaking out about, 223–24

targeted surveillance vs., 5, 26, 139–40, 174, 179–80, 184, 186

transparency and, 159–61, 169, 170–71, 176

ubiquity of, 5, 26–28, 32, 40, 53, 92, 97, 224, 233

urgency of fight against, 233–35

see also
data collection; data mining

mass surveillance, corporate, 46–61, 86–87

advertising and,
see
advertising, personalized

business competitiveness and, 119–24

cost of, to US businesses, 123–24

customers as products in, 53, 58

customer service and, 47

data brokers and,
see
data brokers

discrimination and, 109–13

error rates in, 54

feudal nature of, 58–59, 61, 210–12

free services and convenience exchanged for, 4, 49–51, 58–59, 60–61, 226, 235–36

growth of, 23–24

harms from, 108–18

lobbying and, 233

manipulation and, 113–16

manipulation through, 6

market research and, 47

privacy breaches and, 116–18, 142, 192, 193–95

secrecy and, 194

see also
mass surveillance, public-private partnership in

mass surveillance, corporate, solutions for, 7, 190–212

accountability and liability in, 192, 193–95, 196–97, 202

data quality assurance and, 181, 192, 194, 202

government regulation in, 192, 196–99, 210

individual participation and, 192

and limits on data collection, 191, 192, 199–200, 202, 206

and limits on data use, 191, 192, 194, 195–97, 206

lobbying and, 209, 222–23

and resistance to government surveillance, 207–10

and respect for data context, 202

rights of individuals and, 192, 200–203, 211

salience and, 203–4

security safeguards and, 192, 193–95, 202, 211

specification of purpose and, 192

transparency and, 192, 194, 196, 202, 204, 207–8

mass surveillance, government, 5–6, 62–77

chilling effects of, 95–97

in China, 70, 86, 140, 209

cloud computing and, 122

corporate nondisclosure agreements and, 100

corporate resistance to, 207–10

cost of, 91

cost of, to US businesses, 121–23

democracy and, 6, 95, 97–99

discrimination and, 4, 6, 93

encryption technology and, 119–23

fear-based justification for, 4, 7, 95–97, 135, 156–57, 171, 182–83, 222, 226, 227–30,
246

fishing expeditions in, 92, 93

in France, 79

fusion centers in, 69, 104

gag orders in, 100, 122

geopolitical conflicts and, 219–20

global, 69–71

growth of, 24–25

hacking in, 71–74

as harmful to US global interests, 151

as ineffective counterterrorism tool, 137–40, 228

international partnerships in, 76–77, 169

lack of trust in US companies resulting from, 122–23, 181–83

liberty and,
see
liberty, government surveillance and

location data used in intimidation and control by, 2

Other books

La sombra de Ender by Orson Scott Card
The Sheep Look Up by John Brunner
Just a Flirt by Olivia Noble
A Little Help from Above by Saralee Rosenberg
The Deathstalker by Gill Harvey