When's the last time you worried about your privacy? Sure, maybe you worry about it all the time, particularly when your very identity can not only be invaded, but stolen and used for all sorts of purposes, not the least of which is to buy just tons of stuff using your name and credit card number.
While we still register danger at the thought of identity theft for the purpose of fraud, when's the last time you considered just how many people and agencies have access to the most intimate details about your life? How many private and public databases contain your name, date of birth, social security number, and a raft of other sensitive information about you? I'm talking about those entities that you've authorized to possess such data, never mind Government security agencies and the like (as if the NSA really cares about what you say on your cell phone).
I was prompted to write this blog by the use of something with a rather benign name: Einstein technology. More specifically, today's CNET.com article Feds weigh expansion of Internet monitoring in which Homeland Security Secretary Janet Napolitano assures the American public that the DHS's proposed plan to extend the Einstein technology, now monitoring the public areas of the Internet, into private networks won't constitute an invasion of privacy. Really?
The Einstein technology is designed to "detect and prevent electronic attacks, to networks operated by the private sector" and was created for use on federal communications networks, however, according to the CNET article, the latest version of Einstein can read email content and AT&T has been asked to test its capacities on their system. In response to concerns about the proposed use of Einstein, Greg Schaffer, assistant secretary for cybersecurity and communications warmed my heart by speaking thus:
"I don't think you have to be Big Brother in order to provide a level of protection either for federal government systems or otherwise," Schaffer said. "As a practical matter, you're looking at data that's relevant to malicious activity, and that's the data that you're focused on. It's not necessary to go into a space where someone will say you're acting like Big Brother. It can be done without crossing over into a space that's problematic from a privacy perspective."Nice to know my "old friend" Big Brother has been let out of history's basement for a breath of fresh air.
Not that the boogie man of Cyberterrorism is anything to sneeze at (and it shows up often enough in fiction, such as the recent film Live Free or Die Hard). I fully believe that security must be established and maintained along our electronic and cybercommunications frontiers as well as any of our physical borders, and that insufficient protections invite attack, but there's always a price to be paid.
In 1968, the first federal seat belt law for motor vehicles (except for buses) came into being. Few people argue that seat belts save lives and provide a measure of protection in car accidents, but the cost of that protection is the loss of a certain amount of freedom within the interior of the car. Just ask any parent who's tried to turn around at the wheel (while the car was stopped, of course) to yell at misbehaving children in the back seat. Potentially save your life, vs. some lack of mobility. Seems like a reasonable trade off.
The trade off for having more (but is it enough?) security when flying on an airplane is to have you and your personal property scanned and searched by federal officials. Less likelihood of a terrorist planning a bomb on your flight vs. having your body wanded and your luggage ransacked. Do you consider that a tough choice?
What is the trade off for protection against Cyberterrorism? What are the dangers and how much are we as citizens willing to surrender for protection from said-dangers? Are we talking about defacing the IRS website, a DDoS attack against the INS database servers, or what? How imminent is the threat?
Turns out this is nothing new. According to an example cited at Wikipedia:
In 1999 hackers attacked NATO computers. The computers flooded them with email and hit them with a denial of service (DoS). The hackers were protesting against the NATO bombings in Kosovo. Businesses, public organizations and academic institutions were bombarded with highly politicized emails containing viruses from other European countries.1999? Certainly Governments have gotten better at protecting themselves against such intrusions since them. Yes they have. Enter Einstein. Of course, we have to assume the tools to create such attacks have gotten better, too. Still, is all this worth the possibility of having your private or business communications potentially accessed?
You can't really say that's a personal choice. The private sector is being asked to cooperate and to allow Einstein in the door, so to speak. It's not like wearing a seat belt where you could say "screw the rules" and take the risk anyway. It's more like getting on a commercial flight where you don't have a choice. You will be scanned and potentially searched. Well, yes you do have a choice. You can choose to drive or take a train (do they still have trains?) if you don't want to put up with the intrusion, but travel will take longer and getting from San Francisco to Tokyo is kind of tough by car without the world's longest bridge being available.
In your personal life, you probably spew just a ton of personal information in social networking venues such as Facebook and twitter, but we're not talking about Einstein peeping in your bedroom window...at least not at this point. In your business life, you are likely required or at least expected to use email and other forms of electronic information transfer and data storage. As far as the company is concerned, when you use their computers, servers, and email, the information that moves across belongs to them. Now, at least to some degree, security for your company is not just the business of your company, it's the business of the Federal government, too.
I Googled "cyberterrorism" to try to get a handle on just how real this threat is, but it's a topic presenting too much data, a lot of it being conflicting. Einstein and the DHS is a specific example of how Governments tend to operate. Like programs such as Health Care or the Stimulus, plans are created and then enacted upon masses of people, some who don't mind and others who object, and yet all experience the same impact. It's like turning on the lights in a bedroom. Maybe one person wanted to read a book but the other person wanted to go to sleep. In a house, the reader can go to another room, but a nation is just one big room. In effect, so is the Internet and so is Einstein's potential for peeking through your company's windows or mine.
Despite everything I've just written, I don't wind myself up so I can't sleep at night worrying about this stuff. One of the reasons I figure Big Brother isn't talked about much anymore is that we've all gotten used to the idea that we don't have a great deal of privacy anyway as individuals or corporate entities. As long as it doesn't have a visible impact on our day-to-day lives, most people don't care what information is gathered about them. At this point, it's being proposed that Einstein enter the private sector but not the private home. Business is being asked to cooperate with the DHS to ensure the greater good, and whatever information is gathered, is to be squirrelled away behind the "national security" curtain for the country's protection. Is it worth the trade off?
Afterword: While I was writing this article, I was struck with the urge to look up an old textbook I used back in the late 1970s, The American Police State: The Government Against the People by David Wise. As I recall, it's about the abuses of the Nixon administration against corporate entities and private citizens in the cause of suppressing dissent against the administration's interests. The namebase.org site summarizes the book in part:
This contribution to the spate of books to emerge out of Watergate was one of the better efforts. Two chapters concern the CIA -- one on domestic surveillance and the other on CIA involvement in Watergate. Additional chapters include the FBI and IRS and their role in suppressing domestic dissent, and the machinations of the CREEP plumbers, Kissinger, and black- bag jobs in general. His final chapter is an editorial against the official methods: "If we accept the values of the enemy as our own, we will become the enemy."I wonder why I started thinking about Wise's book now?