Potential privacy problems keep popping up

Privacy advocates, always alert for online federal programs that could infringe on civil liberties, must feel like they are playing one big game of whack-a-mole these days.

First, news broke that the Homeland Security Department had ratcheted up its surveillance of social networking sites, even creating a division to collect and analyze online chatter in the days leading up to President Barack Obama’s inauguration. Then came word that DHS was teaming with the National Security Agency to bolster the defense of public networks against cyberattacks.

It’s not that privacy watchdogs imagine a vast conspiracy aimed at turning the Internet into an all-purpose surveillance network. But they do worry that individual agencies — DHS, among others — might rush ahead with new projects without giving sufficient thought to the privacy ramifications.

That is especially a concern when it comes to homeland security because any intention to protect civil liberties must be weighed against the need to ensure the safety of people and public institutions.

Officials at the Electronic Frontier Foundation (EFF) are not convinced that DHS has struck the right balance. Working with the University of California at Berkeley’s Samuelson Law, Technology and Public Policy Clinic, they filed a Freedom of Information Act lawsuit against the department, which is how they learned about the Social Networking Monitoring Center and its role in inauguration security.

According to the documents the foundation received, experts at the center searched for items of interest on Facebook, MySpace, Twitter, news sites, political commentary sites and demographic-specific websites, such as MiGente and BlackPlanet. The documents also show that the center’s strategy included privacy guidelines known as the Fair Information Practice Principles. But EFF experts found scant comfort.

“While it is laudable to see DHS discussing the Fair Information Practice Principles as part of the design for such a project, the breadth of sites targeted is concerning,” writes Jennifer Lynch at EFF.

The documents also revealed an effort by immigration officials to surreptitiously friend Facebook users with hopes of finding evidence of illegal activities, such as fraudulent marriages arranged strictly to get citizenship. However, the documents did not mention the criteria for identifying someone as a target, which means every application is a potential target, Lynch notes.

David Gewirtz, a cyber warfare and counter cyberterrorism adviser, does not share EFF’s concerns about the Social Networking Monitoring Center. Writing at ZDnet, he notes that “good, solid, preventative intelligence work” is an important part of national security.

However, Gewirtz said the same system might be applied to more mundane matters of law enforcement. At that point, it “no longer seems like the long arm of the law wrapping itself around us in a protective hug but more like something intrusive and potentially threatening.”

The collaboration between DHS and NSA also brings the possibility of scope creep, observers say.

According to the announcement, the two agencies will send experts to each other’s operations centers to improve information sharing and give DHS the benefit of NSA’s extensive experience in network surveillance.

But how far will the collaboration go? “By letting NSA show DHS the ropes, the government is taking the risk that NSA will import too much of that intelligence culture along with its security expertise,” writes Leslie Harris at Huffington Post.

The other player that could pop onto the scene is the Defense Department’s Cyber Command. Gen. Keith Alexander, head of both the Cyber Command and NSA, has said the command will not be involved in protecting the civilian Internet. But Spencer Ackerman, writing at Wired.com’s "Danger Room" blog, questions that distinction given that numerous military operations rely on unclassified networks.

“In other words, the seemingly bright line between dot-com and dot-mil gets fuzzier and fuzzier the longer you look,” Ackerman writes.

 

About the Author

Connect with the FCW staff on Twitter @FCWnow.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Thu, Oct 28, 2010 Jeffrey A. Williams Frisco Texas

Jennifer Lynch is right IMPO. As a IT security professional I am confident that the tracking of so many Domain names and individual user id's and than bein able to decern much useful information from a safty and/or security perspective is problamatic. Further Americans just plain don't like being snooped upon.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group