Data and Goliath
Page 50
paid search results on, 113–14
search data collected by, 22–23, 31, 123, 202
transparency reports of, 207
see also Gmail
Google Analytics, 31, 48, 233
Google Calendar, 58
Google Docs, 58
Google Glass, 16, 27, 41
Google Plus, 50
real name policy of, 49
surveillance by, 48
Google stalking, 230
Gore, Al, 53
government:
checks and balances in, 100, 175
surveillance by, see mass surveillance, government
Government Accountability Office, 30
Government Communications Headquarters (GCHQ):
cyberattacks by, 149
encryption programs and, 85
location data used by, 3
mass surveillance by, 69, 79, 175, 182, 234
government databases, hacking of, 73, 117, 313
GPS:
automobile companies’ use of, 29–30
FBI use of, 26, 95
police use of, 26
in smart phones, 3, 14
Grayson, Alan, 172
Great Firewall (Golden Shield), 94, 95, 150–51, 187, 237
Greece, wiretapping of government cell phones in, 148
greenhouse gas emissions, 17
Greenwald, Glenn, 20
Grindr, 259
Guardian, Snowden documents published by, 20, 67, 149
habeas corpus, 229
hackers, hacking, 42–43, 71–74, 216, 313
of government databases, 73, 117, 313
by NSA, 85
privately-made technology for, 73, 81
see also cyberwarfare
Hacking Team, 73, 81, 149–50
HAPPYFOOT, 3
Harris Corporation, 68
Harris Poll, 96
Hayden, Michael, 23, 147, 162
health:
effect of constant surveillance on, 127
mass surveillance and, 16, 41–42
healthcare data, privacy of, 193
HelloSpy, 3, 245
Hewlett-Packard, 112
Hill, Raquel, 44
hindsight bias, 322
Hobbes, Thomas, 210
Home Depot, 110, 116
homosexuality, 97
Hoover, J. Edgar, attempted intimidation of King by, 98, 102–3
hop searches, 37–38
HTTPS Everywhere, 215, 216
Huawei, 74, 86, 182
Human Rights Watch, 96, 178
IBM, 104, 122
iCloud, 58
ICREACH, 67
identification, anonymity and, 131–33
identity theft, 116–19
iMacs, 58
imperfection, systemic, resilience and, 163–64
IMSI-catchers, 68, 165–66
independence, oversight and, 162–63, 169, 177–78
India, 76
individuals, data rights of, 192–93, 200–203, 211, 232
data storage by, 18–19
see also mass surveillance, individual defenses against
inferences, from data mining, 34–35, 258, 259
and correlation of data sets, 40–42
error rates in, 34, 54, 136–37, 269
information fiduciaries, 204–5
information middlemen:
Internet’s empowering of, 57–58
monopolistic nature of, 57
Information Technology and Innovation Foundation, 121–22
InfoUSA, 53
Initiate Systems, 41
Instagram, 58
intelligence community, US, 67
budget of, 64–65, 80
fear and, 228
international partnerships of, 76–77
private contractors in, 80, 228
revolving door in, 80
see also specific agencies
Internal Revenue Service, US (IRS), 137, 159
International Association of Privacy Professionals, 124
International Principles on the Application of Human Rights to Communications Surveillance, 167, 168–69
International Telecommunications Union, 106, 187
Internet:
anonymity on, 43–44, 131–33
benefits of, 8
commons as lacking on, 188–89
cyberattacks on, see cyberwarfare
deliberate insecurity of, 7, 146–50, 182
early history of, 119
fee-based vs. ad-based business model of, 50, 56, 206
freedom of, 107, 188
government censorship and control of, 94–95, 106–7, 187–88, 237
identification and, 131–33
information middlemen and, see information middlemen
international nature of, 6–7, 187–88, 209, 220–21
laws and, 220–21
as media source, 15
physical wiring of, 64
privacy and, 203–4, 230–31
traditional corporate middlemen eliminated by, 56–57
trust and, 181–82
Internet companies, transparency reports of, 207–8
Internet Movie Database, 43
Internet of Things, 15–17
Internet searches, NSA collection of data on, 22
Internet surveillance, 47–51
advertising and, see advertising, personalized
cable companies and, 48–49
cookies and, 47–48, 49
global, 69–71
NSA and, 62, 64–65, 78, 122, 149–50, 188, 207
ubiquity of, 32
see also mass surveillance, corporate
iPads, 58
iPhones, 31, 42, 58
Iran:
government surveillance in, 71–72
Stuxnet cyberattack on, 75, 132, 146, 150
Iraq War, 65
IRC, 119
Israel:
mass surveillance by, 182
Stuxnet cyberattack by, 75, 132, 146, 150
US intelligence data shared with, 77
Israeli assassination team, identification of, 43
ISS (Intelligence Support Systems) World, 81
iTunes store, 57
Jawbone, 16
Jay-Z, 48
Joint Terrorism Task Forces, 69
journalists, government surveillance and, 96
JPMorgan Chase, 116
judiciary, surveillance and, 168, 170, 179–80
justice, as core American value, 230
Justice Department, US, 184, 186
Kerry, John, 101
keyboard loggers, 25
key escrow, 120–21
keyword searches, 28, 261
Kindle, 28, 59
King, Martin Luther, Jr., 237
Hoover’s attempted intimidation of, 98, 102–3
Kinsey, Alfred, database of, 44
Klein, Mark, 250, 288
Kunstler, James, 206
Kurds, 76
Lanier, Jaron, 201
Lavabit, 83–84, 209
law enforcement, state and local:
abuse of power by, 135, 160
IMSI-catchers used by, 68
location data and, 2, 243
militarization of, 184
predictive algorithms used by, 98–99, 100, 137, 159
racism in, 184
secrecy of, 100, 160
transparency and, 170
lawyers, government surveillance and, 96
legal system:
as based on human judgment, 98–99
government surveillance and, 168, 169
secrecy and, 100
Lenddo, 111, 113
Level 3 Communications, 85
Levison, Ladar, 84
liberty:
commons and, 189
as core American value, 230
social norms and, 227
liberty, government surveillance and, 6, 91–107, 184
abuses of power in, 101–5, 160
, 234–35
anonymity and, 133
censorship and, 94–95, 106–7, 187–88
and changing definition of “wrong,” 92–93, 97–98
discrimination and, 103–4
fear and, 4, 7, 95–97, 135, 156–57, 171, 182–83, 222, 226, 227–30
Internet freedom and, 106–7, 188
political discourse and, 97–99
secrecy and, 99–101
security and, 135, 157–59, 361–62
ubiquitous surveillance and, 92, 97
Library of Congress, 199
Libya, 81
license plate scanners, 26–27, 40
storage of data from, 36
lifelogging, 16
Lincoln, Abraham, 229
Little Brother (Doctorow), 217
location data, 1–3, 28, 39, 62, 243, 339
advertising and, 39–40
de-anonymizing with, 44
embedded in digital photos, 14–15, 42–43
selling of, 2
Locke, John, 210
Los Angeles Police Department, 160
LOVEINT, 102, 177
Lower Merion School District, 104
LulzSec hacker movement, 42
MAC addresses, 29
MacKinnon, Rachel, 210, 212
Madrid Privacy Declaration (2009), 211–12
Magna Carta, information age version of, 210–12
manipulation, surveillance-based, 113–16
Manning, Chelsea, 101
marijuana use, 97
MARINA, 36
Mask, The, 72
Massachusetts Group Insurance Commission, 263
mass surveillance:
algorithmic-based, 129–31, 159, 196
as automated process, 5, 129–31
dangers of, 4–5, 6
economic harms from, 6–7, 121–22, 151
false positives in, 137, 138, 140, 323–24
fatalism and, 224–25
lack of consent in, 5, 20, 51
metadata in, 20–23
minimum necessary, 158–59, 176, 211
moratorium urged on new technologies of, 211
noticing, 223
security harmed by, 7, 146–50
social norms and, 226–38
society’s bargains with, 4, 8–9, 47, 49–51, 58–59, 60–61, 158, 226, 235–38
speaking out about, 223–24
targeted surveillance vs., 5, 26, 139–40, 174, 179–80, 184, 186
transparency and, 159–61, 169, 170–71, 176
ubiquity of, 5, 26–28, 32, 40, 53, 92, 97, 224, 233
urgency of fight against, 233–35
see also data collection; data mining
mass surveillance, corporate, 46–61, 86–87
advertising and, see advertising, personalized
business competitiveness and, 119–24
cost of, to US businesses, 123–24
customers as products in, 53, 58
customer service and, 47
data brokers and, see data brokers
discrimination and, 109–13
error rates in, 54
feudal nature of, 58–59, 61, 210–12
free services and convenience exchanged for, 4, 49–51, 58–59, 60–61, 226, 235–36
growth of, 23–24
harms from, 108–18
lobbying and, 233
manipulation and, 113–16
manipulation through, 6
market research and, 47
privacy breaches and, 116–18, 142, 192, 193–95
secrecy and, 194
see also mass surveillance, public-private partnership in
mass surveillance, corporate, solutions for, 7, 190–212
accountability and liability in, 192, 193–95, 196–97, 202
data quality assurance and, 181, 192, 194, 202
government regulation in, 192, 196–99, 210
individual participation and, 192
and limits on data collection, 191, 192, 199–200, 202, 206
and limits on data use, 191, 192, 194, 195–97, 206
lobbying and, 209, 222–23
and resistance to government surveillance, 207–10
and respect for data context, 202
rights of individuals and, 192, 200–203, 211
salience and, 203–4
security safeguards and, 192, 193–95, 202, 211
specification of purpose and, 192
transparency and, 192, 194, 196, 202, 204, 207–8
mass surveillance, government, 5–6, 62–77
chilling effects of, 95–97
in China, 70, 86, 140, 209
cloud computing and, 122
corporate nondisclosure agreements and, 100
corporate resistance to, 207–10
cost of, 91
cost of, to US businesses, 121–23
democracy and, 6, 95, 97–99
discrimination and, 4, 6, 93
encryption technology and, 119–23
fear-based justification for, 4, 7, 95–97, 135, 156–57, 171, 182–83, 222, 226, 227–30, 246
fishing expeditions in, 92, 93
in France, 79
fusion centers in, 69, 104
gag orders in, 100, 122
geopolitical conflicts and, 219–20
global, 69–71
growth of, 24–25
hacking in, 71–74
as harmful to US global interests, 151
as ineffective counterterrorism tool, 137–40, 228
international partnerships in, 76–77, 169
lack of trust in US companies resulting from, 122–23, 181–83
liberty and, see liberty, government surveillance and
location data used in intimidation and control by, 2
mission creep and, 104–5
oversight and accountability in, 161–63, 169
in Russia, 70, 187, 188, 237
mass surveillance, government (continued)
secrecy of, 99–101, 121, 122
subversion of commercial systems in, 82–87
in UK, 69, 79
US hypocrisy about, 106
see also mass surveillance, public-private partnership in; specific agencies
mass surveillance, government, solutions for, 7, 168–89
adequacy and, 168
and breakup of NSA, 186–87
due process and, 168, 184
illegitimate access and, 169, 177
integrity of systems and, 169, 181–82
international cooperation and, 169, 180, 184
judicial authority and, 168, 179–80
legality and, 168, 169
legitimacy and, 168
limitation of military role in, 185–86
lobbying and, 222
“Necessary and Proportionate” principles of, 167, 168–69
necessity and, 168
oversight and, 169, 172–78
proportionality and, 168
separation of espionage from surveillance in, 183–84
targeted surveillance and, 179–80, 184, 186
transparency and, 169, 170–71, 176
trust and, 181–83
user notification and, 168
whistleblowers and, 169, 178–79
mass surveillance, individual defenses against, 7, 213–25
avoidance in, 214
blocking technologies in, 214–17
breaking surveillance technologies, 218–19
distortion in, 217–18
fatalism as enemy of, 224–25
political action and, 213, 222–24, 237–38
mass surveillance, public-private partnership in, 6, 25, 78–87, 207
government subversion of commercial systems in, 82–87
nondisclosure agreements and, 100
privately-made technology in, 81–82, 100
sale of government data in, 79–80
and value neutrality of technology, 82
material witness laws, 92
McCarthyism, 92–93, 229, 234
McConnell, Mike, 80
McNealy, Scott, 4
media:
fear and, 229
pre-Internet, 15
medical devices, Internet-enabled, 16
medical research, collection of data and, 8
Medtronic, 200
memory, fallibility of, 128, 320
Merkel, Angela, 151, 160–61, 183, 184
metadata, 216
from cell phones, see cell phone metadata
data vs., 17, 23, 35, 251
from Internet searches, 22–23
in mass surveillance, 20–23, 67
from tweets, 23
Michigan, 2, 39
Microsoft, 49, 59–60, 84, 148, 221, 272, 359
customer loyalty to, 58
government demands for data from, 208, 359
increased encryption by, 208
transparency reports of, 207
Mijangos, Luis, 117
military, US:
ban on domestic security role of, 185–86
Chinese cyberattacks against, 73
“Don’t Ask Don’t Tell” policy of, 197
drone strikes by, 94
see also Army, US; Cyber Command, US; Defense Department, US
MINARET, 175
Minority Report (film), 98
mission creep, 104–5, 163
Mitnick, Kevin, 116
Moglen, Eben, 95, 318
money transfer laws, 35–36
Monsegur, Hector, 42
Mori, Masahiro, 55
MS Office, 60
Multiprogram Research Facility, 144
Muslim Americans, government surveillance of, 103–4
MYSTIC, 36
Napolitano, Janet, 163
Narent, 182
narrative fallacy, 136
Nash equilibrium, 237
Natanz nuclear facility, Iran, 75
National Academies, 344
National Counterterrorism Center, 68
National Health Service, UK, 79
National Institute of Standards and Technology (NIST), proposed takeover of cryptography and computer security programs by, 186–87
National Reconnaissance Office (NRO), 67
National Security Agency, US (NSA):
backdoors inserted into software and hardware by, 147–48
Bermuda phone conversations recorded by, 23
“Black Budget” of, 65
cell phone metadata collected by, 20–21, 36, 37, 62, 138, 339
“collect” as defined by, 129, 320
“collect it all” mentality of, 64–65, 138
COMSEC (communications security) mission of, 164–65, 346
congressional oversight of, 172–76
“connect-the-dots” metaphor of, 136, 139
cost to US businesses of surveillance by, 121–22, 151
counterterrorism mission of, 63, 65–66, 184, 222
counterterrorism successes claimed by, 325
cryptanalysis by, 144
cyberattacks by, 149–50
drug smugglers surveilled by, 105
economic espionage by, 73
encryption programs and, 85–86, 120–21
encryption standards deliberately undermined by, 148–49