by Al Gore
Even when Internet users are not connected to a social media site and have not accepted cookies from commercial websites, they sometimes suffer invasions of privacy from private hackers and cybercriminals who use techniques such as phishing—which employs enticing email messages (sometimes mimicking the names and addresses chosen from a user’s contact list) in order to trick people into clicking on an attachment that contains surreptitious programs designed to steal information from the user’s computer or mobile device. The new crime known as identity theft is, in part, a consequence of all the private information about individuals now accessible on the Internet.
Through the use of these and other techniques, cyberthieves have launched attacks against Sony, Citigroup, American Express, Discover Financial, Global Payments, Stratfor, AT&T, and Fidelity Investments, all of which have reported large losses as a result of cybercrime. (Sony lost $171 million.) The Ponemon Institute estimated in 2011 that the average digital data breach costs organizations more than $7.2 million, with the cost increasing each year. Yet another computer security company, Norton, calculated that the annual cost of cybercrime on a global basis is $388 billion—“more than the annual global market for marijuana, cocaine, and heroin combined.” Numerous other online businesses have also been penetrated, including LinkedIn, eHarmony, and Google’s Gmail. In the fall of 2012, a simultaneous cyberattack on Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo, and PNC prevented customers from gaining access to their accounts or using them to make payments.
The obvious and pressing need for more effective protections against cybercrime, and especially the need to protect U.S. companies against the grave cybersecurity threats they are facing from China, Russia, Iran, and elsewhere, have been married to the post-9/11 fears of another terrorist attack as a combined justification for new proposals that many fear could fundamentally alter the right of American citizens—and those in other nations that value freedom—to be protected against unreasonable searches, seizures, and surveillance by their own government.
There is reason for concern that the biggest long-term problem with cybersecurity is the use of voluminous data files and online surveillance technologies to alter the relationship between government and the governed along lines that too closely resemble the Big Brother dystopia conjured by George Orwell more than sixty years ago. The United Kingdom, where Orwell published his novel, has proposed a new law that would allow the government to store Internet and telephone communications by everyone in the country. It has already installed 60,000 security cameras throughout the nation.
Many blithely dismiss the fear that the U.S. government could ever evolve into a surveillance state with powers that threaten the freedom of its citizens. More than sixty years ago, Supreme Court Justice Felix Frankfurter wrote, “The accretion of dangerous power does not come in a day. It does come, however slowly, from the generative force of unchecked disregard of the restrictions that fence in even the most disinterested assertion of authority.”
One of the founders of reason-based analysis of data to arrive at wise decisions, Francis Bacon, is credited with the succinct expression of a biblical teaching: “Knowledge is power.” The prevention of too much concentrated power in the hands of too few—through the division of governmental powers into separate centers balanced against one another, including among them an independent judiciary—is one of the core principles on which all free self-governments are based. If knowledge is indeed a potent source of power, and if the executive and administrative centers of political power in governments have massive troves of information about every citizen’s thoughts, movements, and activities, then the survival of liberty may well be at risk.
As the first nation founded on principles that enshrined the dignity of individuals, the United States has in many ways been the most attentive to the protection of privacy and liberty against overbearing intrusions by the central government. And many in the United States have taken comfort in the knowledge that throughout its history, America has experienced a recurring cycle: periods of crisis when the government overreached its proper boundaries and violated the liberties of individuals—followed soon after by a period of regret and atonement, during which the excesses were remedied and the proper equilibrium between government and the individual was restored.
There are several reasons, however, to worry that the period of excess and intrusion that followed the understandable reaction to the terrorist attacks of September 11, 2001, may be a discontinuity in the historical pattern. First, after 9/11, according to another former National Security Agency employee, “basically all rules were thrown out the window, and they would use any excuse to justify a waiver to spy on Americans”—including exercising their ability to eavesdrop on telephone calls as they were taking place. Former senior NSA official Thomas Drake said that the post-9/11 policy shift “began to rapidly turn the United States of America into the equivalent of a foreign nation for dragnet blanket electronic surveillance.”
One former agency official estimates that since 9/11, the NSA has intercepted “between 15 and 20 trillion” communications. The “war against terror” does not seem to have an end in sight. The spread of access by individuals and nonstate organizations to weapons of mass destruction has made the fear of deadly attack a fixture of American political life. The formal state of emergency first established after September 11, 2001, was routinely extended yet again in 2012. The American Civil Liberties Union reported that a 2012 Freedom of Information inquiry showed a sharp increase in the number of Americans subjected to warrantless electronic surveillance by the Justice Department over the previous two years (even as formal requests for warrants declined). Chris Soghoian, the principal technologist at the ACLU’s Speech, Privacy and Technology Project, said, “I think there’s really something at a deep level creepy about the government looking through your communications records, and you never learn that they were doing it.”
Second, the aggregation of power in the executive branch—at the expense of the Congress—was accelerated by the emergence of the nuclear arms race following World War II. Now, the prevailing fear of another terrorist attack serves as a seemingly unassailable justification for the creation of government surveillance capabilities that would have been shocking to most Americans even a few years ago.
History teaches, however, that unchecked powers—once granted—may well be used in abusive ways when placed in the hands of less scrupulous leaders. When Presidents Woodrow Wilson and Richard Nixon engaged in abuses of civil liberties that shocked the nation’s conscience, new laws and protections were passed to protect against a recurrence of the abuses. Now, apparently, the threshold for what is required to shock the nation’s conscience has been raised because of fear. The U.S. Supreme Court ruled in 2012, for example, that police have the right to conduct strip searches, including the inspection of bodily orifices, for individuals who are suspected of offenses as trivial as an unpaid parking ticket or riding a bicycle with a defective “audible bell” attached to the handlebars. George Orwell might have rejected such examples in his description of a police state’s powers for fear that they would not have seemed credible to the reader. (It is important to note, however, that the same Supreme Court ruled that it was unconstitutional for police departments to secretly attach electronic GPS tracking devices to the automobiles of citizens without a court-ordered warrant.)
In another chilling example of a new common government practice that would have sparked outrage in past years, customs agents are now allowed to extract and copy all digital information contained on an American citizen’s computer or other digital device when he or she reenters the country from an international trip. Private emails, search histories, personal photographs, business records, and everything else contained in the computer’s files can be taken without any grounds for suspicion whatsoever. It is easy to understand how such searches are justified when the government has reason to believe that the traveler has been engaging in child pornogra
phy, for example, or has been meeting with a terrorist group in a foreign country. However, such searches are now placed in the “routine” category, and no reasonable cause for allowing the search is required. In one case, a documentary filmmaker raising questions about U.S. government policies was among those whose digital information has been searched and seized without any showing of reasonable cause.
The surveillance technologies now available—including the monitoring of virtually all digital information—have advanced to the point where much of the essential apparatus of a police state is already in place. An investigation by the American Civil Liberties Union showed that police departments in many U.S. cities now routinely obtain location-tracking data on thousands of individuals without a warrant. According to The New York Times, “The practice has become big business for cellphone companies, too, with a handful of carriers marketing a catalog of ‘surveillance fees’ to police departments.” The U.S. government has also provided grants to local police departments for the installation of tracking cameras mounted on patrol cars to routinely scan and photograph the license plates of every car they pass, tagging each photograph with a day-and-time stamp and a GPS location, and adding it to the database. A Wall Street Journal investigation found that 37 percent of big city departments are participating in this data collection exercise, which compiles voluminous information on the whereabouts of everyone driving cars in their cities and keeps it on file. At least two private companies are also compiling similar databases by routinely photographing license plates and selling the information to repossession companies. One of them advertises it has 700 million scans thus far. The CEO of the other said he plans to sell the data to private investigators, insurers, and others interested in tracking people’s locations and routines.
Especially since September 11, 2001, business has been booming for the manufacturers of surveillance hardware and software. The market for these technologies has grown over the last decade to an estimated $5 billion per year. Like the Internet itself, these technologies cross international borders with ease. U.S. companies are the principal manufacturers and suppliers of surveillance and censorship software and hardware used by authoritarian nations—including Iran, Syria, and China.
Surveillance technologies initially developed by U.S. companies for use in war zones also often make their way back into the United States. The drone technology used so widely in Iraq, Afghanistan, and Pakistan has now been adopted by some domestic police forces—with predictions that new generations of unobtrusive microdrones equipped with video cameras will become commonplace tools for law enforcement agencies. The Electronic Frontier Foundation found through a Freedom of Information Act lawsuit that as of 2012 there were already sixty-three active drone sites in the U.S. in twenty states.
Advances in microelectronics have also made hidden cameras and microphones far easier to use. Some sophisticated versions of spyware are now being used remotely to surreptitiously turn on a user’s smartphone or computer microphone and camera to record conversations and take photographs and videos without a user’s permission or awareness—even if the device has been turned off. Similarly, the microphones contained in the OnStar systems installed in many automobiles have also been used to monitor the conversations of some suspects. Other software programs can be surreptitiously installed to keep track of a user’s keystrokes in order to reconstruct passwords and other confidential information as it is typed into a computer or device.
Significantly, the cybersecurity threats faced by U.S. corporations—alongside the threat of terrorism—are being used as a new justification for building the most intrusive and powerful data collection system that the world has ever known. In January of 2011, at the groundbreaking of this new giant, $2 billion facility in Utah, the senior official from the National Security Agency, Chris Inglis, announced the purpose of the “state of the art facility” was to “enable and protect the nation’s cybersecurity.” The capabilities of the facility being built there (which will become operational at the end of 2013) include the ability to monitor every telephone call, email, text message, Google search, or other electronic communication (whether encrypted or not) sent to or from any American citizen. All of these communications will be stored in perpetuity for data mining.
This system is eerily similar to a proposal put forward by the George W. Bush–Dick Cheney administration two years after the 9/11 attacks. It was called Total Information Awareness (TIA), and the suggestion caused public outrage and resulted in congressional action to cancel it. In the years since, politicians in both political parties have become fearful about challenging any intelligence-gathering proposal that is described as having a national security purpose.
In more recent years, the American people have successfully persuaded Congress to curb some government intrusions into their privacy. In 2011, the Stop Online Piracy Act and its companion Senate bill PROTECT IP Act—which were sought by entertainment and other information content companies as a means of safeguarding their intellectual property—were found to contain new government authorities to shut down websites popular with the public if they contained any copyrighted material. The resulting outrage, and the effective online campaign against these proposals, resulted in the withdrawal of both. However, the outrage generated by the prospect of losing access to online entertainment has not been matched by a similar outrage over the prospect of warrantless government surveillance of private communications among Americans.
The Cyber Intelligence Sharing and Protection Act (CISPA) is an example of a proposed U.S. law to empower the government to eavesdrop on any online communication if it has reason to suspect cybercrime. While it is easy to understand the motivation behind this proposal, the volume of Internet communication that could be deemed suspect under the broadly defined terms of the law poses a de facto exemption for government agencies from a wide variety of other laws intended to protect the privacy of Internet users.
It is yet another example of how the cyber-Faustian bargain we have made with the Internet is creating difficulty in reconciling the historic principles upon which the United States was founded with the new reality of the Global Mind. As a technology writer recently put it, “If America’s ongoing experiment in democracy and economic freedom is to endure, we will need to think again about cultivating the necessary habits of the heart and resisting the allure of the ideology of technology.” China and other nations dedicated to authoritarian governance are also facing a historic discontinuity because of the new reality of the Global Mind.
Every nation uses the Internet and every nation has its own ideas about the future of the Internet. The multiple overlapping conflicts accompanying the world’s historic shift onto the Internet are nowhere close to being resolved. As a result, there are calls for the imposition of some form of global governance over the Internet, which has, since its inception, been governed benignly by the U.S. government (and by a quasi-independent group established by the U.S. government) according to norms and values that reflect the American tradition of free speech and robust free markets.
The fact that nations such as China, Russia, and Iran, whose values and norms are often in direct conflict with those of the U.S., are among the chief protagonists pushing to transfer authority over the global Internet to an international body is reason enough to fear the proposal and to follow the unfolding struggle with care. It is unfortunate that Brazil, India, and South Africa are following the lead of China and Russia.
Some corporations and governmental agencies are now developing “dark nets”—that is, closed networks that are not connected to the Internet—as a last resort for protecting confidential, high-value information. Some Internet companies—most significantly Facebook, which now has one billion users and prohibits anonymity—have adopted a “walled garden” approach that separates some of its information from the rest of the Internet.
In addition, some corporations that sell access to the Internet and simultaneously sell high-value content over the Intern
et have attempted to slow down or make more expensive similar content from competitors. Although they raise legitimate issues about allocating the cost of expanding their bandwidth, this potential conflict of interest is also an important issue for the future of the Internet. It is the reason so many have called for network neutrality laws that protect free speech and free competition.
The efforts by some corporations to control information on the Internet have led some to fear that the Internet could eventually be split apart into multiple, separate networks. However, that is unlikely to occur, because the full value generated by the Internet depends upon the fact that it is connected in one way or another to the vast majority of people, companies, and organizations in the world. For the same reason, the efforts by nations like China and Iran to isolate their citizens from disruptive forces coursing across the Internet globally are probably doomed to fail.
The world system as a whole is breaking out of an old enduring pattern that has been in place since the emergence of the system based on nation-states. No one doubts that nations will continue as the primary units of account where governance is concerned. But the dominant information system now being used by the world as a whole—the Global Mind—has an inherent unifying imperative, just as the printing press helped unify nations in the era in which they were born. And the decisions now confronting the world as a whole cannot be made by any single nation or small group of nations. For several decades, when the United States made up its mind, the world followed the U.S. lead. Now, however, along with digital information, the power to shape the world’s future is being dispersed throughout the globe. As a result, the Global Mind is not so easy to make up.