Category Archives: Privacy

They Don’t Get It, Local Edition

Posted on by
Reply

In an article about police’s increasingly routine use of automatic scanners,

which can be affixed to police cars, bridges, or building to amass millions of digital records on the location and movement of vehicles…includ[ing] such details as location and license plate numbers[,]

comes this little tidbit.

The Mesquite Police Department, in Texas, has vehicle records stretching back to 2008, though the city plans to begin deleting files older than two years.

“There’s no expectation of privacy” for a vehicle driving on a public road or parked in a public place, said Lt Bill Hedgpeth, a police spokesman.  It’s just a vehicle.  It’s just a license plate.”

There’s also no expectation that police—our employees—will surveill us constantly, building a permanent database (some might say, a dossier) on us while on an idle fishing expedition, for future prurient curiosity.  There’s no expectation that government—our employee—will track our movements, and thereby track our meetups, and with whom, just because it feels like it.

Obamacare Hub and Privacy

Posted on by
Reply

Courtesy of Senator Max Baucus (D, MT)—President Barack Obama isn’t the only politician appreciating the joys of greater flexibility after a last election—we get the following concerning Obamacare’s ability to pry into the private affairs of American citizens.

Baucus had asked HHS to provide “a complete list of agencies that will interact with the Federal Data Services Hub,” the agency of Obamacare that is responsible for determining eligibility, exemptions, grant sizes, and so on related to the delivery of Obamacare…services.

The Hub will, it turns out, draw from the Social Security Administration, the IRS, the Department of Homeland Security, the Veterans Administration, Office of Personnel Management, the Department of Defense, and the Peace Corps and it will suck data from the states’ Medicaid databases.

That’s a broad reach of information feed to support determining who’s buying insurance and who needs to be finedtaxed or subsidized.

Here’s a subset of the personal, private information being collected by the Federal government on every individual American:

Social Security numbers, income, family size, citizenship and immigration status, incarceration status, and enrollment status in other health plans….

Of course, the Feds aren’t going to actually store those data, or so they claim.  They’ll only “securely transmit” those data.

Sure.  Never mind that the Feds’ regulatory notice filed last winter was for

a new “system of records” that will store names, birth dates, Social Security numbers, taxpayer status, gender, ethnicity, email addresses, telephone numbers on the millions of people expected to apply for coverage at the ObamaCare exchanges, as well as “tax return information from the IRS, income information from the Social Security Administration, and financial information from other third-party sources.”

They will also store data from businesses buying coverage through an exchange, including a “list of qualified employees and their tax ID numbers,” and keep it all on file for 10 years.

All of those data listed above, plus a potful more, will be collected by the Hub.  And retained, apparently under the fiction that 10 years is just temporary storage solely for “secure transmission.”

And all of that temporarily stored information can be bruited about at will without so much as a fare-thee-well to the information’s owners—us private citizens.  The following can have our data without notice:

agency contractors, consultants, or grantees…need[ing] to have access to the records…as well as law enforcement officials….

Of course, it’s the Feds’ definition of “need,” not ours; it’s against the Feds’ evident lack of interest in safeguarding this information of ours that they’re collecting:

  • A [GAO] report found that weaknesses in IRS security systems “continue to jeopardize the confidentiality, integrity, and availability of the financial and sensitive taxpayer information.”
  • A separate Inspector General audit found that the IRS inadvertently disclosed information on thousands of taxpayers between 2009 and 2010.
  • In 2011, the Social Security Administration accidentally released names, birth dates and Social Security numbers of tens of thousands of Americans.

Where’s the NSA when we need it?  Oh, wait….

A Whistleblower

Posted on by
Reply

I offered this first as a comment to a Spiegel Online article.  Here it is with slight modifications to support its stand-alone status here.

Edward Snowden, of Verizon metadata and PRISM outing fame, thinks of himself as a whistleblower, and so do many who agree with him that the US’ PRISM program and its program for collecting metadata from cellphone providers are terribly wrong programs.

I agree that the programs are anathema to individual liberty.  However, the programs are legal under US law.  The only question here is whether the programs’ limits and checks are being honored–and that’s a matter of trust, since the programs and its procedures are secret.  That secrecy and the need for that blind trust in Government (not just the Obama administration, but any Government) form a large part of my dismay over the programs.

However, the programs’ legality mean Snowden cannot be a whistleblower; he’s simply a man who has illegally revealed classified data to the public.

What about civil disobedience, then?  Is he practicing this honorable means of protest of a government behavior to which he objects?

There are many legal avenues of calling legitimate attention to these flawed programs, including, for instance, any of the several formal whistleblower and Inspector General facilities to which he could have taken his case.  Given the damage already done by these programs (stipulating arguendo that damage to individual liberty has been done) any additional damage done through the delays of going through these legitimate programs would have been quite trivial.  Yet Snowden eschewed these programs and went directly public.  From within a foreign country.

Were this an act of civil disobedience, it would have had to satisfy two criteria: he would have had first to exhaust his legal remedies.  As I noted, he chose not to do so.

Secondly, he would have to have been willing to face the consequences of his actions.  It is, after all, those consequences and their absurdity in the face of the disobedience and the thing over which the disobedience is occurring that give force and credibility to the disobedience.  Snowden’s reason for being in Hong Kong, as stated by him, is to avoid facing those consequences.

If Snowden truly believes that what he has done is just, he must return to the US and face the outcomes of his actions in open court.  Let him make his case in front of the American people (where he’ll find no small measure of support) and convince our representatives in that court case–the jury of his peers–that his act was justified.

Of course he risks not being supported by our representatives, that jury, as there also are a large number of Americans who disagree with what he has done.

Snowden’s flight and so far refusal to return indicates he’s unwilling to take that risk, that he does not have the courage of his convictions.  In that case, Snowden did not commit an act of civil disobedience; he is simply a small man who is placing his ego above justice.

Some Thoughts on the PRISM “Fact Sheet”

Posted on by
Reply

DNI James Clapper, over the weekend, declassified and released a Fact Sheet on the just revealed PRISM project.  PRISM is represented as an internal government IT program whose purpose is to gather

foreign intelligence information from electronic communication service providers under court supervision, as authorized by Section 702 of the Foreign Intelligence Surveillance Act….

under which

All such information is obtained with FISA Court approval and with the knowledge of the provider based upon a written directive from the Attorney General and the Director of National Intelligence.  In short, Section 702 facilitates the targeted acquisition of foreign intelligence information concerning foreign targets located outside the United States under court oversight.

As some might expect, I have some thoughts on the program as described in the Sheet.

The Fact Sheet first addressed in general terms the collections themselves.

The “provider” (Yahoo!, Facebook, et al.) is required to provide the data, but the source of the requirement is confusing to me.  FISA Court approval (I’ll elide how we know, given the secrecy of the Court and associated proceedings, that the Court approved, or under what parameters), but direction of the AG and the DNI, is my point of confusion here: is the requirement a Court order requested by the AG/DNI, or is it an order by the AG/DNI that is merely sanctioned by the Court?  In the open world of police work and prosecuting attorneys, neither the police nor the prosecutor can direct a man to submit to a search that has been sanctioned by a court.  The search has to be pursuant to a warrant explicitly issued by the court, albeit in response to request for one by the police/prosecutor—and supported by a showing of probable cause.

Next, must the AG and the DNI jointly request/order delivery of the information, or can either do this?

On the matter of targeting (there’s that term…) individuals:

The Government cannot target anyone under the court-approved procedures…unless there is an appropriate, and documented, foreign intelligence purpose for the acquisition (such as for the prevention of terrorism, hostile cyber activities, or nuclear proliferation) and the foreign target is reasonably believed to be outside the United States.

What level of proof must be offered the FISA Court to support an allegation of a foreign intelligence purpose?  Just the bald claim?  Probable cause (which must underlie that other search warrant)?  Some other standard?

Next, what is the definition of “reasonably believed?”

On the matter of oversight:

[T]he notion that…activities are not subject to internal and external oversight is similarly incorrect. Collection of intelligence information…is subject to an extensive oversight regime, incorporating reviews by the Executive, Legislative, and Judicial branches.

How do we know the degree or efficacy of the oversight?  It’s secret.  Note, though, that the dishonesty of the present administration only emphasizes this concern.  It’s government secrecy here that raises the question, not Obama “transparency.”

The Fact Sheet then moved on to the FISA Courts.

All FISA collection…is overseen and monitored by the F ISA Court, a specially established Federal court comprised of 11 Federal judges appointed by the Chief Justice of the United States.

It’s a Federal court whose judges are not vetted and approved by the Senate, as Constitutionally provided.  They seem, then, not to be Article III judges.  How, then can they be Federal judges?

No risks here.

On “targeting” approvals:

The FISC [FISA Court] must approve targeting and minimization procedures…prior to the acquisition of any surveillance information.

How do we know the limits are being honored?  It’s a secret process.

On those minimization procedures:

Minimization procedures [require that] the dissemination of information about US persons is expressly prohibited unless it is necessary to understand foreign intelligence or assess its importance, is evidence of a crime, or indicates a threat of death or serious bodily harm.

Whose judgment of necessity?  Is the FISA Court involved in this subsequent determination, or are these judgments left to the Intelligence community?

The Fact Sheet then moved to the other government branches’ involvement.

On Congress’ involvement:

The DNI and AG provide exhaustive semiannual reports assessing compliance with the targeting and minimization procedures.

How do we know the reports are truthful?  The underlying data are classified.  Moreover, given the blatant stonewalling of this administration concerning the provision of data and testimony concerning the IRS, Fast and Furious, the free press attacks, the Benghazi disaster, and so on, on what basis do we conclude the underlying data would be available to a classified Congressional hearing in a timely manner?  Note that the stonewalling of the present administration only emphasizes this concern.  It’s government secrecy here that raises the question, not Obama “transparency.”

On the Executive Branch leadership involvement:

The Executive Branch, including through its independent Inspectors General, carries out extensive oversight…which includes regular on-site reviews of how…authorities are being implemented.

We’ve seen the…effectiveness…of two of the Executive Branch’s Inspectors General: State’s vis-à-vis Benghazi and Treasury’s vis-à-vis the IRS.  Moreover, on what basis do we believe that IG reports on a classified operation or series of operations will be readily available, even to a classified Congressional hearing?

The Fact Sheet concluded with a short series of claimed successes under PRISM (without providing any substantiation for the claims).  Suppose, though, the claims are true.  See this for some thoughts on surveillance vs freedom.

In the end, though, it comes down to trust, since some activities must be carried out at the expense of individual liberty—those search warrants, for instance—and some activities must be done in secret in order to avoid tipping off the enemy.

Trust is a terrible thing to have wasted.

Surveillance vs Freedom

Posted on by
Reply

It is an either/or case.  We can’t have our individual freedoms with Government looking over our shoulders all the time.

To be sure, whenever men form a social compact led by a consensual government, we give up a small measure of our freedoms to that government to enable it to help us protect our freedoms.  This protection includes protecting for us that component of our freedom given over to our government for the purpose.  But that’s voluntary at the time of the compact’s formation, and it does not authorize the consensual government to arrogate ever more of our liberties—or of our responsibilities—to itself on its claimed need.

When Government does such usurping, even “for the greater good” (how Benthamite is that?), that can only come at the direct expense of individual liberty.  After a very low threshold, the trade-off becomes a zero-sum game.

“Surveillance” foiled a train plot, says an intel official.  I’ll elide here the questionable circumstances of this claim by a carefully anonymous official.*

Tim Murphy, a former No. 2 official at the FBI, says the programs [emphasis added]

have been successful in connecting the dots [to prevent attacks].  I can positively say, because of programs like this, people were identified in this country with terrorist ties, and we were able to stop possible attacks[.]

(Never mind that this logic is invalid, in the minds of many, when used to argue against gun control laws.)

On the other hand, alert citizens foiled a bomb plot in New York City.  Courageous citizens foiled an airliner-as-bomb attack on the White House.  Incompetence foiled an airliner bomb plot over Detroit.

We’ve also seen, further, that “surveillance” has been used to make direct attacks on individual Americans and groups who disagree with the present administration.  “Surveillance” has been used to directly and overtly attack our free press and individual members of that facility.  “Surveillance” also has been used to turn over personal information of American individuals and groups to foreign countries—even when the citizens or groups are wholly unrelated to the subject of the…investigation…but are simply caught in the Government’s generalized dragnet:

[T]he British government has also been secretly gathering intelligence from US Internet companies via the US National Security Agency data-mining project.

President Barack Obama has insisted this broad surveillance isn’t Big Brother in action, but then he said,

[T]he modest encroachments on privacy that are involved in getting phone numbers and duration without a name attached and not looking at content, that on net it was worth us doing[.]

Phone numbers without names is an utterly disingenuous claim to make.  It’s child’s play to attach a name to a number after the number has been collected.  See White Pages, for instance, and Get Human, and Spokeo.  Those are just some of the publicly available sources.

Next, how do we know Government isn’t “looking at content?”  The process is secret.  Further, we know Government is looking at content through PRISM; that’s the purpose of that blanket surveillance.

As even The New York Times is beginning to figure out,

The administration has now lost all credibility on this issue.

With the demonstrated dishonesty of the present administration (in truth, the dishonesty isn’t unique to this administration—which emphasizes the danger—this one’s transgressions are just the present and most publicized ones), how is it possible to accept Government assurances of “trust us?”

James Clapper, Director of National Intelligence, who declassified information about the programs this past week so he could defend their use, warned: “Discussing programs like this publicly will have an impact on the behavior of our adversaries and make it more difficult for us to understand their intentions.”

That’s certainly a risk we run in an open, and so free, society.  The obverse, however, of keeping such invasive programs secret and away from the public’s discourse is a far more terrible risk to our security.

Again: there is no balancing our individual liberties with our security.  Additionally, the Constitution doesn’t protect our liberties “except when Government asserts a greater need.”  We have no security without our liberties.  There is a need for surveillance, under certain closely specified conditions; however, there cannot be surveillance and freedom under Obama’s cynical “trust us” conditions.

 

* This official is behaving suspiciously along two dimensions: he’s making a “trust government” claim, and he’s saying “trust me” while telling us things he’s not authorized to tell us.  On what basis do we believe him?